Plain Text Password Require TLS
Ken Murchison
murch at andrew.cmu.edu
Tue Jan 15 12:34:08 EST 2008
Daniel Aquino wrote:
> I set it to the following:
>
> sasl_minimum_layer: 256
>
> tls works fine but it also appears that non tls connections are working as well.
>
> Here is my test.
>
> mockingbird:/usr/local/mail# imtest -a daniel at bayshorenetworks.com -w
> password 192.168.0.50
> S: * OK bayshorenetworks.com Cyrus IMAP4 v2.2.13-Debian-2.2.13-10 server ready
> C: C01 CAPABILITY
> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
> NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
> BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
> STARTTLS
> S: C01 OK Completed
> C: L01 LOGIN daniel at bayshorenetworks.com {8}
> S: + go ahead
> C: <omitted>
> S: L01 OK User logged in
> Authenticated.
> Security strength factor: 0
> C: Q01 LOGOUT
> Connection closed.
>
>
> As you can see it says L01 login ok.
> If I use tls (-s) then it says A01 login ok.
>
> So why didn't the imapd.conf setting stop unencrypted logins?
Set
allowplaintext: 0
--
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University
More information about the Cyrus-sasl
mailing list