can't get smtp auth/testsaslauthd to work, auth mechanism rimap

Dave Della Costa dfd94 at hampshire.edu
Tue Feb 3 11:19:30 EST 2009


Hi Andreas,

Thank you very much for your guidance; that did it.

For the record: this was not an issue with saslauthd (as Andreas pointed 
out).  I was confused because there are two services running on my 
server, one is courier-imap, the other is courier-imaps.  They have 
corresponding configuration files, and I thought that one did not affect 
the other.  This is not the case.  The setting

IMAPDSTARTTLS=NO

In the file /etc/courier-imap/imapd-ssl was critical (it was set to YES) 
to changing the setting Andreas mentioned for the service courier-imapd 
(I will educate myself as to why this is the case now).

Thanks again for your help Andreas!  Days of frustration have ended...

Best,
Dave


Andreas Winkelmann wrote:
> Am Montag 02 Februar 2009 23:12:11 schrieb Dave Della Costa:
> 
> 
>  > To respond to your question, I get:
>  >
>  > XX CAPABILITY
>  > * CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT
>  > THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS LOGINDISABLED
>  > XX OK CAPABILITY completed
>  >
>  > However, sorry to be dense here: what does this mean in terms of what I
>  > should do?
> 
> 
> You should see AUTH=LOGIN somewhere in the Capability-Response. For example:
> 
> 
> XX CAPABILITY
> * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID AUTH=PLAIN AUTH=LOGIN SASL-IR 
> ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS 
> NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ 
> THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE 
> IDLE X-NETSCAPE URLAUTH
> XX OK Completed
> 
> 
> "rimap" is not able to start a SSL-Session, so you need it without 
> issuing "STARTTLS".
> 
> 
> This has to be changed somewhere in your Courier Configuration.
> 
> 
>  > Do I need to configure my IMAP to not expect SSL, or use a
>  > different mechanism then? I can't find anywhere to "tell" courier not
>  > to expect SSL.
> 
> 
> --
> Andreas


More information about the Cyrus-sasl mailing list