ldapd not advertising AUTH=LOGIN

Ken Murchison ken at oceana.com
Fri Apr 11 14:50:37 EDT 2003

Jeff Warnica wrote:
> Im (trying to.. ) running cyrus-imapd-2.2.0-ALPHA, and Im running into a
> problem with imapd not advertising AUTH=LOGIN before a tls connection is
> established. Interestingly though, ignoring that ommision and just using
> login with the imtest program allows sucuessful connections.
> why is this? How can I get it to advertise LOGIN.

There is a difference between the SASL LOGIN mechanism and the IMAP
LOGIN command.  When you do 'imtest -m login' you're using the IMAP
LOGIN command.  The IMAP LOGIN command is always available unless you
specifically set allowplaintext:0  The SASL LOGIN mech, along with the
PLAIN mech, are only advertised when a security layer is active (eg,
SSL/TLS), per RFC 2595.

If you really want to see the SASL LOGIN mech in action, you'll have to
use a different test program because of the LOGIN name conflict, eg:

pop3test -s -m login
pop3test -t '' -m login

These will do LOGIN under SSL (port 995) and TLS (port 110)

Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp

More information about the Info-cyrus mailing list