auth question

[Akshay Kumar]

Hi,

I configured Cyrus w/ the following options:

env "CPPFLAGS=-I/spare/local/include -I/usr/kerberos/include"
"LDFLAGS=-L/spare/local/lib" ./configure --prefix=/spare/local
--with-cyrus-prefix=/spare/local/cyrus --with-bdb=/spare/local
--with-bdb-libdir=/spare/local/lib --with-bdb-incdir=/spare/local/include
--with-snmp=/spare/local/lib


I don't want to allow auth over an unencrypted channel, STARTTLS and IMAPS
both work. Most of the brain damaged clients out there won't do STARTTLS
but thats a different story, I use Mulberry.

What do I have to do in order to make cyrus adverstise plain and login
only after TLS has been neogtiated. For sendmail it was easy enough to
add a line to the mc. How do I do it for cyrus?

Second, how do I login to cyradm if I disable plain and login? Right now I
do:

cyradm --user cyrus --auth login localhost

If I choose plain as the mech it fails, don't know why but it seems to
like login.

So how do I use cyradm if I enable TLS?

For sendmail I could just do something like:

openssl s_client -connect localhost:25 -starttls smtp


Best,
Akshay

---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html