RC4-MD5 no authentication
sam wun
sam.wun at authtec.net
Mon Oct 25 11:31:51 EDT 2004
Hi,
It seems that there may be possible to download some security patches
for Outlook 2002 in order to solve this issue of authentication with
Cyrus server.
I m wonder whether there is any patches for that?
Thanks
Sam
sam wun wrote:
> Hi
>
> I got mozilla mail client sucessfully authenticated with PKCS12
> digital certificate+SSL, but Outlook 2002 hsa no luck for this.
> The mozilla mail client use CRAM-MD5+TLS for authentication, which is
> indicated as below:
> pop3s[27353]: login: [192.168.4.235] sam.wun at mydomain.com CRAM-MD5+TLS
> User logged in.
>
> while Outlook failed login with RC4-MD5, its log msg is:
> Oct 25 22:32:53 at pop3s[27374]: starttls: TLSv1 with cipher RC4-MD5
> (128/128 bits reused) no authentication
>
> The imapd.conf file has the following mech and tls added for SSL:
> sasl_mech_list: plain login RC4-MD5 cram-md5 digest-md5
> sasl_pwcheck_method: auxprop
> sievedir: /var/imap/sieve
> timeout: 30
>
> # The length of time (in minutes) that a TLS session will be cached
> for later
> # reuse. The maximum value is 1440 (24 hours), the default. A value of
> 0 will
> # disable session caching.
> tls_session_timeout: 1440
>
> # The list of SSL/TLS ciphers to allow. The format of the string is
> described
> # in ciphers(1). THIS DISABLES THE WEAK 'FOR EXPORT' CRAP!
> tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH
>
> tls_ca_file: /usr/local/etc/ssl/CA/ca.crt
> tls_ca_path: /usr/local/etc/ssl/CA
> tls_cert_file: /usr/local/etc/ssl/CA/gateway.crt
> tls_key_file: /usr/local/etc/ssl/CA/gateway.key
>
>
> The problem now is in Outlook 2002 or Cyrus server.
> Since I can't do much in Outlook, is there any way I can configure
> cyrus server to support RC5-MD5 authentication with Outlook?
> I m using Cyrus-imapd 2.2, SASL2.
>
> Thanks
> Sam
More information about the Info-cyrus
mailing list