RC4-MD5 no authentication
sam wun
sam.wun at authtec.net
Mon Oct 25 10:37:41 EDT 2004
Hi
I got mozilla mail client sucessfully authenticated with PKCS12 digital
certificate+SSL, but Outlook 2002 hsa no luck for this.
The mozilla mail client use CRAM-MD5+TLS for authentication, which is
indicated as below:
pop3s[27353]: login: [192.168.4.235] sam.wun at mydomain.com CRAM-MD5+TLS
User logged in.
while Outlook failed login with RC4-MD5, its log msg is:
Oct 25 22:32:53 at pop3s[27374]: starttls: TLSv1 with cipher RC4-MD5
(128/128 bits reused) no authentication
The imapd.conf file has the following mech and tls added for SSL:
sasl_mech_list: plain login RC4-MD5 cram-md5 digest-md5
sasl_pwcheck_method: auxprop
sievedir: /var/imap/sieve
timeout: 30
# The length of time (in minutes) that a TLS session will be cached for
later
# reuse. The maximum value is 1440 (24 hours), the default. A value of 0
will
# disable session caching.
tls_session_timeout: 1440
# The list of SSL/TLS ciphers to allow. The format of the string is
described
# in ciphers(1). THIS DISABLES THE WEAK 'FOR EXPORT' CRAP!
tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH
tls_ca_file: /usr/local/etc/ssl/CA/ca.crt
tls_ca_path: /usr/local/etc/ssl/CA
tls_cert_file: /usr/local/etc/ssl/CA/gateway.crt
tls_key_file: /usr/local/etc/ssl/CA/gateway.key
The problem now is in Outlook 2002 or Cyrus server.
Since I can't do much in Outlook, is there any way I can configure cyrus
server to support RC5-MD5 authentication with Outlook?
I m using Cyrus-imapd 2.2, SASL2.
Thanks
Sam
More information about the Info-cyrus
mailing list