RC4-MD5 no authentication

sam wun sam.wun at authtec.net
Mon Oct 25 10:37:41 EDT 2004


Hi

I got mozilla mail client sucessfully authenticated with PKCS12 digital 
certificate+SSL, but Outlook 2002 hsa no luck for this.
The mozilla mail client use CRAM-MD5+TLS for authentication, which is 
indicated as below:
pop3s[27353]: login: [192.168.4.235] sam.wun at mydomain.com CRAM-MD5+TLS 
User logged in.

while Outlook failed login with RC4-MD5, its log msg is:
Oct 25 22:32:53 at pop3s[27374]: starttls: TLSv1 with cipher RC4-MD5 
(128/128 bits reused) no authentication

The imapd.conf file has the following mech and tls added for SSL:
sasl_mech_list: plain login RC4-MD5 cram-md5 digest-md5
sasl_pwcheck_method: auxprop
sievedir: /var/imap/sieve
timeout:  30

# The length of time (in minutes) that a TLS session will be cached for 
later
# reuse. The maximum value is 1440 (24 hours), the default. A value of 0 
will
# disable session caching.
tls_session_timeout: 1440

# The list of SSL/TLS ciphers to allow. The format of the string is 
described
# in ciphers(1). THIS DISABLES THE WEAK 'FOR EXPORT' CRAP!
tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH

tls_ca_file: /usr/local/etc/ssl/CA/ca.crt
tls_ca_path: /usr/local/etc/ssl/CA
tls_cert_file: /usr/local/etc/ssl/CA/gateway.crt
tls_key_file: /usr/local/etc/ssl/CA/gateway.key


The problem now is in Outlook 2002 or Cyrus server.
Since I can't do much in Outlook, is there any way I can configure cyrus 
server to support RC5-MD5 authentication with Outlook?
I m using Cyrus-imapd 2.2, SASL2.

Thanks
Sam





More information about the Info-cyrus mailing list