Imtest failure

Rajeev rajeev at cracknell.com
Tue Dec 6 00:13:23 EST 2005 

Yes, I did select the SSL option on advance tab of Outlook Express. 
When I use testsaslauthd -u Username -p Passwd it give a success message.


Please find below an extract from maillog while login with OE.

[root at mail imap]# tail /var/log/maillog
Dec  6 08:06:57 mail pop3s[13043]: login: [192.168.1.119] rajeev
plaintext+TLS User logged in
Dec  6 08:07:04 mail postfix/smtpd[13050]: connect from
unknown[192.168.1.119] Dec  6 08:07:04 mail postfix/smtpd[13050]: lost
connection after EHLO from unknown[192.168.1.119] Dec  6 08:07:04 mail
postfix/smtpd[13050]: disconnect from unknown[192.168.1.119] Dec  6 08:07:04
mail pop3s[13051]: accepted connection Dec  6 08:07:05 mail pop3s[13051]:
mystore: starting txn 2147483763 Dec  6 08:07:05 mail pop3s[13051]: mystore:
committing txn 2147483763 Dec  6 08:07:05 mail pop3s[13051]: starttls: TLSv1
with cipher RC4-MD5
(128/128 bits new) no authentication
Dec  6 08:07:06 mail pop3s[13051]: login: [192.168.1.119] rajeev
plaintext+TLS User logged in
Dec  6 08:07:06 mail master[10735]: process 13051 exited, status 0

ANY idea what is going wrong?

Thanks

Rajeev


-----Original Message-----
From: Patrick Radtke [mailto:phr2101 at columbia.edu] 
Sent: Monday, December 05, 2005 8:40 PM
To: rajeev at cracknell.com
Cc: info-cyrus at lists.andrew.cmu.edu
Subject: Re: Imtest failure

The second case is using DIGEST-MD5 for the auth mechanism.  Is that  
what you intended to use?


Did you tell outlook to use tls?


On Dec 5, 2005, at 10:43 AM, Rajeev wrote:

> Hi
>
>
>
> I have done a cyrus installation with tls support and I am not able  
> to send messages through the Outlook or Outlook express. But I can  
> send it with web mail (Open Xchange webmail). When I tried to do  
> the following command I get the result as below:-
>
>
>
> Imtest –t “”  -a user-name –p imap localhost  -- gives a success
>
>
>
> Imtest –a user-name –p imap localhost   - gives no authentication
>
>
>
>
>
> The first one shows 256 bit encryption and the later shows 128 bit  
> encryption
>
>
>
> Flowing lines shows the screen shots
>
>
>
>
>
> [root at mail imap]# imtest -a rajeev -p imap localhost
>
> S: * OK mail.cracknell.com Cyrus IMAP4
>
> v2.2.12-Invoca-RPM-2.2.12-3.RHEL4.1 server ready
>
> C: C01 CAPABILITY
>
> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX- 
> REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN  
> MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES  
> ANNOTATEMORE IDLE STARTTLS AUTH=DIGEST-MD5 SASL-IR LISTEXT LIST- 
> SUBSCRIBED X-NETSCAPE
>
> S: C01 OK Completed
>
> C: A01 AUTHENTICATE DIGEST-MD5
>
> S: +
>
> bm9uY2U9IjVkeGNEL045bmR0NDZtY1luUFllYkpGZG9ZYktYQ0ZaZXJvNzhYZUlOWEk9Ii 
> xyZWFsbT0ibWFpbC5jcmFja25lbGwuY29tIixxb3A9ImF1dGgsYXV0aC1pbnQsYXV0aC1j 
> b25mIixjaXBoZXI9InJjNC00MCxyYzQtNTYscmM0LGRlcywzZGVzIixtYXhidWY9NDA5Ni 
> xjaGFyc2V0PXV0Zi04LGFsZ29yaXRobT1tZDUtc2Vzcw==
>
> Please enter your password:
>
> C:
>
> dXNlcm5hbWU9InJhamVldiIscmVhbG09Im1haWwuY3JhY2tuZWxsLmNvbSIsbm9uY2U9Ij 
> VkeGNEL045bmR0NDZtY1luUFllYkpGZG9ZYktYQ0ZaZXJvNzhYZUlOWEk9Iixjbm9uY2U9 
> ImdCYSs4V2hsbmdDMTZWT2dyOWM5UkN2RDlvU2JERzloaFgvbmgyV0JpUUU9IixuYz0wMD 
> AwMDAwMSxxb3A9YXV0aC1jb25mLGNpcGhlcj1yYzQsbWF4YnVmPTEwMjQsZGlnZXN0LXVy 
> aT0iaW1hcC9sb2NhbGhvc3QubG9jYWxkb21haW4iLHJlc3BvbnNlPWNmYWRkNTk4ZmFjMT 
> ZjYmRkYWQwZTY1ZGFkNjhiY2I4
>
> S: A01 NO One time use of a plaintext password will enable  
> requested mechanism for user Authentication failed. generic failure  
> Security strength factor: 128
>
>
>
> [root at mail imap]# imtest -t "" -a rajeev -p imap localhost
>
> S: * OK mail.cracknell.com Cyrus IMAP4
>
> v2.2.12-Invoca-RPM-2.2.12-3.RHEL4.1 server ready
>
> C: C01 CAPABILITY
>
> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX- 
> REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN  
> MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES  
> ANNOTATEMORE IDLE STARTTLS AUTH=DIGEST-MD5 SASL-IR LISTEXT LIST- 
> SUBSCRIBED X-NETSCAPE
>
> S: C01 OK Completed
>
> C: S01 STARTTLS
>
> S: S01 OK Begin TLS negotiation now
>
> verify error:num=18:self signed certificate TLS connection  
> established: TLSv1 with cipher AES256-SHA (256/256 bits)
>
> C: C01 CAPABILITY
>
> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX- 
> REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN  
> MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES  
> ANNOTATEMORE IDLE AUTH=PLAIN AUTH=DIGEST-MD5 SASL-IR LISTEXT LIST- 
> SUBSCRIBED X-NETSCAPE
>
> S: C01 OK Completed
>
> Please enter your password:
>
> C: A01 AUTHENTICATE PLAIN AHJhamVldgBha2NydnI=
>
> S: A01 OK Success (tls protection)
>
> Authenticated.
>
> Security strength factor: 256
>
>
>
> Following shows my /etc/imapd.conf
>
>
>
> configdirectory: /var/lib/imap
>
> defaultpartition: default
>
> partition-default: /var/spool/imap
>
> lmtp_downcase_rcpt: yes
>
> admins: mailadmin cyrus
>
> quotawarn: 90
>
> reject8bit: no
>
> lmtp_overquota_perm_failure: no
>
> virtdomains: userid
>
> defaultdomain: cracknell.com
>
> sendmail: /usr/sbin/sendmail
>
> allowanonymouslogin: no
>
> popminpoll: 1
>
> autocreatequota: 0
>
> umask: 077
>
> sieveusehomedir: false
>
> sievedir: /var/spool/sieve
>
> hashimapspool: true
>
> allowplaintext: yes
>
> sasl_pwcheck_method: saslauthd
>
> sasl_mech_list: PLAIN DIGEST-MD5
>
> sasl_auto_transition: yes
>
> sasl_minimum_layer: 0
>
> tls_ca_path: /var/lib/imap/
>
> tls_cert_file: /var/lib/imap/server.pem
>
> tls_key_file:  /var/lib/imap/server.pem
>
> tls_session_timeout: 1440
>
> tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH
>
> lmtpsocket: /var/run/imap/socket/lmtp
>
> lmtpunix:/var/run/imap/socket/lmtp
>
> idlesocket: /var/run/imap/socket/idle
>
>
>
>
>
>
>
>
>
>
>
>
>
> ----
> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list