how are 'sasl_minimum_layer' & TLS related/dependent?
OpenMacNews
openmacnews at speakeasy.net
Sun Oct 9 14:44:07 EDT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
hi mitu,
fyi.
after digging thru mozilla's bugzilla site, i find that,
in ADDITION TO the default TBird config in prefs.js of:
security.enable_tls default boolean true
one has to ADD:
mail.server.default.useTLS userset boolean true
if you ask me, that is NOT very obvious ... :-{
anyway, NOW on TBird config'd as:
Server Type: IMAP Mail Server
Server Name: {mail.testdomain.com}
Port: {993} Default: 993
[x] Use secure connection (SSL)
[x] Use secure authentication
i can connect to Cyrus port 993 (143 still does NOT 'work' ...), & i see in my cyrus log:
Oct 9 11:23:14 devbox DMCYRUS/imaps[5576]: starttls: TLSv1 with cipher AES256-SHA (256/256
bits new) no authentication
Oct 9 11:23:14 devbox DMCYRUS/imaps[5576]: login: mail.testdomain.com [10.0.0.6]
testuser at mail.testdomain.com CRAM-MD5+TLS User logged in
which, i think, is what i SHOULD be seeing
strangely, i still do NOT see STARTTLS advertised in TBird's imap session protocol log:
39686656[514d090]: 25dde00:mail.testdomain.com:NA:CreateNewLineFromSocket: * CAPABILITY IMAP4
IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT
CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
AUTH=PLAIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5 SASL-IR LISTEXT LIST-SUBSCRIBED
39686656[514d090]: ReadNextLine [stream=514d3e8 nb=38 needmore=0]
39686656[514d090]: 25dde00:mail.testdomain.com:NA:CreateNewLineFromSocket: 1 OK Unknown Error
Code: -1904809420
39686656[514d090]: 25dde00:mail.testdomain.com:NA:SendData: 2 authenticate CRAM-MD5
39686656[514d090]: ReadNextLine [stream=514d3e8 nb=56 needmore=0]
39686656[514d090]: 25dde00:mail.testdomain.com:NA:CreateNewLineFromSocket: +
PDMyMzMzOTYyDUxNmM4NTZYWlsLm9wZW5leGVjLmNvbT4=
39686656[514d090]: 25dde00:mail.testdomain.com:NA:SendData:
Ymxha2Vyc0BvcGVuZXhlYy5jb20gM2Q4ZNDgwOTY2OEBtYjk2ZjZjhlNjE1YmY=
39686656[514d090]: ReadNextLine [stream=514d3e8 nb=31 needmore=0]
39686656[514d090]: 25dde00:mail.testdomain.com:NA:CreateNewLineFromSocket: 2 OK Success (tls
protection)
why do i have this sneaking suspicion that TBird's STARTTLS implementation is not 100% ... ?
richard
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (Darwin)
iEYEAREDAAYFAkNJZPYACgkQGnqMy4gvZ6GfdQCfR2m8kuatoawVO8Ul2+vprwTx
pR4AmQHbVz5pVZslps/mzvwzb90cwvVO
=nuRJ
-----END PGP SIGNATURE-----
More information about the Info-cyrus
mailing list