how to configure sieve to start STARTTLS ?

JOYDEEP j.bakshi at unlimitedmail.org
Tue Apr 3 05:25:39 EDT 2007


Rudy Gevaert wrote:
> JOYDEEP wrote:
>> Dear list,
>>
>> after implementing the imaps , I need to configure sieve to start
>> STARTTLS.
>>
>> sivtest -a aftab  -u aftab   linux.kolkatainfoservices.in  -m LOGIN  -t
>> ""
>>
>> is working well. is there any config file for sieve so that I can force
>> sieve to start STARTTLS ?  bcoz  I am using sieve from a web-based email
>> client called felamimail.
>
> I'm not sure what you are trying to say, because it is the client that
> has to issue STARTTLS, and not the server.  The server just advertises
> his capabilities.  E.g. TLS

OK Rudy, thanks for your hints. I think I must be more verbose here.

I have imaps. whenever I try to use sieve from felamimail web mail
client it reports

-------------------------------------------------------
Apr  3 14:51:12 linux slapd[4169]: conn=727 op=0 RESULT tag=97 err=0 text=
Apr  3 14:51:12 linux master[10304]: about to exec
/usr/lib/cyrus/bin/timsieved
Apr  3 14:51:12 linux sieve[10304]: executed
Apr  3 14:51:12 linux sieve[10304]: accepted connection
Apr  3 14:51:12 linux sieve[10304]: badlogin:
linux.kolkatainfoservices.in[127.0.0.1] PLAIN encryption needed to use
mechanism
-------------------------------------------------------------------------------------------------------------------

If I manually test with the command
sivtest -a aftab  -u aftab   linux.kolkatainfoservices.in  -m LOGIN  -t ""

it runs successfully.
the log reports
----------------------------------------------------
Apr  3 14:54:33 linux imaps[10364]: login: linux.kolkatainfoservices.in
[127.0.0.1] aftab LOGIN+TLS User logged in
------------------------------------------------------------------------------

so here i need something so that sieve can work with imaps.



>
> Btw I have in mine imapd.conf
> allowplaintext: 0
>
> And that disables sending a password not encryped over the wire for
> imap and sieve.  (I think lmtp has to be preauthed, I'm using it that
> way).
>
> Also I can say you can't run sieve over ssl natively by cyrus.  I have
> set up a second imapd.conf with in it the same as in my other
> imapd.conf except:
> allowplaintext: 1
> and I have two timsieved's running in my cyrus.conf:
>   sieve         cmd="/usr/cyrus/bin/timsieved -C
> /mail/mail1/etc/imapd.conf" listen="mail1.ugent.be:sieve" prefork=0
>   lsieve        cmd="/usr/cyrus/bin/timsieved -C
> /mail/mail1/etc/imapd_local_sieve.conf" listen="localhost:sieve"
> prefork=0
>
> I then have set up an stunnel that redirects port 4000 to the sieve on
> localhost:sieve.  Users can then use sieve over ssl.  (In fact the
> only user is our webmail client that supports sieve over ssl, but not
> sieve+tls).
>
> Also note that I'm advertising only PLAIN in my sasl_mech_list.  I'm
> not advertising "LOGIN" because setting allowplaintext:0 will disable
> LOGIN.  See http://cyrusimap.web.cmu.edu//imapd/overview.html#login
>
>
> Rudy
>
>>
>> thanks
>>
>> ----
>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>
>>
>> ----
>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
>



More information about the Info-cyrus mailing list