Windows Phone 7 mail clients can't login

Sebastian Hagedorn Hagedorn at uni-koeln.de
Thu Dec 9 09:41:05 EST 2010


Hi,

today I became aware that apparently all our users with Windows Phone 7 
phones can't login. There appears to be more than one problem. This is what 
happens when you enable SSL on the phone:

- the phone first attempts a successful connection to imaps and fails when 
it tries to login using NTLM. It doesn't fall back to any other SASL 
mechanism, and there's nothing to configure on the phone
- after that it connects to port 143 and issues the STARTTLS command, but 
this results in the following:

Dec  9 15:10:47 lvr13 imap[18998]: unknown protocol in SSL_accept() -> fail
Dec  9 15:10:47 lvr13 imap[18998]: STARTTLS negotiation failed: [redacted]

When SSL is turned off on the phone, the NTLM error is a little more 
explicit:

Dec  9 14:59:10 lvr13 imap[786]: badlogin:[redacted] NTLM [SASL(0): 
successful result: security flags do not match required]

My guess is that the phone tries to use NTLMv2, but of course the SASL 
plug-in only supports NTLMv1. The worst part is that there doesn't seem to 
be a client-side option to use another mechanism instead. I'm hesitant to 
disable NTLM server-side, because a few of our users use it successfully.

Has anyone else noticed this problem? Or do you have successful logins 
using Windows Phone 7, If so, do you offer NTLM? What mechanism does the 
phone use when it's successful?

Thanks, Sebastian
-- 
     .:.Sebastian Hagedorn - RZKR-R1 (Gebäude 52), Zimmer 18.:.
                 .:.Regionales Rechenzentrum (RRZK).:.
.:.Universität zu Köln / Cologne University - ✆ +49-221-478-5587.:.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pkcs7-signature
Size: 5292 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20101209/ab6cfb65/attachment-0001.bin 


More information about the Info-cyrus mailing list