strange behaviour authenticating to IMAP server with squirrelmail

Walter H. Walter.H at mathemainzel.info
Sun Oct 8 16:21:51 EDT 2017 

Hello,

when setting in squirrelmail
$imap_auth_mech = 'cram-md5';
or
$imap_auth_mech = 'digest-md5';
then the following is logged in /etc/maillog

Oct  8 14:59:41 imap-host imaps[2042]: accepted connection
Oct  8 14:59:41 imap-host imaps[2042]: imapd:Loading DH parameters from file
Oct  8 14:59:41 imap-host imaps[2042]: SSL_accept() incomplete -> wait
Oct  8 14:59:41 imap-host imaps[2042]: SSL_accept() succeeded -> done
Oct  8 14:59:41 imap-host imaps[2042]: starttls: TLSv1 with cipher 
DHE-RSA-AES256-SHA (256/256 bits new) no authentication
Oct  8 14:59:42 imap-host imaps[2042]: badlogin: host-running-squirrel 
[IPv6-running-squirrel] DIGEST-MD5 [SASL(-13): user not found: no secret 
in database]

but, when setting in squirrelmail
$imap_auth_mech = 'login';
then the following is logged and it works ...

Oct  8 18:37:16 imap-host imaps[10530]: accepted connection
Oct  8 18:37:16 imap-host imaps[10530]: imapd:Loading DH parameters from 
file
Oct  8 18:37:16 imap-host imaps[10530]: SSL_accept() incomplete -> wait
Oct  8 18:37:16 imap-host imaps[10530]: SSL_accept() succeeded -> done
Oct  8 18:37:16 imap-host imaps[10530]: starttls: TLSv1 with cipher 
DHE-RSA-AES256-SHA (256/256 bits new) no authentication
Oct  8 18:37:17 imap-host imaps[10530]: login: host-running-squirrel 
[IPv6-running-squirrel] walter plaintext+TLS User logged in

even /etc/imapd.conf is this:

allowanonymouslogin: no
allowplaintext: no <--
altnamespace: no
configdirectory: /var/lib/imap
partition-default: /var/spool/imap
admins: cyrus
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail
servername: storage.mail
hashimapspool: true
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
tls_cert_file: /etc/pki/cyrus-imapd/tls.crt/mail-host.crt
tls_key_file: /etc/pki/cyrus-imapd/tls.key/mail-host.key
tls_ca_file: /etc/pki/cyrus-imapd/tls.crt/server-chain-sslca.crt
quotawarn: 95

sasldblistusers2 shows this:

cyrus at imap-host: userPassword

why I am unable to use  digest-md5 or cram-md5?
or: what do I have to do to use digest-md5?
adding a user with  saslpasswd2?
what is the 'appname'?

Im using Centos 6 and the RPM packages of CentOS

Thanks,
Walter


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3491 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20171008/143f711f/attachment.p7s>

More information about the Info-cyrus mailing list