[opensuse] Not Cyrus IMAP ... or could be
Hi all, So, now I have my little Cyrus IMAP server running and I've created a user and tested successfully using imtest. I decided to try to test the IMAP server by using telnet. cyrus@linux-zuge:~> telnet localhost imap Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID LOGINDISABLED * AUTH=CRAM-MD5 AUTH=DIGEST-MD5 SASL-IR COMPRESS=DEFLATE] linux-zuge * Cyrus IMAP v2.3.16 server ready . login ahkow@test.com pass1234 . NO Login only available under a layer . logout * BYE LOGOUT received . OK Completed Connection closed by foreign host. The password is correct because I used it with imtest, but I could also specify that I was using DIGEST-MD5 in imtest. Do I need to make a MD5 hash of my password and enter it when I login with telnet? If so, how do I generate the MD5 hash of "pass1234"? Also, if Cyrus requires the MD5 hashed password to login, does that mean that clients such as Outlook would not be able to connect because they can only use plain text authentication (AFAIK)? Any information would be deeply appreciated! pascal chong -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
El 12/05/11 10:48, Yu Meng Chong escribió:
Hi all,
So, now I have my little Cyrus IMAP server running and I've created a user and tested successfully using imtest. I decided to try to test the IMAP server by using telnet.
cyrus@linux-zuge:~> telnet localhost imap Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID LOGINDISABLED * AUTH=CRAM-MD5 AUTH=DIGEST-MD5 SASL-IR COMPRESS=DEFLATE] linux-zuge * Cyrus IMAP v2.3.16 server ready . login ahkow@test.com pass1234 . NO Login only available under a layer . logout * BYE LOGOUT received . OK Completed Connection closed by foreign host.
The password is correct because I used it with imtest, but I could also specify that I was using DIGEST-MD5 in imtest. Do I need to make a MD5 hash of my password and enter it when I login with telnet? If so, how do I generate the MD5 hash of "pass1234"?
they key here is "LOGINDISABLED" "LOGINDISABLED is an IMAP extension which means: The server is configured to reject plaintext login. The client has to use either TLS or a challenge/response mechanism such as CRAM-MD5." Enabling plaintext login or using CRAM-MD5 is a really bad idea, and your server does not seems to expose capability STARTTLS. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
----- "Cristian Rodríguez" <crrodriguez@opensuse.org> wrote:
they key here is "LOGINDISABLED"
"LOGINDISABLED is an IMAP extension which means: The server is configured to reject plaintext login. The client has to use either TLS or a challenge/response mechanism such as CRAM-MD5."
Enabling plaintext login or using CRAM-MD5 is a really bad idea, and your server does not seems to expose capability STARTTLS.
Hi Cristian, Well, this IMAP server is not meant for production use. I'm just learning how IMAP works and specifically, how Cyrus is configured. So far, it's been slow-going but interesting. I'm still very much a newbie to this, which is why I wanted to start with the simplest configuration possible. I have Cyrus IMAP authenticating against SASLDB (instead of MySQL or saslauthd) and just one user. I want to test autocreation of folders which is supposed to happen when a IMAP session is started by the user. Is there a way to specify during the telnet session, not to use LOGIN but DIGEST-MD5 instead? Thanks and Regards, pascal chong -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Am Donnerstag 12 Mai 2011, 18:34:02 schrieb Yu Meng Chong:
----- "Cristian Rodríguez" <crrodriguez@opensuse.org> wrote:
they key here is "LOGINDISABLED"
"LOGINDISABLED is an IMAP extension which means: The server is configured to reject plaintext login. The client has to use either TLS or a challenge/response mechanism such as CRAM-MD5."
Enabling plaintext login or using CRAM-MD5 is a really bad idea, and your server does not seems to expose capability STARTTLS.
Hi Cristian,
Well, this IMAP server is not meant for production use. I'm just learning how IMAP works and specifically, how Cyrus is configured. So far, it's been slow-going but interesting.
I'm still very much a newbie to this, which is why I wanted to start with the simplest configuration possible. I have Cyrus IMAP authenticating against SASLDB (instead of MySQL or saslauthd) and just one user. If you want to use SASL, you can't use the IMAP "login" command. That is only for plaintext authentication.
I want to test autocreation of folders which is supposed to happen when a IMAP session is started by the user. Why do you need to use telnet for that. I think imtest has every thing you need to do a successful SASL authentication.
Is there a way to specify during the telnet session, not to use LOGIN but DIGEST-MD5 instead? There certainly is, but you'd somehow have to do the SASL Handshake for DIGEST-MD5 (which IIRC involves some base64 trickery and md5 hashing) yourself (or with the help of cyrus_sasl_sample_client/-server). I'd rather use imtest instead of telnet.
Ralf -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (3)
-
Cristian Rodríguez -
Ralf Haferkamp -
Yu Meng Chong