Displaying 20 results from an estimated 58 matches for "logindisabled".
2017 Aug 22
3
pop 110/995, imap 143/993 ?
...operly
> configuring the server and client.
Dovecot, by default, requires STARTTLS before accepting plaintext
authentication when SSL is configured and you are not connecting from
localhost. You can verify this by telnetting to port 143 from somewhere
else (NOT LOCALHOST) and you can see it says LOGINDISABLED unless you
have enabled something like cram-md5.
I think postfix, by default, will also prevent authentication without
transport security.
Also, you should probably using 587/tcp (submission) for sending mail,
instead of 25. Some reputable ISPs prevent connecting to random MX
servers to port 25 t...
2016 May 05
1
[MASSMAIL] Dovecot on C7.2 - secure internet access
...issue IMAP commands:
01 CAPABILITY
02 LOGIN user password
03 LOGOUT
That should be successful and you should have seen the configured AUTH
mechanisms. Now try without transport layer security:
telnet <your server IP address> 143
01 LOGIN user password
That should be forbidden because of LOGINDISABLED.
Regards
Alexander
2007 Jan 01
1
configured mechanisms don't work
...ot. However, in dovecot.conf I configured
mechanisms = plain login digest-md5 cram-md5
when I connect to the server via telnet 143, I get this:
2 CAPABILITY
* CAPABILITY IMAP4rev1 SASL-IR SORT THREAD=REFERENCES MULTIAPPEND UNSELECT
LITERAL+ IDLE CHILDREN NAMESPACE LOGIN-REFERRALS STARTTLS LOGINDISABLED
2 OK Capability completed.
So I can't authenticate using cram-md5. What may I be missing?
Regards & happy new year!
Eggert
2003 Oct 07
2
Plaintext Authentication from Localhost
Hi:
It appears that at least at one time, Dovecot supported plaintext
authentication from localhost, even if disable_plaintext_auth = yes. To wit,
the example configuration file reads:
# Disable LOGIN command and all other plaintext authentications unless
# SSL/TLS is used (LOGINDISABLED capability). Note that 127.*.*.* and
# IPv6 ::1 addresses are considered secure, this setting has no effect if
# you connect from those addresses.
#disable_plaintext_auth = yes
On brief inspection of the code, there doesn't seem to be any such support.
This is corroborated by the fact that 0....
2006 Jul 14
3
TLS Issues - Plain Text login?
...works via secure connections. I
have it working fine over SSL, now I wish to get TLS to work.
I have set imap and imaps to both listen on *, and have
disable_plaintext_auth = yes, which according to the docs,
Disable LOGIN command and all other plaintext authentications
unless SSL/TLS is used (LOGINDISABLED capability).
So the problem is now, that TLS doesn't work. Trying it with
thunderbird, I get a message about login being disabled, and to check
my settings and such. The port is correct (imap, not imaps), and I
have it to always use TLS.
I see the following in my logs
Jul 14 16:35:46 mafeking...
2011 May 20
1
IMAP COMPRESS not announced while using imap_zlib plugin
...rom doveconf -n with regards to mail_plugins:
--cut--
mail_plugins = zlib
protocol imap {
mail_plugins = zlib imap_zlib
}
--cut
But it seem like the feature is not announced when connecting to the
IMAP server:
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
IDLE STARTTLS LOGINDISABLED AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.
I would expect something like COMPRESS=DEFLATE.
I haven't enabled any compression for the Maildir files, zlib_save_level
and zlib_save is not set. Does IMAP COMPRESS only work if the mailbox is
compressed?
Best regards
Henrik Larsson
2016 Feb 02
2
Mail User Agent?
azurit at pobox.sk and Tom Sommer asks:
> How this ID extension can be enabled in Dovecot? From which version is
> it supported?
Accordind to Dovecot CAPA's response, it is already enabled
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS LOGINDISABLED] Ready.
However, as a previous poster noted, Dovecot doesn't do anything with
it other than to log it. The client can elect to ignore it or send an
ID string. The ID extension is documented here
https://www.ietf.org/rfc/rfc2971.txt
I speculated it could be used as a client-side CAPA info...
2014 May 16
1
imapc Proxy to IMAPS Exchangeserver?
I'm trying to adapt http://wiki2.dovecot.org/HowTo/ImapcProxy
to our Exchange Server, which has LOGINDISABLED on Port 143, and I
offering LOGIN on Port 993.
How do I go about this?
Simply changing imapc_port to:
imapc_port = 993
doesnt work:
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN]...
2018 Oct 06
1
TLS handshake failure - Client Helo rejected
...e] completed: XXXXXX.XXX/XXX.XXX.XXX.XXX:143, time = 0.10 sec
2018.09.15 23:27:57.374 +0200 [NETWRK.2652] Buffer sizes: 524288 send, 1132800 receive
2018.09.15 23:27:57.449 +0200 [IMAP_RAW.2652] Data is <124>:
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS LOGINDISABLED] Dovecot (Debian) ready.
2018.09.15 23:27:57.449 +0200 [IMAP.2652] Server greeting: * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS LOGINDISABLED] Dovecot (Debian) ready.
2018.09.15 23:27:57.450 +0200 [IMAP.2652] Server is Dovecot
2018.09.15 23:27:57.450 +0200 [...
2010 May 24
2
STARTTLS does not seem to work
...phil /home/phil 162> telnet 172.30.0.24 143
Trying 172.30.0.24...
Connected to 172.30.0.24.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 SASL-IR SORT THREAD=REFERENCES MULTIAPPEND
UNSELECT LITERAL+ IDLE CHILDREN NAMESPACE LOGIN-REFERRALS UIDPLUS
LIST-EXTENDED I18NLEVEL=1 STARTTLS LOGINDISABLED] AUTHORIZED USERS
ONLY -- unauthorized access strictly prohibited
STARTTLS
STARTTLS BAD Error in IMAP command received by server.
^]quit
telnet> quit
Connection closed.
altair/phil /home/phil 163> telnet 64.26.60.229 143
Trying 64.26.60.229...
Connected to 64.26.60.229.
Escape character is &...
2012 Jan 14
0
[PATCH] support master user to login as other users by DIGEST-MD5 SASL proxy authorization
...ecot/master-users
webmail2:{DIGEST-MD5}458af98b24dce5db79f852d146d5a5ca
$ gsasl -m DIGEST-MD5 --imap imap.corp.example.com -z dieken -a webmail2
-p 123456 -r corp.example.com
Trying `gold.corp.example.com'...
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
IDLE STARTTLS LOGINDISABLED AUTH=GSSAPI AUTH=DIGEST-MD5 AUTH=CRAM-MD5]
Dovecot ready.
. CAPABILITY
* CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
STARTTLS LOGINDISABLED AUTH=GSSAPI AUTH=DIGEST-MD5 AUTH=CRAM-MD5
. OK Pre-login capabilities listed, post-login capabilities have more.
. STARTTLS
. OK Beg...
2010 Nov 24
2
dovecot is confused about mail_location
IMAP logins via fetchmail are failing on my mailserver
root at grelber:/home/esr# tail -f /var/log/mail.err
Nov 24 16:56:48 grelber dovecot: IMAP(cathy): mail_location not set and autodetection failed: Mail storage autodetection failed with home=/home/cathy
Nov 24 16:56:48 grelber dovecot: IMAP(cathy): Fatal: Namespace initialization failed
Nov 24 16:57:39 grelber dovecot: IMAP(cathy):
2015 Aug 11
2
C6.7 evolution to cyrus imap(s) fails
...jaa.org.uk/emailAddress=ja at jaa.org.uk
---
Server certificate
...
* OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID AUTH=PLAIN SASL-IR
COMPRESS=DEFLATE] maui.jaa.org.uk Cyrus IMAP
v2.3.16-Fedora-RPM-2.3.16-13.el6_6 server ready
a1 LOGIN username password
al OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID LOGINDISABLED AUTH=PLAIN
COMPRESS=DEFLATE ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS
NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ
THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE
SCAN IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH] User logged...
2015 Sep 07
2
Dovecot and IPA
On Mon, 2015-09-07 at 20:37 +0300, Timo Sirainen wrote:
> It says "tried to use unsupported auth mechanism". In your later mail
> you say that telnet shows AUTH=GSSAPI in capabilities. So that would
> mean that the client isn't using AUTHENTICATE GSSAPI but something
> else.
I'd been considering that perhaps my version of Evolution was too old,
so I upgraded from
2015 Sep 08
2
Dovecot and IPA
...Zd2zm86prr8tziEZ3wmYQbVsx3rEG1lJ193Z++S2yj
57+fGoJ7jA56GXNChfB/hFNx4xs2QSzCjccy0D+3RI=
1441680001.087279
1441680001.087982 BQQE/wAMAAAAAAAAFP2szwH///9yYW5iaXKB/Devj+/oz2utdNs=
Here's the out rawlog:
1441680000.950204 * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN
-REFERRALS ID ENABLE IDLE LOGINDISABLED AUTH=GSSAPI] Dovecot ready.
1441680001.049592 +
1441680001.085562 +
YIGZBgkqhkiG9xIBAgICAG+BiTCBhqADAgEFoQMCAQ+iejB4oAMCARKicQRv03ycmqWKFL9
foDag8BqF5je64ekOG0UCpcDfT4v3ZwNLLhZL/Fo0THb+xD09LJcGM2AtTzRMFFV8V7YHSV
L1q+/X9exo0mxU6tMeHmXhMDq71PDcqB5zKdCpTmhakqny5x/vLM47xlnzj+oqwgnY
1441680001.087338 +...
2017 Aug 22
0
pop 110/995, imap 143/993 ?
On Tue, 22 Aug 2017, Aki Tuomi wrote:
> else (NOT LOCALHOST) and you can see it says LOGINDISABLED unless you
> have enabled something like cram-md5.
Hi,
exactly, this is the reason, why plain-text is still needed. You don't need
encryption for authentication, if you have secure authentication. Without
knowing original password, the MITM cannot generate correct hash for login, so
th...
2002 Aug 08
0
v0.96 released
This release was actually tested with reading my inbox (500+ messages, mbox,
Solaris 8) using Outlook and Evolution
v0.96 2002-08-08 Timo Sirainen <tss at iki.fi>
* Changed to LGPL v2.1 license
+ STARTTLS support and optional disabling of plaintext authentication
(LOGINDISABLED capability)
+ Support for custom message flags, each folder can have 26 different.
+ New configuration file options: imap_listen, max_logging_users,
max_imap_processes
+ You can specify config file location to imap-master with -c <path>
+ All IMAP processes can now write to specified l...
2005 Jan 19
0
Plaintext Authentication from Localhost
dovecot-bounces at dovecot.org wrote:
> I noticed that...
>
> # Disable LOGIN command and all other plaintext authentications unless
> # SSL/TLS is used (LOGINDISABLED capability). Note that 127.*.*.* and
> # IPv6 ::1 addresses are considered secure, this setting has
> no effect if
> # you connect from those addresses.
> #disable_plaintext_auth = yes
>
> ...was added to the latest release. Thanks Timo! This takes the
> localhost-SSL burden o...
2006 Feb 25
1
dovecot --Err Plaintext authentication disabled
Hi
Following my last posts, i succeed to connect pop3 in localhost but not in
mydomain.org (with dovecot 0.99 it worked)
I have this error :
-ERR Plaintext authentication disabled.
Thanks
2006 Apr 24
1
IMAP/Plain Text issue with Dovecot
I finally got Dovecot working pretty good I just have one small problem. I
can't seem to log in via IMAP, now everything works great through POP but
when I try to login via IMAP I get the following error:
"PLAIN authentication failed. None of the authentication methods supported
by your IMAP server are supported this computer"
Anyone seen this before?
-------------- next part