dovecot - Jan 2011 - dovecot: pop3-login: Disconnected (tried to use disabled plaintext auth): method=PLAIN

First, my problem.  Settings are below that...

Everything works fine - I can login to webmail (users are tied to
LDAP).  I can send and receive email via my Thunderbird Client.

However in my mail.err log I see lots of messages that say:

dovecot: pop3-login: Disconnected (tried to use disabled plaintext
auth): method=PLAIN

1.) What does that mean, and how can I solve it?
2.) With regards to pop3s I am not altogether sure that I am using the
right config in my dovecot.conf file (also below).  Can someone let me know?


Version:
=================dovecot --version = 1.2.12

System:
=================Ubuntu Server 10.10 (64bit)

dovecot -n
=================# 1.2.12: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.35.4-rscloud x86_64 Ubuntu 10.10
log_timestamp: %Y-%m-%d %H:%M:%S
protocols: pop3 pop3s imap imaps
login_dir: /var/run/dovecot/login
login_executable(default): /usr/lib/dovecot/imap-login
login_executable(imap): /usr/lib/dovecot/imap-login
login_executable(pop3): /usr/lib/dovecot/pop3-login
mail_privileged_group: mail
mail_location: mbox:~/mail:INBOX=/var/mail/%u
mbox_write_locks: fcntl dotlock
mail_executable(default): /usr/lib/dovecot/imap
mail_executable(imap): /usr/lib/dovecot/imap
mail_executable(pop3): /usr/lib/dovecot/pop3
mail_plugin_dir(default): /usr/lib/dovecot/modules/imap
mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap
mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3
auth default:
  passdb:
    driver: pam
  userdb:
    driver: passwd

Dovecot.conf
=================egrep -v "^[[:space:]]*#|^$"
/etc/dovecot/dovecot.conf
protocols = pop3 pop3s imap imaps
log_timestamp = "%Y-%m-%d %H:%M:%S "
ssl = yes
ssl_cert_file = /etc/ssl/certs/dovecot.pem
ssl_key_file = /etc/ssl/private/dovecot.pem
login_dir = /var/run/dovecot/login
   mail_location = mbox:~/mail:INBOX=/var/mail/%u
mail_privileged_group = mail
protocol imap {
  login_executable = /usr/lib/dovecot/imap-login
  mail_executable = /usr/lib/dovecot/imap
}

protocol pop3 {
  login_executable = /usr/lib/dovecot/pop3-login
  mail_executable = /usr/lib/dovecot/pop3
  pop3_uidl_format = %08Xu%08Xv
}
protocol managesieve {
}
auth default {
  mechanisms = plain
  passdb pam {
  }
  userdb passwd {
  }
  user = root
  !include_try /etc/dovecot/auth.d/*.auth
}
dict {
}
plugin {
}
!include_try /etc/dovecot/conf.d/*.conf

On 01/27/11 05:57 AM, John Espiro wrote:
> First, my problem.  Settings are below that...
>
> Everything works fine - I can login to webmail (users are tied to
> LDAP).  I can send and receive email via my Thunderbird Client.
>
> However in my mail.err log I see lots of messages that say:
>
> dovecot: pop3-login: Disconnected (tried to use disabled plaintext
> auth): method=PLAIN
> 1.) What does that mean, and how can I solve it?
This looks like you are trying to connect to pop3 without SSL or TLS. If 
you really want to allow plaintext over a non-secure connection then you 
need to use the following.

disable_plaintext_auth = no

Paul

Hi Paul -

Well, I want to use STARTTLS... my Thunderbird settings are:

In thunderbird, I have the following settings:
Port 110
Username: <user>
Connection security: STARTTLS
Authentication: Normal password

Which should be correct, right?

John


On 1/27/2011 2:28 PM, Paul Griffith wrote:
>
> This looks like you are trying to connect to pop3 without SSL or TLS.
> If you really want to allow plaintext over a non-secure connection
> then you need to use the following.
>
> disable_plaintext_auth = no
>
> Paul
>
>
>

On 01/27/11 09:42 AM, John Espiro wrote:
> Hi Paul -
>
> Well, I want to use STARTTLS... my Thunderbird settings are:
>
> In thunderbird, I have the following settings:
> Port 110
> Username:<user>
> Connection security: STARTTLS
> Authentication: Normal password
>
> Which should be correct, right?
>
> John
What if you change STARTTTLS to SSL ?

Did you try setting disable_plaintext_auth = no ?

>
> On 1/27/2011 2:28 PM, Paul Griffith wrote:
>>
>> This looks like you are trying to connect to pop3 without SSL or TLS.
>> If you really want to allow plaintext over a non-secure connection
>> then you need to use the following.
>>
>> disable_plaintext_auth = no
>>
>> Paul

Still shows the same, pop3/plain.  I will disable plaintext and see what
happens...

On 1/27/2011 6:03 PM, Paul Griffith wrote:
>
> What if you change STARTTTLS to SSL ?
>
> Did you try setting disable_plaintext_auth = no ?
>

I set the auth to SSL and STARTTLS.  I also set disable_plaintext_auth
to both yes and no, and the result is the same... it uses pop3/plain.
I viewed the running process to see which of the 4 conf files it was
using, so I know i have the right file.

Thoughts?

On 1/27/2011 6:03 PM, Paul Griffith wrote:
>
> What if you change STARTTTLS to SSL ?
>
> Did you try setting disable_plaintext_auth = no ?
>
>
>>
>> On 1/27/2011 2:28 PM, Paul Griffith wrote:
>>>
>>> This looks like you are trying to connect to pop3 without SSL or
TLS.
>>> If you really want to allow plaintext over a non-secure connection
>>> then you need to use the following.
>>>
>>> disable_plaintext_auth = no
>>>
>>> Paul
>
>
>
>

On 11:59 AM, John Espiro wrote:
> I set the auth to SSL and STARTTLS.  I also set disable_plaintext_auth
> to both yes and no, and the result is the same... it uses pop3/plain.
> I viewed the running process to see which of the 4 conf files it was
> using, so I know i have the right file.
> 
> Thoughts?

Are you able to get your mail via your pop client?

If so, the log messages are from other attempts (probably by crackers
trying to guess passwords on your system) to log in. Is there a "rip="
in the log messages giving the IP of the originator? If so, is it yours?

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan