Hi, I'm trying to set up dovecot to do pop3 from Eudora, but it keeps breaking on authentication attempts using plain auth. When I snoop the connection with tcpflow, here's what I see: 128.174.246.068.00110-062.107.004.050.49653: +OK dovecot ready. 128.174.246.068.00110-062.107.004.050.49653: +OK dovecot ready. 128.174.246.068.00110-062.107.004.050.49653: 062.107.004.050.49653-128.174.246.068.00110: CAPA 128.174.246.068.00110-062.107.004.050.49653: +OK CAPA TOP USER UIDL RESP-CODES STLS SASL PLAIN DIGEST-MD5 . 062.107.004.050.49653-128.174.246.068.00110: auth plain AG1p2YtlQBebz12YmXQ 128.174.246.068.00110-062.107.004.050.49653: -ERR Unsupported authentication mechanism. It seems to me that sending 'auth plain <MD5>' is against the RFCs (1734, 2195, 1939). What can be done about this? I'm also curious why MD5 auth is not allowed for shadow passwords whenthat has been standard on Linux for a while now. Or am I missing something? Thanks in advance, -Lars -- Lars Clausen (http://shasta.cs.uiuc.edu/~lrclause)| H?rdgrim of Numenor "I do not agree with a word that you say, but I |---------------------------- will defend to the death your right to say it." | Where are we going, and --Evelyn Beatrice Hall paraphrasing Voltaire | what's with the handbasket?
On Thu, 2003-07-03 at 22:43, Lars Clausen wrote:> 062.107.004.050.49653-128.174.246.068.00110: auth plain AG1p2YtlQBebz12YmXQ > > 128.174.246.068.00110-062.107.004.050.49653: -ERR Unsupported authentication mechanism. > > > It seems to me that sending 'auth plain <MD5>' is against the RFCs (1734, > 2195, 1939). What can be done about this?Hmm. It looks like it tried to send SASL's "initial response" in the AUTH command itself. I also don't see any RFCs mentioning that it should be supported, but at least UW-IMAP does seem to support it. I'm not sure if I should bother adding support since it's not required by any RFCs and it would require larger changes to my code.. Also the data after auth plain should have been base64 encoded user and password, but decoding the above shows only garbage..> I'm also curious why MD5 auth is not allowed for shadow passwords whenthat > has been standard on Linux for a while now. Or am I missing something?What do you mean by MD5 auth? DIGEST-MD5 requires storing password in it's own special way. APOP and CRAM-MD5 require storing the password in plaintext.
Seemingly Similar Threads
- [Bug 491] New: Large file transfers get stalls
- [Bug 3439] New: identify password prompts
- contrib/solaris/buildpkg.sh - use within JumpStart as well?
- 'buildpkg.sh' for OpenSSH - non-interactive install?
- [Bug 3562] New: make SSH_ASKPASS and SSH_ASKPASS_REQUIRE available as config options