Jerrale G
2010-Aug-07 22:51 UTC
[Dovecot] dovecot.conf: mechanisms = plain login cram-md5 | Windows Live Mail: CRAM-MD5 authentication failed. This could (NOT) be due to a lack of memory on your system
/etc/dovecot.conf:
auth default {
mechanisms=plain login cram-md5
passdb {
#..............
Windows Live Mail:
CRAM-MD5 authentication failed. This could be due to a lack of memory on
your system.
Your IMAP command could not be sent to the server, due to non-network
errors. This could, for example, indicate a lack of memory on your system.
Configuration:
Account: Sheltoncomputers (testuser)
Server: mail.sheltoncomputers.com
User name: testuser at sheltoncomputers.com
Protocol: IMAP
Port: 993
Secure(SSL): 1
Code: 800cccdf
The console I'm using is 4 GB ram; so, this dumb error of windoze dead
mail is irrelevant. The other mechanisms of TLS/no tls plain login work
fine. The passwords are stored in mysql as md5(password) but this works
on others not using cram-md5 (secure login of the client). I'm trying to
support a plethora of mechanisms for the convenience of the customer and .
Jerrale G.
Senior Admin
Gary V
2010-Aug-08 03:38 UTC
[Dovecot] dovecot.conf: mechanisms = plain login cram-md5 | Windows Live Mail: CRAM-MD5 authentication failed. This could (NOT) be due to a lack of memory on your system
On 8/7/10, Jerrale G wrote:> /etc/dovecot.conf: > > auth default { > mechanisms=plain login cram-md5 > passdb { > #.............. > > Windows Live Mail: > CRAM-MD5 authentication failed. This could be due to a lack of memory on > your system. > Your IMAP command could not be sent to the server, due to non-network > errors. This could, for example, indicate a lack of memory on your system. > > Configuration: > Account: Sheltoncomputers (testuser) > Server: mail.sheltoncomputers.com > User name: testuser at sheltoncomputers.com > Protocol: IMAP > Port: 993 > Secure(SSL): 1 > Code: 800cccdf > > The console I'm using is 4 GB ram; so, this dumb error of windoze dead mail > is irrelevant. The other mechanisms of TLS/no tls plain login work fine. The > passwords are stored in mysql as md5(password) but this works on others not > using cram-md5 (secure login of the client). I'm trying to support a > plethora of mechanisms for the convenience of the customer and . > > Jerrale G. > Senior Admin >I'm no expert, but if I'm not mistaken, cram-md5 requires a plain text shared secret. I quote from http://www.sendmail.org/~ca/email/cyrus2/components.html: "Shared Secret Mechanisms - For these mechanisms, such as CRAM-MD5, DIGEST-MD5, and SRP, there is a shared secret between the server and client (e.g. a password). However, in this case the password itself does not travel on the wire. Instead, the client passes a server a token that proves that it knows the secret (without actually sending the secret across the wire). For these mechanisms, the server generally needs a plaintext equivalent of the secret to be in local storage (not true for SRP)." The auth default section of my dovecot.conf looks like: auth default { mechanisms = plain login cram-md5 passdb sql { args = /etc/dovecot/dovecot-sql.conf } passdb sql { args = /etc/dovecot/dovecot-crammd5.conf } userdb sql { args = /etc/dovecot/dovecot-sql.conf } user = root socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = vmail } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } With an /etc/dovecot/dovecot-crammd5.conf that might look something like this: driver = mysql connect = host=127.0.0.1 dbname=postfix user=postfix password=password default_pass_scheme = PLAIN password_query = SELECT clear AS password FROM mailbox WHERE username = '%u' AND active = '1' With an added field to store a plain text password (I called it "clear"). -- Gary V