dovecot - Apr 2012 - Dovecot and Outlook Express "plaintext authentication not allowed..."

Server: Ubuntu 11.10 server with postfix (MTA), dovecot (MDA)
Mail client: Outlook Express in Windows XP with IMAP on port 143, SMTP on port
25

When tried to set up a new Outlook Express mail acct, the following error
encountered:

? ? ?Your IMAP server wishes to alert you to the following:
? ? ?plaintext authentication not allowed without SSL/TLS, but your client did
it anyway. ?If
? ? ?anyone was listening, the password was exposed.

When asked "would you like to download folders from the mail server you
added?" then got the
following error:

The server has rejected your login. ?Please verify that your user name and
password are correct.

I re-entered several time with the correct username and password, but still
responded the same error.

Any insights would be greatly appreciated.


Here is the message from the /var/log/mail.log:


Apr 17 01:54:17 server dovecot: imap-login: Disconnected (tried to use disabled
plaintext auth): rip192.168.20.51, lip=192.168.20.100Apr 17 01:54:28 server
dovecot: imap-login: Disconnected (tried to use disabled plaintext auth):
rip192.168.20.51, lip=192.168.20.100

What might be wrong in my dovecot.conf file. ?Below is my dovecot.conf file:

# 2.0.13: /etc/dovecot/dovecot.conf
# OS: Linux 3.0.0-16-server x86_64 Ubuntu 11.10?
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:~/Maildir
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date
passdb {
? driver = pam
}
passdb {
? driver = pam
}
plugin {
? sieve = ~/.dovecot.sieve
? sieve_dir = ~/sieve
}
protocols = imap pop3 sieve
service auth {
? unix_listener /var/spool/postfix/private/auth-client {
? ? group = postfix
? ? mode = 0660
? ? user = postfix
? }
? unix_listener /var/spool/postfix/private/dovecot-auth {
? ? group = postfix
? ? mode = 0660
? ? user = postfix
? }
? user = root
}
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_cipher_list =
ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
? driver = passwd
}
userdb {
? driver = passwd
}
protocol imap {
? imap_client_workarounds = delay-newmail
? mail_max_userip_connections = 10
}
protocol pop3 {
? mail_max_userip_connections = 10
? pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
? pop3_uidl_format = %08Xu%08Xv
}
protocol lda {
? deliver_log_format = msgid=%m: %$
? mail_plugins = sieve
? postmaster_address = postmaster
? quota_full_tempfail = yes
? rejection_reason = Your message to <%t> was automatically rejected:%n%r
}

On 2012-04-17 5:16 AM, D Chen <dchenusa at yahoo.com>
wrote:
> When tried to set up a new Outlook Express mail acct, the following error
encountered:
>
>       Your IMAP server wishes to alert you to the following:
>       plaintext authentication not allowed without SSL/TLS, but your client
did it anyway.
Ummm... hello? McFly? ;)

You need to configure SSL on Outlook Express (why on gods green earth 
you are using that is beyond me), as the error plainly says. Until you 
do this it doesn't matter what you enter for a username/password.

Also, you should be using SSL on port 993, because I'm fairly certain 
that Outlook Express doesn't support STARTTLS on port 143.

And off topic but in the same vein, for postfix/SMTP relay you should be 
using the submission port (STARTTLS on port 587) for most clients, but I 
think Outlook Express again doesn't work with it, so you will need to 
use the deprecated SSL on port 465 (these two need to be enabled in 
postfix/master.cf - just uncomment the examples).

-- 

Best regards,

Charles

On 17/04/2012 12:16, D Chen wrote:
> Server: Ubuntu 11.10 server with postfix (MTA), dovecot (MDA)
> Mail client: Outlook Express in Windows XP with IMAP on port 143, SMTP on
port 25
>
> When tried to set up a new Outlook Express mail acct, the following error
encountered:
>
>       Your IMAP server wishes to alert you to the following:
>       plaintext authentication not allowed without SSL/TLS, but your client
did it anyway.  If
>       anyone was listening, the password was exposed.
>
> When asked "would you like to download folders from the mail server
you added?" then got the
> following error:
>
> The server has rejected your login.  Please verify that your user name and
password are correct.
>
> I re-entered several time with the correct username and password, but still
responded the same error.
>
> Any insights would be greatly appreciated.
>
>
> Here is the message from the /var/log/mail.log:
>
>
> Apr 17 01:54:17 server dovecot: imap-login: Disconnected (tried to use
disabled plaintext auth): rip> 192.168.20.51, lip=192.168.20.100Apr 17
01:54:28 server dovecot: imap-login: Disconnected (tried to use disabled
plaintext auth): rip> 192.168.20.51, lip=192.168.20.100
>
> What might be wrong in my dovecot.conf file.  Below is my dovecot.conf
file:
>
> # 2.0.13: /etc/dovecot/dovecot.conf
> # OS: Linux 3.0.0-16-server x86_64 Ubuntu 11.10
> log_timestamp = "%Y-%m-%d %H:%M:%S "
> mail_location = maildir:~/Maildir
> mail_privileged_group = mail
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date
> passdb {
>    driver = pam
> }
> passdb {
>    driver = pam
> }
> plugin {
>    sieve = ~/.dovecot.sieve
>    sieve_dir = ~/sieve
> }
> protocols = imap pop3 sieve
> service auth {
>    unix_listener /var/spool/postfix/private/auth-client {
>      group = postfix
>      mode = 0660
>      user = postfix
>    }
>    unix_listener /var/spool/postfix/private/dovecot-auth {
>      group = postfix
>      mode = 0660
>      user = postfix
>    }
>    user = root
> }
> ssl_cert =</etc/ssl/certs/dovecot.pem
> ssl_cipher_list =
ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM
> ssl_key =</etc/ssl/private/dovecot.pem
> userdb {
>    driver = passwd
> }
> userdb {
>    driver = passwd
> }
> protocol imap {
>    imap_client_workarounds = delay-newmail
>    mail_max_userip_connections = 10
> }
> protocol pop3 {
>    mail_max_userip_connections = 10
>    pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
>    pop3_uidl_format = %08Xu%08Xv
> }
> protocol lda {
>    deliver_log_format = msgid=%m: %$
>    mail_plugins = sieve
>    postmaster_address = postmaster
>    quota_full_tempfail = yes
>    rejection_reason = Your message to<%t>  was automatically
rejected:%n%r
> }
>
Maybe
auth_mechanisms = plain login cram-md5