pvsuja
2013-Mar-08 06:08 UTC
[Dovecot] dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=<xxx>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=<1pBG/03XogB/AAAB>
Hi, I have set up ImapcProxy based on the wiki2 page. My server is set up for no plain text auth without starttls. When I am trying to login in the proxy server, I am getting an error Unknown username/password. The log says: *dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=<xxx>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=<1pBG/03XogB/AAAB>* The server log: *dovecot: imap-login: Disconnected (tried to use disabled plaintext auth): rip=10.x.x.x, lip=10.x.x.y* Through wireshark, I found the username and password is going in plain text only to the server. How will I enable starttls in ImapcProxy before any communication starts? Thanks and regards, Suja -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-imap-login-Aborted-login-auth-failed-1-attempts-in-2-secs-user-xxx-method-PLAIN-rip-127-0-0--tp40684.html Sent from the Dovecot mailing list archive at Nabble.com.
Jan Phillip Greimann
2013-Mar-08 08:01 UTC
[Dovecot] dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=<xxx>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=<1pBG/03XogB/AAAB>
Am 08.03.2013 07:08, schrieb pvsuja:> Through wireshark, I found the username and password is going in plain text > only to the server. > How will I enable starttls in ImapcProxy before any communication starts?Mhh, well, communication encryption and password encryption are two different things. If you speak over SSL with your server, it doesn't matter if the password is transmitted in plain. http://wiki.dovecot.org/Authentication/Mechanisms
pvsuja
2013-Mar-08 09:04 UTC
[Dovecot] dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=<xxx>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=<1pBG/03XogB/AAAB>
Yes, I know that. When I am telnetting to my ImapcProxy over 143, the capabilities are listed ...... STARTTLS AUTH=PLAIN AUTH=LOGIN ..... I need the AUTH capability to be enabled only after STARTTLS I have done this in Postfix. Is there a way to do it in Dovecot? -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-imap-login-Aborted-login-auth-failed-1-attempts-in-2-secs-user-xxx-method-PLAIN-rip-127-0-0--tp40684p40689.html Sent from the Dovecot mailing list archive at Nabble.com.
Timo Sirainen
2013-Mar-20 17:27 UTC
[Dovecot] dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=<xxx>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=<1pBG/03XogB/AAAB>
On 8.3.2013, at 8.08, pvsuja <pvsuja at gmail.com> wrote:> Through wireshark, I found the username and password is going in plain text > only to the server. > How will I enable starttls in ImapcProxy before any communication starts?imapc_ssl = starttls See also other related settings in http://wiki2.dovecot.org/Migration/Dsync I guess imapc should have its own wiki page some day.