similar to: Plaintext Authentication from Localhost

Hi Following my last posts, i succeed to connect pop3 in localhost but not in mydomain.org (with dovecot 0.99 it worked) I have this error : -ERR Plaintext authentication disabled. Thanks

dovecot-bounces at dovecot.org wrote: > I noticed that... > > # Disable LOGIN command and all other plaintext authentications unless > # SSL/TLS is used (LOGINDISABLED capability). Note that 127.*.*.* and > # IPv6 ::1 addresses are considered secure, this setting has > no effect if > # you connect from those addresses. > #disable_plaintext_auth = yes > > ...was

Server: Ubuntu 9.04 desktop edition Dovecot 1.1.11 Issue: I have set dovecot.conf with: disable_plaintext_auth = no but everytime I have a client (Windows Live Mail, ubuntu evolution) connect from the Internet, I have the following type of message: Plaintext authentication disallowed on non-secure (SSL/TLS) connections. in my mail.log, I have: Jul 28 15:09:43 "name" dovecot:

On 22.08.2017 03:56, Peter wrote: >>> Lest anyone think STARTTLS MITM doesn't happen, >>> >>> https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/ > Right, the attack does happen, but it can be prevented by properly > configuring the server and client. Dovecot, by default, requires STARTTLS before accepting plaintext

Hi, I want to use CRAM-MD5 or DIGEST-MD5 (non-plaintext) authentication for master users, but Dovecot 2.2.13 rejects it with the following log: Sep 1 06:18:08 localhost dovecot: auth: passwd-file(masteruser,10.0.1.20,master,<ZA1s9/oBgAAKAAEU>): Master user logging in as u0001 Sep 1 06:18:08 localhost dovecot: auth: cram-md5(u0001 at example.jp,10.0.1.20,<ZA1s9/oBgAAKAAEU>):

I finally got Dovecot working pretty good I just have one small problem. I can't seem to log in via IMAP, now everything works great through POP but when I try to login via IMAP I get the following error: "PLAIN authentication failed. None of the authentication methods supported by your IMAP server are supported this computer" Anyone seen this before? -------------- next part

Hi I'm running Dovecot 1.0 stable and getting error like this: dovecot: Jun 07 11:51:00 Info: Dovecot v1.0-stable starting up dovecot: Jun 07 11:51:01 Info: auth(default): mysql: Connected to postfix Dovecot: Jun 07 11:47:34 Info: imap-login: Login failed: Plaintext authentication disabled [85.76.231.143] dovecot.conf Authentication processes section looks like: auth default { mechanisms

Hi, I use dovecot (pop) with gentoo but it's not securize. I would like to use pops but i don't how to do this. I think i have to use certificates... This my dovecot.conf : protocols = imap imaps pop3 pop3s imap_listen = * pop3_listen = * imaps_listen = * pop3s_listen = * ssl_disable = no login = imap login = pop3 default_mail_env = maildir:%h/.maildir mbox_locks = fcntl dotlock auth =

Hi all, Ok, up until now, I've only always allowed IMAPS connections to dovecot on port 993. I want to also start allowing clients to user port143+STARTTLS, but I walso want to make sure both ports are locked down to ONLY allow secure connections. So... is disable_plaintext_auth = yes in the main config enough to accomplish this? http://wiki2.dovecot.org/SSL/DovecotConfiguration says:

Dear Sirs, I have Postfix 2.5 with Dovecot 1.0.0 as authentication server. Can I disable SMTP plaintext authentications for WAN clients, but allow it for LAN ones?

Hello Debian, with postfix and Dovecot Imap "2.2.13" running. If I want connect from Outlook or Thunderbird I will become this error: Plaintext disalowd on non secure SSL/TLS Connection. but I will that this run with secure connection, I don't have any intention to use Plaintext auth. Also I don't know why, dovecot will switch from IMAP --> POP3-Login. Or it's

Robert Wolf wrote: >> else (NOT LOCALHOST) and you can see it says LOGINDISABLED unless you >> have enabled something like cram-md5. > > Hi, > > exactly, this is the reason, why plain-text is still needed. You don't need > encryption for authentication, if you have secure authentication. Without > knowing original password, the MITM cannot generate correct hash

Hello I would like to use plaintext backend with a simple Samba 3.0.6 configuration to get rid of the system of double passwords and rely just on the plain old unix /etc/passwd ones. However I couldn't find any information about it in 1) man smb.conf 2) online Samba official HOWTO I tried putting passdb backend = plaintext into a smb.conf file with security=share and the Samba server

I was using samba 3.0.35 and started using samba 3.2.13. Now when I try to connect to my samba server (which has 'encrypted passwords = no') using smbclient, I get: Server requested plaintext password but 'client plaintext auth' is disabled session setup failed: SUCCESS - 0 I tried 'smbclient -s foo.conf //server/dir' where foo.conf has: [global] client plaintext

I'm trying to setup IMAP, so that it works via secure connections. I have it working fine over SSL, now I wish to get TLS to work. I have set imap and imaps to both listen on *, and have disable_plaintext_auth = yes, which according to the docs, Disable LOGIN command and all other plaintext authentications unless SSL/TLS is used (LOGINDISABLED capability). So the problem is now, that TLS

Quick question: My PHP script is now able to connect to the manager port and successfully authenticate using MD5. I would strongly prefer not to do plaintext authentication at all. Would anyone object to plaintext authentication being left out? -- JustThe.net Internet & Multimedia Svcs. [The Fusion of Content & Connectivity] 22674 Motnocab Road * Apple Valley, CA 92307-1950 Steve

I'm still having problems with winbind: wbinfo -u --> Error looking up domain users So I read a post about wbinfo -a, I tried it but I still can't get the domain's user list because the pdc doesn't allow plaintext passwords: wbinfo -a user%passwd plaintext password authentication failed error code was NT_STATUS_INVALID_PARAMETER (0xc000000d) Could not authenticate user

Hello, as soon as I set "disable_plaintext_auth = yes", AUTH=GSSAPI vanishes from capabilities. ([CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=GSSAPI AUTH=PLAIN AUTH=LOGIN] vs [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS LOGINDISABLED]) Why? I'm wondering especially because at

Once again, I am trying to add a machine to my Win2003 AD (that has Services for Unix installed). I am using Xubuntu 9.10, and samba 3.4.0. I set up Kerberos, and am getting a ticket. I have successfully joined the domain. # net ads join -U administrator Enter administrator's password: Using short domain name -- DACRIB Joined 'DUAL-BOOTER' to realm 'DaCrib.local' wbinfo -u

I have two questions: 1. What method/tool (other than a MuA) can I use to test my Dovecot setup from Windows CLI when ssl is enabled? I have tried connecting to to the pop3/imap4 services from a Windows PC but here is what I get: [pop3] +OK Dovecot-2.0-sis ready. user wash at domain.co.ke -ERR Plaintext authentication disallowed on non-secure (SSL/TLS) connections. [imap4] OK [CAPABILITY