Displaying 20 results from an estimated 20000 matches similar to: "TLS / SSL mixed w/ plaintext auth and virtual hosting"
2011 Mar 08
1
Curious problem: Plaintext authentication disallowed on non-secure (SSL/TLS) [read: all] connections.
Hello all,
I've set up a new instance of dovecot 2.0.9 to use as a POP3/IMAP proxy. On trying to login I am told '-ERR Plaintext authentication disallowed on non-secure (SSL/TLS) connections'.
I have set 'disable_plaintext_auth = no' (see output of doveconf attached). More curious still is that *this happens for SSL connections too*.
Something seems very wrong here.
Yelp?
2012 Mar 19
1
Using plaintext auth and SSL
I'm working with a company that presently has a Linux mailserver which all
users have (no shell) accounts on. Mail is accessed via pop3 with plaintext
authentication. They want to move to a system using imap with SSL. I'm
building them a new server. I'd like to offer both for a while so we can work
the bugs out and migrate users over to SSL imap over time. It appears that in
order
2013 Aug 06
2
Openssl vulnerability - SSL/ TLS Renegotion Handshakes
Hi,
I'm currently at CentOS 5.8. I'm using openssl version
openssl-0.9.8e-22.el5. The following vulnerability was reported by a Nessus
security scan:
"SSL/ TLS Renegotion Handshakes MiTm Plaintext Data Injection"
As per following link, Redhat has introduced openssl-0.9.8m which fixes
this specific issue:
2003 Jul 31
1
PHP API for Manager - Plaintext auth needed?
Quick question: My PHP script is now able to connect to the manager port
and successfully authenticate using MD5. I would strongly prefer not to
do plaintext authentication at all. Would anyone object to plaintext
authentication being left out?
--
JustThe.net Internet & Multimedia Svcs. [The Fusion of Content & Connectivity]
22674 Motnocab Road * Apple Valley, CA 92307-1950
Steve
2009 Jul 28
2
Cannot get plaintext auth working on IMAP or POP
Server: Ubuntu 9.04 desktop edition
Dovecot 1.1.11
Issue: I have set dovecot.conf with:
disable_plaintext_auth = no
but everytime I have a client (Windows Live Mail, ubuntu evolution) connect
from the Internet, I have the following type of message: Plaintext
authentication disallowed on non-secure (SSL/TLS) connections.
in my mail.log, I have:
Jul 28 15:09:43 "name" dovecot:
2003 Sep 18
0
Using Samba 2.2.7.a and PlainText Auth
Server == samba-2.2.7-3.7.2 Plaintext Auth daemon mode, RedHat 7.2 all
errata applied, 2.4.20-(stock errata latest)
Clients == WindowsXP (forced to use plaintext auth) all patched up.
Software == Multitude of lists sorting and management using the server
as it's store for data.
Trouble == Every once in a while after daemon uptime of a month so,
files written to the network drives will
2006 Dec 30
1
Allow plaintext auth from local network?
Hi,
I have dovecot 1.0rc15 on Debian and would like to allow plaintext
auth not only from the local IP address but from the entire local
network, but not from everywhere. Is that configurable?
I am looking for something like "allow_plaintext_auth = 10.8.0.0/24".
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber |
2013 Jun 20
1
Would attempting plaintext auth repeatably cause a DOS and server to crash?
Hey All,
I'm just wondering whether this is what caused my server to crash.
Started last night in NZ land.
Jun 20 19:22:11 elm dovecot: imap-login: Disconnected (tried to use
disallowed plaintext auth): user=<>, rip=attackerip, lip=10.0.0.3,
session=<0C8LzpDfZQDINsQC>
occasionally get
Jun 20 19:22:52 elm dovecot: imap-login: Disconnected (no auth attempts
in 1 secs):
2015 Aug 18
0
pop3-login: Disconnected (tried to use disallowed plaintext auth)
Hi
I have problem with dovecot 2.2.10 - plaintext auth without SSL is not
working. I'm upgrading old server and want that settings "stay same" as on
old server. SSL has to be optional.
/var/log/maillog
*pop3-login: Disconnected (tried to use disallowed plaintext auth):
user=<>, rip=_._._._, lip=_._._._, session=<cxPkm4Ud5gBb7YZ/>*
my settings:
[root at mail dovecot]#
2014 Sep 01
1
Master user and non-plaintext auth does not work
Hi,
I want to use CRAM-MD5 or DIGEST-MD5 (non-plaintext) authentication
for master users, but Dovecot 2.2.13 rejects it with the following log:
Sep 1 06:18:08 localhost dovecot: auth: passwd-file(masteruser,10.0.1.20,master,<ZA1s9/oBgAAKAAEU>): Master user logging in as u0001
Sep 1 06:18:08 localhost dovecot: auth: cram-md5(u0001 at example.jp,10.0.1.20,<ZA1s9/oBgAAKAAEU>):
2010 May 06
0
disable plaintext auth ... only for some addresses
I'd like to disable plaintext authentication (e.g. only allow authentication
that does STARTTLS or connects on SSL/TLS only ports) only for certain
(most) IP addresses. I want to exempt a few addresses (users coming over
known VPNs).
Fortunately, all this is coming in over a firewall (Sonicwall) in which I
can NAT traffic by IP address to go to specific port numbers. So, if I can
establish
2010 Apr 29
1
wbinfo -a fails plaintext auth; passes challenge/response
Once again, I am trying to add a machine to my Win2003 AD (that has
Services for Unix installed). I am using Xubuntu 9.10, and samba 3.4.0.
I set up Kerberos, and am getting a ticket. I have successfully joined
the domain.
# net ads join -U administrator
Enter administrator's password:
Using short domain name -- DACRIB
Joined 'DUAL-BOOTER' to realm 'DaCrib.local'
wbinfo -u
2014 Mar 17
1
samba4 - force ssl/tls for incoming ldap queries
hi there,
is there a way to have sambas internal ldap server reject plaintext
connections? something similar to the ssf-settings in openldap's acls?
i was already thinking about instructing iptables to drop all
connections to port 389 - but that would effectively rule out starttls
and force the clients to use ldaps, which has been deprectated a long
time ago.
thank you & with kind
2011 May 27
2
Can't install RedCloth gem, fails to compile
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi there,
I''m trying to install the RedCloth gem on my Arch Linux (64bit) system,
but hadn''t had success yet, RedCloth doesn''t seem to compile. Here''s the
installation output:
======================================
$ LANG=en_US.utf8 sudo gem install RedCloth
Building native extensions. This could take a while...
2011 Sep 07
1
ManageSieve with SSL/TLS only
Hi,
I'm quite new to Dovecot and ManageSieve, so probably I've missed
something, although I couldn't find any hints in the wiki. I'm
interested in running ManageSieve with SSL/TLS only. So is there any way
to reject any non encrypted connections? I couldn't find any parameter
for this purpose.
I'm currently using dovecot 1.2.15 provided with Debian Squeeze, but I
2014 Jan 27
1
Auth socket can't listen using ssl
Hi,
I'm using Dovecot 2.2.9 (debian package on testing).
It seems that it's not possible to open an auth socket using ssl. I'm
using this configuration :
service auth {
[...]
inet_listener authxmpp-client {
address = [ips]
port = 5220
}
inet_listener genericauth-client {
ssl = yes
address = [ips]
port = 5221
}
[...]
}
Both ports are running fine. But
2007 Nov 13
1
FW: Reference category for explanatory factors
(Oops first mistake was posting to the wrong area)
I am not sure what is needed to be posted in terms of what I have done
but will explain nonetheless.
I am using the msm.package and trying to specify my reference category
for an outcome covariate. The following command line works:
## age of respondent - using year5a: categorical
preg_fyear5a.msm<-msm(outcome~ipi, subject=id, data,
2013 Mar 08
3
dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=<xxx>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=<1pBG/03XogB/AAAB>
Hi,
I have set up ImapcProxy based on the wiki2 page.
My server is set up for no plain text auth without starttls.
When I am trying to login in the proxy server, I am getting an error Unknown
username/password.
The log says:
*dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs):
user=<xxx>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS,
session=<1pBG/03XogB/AAAB>*
2012 Jun 18
1
Problem with 'doveadm mailbox status -t' reporting cumulative vsizes after upgrading from v2.0.16 to v2.1.7
Hi,
I upgraded from Dovecot v2.0.16 to v2.1.7 over night and I noticed this
morning that one of my daily reports which lists summarised mailbox
sizes per user has started listing nonsense for vsizes.
The reporting script at its core calls :
doveadm -f flow mailbox status -A -t 'messages vsize' '*'
It appears that Dovecot 2.1.7 is not resetting the vsize after collating
the sum
2009 Jul 07
1
smbclient failing: Server requested plaintext password...
I was using samba 3.0.35 and started using samba 3.2.13.
Now when I try to connect to my samba server (which has
'encrypted passwords = no') using smbclient, I get:
Server requested plaintext password but 'client plaintext auth' is disabled
session setup failed: SUCCESS - 0
I tried 'smbclient -s foo.conf //server/dir' where foo.conf has:
[global]
client plaintext