Hi Richard, Since libc-client2003debian it's only posible to use a SSL connection. Most clients support it, but if you really want to allow plaintext IMAP again, please run 'dpkg-reconfigure libc-client2003debian' and awnser Yes to 'Should plaintext passwords be enabled?'.
To enable it manualy, create /etc/c-client.cf with the following contents: ------8<------ I accept the risk set disable-plaintext nil ------8<------ A better sollution would be to set your client to use SSL on port 993. The only thing you still have to worry about are the certificates. Jelmer ----- Original Message ----- From: "Hobbs, Richard" <[EMAIL PROTECTED]> To: <debian-security@lists.debian.org> Sent: Tuesday, June 10, 2003 8:32 AM Subject: IMAP is too secure... > Helo, > > I think my IMAP server has become too secure... I'm using the current > version of "uw-imapd" and "libc-client2003debian", as listed in stable and > stable-proposed-updates. > > I cannot log into my IMAP server any more... It keeps saying Invalid > password. I can only assume it's using password encryption, but I don't > know how to turn it off. > > It was never turned on before, but since the upgrade I've een unable to > retrieve my mail through IMAP. It usually asks in the config whether I > want clear-text passwords enabled or not, but it wasn't an option this > time. > > Any ideas? I really need to get at the mail..... > > Thanks in advance... > > Hobbs. > > -- > Richard Hobbs <[EMAIL PROTECTED]> > http://mongeese.co.uk | http://unixforum.co.uk > > "There's only one way of life, and that's your own" - The Levellers > > Registered Linux User: 313906 > _____________________________________________________ > Send all your jokes to [EMAIL PROTECTED] !! > To subscribe, email: [EMAIL PROTECTED] >