On Wed, 8 Feb 2023, Aki Tuomi wrote:
> Can you try setting imapc_sasl_mechanisms to login, maybe it works better? And Stephan Bosch <step...@rename-it.nl> wrote: > Can you make a protocol log (tcp dump of commands sent by client and > replies sent by server) for one of these sessions? e.g. using ngrep if > connections aren't secured. I was using imaps initially. Switching to imap over port 143 to do the tcpdump had the side effect of switching to LOGIN authentication, evidently uw-imap is sending different capability strings. It still doesn't work though. Both from the error and the dump I can tell "doveadm" is sending the user's id only without the "*masteruser" and the master user password. Plain connection banner: * OK [CAPABILITY IMAP4REV1 I18NLEVEL=1 LITERAL+ SASL-IR LOGIN-REFERRALS STARTTLS] foo.com IMAP4rev1 2007e.404 at Wed, 8 Feb 2023 16:45:22 -0500 (EST) SSL Banner on 993: * OK [CAPABILITY IMAP4REV1 I18NLEVEL=1 LITERAL+ SASL-IR LOGIN-REFERRALS AUTH=PLAIN AUTH=LOGIN] foo.com IMAP4rev1 2007e.404 at Wed, 8 Feb 2023 16:53:36 -0500 (EST) > > On 08/02/2023 06:24 EET Chris Candreva <ch...@westnet.com> wrote: > > > > > > I'm migrating a legacy uw-imap system to Dovecot, on a Rocky (RHEL) 8 > > server running Dovecot 2.3.16-3 from their repos. I am using a master user > > to import all users for an imaps connection from the old server to the > > new. On a trial run however, it worked for about half the users. Half are > > giving an error of the form: > > > > dsync(user): Error: imapc(host:993): > > Command '1 AUTHENTICATE PLAIN xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' failed with > > BAD: > > 1 Missing or invalid argument to AUTHENTICATE > > > > I can't seem to get the IMAP command for the users that did work. However, > > on the face of it, that is an invalid AUTHENTICATE command. If I take that > > string and brake it up into (what I've googled is) the proper form of > > multi-command form of > > > > 1 AUTHENTICATE PLAIN > > + > > xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > > > > then the login succeeds. I have not been able to find anyone else with > > this problem in my search. Is this a known issue, is there a way to force > > the multi-line AUTHENTICATE, something else I'm missing ? Any help is > > appreciate on this! > > > > -Chris > > > > > > > > -- > > --- > > ======================================================================== > > Chris Candreva -- ch...@westnet.com -- http://www.westnet.com/~chris > -- --- ======================================================================== Chris Candreva -- ch...@westnet.com -- http://www.westnet.com/~chris