Hi, On Wed, Feb 15, 2012 at 7:26 PM, Eric Shubert <e...@shubes.net> wrote: > The other impact will be the elimination of cram-md5 as an authentication > option. While this doesn't really make QMT any less secure, it might mean > that some clients that were formerly configured to use cram-md5 would fail > to work until their configuration options were changed.
Related to this: On my another recently new qmailtoaster server I noticed the following after updating packages with yum: Feb 11 12:52:02 Updated: 1:dovecot-2.0.17-1.qtp.i386 Feb 11 12:52:30 Updated: qmail-toaster-1.03-1.3.21.i686 Feb 11 12:53:07 Updated: qmailtoaster-plus-0.3.2-1.4.17.noarch I had disabled cram-md5 from the server (as I had had issues with it on my other toaster running Horde). in /etc/dovecot/toaster.conf: auth_mechanisms = plain login digest-md5 But after the update logins to Squirrelmail no longer worked, this was the error given by Squirrelmail: ERROR: Bad request: IMAP server does not appear to support the authentication method selected. Please contact your system administrator. And in dovecot.log I saw: Feb 16 23:31:04 imap-login: Info: Disconnected (tried to use unsupported auth mechanism): method=CRAM-MD5, rip=127.0.0.1, lip=127.0.0.1, secured What I have in /etc/squirrelmail/config.php is: $imap_auth_mech = 'login'; $use_imap_tls = false; Now I am puzzled as I had the same config in dovecot/squirrelmail before the update and things worked ok. Here is what I see in the dovecot.log with the old version when logging in via Squirrelmail: Feb 16 23:40:33 imap-login: Info: Aborted login (auth failed, 1 attempts): user=<pe...@mydomain.tld>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured So no cram-md5 there.... So the situation seems to be: * with dovecot-2.0.11-2.qtp + qmail-toaster-1.03-1.3.20 Squirrelmail works ok without cram-md5, Horde does not work without cram-md5 * with dovecot-2.0.17-1.qtp.i386 + qmail-toaster-1.03-1.3.21.i686 Squirrelmail does not work without cram-md5, situation of Horde with this combo is unknown to me Has anyone any ideas why Squirrelmail started using cram-md5 after the update? Best, Peter --------------------------------------------------------------------------------- Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! --------------------------------------------------------------------------------- Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com