LOGINDISABLED

[bao]

Hi list,

I'm compiling UW Imap-2002.RC9 on a RH 8.0. The closest system type to
this is RH 7.2.
openssl-0.9.6b-29 is installed

I have tried "make lrh", "make slx". With SSLTYPE=none, the server can 
be fired up, run and I can log in. But with the default SSLTYPE=nopwd, I 
cannot login. The error message is
* OK [CAPABILITY IMAP4REV1 LOGIN-REFERRALS STARTTLS LOGINDISABLED] ...

I have been quite happy with using imap-2001a-10 binary version that 
came with RH 7.3. I don't know what SSLTYPE that version was built with.
However, I'm sorta reluctant to use SSLTYPE=none.

Would someone please point out what that does and do I really need it??

Any help is appreciated

--
--
For information about this mailing list, and its archives, see: 
http://www.washington.edu/imap/c-client-list.html
--

Re: LOGINDISABLED

[Mark Crispin]

On Tue, 12 Nov 2002, bao wrote:
> I have tried "make lrh", "make slx". With SSLTYPE=none, the server can
> be fired up, run and I can log in. But with the default SSLTYPE=nopwd, I
> cannot login. The error message is
> * OK [CAPABILITY IMAP4REV1 LOGIN-REFERRALS STARTTLS LOGINDISABLED] ...

SSLTYPE=nopwd, the setting which is compliant with the new IMAP standard,
disables the LOGIN command in unencrypted sessions.  The LOGIN command
still works in encrypted sessions; that is, SSL IMAP sessions (port 993)
or regular IMAP sessions (port 143) after issuing a STARTTLS command.  You
can still use an alternative method of authentication, such as Kerberos or
CRAM-MD5, in uncrypted sessions; as long as someone can not discover how
to log in as you by watching the traffic as you authenticate.

SSLTYPE=unix, the setting which is partially-compliant with the new IMAP
standard, allows the LOGIN command in unencrypted sessions but implements
encrypted sessions.

SSLTYPE=none, the non-compliant setting, allows LOGIN and does not
implement encrypted sessions.

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.