Re: How to tell imapd and imspd to advertize LOGIN?
[EMAIL PROTECTED] wrote: I'm using cyrus-imapd-2.0.7, cyrus-imspd-v1.6a2, and sendmail-8.11.1 with cyrus-sasl-1.5.24. I've built SASL with LOGIN authentication. How to I tell imapd and imspd to advertize this method? They only advertize DIGEST-MD5 and CRAM-MD5 now. For sendmail, I had to add LOGIN to the AuthMechanisms list in sendmail.cf to make it announce 250-AUTH DIGEST-MD5 CRAM-MD5 LOGIN What do I do with imapd and imspd? I don't know about imspd, but for imapd run it with '-p 2' (or higher). Check imapd(8) for details. Ken -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp
Re: How to tell imapd and imspd to advertize LOGIN?
Kenneth Murchison writes: I don't know about imspd, but for imapd run it with '-p 2' (or higher). Check imapd(8) for details. And here I was reading the source looking for a way, and RTFM would have done it. However, I wouldn't have guessed that from the man page: OPTIONS -p ssf Tell imapd that an external layer exists. An SSF (security strength factor) of 1 means an integrity pro- tection layer exists. Any higher SSF implies some form of privacy protection. Now, my real problem is that I'm using a php-based web client that uses imap-2000a c-client to connect to the Cyrus IMAP (and IMSP) servers. Both run on the same host, so network security is not an issue. C-client is supposed to authenticate with either CRAM-MD5 or LOGIN, but it seems only to use CRAM-MD5. I suspect that this is because the servers don't advertize LOGIN. I'm using the auto_transition feature of SASL to populate the CRAM-MD5 database from plaintext passwords. This means that users can login via the php-based web client until they have done one plaintext login by some other method. The result is mass confusion. I need a way out of this mess without degrading security too much. Any suggestions? -- -Gary Mills--Unix Support--U of M Academic Computing and Networking-
How to tell imapd and imspd to advertize LOGIN?
I'm using cyrus-imapd-2.0.7, cyrus-imspd-v1.6a2, and sendmail-8.11.1 with cyrus-sasl-1.5.24. I've built SASL with LOGIN authentication. How to I tell imapd and imspd to advertize this method? They only advertize DIGEST-MD5 and CRAM-MD5 now. For sendmail, I had to add LOGIN to the AuthMechanisms list in sendmail.cf to make it announce 250-AUTH DIGEST-MD5 CRAM-MD5 LOGIN What do I do with imapd and imspd? -- -Gary Mills--Unix Support--U of M Academic Computing and Networking-