We're trying to evaluate SOGo via a ZEG-2.3.2.ova installation under VirtualBox. Operations via the web interface (i.e. browsing to http://192.168.15.225/SOGo, our local ZEG instance) work fine, but I was unable to connect to the sample accounts using Thunderbird or other IMAP clients because of authentication problems. This is confirmed with a telnet session:
$ telnet 192.168.15.225 imap Trying 192.168.15.225... Connected to 192.168.15.225. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LOGINDISABLED] Dovecot (Ubuntu) ready. a1 LOGIN sogo1 sogo * BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but your client did it anyway. If anyone was listening, the password was exposed. a1 NO [PRIVACYREQUIRED] Plaintext authentication disallowed on non-secure (SSL/TLS) connections. Poking around on the ZEG host, I see the directive 'disable_plaintext_auth = yes' in /etc/dovecot.conf which is consistent with the above error message. Changing this to 'no' and restarting dovecot enables remote client connections. I'm leery of changing anything on the ZEG server especially given this file's timestamp coincides with ZEG-2.3.2.ova suggesting it was explicitly edited for ZEG purposes. Being new to SOGo (and OpenChange and dovecot for that matter) I'm uncertain whether this represents a ZEG misconfiguration, though http://www.openchange.org/cookbook/backends/sogo/dovecot.html specifically suggests including 'disable_plaintext_auth = no'. Additionally, the limitations listed under the ZEG Support tab clearly state there's no SSL encryption support, presumably making plain text authentication critical. Is the 'disable_plaintext_auth = yes' directive an error in the ZEG dovecot configuration? Is there a preferable/recommended work-around? Any advice/suggestions appreciated. thanks, Damon -- users@sogo.nu https://inverse.ca/sogo/lists
