[
https://issues.apache.org/jira/browse/JAMES-4207?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Felix updated JAMES-4207:
-------------------------
Description:
James sends ManageSieve capabilities after every successful AUTHENTICATE
command.
This was introduced with
[https://github.com/apache/james-project/commit/1819fddf13c88476a0766ccc91c81d66d14da682].
However, the relevant RFC (5804, section 4) states:
{code:java}
response-authenticate = *(string CRLF)
((response-ok [response-capability]) /
response-nobye)
;; <response-capability> is REQUIRED if a
;; SASL security layer was negotiated and
;; MUST be omitted otherwise.{code}
I think that all authentication mechanisms supported by James (PLAIN, LOGIN,
XOAUTH2, OAUTHBEARER) do not negotiate a SASL layer.
The server must therefore omit the capabilities.
There was a similar discussion here: [https://github.com/thsmi/sieve/issues/480]
I can confirm that the Roundcube webmail client does not expect capabilities
and fails to use managesieve with James.
was:
James sends ManageSieve capabilities after every successful AUTHENTICATE
command.
This was introduced with
https://github.com/apache/james-project/commit/1819fddf13c88476a0766ccc91c81d66d14da682.
However, the relevant RFC (5804, section 4) states:
response-authenticate = *(string CRLF)
((response-ok [response-capability]) /
response-nobye)
;; <response-capability> is REQUIRED if a
;; SASL security layer was negotiated and
;; MUST be omitted otherwise.
I think that all authentication mechanisms supported by James (PLAIN, LOGIN,
XOAUTH2, OAUTHBEARER) do not negotiate a SASL layer.
The server must therefore omit the capabilities.
There was a similar discussion here: [https://github.com/thsmi/sieve/issues/480]
I can confirm that the Roundcube webmail client does not expect capabilities
and fails to use managesieve with James.
> ManageSieve sends AUTHENTICATE
> ------------------------------
>
> Key: JAMES-4207
> URL: https://issues.apache.org/jira/browse/JAMES-4207
> Project: James Server
> Issue Type: Bug
> Affects Versions: master
> Reporter: Felix
> Priority: Major
>
> James sends ManageSieve capabilities after every successful AUTHENTICATE
> command.
> This was introduced with
> [https://github.com/apache/james-project/commit/1819fddf13c88476a0766ccc91c81d66d14da682].
>
> However, the relevant RFC (5804, section 4) states:
> {code:java}
> response-authenticate = *(string CRLF)
> ((response-ok [response-capability]) /
> response-nobye)
> ;; <response-capability> is REQUIRED if a
> ;; SASL security layer was negotiated and
> ;; MUST be omitted otherwise.{code}
> I think that all authentication mechanisms supported by James (PLAIN, LOGIN,
> XOAUTH2, OAUTHBEARER) do not negotiate a SASL layer.
> The server must therefore omit the capabilities.
> There was a similar discussion here:
> [https://github.com/thsmi/sieve/issues/480]
> I can confirm that the Roundcube webmail client does not expect capabilities
> and fails to use managesieve with James.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
