Re: Sarge Upgrade Problem Webmail (Imap)
Am 14.06.2005 um 09:06 schrieb VFJ - Damiaan Peeters:
> When i try to log in i get the error message:
> ERROR:
> Bad request: The IMAP server is reporting that plain text logins
> are disabled. Using CRAM-MD5 or DIGEST-MD5 authentication instead
> may work. Also, the use of TLS may allow SquirrelMail to
> login. Please contact your system administrator and report this
> error.
>
> I am not very familiar with (very) advanced server configuration
> (mail & apache), but i do understand very good the basics and
> basic security issues.
>
> What is the best (easiest?) way to fix this?
The error message tells you that your imap server does not allow a
plain text login. This is usually good practice, since passwords
are transmitted over the wire in clear text with this authentication
method.
However, your squirrelmail was configured to do plain authentication
only. So squirrelmail and your imap server share no common
authentication method and thus cannot communicate.
Option 1: Allow plain text logins on your imap server. Only do
this if your squirrelmail web server and the imap server
are on the same machine. And even then make sure the
imap server accepts plain text logins from the loop
interface only.
Option 2: Make squirrelmail use a more secure authentication
method. Have a look at "/etc/squirrelmail/conf.pl",
esp. on $imap_auth_meth and $use_imap_tls.
To see which authentication methods your imap server supports you can
telnet into it:
dennis@somehost:~# telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK IMAP4 ready.
001 capability
* CAPABILITY IMAP4 IMAP4rev1 IDLE AUTH=LOGIN AUTH=CRAM-MD5
001 OK CAPABILITY completed
001 logout
Regards,
Dennis
--
Send personal mail to dennis@... only. Off-list
mails to lists@stosberg.net will not reach me.
Reply to: