[Dovecot] joys of transition.

Timo Sirainen tss at iki.fi
Thu Aug 14 20:08:13 EEST 2003 

On Thursday, Aug 14, 2003, at 19:31 Europe/Helsinki, Eric S. Johansson 
wrote:

> Aug 14 11:51:46 harvee dovecot-auth: PAM: pam_authenticate(esj) 
> failed: Authentication failure
>
> not very informative.  I already know that I can't login.  So I fire 
> up ethereal and capture the following transaction:

Well, that's as informative as you can get from PAM :) It means that 
PAM decided the password was wrong. Do you have /etc/pam.d/imap file 
set up correctly?

> 3 authenticate login
> 3 NO Unsupported authentication mechanism.
>
> hmm no unsupported authentication mechanism.  So that means all 
> authentication methods works right? ;-)

Either your client is stupid or it tries to work around stupid servers. 
LOGIN command should be accepted by all servers and "login" SASL 
mechanism is some old not-really-standard.

> looking a little further into the configuration, I see instructions to 
> change auth_methods to add plain in front of digest-md5 (or is it 
> digest_md5, both forms are present in the configuration file).  No 
> luck.  Doing so gives me the following error message:
>
> Fatal: Error in configuration file /usr/local/etc/dovecot.conf line 
> 430: Unknown setting: methods

Um.. You must have had at least one auth_methods line before or it 
wouldn't have worked.. And the default dovecot-example.conf contained 
only plain there.

> FYI, you probably could use a little bit more detail in the install 
> instructions.

Yes, I have plans to write them .. before 1.0 :)

>   For example instructing user to create a dovecot user and group name 
> would be useful as would be a startup/shutdown script for init.d.  I 
> also find the SSL configuration lacking.  On the other hand, I have 
> enough scar tissue from certificates and mini-CA setups to hate them 
> till the end of time. If I get them working better, I'll document and 
> send it to the list.

Yea, there really should be some easier ways to manage your own CAs. I 
found some certificate manager written with Qt (can't remember name), 
but something web based could be nice too.

More information about the dovecot mailing list