[Dovecot] MANAGESIEVE patch v5 for dovecot 1.0.2

Andreas Ntaflos daff at dword.org
Wed Aug 1 19:52:21 EEST 2007


On Wednesday 01 August 2007 17:53:16 Stephan Bosch wrote:
> Hi Andreas,
>
> On Wed, 2007-08-01 at 16:45 +0200, Stephan Bosch wrote:
> > Most likely the problem relates to the fact that, unless configured
> > otherwise, dovecot will refuse to use plain text SASL mechanisms if the
> > connection is not encrypted. I haven't re-tested the STARTTLS command in
> > the last versions... I will give it a go.
>
> I gave it a go and STARTTLS still seems to work fine at my end. This
> test was performed using 'disable_plaintext_auth = yes' in the config
> file, forcing a _remote_ host to use TLS/SSL for all protocols.

Thanks for taking the time to investigate this further! I will try to provide 
you with everything I can.

I have my server configured the same way, allowing only TLS connections for 
plaintext login on the standard IMAP port 143. I shall attach the output of 
dovecot -n.

> The gnutls-cli tool is very useful to test the STARTTLS command in
> various protocols. Using the --starttls switch the client starts in
> plaintext mode and starts the TLS negotiation when Ctrl-D is pressed.
>
> With the information you provide I could test it with your setup, but of
> course you can test it yourself as well.

I got this working just fine, using the method you described below. Of course 
I had to base64-encode the "username\0username\0password" string first, which 
is probably not so obvious to someone who doesn't have much experience 
debugging authentication problems :)

I am using KMail 1.9.7 and KDE 3.5.7 to connect to the server (KDE has a 
kioslave for sieve). 

But seeing that connecting and authenticating worked fine with gnutls-cli this 
seems to be a KMail- oder KDE-related problem?

Is there anything else I can provide? How do you want the connection log? As 
the output of a tcpdump session? 

Thanks again!

Andreas

# 1.0.2: /usr/local/etc/dovecot.conf
base_dir: /var/run/dovecot/
protocols: imap managesieve
listen(default): *
listen(imap): *
listen(managesieve): *:2000
ssl_cert_file: /etc/ssl/certs/pseudoterminal.org_dovecot.crt
ssl_key_file: /etc/ssl/private/pseudoterminal.org.key
login_dir(default): /var/run/dovecot//login
login_dir(imap): /var/run/dovecot//login
login_dir(managesieve): login
login_executable(default): /usr/local/libexec/dovecot/imap-login
login_executable(imap): /usr/local/libexec/dovecot/imap-login
login_executable(managesieve): /usr/local/libexec/dovecot/managesieve-login
mail_extra_groups: mail
mail_location: maildir:~/Maildir
maildir_copy_with_hardlinks: yes
mail_executable(default): /usr/local/libexec/dovecot/imap
mail_executable(imap): /usr/local/libexec/dovecot/imap
mail_executable(managesieve): /usr/local/libexec/dovecot/managesieve
mail_plugin_dir(default): /usr/local/lib/dovecot/imap
mail_plugin_dir(imap): /usr/local/lib/dovecot/imap
mail_plugin_dir(managesieve): /usr/local/lib/dovecot/managesieve
imap_client_workarounds(default): outlook-idle delay-newmail 
tb-extra-mailbox-sep
imap_client_workarounds(imap): outlook-idle delay-newmail tb-extra-mailbox-sep
imap_client_workarounds(managesieve): outlook-idle
namespace:
  type: public
  separator: /
  prefix: Public/
  location: 
maildir:/var/mail/public:CONTROL=~/Maildir/control/public:INDEX=~/Maildir/index/public
namespace:
  type: private
  separator: /
  inbox: yes
auth default:
  mechanisms: plain login
  passdb:
    driver: pam
  userdb:
    driver: passwd
  socket:
    type: listen
    client:
      path: /var/spool/postfix/private/auth
      mode: 432
      user: postfix
      group: postfix

-- 
Andreas "daff" Ntaflos
Vienna, Austria

GPG Fingerprint: 6234 2E8E 5C81 C6CB E5EC  7E65 397C E2A8 090C A9B4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://dovecot.org/pipermail/dovecot/attachments/20070801/67ec5787/attachment.bin 


More information about the dovecot mailing list