[Dovecot] MANAGESIEVE patch v5 for dovecot 1.0.2
Andreas Ntaflos
daff at dword.org
Wed Aug 1 19:52:21 EEST 2007
On Wednesday 01 August 2007 17:53:16 Stephan Bosch wrote:
> Hi Andreas,
>
> On Wed, 2007-08-01 at 16:45 +0200, Stephan Bosch wrote:
> > Most likely the problem relates to the fact that, unless configured
> > otherwise, dovecot will refuse to use plain text SASL mechanisms if the
> > connection is not encrypted. I haven't re-tested the STARTTLS command in
> > the last versions... I will give it a go.
>
> I gave it a go and STARTTLS still seems to work fine at my end. This
> test was performed using 'disable_plaintext_auth = yes' in the config
> file, forcing a _remote_ host to use TLS/SSL for all protocols.
Thanks for taking the time to investigate this further! I will try to provide
you with everything I can.
I have my server configured the same way, allowing only TLS connections for
plaintext login on the standard IMAP port 143. I shall attach the output of
dovecot -n.
> The gnutls-cli tool is very useful to test the STARTTLS command in
> various protocols. Using the --starttls switch the client starts in
> plaintext mode and starts the TLS negotiation when Ctrl-D is pressed.
>
> With the information you provide I could test it with your setup, but of
> course you can test it yourself as well.
I got this working just fine, using the method you described below. Of course
I had to base64-encode the "username\0username\0password" string first, which
is probably not so obvious to someone who doesn't have much experience
debugging authentication problems :)
I am using KMail 1.9.7 and KDE 3.5.7 to connect to the server (KDE has a
kioslave for sieve).
But seeing that connecting and authenticating worked fine with gnutls-cli this
seems to be a KMail- oder KDE-related problem?
Is there anything else I can provide? How do you want the connection log? As
the output of a tcpdump session?
Thanks again!
Andreas
# 1.0.2: /usr/local/etc/dovecot.conf
base_dir: /var/run/dovecot/
protocols: imap managesieve
listen(default): *
listen(imap): *
listen(managesieve): *:2000
ssl_cert_file: /etc/ssl/certs/pseudoterminal.org_dovecot.crt
ssl_key_file: /etc/ssl/private/pseudoterminal.org.key
login_dir(default): /var/run/dovecot//login
login_dir(imap): /var/run/dovecot//login
login_dir(managesieve): login
login_executable(default): /usr/local/libexec/dovecot/imap-login
login_executable(imap): /usr/local/libexec/dovecot/imap-login
login_executable(managesieve): /usr/local/libexec/dovecot/managesieve-login
mail_extra_groups: mail
mail_location: maildir:~/Maildir
maildir_copy_with_hardlinks: yes
mail_executable(default): /usr/local/libexec/dovecot/imap
mail_executable(imap): /usr/local/libexec/dovecot/imap
mail_executable(managesieve): /usr/local/libexec/dovecot/managesieve
mail_plugin_dir(default): /usr/local/lib/dovecot/imap
mail_plugin_dir(imap): /usr/local/lib/dovecot/imap
mail_plugin_dir(managesieve): /usr/local/lib/dovecot/managesieve
imap_client_workarounds(default): outlook-idle delay-newmail
tb-extra-mailbox-sep
imap_client_workarounds(imap): outlook-idle delay-newmail tb-extra-mailbox-sep
imap_client_workarounds(managesieve): outlook-idle
namespace:
type: public
separator: /
prefix: Public/
location:
maildir:/var/mail/public:CONTROL=~/Maildir/control/public:INDEX=~/Maildir/index/public
namespace:
type: private
separator: /
inbox: yes
auth default:
mechanisms: plain login
passdb:
driver: pam
userdb:
driver: passwd
socket:
type: listen
client:
path: /var/spool/postfix/private/auth
mode: 432
user: postfix
group: postfix
--
Andreas "daff" Ntaflos
Vienna, Austria
GPG Fingerprint: 6234 2E8E 5C81 C6CB E5EC 7E65 397C E2A8 090C A9B4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://dovecot.org/pipermail/dovecot/attachments/20070801/67ec5787/attachment.bin
More information about the dovecot
mailing list