Timo Sirainen explained:
Well, that's as informative as you can get from PAM :) It means that PAM decided the password was wrong. Do you have /etc/pam.d/imap file set up correctly?
don't know if it is correct but it is stock Red Hat. one more item for the install instructions.
[root@harvee doc]# more /etc/pam.d/imap #%PAM-1.0 auth required /lib/security/pam_stack.so service=system-auth account required /lib/security/pam_stack.so service=system-auth [root@harvee doc]#
Either your client is stupid or it tries to work around stupid servers. LOGIN command should be accepted by all servers and "login" SASL mechanism is some old not-really-standard.
I think I would choose the "stupid" option. I am using Mozilla 1.4 (the imap client on windows that sucks the least).
Fatal: Error in configuration file /usr/local/etc/dovecot.conf line 430: Unknown setting: methods
Um.. You must have had at least one auth_methods line before or it wouldn't have worked.. And the default dovecot-example.conf contained only plain there.
I think I understand. I screwed up my authentication definition because it wasn't clear. On a stock Red Hat system using password authentication, what works is:
auth_userdb = passwd auth_passdb = shadow
and leave the digest_md5 stuff alone (which I turned on in my confusion). But *yay* dovecot is working for me! Now all I need to do is turn on my inbox properly (and reclaim my 3300 messages from the old inbox) and I will be a happy camper.
Yes, I have plans to write them .. before 1.0 :)
ya right... just like my intention to rewrite the camram antispam system documentation/web site. It's at least a year out of date but at least I have working code for sender pays antispam with some other nice features accommodating the real world.
Yea, there really should be some easier ways to manage your own CAs. I found some certificate manager written with Qt (can't remember name), but something web based could be nice too.
I've been very happy with TinyCA. It's written in perl and uses tk for the GUI. It's not full featured but I found it hard to do things wrong. On the other hand, that might be a side effect of the scar tissue. ;-)
anyway, as I said above, I now have things working (more or less) and I will find out how well the indexing works as I gradually open different mailboxes on demand. I may play with maildir mailboxes if I can mix and match mbox and maildir in the same directory. playing the fire?
---eric