On Wed, 8 Feb 2023, Aki Tuomi wrote:
Can you try setting imapc_sasl_mechanisms to login, maybe it works better?
And Stephan Bosch <stephan@rename-it.nl> wrote:
Can you make a protocol log (tcp dump of commands sent by client and replies sent by server) for one of these sessions? e.g. using ngrep if connections aren't secured.
I was using imaps initially. Switching to imap over port 143 to do the tcpdump had the side effect of switching to LOGIN authentication, evidently uw-imap is sending different capability strings. It still doesn't work though. Both from the error and the dump I can tell "doveadm" is sending the user's id only without the "*masteruser" and the master user password.
Plain connection banner:
- OK [CAPABILITY IMAP4REV1 I18NLEVEL=1 LITERAL+ SASL-IR LOGIN-REFERRALS STARTTLS] foo.com IMAP4rev1 2007e.404 at Wed, 8 Feb 2023 16:45:22 -0500 (EST)
SSL Banner on 993:
- OK [CAPABILITY IMAP4REV1 I18NLEVEL=1 LITERAL+ SASL-IR LOGIN-REFERRALS AUTH=PLAIN AUTH=LOGIN] foo.com IMAP4rev1 2007e.404 at Wed, 8 Feb 2023 16:53:36 -0500 (EST)
On 08/02/2023 06:24 EET Chris Candreva <chris@westnet.com> wrote:
I'm migrating a legacy uw-imap system to Dovecot, on a Rocky (RHEL) 8 server running Dovecot 2.3.16-3 from their repos. I am using a master user to import all users for an imaps connection from the old server to the new. On a trial run however, it worked for about half the users. Half are giving an error of the form:
dsync(user): Error: imapc(host:993): Command '1 AUTHENTICATE PLAIN xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' failed with BAD: 1 Missing or invalid argument to AUTHENTICATE
I can't seem to get the IMAP command for the users that did work. However, on the face of it, that is an invalid AUTHENTICATE command. If I take that string and brake it up into (what I've googled is) the proper form of multi-command form of
1 AUTHENTICATE PLAIN + xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
then the login succeeds. I have not been able to find anyone else with this problem in my search. Is this a known issue, is there a way to force the multi-line AUTHENTICATE, something else I'm missing ? Any help is appreciate on this!
-Chris
--
======================================================================== Chris Candreva -- chris@westnet.com -- http://www.westnet.com/~chris
--
======================================================================== Chris Candreva -- chris@westnet.com -- http://www.westnet.com/~chris