And you also tested the external with the {PLAIN} too, right? Well, maybe it also wants nopassword=y extra field. See http://wiki.dovecot.org/AuthDatabase/PasswdFile how to add it. Maybe I should add {ANY} or something that makes "accept any password" easy..
On 17.3.2010, at 0.41, Stephen Feyrer wrote:
Hi.
It didn't work. I tried first with {EXTERNAL} and then with {PLAIN} the result below was the same in both cases.
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=EXTERNAL] Dovecot ready. a LOGIN username-from-cert "" a NO [ALERT] Unsupported authentication mechanism. DONE
-- Thanks
Stephen Feyrer
On Tue, 16 Mar 2010 22:12:11 -0000, Timo Sirainen tss@iki.fi wrote:
On 17.3.2010, at 0.04, Stephen Feyrer wrote:
The tests using SASL and SASL-IR in Thunderbird both fail to authenticate. I have tried using openssl s_client with the same result. I've run the auth command in three ways just to be sure I got the second example right. I even checked to make sure I've spelt my name right and the case of the letters.
EXTERNAL auth works only if this this also works:
a LOGIN username-from-cert ""
i.e. login with empty password.
passdb: driver: passwd-file args: /opt/etc/dovecot/passwd userdb: driver: passwd
/opt/etc/dovecot/passwd Stephen:{EXTERNAL}
So try {PLAIN} here.