[Dovecot] TLS Issues - Plain Text login?
I'm trying to setup IMAP, so that it works via secure connections. I have it working fine over SSL, now I wish to get TLS to work.
I have set imap and imaps to both listen on *, and have disable_plaintext_auth = yes, which according to the docs, Disable LOGIN command and all other plaintext authentications unless SSL/TLS is used (LOGINDISABLED capability).
So the problem is now, that TLS doesn't work. Trying it with thunderbird, I get a message about login being disabled, and to check my settings and such. The port is correct (imap, not imaps), and I have it to always use TLS. I see the following in my logs Jul 14 16:35:46 mafeking dovecot: imap-login: Aborted login: rip=58.7.136.163, lip=203.30.47.34, TLS
Any ideas? To me it appears to be using TLS, so why doesn't thunderbird work? Is it the LOGINDISABLED capa keyword? Is it dovecot telling Thunderbird the wrong capa when using TLS?
It all works fine with SSL, and the port (in thunderbird) set to the imaps port. The logs show lines like below when using SSL. Jul 14 16:36:32 mafeking dovecot: imap-login: Login: user=<joeblogs>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Any ideas? Or should I just force SSL?
Thanks
Tim (using RC2)
Linux Counter user #273956 Don't email joeblogs@scouts.org.au
- Timothy White, 2006-07-14 10:41
[...] So the problem is now, that TLS doesn't work. Trying it with thunderbird, I get a message about login being disabled, and to check my settings and such. The port is correct (imap, not imaps), and I have it to always use TLS. [...]
What version of TB are you using? The TLS-over-non-SSL bug was introduced with TB 1.5, and only got fixed in TB 1.5.0.4.
http://weblogs.mozillazine.org/rumblingedge/archives/2006/05/1-5-0-4.html https://bugzilla.mozilla.org/show_bug.cgi?id=312009
HTH, Thomas
=-------------------------------------------------------------------------=
- Thomas "ZlatkO" Zajic <zlatko@gmx.at> Linux-2.6.17 & Thunderbird-1.5 -
"It is not easy to cut through a human head with a hacksaw." (M. C.) -
hi,
this is a thunderbird bug. should be fixed in the next release of thunderbird. workaround it with using IMAP over SSL (993).
darix
-- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org
participants (3)
-
Marcus Rueckert
-
Thomas Zajic [Dovecot]
-
Timothy White