Problem logging in during testing
Alex JOST
jost+lists at dimejo.at
Mon Jun 15 19:11:39 UTC 2015
Am 15.06.2015 um 20:26 schrieb Felix Zielcke:
> Am Montag, den 15.06.2015, 13:33 -0400 schrieb Steve Matzura:
>> I think I have it now! Found info about *correctly* defining
>> namespaces. I now get the following when telnetting in, and it all
>> looks valid.
>>
>> Trying 127.0.0.1...
>> Connected to 127.0.0.1.
>> Escape character is '^]'.
>> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
>> IDLE STARTTLS AUTH=PLAIN] Dovecot ready.
>> a login <my-username> <my-password>
>> a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
>> IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS
>> THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT
>> CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE
>> QRESYNC
>> ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE
>> SPECIAL-USE] Logged in
>> a logout
>> * BYE Logging out
>> a OK Logout completed.
>> Connection closed by foreign host.
>>
>> If this is correct, then I'm off to add Postfix and get my mailing
>> lists back online.
>
> It looks like you don't enforce SSL/TLS.
> If you don't have any clients which are many years old you should do
> that.
> But of course it'S your own decision if you want your users passwords
> (and everything else) sent to your server in clear text over the wire
>
SSL is not enforced on localhost even when specifying ssl=required.
Take a look at the comment in /etc/dovecot/conf.d/10-ssl.conf:
# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
# disable plain pop3 and imap, allowed are only pop3+TLS,
# pop3s, imap+TLS and imaps
# plain imap and pop3 are still allowed for local connections
--
Alex JOST
More information about the dovecot
mailing list