Problem logging in during testing

Steve Matzura number6 at noisynotes.com
Mon Jun 15 23:30:59 UTC 2015


On Mon, 15 Jun 2015 21:11:39 +0200, you wrote:

>Am 15.06.2015 um 20:26 schrieb Felix Zielcke:
>> Am Montag, den 15.06.2015, 13:33 -0400 schrieb Steve Matzura:
>>> I think I have it now! Found info about *correctly* defining
>>> namespaces. I now get the following when telnetting in, and it all
>>> looks valid.
>>>
>>> Trying 127.0.0.1...
>>> Connected to 127.0.0.1.
>>> Escape character is '^]'.
>>> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
>>> IDLE STARTTLS AUTH=PLAIN] Dovecot ready.
>>> a login <my-username> <my-password>
>>> a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
>>> IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS
>>> THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT
>>> CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE
>>> QRESYNC
>>> ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE
>>> SPECIAL-USE] Logged in
>>> a logout
>>> * BYE Logging out
>>> a OK Logout completed.
>>> Connection closed by foreign host.
>>>
>>> If this is correct, then I'm off to add Postfix and get my mailing
>>> lists back online.
>>
>> It looks like you don't enforce SSL/TLS.
>> If you don't have any clients which are many years old you should do
>> that.
>> But of course it'S your own decision if you want your users passwords
>> (and everything else) sent to your server in clear text over the wire
>>
>
>SSL is not enforced on localhost even when specifying ssl=required.
>
>Take a look at the comment in /etc/dovecot/conf.d/10-ssl.conf:
>	# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
>	# disable plain pop3 and imap, allowed are only pop3+TLS,
>	# pop3s, imap+TLS and imaps
>	# plain imap and pop3 are still allowed for local connections

That's what I thought. I have not had the opportunity to test this
from another system yet.


More information about the dovecot mailing list