LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 03-19-2009, 11:47 AM   #1
molafish
LQ Newbie
 
Registered: Aug 2007
Posts: 21

Rep: Reputation: 0
dovecot SSL/TLS non-PAM config went awry


I installed dovecot 1.1.3 from slackbuilds.org for Slackware 12.2. I'm using the following for the config:

Code:
# 1.1.3: /etc/dovecot.conf
protocols: imaps
ssl_cert_file: /etc/ssl/www.myhostname.net.crt
ssl_key_file: /etc/ssl/www.myhostname.net.key
login_dir: /var/run/dovecot/login
login_executable: /usr/libexec/dovecot/imap-login
auth default:
  passdb:
    driver: shadow
  userdb:
    driver: passwd
Problem is, when I try connecting with Outlook Express, it says none of the auth methods are possible:

Code:
IMAP: 01:22:24 [db] Connecting to 'www.myhostname.net' on port 993.
IMAP: 01:22:24 [db] OnNotify: asOld = 0, asNew = 4, ae = 0
IMAP: 01:22:24 [db] Negotiating secure connection with 'Microsoft Unified Security Protocol Provider'.
IMAP: 01:22:24 [db] OnNotify: asOld = 4, asNew = 6, ae = 2
IMAP: 01:22:24 [db] OnNotify: asOld = 6, asNew = 6, ae = 4
IMAP: 01:22:25 [db] OnNotify: asOld = 6, asNew = 5, ae = 2
IMAP: 01:22:25 [db] OnNotify: asOld = 5, asNew = 5, ae = 3
IMAP: 01:22:25 [rx] * OK Dovecot ready.
IMAP: 01:22:25 [tx] joj4 CAPABILITY
IMAP: 01:22:25 [db] OnNotify: asOld = 5, asNew = 5, ae = 3
IMAP: 01:22:25 [rx] * CAPABILITY IMAP4rev1 SASL-IR SORT THREAD=REFERENCES MULTIAPPEND UNSELECT LITERAL+ IDLE CHILDREN NAMESPACE LOGIN-REFERRALS UIDPLUS LIST-EXTENDED I18NLEVEL=1 AUTH=PLAIN
IMAP: 01:22:25 [rx] joj4 OK Capability completed.
IMAP: 01:22:25 [db] ERROR: "PLAIN authentication failed. None of the authentication methods supported by your IMAP server (if any) are supported on this computer.", hr=0x800CCCDF
IMAP: 01:22:25 [db] Connection to 'www.myhostname.net' closed.
IMAP: 01:22:25 [db] OnNotify: asOld = 5, asNew = 0, ae = 5
I see SASL-IR, and I see AUTH-PLAIN. How do I config dovecot to check the shadow file? I thought I had that right...

When I try adding other mechanisms in dovecot.conf:
Code:
mechanisms = plain login digest-md5 cram-md5
dovecot fails to start complaining that:

dovecot: Fatal: auth(default): DIGEST-MD5 mechanism can't be supported with given passdbs

and when digest is removed, this:

dovecot: Fatal: auth(default): CRAM-MD5 mechanism can't be supported with given passdbs

What do I have to do to easily enable imaps only connections using a SSL/TLS conection with non-PAM user and passwd lookup?
 
Old 03-19-2009, 11:59 PM   #2
molafish
LQ Newbie
 
Registered: Aug 2007
Posts: 21

Original Poster
Rep: Reputation: 0
dovecot seems to be configured fine, meaning I can connect to it and authenticate just fine with openssl s_client connect.

So that leaves OE as the offender. What is OE expecting dovecot to offer for authentication mechanisms?

Last edited by molafish; 03-20-2009 at 12:01 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
standard dovecot SSL config on slackware molafish Slackware 1 03-19-2009 11:48 AM
Simple Mailserver with sendmail, dovecot and SSL/TLS dsh Linux - Server 0 10-16-2008 02:11 PM
Dovecot - TLS doesnt work while SSL does extasic Linux - Server 2 10-07-2008 05:57 PM
Problem with Dovecot & TLS nukoso Linux - Server 1 06-09-2008 05:20 PM
dovecot-0.99.14 + pam error on slack 10.1 ddaas Slackware 2 06-01-2005 10:47 AM


All times are GMT -5. The time now is 09:42 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration