I've installed SuSE 8.2 but I can't get POP3 or IMAP servers within the xinetd service to accept user logins, (I really want to use IMAP to set up a webmail server). The POP/IMAP server responds but I don't understand the login error I'm getting.

Shown below is the result of trying to telnet to the POP or IMAP server:
(user gavin exists on the machine and I can login as an ordinary user)

POP3 (Port 110)

linux:/etc # telnet 192.168.7.1 110
Trying 192.168.7.1...
Connected to 192.168.7.1.
Escape character is '^]'.
+OK POP3 linux.domain.name v2001.80 server ready
user gavin
-ERR Unknown AUTHORIZATION state command
^]
telnet> close
Connection closed.
linux:/etc #



IMAP (Port 143)

linux:/etc # telnet 192.168.7.1 143
Trying 192.168.7.1...
Connected to 192.168.7.1.
Escape character is '^]'.
* OK [CAPABILITY IMAP4REV1 LOGIN-REFERRALS STARTTLS LOGINDISABLED]
linux.domain.name IMAP4rev1 2002.332 at Tue, 28 Oct 2003 12:29:29
+0000 (GMT)
login gavin
login BAD Command unrecognized/login please: GAVIN
^]
telnet> close
Connection closed.
linux:/etc #


As far as I can see the error "ERR Unknown AUTHORIZATION state command" for the POP3 login is trying to say that the POP server didn't expect a user login at that point (in its current state). If I remember correctly the POP server is either in the AUTHORIZATION, TRANSACTION or UPDATE state. In each of these states it will only accept certain commands.

I suspect that I'm missing something VERY obvious - like by default each user has to somehow be "enabled" to allow access to its mail via POP3 / IMAP deamon?

ANY IDEAS?? Thanks,

Gavin

I had a similar problem on a box running RH 7.2. It was giving me "Bad login" error,
even though the user name and password were correct. The pop file from /etc/pam.d/ directory was missing.
You might be missing some configuration file required for authentication.

Hope this helps.

Thanks security_ece

You may be onto something here, PAM is something that I'm not familiar with. I've had a look at the man pages and I'm slowly getting the picture.

Can you point me a bit further in the right direction eg what should be in my /etc/pam.d/imap or pop3 configuration file, or where to look for more help?
Thanks.

Bit more info,

both files /etc/pam.d/pop3 and /etc/pam.d/imap contain:
#%PAM-1.0
auth required pam_unix2.so
account required pam_unix2.so

(the file /etc/pam.d/samba contains the same and that works ok)

Thanks again ...

The pam file contents for pop and imap are like this:

auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth

Check if it works for you, also check for the path for pam_stack.so OR Google
for these files for your distribution.

Don't seem to have a pam_stack.so in /lib/security.

I've tried the service=system-auth options to the existing pam_unix1.so commands but I still get the same error message.

I hope your /etc/pam.d/login file is correct.
An example(From web, I don't have any Suse box):

#%PAM-1.0
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_unix2.so
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_unix2.so
password required /lib/security/pam_unix2.so
session required /lib/security/pam_unix2.so

/etc/pam.d/pop or imap ........

#%PAM-1.0
auth required pam_unix2.so
account required pam_unix2.so

Yes I think so, its very similar ... although is the:
auth required pam_mail.so
line significant? When editing files in /etc/pam.d do I have to restart a service (like xinetd?) or do the changes take effects without this?

/etc/pam.d/login is:
#%PAM-1.0
auth requisite pam_unix2.so nullok #set_secrpc
auth required pam_securetty.so
auth required pam_nologin.so
#auth required pam_homecheck.so
auth required pam_env.so
auth required pam_mail.so
account required pam_unix2.so
password required pam_pwcheck.so nullok
password required pam_unix2.so nullok use_first_pass use_authtok
session required pam_unix2.so none # debug or trace
session required pam_limits.so


and /etc/pam.d/imap (and pop3)
#%PAM-1.0
auth required pam_unix2.so
account required pam_unix2.so

Thanks for all your help.