since I use SSL with all clients and the firewall only permits Imaps and forbits plain-text-imap-access to the mailserver, I haven't recognized the following problem until I tried to set up squirrelmail:
This is my normal configuration which works perfect with SSL-enabled clients:
Authentication {
allow plain auth in non ssl = "yes" /* allow login or
authenticate
when not in
SSL/TLS mode */ auth penalty = 2, /* on auth failure,
* server sleeps so
* many seconds
* before allowing
* client to
* authenticate
* again.
*/
disable starttls = "no"
}When I use squirrelmail, it can't connect to bincimap. When I use mozilla and disable ssl and connect to port 143, it doesn't work either.
Playing around with "disable starttls" and "allow plain auth in non ssl" didn't solve it.
It seems to me that binimap just doesn't want to speak to unencrypted clients.
I'm running bincimap with xinetd. It listens on both: 143 and 993.
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
group = root
instances = UNLIMITED
server = /usr/sbin/bincimap-up
server_args = --conf=/etc/bincimap/bincimap.conf --logtype=syslog -- /usr/bin/checkpassword /usr/sbin/bincimapd
log_type = SYSLOG daemon info
}
service imaps
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
group = root
instances = UNLIMITED
server = /usr/sbin/bincimap-up
server_args = --ssl --conf=/etc/bincimap/bincimap.conf --logtype=syslog -- /usr/bin/checkpassword /usr/sbin/bincimapd
log_type = SYSLOG daemon info
}
Authentication is done by checkpassword.
What am I doing wrong?
-- Volker Sauer * Alexanderstrasse 39/217 * 64283 Darmstadt Telefon: 06151-154260 * Mobil: 0179-6901475 * ICQ#98164307 mailto:[EMAIL PROTECTED] * http://www.volker-sauer.de PGPKey-Fingerprint: DB2611C7B12E0B2739992E4F7E354E4D5DD5D0E0
signature.asc
Description: OpenPGP digital signature
