Josh Berry writes:
Hi there,I am running an IMAP mail server that supports both standard access (port 143) and TLS (port 993). I am trying to get Sun's JES calendar connector to work and it needs to authenticate with the server when it installs. When it tries to connect on port 143 I get the following log output: imapd: [ID 702911 mail.debug] Connection, ip=[::ffff:212.159.2.3] imapd: [ID 702911 mail.debug] LOGIN: ip=[::ffff:212.159.2.3], command=STARTTLS imapd: [ID 702911 mail.debug] LOGIN: ip=[::ffff:212.159.2.3], command=CAPABILITY imapd: [ID 702911 mail.debug] LOGIN: ip=[::ffff:212.159.2.3], command=AUTHENTICATE imapd: [ID 702911 mail.info] LOGIN, user=jberry, ip=[::ffff:212.159.2.3], protocol=IMAP Mar 28 16:21:19 pih-gkfe01 imapd: [ID 702911 mail.info] LOGOUT, user=jberry, ip=[::ffff:212.159.2.3], headers=0, body=0, time=1, starttls=1 Obviously it is not working ...
Obviously it's working perfectly. The log above clearly shows that you were able to log in as user "jberry", and then log out.
When I telnet into the server and run the same commands it just bombs out when I issue the AUTHENTICATE command.
Of course. STARTTLS enables encryption, from that point on the server is expceting an encrypted datastream, which you cannot provide in telnet. When you try to send a cleartext command, the server reads it as garbage, and closes the connection.
Also, keep in mind that the entire command does not get logged. The AUTHENTICATE command takes at least one, and possibly two parameters, which are not logged.
The above log file shows that you successfully logged in. There is no evidence of any server problem whatsoever.
So, what does this command do and what capabilities does the server need to accept this and authenticate the client?
Whatever commands your mail client sent, because it worked.
pgpR2khtUlVNZ.pgp
Description: PGP signature
