On Sun, 1 Jun 2014, Sam Varshavchik wrote: > Joe Laffey writes: > >> Hi, >> >> We recently upgraded our mail server and found that newer versions of >> Courier seem to have trouble with CRAM-MD5 authentication, at least when >> using SSL. >> >> I found this: >> >> http://www.courier-mta.org/imap/INSTALL.html#crammd5 >> >> and was able to get CRAM-MD5 to work with IMAP. However it still does not >> want to work with pop3-ssl or esmtp-ssl (for outgoing). >> >> I added "AUTH=CRAM-MD5" keyword to the IMAP_CAPABILITY environment >> variable. Is there something similar to pop or esmtp? > > Yes, see the POP3AUTH setting in the pop3d configuration file. >
Thanks for the reply. I think I have that set right, though (see below). I actually just tried it again with IMAP and the MD5 Challenge-Response on the latest iPhone is NOT working with IMAP (over SSL) Is it possible I need to use the *AUTH_TLS settings for when I am using SSL? Those are blank right now (see below). For instance, should I add md5 to ESMTPAUTH_TLS ? Thanks again. ##NAME: IMAP_CAPABILITY:1 # # IMAP_CAPABILITY specifies what most of the response should be to the # CAPABILITY command. # # If you have properly configured Courier to use CRAM-MD5, CRAM-SHA1, or # CRAM-SHA256 authentication (see INSTALL), set IMAP_CAPABILITY as follows: # # IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE AUTH=CRAM-MD5" ##NAME: IMAP_CAPABILITY_TLS:0 # # The following setting will advertise SASL PLAIN authentication after # STARTTLS is established. If you want to allow SASL PLAIN authentication # with or without TLS then just comment this out, and add AUTH=PLAIN to # IMAP_CAPABILITY IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN" This is what I have in /etc/courier/pop3d : # POP3AUTH="LOGIN" # # If you have configured the CRAM-MD5, CRAM-SHA1 or CRAM-SHA256, set POP3AUTH # to something like this: # # POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1" POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1" #POP3AUTH="" ##NAME: POP3AUTH_ORIG:1 # # For use by webadmin #POP3AUTH_ORIG="PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256" POP3AUTH_ORIG="LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256" ##NAME: POP3AUTH_TLS:1 # # To also advertise SASL PLAIN if SSL is enabled, uncomment the # POP3AUTH_TLS environment variable: # # POP3AUTH_TLS="LOGIN PLAIN" POP3AUTH_TLS="" ##NAME: POP3AUTH_TLS_ORIG:0 # # For use by webadmin POP3AUTH_TLS_ORIG="LOGIN PLAIN" In /etc/courier/esmptd I have: # ESMTPAUTH="LOGIN" # # You can also try PLAIN. CRAM-MD5, CRAM-SHA1, and CRAM-SHA256 may also be # specified, if CRAM authentication has been configured. See INSTALL for more # information. # #ESMTPAUTH="" ESMTPAUTH="LOGIN CRAM-MD5 PLAIN CRAM-SHA1 CRAM-SHA256" ##NAME: ESMTPAUTH_WEBADMIN:5 # # ESMTPAUTH_WEBADMIN is used by the webadmin module # # Don't touch this setting. ESMTPAUTH_WEBADMIN="LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256" ##NAME: ESMTPAUTHINFOTLS:3 # # To enable SASL PLAIN authentication when using TLS, uncomment the following. # To enable SASL PLAIN with or without TLS, just add PLAIN to ESMTPAUTH, # above: # # ESMTPAUTH_TLS="PLAIN LOGIN CRAM-MD5" # # ESMTPAUTH_TLS_WEBADMIN is used by the webadmin module ESMTPAUTH_TLS="" ##NAME: ESMTPAUTH_TLS_WEBADMIN:5 ESMTPAUTH_TLS_WEBADMIN="PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256" -- Joe Laffey The Stable Visual Effects http://TheStable.tv/?e34367M/ ------------------------------------------------------------------------------ Time is money. Stop wasting it! Get your web API in 5 minutes. www.restlet.com/download http://p.sf.net/sfu/restlet _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
