And you also tested the external with the {PLAIN} too, right? Well, maybe it also wants nopassword=y extra field. See http://wiki.dovecot.org/AuthDatabase/PasswdFile how to add it. Maybe I should add {ANY} or something that makes "accept any password" easy..
On 17.3.2010, at 0.41, Stephen Feyrer wrote: > Hi. > > It didn't work. I tried first with {EXTERNAL} and then with {PLAIN} the > result below was the same in both cases. > > --- > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > AUTH=EXTERNAL] Dovecot ready. > a LOGIN username-from-cert "" > a NO [ALERT] Unsupported authentication mechanism. > DONE > > -- > Thanks > > Stephen Feyrer > > On Tue, 16 Mar 2010 22:12:11 -0000, Timo Sirainen <t...@iki.fi> wrote: > >> On 17.3.2010, at 0.04, Stephen Feyrer wrote: >> >>> The tests using SASL and SASL-IR in Thunderbird both fail to authenticate. >>> I have tried using openssl s_client with the same result. I've run the >>> auth command in three ways just to be sure I got the second example right. >>> I even checked to make sure I've spelt my name right and the case of the >>> letters. >> >> EXTERNAL auth works only if this this also works: >> >> a LOGIN username-from-cert "" >> >> i.e. login with empty password. >> >>> passdb: >>> driver: passwd-file >>> args: /opt/etc/dovecot/passwd >>> userdb: >>> driver: passwd >>> >>> /opt/etc/dovecot/passwd >>> Stephen:{EXTERNAL} >> >> So try {PLAIN} here. >> >> >