On Tue, 22 Nov 2005 06:28:35 -0800 (PST), Mark Crispin wrote: > > On Tue, 22 Nov 2005, Roy Giles wrote: > > Could someone point me to a definition/description of the current imapd > > unauthenticated CAPABILITY responses in general and specifically the > > difference between AUTH=PLAIN and AUTH=LOGIN > > The specification for the CAPABILITY response is the IMAP specification > (RFC 3501). If you wish to write IMAP software, or otherwise have a > formal understanding of what CAPABILITY means, then you must refer to this > document (and frequently to various extension documents since capabilities > are typically implemented by extension documents). > > The AUTH=xxx capabilities define the SASL (RFC 2222, soon to be updated) > authentication mechanisms supported by the server. The PLAIN SASL > mechanism is described in RFC 2595 (soon to be updated) and is the way to > do userid/password authentication in SASL. > > The LOGIN SASL mechanism (not to be confused with the LOGIN command) is an > earlier, undocumented, long-deprecated mechanism and should not be used. > The *only* reason for keeping support around for the LOGIN SASL mechanism > is that some broken software does not handle PLAIN properly but can do > LOGIN. > > AUTH=LOGIN has nothing to do with the LOGIN command, except that the LOGIN > command is also long-deprecated and should not be used. > Thanks Mark, I had read some of the RFCs, just wondered if the responses had been collated anywhere to cover what was currently available; at least revisiting 3501 made some things clearer.
The AUTH=LOGIN versus AUTH=PLAIN query comes from trying to find out a little more about authentication between the IMAP server within Sun's Messaging Server and a connector they provide for Outlook. We use IMAP4rev1 2004.357 in our mail setup but I need the Sun Messaging Server on another server for their Calendar component. Our imap server for mail is :- [CAPABILITY IMAP4REV1 LITERAL+ SASL-IR LOGIN-REFERRALS STARTTLS AUTH=LOGIN] localhost IMAP4rev1 2004.357 while the one within the Sun Messaging/Calendar server is :- [CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS CHILDREN BINARY UNSELECT LANGUAGE XSENDER X-NETSCAPE XSERVERINFO AUTH=PLAIN] IMAP4 localhost service (Sun Java(tm) System Messaging Server 6.2-3.04 I can authenticate on both with plaintext password via telnet in the form :- a1 LOGIN user userpass This appears correct with the response from the first imap server but does the second indicate the broken software you mention in not handling PLAIN properly or am I missing something. Thanks, Roy Giles _______________________________________________ Imap-uw mailing list [email protected] https://mailman1.u.washington.edu/mailman/listinfo/imap-uw
