Why would you want to, you are already using TLS so what do you expect to gain? plaintext+TLS
md5 suffers from multiple inadequacies - so it seems pretty pointless to me. M -- Merlin Hartley Computer Officer MRC Mitochondrial Biology Unit Cambridge, CB2 0XY United Kingdom > On 8 Oct 2017, at 21:21, Walter H. via Info-cyrus > <info-cyrus@lists.andrew.cmu.edu> wrote: > > Hello, > > when setting in squirrelmail > $imap_auth_mech = 'cram-md5'; > or > $imap_auth_mech = 'digest-md5'; > then the following is logged in /etc/maillog > > Oct 8 14:59:41 imap-host imaps[2042]: accepted connection > Oct 8 14:59:41 imap-host imaps[2042]: imapd:Loading DH parameters from file > Oct 8 14:59:41 imap-host imaps[2042]: SSL_accept() incomplete -> wait > Oct 8 14:59:41 imap-host imaps[2042]: SSL_accept() succeeded -> done > Oct 8 14:59:41 imap-host imaps[2042]: starttls: TLSv1 with cipher > DHE-RSA-AES256-SHA (256/256 bits new) no authentication > Oct 8 14:59:42 imap-host imaps[2042]: badlogin: host-running-squirrel > [IPv6-running-squirrel] DIGEST-MD5 [SASL(-13): user not found: no secret in > database] > > but, when setting in squirrelmail > $imap_auth_mech = 'login'; > then the following is logged and it works ... > > Oct 8 18:37:16 imap-host imaps[10530]: accepted connection > Oct 8 18:37:16 imap-host imaps[10530]: imapd:Loading DH parameters from file > Oct 8 18:37:16 imap-host imaps[10530]: SSL_accept() incomplete -> wait > Oct 8 18:37:16 imap-host imaps[10530]: SSL_accept() succeeded -> done > Oct 8 18:37:16 imap-host imaps[10530]: starttls: TLSv1 with cipher > DHE-RSA-AES256-SHA (256/256 bits new) no authentication > Oct 8 18:37:17 imap-host imaps[10530]: login: host-running-squirrel > [IPv6-running-squirrel] walter plaintext+TLS User logged in > > even /etc/imapd.conf is this: > > allowanonymouslogin: no > allowplaintext: no <-- > altnamespace: no > configdirectory: /var/lib/imap > partition-default: /var/spool/imap > admins: cyrus > sievedir: /var/lib/imap/sieve > sendmail: /usr/sbin/sendmail > servername: storage.mail > hashimapspool: true > sasl_pwcheck_method: saslauthd > sasl_mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 > tls_cert_file: /etc/pki/cyrus-imapd/tls.crt/mail-host.crt > tls_key_file: /etc/pki/cyrus-imapd/tls.key/mail-host.key > tls_ca_file: /etc/pki/cyrus-imapd/tls.crt/server-chain-sslca.crt > quotawarn: 95 > > sasldblistusers2 shows this: > > cyrus@imap-host: userPassword > > why I am unable to use digest-md5 or cram-md5? > or: what do I have to do to use digest-md5? > adding a user with saslpasswd2? > what is the 'appname'? > > Im using Centos 6 and the RPM packages of CentOS > > Thanks, > Walter > > > ---- > Cyrus Home Page: http://www.cyrusimap.org/ > List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ > To Unsubscribe: > https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus