[horde] Authentication issues
Ralf Lang
lang at b1-systems.de
Tue Jul 23 13:39:23 UTC 2013
On 23.07.2013 13:13, Steven Swarts wrote:
>
> On 23/07/2013 7:07 PM, Steven Swarts wrote:
>>
>> On 23/07/2013 5:11 PM, Ralf Lang wrote:
>>>>> You almost certainly don't want TLS on port 993. TLS is normally on
>>>>> port 143 (the standard IMAP port).
>>>>>
>>>> Forgive my ignorance but why is that?
>>> Because there is a difference between imap/starttls and imaps.
>>> imap/starttls should run on standard imap port while 993 is usually
>>> associated with imaps.
>>>
>>>
>>>
>>>
>> Ok that makes sense.
>>
>> So would this be better?
>>
>> // IMAP server
>> $servers['imap'] = array(
>> // ENABLED by default; will connect to IMAP port on local server
>> 'disabled' => false,
>> 'name' => 'Server',
>> 'hostspec' => 'localhost',
>> 'hordeauth' => full,
>> 'protocol' => 'imap',
>> 'port' => 993,
>> // Plaintext logins are disabled by default on IMAP servers (see
>> RFC 3501
>> // [6.2.3]), so TLS is the only guaranteed authentication
>> available by
>> // default.
>> 'secure' => 'ssl',
>> );
>>
>> The only reason I am harping on about port 993 is that is all that
>> works. I've tried connecting via 143 TLS and it doesn't work -
>> Something obviously wrong with Postfix/Dovecot I believe or again more
>> likely my lack of knowledge.
>>
>> I did read above that it was deprecated in favor of TLS on 143, but
>> without knowing how to set that up, i'm a little stuck.
>>
>> Regards,
>> Steve
> Just another thing I just tried the following:
>
> openssl s_client -connect mail.example.com:143 -starttls imap
>
> Is that a sufficient test for TLS over 143? If so it works logging in
> with all different users. So could I have this as my
> /imp/config/backends.local.php
>
> // IMAP server
> $servers['imap'] = array(
> // ENABLED by default; will connect to IMAP port on local server
> 'disabled' => false,
> 'name' => 'Server',
> 'hostspec' => 'localhost',
> 'hordeauth' => full,
> 'protocol' => 'imap',
> 'port' => 143,
> // Plaintext logins are disabled by default on IMAP servers (see RFC
> 3501
> // [6.2.3]), so TLS is the only guaranteed authentication available by
> // default.
> 'secure' => 'tls',
> );
>
> I seem to read between the lines that its the most approved method? Is
> that right?
>
> Sorry to ask so many questions but you guys are really helping me out.
You can activate the /test.php script in the horde/config/conf.php file
by setting ['testdisable'] = false;
Then, run /test.php?app=imp in your browser. It contains a test form for
imap connecttion.
--
Ralf Lang
Linux Consultant / Developer
Tel.: +49-170-6381563
Mail: lang at b1-systems.de
B1 Systems GmbH
Osterfeldstraße 7 / 85088 Vohburg / http://www.b1-systems.de
GF: Ralph Dehner / Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.horde.org/archives/horde/attachments/20130723/c659d262/attachment.bin>
More information about the horde
mailing list