[imp] Re: IMP and Cyrus - unencrypted login to localhost
impossible?
Tornoci Laszlo
torlasz@xenia.sote.hu
Thu Nov 21 16:43:57 2002
On Thu, 21 Nov 2002, Markus Gaugusch wrote:
> On Nov 21, Horst Simon <Horst.Simon@oz.quest.com> wrote:
> > I hope there is someone with a solution to this one. I have the same
> > problem, where imp wants to authenticate to sasldb2, but not to pam,
> > every other client works ok. It is probably hard coded into php.
> I have come to another conclusion: IMP (PHP) asks the server of known auth
> mechs. Since CRAM-MD5 is stronger than plain, it doesn't use plain. I'll
> try to disable other auth mechs an the cyrus server, but it is bad
> nevertheless.
Yes, it is not a problem with IMP. You need to tell Cyrus-imapd not to
offer anything else but PLAIN as an auth mech, and then you are ok.
Just make sure imap/notls is used only through localhost (I use iptables
for this). These lines in /etc/imapd.conf will make Cyrus offer only PLAIN:
allowplaintext: yes
sasl_mech_list: PLAIN
There is no need to recompile cyrus as someone else suggested on this
list.
Yours: Laszlo
--
----------------------------------------------------------------------
Laszlo L Tornoci Inst Pathophysiology
E-mail: torlasz@xenia.sote.hu Semmelweis Univ Med School
torlasz@net.sote.hu Nagyvarad ter 4.
fax: (36-1)-210-4409 Budapest, H-1089, Hungary
----------------------------------------------------------------------
More information about the imp
mailing list