[imp] SASL authentication in IMP-6.1.0beta1

Arjen de Korte arjen+horde at de-korte.org
Fri May 17 08:54:42 UTC 2013 

Citeren Simon B <simon.buongiorno at gmail.com>:

> On 17 May 2013 10:10, Simon B <simon.buongiorno at gmail.com> wrote:
>> On 15 May 2013 19:58, Michael M Slusarz <slusarz at horde.org> wrote:
>>> Quoting Jan Schneider <jan at horde.org>:
>>>
>>>> Zitat von Arjen de Korte <arjen+horde at de-korte.org>:
>>>>
>>>>> Citeren Jan Schneider <jan at horde.org>:
>>>>>
>>>>>> Zitat von Arjen de Korte <arjen+horde at de-korte.org>:
>>>>>>
>>>>>>> I'm currently trying out the latest PEAR beta packages. I can't get the
>>>>>>> SASL authentication to work. Previously, I've used the  
>>>>>>> configuration in the
>>>>>>> Mailer tab from the Horde configuration, with the
>>>>>>> $conf[mailer][params][username] and  
>>>>>>> $conf[mailer][params][password] fields
>>>>>>> empty. With the -stable versions so far, this has always  
>>>>>>> resulted in Horde
>>>>>>> using the login credentials (which is what I want, since I use the same
>>>>>>> credentials for IMAP and SMTP). This no longer works. Both the  
>>>>>>> username and
>>>>>>> password presented to the SMTP server are now empty. If I  
>>>>>>> hardcode these in
>>>>>>> the Mailer tab to an existing username:password combination,  
>>>>>>> it works, but
>>>>>>> this will only work as long as I have one user (myself) on the testing
>>>>>>> system, since the SMTP server also checks if the logged-in  
>>>>>>> user is allowed
>>>>>>> to use the sender address. Is this still under development  
>>>>>>> (and should I
>>>>>>> just be a little more patient) or am I missing something in the
>>>>>>> configuration?
>>>>>>
>>>>>>
>>>>>> Sounds like a bug.
>>>>>
>>>>>
>>>>> I'm not sure. When I enter the same information from the Mailer tab in
>>>>> 'imp/config/backends.local.php', it works as before. Could it be  
>>>>> this is the
>>>>> future method of configuration of the SASL authentication and that the
>>>>> Mailer tab will be deprecated soon?
>>>>
>>>>
>>>> No, the global mailer configuration is still required for applications
>>>> other than IMP. And authentication with the current user's  
>>>> credentials will
>>>> always be supported.
>>>
>>>
>>> FWIW, I require authentication to my SMTP server and it works fine for me
>>> configured in Horde's config.
>>
>> I've run into this problem too.  Although I am running Git.
>>
>> For the record here is my 6.0 config vs the 6.1
>>
>>  15     'smtp' => array(
>>  16         'auth' => true,
>>  17         'debug' => false,
>>  18         'localhost' => 'localhost',
>>  19         'host' => 'mail.example.net',
>>  20         'port' => 587,
>>  21         'password' => null,
>>  22         'username' => null
>>
>> 437 #    'smtp' => array(
>> 438 #        'auth' => true,
>> 439 #        'localhost' => 'localhost',
>> 440 #        'host' => 'mail.example.net',
>> 441 #        'port' => 587,
>> 442 #        'username' => null,
>> 443 #        'password' => null,
>>
>> I can't have all the users authenticating with my account.  What do  
>> you suggest?
>>
>
> I should have added the maillogs
> May 17 08:12:05 mail postfix/submission/smtpd[20028]: connect from
> localhost[127.0.0.1]
> May 17 08:12:05 mail postfix/submission/smtpd[20028]: setting up TLS
> connection from localhost[127.0.0.1]
> May 17 08:12:05 mail postfix/submission/smtpd[20028]: Anonymous TLS
> connection established from localhost[127.0.0.1]: TLSv1 with cipher
> DHE-RSA-AES256-SHA (256/256 bits)
> May 17 08:12:05 mail dovecot: auth(default): login(?,127.0.0.1):  
> Empty username
> May 17 08:12:07 mail postfix/submission/smtpd[20028]: warning:
> localhost[127.0.0.1]: SASL LOGIN authentication failed: VXNlcm5hbWU6
>
> VXNlcm5hbWU6 decodes to Username:
>
> Is this an error on my part?

The below works for me in IMP-6.1.0beta2 (from  
'imp/config/backends.local.php'):

     'smtp' => array(
         'auth' => true,
         'debug' => false,
         'localhost' => 'localhost',
         'host' => 'localhost',
         'password' => null,
         'port' => 587,
         'username' => null
     ),

In Horde-5.0.4, the following used to be enough in 'config/conf.php'  
to achieve the same

     $conf['mailer']['params']['port'] = 587;
     $conf['mailer']['params']['auth'] = true;
     $conf['mailer']['type'] = 'smtp';

but this no longer works in the beta versions. From comments Michael  
made in http://bugs.horde.org/ticket/12255, I assume there was a  
change in policy.

In case people why on earth I'm using SMTP authentication when  
connecting through localhost, I have Postfix setup (with  
smtpd_sender_login_maps and  
smtpd_sender_restrictions=reject_sender_login_mismatch) to check if a  
sender is allowed to use a sender address (to prevent senders spoofing  
messages).

More information about the imp mailing list