[imp] SASL authentication in IMP-6.1.0beta1

Simon B simon.buongiorno at gmail.com
Fri May 17 09:27:11 UTC 2013


On 17 May 2013 10:54, Arjen de Korte <arjen+horde at de-korte.org> wrote:
>
> Citeren Simon B <simon.buongiorno at gmail.com>:
>
>> On 17 May 2013 10:10, Simon B <simon.buongiorno at gmail.com> wrote:
>>>
>>> On 15 May 2013 19:58, Michael M Slusarz <slusarz at horde.org> wrote:
>>>>
>>>> Quoting Jan Schneider <jan at horde.org>:
>>>>
>>>>> Zitat von Arjen de Korte <arjen+horde at de-korte.org>:
>>>>>
>>>>>> Citeren Jan Schneider <jan at horde.org>:
>>>>>>
>>>>>>> Zitat von Arjen de Korte <arjen+horde at de-korte.org>:
>>>>>>>
>>>>>>>> I'm currently trying out the latest PEAR beta packages. I can't get
>>>>>>>> the
>>>>>>>> SASL authentication to work. Previously, I've used the configuration
>>>>>>>> in the
>>>>>>>> Mailer tab from the Horde configuration, with the
>>>>>>>> $conf[mailer][params][username] and $conf[mailer][params][password]
>>>>>>>> fields
>>>>>>>> empty. With the -stable versions so far, this has always resulted in
>>>>>>>> Horde
>>>>>>>> using the login credentials (which is what I want, since I use the
>>>>>>>> same
>>>>>>>> credentials for IMAP and SMTP). This no longer works. Both the
>>>>>>>> username and
>>>>>>>> password presented to the SMTP server are now empty. If I hardcode
>>>>>>>> these in
>>>>>>>> the Mailer tab to an existing username:password combination, it
>>>>>>>> works, but
>>>>>>>> this will only work as long as I have one user (myself) on the
>>>>>>>> testing
>>>>>>>> system, since the SMTP server also checks if the logged-in user is
>>>>>>>> allowed
>>>>>>>> to use the sender address. Is this still under development (and
>>>>>>>> should I
>>>>>>>> just be a little more patient) or am I missing something in the
>>>>>>>> configuration?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Sounds like a bug.
>>>>>>
>>>>>>
>>>>>>
>>>>>> I'm not sure. When I enter the same information from the Mailer tab in
>>>>>> 'imp/config/backends.local.php', it works as before. Could it be this
>>>>>> is the
>>>>>> future method of configuration of the SASL authentication and that the
>>>>>> Mailer tab will be deprecated soon?
>>>>>
>>>>>
>>>>>
>>>>> No, the global mailer configuration is still required for applications
>>>>> other than IMP. And authentication with the current user's credentials
>>>>> will
>>>>> always be supported.
>>>>
>>>>
>>>>
>>>> FWIW, I require authentication to my SMTP server and it works fine for
>>>> me
>>>> configured in Horde's config.
>>>
>>>
>>> I've run into this problem too.  Although I am running Git.
>>>
>>> For the record here is my 6.0 config vs the 6.1
>>>
>>>  15     'smtp' => array(
>>>  16         'auth' => true,
>>>  17         'debug' => false,
>>>  18         'localhost' => 'localhost',
>>>  19         'host' => 'mail.example.net',
>>>  20         'port' => 587,
>>>  21         'password' => null,
>>>  22         'username' => null
>>>
>>> 437 #    'smtp' => array(
>>> 438 #        'auth' => true,
>>> 439 #        'localhost' => 'localhost',
>>> 440 #        'host' => 'mail.example.net',
>>> 441 #        'port' => 587,
>>> 442 #        'username' => null,
>>> 443 #        'password' => null,
>>>
>>> I can't have all the users authenticating with my account.  What do you
>>> suggest?
>>>
>>
>> I should have added the maillogs
>> May 17 08:12:05 mail postfix/submission/smtpd[20028]: connect from
>> localhost[127.0.0.1]
>> May 17 08:12:05 mail postfix/submission/smtpd[20028]: setting up TLS
>> connection from localhost[127.0.0.1]
>> May 17 08:12:05 mail postfix/submission/smtpd[20028]: Anonymous TLS
>> connection established from localhost[127.0.0.1]: TLSv1 with cipher
>> DHE-RSA-AES256-SHA (256/256 bits)
>> May 17 08:12:05 mail dovecot: auth(default): login(?,127.0.0.1): Empty
>> username
>> May 17 08:12:07 mail postfix/submission/smtpd[20028]: warning:
>> localhost[127.0.0.1]: SASL LOGIN authentication failed: VXNlcm5hbWU6
>>
>> VXNlcm5hbWU6 decodes to Username:
>>
>> Is this an error on my part?
>
>
> The below works for me in IMP-6.1.0beta2 (from
> 'imp/config/backends.local.php'):
>
>     'smtp' => array(
>         'auth' => true,
>         'debug' => false,
>         'localhost' => 'localhost',
>         'host' => 'localhost',
>         'password' => null,
>         'port' => 587,
>         'username' => null
>     ),

Making this change makes no difference, I have the same error.  Given
that I only updated the backends.local.php to enable the spam
reporting - which has failed spectactularly - I restored the old one,
and I still can't send.


> In Horde-5.0.4, the following used to be enough in 'config/conf.php' to
> achieve the same
>
>     $conf['mailer']['params']['port'] = 587;
>     $conf['mailer']['params']['auth'] = true;
>     $conf['mailer']['type'] = 'smtp';
>
> but this no longer works in the beta versions. From comments Michael made in
> http://bugs.horde.org/ticket/12255, I assume there was a change in policy.

I had a look at the ticket and I didn't understand it :)

in config/conf.php I have:

 92 $conf['mailer']['params']['host'] = 'localhost';
 93 $conf['mailer']['params']['port'] = 587;
 94 $conf['mailer']['params']['auth'] = 'LOGIN';
 95 $conf['mailer']['type'] = 'smtp';

If I change login to true, I get the same error, minus the line about
the SASL Login failing (i.e. empty username).


> In case people why on earth I'm using SMTP authentication when connecting
> through localhost, I have Postfix setup (with smtpd_sender_login_maps and
> smtpd_sender_restrictions=reject_sender_login_mismatch) to check if a sender
> is allowed to use a sender address (to prevent senders spoofing messages).

Yes, this is why I have it to - it's best practice.

Simon


More information about the imp mailing list