Robert Scussel schrieb am Wed, Dec 12, 2001 at 09:51:21PM -0500: * Thanks, first of all for the help getting cyrus working with * saslauthd-pam... * * I have been trying for days now to get the latest IMP(3.0) with the * latest Horde(2.0) to work with cyrus. The problem now is that imp tries * to use the protocol imap to logon, which then tries to logon via * * CRAM-MD5, sasldb2, and even kerberos * * It doesn't appear to try pam/plain/saslauthd login.
Most webmailers I saw (e.g. aeromail, twig) did a CAPABILITY upon connect and tried to do the most secure authentication first. So if your server lists CRAM-MD5 in its capability list, the webmailer will try that before trying PLAIN. We debugged this down to the code of imap-2001 which is the library that is mostly used by PHP for IMAP issues. So if you set up a PHP webmailer, you can't help this behaviour because its hardcoded into the lib. We finally did a very nasty workaround: As we use LDAP-via-PAM as authen- tication backend, we do not need the sasldb - and when completely removing /etc/sasldb, Cyrus IMAP stops sending CRAM-MD5 in its capability list. - Birger
