Hi,
I've spent a week trying to configure cyrus-imapd-2.1.15
to work with MS Outlook 2000 over TLS/SSL.
I see no way to fix it... maybe I've missed something?
System:
Slackware 9.1
openssl-09.7c
cyrus-imapd-cyrus-sasl-2.1.15
cyrus-imapd-2.1.15
compiled with no errors.
Mozilla Messanger, PINE - checked & work fine with it over port 993
MS Oultook -> (with the options [secure auth], work over SSL (port 993)) gives
an error "CRAM-MD5 auth failed"
IMAPD.log:
####################################################
imapd[25702]: starttls: TLSv1 with cipher RC4-MD5(128/128 bits new) no
authentication
imapd[25702]: badlogin: [213.152.132.32] NTLM [SASL(-13): user not found: no
secret in database]
###################################################
my imapd.conf:
###################################################
configdirectory: /usr/local/var/imap
partition-default: /usr/local/var/spool/imap
sieveusehomedir: false
admins: cyrus, ilya
allowanonymouslogin: no
allowplaintext: no
sendmail: /usr/sbin/sendmail
sasl_pwcheck_method: saslauthd
#sasl_mech_list:
srvtab: /etc/ssl
tls_ca_path: /etc/ssl
tls_ca_file: /etc/ssl/server.pem
tls_cert_file: /etc/ssl/server.pem
tls_key_file: /etc/ssl/server.pem
my cyrus.conf:
###################################################
# standard standalone server implementation
START {
# do not delete this entry!
recover cmd="ctl_cyrusdb -r"
# this is only necessary if using idled for IMAP IDLE
# idled cmd="idled"
}
# UNIX sockets start with a slash and are put into /var/imap/socket
SERVICES {
# add or remove based on preferences
imap cmd="imapd" listen="imap" prefork=0
imaps cmd="imapd -s" listen="imaps" prefork=0
pop3 cmd="pop3d" listen="pop3" prefork=0
pop3s cmd="pop3d -s" listen="pop3s" prefork=0
# sieve cmd="timsieved" listen="sieve" prefork=0
# at least one LMTP is required for delivery
# lmtp cmd="lmtpd" listen="lmtp" prefork=0
lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0
# this is only necessary if using notifications
# notify cmd="notifyd" listen="/var/imap/socket/notify" proto="udp"
prefork=1
}
EVENTS {
# this is required
checkpoint cmd="ctl_cyrusdb -c" period=30
# this is only necessary if using duplicate delivery suppression
delprune cmd="ctl_deliver -E 3" at=0400
# this is only necessary if caching TLS sessions
tlsprune cmd="tls_prune" at=0400
}
my imtest -u ilya -s output:
###################################################
[EMAIL PROTECTED]:~$ imtest -u ilya -s localhost
verify error:num=18:self signed certificate
TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits)
S: * OK torer Cyrus IMAP4 v2.1.15 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE
UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT
THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE AUTH=SRP AUTH=NTLM AUTH=PLAIN
AUTH=OTP AUTH=DIGEST-MD5 AUTH=CRAM-MD5
S: C01 OK Completed
C: A01 AUTHENTICATE SRP
S: +
Please enter your password:
C: AAAADAAEaWx5YQAEaWx5YQ==
S: + AAABIQEArGvbQTJKmpvxZt5eE4lYL69ytmUZh+4H/
DGSlD21YFCjcynLtKCZ7YGT4HV3Z6E91SMSq0sDMQ3Nf0ip2gT9UOgIOWntt2ewz2CVF5oWOrNmGgX71fqq6CkYqZYvC5O4Vfl5k
+yXXuqoDXQK2/T/dHNZ0EHVwz6nHSgeRGsUdzvKl7Q6I/
uAFna9IHpDbGSB8dK5B4cXRhpbnTLmiPh3SFRFI7UksNV9Xqd6J3XS7PoDLPvb9S
+zeGFgJ5AE5Xrmr4dOcwPOUymczAQce8MI2CpWmPOo0MOCca41+Onb
+7aUtcgD2J965DXeI21SX1R1m2XjcvzWjvIPpxEfnkr/cwABAhBJ7hWfe/7e2sJFsO
+sRX3PAAltZGE9U0hBLTE=
C: AAABDQEAq7MXJsdRD843HkUEX8cH/
wwTuk4WqoZl97ZQ4PBjHVsz6WO81idFeHBO0r4AzdRTfJmPo32HtgleOLphf1usROjnKH3amiih0Kc7p8b8IBH6ZuWJ7HjcaIir0WiSJV3MnYKC5tcrYfra6rhlhnNO7zOcpQfNrywq8qHG7AMdOaSZYR8n60uhD3fPEdcTqaF2bgbvPDAtcfXW8AiDsElbY401Ck9Xl8r1UVsx8T9Sv3QQrbaN9CxPX8T006
+HQfRHJy8S46wnTSwn7y6bYbuwBhrXwGYPNqU4ancS7mY9cTUMb/fPdROWUwGkEbKt/
c0vWiNu8aUqZ+2b0ijGt7q0mwAJbWRhPVNIQS0x
S: + AAABAgEAHfp4TXZTfSM+z0QC3NW4my/vcJOCoK0c/IJ5rjOSvP7XcBfbRFvIaKmR
+K8qjK8feFciImSB4w
+AuvtYArEuCXsTLAo31mFCWEfjQb8CkYQhqaWht3OIHpMHq2rcsS5hTWvszDQvx6eMhxoGSosJ82JSoXgDvQtP0WuhpvRdz8n88T4Y
+O3TEFmEz8hktFKK5nvEvsyisOWrADzrjJUfvx/F5tl1AFLpMFB2lWgQ+/2zCbGq9ID+bpS
+pfGoiY7WfntuLgVDiWbUZruTZyCAz2rKOICCASsVNtYVgAL0+WFeRfh/
sNQDtN1t6pJYKtXzn7zlgI67LaecWAVEGzSmsw==
C: AAAAFRQMsbnVGJCD5pP5opXUXUnLXefjnA==
S: + AAAAFRQKUgxKKRnoElg5H5Zj3wk1duK3jg==
C:
S: A01 OK Success (tls protection)
Authenticated.
Security strength factor: 256
