TLSv1 with cipher AES256-SHA (256/256 bits new) no authentication

Fri, 30 Sep 2005 06:49:28 -0700 

hi all,

i need a clue and guidance.
ive use saslauthd pam mech to pull out credentials from AD and that works nicely. 
some problems with tls, i need guidance and clue..
here are the logs from starting the imap server and a 'testuser' connecting to imaps using a mail client that is configured to use 'use secure authentication' (in thunderbird) and secure connection. it won't work and cant view mailbox. 

the logs gives me this error:

starttls: TLSv1 with cipher AES256-SHA (256/256 bits new) no authentication
but whenever i only choose use secure connection (SSL) it will give me this error. but i can view the mailbox OK. Seems like tls didnt work.
i followed the documentation from official cyrus docs. and i need to use TLS and not a plaintext+TLS combo. I bet that cyrus-imapd supports secure authentication, any leads on this? 

logs:

Sep 30 20:40:04 mail imaps[41090]: executed
Sep 30 20:40:04 mail imaps[41090]: accepted connection
Sep 30 20:40:04 mail imaps[41090]: mystore: starting txn 2147483650
Sep 30 20:40:04 mail imaps[41090]: mystore: committing txn 2147483650
Sep 30 20:40:04 mail imaps[41090]: starttls: TLSv1 with cipher AES256-SHA (256/256 bits new) no authentication 
Sep 30 20:40:08 mail pam_winbind[40911]: user 'testuser' granted access
Sep 30 20:40:08 mail kernel: Sep 30 20:40:08 mail pam_winbind[40911]: user 'testuser' granted access 
Sep 30 20:40:08 mail pam_winbind[40911]: user 'testuser' granted access
Sep 30 20:40:08 mail imaps[41090]: login: [2001:ec9:4007:0:dead::beef] testuser plaintext+TLS User logged in Sep 30 20:40:08 mail imaps[41090]: skiplist: recovered /var/imap/user/t/testuser.seen (2 records, 4328 bytes) in 0 seconds Sep 30 20:40:08 mail imaps[41090]: seen_db: user testuser opened /var/imap/user/t/testuser.seen 
Sep 30 20:40:08 mail imaps[41090]: open: user testuser opened INBOX

the config file
#cat /usr/local/etc/imapd.conf
servername: mail.domain.com
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: cyrus
sasl_pwcheck_method: saslauthd
sasl_mech_list: pam
sasl_minimum_layer: 1
sendmail: /usr/local/sbin/sendmail
singleinstancestore: yes
lmtp_admins: cyrus
imap_admins: cyrus
lmtpsocket: /var/imap/socket/lmtp
lmtp_downcase_rcpt: yes
notifysocket: /usr/local/cyrus/bin/notifyd
autocreateinboxfolders: Sent|Drafts|Trash
autosubscribeinboxfolders: Sent|Drafts|Trash
createonpost: yes
autocreatequota: 10485760
allowanonymouslogin: 0
tls_ca_file: /var/imap/ssl/ca-cert
tls_cert_file: /var/imap/ssl/server.pem
tls_key_file: /var/imap/ssl/server.pem

cyrus.conf
is the deafult, but i commented out imap, to give way to only imaps
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Reply via email to