Kjetil Torgrim Homme wrote:
On Mon, 2006-04-03 at 09:48 -0500, Richard Wohlstadter wrote:
Nikola Milutinovic wrote:
I have set this option to "no". When I setup my client (Thunderbird) to use TLS
and PLAIN, it says "Server refused... blah, blah". When I set it to use SSL and
PLAIN, I can login.
We use Thunderbird 1.5 and it does not work(bug) with regards to TLS and
connecting to Cyrus so we currently use SSL as well. I just tested the
latest build of Thunderbird (Version 3 Alpha 1) and the TLS to cyrus
works fine. Looks like you need to wait for the next stable release of
Thunderbird or use the alpha.
I'd just like to confirm that Thunderbird 1.5 is broken. we refuse
logins until after STARTTLS, but Thunderbird considers that the
capability "LOGINDISABLED" means "login is disabled", not "the protocol
command LOGIN is disabled", so it will pop up a message about the server
not currently accepting logins and refuse to work.
if we remove LOGINDISABLED from the capability response, it will happily
try to authenticate _before_ STARTTLS, thereby sending the password in
the clear... it's amazing they could break IMAP this badly.
Hmm. I'm running Thunderbird on my local dev box (Cyrus 2.3 CVS) with
allowplaintext:0 and its behaves just fine.
--
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
