I haven't tried it with 2.3.6, but PLAIN should work.
I would suggest starting with
sasl_mech_list: PLAIN
in all your imapd.conf files (make sure it says only PLAIN).
and make sure there is no
force_sasl_client_mech
lines anywhere.
Then make sure you can use imtest (with -m PLAIN and -t "" (for
tls)) to connect to backends, and then see if the backends will
communicate correctly.
-Patrick
On Jul 6, 2006, at 2:32 PM, Andrew Findlay wrote:
On Thu, Jul 06, 2006 at 11:43:50AM -0400, Patrick Radtke wrote:
We use PLAIN to authenticate between all the machines in our murder.
That is very interesting. I found that I had to enable MD5 because
the backends (and mupdate?) would not accept lower-strength
authentication. PLAIN would be preferable for several reasons.
What version of Cyrus are you using?
2.3.6
do you have a
sasl_mech_list:
line in your imapd.conf?
That is commented out at the moment, to allow MD5. I started with
PLAIN and LOGIN only.
Can you auth using imtest and DIGEST-MD5?
Yes
Do you support other mechanisms for users?
I would like to support PLAIN, LOGIN, and DIGEST-MD5, but the latter
requires a plaintext password database so it will probably be judged
too risky.
Thanks
Andrew
--
----------------------------------------------------------------------
-
| From Andrew Findlay, Skills 1st
Ltd |
| Consultant in large-scale systems, networks, and directory
services |
| http://www.skills-1st.co.uk/ +44 1628
782565 |
----------------------------------------------------------------------
-
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
