On Sat, Jul 22, 2006 at 08:18:26AM +0200, Pascal Gienger wrote: > Ross Boylan <ross@xxxxxxxxxxxxxxxx> wrote: > > >No; that was a transcription error. Sorry about that. > >So the original file has > >allowplaintext: yes > > This is the traditional imap plaintext login without sasl. IMAP4 has > plaintext authentication as a builtin. The syntax is My imapd.conf man page says "Allow use of the SASL PLAIN mechanism" Overview and Concepts doc says "To disallow the use of plaintext passwords for authentication, you can set allowplaintext: no in imapd.conf. This will still allow PLAIN under TLS, but IMAP LOGIN commands will now fail." My reading is that allowplaintext controls both IMAP login and SASL PLAIN, though the two documents seem to contradict each other at one point: the first implies a no disables SASL PLAIN completely, while the second says it is still permitted under TLS. As I noted in an earlier message, other documents may imply SASL PLAIN is never permitted except under encryption. Or they may imply it's never advertised except under encryption; I can't tell. Ross ---- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
