On Fri, 21 Feb 2014, Marcus Schopen wrote:
> Hi,
>
> Am Freitag, den 21.02.2014, 17:23 +0100 schrieb Willy Offermans:
> [...]
>>
>>
>> I can answer my own question. I was indeed missing the authentication
>> mechanism. I added <sasl_mech_list: PLAIN LOGIN> to imapd.conf on the
>> back-end server and the replication worked.
>>
>> So I wonder how I can tell sync_client which authentication mechanism to
>> use? It seems like a feature request to me? or a hidden option to the
>> sync_client executable.
>
> That's an interesting question. I had a similar problem this week to
> force master and slave to sync via TLS. As long as the banner on slave
> side offered "DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN" to connection plain.
> I set "allowplaintext: no" and "sasl_mech_list: PLAIN" on slave and now
> both are talking PLAIN via TLS. So if there is an option on master side
> to force to login using eg. CRAM-MD5 then there might be an option too
> to force TLS.
>
>> I'm playing with replication now and testing what happens if one deletes
>> e-mails on the back-end server and not on the client. Will these mails be
>> restored on the back-end by replication and when?
>
> Don't understand, what is the client, the replica server?
Have you looked at the sasl_minimum_layer option?
sasl_minimum_layer: 0
The minimum SSF that the server will allow a client to
negotiate. A value of 1 requires integrity protection; any
higher value requires some amount of encryption.
Andy
----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
