Setting up a Postfix mail server...

[ehazlett]

Yes I do have a file called imap in /etc/pam.d Here is what is in it:

#%PAM-1.0
auth required pam_unix2.so
account required pam_unix2.so


what now...?!!

evan hazlett

[Dolda2000]

All looks satisfactory. Do you get anything in the syslog (probably /var/log/messages or /var/log/secure in this case)?

[ehazlett]

I do get something that looks kind of strange... in /var/log/messages I have this:

May 11 20:12:35 netserv imapd[5493]: Login disabled user=ehazlett auth=ehazlett host=[137.178.177.21]
May 11 20:12:55 netserv imapd[5493]: Login disabled user=ehazlett auth=ehazlett host=[137.178.177.21]

That is my IMAP daemon right...? Why would my login be disabled?

Any thoughts...?

evan hazlett

[Dolda2000]

I looked at the source for imapd, and the only condition that can produce that error message is if plaintext authentication is disabled, which seems quite possible. Now that I think about it, I remember having that problem myself, too, but that was quite some time ago. Actually, I recall now that plaintext passwords are only permitted in SSL encrypted channels. That is, after all, quite sensible.
I guess you will have to make a decision. Do you want to keep it this was, and use SSL to connect to IMAP, or do you want to change it?
Using SSL is the most secure, after all. If you plan to use this over the internet, you shouldn't send plaintext passwords anyway unless over SSL, so in that case it would be for the best.
I really don't know which applications support IMAP over SSL, though. I guess most should, but I haven't checked.
If you want to change it, I think you will have to download the source code, since most of these programs' behaviour is determined during build-time. These programs aren't made with automake/autoconf, so there's no configure or so. You will have to build it with "make lnp" (for Linux with PAM authentication), but first you will have to edit the Makefile and change SSLTYPE to unix.

[ehazlett]

thanks Dolda...I still want to use it, so I guess I will try it with SSL
and see how things go... Thanks a lot man, I appreciate it...


evan hazlett

[ehazlett]

I was wondering if there was a main config file for UW IMAP like there is in cyrus? Also, there isnt much documentation on UW...
Now when I try to telnet I get this:

graphic:/home/ehazlett # telnet 137.178.177.10 imap
Trying 137.178.177.10...
Connected to 137.178.177.10.
Escape character is '^]'.
* OK [CAPABILITY IMAP4REV1 LOGIN-REFERRALS STARTTLS LOGINDISABLED] netserv.susenet.org IMAP4rev1 2002.332 at Tue, 13 May 2003 19:52:17 -0500 (EST)
LOGIN ehazlett
LOGIN BAD Command unrecognized/login please: EHAZLETT


Is this still the SSL issue...? And are there ANY commands that I can use...i.e. HELP, /?, etc.

thanks for all of your help

evan hazlett

[Dolda2000]

It seems that you dont know your IMAP protocol properly. A valid login command in IMAP would be something like "id LOGIN username password". id is the unique identifier that you have to give each command in IMAP. However, it still won't work, because it's still plaintext authentication. You know, you can't encrypt it over telnet. Use a user agent that is TLS capable instead.

And no, I don't think that there is any config file at all for UW IMAP. Everything that I know of is selected during build time.

I don't think it has any HELP command.

[ehazlett]

No, you are right, I do not know my IMAP at all. I was using some documentation that came with Cyrus IMAP. It said to do the telnet thing to test the IMAP server...?? Any way I will keep chugging along, although now, I am working with the cyrus package.

We'll see how it goess, and I will probably be back with some more questions...

thanks

evan hazlett