Re: IMAP plain text authentication
- From: Myroslava Dzikovska <myros cs rochester edu>
- To: Pawel Salek <pawsa theochem kth se>
- Cc: balsa-list gnome org
- Subject: Re: IMAP plain text authentication
- Date: Wed, 24 Oct 2001 18:14:01 -0400
OK, so I recompiled the newest version, balsa 1.2.1 with SSL. Now I get
this message
/C=Russia/L=Moscow/O.U.= Zenon N.S.P. Certificate
This certificate accepted but not verified!!!
SSL connection using TLSv1/SSLv3(RC4-SHA)
CRAM-MD5 authentication failed
Where do I go from here? Looks like I won't get any help from the sysadmin
- since several people are using it with windows programs with no
problems, and Netscape on my system works, he says I should look
for trouble in my settings, and that's it. Any suggestions about what else
can I check would be appreciated.
A couple of questions in relation to it. I'm behind a firewall. Can this
be causing trouble? Also, would it make any difference if I compiled
--with-sasl? I actually tried, but there's a file missing from the
disctribution (mutt_sasl.c), how do I get it?
Myrosia
>
> On 2001.10.24 17:40 Myroslava Dzikovska wrote:
> > Oh, I should have mentioned this. I have no problems connecting with
> > Netscape 4.77 from the same machine. Also, older Balsa (1.0.0) still
> > complains that CRAM-MD5 authentication failed, but lets me see the
> > mailbox.
>
> The capabilities list would be useful to confirm my theory about it. I
> think the server advertises as being capable to do CRAM-MD5. Older balsa
> tried first CRAM-MD5 and when it failed, tried LOGIN.
>
> The current balsa stops the authentication process if CRAM-MD5 fails - and
> it
> makes sense. I think there are some cracking schemes (downgrading attacks)
> that attempt to enforce weakest authentication method available. The
> algorithm balsa uses now (i.e. use strongest method available, or fail)
> protects against it.
>
> The bottom line is: one should verify if the server claims to support
> CRAM-MD5. If it does, you will need to talk to you system administrator.
> But please, start from verifying the server capabilities.
>
> /Pawel
>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]