1 Topic by sst

  • sst
  • Member
  • Offline
  • Registered: 2018-11-28
  • Posts: 1

Topic: Dovecot Non-plaintext authentication support

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.8 PGSQL edition.
- Linux/BSD distribution name and version: Ubuntu 16.04.5 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): PGSQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi, we are setting up a new iRedMail server and we would like to support
Dovecot plaintext AND Non-plaintext authentication.

We changed the Dovecot auth mechanism to
/etc/dovecot/dovecot.conf:auth_mechanisms = plain cram-md5 digest-md5 SCRAM-SHA-1
but cram-md5 authentication fails every time.

In settings.py we have:
DEFAULT_PASSWORD_SCHEME = 'SSHA512'

A note in default_settings.py says, that as we are using a SQL backend, multiple passwords are not supported.

Can we support non-plaintext authentication methods while we are using a SQL backend?
How do we have to configure this?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Dovecot Non-plaintext authentication support

Try changes below in dovecot.conf:

# It's set to "required" by default.
ssl = yes

# it's set to "yes" by default.
disable_plaintext_auth = no

Note: both parameters exist in dovecot.conf, just replace their values and restart dovecot service.