Skip to content

Plugin not working with dovecot imap server over unencrypted connection

Submitted by Martin Thierer

Assigned to Florian Rivoal

Link to original bug (#13443)

Description

Created attachment 7052 Check for CRAM-MD5 capability before checking for LOGINDISABLED

I can't use the plugin to check for new mail on my local dovecot server, which doesn't support encryption but hashed passwords (cram-md5) and has disabled plaintext logins as per dovecot default (disable_plaintext_auth=yes).

To prevent clients from sending credentials over an unencrypted connection when plaintext logins are disabled, it includes "LOGINDISABLED" in its capabilities if queried over an unsecure connection.

It also includes "CRAM-MD5" in the capabilities, but unfortunately that doesn't work with the mailwatch plugin because it checks for "LOGINDISABLED" first.

So I suggest to move the check for "LOGINDISABLED" behind the check for "CRAM-MD5" in libmailwatch-core/mailwatch-mailbox-imap.c.

The plugin works for me with this change and I can't see a harm in doing so.

Patch 7052, "Check for CRAM-MD5 capability before checking for LOGINDISABLED":
login.patch