Red Hat Bugzilla – Bug 72941
imap_open fails with pmdf V6.1 mail servers
Last modified: 2007-04-18 12:46:09 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.5 (X11; Linux i686; U;) Gecko/20020606
Description of problem:
since the update to php-4.1.2-7.2.3/4 imap_open() fails with mail servers
running pmdf V6.1 software (OpenVWM). No errors on the php-side and on the pmdf
side only a "LOGIN-E-SYSTEM-LOGIN-bad-auth ..." is logged. It seems a problem of
authentication method. Other mail server seem not affected.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. imap_open() to a server running pmdf V6.1 (Example mail server of University
of Basel, Switzerland)
2. downgrade to php 4.0.6 --> it works
3. update back to php 4.1.2 --> fails
Actual Results: nothing, just a warning with no errors in imap_errors(),
Expected Results: either success or an error message, but not just nothing.
See second comment in #65190
*** This bug has been marked as a duplicate of 65190 ***
OK, found the bug. it is not a duplicate of 65190, however.
The problem is that imap_open() uses now cram-md5 as default. If now the mail
server only accepts plain authentication, php-imap and mailserver to not
communicate and simply drop out. There is one workaround which is to recompile
php-imap without cram-md5 support. To do this, edit the file
ext/imap/php_imap.c. Comment out the line auth_link( &cram... ); then rebuild
the rpm and than you can use imap_open() with plain authentication again!
Does the server advertise CRAM-MD5 as an available authentication method? (To
check with a POP server, telnet to the server's port (110) and issue the "CAPA"
and "QUIT" commands and scan the results for "AUTH=CRAM-MD5", to check with an
IMAP server, telnet to the port (143) and issue "A CAPABILITY", then "B LOGOUT".)
The imap client code unconditionally uses CRAM-MD5 if the server advertises that
it's capable of using CRAM-MD5 (per md5.txt from the imap-devel documentation),
and disabling it for the world at large would undoubtedly leave certain users
unable to connect to their servers.