Hide Forgot
From Bugzilla Helper: User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; YComp 5.0.0.0) Description of problem: Latest RawHide imap-2002b-5 doesn't allow "LOGIN" authentication method by default. This breaks SquirrleMail since it relies on plaintext LOGIN method. SquirrelMail at present only supports using stunnel for IMAPS implementation. Version-Release number of selected component (if applicable): 1.2.10-4 How reproducible: Always Steps to Reproduce: 1. Install Squirrlemail 1.2.10-4 2. Install imap-2002b-5 3. Login to imap server via Squirrlemail. Actual Results: Login rejected - Squirrlemail doesn't support STARTTLS or alternate Plaintext Login methods Expected Results: Successful login. Additional info: Changing IMAP to use SSLTYPE=unix instead of SSLTYPE=unix.nopwd via spec fixes the issue (but breaks IESG security requirement of disabling plaintext w/o STARTTLS) Filing here because the imap change is "better" as long as SquirrelMail is capable of using STARTTLS or an alternate login method.
Squirrelmail 1.4.0 when combined with PHP 4.3.0 or higher will support TLS authentication.