Roundcube Community Forum

Release Support => Pending Issues => Topic started by: vasileiosg on October 26, 2015, 03:11:16 AM

Title: [SOLVED] Plaintext authentication not allowed
Post by: vasileiosg on October 26, 2015, 03:11:16 AM
Hello all,

I have setup a bit complicated system here:

mail server: os x
db server: opensuse
web server: opensuse
file server: os x

Roundcube is on the file server and being used by the web server through NFS. No problems here. SQL db also works fine.

The problem is in the authentication between mail server and roundcube. I get the following error:

Code: [Select]
<amrgs96p> IMAP Error: Login failed for xxx from xxx. LOGIN: Plaintext authentication not allowed without SSL/TLS, but your client did it anyway. If anyone was listening, the password was exposed. in program/lib/Roundcube/rcube_imap.php on line 198 (POST /mail/?_task=login?_task=login&_action=login)
After researching a bit more, i did the following changes in defaults.inc.php

change:
$rcmail_config['default_host'] = 'xxx';
to:
$rcmail_config['default_host'] = 'ssl://%n';
 
 
change:
$rcmail_config['default_port'] = 143;
to:
$rcmail_config['default_port'] = 993;
 
The error though remains. Except enabling plaintext. is there any other way i can fix this?

Thanks.
Title: Re: Plaintext authentication not allowed
Post by: alec on October 26, 2015, 04:21:37 AM
You should not touch defaults.inc.php. You probably have these options also in config.inc.php which has precedence.
Title: Re: Plaintext authentication not allowed
Post by: vasileiosg on October 26, 2015, 09:58:33 AM
ok my bad, i reset the file to the original and i moved the settings to the config file. I also should have mentioned that the $rcmail_config is actually $config, it is just that i quickly copy/pasted it from another location.

Either way, the issue remains. Anyone faced a similar issue before perhaps?
Title: Re: Plaintext authentication not allowed
Post by: vasileiosg on October 27, 2015, 03:10:40 AM
Hello,

I managed to fix the original issue. I indeed had to put the settings in the config file and point to the correct port. However, i still cannot connect with another message:

<amrgs96p> IMAP Error: Login failed for xxx from xxx. Authentication not allowed until SSL/TLS is enabled. in program/lib/Roundcube/rcube_imap.php on line 198 (POST /mail/?_task=login?_task=login&_action=login)


I keep this thread open because i want all the information to be in one place in case someone else faces the same issue.

any help would be appreciated.
Title: Re: Plaintext authentication not allowed
Post by: vasileiosg on February 05, 2016, 09:10:21 AM
So sad to answer my own post...

the problem is with dovecot. It appears there is a configuration file named:

/Library/Server/Mail/Config/dovecot/conf.d/10-ssl.conf

In that file the following line is active: ssl = required

That setting apparently overrides what disable_plaintext_auth has to say.

After commenting out the ssl=required entry it works.