On Aug 16, 2011, at 11:59 AM, Christian Balzer wrote:
The log from Apple mail shows:
READ Aug 14 21:00:09.405 [kCFStreamSocketSecurityLevelNegotiatedSSL] --
host:imap_host -- port:993 -- socket:0x7fb51fc20b60 --
thread:0x7fb51f125e10
* OK [CAPABILITY IMAP4 AUTH=LOGIN LITERAL+ IMAP4REV1] perdition ready on
imap_host 0002b2fb
WROTE Aug 14 21:00:09.413 [kCFStreamSocketSecurityLevelNegotiatedSSL]
-- host:imap_host -- port:993 -- socket:0x7fb51fc20b60 --
thread:0x7fb51fb448e0 1.219 AUTHENTICATE LOGIN
READ Aug 14 21:00:09.437 [kCFStreamSocketSecurityLevelNegotiatedSSL] --
host:imap_host -- port:993 -- socket:0x7fb51fc20b60 --
thread:0x7fb51fb448e0 1.219 NO AUTHENTICATE mechanism not supported, mate
I know that there are some issues with latest Apple Mail
(
http://goo.gl/RmCGc), but I am unable to resolve them.
Does anyone of you have a similar case and knows how to resolve it? I
have tried to change the imap_capability, but it does not resolve the
issue.
This is rather strange, because we fixed that problem by removing
AUTH=PLAIN from the capabilities string, which had no place being there in
the first place (cut and paste from the dovecot capabilities).
Note that the apple mail client tries to use this even when SASL itself
was not announced, somebody taking mighty big liberties with the RFC at
apple there.
You will likely want to remove that AUTH=LOGIN capability and reload
perdition.
For what it's worth, this seems to work for us right now with a dovecot
1.2 backend, note the absence of all AUTH bits:
Thank you for the hint. Did you experience any problems with the clients after removing
AUTH values?
Our dovecot installation lists AUTH versions, that is why we are still sticking to it.
* CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT SORT=DISPLAY
THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE CHILDREN NAMESPACE UIDPLUS
LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH
LIST-STATUS QUOTA AUTH=PLAIN AUTH=LOGIN
Thank you in advance,
regards, Jernej