Hello List(s), ...

When using saslauthd for authentication with a remote imap server, in this case perdition IMAP4, there seems to be a compatibility issue.

After LOGIN, perdition is sending the CAPABILITY tag before the OK.

saslauthd expects an OK, but receives the CAPABILITY first and then closes the connection.

saslauthd[8454] :do_auth : auth failure: [user=x@test.d250.hu] [service=imap] [realm=]

[mech=rimap] [reason=[ALERT] Unexpected response from remote authentication server]

I was able to alter the last lines of auth_rimap.c, and hack this out, but this should be implemented properly.

I assume, perdition behaves standard compliant within the IMAP4 protocol, however it could send the combined "a OK [CAPABILITY ... ]" as dovecot does. Is there a technical reason for the two separate messages? I was not able to manipulate this behavior with configuration arguments.

saslauthd on the other hand could read the CAPABILITY tag, skip it, and process the next tag to read an OK, and then close the connection, with the Unexpected response error eventually.

I'm not sure which is the more standard compliant approach, but if my assumption is correct, auth_rimap.c should be modified for increased compatibility.

Thank you, ...

Greetings,

Király István

+36 209 753 758

LaKing@D250.hu