update to imscp 1.4.7 /error > SASL DIGEST-MD5 authentication failed

  • After Update from 1.2.7 to 1.4.7 i got a lot error with mails.

    Client: Outlook 2010 and Outlook 2016

    Log: Aug 23 09:04:49 server3 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=80.22.2*.*, lip=136.243.*.*, session=<lhPpU2ZX+QBQhIRj>

    after adding to auth_mechanisms = plain login
    digest-md5 CRAM-MD5

    Log: Aug 23 10:19:48 server3 dovecot: imap-login: Disconnected (auth failed, 3 attempts in 27 secs): user=<user1@domain.com>, method=DIGEST-MD5, rip=80.22.2*.**, lip=136.243.*.*, session=<zgIy4mlXVQBQhIRj>
    after remove (Require logon using Secure Password Authentication (SPA)

    Client can Login but!!
    Now i cant Login (EM Client) and Roundcube.

    Log: Aug 23 20:48:12 server3 postfix/smtpd[3111]: warning: ip-178-******.unitymediagroup.de[178.202.*.*]: SASL DIGEST-MD5 authentication failed: PDIwOTkxNzgwNDA0Mjc1NDguMTUwMzUxNDA5MEBzZXJ2ZXIzPg==

    Server Debian Jessie 8.9
    imscp 1.4.7

    Saslfinger -s

  • In order to remove unencrypted PWDs from imscp's database (it's sha512 now), support for password-encryption for imap/pop3/smtp was no longer given. Thats why as of 1.4.x, only plain and login are available.

    => Have a look at erata-file for 1.4.x

    Background is:
    When you send the pwd encrypted to the server - md5 for example - the server needs to have the password stored unencrypted in the database in order to hash it the same way. By comparing his and your encrypted pwd, the server knows, if the password given was correct.

  • @biologist

    Thanks for answering.


    Next time please read the annoucements and errata file.

    See https://github.com/i-MSCP/imsc…md#mail-account-passwords

    Thread closed.