Still setting things up on the new server. Eric believes strongly in ASCII mail readers (he also uses vi, poor dear) so it was up to me to re-set-up IMAP so that I could use a mail reader more recent than 1956.
I had a lot of problems setting up the IMAP server…lots of authentication errors. I thought the problem was PAM. It wasn’t. Google is sometimes good for this thing and sometimes not — from googling about this I found a lot of people who had the problem but not a lot of answers about what to do about it.
So in the interest of putting something authoratative up and plugging google with the right keywords, here’s what I had and what solved it. If you’re not interested in really geeky unixy stuff you can skip the rest of this post.
I was using the IMAP server from the University of Washington, otherwise known as UW-IMAP. Its a good basic IMAP server. It compiles out of the box just fine. I set up xinetd to trigger it and it started up just fine. Then I got authentication errors from my mail readers: rejected logins. In /var/log/messages I got “Login disabled.” If I telnetted to port 143 (the IMAP port) I was seeing LOGINDISABLED messages there, too.
As I mentioned I thought initially the problem was PAM (pluggable authentication modules) and I spent some time mucking around with that. Then deep in a single google post I got a clue about what was really wrong.
The issue is that UW-IMAP, as compiled out of the box, does not accept plaintext passwords unless you are also running an SSL connection. Unfortunately as far as I can see mail readers DO send plaintext passwords. Its not a PAM issue.
To solve the problem, either connect to your IMAP server using SSL, or recompile UW-IMAP using the makefile option SSLTYPE=unix (eg “make rhl SSLTYPE=unix”). The IMAP server will accept plaintext passwords after that. I suppose you could also use a different form of authentication (CRAM-MD5 or kerberos or something, I dunno) but this solution worked for me.