IMAP crazies

Still setting things up on the new server. Eric believes strongly in ASCII mail readers (he also uses vi, poor dear) so it was up to me to re-set-up IMAP so that I could use a mail reader more recent than 1956.

I had a lot of problems setting up the IMAP server…lots of authentication errors. I thought the problem was PAM. It wasn’t. Google is sometimes good for this thing and sometimes not — from googling about this I found a lot of people who had the problem but not a lot of answers about what to do about it.

So in the interest of putting something authoratative up and plugging google with the right keywords, here’s what I had and what solved it. If you’re not interested in really geeky unixy stuff you can skip the rest of this post.

I was using the IMAP server from the University of Washington, otherwise known as UW-IMAP. Its a good basic IMAP server. It compiles out of the box just fine. I set up xinetd to trigger it and it started up just fine. Then I got authentication errors from my mail readers: rejected logins. In /var/log/messages I got “Login disabled.” If I telnetted to port 143 (the IMAP port) I was seeing LOGINDISABLED messages there, too.

As I mentioned I thought initially the problem was PAM (pluggable authentication modules) and I spent some time mucking around with that. Then deep in a single google post I got a clue about what was really wrong.

The issue is that UW-IMAP, as compiled out of the box, does not accept plaintext passwords unless you are also running an SSL connection. Unfortunately as far as I can see mail readers DO send plaintext passwords. Its not a PAM issue.

To solve the problem, either connect to your IMAP server using SSL, or recompile UW-IMAP using the makefile option SSLTYPE=unix (eg “make rhl SSLTYPE=unix”). The IMAP server will accept plaintext passwords after that. I suppose you could also use a different form of authentication (CRAM-MD5 or kerberos or something, I dunno) but this solution worked for me.

Yay! Imap!