Comments (8)
emersion
commented on July 23, 2024
1
You have to first issue a STARTTLS command, and then capabilities should include AUTH=PLAIN and you will be able to use the LOGIN command. This prevents the password from being sent in clear text over the network.
from go-imap.
Labutin
commented on July 23, 2024
Ok, look at
func (c *Client) StartTLS(tlsConfig *tls.Config) (err error)
at the end
c.isTLS = true
c.Caps = nil
return
it's reset Caps.
Ok, I can get it again
c.Capability()
log.Println(c.Caps)
if err = c.StartTLS(&tls.Config{InsecureSkipVerify: true}); err != nil {
log.Fatal(err)
}
log.Println(c.Caps)
c.Capability()
log.Println(c.Caps)
I see output:
map[IMAP4rev1:true IDLE:true STARTTLS:true ID:true ENABLE:true LOGINDISABLED:true LITERAL+:true SASL-IR:true LOGIN-REFERRALS:true]
map[]
map[ENABLE:true LOGINDISABLED:true AUTH=LOGIN:true LOGIN-REFERRALS:true LITERAL+:true SASL-IR:true ID:true IDLE:true IMAP4rev1:true]
capabilities doesn't include AUTH=PLAIN :(
from go-imap.
emersion
commented on July 23, 2024
You can set client.Debug = true to see the IMAP commands and responses.
Capabilities are reset after STARTTLS because they are out-of-date. So yeah, you should issue a CAPABILITY command to get the new capabilities.
It's strange that the list doesn't include AUTH=PLAIN, the protocol states that servers must send it. But the capability AUTH=LOGIN is included, so the LOGIN command should work (although this is non-standard).
What's the server you're trying to connect to?
from go-imap.
Labutin
commented on July 23, 2024
Is it possible to enable Debug on client?
I am trying to connect to Dovecot
Dovecot v2.2.24 (a82c823) starting up for imap, pop3, lmtp (core dumps disabled)
When I issue Login
if err := c.Login(opts.EmailUser, opts.EmailPasswd); err != nil {
log.Fatal(err)
}
I see error: Unsupported authentication mechanism.
And error in dovecot logs:dovecot: imap-login: Disconnected (tried to use unsupported auth mechanism): user=<>, method=PLAIN, rip=172.19.0.1, lip=172.19.0.2, TLS: Disconnected, session=
As I wrote in fist post Thunderbird can connect to Dovecot and it's uses LOGIN method
dovecot: imap-login: Login: user=, method=LOGIN, rip=172.19.0.1, lip=172.19.0.2, mpid=134, TLS, session=
from go-imap.
Labutin
commented on July 23, 2024
Here is full source code:
log.Println("Connecting to server...")
// Connect to server
c, err := client.Dial(opts.IMAPServer)
if err != nil {
log.Fatal(err)
}
log.Println("Connected")
// Don't forget to logout
defer c.Logout()
log.Println(c.Caps)
if err = c.StartTLS(&tls.Config{InsecureSkipVerify: true}); err != nil {
log.Fatal(err)
}
log.Println(c.Caps)
c.Capability()
delete(c.Caps, "LOGINDISABLED")
log.Println(c.Caps)
// Login
if err := c.Login(opts.EmailUser, opts.EmailPasswd); err != nil {
log.Fatal(err)
}
log.Println("Logged in")
and this is output
Connecting to server...
Connected
map[ENABLE:true LOGINDISABLED:true IMAP4rev1:true LITERAL+:true SASL-IR:true LOGIN-REFERRALS:true ID:true IDLE:true STARTTLS:true]
map[]
map[IDLE:true AUTH=LOGIN:true IMAP4rev1:true LITERAL+:true LOGIN-REFERRALS:true SASL-IR:true ID:true ENABLE:true]
Unsupported authentication mechanism.
If I remove
delete(c.Caps, "LOGINDISABLED")
output is
Connecting to server...
Connected
map[IMAP4rev1:true SASL-IR:true ENABLE:true IDLE:true STARTTLS:true LOGINDISABLED:true LITERAL+:true LOGIN-REFERRALS:true ID:true]
map[]
map[SASL-IR:true AUTH=LOGIN:true ID:true ENABLE:true IDLE:true LOGINDISABLED:true IMAP4rev1:true LITERAL+:true LOGIN-REFERRALS:true]
Login is disabled in current state
from go-imap.
emersion
commented on July 23, 2024
Wow, your server config is weird. Is it your own server?
I finally found out that AUTH=LOGIN is an obsolete authentication mechanism:
The LOGIN SASL mechanism is obsoleted in favor of the PLAIN
SASL mechanism.
See https://tools.ietf.org/html/draft-murchison-sasl-login-00
So to make this work, the thing to do is to implement AUTH=LOGIN in https://github.com/emersion/go-sasl
It would be kind of wasted time because this mechanism is obsolete. If you can change your server config to enable AUTH=PLAIN that would be better.
from go-imap.
Labutin
commented on July 23, 2024
I see. Thank you.
My config was:
disable_plaintext_auth = yes
auth_mechanisms = login
I have changed to:
disable_plaintext_auth = yes
auth_mechanisms = login plain
And now I can connect to Dovecot!!!
from go-imap.
emersion
commented on July 23, 2024
Perfect, glad it works :)
from go-imap.
Related Issues (20)
- v1: move doesn't move emails in Gmail IMAP
- Search with criteria returns empty data HOT 8
- v2: why not give some demo? HOT 1
- DialTLS with self-signed certificate HOT 2
- v2: FETCH can produce empty/imcomplete message (imapclient.FetchMessageBuffer) HOT 4
- Trouble Implementing Proxies in IMAP Client HOT 5
- feature: don't request CAPABILITY after auth/login if they are returned in auth response HOT 9
- FetchCommand.Collect/Close/Next stuck when no result is returned HOT 3
- NumUnseen is used instead of NumDeleted HOT 4
- v2 client: Envelope.MessageID returns raw value? HOT 1
- v2: imapserver: user.Append panic on nil AppendOptions HOT 2
- idea: fixtures in tests (or simething like that) HOT 2
- v2: in capability-data: imapwire: expected atom, got \"\\r\"" HOT 6
- v2: client: support custom tls.Config{} in DialTLS() and DialStartTLS() HOT 2
- Implement limits for parser HOT 1
- v2: client: Close race conditions HOT 4
- v2 client: Status with ststusOption nil hangs HOT 1
- v2 STORE flags not returned HOT 2
- v2 DebugWriter breaks LOGIN or any imap command HOT 2
- v2 Invokes Client.conn.Close multiple times producing errors HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from go-imap.