Need support for SASL authentication for IMAP



16 years ago
10 years ago


(Reporter: jamesrome, Assigned: Bienvenu)


Windows 2000

Firefox Tracking Flags

(Not tracked)




16 years ago
Many IMAP servers (mine included) cannot support SSL for IMAP, but can support
things like CRAM-MD5 for secure authentication. Mozilla needs to embrace these
other secure forms of authentication.

Comment 1

16 years ago
Mozilla supports CRAM-MD5 as of a couple weeks ago. There's a bug open about
supporting CRAM-DIGEST as well. Is there anything else that you can think of?

Comment 2

16 years ago
Wonderful. But it is quite unobvious as to how to use it. The IMAP dialog in the
4/17 build only haas SSL for IMAP.

Comment 3

16 years ago
I sniffed my conversation with the IMAP server, and indeed it seems to be
automatic! Way to go Mozilla folks!
Last Resolved: 16 years ago
Resolution: --- → FIXED

Comment 4

16 years ago
yes, it's automatic.

Comment 5

16 years ago
I do have a request for an enhancement on this fix.
I think it is important to let the user know that his IMAP password is being
transmitted encrypted, so some sort of icon should appear when this happens, or not.

Comment 6

16 years ago
Maybe I made a Chinese wish and got what I asked for, but didn't really want.
With the 2003042908 build, every time I access my secure POP server, I get a
message that the CRAM-MD5 authentication failed. Since it is POP over SSL,
CRAM-MD5 really isn't needed. But I like the idea of the message when they do
support CRAM-MD5, and it failed.

So, we need a way to indicate whether the server does CRAM-MD5 in the Server
Settings pane. If it doesn;t do it, the user could indicate that, and the error
messages would be supressed.

Comment 7

16 years ago
tomorrow's build with work with CRAM-MD5
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.