Enable Plan Text login for imap/pop3 in a proxy environment

Ask questions about your setup or get help installing ZCS server (ZD section below).
Post Reply
steven.wong
Posts: 5
Joined: Sat Sep 13, 2014 2:32 am

Enable Plan Text login for imap/pop3 in a proxy environment

Post by steven.wong »

Hi ,
We had the followign setup as below and we want to enable Clear text login for imap/pop3 service in a proxy environment.
1) 2 Proxy servers which proxy web/imap/pop3 traffic to mbx01

2) 2 MTA servers that handle smtp connection

3) 2 ldap servers handling ldap requests.
I already tried the following but it won't work. Can anyone help?
1) directly modify nginx configuration to change "starttls" to "on" in proxy01 but the configuration get override once zimbra was restarted(zmcontrol restart)
2) Already set IMAP/POP3 to enable clear text login and restarted zimbra service in proxy01
[zimbra@proxy01 includes]$ zmprov gs `zmhostname` | grep -i Cleartext

zimbraCalendarCalDavClearTextPasswordEnabled: TRUE

zimbraImapCleartextLoginEnabled: TRUE

zimbraMailClearTextPasswordEnabled: TRUE

zimbraPop3CleartextLoginEnabled: TRUE
3) Also tried to disable anx re-enable imapporyx in proxy01 but still don't work.
zmprov -l ms `zmhostname` -zimbraServiceEnabled imapproxy

zmcontrol restart

zmprov -l ms `zmhostname` +zimbraServiceEnabled imapproxy

zmcontrol restart

zmprov -l proxy01.example/.com zimbraPop3BindPort 110 zimbraPop3SSLBindPort 995 zimbraPop3ProxyBindPort 7110 zimbraPop3SSLProxyBindPort 7995 zimbraImapBindPort 143 zimbraImapSSLBindPort 993 zimbraImapProxyBindPort 7143 zimbraImapSSLProxyBindPort 7993

zmcontrol restart

zmproxyconfig -m -d -p 7110:110:7995:995 -H proxy01.example.com

zmproxyconfig -m -e -p 7110:110:7995:995 -H proxy01.example.com

zmproxyconfig -m -d -i 7143:143:7993:993 -H proxy01.example.com

zmproxyconfig -m -e -i 7143:143:7993:993 -H proxy01.example.com

zmcontrol restart
Thanks,

Steven
steven.wong
Posts: 5
Joined: Sat Sep 13, 2014 2:32 am

Enable Plan Text login for imap/pop3 in a proxy environment

Post by steven.wong »

Hi,
I fixed by myself, the key is that zimbraReverseProxyPop3StartTlsMode and zimbraReverseProxyIMAPStartTlsMode is set to "only".
I change it by
[zimbra@proxy01 includes]$ zmprov mcf zimbraReverseProxyImapStartTlsMode on

[zimbra@proxy01 includes]$ zmprov mcf zimbraReverseProxyPop3StartTlsMode on

[zimbra@proxy01 includes]$ zmprov gcf zimbraReverseProxyPop3StartTlsMode

zimbraReverseProxyPop3StartTlsMode: on

[zimbra@proxy01 includes]$ zmprov gcf zimbraReverseProxyImapStartTlsMode

zimbraReverseProxyImapStartTlsMode: on


Thanks,

Steven
Service
Elite member
Elite member
Posts: 1023
Joined: Tue Apr 14, 2009 2:44 pm

Enable Plan Text login for imap/pop3 in a proxy environment

Post by Service »

Thanks for posting that. We have a similar problem, and that info will come in handy.
Our current mail server is all clear-text. We desperately want to get off of it and got to SMTPS/IMAPS/POPS, but we have hundreds of users who will have to update their clients on Monday morning bright and early. We just need the mail to work for now, and we'll migrate each city to secure login all next week.
Thanks again. Usually, when you ask that question in any online forum, you just get scolded about how bad an idea clear text logins are. I already KNOW that and want to get away from them. But in the real world, we have to deal with changing hundreds of users overnight. Ain't going to happen. Our support phone lines will explode and melt.
Post Reply