Hi ,
We had the followign setup as below and we want to enable Clear text login for imap/pop3 service in a proxy environment.
1) 2 Proxy servers which proxy web/imap/pop3 traffic to mbx01
2) 2 MTA servers that handle smtp connection
3) 2 ldap servers handling ldap requests.
I already tried the following but it won't work. Can anyone help?
1) directly modify nginx configuration to change "starttls" to "on" in proxy01 but the configuration get override once zimbra was restarted(zmcontrol restart)
2) Already set IMAP/POP3 to enable clear text login and restarted zimbra service in proxy01
[zimbra@proxy01 includes]$ zmprov gs `zmhostname` | grep -i Cleartext
zimbraCalendarCalDavClearTextPasswordEnabled: TRUE
zimbraImapCleartextLoginEnabled: TRUE
zimbraMailClearTextPasswordEnabled: TRUE
zimbraPop3CleartextLoginEnabled: TRUE
3) Also tried to disable anx re-enable imapporyx in proxy01 but still don't work.
zmprov -l ms `zmhostname` -zimbraServiceEnabled imapproxy
zmcontrol restart
zmprov -l ms `zmhostname` +zimbraServiceEnabled imapproxy
zmcontrol restart
zmprov -l proxy01.example/.com zimbraPop3BindPort 110 zimbraPop3SSLBindPort 995 zimbraPop3ProxyBindPort 7110 zimbraPop3SSLProxyBindPort 7995 zimbraImapBindPort 143 zimbraImapSSLBindPort 993 zimbraImapProxyBindPort 7143 zimbraImapSSLProxyBindPort 7993
zmcontrol restart
zmproxyconfig -m -d -p 7110:110:7995:995 -H proxy01.example.com
zmproxyconfig -m -e -p 7110:110:7995:995 -H proxy01.example.com
zmproxyconfig -m -d -i 7143:143:7993:993 -H proxy01.example.com
zmproxyconfig -m -e -i 7143:143:7993:993 -H proxy01.example.com
zmcontrol restart
Thanks,
Steven
Enable Plan Text login for imap/pop3 in a proxy environment
-
- Posts: 5
- Joined: Sat Sep 13, 2014 2:32 am
-
- Posts: 5
- Joined: Sat Sep 13, 2014 2:32 am
Enable Plan Text login for imap/pop3 in a proxy environment
Hi,
I fixed by myself, the key is that zimbraReverseProxyPop3StartTlsMode and zimbraReverseProxyIMAPStartTlsMode is set to "only".
I change it by
[zimbra@proxy01 includes]$ zmprov mcf zimbraReverseProxyImapStartTlsMode on
[zimbra@proxy01 includes]$ zmprov mcf zimbraReverseProxyPop3StartTlsMode on
[zimbra@proxy01 includes]$ zmprov gcf zimbraReverseProxyPop3StartTlsMode
zimbraReverseProxyPop3StartTlsMode: on
[zimbra@proxy01 includes]$ zmprov gcf zimbraReverseProxyImapStartTlsMode
zimbraReverseProxyImapStartTlsMode: on
Thanks,
Steven
I fixed by myself, the key is that zimbraReverseProxyPop3StartTlsMode and zimbraReverseProxyIMAPStartTlsMode is set to "only".
I change it by
[zimbra@proxy01 includes]$ zmprov mcf zimbraReverseProxyImapStartTlsMode on
[zimbra@proxy01 includes]$ zmprov mcf zimbraReverseProxyPop3StartTlsMode on
[zimbra@proxy01 includes]$ zmprov gcf zimbraReverseProxyPop3StartTlsMode
zimbraReverseProxyPop3StartTlsMode: on
[zimbra@proxy01 includes]$ zmprov gcf zimbraReverseProxyImapStartTlsMode
zimbraReverseProxyImapStartTlsMode: on
Thanks,
Steven
Enable Plan Text login for imap/pop3 in a proxy environment
Thanks for posting that. We have a similar problem, and that info will come in handy.
Our current mail server is all clear-text. We desperately want to get off of it and got to SMTPS/IMAPS/POPS, but we have hundreds of users who will have to update their clients on Monday morning bright and early. We just need the mail to work for now, and we'll migrate each city to secure login all next week.
Thanks again. Usually, when you ask that question in any online forum, you just get scolded about how bad an idea clear text logins are. I already KNOW that and want to get away from them. But in the real world, we have to deal with changing hundreds of users overnight. Ain't going to happen. Our support phone lines will explode and melt.
Our current mail server is all clear-text. We desperately want to get off of it and got to SMTPS/IMAPS/POPS, but we have hundreds of users who will have to update their clients on Monday morning bright and early. We just need the mail to work for now, and we'll migrate each city to secure login all next week.
Thanks again. Usually, when you ask that question in any online forum, you just get scolded about how bad an idea clear text logins are. I already KNOW that and want to get away from them. But in the real world, we have to deal with changing hundreds of users overnight. Ain't going to happen. Our support phone lines will explode and melt.