Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » What secure login method works with Apple Mail?
  •  
macjimbo

Messages: 103
Karma: 6
Send a private message to this user
I can only get Apple's Mail program to talk to KC using the 'password' method. This is called 'Login' in KC, I think.

If I turn off 'plain' and 'login' as acceptable login methods in KC, then I can't find an authentication method in Apple Mail which will talk to KC. Unfortunately the PCI-DSS compliance police now require us not to use Login or Plain on any internet-facing ports.

The Apple Mail options are:

Password, MD5-Challenge Response, NTLM, Kerberos Version 5 (GSSAPI), External (TLS client Certificate)

On KC I have:

Plain, Login, DIGEST-MD5, CRAM-MD5.

Does anyone know how I can make CRAM-MD5 or DIGEST-MD5 talk to Apple Mail?

Thanks
  •  
macjimbo

Messages: 103
Karma: 6
Send a private message to this user
as an update, it seems that I only have difficulties with SMTP log in. Exchange IMAP works fine with MD5 Challenge-Response, but if I choose that option for SMTP then it keeps asking for my password (which it doesn't accept).
  •  
dominic@cbx.com

Messages: 27
Karma: 3
Send a private message to this user
I've seen intermittent issues with smtp and md5 in apple's mail.app on mac os 10.6.x. I usually have the user switch to plain, temporarily to get messages sent. Then switch it back after reboot. It rarely happens, and our users connect over ssl, so it's never been a pressing concern. I'd speculate its a bug with mail.app, as restarting smtp services in connect have zero effect. Also seems to correlate with sketchy network connections, like when users are connecting from their mediocre home ISP. Maybe it's a latency issue? Maybe mail.app holds onto a bad cache too long? Either way, it's far from universal.

If you can't use md5 at all, this might be relevant: http://forums.kerio.com/?t=msg&th=14108&start=0
  •  
macjimbo

Messages: 103
Karma: 6
Send a private message to this user
I am using Open Directory authentication, so this probably explains it. I guess the solution is to use a secure connection, that way I can continue using login or plain.

Thanks
Previous Topic: Outlook calendars - sync to android phones
Next Topic: How does "Spam Filter" -> "Blacklists" work?
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Aug 18 06:57:30 CEST 2017

Total time taken to generate the page: 0.00423 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.