imapsync/FAQ.d/FAQ.Authentication_failure.txt

#!/bin/cat
$Id: FAQ.Authentication_failure.txt,v 1.9 2019/01/11 13:13:08 gilles Exp gilles $

This documentation is also available online at
https://imapsync.lamiral.info/FAQ.d/
https://imapsync.lamiral.info/FAQ.d/FAQ.Admin_Authentication.txt

=======================================================================
              Imapsync authentication issues
=======================================================================

Questions answered in this FAQ are:

Q. Imapsync fails with the following error, what can I do?
Host1 failure: Error login on [imap.example.com] with user [foo] auth [LOGIN]: 2 NO [AUTHENTICATIONFAILED] Authentication failed

Q. Imapsync fails with the following error, what can I do?
   Host2 failure: Error login on [imap.example.com] with user [foo] auth [LOGIN]: 2 BAD Invalid characters in atom 


=======================================================================
Q. Imapsync fails with the following error, what can I do?
Host1 failure: Error login on [imap.example.com] with user [foo] auth [LOGIN]: 2 NO [AUTHENTICATIONFAILED] Authentication failed


R. One over four imapsync syncs ends up quickly with the error message 
   "Authentication failed" or "NO LOGIN failed" or similar. 
   Authentication failure is the primary failure with imapsync
   and since nothing tangible can be done without authentication, 
   this stage must succeed to go further.

Here are some advices to get you pass this difficult stage of authentication:

  * Triple check each credential parameter, there are three parameters at each side:
     * triple check --host1
     * triple check --user1
     * triple check --password1
     * triple check --host2
     * triple check --user2
     * triple check --password2

   * If you can authenticate successfully with an other imap client software 
     like Thunderbird or Outlook or Sparrow then it is a very good sign to 
     authenticate successfully with imapsync. Examine the parameters of 
     this other imap client and copy them as is for imapsync.

   * Use option --showpasswords
     At the beginning of the output, imapsync dumps all its command
     line parameters; it's the line after "Command line used:".
     With --showpasswords, imapsync prints the passwords received 
     instead of the string MASKED. It helps for debugging quoting issues.
     Option --showpasswords shows passwords again when the IMAP dialog
     is dumped by --debugimap option. Search for a line like 
     "Sending: 2 LOGIN test1 secret1" (secret1 is the password here)


   * It is sometimes very hard to quote correctly unusual characters,
     especially on Windows. See 
     https://imapsync.lamiral.info/FAQ.d/FAQ.Passwords_on_Windows.txt
     https://imapsync.lamiral.info/FAQ.d/FAQ.Passwords_on_Unix.txt
     The quickest trick may be to change the password temporally
     with easy characters like the classical alphabet, a long
     string still ensure strong security.

   * Sometimes some servers announce they support LOGIN but it
     actually fails because the authentication mechanism
     working is something else like CRAM-MD5 or PLAIN. 
     So:
       * Try --authmech1 CRAM-MD5 (or --authmech2 CRAM-MD5)
       * Try --authmech1 PLAIN    (or --authmech2 PLAIN)

   * If you want to play manually the IMAP protocol on your server, 
     here is an example with the command telnet, user test1
     and password secret1 on the host test.lamiral.info.

     telnet test.lamiral.info 143
     c1 LOGIN test1 "secret1" 
     c2 LOGOUT

     Same example using an ssl conneection:
     
     telnet-ssl -z ssl test.lamiral.info 993
     c1 LOGIN test1 "secret1" 
     c2 LOGOUT
   
=======================================================================
Q. Imapsync fails with the following error, what can I do?
   Host2 failure: Error login on [imap.example.com] with user [foo] auth [LOGIN]: 2 BAD Invalid characters in atom 

R. It might be a Dovecot imap server. The password string might 
   contain special characters that Dovecot doesn't like. Change them.
 
 =======================================================================
 =======================================================================
1.836 2017-09-23 23:54:48 +02:00			`#!/bin/cat`
1.920 2019-07-03 01:17:46 +02:00			$Id: FAQ.Authentication_failure.txt,v 1.9 2019/01/11 13:13:08 gilles Exp gilles $
1.836 2017-09-23 23:54:48 +02:00
1.920 2019-07-03 01:17:46 +02:00			`This documentation is also available online at`
			`https://imapsync.lamiral.info/FAQ.d/`
			`https://imapsync.lamiral.info/FAQ.d/FAQ.Admin_Authentication.txt`
1.836 2017-09-23 23:54:48 +02:00
			`=======================================================================`
			`Imapsync authentication issues`
			`=======================================================================`

1.920 2019-07-03 01:17:46 +02:00			`Questions answered in this FAQ are:`
1.836 2017-09-23 23:54:48 +02:00
1.920 2019-07-03 01:17:46 +02:00			`Q. Imapsync fails with the following error, what can I do?`
1.836 2017-09-23 23:54:48 +02:00			`Host1 failure: Error login on [imap.example.com] with user [foo] auth [LOGIN]: 2 NO [AUTHENTICATIONFAILED] Authentication failed`

1.920 2019-07-03 01:17:46 +02:00			`Q. Imapsync fails with the following error, what can I do?`
			`Host2 failure: Error login on [imap.example.com] with user [foo] auth [LOGIN]: 2 BAD Invalid characters in atom`
1.836 2017-09-23 23:54:48 +02:00
1.920 2019-07-03 01:17:46 +02:00
			`=======================================================================`
			`Q. Imapsync fails with the following error, what can I do?`
			`Host1 failure: Error login on [imap.example.com] with user [foo] auth [LOGIN]: 2 NO [AUTHENTICATIONFAILED] Authentication failed`


			`R. One over four imapsync syncs ends up quickly with the error message`
			`"Authentication failed" or "NO LOGIN failed" or similar.`
			`Authentication failure is the primary failure with imapsync`
			`and since nothing tangible can be done without authentication,`
			`this stage must succeed to go further.`
1.836 2017-09-23 23:54:48 +02:00
			`Here are some advices to get you pass this difficult stage of authentication:`

1.920 2019-07-03 01:17:46 +02:00			`* Triple check each credential parameter, there are three parameters at each side:`
1.836 2017-09-23 23:54:48 +02:00			`* triple check --host1`
			`* triple check --user1`
			`* triple check --password1`
			`* triple check --host2`
			`* triple check --user2`
			`* triple check --password2`

			`* If you can authenticate successfully with an other imap client software`
			`like Thunderbird or Outlook or Sparrow then it is a very good sign to`
			`authenticate successfully with imapsync. Examine the parameters of`
			`this other imap client and copy them as is for imapsync.`

			`* Use option --showpasswords`
			`At the beginning of the output, imapsync dumps all its command`
			`line parameters; it's the line after "Command line used:".`
			`With --showpasswords, imapsync prints the passwords received`
			`instead of the string MASKED. It helps for debugging quoting issues.`
			`Option --showpasswords shows passwords again when the IMAP dialog`
			`is dumped by --debugimap option. Search for a line like`
			`"Sending: 2 LOGIN test1 secret1" (secret1 is the password here)`
1.920 2019-07-03 01:17:46 +02:00

1.836 2017-09-23 23:54:48 +02:00			`* It is sometimes very hard to quote correctly unusual characters,`
			`especially on Windows. See`
			`https://imapsync.lamiral.info/FAQ.d/FAQ.Passwords_on_Windows.txt`
			`https://imapsync.lamiral.info/FAQ.d/FAQ.Passwords_on_Unix.txt`
1.920 2019-07-03 01:17:46 +02:00			`The quickest trick may be to change the password temporally`
1.836 2017-09-23 23:54:48 +02:00			`with easy characters like the classical alphabet, a long`
1.920 2019-07-03 01:17:46 +02:00			`string still ensure strong security.`

			`* Sometimes some servers announce they support LOGIN but it`
			`actually fails because the authentication mechanism`
			`working is something else like CRAM-MD5 or PLAIN.`
			`So:`
			`* Try --authmech1 CRAM-MD5 (or --authmech2 CRAM-MD5)`
			`* Try --authmech1 PLAIN (or --authmech2 PLAIN)`

			`* If you want to play manually the IMAP protocol on your server,`
			`here is an example with the command telnet, user test1`
			`and password secret1 on the host test.lamiral.info.`

			`telnet test.lamiral.info 143`
			`c1 LOGIN test1 "secret1"`
			`c2 LOGOUT`

			`Same example using an ssl conneection:`
1.836 2017-09-23 23:54:48 +02:00
1.920 2019-07-03 01:17:46 +02:00			`telnet-ssl -z ssl test.lamiral.info 993`
			`c1 LOGIN test1 "secret1"`
			`c2 LOGOUT`

			`=======================================================================`
			`Q. Imapsync fails with the following error, what can I do?`
			`Host2 failure: Error login on [imap.example.com] with user [foo] auth [LOGIN]: 2 BAD Invalid characters in atom`

			`R. It might be a Dovecot imap server. The password string might`
			`contain special characters that Dovecot doesn't like. Change them.`

			`=======================================================================`
			`=======================================================================`
1.836 2017-09-23 23:54:48 +02:00