Travis Butler Posted September 7, 2010 Posted September 7, 2010 Trying to get the Email plugin to work with a city government-supplied IMAP account, which I believe is run off an Exchange server. I can connect to the server with SSL off, using Outlook on the PC, and Apple Mail or Entourage 2008 on the Mac. When I try to connect with the plugin, using the same IMAP server/username/password, the plugin fails with a "Can't load NTLM authenticator" error message. Authentication in Apple Mail is set to plain Password, not MD5, Kerberos or NTLM; in Entourage, "Always use secure password" is turned off, though I haven't been able to find exactly what that means in terms of authentication. However, I did find this thread on Sun's Java forums which suggests that even if Exchange is promising Plaintext authentication, NTLM is getting in there somewhere. And I found an earlier forum post here stating that NTLM doesn't work with SMTP in the Email plug-in. SSL authentication doesn't appear to be an option; specifying it in EmailConnectIMAP, or in the preference settings in Mail or Entourage, causes a timeout error. I'm not sure how practical it would be to get the metro government IT to turn SSL on; it took them two weeks just to get the IMAP account accessible from a regular email client. Given this: * In the Email plugin, is NTLM also not supported with IMAP, in addition to it not working with SMTP? * Is NTLM the actual problem here? The Java thread suggests it might be, but I don't know what the plugin internals are like. * Are there any other options to get this thing working? I've looked at using it with a POP account, but that's not optimal because of the apparent inability of the Email plugin to mark messages as viewed when using a POP account.
Smef Posted September 7, 2010 Posted September 7, 2010 The 360Works Email plugin only supports simple authentication with Exchange servers. I believe that NTLM is a more advanced form of authentication. You can read about the differences between the authentication methods at http://technet.microsoft.com/en-us/library/aa996225%28EXCHG.65%29.aspx If your admins allow it you could ask that you be allowed to connect using SSL and simple authentication, which is the recommended way to connect if you are using simple authentication.
Travis Butler Posted September 7, 2010 Author Posted September 7, 2010 I talked briefly to the admin and he said that yes, NTLM is standard on their Exchange server, and he wasn't sure if he could get SSL turned on. He's going to call back once he gets back in the office, and discuss possible options.
Travis Butler Posted September 8, 2010 Author Posted September 8, 2010 Unfortunately, the city email administrator cannot turn off NTLM authentication, or turn on SSL authentication, because either one would disrupt all the other IMAP users. So we're pretty much stuck. Is there anything else that can be done with this?
Smef Posted September 8, 2010 Posted September 8, 2010 You can't work the email plugin with the NTLM authentication turned on, but if you have another email server you can use, such as gmail, you could set up your exchange server to forward mail to your other mail server which you would be able to download from to using the Email plugin.
Travis Butler Posted September 8, 2010 Author Posted September 8, 2010 That's not going to work either; as a policy matter, the product requisition emails can't be forwarded to a server outside the district/metro government. So basically, there's no chance that the plugin will be updated to work with NTLM? If that's the case, it's essentially useless to us; would it be possible to get a refund? Thanks.
Smef Posted September 8, 2010 Posted September 8, 2010 You do not need to use SSL in order to do the simple authentication. I was just making a recommendation. It sounds like you are able to use simple authentication right now. Your NTLM and simple authentication connections are probably different ports. Are you using the same port number as you were using in your apple mail client? NTLM is not supported for either IMAP or SMTP, but it looks like you were using simple authentication for at least one of those. Do you have the ability to use simple authentication for both IMAP and SMTP? Remember that IMAP is used for receiving email and SMTP is used for sending email. If you like, you can email me some authentication information to give the plugin a try connecting to your server. o If you want to do this, you can email me at [email protected]
Travis Butler Posted September 8, 2010 Author Posted September 8, 2010 (edited) Not sure what you mean by "It sounds like you are able to use simple authentication right now." If I try connecting to the city government IMAP sever with SSL off, the plugin errors out, and the EmailLastError function returns the "Can't load NTLM authenticator" error message I started the thread with. The settings in the email programs I've tested with are unchanged from what I'm using with the plugin; same server, same username, same password, default IMAP port, SSL turned off. In Entourage, I have no additional settings for authentication; in Apple Mail, I have authentication set to "Password", as opposed to "MD5 Challenge-Response," "Kerberos Version 5 (GSSAPI)", or "NTLM". These settings work fine in the email clients; but when I try the identical settings in EmailConnectIMAP, I get "Can't load NTLM authenticator". I've also tried adding port 143 to the server name in EmailConnectIMAP, which results in the same error message. Edited September 8, 2010 by Guest
Smef Posted September 8, 2010 Posted September 8, 2010 By "able to use simple authentication" I meant that it sounded like your server was configured to allow simple authentication. Do you know if this is the case? Could you check with your IT people and see if simple authentication is allowed for connection to their servers for either IMAP or SMTP? Would you be able to send me some account information to test this on?
Travis Butler Posted September 9, 2010 Author Posted September 9, 2010 Although it looks like simple authentication from the email client side, on the Exchange server side it appears to be using NTLM to at least some extent, behind the scenes; that's also what's implied in the Sun forums thread I mentioned earlier at http://forums.sun.com/thread.jspa?threadID=5422438. The mail server administrator also said that he could not turn off the NTLM and offer plaintext username/password, because it would disrupt current IMAP users. I'll check with my supervisor and see if I can get permission to send along login information to test. (There's some organization issues here - I'm working for a city school district with an internal IT department, but the mail server is run by the city government with its own IT department, and each has its own rules.)
Travis Butler Posted September 9, 2010 Author Posted September 9, 2010 I just heard back from the email administrator; the metro government's email servers are firewalled, so you wouldn't be able to connect to them from outside the network in any case. He did say that it's Exchange 2003 with the default settings, then turning on IMAP with the default settings; you should be able to duplicate it by doing a fresh Exchange 2003 installation and starting the IMAP service with the default settings.
Jesse Barnum Posted September 10, 2010 Posted September 10, 2010 Hi Travis, we are not running Exchange Server so we will not be able to reproduce the issue, which also means that we cannot fix it. Please send me a direct message with your order number and I will arrange for a refund.
Travis Butler Posted September 10, 2010 Author Posted September 10, 2010 Thanks for taking care of this, Jesse. I'll be sending a message with the information shortly.
Recommended Posts
This topic is 5186 days old. Please don't post here. Open a new topic instead.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now