I can't reproduce this anymore with 4.6.0-beta2, assuming it's fixed

this bug seems still valid
at least with dovecot-2.0.9
and kdepim buld from git master or with latest kdepim-4.6.x beta

*** Bug 270635 has been marked as a duplicate of this bug. ***

I've just experienced this bug and it doesn't seem to occur with the cleartext login method (it does with both CRAM-MD5 and PLAIN).

The problem still exists with dovecot-2.0.13 and KDE 4.6.4. The autocheck function selects SSL/TLS and PLAIN, but it is not working. If I select cleartext I can access the IMAP account.

Yes, bug is still valid. I can confirm it witch kontakt 4.6.0  and dovecot 2.0.13. This issue is caused by this change in dovecot:

http://dovecot.org/list/dovecot/2010-April/048147.html

Other clients works like a charm, but kmail fails.

Patch against kdepimlibs that fixes this bug for me:

--- kimap/loginjob.cpp.orig     2011-08-22 20:27:30.526267893 +0200
+++ kimap/loginjob.cpp  2011-08-22 20:38:11.555674184 +0200
@@ -324,7 +324,9 @@
     }
   } else if ( response.content.size() >= 2 ) {
     if ( d->authState == LoginJobPrivate::Authenticate ) {
-      if (!d->answerChallenge(QByteArray::fromBase64(response.content[1].toString()))) {
+      //if we're receiving post-login capabilities, ignore them here
+      //capabilities are being set by capabilitiesjob after
+      if (response.content[1].toString()!="CAPABILITY" && !d->answerChallenge(QByteArray::fromBase64(response.content[1].toString()))) {
         emitResult(); //error, we're done
       }
     } else if ( response.content[1].toString()=="CAPABILITY" ) {

Please test and let me know if it works and doesn't cause regressions.

Patch works for me using kmail-4.7.0 and dovecot-2.0.13 with sasl.

Rob, can you submit your patch to https://git.reviewboard.kde.org please (group 'kdepimlibs').

A small unit test would also help

Patch works for me as well. Using kmail 4.7.3 and dovecot-2.0.15. It would have been nice if this patch submitted in Aug. made it to at least 4.7.3.

Created attachment 65371 [details]
Another variant of the fix

The patch works for me too - but I wonder if just switching the if() statements wouldn't be a better fix (patch attached).

ervin, I would like to see this fix in the next bugfix release of KDE 4.7.x

could you give the thumbs-up or down on this patch?

Bug still exists in Kontact/Kmail 4.8 rc2 (Kubuntu testing, 12.04/precise).
Tested with latest auto built package of dovecot (2.0.17) running on debian.

The patch provided in comment #11 fixes the problem only partially.

Reordering if branches makes LOGIN authentication work, but other authentication methods get refused when SSL connection is used because the unsolicited untagged CAPABILITY response to AUTHENTICATE command does not contain "AUTH=" capabilities.

It's interesting to note that everything works fine if unencrypted connection is used, because KIMAP::LoginJob does not send CAPABILITY command when connection is not encrypted, so Dovecot IMAP server does not send unsolicited untagged CAPABILITY response to AUTHENTICATE command later. Not sending CAPABILITY command when unencrypted connection is used can be considered as a separate bug.

The logic in KIMAP::LoginJob::handleResponse() method is difficult to understand, do I've refactored it and made it more correct.

Please take a look at the following review request:
https://git.reviewboard.kde.org/r/103854/
The patch in this review request fixes this bug.

*** Bug 267884 has been marked as a duplicate of this bug. ***

Rewording the title a bit, it's more widespread than just dovecot, it's about
AUTHENTICATE command.

Git commit 07e337d8965fe5aa334bd60a5141031168b1ac62 by Oleg Girko.
Committed on 14/02/2012 at 22:51.
Pushed by girko into branch 'master'.

Refactoring KIMAP::LoginJob::handleResponse() method for better correctness.

Besides better readability, this makes handleResponse() method
handle not only untagged response caused by CAPABILITY command,
but also unsolicited untagged CAPABILITY response caused by AUTHENTICATE
command which is returned by Dovecot IMAP server for compatibility with
MS Outlook.
This fixes bug #249992.
REVIEW: 103854

M  +136  -82   kimap/loginjob.cpp

http://commits.kde.org/kdepimlibs/07e337d8965fe5aa334bd60a5141031168b1ac62

Git commit b4809337d8bd1de9274f5aa7f9284f22c579fdcd by Oleg Girko.
Committed on 14/02/2012 at 22:51.
Pushed by girko into branch 'KDE/4.8'.

Refactoring KIMAP::LoginJob::handleResponse() method for better correctness.

Besides better readability, this makes handleResponse() method
handle not only untagged response caused by CAPABILITY command,
but also unsolicited untagged CAPABILITY response caused by AUTHENTICATE
command which is returned by Dovecot IMAP server for compatibility with
MS Outlook.
This fixes bug #249992.
REVIEW: 103854

M  +136  -82   kimap/loginjob.cpp

http://commits.kde.org/kdepimlibs/b4809337d8bd1de9274f5aa7f9284f22c579fdcd

Git commit 454bc5fe8603f358c414720d128c79dcd33c9776 by Oleg Girko.
Committed on 14/02/2012 at 22:51.
Pushed by girko into branch 'KDE/4.7'.

Refactoring KIMAP::LoginJob::handleResponse() method for better correctness.

Besides better readability, this makes handleResponse() method
handle not only untagged response caused by CAPABILITY command,
but also unsolicited untagged CAPABILITY response caused by AUTHENTICATE
command which is returned by Dovecot IMAP server for compatibility with
MS Outlook.
This fixes bug #249992.
REVIEW: 103854

M  +136  -82   kimap/loginjob.cpp

http://commits.kde.org/kdepimlibs/454bc5fe8603f358c414720d128c79dcd33c9776