Using generic IMAP with username

[amarcacci]

Is it possible to access an IMAP mailbox requiring an username different from the e-mail address?
Example:

Password for test@****.com (hidden):
Username:
IMAP server host:

[grinich]

Hm, I don't think we've experienced this. Which servers/providers have this as an option?

[amarcacci]

Hi,
I've seen this on my personal hoster (webfaction). You can authenticate yourself for a single "mailbox" linked to a variable number of "adresses".

[philfreo]

I can confirm that a bunch of IMAP hosts do have usernames that are different than the email address.

We are syncing thousands of IMAP accounts currently (hoping to switch to nilas/inbox instead of custom code) and currently about 1.5% of them have non-email usernames.

#128 seems like a good solution

[grinich]

Do you have details on which providers/servers this is an issue for?

[philfreo]

I do but it's many of our customers own domains so I wouldn't be able to share the host list. However one common example is: hosteurope.de (see Benutzername in faq)

[grinich]

@philfreo do you have any data on if servers run IMAP/SMTP on non-standard ports?

[fallenpegasus]

fastmail has imap username that is different than the receiving email address

[grinich]

@brong is that true?

[brong]

Fastmail supports having tons of aliases - though the login is the same as the default email address.

(we also support login on port 992 to get the alternative namespace)

[brong]

A common pattern is for someone to sign up a complex "real address" and then choose a handful of friendly alias that they can use publically for different purposes without leaking their real address. We are very careful to not mention the real address in bounces, even rejects from the sieve filtering level.

[grinich]

@brong How is a client notified that it can send via multiple addresses/aliases?

How does a client use a specific sending alias? From: header in message payload? Do you overwrite unauthorized from addresses (like Gmail)?

[brong]

@grinich there is no way via IMAP to notify, so you need to set it up yourself. In the FastMail web UI it's in personalities.

There will be a way via JMAP to get a list of allowed sending addresses from the server. I'm not sure if it's nailed down yet.

http://jmap.io/spec.html#getaccounts exists, but it's not really the full preferences that we'll need supported for FastMail.

[brong]

We don't overwrite sender addresses right now, but we won't DKIM sign with the sending domain unless it's owned by the account.

[grinich]

@brong and no way to detect aliases? In this proposed change we would be required to ask the user for their sending email address, which I'm not sure we can verify ownership without sending a test message.

[brong]

Not strictly - it all gets a bit exciting with catchall aliases and such. The only reliable test is indeed sending a test message.

[brong]

In particular, what do you do with things like a role alias which expands to multiple individual accounts? It's perfectly legitimiate for all those users to have a personality which sends as the role alias.

[philfreo]

@philfreo do you have any data on if servers run IMAP/SMTP on non-standard ports?

All our IMAP accounts are using ports 993/143 and we have SMTP accounts using 465/587/25/2525.

[arthurlutz]

+1

[lkraav]

Indeed. Is there a simple monkey-patching way to proceed without #128 for time being? Like #213, I'm also running dovecot where just the username is used for authentication.

[lkraav]

For dovecot, a usable workaround is

auth_username_format = %Ln

This will strip the domain part from the username, after which it won't matter if you log in with leho or leho@domain.com

I've found that changing IMAP usernames has side-effects, for example ACLs, possibly Sieve will be affected. Therefore pre-auth translation, like the above example, is much preferred.

[jffrybrwn]

Has this been solved? I still can't connect with WebFaction

[prubianes]

Me too, I'm still having problems with webfaction email

[grinich]

this is fixed in 269709d !