Community Discussions and Support
Can't authenticate IMAP (was: Can't create local users)

So, what I'm wanting to do is this:


I'm trying to copy my Dad's email archive, which currently exists in hundreds of Pegasus Mail folders, via IMAP, to a different server. My hope is to connect Thunderbird to the remote IMAP server, and to a newly-installed Mercury IMAP server sitting on top of this vast collection of Pegasus mail folders, and then manually drag the folders from one server to the other.


As I mentioned, I've freshly installed Mercury, installing only the IMAP component, and pointed it at the existing Pegasus mail C:\PMAIL\Public folder where his emails live. I got Thunderbird to connect to Mercury via IMAP, but then authentication failed. A little reading made me think I need to create a "local user" for authentication.


So I go to "Manage local users..." which pops up the dialog. I "Add" a new user, give it a valid username, a personal name, and a password, leaving APOP blank. When I hit "OK" from this dialog, the computer gives a little error noise, and no user ends up added. I've tried several different usernames and passwords, made sure the username is alphanum-no-spaces, personal name, no personal name, APOP, no APOP, nothing works. I simply can't add a local user and there's zero feedback as to what might be wrong.


One small clue is that at the top of the "Users defined for this system" dialog, it suspiciously says "Mailbox directory: ???" which makes me think something about the existing Pegasus Mail folders might be confusing it?


One other interesting point is that initially I -was- able to add a local user, which even successfully authenticated once via Thunderbird, but when I next launched Mercury, that user was gone and that's when I started not being able to create any more.


Any thoughts? Thanks in advance for any help y'all can give.


(Edited to add: Mercury 4.91.349; Windows 10 Pro 22H2)


So, what I'm wanting to do is this: I'm trying to copy my Dad's email archive, which currently exists in hundreds of Pegasus Mail folders, via IMAP, to a different server. My hope is to connect Thunderbird to the remote IMAP server, and to a newly-installed Mercury IMAP server sitting on top of this vast collection of Pegasus mail folders, and then manually drag the folders from one server to the other. As I mentioned, I've freshly installed Mercury, installing only the IMAP component, and pointed it at the existing Pegasus mail C:\PMAIL\Public folder where his emails live. I got Thunderbird to connect to Mercury via IMAP, but then authentication failed. A little reading made me think I need to create a "local user" for authentication. So I go to "Manage local users..." which pops up the dialog. I "Add" a new user, give it a valid username, a personal name, and a password, leaving APOP blank. When I hit "OK" from this dialog, the computer gives a little error noise, and no user ends up added. I've tried several different usernames and passwords, made sure the username is alphanum-no-spaces, personal name, no personal name, APOP, no APOP, nothing works. I simply can't add a local user and there's zero feedback as to what might be wrong. One small clue is that at the top of the "Users defined for this system" dialog, it suspiciously says "Mailbox directory: ???" which makes me think something about the existing Pegasus Mail folders might be confusing it? One other interesting point is that initially I -was- able to add a local user, which even successfully authenticated once via Thunderbird, but when I next launched Mercury, that user was gone and that's when I started not being able to create any more. Any thoughts? Thanks in advance for any help y'all can give. (Edited to add: Mercury 4.91.349; Windows 10 Pro 22H2)
edited Feb 5 at 7:47 am

OK some further input. I'm clearly doing something wrong. I have still had no success creating "local users" via Mercury's UI, as described above.


I've also had no luck authenticating against actual users on the machine, including creating a fresh "testuser" out of whole cloth just to make sure. I'm doing this via Thunderbird, and the Mercury IMAP log sees the username correctly but alleges "Password failure, user 'testuser', from 192.168.86.245", given the correct password for "testuser".


Am I just going about this wrong? I can't get the IMAP server to authenticate a session at all.


It's my belief that if I can get a user authenticating via IMAP, I can twiddle the location/etc of the PMAIL mail folders such that they would become visible via IMAP for that user, and then I'm all good. Is there some simpler path to victory?


Thanks in advance.


OK some further input. I'm clearly doing something wrong. I have still had no success creating "local users" via Mercury's UI, as described above. I've also had no luck authenticating against actual users on the machine, including creating a fresh "testuser" out of whole cloth just to make sure. I'm doing this via Thunderbird, and the Mercury IMAP log sees the username correctly but alleges "Password failure, user 'testuser', from 192.168.86.245", given the correct password for "testuser". Am I just going about this wrong? I can't get the IMAP server to authenticate a session at all. It's my belief that if I can get a user authenticating via IMAP, I can twiddle the location/etc of the PMAIL mail folders such that they would become visible via IMAP for that user, and then I'm all good. Is there some simpler path to victory? Thanks in advance.
edited Feb 5 at 7:52 am

Please post the mercury.ini file from your server and we'll see if we can find out what the problem is. (If there are passwords or other details that shouldn't be made public just replace those parts.)


Please post the mercury.ini file from your server and we'll see if we can find out what the problem is. (If there are passwords or other details that shouldn't be made public just replace those parts.)

Hello,


just a thought: how do you authenticate with Thunderbird against Mercury? Plain, Login, Cram-MD5 ?


Maybe try a different mechanism and see.


Johannes


Hello, just a thought: how do you authenticate with Thunderbird against Mercury? Plain, Login, Cram-MD5 ? Maybe try a different mechanism and see. Johannes

Rolf: Mercury.ini is attached. I haven't explicitly changed anything in it, so apart from what was set during the install, it's basically default. (Edit: the attachment doesn't seem to want to attach, maybe my account is too new, here's a link to a gist of it: https://gist.github.com/emersonrp/510338d135b8806211ccc5f8d5ab304d)


Johannes: I have tried "password, transmitted insecurely," "encrypted password," and "NTLM" as a hail-mary but Thunderbird simply complains that the server doesn't support the other two besides "password" and won't even try. Kerberos, TLS Certificate, and OAuth2 all seem even more unlikely. Unless you're talking about configuration on the Mercury side, in which case I haven't found that yet and am probably doing something wrong. (I've also tinkered with a self-signed cert on the Mercury side + STARTTLS on the Thunderbird side, but though that successfully connected, authentication failed in the same way.)


Thanks!


Rolf: Mercury.ini is attached. I haven't explicitly changed anything in it, so apart from what was set during the install, it's basically default. (Edit: the attachment doesn't seem to want to attach, maybe my account is too new, here's a link to a gist of it: <https://gist.github.com/emersonrp/510338d135b8806211ccc5f8d5ab304d>) Johannes: I have tried "password, transmitted insecurely," "encrypted password," and "NTLM" as a hail-mary but Thunderbird simply complains that the server doesn't support the other two besides "password" and won't even try. Kerberos, TLS Certificate, and OAuth2 all seem even more unlikely. Unless you're talking about configuration on the Mercury side, in which case I haven't found that yet and am probably doing something wrong. (I've also tinkered with a self-signed cert on the Mercury side + STARTTLS on the Thunderbird side, but though that successfully connected, authentication failed in the same way.) Thanks!
edited Feb 5 at 6:27 pm

A few things to fix:


[General]
myname - Please give the server an identity. If not a domain name so at least a reasonable host name.
newmail_path: C:\PMAIL\mail - Mercury expects this path to point to a directory with sub-directories for each user and a file called PMAIL.USR. Message files etc. are expected to be in the sub-directories. The user running Mercury must have full read/write access to those directories, and they should be exempt from real-time antivirus scanning, as should the main Mercury directory.


[Mercury]
One user, usually called admin, should be set as postmaster.


[MercuryS]
If you plan to make the server visible on the Internet relaying setting should be reviewed.


[Domains]
Please see Mercury help. You should at least specify hostname and local IP address.


A few things to fix: [General] myname - Please give the server an identity. If not a domain name so at least a reasonable host name. newmail_path: C:\PMAIL\mail - Mercury expects this path to point to a directory with sub-directories for each user and a file called PMAIL.USR. Message files etc. are expected to be in the sub-directories. The user running Mercury must have full read/write access to those directories, and they should be exempt from real-time antivirus scanning, as should the main Mercury directory. [Mercury] One user, usually called admin, should be set as postmaster. [MercuryS] If you plan to make the server visible on the Internet relaying setting should be reviewed. [Domains] Please see Mercury help. You should at least specify hostname and local IP address.

Rolf: Thanks for the feedback. I've tidied up the things you said:


General "myname" is now a fully-qualified hostname (in a fictitious domain, this machine isn't visible to the outside world and will not be at any point).


newmail_path of C:\PMAIL\Mail is set up as you describe, with subdirectories for two users, one of which seems to be historical, the other of which is Admin. There is a PMAIL.USR file that references those two users. There are ancient mailboxes in each of the subdirectories. It's my hope that the current mailboxes, which are currently in C:\PMAIL\Public, can be relocated to C:\PMAIL\Mail\<username> once I get a user authenticating (permissions and so forth of course being set as necessary at that point).


Mercury postmaster is now set to Admin.


The server will not ever be visible on the internet, it's solely for this IMAP access locally to the LAN. I have actually now disabled the SMTP server in the Configuration > Protocol Modules menu, figuring that unless that somehow breaks my use case, it's the simplest way to avoid SMTP badness.


I have specified three lines in Domains, as described in the help, for the base hostname, the hostname at my fictitious domain name, and the IP address. I think this is also mostly for the benefit of the SMTP server's notion of local delivery, but I want to get all my ducks in a row.


With all of that changed around, still no joy either authenticating as an existing user or creating a "local user" (which is not a red herring, right, those are for this purpose of authentication?)


Thanks again for the reply.


Rolf: Thanks for the feedback. I&#039;ve tidied up the things you said: General &quot;myname&quot; is now a fully-qualified hostname (in a fictitious domain, this machine isn&#039;t visible to the outside world and will not be at any point). newmail_path of C:\PMAIL\Mail is set up as you describe, with subdirectories for two users, one of which seems to be historical, the other of which is Admin. There is a PMAIL.USR file that references those two users. There are ancient mailboxes in each of the subdirectories. It&#039;s my hope that the current mailboxes, which are currently in C:\PMAIL\Public, can be relocated to C:\PMAIL\Mail\&lt;username&gt; once I get a user authenticating (permissions and so forth of course being set as necessary at that point). Mercury postmaster is now set to Admin. The server will not ever be visible on the internet, it&#039;s solely for this IMAP access locally to the LAN. I have actually now disabled the SMTP server in the Configuration &gt; Protocol Modules menu, figuring that unless that somehow breaks my use case, it&#039;s the simplest way to avoid SMTP badness. I have specified three lines in Domains, as described in the help, for the base hostname, the hostname at my fictitious domain name, and the IP address. I think this is also mostly for the benefit of the SMTP server&#039;s notion of local delivery, but I want to get all my ducks in a row. With all of that changed around, still no joy either authenticating as an existing user or creating a &quot;local user&quot; (which is not a red herring, right, those are for this purpose of authentication?) Thanks again for the reply.

So one thing to note here is that you at one point apparently were able to create a user from the local user dialog window. The question is what happened after that - is something interfering with the program or have files been damaged?


As a start, try installing a second instance of the program to a new location. Do basic settings but keep the default location of the MAIL directory, and see if you can create new users there.


So one thing to note here is that you at one point apparently were able to create a user from the local user dialog window. The question is what happened after that - is something interfering with the program or have files been damaged? As a start, try installing a second instance of the program to a new location. Do basic settings but keep the default location of the MAIL directory, and see if you can create new users there.

Well, this is fascinating. I didn't expect that to do anything different, as I'm pretty sure I uninstalled Mercury and completely deleted C:\MERCURY at least once during all this, but I went ahead and installed it to C:\MERCURY2, just the IMAP server, with the hostname and postmaster and so forth set the same way. And lo and behold, I was able to make a local "emerson" user, -and- was able to authenticate with that user.


But.


As soon as I close Mercury (in this case, to try to tinker the mailbox files under the new user's C:\PMAIL\Mail\emerson), the local user disappears and Mercury naturally won't auth it. However, unlike previously, I am able to re-make the local user each time I start Mercury. This is inconvenient, but progress. Any thoughts on why the local user wouldn't be persistent? If not, this is a manageable situation if I can get the mailboxes to appear.


Which, so far, I can't. I have copied the mailboxes from their existing location in C:\PMAIL\Public to C:\PMAIL\MAIL\emerson but the IMAP server isn't showing them - it just shows "Inbox" and "Trash." All of the mailbox files are set to full access permissions for Everyone. Does the file ownership matter in that case? If so, what user should own the files since I'm using a "local user" instead of an actual Windows user? They're already owned by the user that's running Mercury. Or is this notion of copying the "Public" files into the local user's directory wrong and doomed?


(Should I open a new thread now that I have the authentication thing at least semi-working?) Thanks for the pointer and progress.


Well, this is fascinating. I didn&#039;t expect that to do anything different, as I&#039;m pretty sure I uninstalled Mercury and completely deleted C:\MERCURY at least once during all this, but I went ahead and installed it to C:\MERCURY2, just the IMAP server, with the hostname and postmaster and so forth set the same way. And lo and behold, I was able to make a local &quot;emerson&quot; user, -and- was able to authenticate with that user. But. As soon as I close Mercury (in this case, to try to tinker the mailbox files under the new user&#039;s C:\PMAIL\Mail\emerson), the local user disappears and Mercury naturally won&#039;t auth it. However, unlike previously, I am able to re-make the local user each time I start Mercury. This is inconvenient, but progress. Any thoughts on why the local user wouldn&#039;t be persistent? If not, this is a manageable situation if I can get the mailboxes to appear. Which, so far, I can&#039;t. I have copied the mailboxes from their existing location in C:\PMAIL\Public to C:\PMAIL\MAIL\emerson but the IMAP server isn&#039;t showing them - it just shows &quot;Inbox&quot; and &quot;Trash.&quot; All of the mailbox files are set to full access permissions for Everyone. Does the file ownership matter in that case? If so, what user should own the files since I&#039;m using a &quot;local user&quot; instead of an actual Windows user? They&#039;re already owned by the user that&#039;s running Mercury. Or is this notion of copying the &quot;Public&quot; files into the local user&#039;s directory wrong and doomed? (Should I open a new thread now that I have the authentication thing at least semi-working?) Thanks for the pointer and progress.

Well, interesting. Mercury isn't deleting the MAIL directory, so apparently some other process on your server is.


As for IMAP there is usually some setting in the client program for what folders should be shown, those without "subscription" are hidden. Try copying some message files directly to the emerson directory (which corresponds to Inbox for that user) and see if they show up.


All disk access will be performed by the Windows user that's running Mercury, so it makes no difference what the local user in Mercury is.


Well, interesting. Mercury isn&#039;t deleting the MAIL directory, so apparently some other process on your server is. As for IMAP there is usually some setting in the client program for what folders should be shown, those without &quot;subscription&quot; are hidden. Try copying some message files directly to the emerson directory (which corresponds to Inbox for that user) and see if they show up. All disk access will be performed by the Windows user that&#039;s running Mercury, so it makes no difference what the local user in Mercury is.

OK, success. I'll spare you the play-by-play of how I stumbled my way here but the fix was:


-- uninstall all copies of Mercury (I was up to 4); delete all Mercury folders.
-- move aside C:\PMAIL completely
-- reinstall Pegasus Mail with almost zero config; run it once to create C:\PMAIL\Mail
-- from Pegasus Mail, create an 'emerson' user
-- reinstall Mercury, using the Pegasus Mail integration, installing only the IMAP server
-- lookie there, Mercury automagically sees Admin and emerson users in the "Manage local users" list. Set emerson's password here.
-- move the hundreds of mailbox files to C:\PMAIL\Mail\emerson
-- log in via Thunderbird, go examine subscribe-able mailboxes. Winner!


I think my Dad's 25+-year-old C:\PMAIL was full of rats and weasels and causing all sorts of aberrant behavior. Fresh Pegasus install with clean C:\PMAIL, integrated during Mercury install, was the win. Making the user in Pegasus Mail also felt like the right thing.


Anyway, I have all my Dad's hundreds of folders available via IMAP and now I just have the laborious task of archiving them.


Thank you so much for your help through all this.


OK, success. I&#039;ll spare you the play-by-play of how I stumbled my way here but the fix was: -- uninstall all copies of Mercury (I was up to 4); delete all Mercury folders. -- move aside C:\PMAIL completely -- reinstall Pegasus Mail with almost zero config; run it once to create C:\PMAIL\Mail -- from Pegasus Mail, create an &#039;emerson&#039; user -- reinstall Mercury, using the Pegasus Mail integration, installing only the IMAP server -- lookie there, Mercury automagically sees Admin and emerson users in the &quot;Manage local users&quot; list. Set emerson&#039;s password here. -- move the hundreds of mailbox files to C:\PMAIL\Mail\emerson -- log in via Thunderbird, go examine subscribe-able mailboxes. Winner! I think my Dad&#039;s 25+-year-old C:\PMAIL was full of rats and weasels and causing all sorts of aberrant behavior. Fresh Pegasus install with clean C:\PMAIL, integrated during Mercury install, was the win. Making the user in Pegasus Mail also felt like the right thing. Anyway, I have all my Dad&#039;s hundreds of folders available via IMAP and now I just have the laborious task of archiving them. Thank you so much for your help through all this.
edited Feb 7 at 4:24 am
live preview
enter atleast 10 characters
WARNING: You mentioned %MENTIONS%, but they cannot see this message and will not be notified
Saving...
Saved
With selected deselect posts show selected posts
All posts under this topic will be deleted ?
Pending draft ... Click to resume editing
Discard draft