github/OpenArchiver
1
1
Fork 0
mirror of https://github.com/LogicLabs-OU/OpenArchiver.git synced 2026-04-06 00:31:57 +02:00
Code Issues 161 Packages Projects Releases Wiki Activity

Generic IMAP ingestion fails with Unauthorized: Invalid token on cPanel/Dovecot servers #68

New Issue
Closed
opened 2026-04-05 16:16:21 +02:00 by MrUnknownDE · 0 comments
MrUnknownDE commented 2026-04-05 16:16:21 +02:00
Owner
Copy Link

Originally created by @richieboo on 12/31/2025

Describe the bug
Generic IMAP ingestion fails against a cPanel/Dovecot IMAP server with the error:

Authentication Failed
Unauthorized: Invalid token

This occurs even though the mailbox credentials are correct and the server supports standard IMAP authentication mechanisms.

Webmail and standard email clients authenticate successfully using the same credentials.

To Reproduce
Steps to reproduce the behavior:

Deploy Open Archiver (v0.3.3).

Go to Ingestions → Create New.

Select Provider: Generic IMAP.

Enter:

Host: mail.example.org

Port: 993

Use TLS: enabled

Allow insecure cert: enabled

Username: full email address

Password: valid mailbox password

Click Submit.

Observe the error:

Authentication Failed
Unauthorized: Invalid token

Expected behavior
Open Archiver should authenticate using AUTH LOGIN or AUTH PLAIN when those mechanisms are advertised by the IMAP server and successfully create the ingestion source.

Screenshots
Not provided.

System:

Open Archiver Version: v0.3.3

IMAP Server: cPanel / Dovecot

TLS: Enabled

Certificate: Valid Let’s Encrypt wildcard certificate

Relevant logs:
IMAP server capability and TLS verification (via openssl s_client):

  • OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE
    AUTH=PLAIN AUTH=LOGIN] Dovecot ready.

TLS handshake and certificate verification succeed with no errors.

Additional context

The IMAP server does not support OAuth or token-based authentication.

Only AUTH=LOGIN and AUTH=PLAIN are advertised (standard for cPanel/Dovecot).

Other Generic IMAP sources (e.g., Gmail) work correctly in the same Open Archiver instance.

This appears to be a failure to properly fall back to AUTH LOGIN / AUTH PLAIN when token-based mechanisms are not available.

*Originally created by @richieboo on 12/31/2025* Describe the bug Generic IMAP ingestion fails against a cPanel/Dovecot IMAP server with the error: Authentication Failed Unauthorized: Invalid token This occurs even though the mailbox credentials are correct and the server supports standard IMAP authentication mechanisms. Webmail and standard email clients authenticate successfully using the same credentials. To Reproduce Steps to reproduce the behavior: Deploy Open Archiver (v0.3.3). Go to Ingestions → Create New. Select Provider: Generic IMAP. Enter: Host: mail.example.org Port: 993 Use TLS: enabled Allow insecure cert: enabled Username: full email address Password: valid mailbox password Click Submit. Observe the error: Authentication Failed Unauthorized: Invalid token Expected behavior Open Archiver should authenticate using AUTH LOGIN or AUTH PLAIN when those mechanisms are advertised by the IMAP server and successfully create the ingestion source. Screenshots Not provided. System: Open Archiver Version: v0.3.3 IMAP Server: cPanel / Dovecot TLS: Enabled Certificate: Valid Let’s Encrypt wildcard certificate Relevant logs: IMAP server capability and TLS verification (via openssl s_client): * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. TLS handshake and certificate verification succeed with no errors. Additional context The IMAP server does not support OAuth or token-based authentication. Only AUTH=LOGIN and AUTH=PLAIN are advertised (standard for cPanel/Dovecot). Other Generic IMAP sources (e.g., Gmail) work correctly in the same Open Archiver instance. This appears to be a failure to properly fall back to AUTH LOGIN / AUTH PLAIN when token-based mechanisms are not available.
MrUnknownDE added the bugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbug labels 2026-04-05 16:16:21 +02:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
documentation
documentation
duplicate
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
good first issue
help wanted
help wanted
help wanted
help wanted
improvement
improvement
question
question
No Label bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
MrUnknownDE
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github/OpenArchiver#68
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?