OK, I got it working but I had to comment out part of the code in index.php:
/*-------------------------------------*
// try to log in
if ($_action=='login' && $_task=='mail')
{
$host = $_POST['_host'] ? $_POST['_host'] : $CONFIG['default_host'];
// check if client supports cookies
if (empty($_COOKIE))
{
show_message("cookiesdisabled", 'warning');
}
else if (isset($kuser) && isset($kpass) && rcmail_login($kuser, $kpass, $host))
{
// send redirect
header("Location: $COMM_PATH");
exit;
}
else
{
show_message("loginfailed", 'warning');
$_SESSION['user_id'] = '';
}
}
// end session
else if ($_action=='logout' && isset($_SESSION['user_id']))
{
show_message('loggedout');
rcmail_kill_session();
}
// check session cookie and auth string
else if ($_action!='login' && $sess_auth && $_SESSION['user_id'])
{
if ($_auth !== $sess_auth || $_auth != rcmail_auth_hash($_SESSION['client_id'], $_SESSION['auth_time']) ||
($CONFIG['session_lifetime'] && isset($SESS_CHANGED) && $SESS_CHANGED + $CONFIG['session_lifetime']*60 < mktime()))
{
$message = show_message('sessionerror', 'error');
rcmail_kill_session();
}
}
/*-------------------------------------*/