Birger Toedtmann schrieb: > > Mathias Koerber schrieb am Thu, Apr 11, 2002 at 12:35:46PM +0800: > > I have only problems getting IMAPD-2.1.3 to work on my RH7.2 system. > > > > I removed all prior instances I had compiled and totally re-made > > both SASLv2 (2.1.2) and IMAPD 2.1.3 (from the source RPMS announced > [...] > > sasl_pwcheck_method: saslauthd > > > > I have started saslauthd using pam: > > root 3190 0.0 0.1 2220 712 ? S 12:28 0:00 saslauthd -a > > pam > [...] > > > > yet when using cyradm, I cannot authenticate: > > > > [root@noisy log]# cyradm -user mathias localhost > > Password: > > cyradm: cannot authenticate to server with as mathias > [...] > > > > 1. I don't understand why imapd tries authenticating against sasldb2 if I > > told it to use > > saslauthd? > > Because imtest would like to faciliate an XXX-MD5 method because your CAPABILITY > banner suggests so. imtest does not circle through methods as some mail clients > do. It would not do "first DIGEST-MD5, then CRAM-MD5, then PLAIN". > > As you cannot faciliate DIGEST-MD5, CRAM-MD5 and the like with saslauthd, this > would surely fail. To have imtest use a method that is conforming to your un- > derlying user authentication, try > > $ cyradm -auth login -user mathias localhost > > - this works fine with my saslauth-based setups. > > > > > 2. I also cannot get 'sasl_pwcheck_method: pam' to work directly from > > /etc/inetd.conf, even > > though I compiles imapd with --with-pam > > > > Apr 11 12:12:53 noisy imapd[2732]: unknown password verifier pam > > SASL2 does PAM _only_ through saslauthd method. This is different from SASL1.
If you only want to use PAM for auth, you may also want to put the following in /etc/imapd.conf: sasl_mech_list: PLAIN Otherwise you will experience problems with sieveshell because the -auth option is missing there IIRC. -Simon > > Regards, > > Birger
