S: * OK xxxxxxxxxxxxxxx Cyrus IMAP4 v2.1.11 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS AUTH=DIGEST-MD5 AUTH=CRAM-MD5 LISTEXT LIST-SUBSCRIBED
S: C01 OK Completed
--On Friday, January 31, 2003 16:34 -0500 Ken Murchison <[EMAIL PROTECTED]> wrote:
Hank Beatty wrote:OK. That makes sense. Are there any SASL mechs that can use PAM?Like Rob said, just PLAIN, which will require you to use STARTTLS, which is only in 2.2. That being said, since you will likely only have one or two proxy admins, you could just put them in sasldb2 and use DIGEST-MD5.----- Original Message ----- From: "Rob Siemborski" <[EMAIL PROTECTED]> To: "Hank Beatty" <[EMAIL PROTECTED]> Cc: "Cyrus-Info" <[EMAIL PROTECTED]> Sent: Friday, January 31, 2003 3:18 PM Subject: Re: Murder and Backend Authentication > You aren't offering any SASL mechanisms. I believe the 2.2 code > even supports STARTTLS (and therefore PLAIN). > > You need to support a SASL mechanism that allows proxy > authentication. The regular IMAP login command isn't good enough. > > -Rob > > On Fri, 31 Jan 2003, Hank Beatty wrote: > > > And when I use imtest: > > > > [root@draco root]# imtest -u hbeatty -a hbeatty localhost > > S: * OK draco Cyrus IMAP4 v2.2.prealpha server ready > > C: C01 CAPABILITY > > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ > > MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT > > CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT > > THREAD=REFERENCES IDLE > > MUPDATE=mupdate://zeus.email.starband.net/ > > S: C01 OK Completed > > Please enter your password: > > C: L01 LOGIN hbeatty {4} > > S: + go ahead > > C: <omitted> > > S: L01 OK User logged in > > Authenticated. > > Security strength factor: 0 > > > > ----- Original Message ----- > > From: "Rob Siemborski" <[EMAIL PROTECTED]> > > To: "Hank Beatty" <[EMAIL PROTECTED]> > > Cc: "Cyrus-Info" <[EMAIL PROTECTED]> > > Sent: Friday, January 31, 2003 2:29 PM > > Subject: Re: Murder and Backend Authentication > > > > > > > What SASL mechanism are you using between your frontend and > > > backends? > > > > > > Or rather, what mechanisms are your backends advertising? > > > > > > -Rob > > > > > > On Fri, 31 Jan 2003, Hank Beatty wrote: > > > > > > > I'm working on getting a Murder setup and I can authenticate > > > > and pull > > mail > > > > directly from the backend server. > > > > > > > > However, when I try to proxy the connection I get this in > > /var/log/messages > > > > on the proxy/master: > > > > > > > > Jan 31 13:40:35 zeus pop3[5437]: login: > > > > SERVER[192.168.247.241] hbeatty > > > > plaintext > > > > Jan 31 13:40:35 zeus pop3[5437]: couldn't authenticate to > > > > backend > > server: no > > > > mechanism available > > > > Jan 31 13:40:35 zeus pop3[5437]: couldn't authenticate to > > > > backend server > > > > > > > > I get this in /var/log/imapd.log on the backend server: > > > > > > > > Jan 31 13:45:01 draco pop3[32718]: accepted connection > > > > Jan 31 13:45:01 draco master[32724]: about to exec /usr/cyrus/bin/pop3d > > > > Jan 31 13:45:01 draco master[32688]: process 32718 exited, > > > > status 0 Jan 31 13:45:01 draco pop3[32724]: executed > > > > > > > > With this in mind it would seem that when using the proxy the > > authentication > > > > method is different somehow. Is this correct? > > > > > > > > > > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > > > -=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 > > > * 412-268-7456 Research Systems Programmer * /usr/contributed > > > Gatekeeper > > > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > -=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * > 412-268-7456 Research Systems Programmer * /usr/contributed > Gatekeeper >-- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
------------------------ | Eric S. Pulley | | Sr. Unix Administrator | | Hamilton Partners | | +1.707.431.4300 | | <[EMAIL PROTECTED]> | ------------------------
msg10765/pgp00000.pgp
Description: PGP signature
