Hi again, I have been reading the source code of pop3proxyd this aftrenoon looking for the cause of my problem. I noticed the following in the function proxy_authenticate() of pop3proxyd.c (around line 1222) :
--- /* we now do the actual SASL exchange */ r = sasl_client_start(backend_saslconn, config_getstring(buf, "KERBEROS_V4"), NULL, &out, &outlen, &mechusing); if ((r != SASL_OK) && (r != SASL_CONTINUE)) { return r; } --- If I understand correctly, pop3proxyd will only attempt KERBEROS_V4 to authenticate to the backend. Is that correct ? Thanks in advance for your answer ! On Fri, Mar 07, 2003 at 02:00:02PM -0500, Etienne Goyer wrote: > Hi, > > I have another problem with my Murder setup. So far, I have it working > fine with a frontend, a backend and an MUPDATE server on separate > machine for IMAP. All my server are configured to authenticate via > saslauthd, which in turn is authenticating to LDAP. Here is the > imapd.conf on the frontend : > > --- > configdirectory: /var/imap > partition-default: /var/spool/imap > admins: cyrus > sasl_mech_list: PLAIN > sasl_pwcheck_method: saslauthd > > # Murder stuff > imap1_password: ************** > proxy_authname: murder > mupdate_server: ldap1 > mupdate_username: cyrus > mupdate_authname: cyrus > mupdate_password: *********** > --- > > Here is the saslauthd.conf on the frontend : > > --- > ldap_servers: ldap://ldap1.test.com/ > ldap_bind_dn: cn=Manager,dc=test,dc=com > ldap_bind_pw: ********************* > ldap_search_base: ou=people,dc=test,dc=com > --- > > With an account that work correctly using IMAP (with Mozilla Mail and > imtest), I have the following result : > > --- > [EMAIL PROTECTED] root]# telnet localhost 110 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > +OK www1.test.com Cyrus POP3 Murder v2.1.12 server ready <[EMAIL PROTECTED]> > user egoyer > +OK Name is a valid mailbox > pass ******** > -ERR Authentication to backend server failed > Connection closed by foreign host. > --- > > In auth.log on the frontend, I have the following : > > --- > Mar 7 13:48:50 www1 pop3d[19251]: No worthy mechs found > --- > > Beside the reason why I get this error and what I could do about it, I > would be curious to know how pop3proxyd operate. Is it : > > 1. Client open POP connection on frontend, frontend validate by whichever > mean it is configured for (in my case, saslauthd), open an IMAP > connection on the backend, translate POP <-> IMAP to satisfy client > command. > > OR > > 2. Client open POP connection on frontend, get client credentials, open > POP session on the backend using these credentials and just forward POP > command/response from client to server and vice-versa. > > Thanks for your answer ! > > > -- > Etienne Goyer Linux Québec Technologies Inc. > http://www.LinuxQuebec.com [EMAIL PROTECTED] > PGP Pub Key: http://www.LinuxQuebec.com/pubkeys/eg.key > Fingerprint: F569 0394 098A FC70 B572 5D20 3129 3D86 8FD5 C853 -- Etienne Goyer Linux Québec Technologies Inc. http://www.LinuxQuebec.com [EMAIL PROTECTED] PGP Pub Key: http://www.LinuxQuebec.com/pubkeys/eg.key Fingerprint: F569 0394 098A FC70 B572 5D20 3129 3D86 8FD5 C853