Simon Matter írta: >>>> I have a postfix relay server and a (local) cyrus imap server on the >>>> same machine. Everything was fine until I thought, I change the imap >>>> authentication from sasldb to saslauth, to have global authentication >>>> on postfix and cyrus.<br> >>>> Postfix uses saslauthd, which is configured for PAM. It works >>>> perfectly, with plain/login/cram/digest mechanisms, with or without >>>> tls/ssl, absolutely no problems with it. Saslauth tests are all fine >>>> obviously.<br> >>>> So I decided to use this with cyrus imap too. Set it to use the same >>>> saslauth daemon, and plain, login, cram-md5 and digest-md5 mechs.<br> >>>> Since then, I can not login with plain or login mechs, because they >>>> aren't being offered at all by cyrus imapd. I can login with cram or >>>> digest fine.<br> >>>> I understand that plain login isn't offered by default, only after a >>>> successfull tls session setup, but if I understand correctly, the >>>> "allowplaintext: yes" option should still force imapd to offer plain >>>> logins. But it doesn't. I tried it with different sasl_min|max_levels, >>>> to no avail.<br> >>>> >>>> >>> "allowplaintext: 1" should indeed enable plain. At least that works well >>> for me. I expect you are using the packages from a distribution, maybe >>> they have added some kind of "security" patches to make things more >>> safe? >>> Could you try with the following line in your cyrus config: >>> >>> sasl_mech_list: PLAIN >>> >>> Regards, >>> Simon >>> >>> >>> >> yes, the server is running ubuntu 7.04 i386, 2.6.20-17-generic, and >> postfix and cyrus are installed via the ubuntu repositiories. >> > > Can you check which cyrus-sasl-* packages you have installed? Most > distributions split cyrus-sasl into multiple packages and maybe you have > not installed the -plain package? > > Simon > >
I have these installed: cyrus-admin-2.2 (2.2.13-10ubuntu2), cyrus-clients-2.2 (2.2.13-10ubuntu2), cyrus-common-2.2 (2.2.13-10ubuntu2), cyrus-imapd-2.2 (2.2.13-10ubuntu2), cyrus-murder-2.2 (2.2.13-10ubuntu2), libauthen-sasl-cyrus-perl (0.13-server-1), libauthen-sasl-perl (2.10-1), libcyrus-imap-perl22 (2.2.13-10ubuntu2), libsasl2-2 (2.1.22.dsfg1-8ubuntu2), libsasl2-modules (2.1.22.dfsg1-8ubuntu2), sasl2-bin (2.1.22.dfsg1-8ubuntu2) And these AREN'T installed: libsasl2-modules-gssapi-heimdal, libsasl2-modules-gssapi-mit, libsasl2-modules-ldap, libsasl2-modules-otp, libsasl2-modules-sql. Can't seem to find separate -plain packages or anything similar. Postfix shows this, when in smtpd.conf the mech_list is set to PLAIN only: Apr 24 11:13:56 localhost postfix/smtpd[8026]: connect from client4[192.168.2.126] Apr 24 11:13:56 localhost postfix/smtpd[8026]: 4C4319CDF8: client=client4[192.168.2.126], sasl_method=PLAIN, sasl_username=u...@piller-server when it's set to LOGIN only: Apr 24 11:16:42 localhost postfix/smtpd[8178]: connect from client4[192.168.2.126] Apr 24 11:16:42 localhost postfix/smtpd[8178]: 839B69CDF8: client=client4[192.168.2.126], sasl_method=LOGIN, sasl_username=u...@piller-server with CRAM-MD5 only: Apr 24 11:18:24 localhost postfix/smtpd[8299]: connect from client4[192.168.2.126] Apr 24 11:18:24 localhost postfix/smtpd[8299]: 8164B9CDF8: client=client4[192.168.2.126], sasl_method=CRAM-MD5, sasl_username=u...@piller-server Janos ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html