Blake Hudson wrote: >> Agreed. A possible work around until you figure out the issue would be >> to add '-p 256' within cyrus.conf, for your pop3 entry (see man pop3d). >> >> That would emulate a sasl security layer of 256 bits, and would be >> treated as if you had connected via SSL when you hadn't. >> >> - Dan >> > > That does indeed resolve the issue, so do you think this is a Cyrus SASL > problem or a Cyrus IMAP (POP) problem? > > Also, do you have the same -p option specified? I'm wondering if others > are experiencing the same problem - all of our servers are on the same > version of cyrus 2.3.7 (from RHEL) or older and seem to exhibit the same > behavior. > > --Blake >
I do not have it specified on my primary cyrus store. My relevant configuration: neo:~# grep 'sasl\|plaintext' /etc/imapd.conf | grep -v '^#' allowplaintext: yes sasl_mech_list: LOGIN PLAIN CRAM-MD5 DIGEST-MD5 GSSAPI OTP EXTERNAL sasl_pwcheck_method: auxprop saslauthd sasl_keytab: /etc/krb5.keytab-mailstore sasl_auxprop_plugin: ldapdb sasl_ldapdb_uri: ldap://hiro.olp.net ldap://ando.olp.net sasl_ldapdb_mech: GSSAPI sasl_ldapdb_canon_attr: uid pop3_sasl_canon_user_plugin: ldapdb sasl_log_level: 7 sasl_auto_transition: no neo:~# cat /etc/cyrus.conf | grep -v '#' | grep 'pop\|imap' imap cmd="imapd -U 30 -D" listen="imap" prefork=0 maxchild=200 imapunix cmd="imapd -U 30" listen="/var/run/cyrus/socket/imap" prefork=0 maxchild=100 imaps cmd="imapd -s -U 30" listen="imaps" prefork=0 maxchild=200 pop3 cmd="pop3d -U 30" listen="pop3" prefork=0 maxchild=200 pop3unix cmd="pop3d -U 30" listen="/var/run/cyrus/socket/pop3" prefork=0 maxchild=100 pop3s cmd="pop3d -s -U 30" listen="pop3s" prefork=0 maxchild=100 I'm running version 2.3.12. However, on an older server, I *do* have the -p option specified for my imap sessions, probably because I ran into a similar situation as you, but I was too lazy dig in to the real issue. That server is running 2.3.10, and has this configuration (i don't use pop3 on this server): gandalf:~# grep 'sasl\|plaintext' /etc/imapd.conf | grep -v '^#' allowplaintext: yes sasl_mech_list: PLAIN GSSAPI sasl_pwcheck_method: saslauthd sasl_keytab: /etc/krb5.keytab-mailstore sasl_auto_transition: no gandalf:~# cat /etc/cyrus.conf | grep -v '#' | grep 'pop\|imap' imap cmd="imapd -U 30 -p 256 -D" listen="imap" prefork=0 maxchild=100 provide_uuid=2 imapunix cmd="imapd -U 30 -p 256 -D" listen="/var/run/cyrus/socket/imap" prefork=0 maxchild=100 provide_uuid=2 imaps cmd="imapd -s -U 30" listen="imaps" prefork=0 maxchild=100 provide_uuid=2 pop3 cmd="pop3d -U 30" listen="pop3" prefork=0 maxchild=50 provide_uuid=2 pop3s cmd="pop3d -s -U 30" listen="pop3s" prefork=0 maxchild=50 provide_uuid=2 - Dan ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
