PAM Auth with SASL 2.1.15
Hi All,
I have a working Cyrus Imap
2.1.11 implimentation using SASL 2.1.10, which auths vs. local accounts via PAM.
using the following configs, however due to RH's EOL in December we are being
forced to migrate to RHEL 3 in about a month. I have a test box running RHL 9
(similar to RHEL 3), however I cannot seem to get the auth working with current
stable Imap/Sasl.
Errors:
Nov 10 20:02:01 fac-imap-test su(pam_unix)[28930]:
session opened for user dchait by root(uid=0)Nov 10 20:02:10 fac-imap-test
imap(pam_unix)[28925]: authentication failure; logname= uid=0 euid=0 tty= ruser=
rhost= user=dchaitNov 10 20:02:13 fac-imap-test saslauthd[28925]:
do_auth : auth failure:
[user=dchait] [service=imap] [realm=] [mech=pam] [reason=PAM auth error]Nov
10 20:02:13 fac-imap-test imapd[28975]: badlogin:
localhost.localdomain[127.0.0.1] plaintext dchait SASL(-13): authentication
failure: checkpass failedNov 10 20:02:27 fac-imap-test su(pam_unix)[28930]:
session closed for user dchait
imapd.conf
configdirectory: /var/imappartition-default:
/mailadmins: root cyrusallowanonymouslogin: nosasl_pwcheck_method:
saslauthdsasl_mech_list: plain
cyrus.conf
# standard standalone server
implementation
START { # do not delete this
entry! recover cmd="ctl_cyrusdb
-r"
# this is only necessary if using idled for
IMAP IDLE#
idled
cmd="idled"}
# UNIX sockets start with a slash and are put into
/var/imap/socketSERVICES { # add or remove based on
preferences imap
cmd="imapd" listen="imap" prefork=0
imaps cmd="imapd -s"
listen="imaps" prefork=0#
pop3 cmd="pop3d" listen="pop3"
prefork=0#
pop3s
cmd="pop3d -s" listen="pop3s" prefork=0
sieve cmd="timsieved"
listen="sieve" prefork=0
# at least one LMTP is required for
delivery# lmtp
cmd="lmtpd" listen="lmtp" prefork=0
lmtpunix cmd="lmtpd"
listen="/var/imap/socket/lmtp" prefork=0
# this is only necessary if using
notifications# notify
cmd="notifyd" listen="/var/imap/socket/notify" proto="udp"
prefork=1}
EVENTS { # this is required
checkpoint cmd="ctl_cyrusdb -c" period=30
# this is only necessary if using duplicate
delivery suppression delprune
cmd="ctl_deliver -E 3" period=1440
# this is only necessary if caching TLS
sessions tlsprune cmd="tls_prune"
period=1440}
/etc/rc
/usr/cyrus/bin/master
&/usr/local/sbin/saslauthd -a pam &/usr/libexec/postfix/master
&
/etc/pam.d/imap
auth
required
pam_nologin.soauth
required pam_stack.so
service=system-authaccount
required pam_stack.so
service=system-authsession
required pam_stack.so service=system-auth
Cyrus 2.2.2 BETA RENAME+DELETE Problem
Hello, I have been testing Cyrus-imapd-2.2.2 beta for a while and found a strange problem. The RENAME command is supposed to work as COPY+DELETE ie. It copy the old name to a new name and delete the old one. I have the cyrus admin defined in /etc/imapd.conf: admins: cyrus Since I use LDAP, the admin record is kept in LDAP as well. The odd behaviour is that I can not touch any mailbox starting with "cyrus" such as "cyrus2", "cyrus123" etc. The result is that the rename command will left the old mailbox starting with "cyrus" and have the new one created. The "setacl" doesn't help as all. I just cannot delete these mailboxes. No problem found to other name. I don't if it is the design behaviour but it seems doesn't make sense. I would like to know if I add one more admin like "admin" in imapd.conf and then login as this user, the response can be different? Thanks Patrick
Re:
How can I fix this? Hardware is ok, this is just I think a database problem of cyrus. Has anybody an idea how to get back to normal with keeping all my emails? While I don't think I can help you, not knowing too much about the innards of Cyrus or problems with it, I can suggest a bit more information you could provide to make your question easier to answer. In particular, if you could post your operating system, OS version, Cyrus version, and Sendmail version that could be helpful to someone trying to answer. It'd also be useful to know what mail client you use. You might want to have a look in /var/spool/imap/user/$USERNAME and see how many messages are /really/ in the database. Don't change anything there, as it's all indexed carefully, but it's quite safe to look. Perhaps horde is right? If you're game, running an strace on imapd as it accepts the connection could also be helpful for telling you what's going on. If you're on *BSD I think it's called ptrace. It'll be very verbose, but if you redirect the output to a file and look over it later it can tell you a lot about what the program did just before dying. Craig Ringer
Sender address of rejected sieve mails ?
Hi @all, I have setuped sieve today - it is a system with more than one domain. For vacation messages everything is fine - for rejected mails not. The problem is, that the sender of the email is everytime the values of "postmaster" and "servername" defined in imapd.conf - but I have multiple domains and would like to take the correct domain-name for the bounced message. I have played around with the options for "/bin/deliver" but it does not work. lmtp is used und the deliver programm is called with "-l" - I have also tried "-r" with the needed parameters. I am using exim 4.24. Where is the trick ? Thanks, Sebastian
Re: folders not seen by email clients
On 10 Nov 2003, Giridhar Raichur wrote: > When I use cyradm to create folders called tmp and spam the email > clients can't see them. > > The output from cyradm follows: > > localhost.localdomain> lam tmp > gzzr lrswipcda > cyrus c > localhost.localdomain> lam spam > gzzr lrswipcda > cyrus c > > However, folders that are created using the email client are fine. > > Thanks. Are you trying to create these folders inside each user's mailbox, or are you trying to create shared folders? If you are trying to create folders inside the user's mailbox, you need to do something like: cm user.gzzr.tmp Hope this helps, Andy
Sendmail rules for delivering to user@domain1 local and user@doma in2 cyrus
Running FreeBSD (4.7R) with Sendmail 8.12.9 and Cyrus 2.2.2 BETA... I have two domains on this box with a user that exists in both domains. I want email for [EMAIL PROTECTED] to be delivered via sendmail:local as if cyrus weren't around (which it does) and email for [EMAIL PROTECTED] to be delivered via cyrus to be picked up imap/pop. Currently, email to [EMAIL PROTECTED] gets delivered via sendmail:local because the rules have stripped off the domain. My sendmail rule writing is pretty rusty and I didn't find anything quite like what I want to do in searching the more recent (~last 6 months) of archives. Has anyone written the rules to forward the virtual domain 'domain2' to cyrus? BTW: If the user only exists on the domain2 side, or if I define cyrus to be the local mailer, then I can get the mail via imap/pop so I know everything works. It's just a matter of making the correct decision of which delivery app to use. Thanks. Joseph Thomas Sr. Software Engr. CNT 6000 Nathan Lane No Plymouth, MN 55442 (763) 268-8133 [EMAIL PROTECTED]
hardware for cyrus murder
We are in the process of converting UW Imap to Cyrus Imap. We have about 10K users using about 100K mailboxes. We anticipate the number of users to increase to 15K. I looked at http://asg.web.cmu.edu/cyrus/ocnfig.html that describes Cyrus Configuration for murder hardware. What is not clear to me is the basis for determining the number of frontend servers and backend servers. I would appreciate any help or pointers to additional documentation. Thanks.
folders not seen by email clients
When I use cyradm to create folders called tmp and spam the email clients can't see them. The output from cyradm follows: localhost.localdomain> lam tmp gzzr lrswipcda cyrus c localhost.localdomain> lam spam gzzr lrswipcda cyrus c However, folders that are created using the email client are fine. Thanks.
[no subject]
Hi there, I have cyrus installed along with sendmail. Now I recieved hundreds of equal emails. The result is, that I cant acdess my inbox anymore. My email client tells me 400 emails in the inbox, but cant access the headers because the server is down. It is not, I can access all other email folders but not the inbox. A local client (horde) just says 0 emails. and it cant read new emails on the box. /var/adm/imapd.log says the following: Nov 10 16:14:54 p15091666 imapd[25690]: seen_db: user andy opened /var/imap/user/a/andy.seen Nov 10 16:14:54 p15091666 imapd[25690]: open: user andy opened INBOX Nov 10 16:14:54 p15091666 master[307]: process 25690 exited, signaled to death by 7 How can I fix this? Hardware is ok, this is just I think a database problem of cyrus. Has anybody an idea how to get back to normal with keeping all my emails? Thanx for any help on that! Samanta -- NEU FÜR ALLE - GMX MediaCenter - für Fotos, Musik, Dateien... Fotoalbum, File Sharing, MMS, Multimedia-Gruß, GMX FotoService Jetzt kostenlos anmelden unter http://www.gmx.net +++ GMX - die erste Adresse für Mail, Message, More! +++
Re: removal of dups from existing mailboxes
-- On Tuesday, November 04, 2003 13:54:45 -0500 Noah Meyerhans wrote: Hi all. I've got a user who has managed to re-upload a lot of duplicate messages into a number of his IMAP folders. I'd like to help him get rid of them, if possible. Is there a way to prune duplicate messages from existing mail folders, rather than at lmtp delivery? I'm using Cyrus imapd 2.1.15. If Cyrus doesn't have this functionality built-in, does anybody know of a third party tool to do it? Hi! It may be a little bit late, but I wrote a perl script for exactly that purpose. Some comments are in german and no warranty as usual, but it works for me. It doesn't expunge but set only the deleted flag. Michael -- Michael Fischer v. Mollard, network administration Heise Zeitschriften Verlag GmbH & Co KG Helstorfer Straße 7 D-30625 Hannover Tel: +49 511 5352 477; Email: [EMAIL PROTECTED] cyrus_search_dups.pl Description: Perl program
