Re: Problem with direct delivery to cyrus subfolder...
On Mon, 2005-08-22 at 17:18 +0200, Sylvain MEDEOT wrote: Hi, this question has nothing to do with Cyrus, it's more related to Postfix (and maybe Mailscanner). In the logs, I get the following : [...] Aug 20 10:24:01 aldebaran MailScanner[10654]: Uninfected: Delivered 1 messages Aug 20 10:24:01 aldebaran postfix/qmgr[10696]: 46005137: from=[EMAIL PROTECTED], size=855, nrcpt=1 (queue active) Aug 20 10:24:01 aldebaran postfix/lmtp[10784]: 46005137: to=[EMAIL PROTECTED], orig_to=[EMAIL PROTECTED], relay=/var/spool/postfix/public/lmtp[/var/spool/postfix/public/lmtp], delay=21, status=sent (250 2.1.5 Ok) [...] Looks like postfix strips +partage extension before delivering it to Postfix. Have you tried asking on postfix-users list? But anyway, try to disable Mailscanner first (for testing time) and see what happens, Well, at least your logs will be much simpler :-) Ondrej. -- Ondrej Sury [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Info-cyrus Digest, Vol 1, Issue 12
You are mixing auxprop and saslauthd methods. It looks like your saslauthd is using pam database, which is really different from /etc/sasldb2 I recommend you to read carefully documentation to Cyrus IMAP and Cyrus SASL (which are two different things). Ondrej. -- Ondrej Sury [EMAIL PROTECTED] I tried both shadow and pam for .../pam.d/saslauthd. Neither worked. I got it working allright without meddling with this last week. So I wonder whats the magic directive that will make everything fall in place... I'll have a look at sasl docs now. Thanks Rgrds -- Nonchalantly yours GobbledeGeek [Every thing but Gobbledegook.. !!] Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: saslauthd
Pardon - I mentioned the wrong file name. I meant /etc/sysconfig/saslauthd. Rgrds On 8/23/05, Gobbledegeek [EMAIL PROTECTED] wrote: You are mixing auxprop and saslauthd methods. It looks like your saslauthd is using pam database, which is really different from /etc/sasldb2 I recommend you to read carefully documentation to Cyrus IMAP and Cyrus SASL (which are two different things). Ondrej. -- Ondrej Sury [EMAIL PROTECTED] I tried both shadow and pam for .../pam.d/saslauthd. Neither worked. I got it working allright without meddling with this last week. So I wonder whats the magic directive that will make everything fall in place... I'll have a look at sasl docs now. Thanks Rgrds -- Nonchalantly yours GobbledeGeek [Every thing but Gobbledegook.. !!] -- Nonchalantly yours GobbledeGeek [Every thing but Gobbledegook.. !!] Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
cyradm script
hello, I try to make a script to automate creation of users with cyradm but I haven't found the way to pass the password to cyradm automatically does somebody already did it ? Patrice Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: saslauthd
OK I got it working with sasl_pwcheck-method = auxprop in /etc/imapd.conf. But why isn't there a simple statement advising this in the loads of documentation? So much time wasted for want of a simple communiqe. I think Open source programmers need to be kicked off their high chairs and put in labor camps en masse - where they will be chained and forced to rewite thier documentation day and night - the entire man/info pages and other docs - on a diet of single bowl of gruel, until they complete the work. [EMAIL PROTECTED] programmers! On 8/23/05, Gobbledegeek [EMAIL PROTECTED] wrote: You are mixing auxprop and saslauthd methods. It looks like your saslauthd is using pam database, which is really different from /etc/sasldb2 I recommend you to read carefully documentation to Cyrus IMAP and Cyrus SASL (which are two different things). Ondrej. -- Ondrej Sury [EMAIL PROTECTED] I tried both shadow and pam for .../pam.d/saslauthd. Neither worked. I got it working allright without meddling with this last week. So I wonder whats the magic directive that will make everything fall in place... I'll have a look at sasl docs now. Thanks Rgrds -- Nonchalantly yours GobbledeGeek [Every thing but Gobbledegook.. !!] -- Nonchalantly yours GobbledeGeek [Every thing but Gobbledegook.. !!] Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
cyrus-imapd 2.2 and timsieved problems
Hi,
I'm unable to do a successfull PLAIN authentication with timsieved on
cyrus-imapd 2.2 (tried with 2.2.3 and 2.2.12).
I've no problem to authenticate with timsieved of 2.1.16, however.
I have a test user called choeger with password system. I'm able to
authenticate against imapd without problems:
telnet localhost imap
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK d141 Cyrus IMAP4 v2.2.3 server ready
. auth plain
. BAD Please login first
. authenticate plain
+
Y2hvZWdlcgBjaG9lZ2VyAHN5c3RlbQ==
. OK Success (no protection)
(Note: I enabled PLAIN without using TLS/SSL in removing SASL_SEC_NOPLAINTEXT
from secprops in imapd.c)
The same authstring does not work with timsieved:
telnet localhost sieve
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
IMPLEMENTATION Cyrus timsieved v2.2.3
SASL LOGIN PLAIN
SIEVE fileinto reject envelope vacation imapflags notify subaddress
relational regex
OK
AUTHENTICATE PLAIN {33+}
Y2hvZWdlcgBjaG9lZ2VyAHN5c3RlbQ==
NO Authentication Error
Connection closed by foreign host.
On an old server running 2.1.16 it works:
telnet imapdevel sieve
Trying 10.10.0.9...
Connected to imapdevel.
Escape character is '^]'.
IMPLEMENTATION Cyrus timsieved v2.1.16
SASL LOGIN PLAIN
SIEVE fileinto reject envelope vacation imapflags notify subaddress
relational regex
STARTTLS
OK
AUTHENTICATE PLAIN {33+}
Y2hvZWdlcgBjaG9lZ2VyAHN5c3RlbQ==
OK
Even worse: When I use sieveshell to contact timsieved of cyrus-imapd 2.2,
timsieved segfaults. This is the ethereal captured protocol:
IMPLEMENTATION Cyrus timsieved v2.2.3
SASL LOGIN PLAIN
SIEVE fileinto reject envelope vacation imapflags notify subaddress
relational regex
OK
AUTHENTICATE LOGIN
{12}
VXNlcm5hbWU6
{12+}
Y2hvZWdlcg==
{12}
UGFzc3dvcmQ6
{12+}
U2FsYWhtMQ==
NO Authentication Error
AUTHENTICATE PLAIN {32+}
Y2hvZWdlcgBjaG9lZ2VyAFNhbGFobTE=
NO Authentication Error
OK Logout Complete
And then, timsieved segfaults.
This is the backtrace of timsieved:
#1 0x40035617 in sasl_server_start (conn=0x8138728, mech=0x81344e4 PLAIN,
clientin=0x817d860 choeger, clientinlen=22, serverout=0xbfffc6c8,
serveroutlen=0xbfffc6c4) at server.c:1303
#2 0x0805156c in cmd_authenticate (sieved_out=0x8134298, sieved_in=0x8134228,
mechanism_name=0x81344e0, initial_challenge=0x817db78, errmsg=0xbfffd748)
at parser.c:524
#3 0x08050d8d in parser (sieved_out=0x8134298, sieved_in=0x8134228)
at parser.c:181
#4 0x0805051e in cmdloop () at timsieved.c:163
#5 0x0805099f in service_main (argc=1, argv=0x8132008, envp=0xb51c)
at timsieved.c:289
#6 0x0804db0f in main (argc=1, argv=0xb514, envp=0xb51c)
at service.c:546
The code in line 1303 of lib/server.c (that's sourcecode of cyrus-sasl version
2.1.18, most recent version == same behaviour):
s_conn-mech-plug-mech_dispose(conn-context,
s_conn-sparams-utils);
Using a debugger shows, that s_conn-mech-plug-mech_dispose() points to 0 in
that case.
I'm currently trying to find out, where the problem is. I can't say, that I am
a SASL expert, so any help is appreciated.
--
With best regards,
Carsten Hoeger
pgplmv3TDCNPJ.pgp
Description: PGP signature
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: saslauthd
On Tue, 2005-08-23 at 14:31 +0530, Gobbledegeek wrote: OK I got it working with sasl_pwcheck-method = auxprop in /etc/imapd.conf. But why isn't there a simple statement advising this in the loads of documentation? So much time wasted for want of a simple communiqe. [...useless rant...] [EMAIL PROTECTED] programmers! [EMAIL PROTECTED] users who cannot read documentation? Even if somebody recommends them to read it? from doc/sysadmin.html (from cyrus-sasl distribution tarball): --cut here-- The principal concern for system administrators is how the authentication identifier and password are verified. The Cyrus SASL library is flexible in this regard: auxprop checks passwords agains the userPassword attribute supplied by an auxiliary property plugin. For example, SASL ships with a sasldb auxiliary property plugin, that can be used to authenticate against the passwords stored in /etc/sasldb2. Since other mechanisms also use this database for passwords, using this method will allow SASL to provide a uniform password database to a large number of mechanisms. saslauthd contacts the saslauthd daemon to to check passwords using a variety of mechanisms. More information about the various invocations of saslauthd can be can be found in saslauthd(8). Generally you want something like saslauthd -a pam. If plaintext authentications seem to be taking some time under load, increasing the value of the -n parameter can help. Saslauthd keeps its named socket in /var/state/saslauthd by default. This can be overridden by specifying an alternate value to --with-saslauthd=/foo/bar at compile time, or by passing the -m parameter to saslauthd (along with setting the saslauthd_path SASL option). Whatever directory this is, it must exist in order for saslauthd to function. Once you configure (and start) saslauthd, there is a testsaslauthd program that can be built with make testsaslauthd in the saslauthd subdirectory of the source. This can be used to check that that the saslauthd daemon is installed and running properly. An invocation like testsaslauthd -u rjs3 -p 1234 with appropriate values for the username and password should do the trick. If you are using the PAM method to verify passwords with saslauthd, keep in mind that your PAM configuration will need to be configured for each service name that is using saslauthd for authentication. Common service names are imap, sieve, and smtp. Courier-IMAP authdaemond contacts Courier-IMAP's authdaemond daemon to check passwords. This daemon is simliar in functionality to saslauthd, and is shipped separately with the Courier mail server. Note: this feature is not compiled in the library by default, and its provided for sites with custom/special requirements only (because the internal authentication protocol its not documented anywhere so it could change at any time). We have tested against the authdaemond included with Courier-IMAP 2.2.1. To enable authdaemond support, pass --with-authdaemon to the configuration script, set pwcheck_method to ``authdaemond'' and point authdaemon_path to authdaemond's unix socket. Optionally, you can specify --with-authdaemond=PATH to the configure script so that authdaemond_path points to a default, static, location. pwcheck checks passwords with the use of a separate, helper daemon. This feature is for backwards-compatibility only. New installations should use saslauthd. --cut here-- -- Ondrej Sury [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm script
Patrice wrote: hello, I try to make a script to automate creation of users with cyradm but I haven't found the way to pass the password to cyradm automatically does somebody already did it ? Well, cyradm is just a shell script wrapper over Perl Cyrus::Admin module, if I'm not mistaken. So, anyone with solid knowledge of Perl can write a Perl script to do anything you want. Not being a Perl user, I can only directo you to Google for your solution, look for Perl scripts to accomplish this. Nix. Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm script
On Tue, 2005-08-23 at 12:04 +0200, Nikola Milutinovic wrote: Patrice wrote: hello, I try to make a script to automate creation of users with cyradm but I haven't found the way to pass the password to cyradm automatically does somebody already did it ? Well, cyradm is just a shell script wrapper over Perl Cyrus::Admin module, if I'm not mistaken. So, anyone with solid knowledge of Perl can write a Perl script to do anything you want. Not being a Perl user, I can only directo you to Google for your solution, look for Perl scripts to accomplish this. Or you can just use python imaplib module, it has support for every function out of the box. Ondrej. -- Ondrej Sury [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm script
hello, I try to make a script to automate creation of users with cyradm but I haven't found the way to pass the password to cyradm automatically does somebody already did it ? This is how I do it: cyradm --user cyrus --auth login --pass [pass] localhost Simon Patrice Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Cyrus IMAP + Postfix (Mail duplication problem)
Hi I configured a Postfix mail server with Cyrus SASL SMTP authentication Cyrus IMAP as a POP3 or IMAP4 server and OpenLDAP . My setup is working fine . However i am facing very new problem which is unknown non-traceable and unexpected . Here i am mentioning the problem . If i create a POP3 account in MS-Outlook 2003 in Windows XP and if i check the option leave a message copy on the server whenever i am clicking on the Send/Receive button i am receiving duplicate mails The same mail is repeated several times .But if i uncheck the leave a message copy on the server option i will receive only one copy of the mail duplicate mails are not happening . I am unable to identify what is the source of causing this problem . I think this problems may belongs to Cyrus . Anybody help me on this. Thanks Regards Shashi Kanth Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm script
Em Terça 23 Agosto 2005 05:05, Patrice escreveu: hello, I try to make a script to automate creation of users with cyradm but I haven't found the way to pass the password to cyradm automatically does somebody already did it ? I use gssapi (kerberos) authentication and cyradm is in my ~/.muttrc to automatically list my mailboxes. So, it's sort of a script yes ;) Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Problem with direct delivery to cyrus subfolder...
On Tue, 2005-08-23 at 14:29 +0200, Sylvain MEDEOT wrote: No changes, here are the new logs... I see one significant change, mail is now delivered to [EMAIL PROTECTED], before it was delivered to [EMAIL PROTECTED] Aug 23 14:15:04 aldebaran postfix/lmtp[6752]: 9B190A5: to=si01 [EMAIL PROTECTED], relay=/var/spool/postfix/public/lmtp[/var/spool/postfix/public/lmtp], delay=0, status=sent (250 2.1.5 Ok) But, I've also modified /etc/imapd.conf and add the line postuser: si01 Yep, that's also correct when shared folder is on top level. (Sorry I didn't read your previous mail to detail). Aug 23 14:19:31 aldebaran postfix/lmtp[6766]: 5567FEF: to=si01 [EMAIL PROTECTED], relay=/var/spool/postfix/public/lmtp[/var/spool/postfix/public/lmtp], delay=0, status=sent (250 2.1.5 Ok) This is place when mail is still hold by postfix, but now it gets delivered correctly. And here the delivery is made right away to the shared folder... Any idea ? Configure MailScanner to not strip + extensions? What happens if you enable MailScanner again? Usually it's good idea to start with least services as possible and then add them one by one to see where problem could be. O. -- Ondrej Sury [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
[Fwd: Re: cyradm script]
Just to put in my two cents' worth :
In case it could be of interest to anyone, here is the answer I sent
directly to the requester (I know it's bad :-), but I could then write
in French ! )
Roughly, as someone else stated, cyradm is just a wrapper (or something
of the sort) around a Perl library. Creating users is really
straightforward using that library. In the script below, the password is
stored in $passwd, and the user to create is in $a
There's more information about the various commands available using
perldoc Cyrus::IMAP::Admin
I haven't gone much further than that, but if anyone is interested, feel
free to ask
Pascal Mouret
Original Message
Subject:Re: cyradm script
Date: Tue, 23 Aug 2005 11:27:13 +0200
From: Pascal Mouret [EMAIL PROTECTED]
To: Patrice [EMAIL PROTECTED]
References: [EMAIL PROTECTED]
Bonjour,
Une réponse off-list pour pouvoir parler français, c'est plus facile. Je
ne sais pas si ça peut vous intéresser, mais j'ai fait ça en Perl
(cyradm n'est qu'un wrapper autour de la librairie Perl associée). C'est
très facile à faire :
use Cyrus::IMAP::Admin;
[...]
# connexion a Cyrus
[...]
print Connection a Cyrus pour la creation des boites\n;
$client = Cyrus::IMAP::Admin-new('localhost');
$client-authenticate(-mechanism = 'login', -user = 'root',
-password = $passwd);
print STDERR Y'a eu une erreur : , $client-error if $client-error;
[...]
print Creation de la boite de messagerie $a ...;
$rc = $client-create(user.$a);
if($client-error)
{die \nY'a eu une erreur : .$client-error.\n;}
else
{print Ok\n;}
Pour plus d'infos sur les commandes qu'on peut lancer :
perldoc Cyrus::IMAP::Admin
Si vous voulez plus d'infos, n'hésitez pas
Cordialement
Pascal Mouret
Patrice wrote:
hello,
I try to make a script to automate creation of users with cyradm
but I haven't found the way to pass the password to cyradm automatically
does somebody already did it ?
Patrice
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
--
Pascal Mouret
DSII - Direction du Système d'Information et de l'Informatique
Université de Provence - 3, place Victor Hugo - 13331 Marseille cedex 3
Tél: 04 91 10 64 02E-mail: [EMAIL PROTECTED]
Fax: 04 91 08 35 00 ou[EMAIL PROTECTED]
(Ligne d'assistance (interne) : 04 91 10 85 55 / 04 42 95 34 54)
--
Pascal Mouret
DSII - Direction du Système d'Information et de l'Informatique
Université de Provence - 3, place Victor Hugo - 13331 Marseille cedex 3
Tél: 04 91 10 64 02E-mail: [EMAIL PROTECTED]
Fax: 04 91 08 35 00 ou[EMAIL PROTECTED]
(Ligne d'assistance (interne) : 04 91 10 85 55 / 04 42 95 34 54)
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
ANNOUNCE: gyrus 0.3.4
Hi Gyrus is a tool for the administration of mailboxes in IMAP/Cyrus servers. It is designed for fitting in the GNOME Desktop. It is free software, so you are free and encouraged to copy it and distribute it. More information and other versions of gyrus can be found in its web site: http://gyrus.gnome.cl Bug reports about this or other versions can be sent to GNOME Bugzilla, under the module 'gyrus'. 0.3.4 = Gyrus version 0.3.4 is now released and ready for download at: http://ftp.gnome.org/pub/GNOME/sources/gyrus/0.3/gyrus-0.3.4.tar.gz http://ftp.gnome.org/pub/GNOME/sources/gyrus/0.3/gyrus-0.3.4.tar.bz2 This is the fifth release of the development series looking for 0.4.0. Its major new features is the support for the creation of printable reports of users with exceeded quota, and the support for servers using the UNIX hierarchy separator character. New Features: * Allows to create printable reports of users with quota exceeded (Alejandro Valdés). * Added support for [ALERT] server responses. * Added support for servers using the UNIX mailbox hierarchy separator instead of the netnews separator character. UI: * Shows the name of the active session in the title of the main window (Héctor Enríquez Díaz, Claudio). * Better usage of GTK+ stock icons (Mario Fuentes, Pedro Villavicencio Garrido). * Improved dialog for edition of sessions (Mario, Claudio). * Dumped to GTK+ 2.6.0 and using GtkDialogAbout (Pedro). Translations: * Updated tarnslations (en_CA, es). * New translations (uk). Bug fixes: * #308422. Check if iter is set correctly (Juan Carlos Inostroza). * #305197. Do not hang when server uses [ALERT] responses. Thanks to: Héctor Enríquez Díaz, Maxim Dziumanenko, Mario Fuentes, Juan Carlos Inostroza, Alejandro Valdés, Pedro Villavicencio Garrido, Adam Weinberger. Greetings, Claudio -- Claudio Saavedra [EMAIL PROTECTED] Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Problem with direct delivery to cyrus subfolder...[solved]
Configure MailScanner to not strip + extensions? What happens if you enable MailScanner again? Usually it's good idea to start with least services as possible and then add them one by one to see where problem could be. O. Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html Hi, Many thanks again for your help. Finally after further checking I've seen that the cyrus rights were unsufficients... si01 lrswipcda any lrswipcda I discovered that after checking the rights on the root folder : both "any" and "anyone"... If somebody can tell me what is the difference... Then I did the same so I added setacl user.si01.partage anyone all And all is fine... Regards, Sylvain ___ Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger Téléchargez cette version sur http://fr.messenger.yahoo.com Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
