cyradm auth question
Cyrus IMAPD v. 2.0.15 Postfix MTA v. 20010228-pl03 pam_mysql Linux This could probably be considered a Postfix issue - but I'm going to try here first if nobody minds... (c8= Hopefully this is very simple: When I log onto cyradm, the first prompt I recieve is: 'Please enter your password:' ...which never works ( I'm using pam_mysql for auth ), and subsequently generates the following log: Jul 9 23:36:35 shnarf imapd[4912]: badlogin: shnarf.axcelerant.com[192.168.240.66] PLAIN no mechanism available ... and *then* I get the 'IMAP Password:' prompt ( after a short but annoying pause ), which works as it should, allowing me to begin my cyradm session. SOOooo, can any of you kind folks out there perhaps throw me a clue? I'd like to do whatever may be required ( whether via cyrus, or via Postfix - I know there's got to be some postfix-cyrus user out there ), in order to disable and completely 'nix that first prompt. The only possibly applicable params in my 'main.cf' postfix conf file are the following: pwcheck_method = PAM smtpd_sasl_security_options = noanonymous, noplaintext ( I thought maybe 'noplaintext' would do tha trick -- but, no go. ) I really appreciate any and all suggestions! Beers, and thanks - Corey
Re: cyrus: cannot validate a user that exist on the /etc/passwd file
In the cyrus homepage I read this: SASL Library Please refer to the NEWS file for changes (or more details can be found in the ChangeLog). Documentation can be found in the doc subdirectory. The latest release is version 1.5.24. And the last version of the imap-cyrus server is: 2.0.15 Are they right ? If not, where I can get cyrus-sasl 1.5.27 ? Thanks for your help. On Mon, 9 Jul 2001, Artur Frysiak wrote: > On Mon, Jul 09, 2001 at 10:13:35AM -0100, David wrote: > > Hi to everybody: > > > > I'm trying to setup a imap in a linuxbox. I have cyrus software > > listening on ports pop3 and imap. > > > > I use this rpm packages: > > > > cyrus-sasl-1.5.24-17 > > cyrus-imapd-2.0.9-3 > > > > Here you have the contents of /etc/imap.conf > > > > [ develop2 ] ~ # cat /etc/imapd.conf > > configdirectory: /var/imap > > partition-default: /var/spool/imap > > admins: cyrus > > allowanonymouslogin: no > > sasl_pwcheck_method: pam > > If you want working pam_unix authentication you must use saslauthd from > cyrus-sasl 1.5.27. > > Regards >
Re: cyrus: cannot validate a user that exist on the /etc/passwd file
hi david,
check your ./configure before compile time.
attached you can find my config.status files!
importand i think is to config sasl with:
./configure --with-pwcheck_method=shadow --enable-plain \
--disable-cram --disable-krb4 --disable-digest
... or anybody other opinion!
regard´s wolfgang
David wrote:
>
> I tested also using shadow, but didn't work.
>
> Any other idea?
>
> On Mon, 9 Jul 2001, Wolfgang Schäfer wrote:
>
> > in your imap.conf is a config error!
> > if you want to use shadow as auth method you should use:
> >
> > # The mechanism used by the server to verify plaintext
> > # passwords.Possible values also include "ker
> > # beros_v4", "passwd", and "shadow".
> > # sasl_pwcheck_method: PAM
> > sasl_pwcheck_method: shadow
> >
> > take al look at man imapd.conf ... it´s the docu
> >
> > regard wolfgang
> >
> >
> > David wrote:
> > >
> > > Hi to everybody:
> > >
> > > I'm trying to setup a imap in a linuxbox. I have cyrus software
> > > listening on ports pop3 and imap.
> > >
> > > I use this rpm packages:
> > >
> > > cyrus-sasl-1.5.24-17
> > > cyrus-imapd-2.0.9-3
> > >
> > > Here you have the contents of /etc/imap.conf
> > >
> > > [ develop2 ] ~ # cat /etc/imapd.conf
> > > configdirectory: /var/imap
> > > partition-default: /var/spool/imap
> > > admins: cyrus
> > > allowanonymouslogin: no
> > > sasl_pwcheck_method: pam
> > >
> > > Here the /etc/cyrus.conf
> > >
> > > START {
> > > # do not delete these entries!
> > > mboxlist cmd="ctl_mboxlist -r"
> > > deliver cmd="ctl_deliver -r"
> > > }
> > >
> > > # UNIX sockets start with a slash and are put into /var/imap/socket
> > > SERVICES {
> > > # add or remove based on preferences
> > > imap cmd="/usr/cyrus/bin/imapd" listen="imap" prefork=0
> > > imaps cmd="/usr/cyrus/bin/imapd -s" listen="imaps" prefork=0
> > > pop3 cmd="/usr/cyrus/bin/pop3d" listen="pop3" prefork=0
> > > pop3s cmd="/usr/cyrus/bin/pop3d -s" listen="pop3s" prefork=0
> > > sieve cmd="/usr/cyrus/bin/timsieved" listen="sieve" prefork=0
> > >
> > > # at least one LMTP listener is required for proper delivery
> > > # lmtp cmd="lmtpd" listen="lmtp" prefork=0
> > > lmtpunix cmd="/usr/cyrus/bin/lmtpd" listen="/var/imap/socket/lmtp"
> > > prefork=0
> > > }
> > >
> > > EVENTS {
> > > # this is required
> > > checkpointcmd="ctl_mboxlist -c" period=30
> > > }
> > >
> > >
> > > Well, after that, I launch the cyrus daemon:
> > >
> > > [ develop2 ] ~ # ps -ax | grep cyrus
> > > 30464 pts/0S 0:00 /usr/cyrus/bin/master
> > >
> > > Then, I make this test:
> > >
> > > # telnet localhost 110
> > > Trying 127.0.0.1...
> > > Connected to develop2.iwith.org.
> > > Escape character is '^]'.
> > > +OK HOSTNAME Cyrus POP3 v2.0.9 server ready
> > > user USER
> > > +OK Name is a valid mailbox
> > > pass HISPASSWD
> > > -ERR Invalid login
> > >
> > >
> > > Of course, the USER and PASSWD that I write are correct in the system.
> > >
> > > By the way If I make the same test against IMAP port this is the
> > > output from that I receive from the server:
> > >
> > >
> > > [ develop2 ] # imtest -m login -a USER localhost
> > > C: C01 CAPABILITY
> > > S: * OK HOSTNAME Cyrus IMAP4 v2.0.9 server ready
> > > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS
> > > ID NO_ATOMIC_RENAME UNSELECT MULTIAPPEND SORT THREAD=ORDEREDSUBJECT
> > > THREAD=REFERENCES IDLE AUTH=DIGEST-MD5 AUTH=CRAM-MD5 X-NETSCAPE
> > > S: C01 OK Completed
> > > Password:
> > > C: L01 LOGIN USER {4}
> > > + go ahead
> > > C:
> > > L01 NO Login failed: authentication failure
> > > Authentication failed. generic failure
> > > Security strength factor: 0
> > > . logout
> > > * BYE LOGOUT received
> > > . OK Completed
> > > Connection closed.
> > >
> > >
> > > This what I can see in the auth.log when I launch a pop3 session:
> > >
> > > Jul 9 08:26:47 develop2 pop(pam_unix)[30142]: authentication failure;
> > > logname= uid=76 euid=76 tty= ruser= rhost= user=USER
> > >
> > > I have tried also to use "sasl_pwcheck_method: pam" instead passwd but
> > > the problem persist.
> > >
> > > Help please!!! and TIA.
> >
> >
--
___
Wolfgang Schaefer
Diplom-Ingenieur (FH) Elektronik
System- und Netzwerkadministrator
Fon +49-(0)7308-818-22
Fax +49-(0)7308-818-65
busse design ulm gmbh
Nersinger Str. 18
89275 Elchingen / Ulm, Germany
http://www.busse-design-ulm.de
___
server3:/usr/local/src/cyrus-imapd-1.6.24 # head config.status
#! /bin/sh
# Generated automatically by configure.
# Run this file to recreate the current configuration.
# This directory was configured as follows,
# on host server3:
#
# ./configure --with-cyrus-user=cyrus --with-cyrus-group=mail
--with-cyrus-prefix=/usr/cyrus --with-auth=unix
Re: Cyrus IMAP - LDAP - Webbased Administration
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday 09 July 2001 14:55, you wrote: > Zitiere Norbert Sendetzky <[EMAIL PROTECTED]>: > > http://www.linuxnetworks.de/enterprise/mail/download/index.html > > Could you provide also a gzip version? My old fashioned machine at work > don't know bzip. Done. See link above. Norbert -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjtK1AoACgkQxMLs5v5/7eCTegCgqx7dc2lBPUsA9q9nwHoaXN/L 7rcAoKfadCS8sMDadhCKGQX8OL0F8lDT =kMkr -END PGP SIGNATURE-
imap 2.0.14 and sieve problems
Hello, I installed cyrus-imapd 2.0.14 and all worked fine. Now I wont use sieve-scripts. I installed and tested the script without errors, but the script do not run when mail come in. On the old cyrus-imapd 1.6.24 the same script works fine. The imapd.conf is the same on both server. Is there any new option to make sieve work or did I make a mistake in ./congfigure for imap? Nico
Re: cyrus: cannot validate a user that exist on the /etc/passwd file(fwd)
And this one also: -- Forwarded message -- Subject: Re: cyrus: cannot validate a user that exist on the /etc/passwd file On Tue, 10 Jul 2001, Wolfgang Schäfer wrote: > hi david, > > David wrote: > > > > Thanks a lot for your answer Wolfgang. > > > > Let me point you in my actual situation: > > > > I have downloaded the latest version of imapd-cyrus: 2.0.15. (tgz format) > > I wanted to install the sasl libraries from tgz source, but I prefer to > > use the rpm that come with the distribution because I have a lot of > > dependences with other packages. These are the sasl-packages that I use: > > > > cyrus-sasl-devel-1.5.24-17 > > cyrus-sasl-1.5.24-17 > > > > Well After that I follow the instructions that comes with the tgz tarball: > > > > 1. configure --disable-sieve // if I don't do that, configure fails > > ... have you install tcl? this can be the error! > and then configure "--with-pwcheck_method=shadow" if you will use the > shadow method! I don't know what is tcl, but how I don't have configure switches, configure will generate a makefile that will build the binaries with tcl support, because I am not using this switch: --without-tcl. Regarding to the configure, well, so far I want to use the most easy pwcheck method (I think it's sasldb method), in this case I don't need configure switches, isn't it? By the way, in spite the problem would come from here, I suppose that the daemon most, at least, run properly until I make the validation process. Don't you reckon? Thanks for your help I have been working 3 days on this
Re: cyrus: cannot validate a user that exist on the /etc/passwd file(fwd)
I forget to send this email to the mailling list, so here you have it.
-- Forwarded message --
Thanks a lot for your answer Wolfgang.
Let me point you in my actual situation:
I have downloaded the latest version of imapd-cyrus: 2.0.15. (tgz format)
I wanted to install the sasl libraries from tgz source, but I prefer to
use the rpm that come with the distribution because I have a lot of
dependences with other packages. These are the sasl-packages that I use:
cyrus-sasl-devel-1.5.24-17
cyrus-sasl-1.5.24-17
Well After that I follow the instructions that comes with the tgz tarball:
1. configure --disable-sieve // if I don't do that, configure fails
2. make depend
3. make all CFLAGS=-O
4. create an user id:cyrus, group: mail
5. add the syslog lines to set up the log files
6. create this /etc/imapd.conf
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: curtj abell
sasl_pwcheck_method: passwd
7. setup to user cyrus.mail and permisions 750 this directories:
/var/imap
/var/spool/imap
8. I change to the user cyrus and run the tools/mkimap file that comes in
the cyrus' tarball. (NOTE: of course this file have root.root attributes
so I copy it to /tmp and change the owner to cyrus.mail).
9. Change attributes of this files:
cd /var/imap
chattr +S user quota user/* quota/*
chattr +S /var/spool/imap /var/spool/imap/*
10. I remove the xinetd files regarding to imapd and pop3
11. Copy a "pre-builded" cyrus.conf file from cyrus' tarball:
cp master/conf/normal.conf /etc/cyrus.conf
12. Finally I launch the master daemon as root:
/usr/cyrus/bin/master
And this is what I get from my /var/log/imapd.log:
Jul 10 14:35:22 develop2 master[25508]: process started
Jul 10 14:35:22 develop2 master[25509]: about to exec
/usr/cyrus/bin/ctl_mboxlist
Jul 10 14:35:22 develop2 master[25508]: process 25509 exited, status 75
Jul 10 14:35:22 develop2 master[25510]: about to exec
/usr/cyrus/bin/ctl_deliver
Jul 10 14:35:22 develop2 master[25508]: process 25510 exited, status 75
Jul 10 14:35:22 develop2 master[25508]: ready for work
Jul 10 14:35:22 develop2 master[25511]: about to exec
/usr/cyrus/bin/ctl_mboxlist
Jul 10 14:35:22 develop2 master[25508]: process 25511 exited, status 75
Jul 10 14:35:22 develop2 master[25512]: about to exec
/usr/cyrus/bin/ctl_deliver
Jul 10 14:35:22 develop2 master[25508]: process 25512 exited, status 75
Directories and files form cyrus to up (/usr/cyrus && /usr/cyrus/bin) has
this permisions:
permisions: drwx--
user: cyrus.mail
I say that because, I don't know why but the /usr/cyrus was of the user
root, group root, so the master gave me errors when it was trying
execute some files on the bin directory.
Anyway, please, A little of help...
thank you again.. I'll be waiting your news.
On Tue, 10 Jul 2001, Wolfgang Schäfer wrote:
> hi david,
>
> check your ./configure before compile time.
> attached you can find my config.status files!
> importand i think is to config sasl with:
> ./configure --with-pwcheck_method=shadow --enable-plain \
> --disable-cram --disable-krb4 --disable-digest
> ... or anybody other opinion!
>
> regard´s wolfgang
>
>
> David wrote:
> >
> > I tested also using shadow, but didn't work.
> >
> > Any other idea?
> >
> > On Mon, 9 Jul 2001, Wolfgang Schäfer wrote:
> >
> > > in your imap.conf is a config error!
> > > if you want to use shadow as auth method you should use:
> > >
> > > # The mechanism used by the server to verify plaintext
> > > # passwords.Possible values also include "ker
> > > # beros_v4", "passwd", and "shadow".
> > > # sasl_pwcheck_method: PAM
> > > sasl_pwcheck_method: shadow
> > >
> > > take al look at man imapd.conf ... it´s the docu
> > >
> > > regard wolfgang
> > >
> > >
> > > David wrote:
> > > >
> > > > Hi to everybody:
> > > >
> > > > I'm trying to setup a imap in a linuxbox. I have cyrus software
> > > > listening on ports pop3 and imap.
> > > >
> > > > I use this rpm packages:
> > > >
> > > > cyrus-sasl-1.5.24-17
> > > > cyrus-imapd-2.0.9-3
> > > >
> > > > Here you have the contents of /etc/imap.conf
> > > >
> > > > [ develop2 ] ~ # cat /etc/imapd.conf
> > > > configdirectory: /var/imap
> > > > partition-default: /var/spool/imap
> > > > admins: cyrus
> > > > allowanonymouslogin: no
> > > > sasl_pwcheck_method: pam
> > > >
> > > > Here the /etc/cyrus.conf
> > > >
> > > > START {
> > > > # do not delete these entries!
> > > > mboxlist cmd="ctl_mboxlist -r"
> > > > deliver cmd="ctl_deliver -r"
> > > > }
> > > >
> > > > # UNIX sockets start with a slash and are put into /var/imap/socket
> > > > SERVICES {
> > > > # add or remove based on preferences
> > > > imap cmd="/usr/cyrus/bin/imapd" listen="imap" prefork=0
> > > > imaps cmd="/usr/cyrus/bin/imapd
Re: imap 2.0.14 and sieve problems
Nico Weichbrod wrote: > > Hello, > > I installed cyrus-imapd 2.0.14 and all worked fine. > Now I wont use sieve-scripts. I installed and tested the script without > errors, but the script do not run when mail come in. On the old cyrus-imapd > 1.6.24 the same script works fine. > The imapd.conf is the same on both server. Is there any new option to make > sieve work or did I make a mistake in ./congfigure for imap? How did you install and test the script? Where is your script located? Make sure 'sievedir' or 'sieveuserhomedir' are set correctly in /etc/imapd.conf. Does the 'cyrus' user have read access to the script? Are you getting any errors in /var/log/imapd.log? Ken -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp
Re: imap 2.0.14 and sieve problems
Ken Murchison <[EMAIL PROTECTED]> schrieb: > > How did you install and test the script? I install the script with installsieve -i
Re: imap 2.0.14 and sieve problems
Nico Weichbrod wrote: > > Ken Murchison <[EMAIL PROTECTED]> schrieb: > > > > > How did you install and test the script? > > I install the script with installsieve -i
Re: [ ANN ] Alpha release of 2.0.13 for SGI Irix 6.5 Freeware
richard offer wrote: > > I'm in the process of packaging up the imap server as part of the SGI > Freeware project (http://freeware.sgi.com/) > > I have an alpha version available if anyone would like to test it out. This > follows Freeware project guidelines (-n32, mips3, Irix 6.5 only). Richard, I decided to try you inst package because I wanted to test the SIGHUP behavior of master on something other than Linux. I installed this on my O2 running 6.5.10m, and noticed a couple of things with the package: 1. It doesn't add 'imap' to /etc/services (it only has imap2) 2. It doesn't add 'local6' to /etc/syslog.conf, and hence to logging 3. master starts, but doesn't fork any processes. No imapd are preforked, and a telnet to port 143 goes unanswered. I'm very familiar with Cyrus and have done my own inst packaging, but can't seem to figure out what is going on here. Its probably something obvious which means either I've had too many beers, or not enough ;-) Thanks, Ken -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp
Re: cyradm auth question
[EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > When I log onto cyradm, the first prompt I recieve is: > > 'Please enter your password:' > > ...which never works ( I'm using pam_mysql for auth ), and subsequently > generates the following log: > > Jul 9 23:36:35 shnarf imapd[4912]: badlogin: > shnarf.axcelerant.com[192.168.240.66] PLAIN no mechanism available Currently, the PLAIN auth mechanism only becomes available when the session is encrypted (i.e. over SSL/TLS) - hence the error "no mechanism available". The first password prompt above is from sasl. cyradm then falls back to the IMAP LOGIN method and it prompts for a password as below: > ... and *then* I get the 'IMAP Password:' prompt ( after a short but > annoying pause ), which works as it should, allowing me to begin my cyradm > session. [..] > I'd like to do whatever may be required ( whether via cyrus, or via Postfix > - I know there's got to be some postfix-cyrus user out there ), in order to > disable and completely 'nix that first prompt. Nothing to do with Postfix. Just run cyradm like: cyradm --auth login ... [IMO the PLAIN auth mechanism should be enabled when allowplaintext is enabled, regardless of an SSL session] Regards, -- Cillian
CYRUS_SERVICE
I've had similar problems as those described earlier, but I've only just subscribed. I followed the Cyrus-HOWTO for Linux, which instructs you to set up inetd. I'm using xinetd, so I thought the problem was how I set up the entries for imap and pop3. In those entries, the server is /usr/cyrus/bin/imapd (which should only be called by the master imapd, I believe?). If I disable them and start up the server, I don't have the CYRUS_SERVICE problems anymore, just new ones 8). Hope that helps someone. Regards, Doug === EASY and FREE access to your email anywhere: http://Mailreader.com/ ===
cyrus -sieve
Hello, I have cyrus 2.0.14 installed on RH 7.0 cyrus is working fine I am using sieveshell to add filters sieveshell -u kalpit -a admin localhost I am facing a unique problem Whenever my username is either 12, 20,28,36 characters , the script gives a segmentation fault and dumps core has anyone faced a similar situation Please Help. -- -- Thanx & Regards Kalpit Jain Email: [EMAIL PROTECTED] NetCore Solutions Pvt. Ltd 5, Raheja Centre Phone No: 2842959, 2844904, 214 Nariman Point 2049109, 2885689 Mumbai - 400021 Fax No: 2023904
Cyrus HOWTO (was CYRUS_SERVICE)
Hi all, If you are having problems with your Cyrus install under Linux then you've probably blindly followed the Cyrus HOWTO, which appears to be out of date. It isn't too bad, just remove all reference to imap and pop3 (could be more, someone said something about this before) from (x)inetd. Then choose a configuration file from master/conf/ under your cyrus- imap source tree. cp this to /etc/cyrus.conf. Then /usr/cyrus/bin/master & and imtest should then starting working for you. Just remember to /usr/cyrus/bin/master on boot and then you should have more joy then you've had in the past. Hope that helps someone. Regards, Doug === EASY and FREE access to your email anywhere: http://Mailreader.com/ ===
