Re: sieveshell from 2.1.4 not looping through mechanisms ?
Rob Siemborski schrieb: > > On Fri, 3 May 2002, Simon Matter wrote: > > > I've just recompiled my RPMS of cyrus-imapd 2.1.4. > > The changelog says that sieveshell should now loop through all SASL > > mechanisms before giving up. > > I just tried it and it did indeed try KERBEROS_V4, fail, and then try > GSSAPI, and succeed. > > > but it still didn't work. > > Could you supply a network dump of what is going on? Any log messages? > Did you upgrade the server as well as the client (this is necessary). > > In any case, I'm not going to argue that you're seeing a probem?, but is > there any reason that you removed the sasl_mech_list option if you can't > support mechs other than PLAIN anyway? Right, I'm not seeing a real problem. The only thing is that I thought it should work like cyradm but it doesn't. With cyradm I can specify the mech and I don't have a problem. With sieveshell you can not choose the mech. I'm using the mech PLAIN because I'm running saslauthd against PAM. It's no real problem but I just expected it to work automagically now. -Simon > > -Rob > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Rob Siemborski * Andrew Systems Group * Cyert Hall 235 * 412-268-7456 > Research Systems Programmer * /usr/contributed Gatekeeper
Re: sieveshell from 2.1.4 not looping through mechanisms ?
--On Friday, May 03, 2002 9:39 AM -0400 Rob Siemborski <[EMAIL PROTECTED]> wrote: > On Fri, 3 May 2002, Simon Matter wrote: > >> I've just recompiled my RPMS of cyrus-imapd 2.1.4. >> The changelog says that sieveshell should now loop through all SASL >> mechanisms before giving up. Ok i never tried Sieveshell on 2.1.3 so you'll have to bare with me. I recently upgraded to 2.1.4 and i noticed on Solaris (SPECIFIC) that it wants the directory's both in upper case and lowercase in /var/imap/user and /usr/sieve I found that once i created the proper directory's in /usr/sieve i had no problem authenticating with sieveshell. Works great! Check your /var/adm/messages because there is more then likely a message like db3-nosync unable to open file /usr/sieve/I/test of course there is /usr/sieve/i but not I. Remember un unices we have lower/uppercase differences. Maybe that's something we should add to the script to create the upper/lowercase in all the directory's. Same problem with quotas, and such. Food for thought? > I just tried it and it did indeed try KERBEROS_V4, fail, and then try > GSSAPI, and succeed. GSSAPI is our api that we use to talk to Kerberos_v4. If you read back you'll find this the case. >> but it still didn't work. > > Could you supply a network dump of what is going on? Any log messages? > Did you upgrade the server as well as the client (this is necessary). > > In any case, I'm not going to argue that you're seeing a probem?, but is > there any reason that you removed the sasl_mech_list option if you can't > support mechs other than PLAIN anyway?
Re: cyradm: Permission Denied
--On Friday, May 03, 2002 7:24 AM -0700 Robert Lasirona <[EMAIL PROTECTED]> wrote: > Hi Scott, > > Thanks for the advice. I tried what you suggested, but with no luck. I'm > still getting the 'Permission denied'. I went through the docs that are > at www.postfix.org, 'cyrus+sasl'. That HowTo suggested 'cm user/test', > with this format I got 'Invalid mailbox name'. hmm i wonder why they said user/test? I always did cm user.test like cm user.damm cm user.lasirona > I verified the owner and group on /var/spool/imap, the ownership and > group is set as you suggest. > I'm not sure where I'm stuck at, but if my mail system is stuck at > /var/spool/mail. How do I find out if I messed up the permissions? And, > What should they be? I know in another HowTo, it suggests setting 'S' > mode on directory. I believe that was in the imap directory. Do I need to > do that with /var/spool/mail? Well the +S Will definetly help if your running linux, or in FreeBSD they have their flag. Your old BSD mailboxes are in var/spool/mail and you will need to forward all your mail thru Cyrus for your users to pick it up. But also check your /var/log/messages See if you find any db3-nosync/flat... Unable to open, or Open file /var/spool/imap/blah failed Any hints you could give us would be a great help.
RE: LDAP accounts for Cyrus patch questions
On Fri, 3 May 2002, Howard Chu wrote: > The solution I've come up with for external apps using SASL with LDAP as the > backing store is a lot uglier. I've described some of my approach on the > openldap-software and openldap-devel mailing lists over the past couple of > weeks. I saw a mention of an LDAP auxprop plugin already existing, on this > email list, but never saw URL for the source. If someone could point it out > for me, I'd really appreciate it. I've already got a working module, but if > there's an existing "standardized" approach I'm willing to work with it. Check out http://www.ypass.net/solaris8/cyrus/. This patch was tested against openldap compiled without sasl support. I believe cyrus folks are looking at it. We need autoconf scripts to detect openldap. -Igor
canon_user plugin
Hello, I am trying to develop a 'virtual mailbox/username rewrite module' functionality for cyrus and I think that this can easly be achieved with a canon_user plugin. The only issue I see so far is in the cmd_login() function where sasl_getprop(SASL_USERNAME) and canon_user plugin are not called and the rewrite may not occur. I may be missing something. Another possibilty is to modify auth_unix.c routine (or create a auth_ldap method), but I do not see where auth_canonifyid is called in cmd_authenticate() and may miss the rewrite. Can someone let me know if I am on the right track or possibly offer other suggestions? Thanks. -Igor
Re: update: Re: cyrus, mysql, is anyone out there?
this is what I have in my pam.conf and it worked fine when I used pam_mysql with cyrus. I now switched to Simon's patch of mysql-auxprop, which also works fine for me: pop auth required /usr/local/lib/pam_mysql.so user=u passwd=p host =h db=us table=t usercolumn=c passwdcolumn=pc crypt=3 pop accountrequired /usr/local/lib/pam_mysql.so user=u passwd=p host=h db=us table=users usercolumn=user passwdcolumn=password crypt=3 pop password required /usr/local/lib/pam_mysql.so user=u passwd=p host=h db=us table=users usercolumn=user passwdcolumn=password crypt=3 you have to use above lines with saslauthd -a pam On Fri, May 03, 2002 at 08:44:39AM -0500, Dustin Puryear wrote: > At 08:49 AM 5/3/2002 -0300, Patrick Boutilier wrote: > >#%PAM-1.0 > >auth required /lib/security/pam_mysql.so user=xxx passwd=xxx > >db=school table=user usercolumn=userid passwdcolumn=passwd > > > >accountrequired /lib/security/pam_mysql.so user=xxx passwd=xxx > >db=school table=user usercolumn=userid passwdcolumn=passwd > > > > > >Also make sure that the cyrus user can read the pam file. Are the > >permissions the same on both the imap and pop pam files? > > This is all being done via /etc/pam.conf. > > Regards, Dustin > > > --- > Dustin Puryear <[EMAIL PROTECTED]> > UNIX and Network Consultant > http://members.telocity.com/~dpuryear > PGP Key available at http://www.us.pgp.net > In the beginning the Universe was created. > This has been widely regarded as a bad move. - Douglas Adams > >
Solution [was: Cyrus - Squirrelmail - serverside threading]
Ken Murchison wrote: > Quoting Bernd Schmelter <[EMAIL PROTECTED]>: > [...] > > Is there a serverside threading available? > > Yes. THREAD=ORDEREDSUBJECT and THREAD=REFERENCES > > Telnet to your server and issue the CAPABILITY command to see a complete list > of features. Thanks - capabilitys are given. I configured Squirrel with charset iso-8856-15. For threading, default charset iso-8856-1 is recommended. Now it works. > > Ken Thanks Benn -- #250319 - http://counter.li.org
Unable to open maildrop
I've set up exim and cyrus on a debian system. With cyradm I have created some mailboxes: localhost> lm Kerstin.Espey (\HasNoChildren) kerstin (\HasNoChildren) Zulu (\HasNoChildren) root (\HasNoChildren) (unixhierarchysep: yes in /etc/imapd.conf) If I try to connect via IMAP, it looks fine: telnet imp 143 Trying 192.168.111.32... Connected to imp.ibbone.helinet.de. Escape character is '^]'. * OK imp Cyrus IMAP4 v2.1.3-Debian(unstable) server ready . login Zulu *** . OK User logged in . logout * BYE LOGOUT received . OK Completed Connection closed by foreign host. as9(ke): telnet imp 143 Trying 192.168.111.32... Connected to imp.ibbone.helinet.de. Escape character is '^]'. * OK imp Cyrus IMAP4 v2.1.3-Debian(unstable) server ready . login Kerstin.Espey *** . OK User logged in . logout * BYE LOGOUT received . OK Completed Connection closed by foreign host. But I'm not able to connect via POP3: as9(ke): telnet imp 110 Trying 192.168.111.32... Connected to imp.ibbone.helinet.de. Escape character is '^]'. +OK imp Cyrus POP3 v2.1.3-Debian(unstable) server ready <424808546.1020438307@imp> user Kerstin.Espey +OK Name is a valid mailbox pass *** -ERR [SYS/PERM] Unable to open maildrop user Zulu +OK Name is a valid mailbox pass *** -ERR [SYS/PERM] Unable to open maildrop The other thing is, that I'm not able to send mail to the mailboxes. Perhaps it is the same problem? Any help is appreciated. Regards, Kerstin
.sub & .seen in Uppercase Letter Folder (and also the sieve scripts)
Hello ! I've already wrote to this list about this problem, but I didn't received the mail back. So I'm not sure if the mail made it. If the post allready showed up and I'm only ignored so please excuse this repost.. I'm trying to upgrade vom cyrus 1.6.22 to 2.1.3 . I find that the sub & see files are placed in uppercase letter directories with no relation to the username. my jan.sub & jan.sees files are placed in the H dir. The root files in the F folder. I've haven't migrated yet but this makes migration a bit problematic because the users have to subscribe their folders again. How come? What am I doing wrong? (Playing around with sieve I saw that the scripts will be saved in /usr/sieve/H/jan , again uppercase letter. By the way me too I have the problem that I cannot login to timsieved; I get : PLAIN invalid parameter supplied ) Thanks jan
Re: cyradm: Permission Denied
Hi Scott, Thanks for the advice. I tried what you suggested, but with no luck. I'm still getting the 'Permission denied'. I went through the docs that are at www.postfix.org, 'cyrus+sasl'. That HowTo suggested 'cm user/test', with this format I got 'Invalid mailbox name'. I verified the owner and group on /var/spool/imap, the ownership and group is set as you suggest. I'm not sure where I'm stuck at, but if my mail system is stuck at /var/spool/mail. How do I find out if I messed up the permissions? And, What should they be? I know in another HowTo, it suggests setting 'S' mode on directory. I believe that was in the imap directory. Do I need to do that with /var/spool/mail? Thanks, -rob Scott M Likens wrote: > --On Thursday, May 02, 2002 9:54 PM -0700 Robert Lasirona > <[EMAIL PROTECTED]> wrote: > >> I installed postfix with cyrus packages. I've gone through the HowTo and >> now I'm having problems adding the users mailboxes. This is what I've >> completed: >> >> - Installed postfix, cyrus-sasl-gssapi, cyrus-sasl-md5, >> cyrus-sasl-devel, >> cyrus-sasl-java, cyrus-sasl, cyrus-sasl-plain. - I've created all of the >> local accounts for the email clients. >> - Created the email passwords with sasl. >> >> When I execute, 'cyradm -u cyrus-adm localhost'. I enter my password and >> I get a prompt. I enter 'cm test' and I get the error, "createmailbox: >> Permission denied". I'm not exactly sure where the denial is coming >> from. >> I double checked the permissions in /var/imap, and /var/spool/mail. I >> can't seem to figure out why I'm getting this error. >> >> Help! Please! >> >> >> >> Thanks, >> Robert Lasirona >> >> > > Well anyhow you'd prolly want to make it cm user.test > > If you read the docs > > I'd suggest chown -R cyrus:mail /var/spool/imap > > I hope to god that you really dont have it stuck in /var/spool/mail > since that is going to conflict with your BSDish mailboxes and that > would be why you couldnt create the mailbox. > > Since the file 'test' probobly exists. > >
RE: 2.0 to 2.1 migration procedure
I will be very interested by that too Best Regards P. > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of > David Wright > Sent: vendredi 3 mai 2002 03:14 > To: [EMAIL PROTECTED] > Subject: 2.0 to 2.1 migration procedure > > > I'm about to try out imapd-2.1.4 (as packaged by Henrique for > Debian). I > am currently running imapd-2.0.16 (custom-compiled) on a different > machine. Can somone point me to tips for how to migrate my users and > their mail? Do I just need to copy over the mailbox directory > hierarchy > and run reconstruct? Or do I also need to import and/or > reconstruct the > metadata? > > >
Re: update: Re: cyrus, mysql, is anyone out there?
At 10:14 AM 5/3/2002 +0200, Lukas Geider wrote: >Quoting Dustin Puryear <[EMAIL PROTECTED]>: > > > At 09:48 PM 5/1/2002 -0500, you wrote: > > So, I initially had a service defined using the service name 'pop'. Well, > > that's not working, so I created a configuration for 'pop', 'pop3', and > > 'pop3d', a sample being shown below: > >the service name is just 'pop'. I created a configuration for pop, pop3, and pop3d. None seem to work. > > imap account required pam_mysql.so user=mail passwd=secret \ > > host=localhost db=mail table=accountuser > > usercolumn=username \ > > passwdcolumn=password crypt=0 > >i'm not very experienced with pam, but i think the service name shouldn't be >prepended to the 'auth' and 'account' lines. in fact it should be omited, just >write 'auth sufficient pam_mysql.so etc...'. or try to use 'pop' instead >of 'pop3d'. It appears that under FreeBSD 4.4-RELEASE PAM configuration is done in /etc/pam.conf, rather than via /etc/pam.d/service-name. In pam.conf I have to prepend each configuration line with the service name. It appears to work nicely with imap, but pop fails. I'm using the same configuration with pop as with imap, with the exception that I changed the service "imap" to "pop" (or pop3 or pop3d). This is why I feel it should work, but am perplexed that it doesn't. Regards, Dustin --- Dustin Puryear <[EMAIL PROTECTED]> UNIX and Network Consultant http://members.telocity.com/~dpuryear PGP Key available at http://www.us.pgp.net In the beginning the Universe was created. This has been widely regarded as a bad move. - Douglas Adams
Re: update: Re: cyrus, mysql, is anyone out there?
At 08:49 AM 5/3/2002 -0300, Patrick Boutilier wrote: >#%PAM-1.0 >auth required /lib/security/pam_mysql.so user=xxx passwd=xxx >db=school table=user usercolumn=userid passwdcolumn=passwd > >accountrequired /lib/security/pam_mysql.so user=xxx passwd=xxx >db=school table=user usercolumn=userid passwdcolumn=passwd > > >Also make sure that the cyrus user can read the pam file. Are the >permissions the same on both the imap and pop pam files? This is all being done via /etc/pam.conf. Regards, Dustin --- Dustin Puryear <[EMAIL PROTECTED]> UNIX and Network Consultant http://members.telocity.com/~dpuryear PGP Key available at http://www.us.pgp.net In the beginning the Universe was created. This has been widely regarded as a bad move. - Douglas Adams
Re: sieveshell from 2.1.4 not looping through mechanisms ?
On Fri, 3 May 2002, Simon Matter wrote: > I've just recompiled my RPMS of cyrus-imapd 2.1.4. > The changelog says that sieveshell should now loop through all SASL > mechanisms before giving up. I just tried it and it did indeed try KERBEROS_V4, fail, and then try GSSAPI, and succeed. > but it still didn't work. Could you supply a network dump of what is going on? Any log messages? Did you upgrade the server as well as the client (this is necessary). In any case, I'm not going to argue that you're seeing a probem?, but is there any reason that you removed the sasl_mech_list option if you can't support mechs other than PLAIN anyway? -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 235 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: update: Re: cyrus, mysql, is anyone out there?
At 08:51 AM 5/3/2002 +0100, simon wrote: > > I have the pam solution WORKING for imap authentication, but not for pop3 > > authentication. Weird, I know. First, let me show you the test connections: > > >you will probably find that pop3 does not allow usernames to start with >numbers. Check the source or try a different username. The username was dom0001. Regards, Dustin --- Dustin Puryear <[EMAIL PROTECTED]> UNIX and Network Consultant http://members.telocity.com/~dpuryear PGP Key available at http://www.us.pgp.net In the beginning the Universe was created. This has been widely regarded as a bad move. - Douglas Adams
Re: update: Re: cyrus, mysql, is anyone out there?
Here is what I have in my /etc/pam.d/pop file in Redhat 7.2: #%PAM-1.0 auth required /lib/security/pam_mysql.so user=xxx passwd=xxx db=school table=user usercolumn=userid passwdcolumn=passwd accountrequired /lib/security/pam_mysql.so user=xxx passwd=xxx db=school table=user usercolumn=userid passwdcolumn=passwd Also make sure that the cyrus user can read the pam file. Are the permissions the same on both the imap and pop pam files? Dustin Puryear wrote: > At 09:48 PM 5/1/2002 -0500, you wrote: > >> Okay, one final try. Is anyone in the world that happens to be on this >> list using mysql with cyrus? I can't be the only one. If you do exist, >> and I'm happy to see that you do, I > > > Okay, at some point I realized I'm wasn't getting anywhere, so I > abandoned trying to use Cyrus' mysql support to authenticate users > directly against a mysql database. Instead, I'm falling back to the pam > method via pam_mysql, which seems to have been successful from the > responses I've gotten. > > Unfortunately, I again have a problem. > > I have the pam solution WORKING for imap authentication, but not for > pop3 authentication. Weird, I know. First, let me show you the test > connections: > > Here you can see that imap works: > > freebsd# telnet localhost 143 > Trying ::1... > Connected to localhost. > Escape character is '^]'. > * OK freebsd.dpbox.dhs.org Cyrus IMAP4 v2.0.16 server ready > a0001 login dom0001 password > a0001 OK User logged in > May 1 21:57:03 freebsd imapd[5489]: login: localhost[::1] dom0001 > plaintext > ^] > telnet> quit > Connection closed. > > But pop3 fails: > > freebsd# telnet localhost 110 > Trying ::1... > Connected to localhost. > Escape character is '^]'. > +OK <[EMAIL PROTECTED]> Cyrus POP3 v2.0.16 > server ready > user dom0001 > +OK Name is a valid mailbox > pass password > May 1 21:57:39 freebsd pop3d[5491]: login: localhost[::1] dom0001 > plaintext > -ERR Invalid login > ^] > telnet> quit > Connection closed. > > Well, that's no good. So, I must have configured pam wrong. Now, if > anyone here has played with pam they know about the pam-service-guessing > game. It's actually quite fun. In this game you get to guess the service > name that a program will use; it's not always what you think it will be. > > So, I initially had a service defined using the service name 'pop'. > Well, that's not working, so I created a configuration for 'pop', > 'pop3', and 'pop3d', a sample being shown below: > > pop3d auth sufficient pam_mysql.so user=mail passwd=secret \ > host=localhost db=mail table=accountuser > usercolumn=username \ > passwdcolumn=password crypt=0 > pop3d account required pam_mysql.so user=mail passwd=secret \ > host=localhost db=mail table=accountuser > usercolumn=username \ > passwdcolumn=password crypt=0 > > Now, the imap configuration has the same format and information: > > imap auth sufficient pam_mysql.so user=mail passwd=secret \ > host=localhost db=mail table=accountuser > usercolumn=username \ > passwdcolumn=password crypt=0 > imap account required pam_mysql.so user=mail passwd=secret \ > host=localhost db=mail table=accountuser > usercolumn=username \ > passwdcolumn=password crypt=0 > > The difference between imap and pop? imap works. Any ideas? > > Regards, Dustin > > > --- > Dustin Puryear <[EMAIL PROTECTED]> > UNIX and Network Consultant > http://members.telocity.com/~dpuryear > PGP Key available at http://www.us.pgp.net > In the beginning the Universe was created. > This has been widely regarded as a bad move. - Douglas Adams >
sieveshell from 2.1.4 not looping through mechanisms ?
Hi, I've just recompiled my RPMS of cyrus-imapd 2.1.4. The changelog says that sieveshell should now loop through all SASL mechanisms before giving up. So I removed sasl_mech_list: PLAIN from imapd.conf and tried sieveshell --user=simix --authname=simix localhost but it still didn't work. Any ideas? TIA Simon
cyrus-IMAP still stucked help wished
Hello, Thus I installed the rpm packages of Cyrus-IMAP and Cyrus-SASL on SuSE7.3-PPC /Apple G3 cyrus-sasl-1.5.24-73 cyrus-sasl-gssapi-1.5.24-73 cyrus-imapd-devel-2.0.16-31 cyrus-imapd-2.0.16-31 cyrus-sasl-devel-1.5.24-73 I have Cyrus-imapd-2.0.16-115 and cyrus-sasl-1.5.24-157 on another (PC) servor that work perfectly well. But on the Apple thing the imap services seem not to respond: g3-99:/home/alain # telnet localhost imap Trying ::1... telnet: connect to address ::1: Connection refused Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. No answer while on the PC servor and I have to "kill" the telnet process to leave. With the running PC servor I have: g3-99:/home/alain # telnet 192.168.XX.XX imap Trying 192.168.XX.XX... Connected to 192.168.XX.XX. Escape character is '^]'. * OK lx93 Cyrus IMAP4 v2.0.16 server ready . logout * BYE LOGOUT received . OK Completed Connection closed by foreign host. Here the Cyrus-IMAP works OK thus If I try on the Apple servor: g3-99:/home/alain # cyradm --user cyrus --auth login localhost IMAP Password: g3-99:/home/alain # cyradm --user cyrus --auth plain localhost Please enter your password: I can wait my whole life and nothing happens. Password is not authenticated but no messages. Idem with Imtest: g3-99:/home/alain # imtest -u cyrus localhost C: C01 CAPABILITY and nothing Any idea what could be wrong??? -- Alain Barthélemy SBB-ISP
Re: update: Re: cyrus, mysql, is anyone out there?
Quoting Dustin Puryear <[EMAIL PROTECTED]>: > At 09:48 PM 5/1/2002 -0500, you wrote: > So, I initially had a service defined using the service name 'pop'. Well, > that's not working, so I created a configuration for 'pop', 'pop3', and > 'pop3d', a sample being shown below: the service name is just 'pop'. > pop3d auth sufficient pam_mysql.so user=mail passwd=secret \ > host=localhost db=mail table=accountuser > usercolumn=username \ > passwdcolumn=password crypt=0 > pop3d account required pam_mysql.so user=mail passwd=secret \ > host=localhost db=mail table=accountuser > usercolumn=username \ > passwdcolumn=password crypt=0 > > Now, the imap configuration has the same format and information: > > imap auth sufficient pam_mysql.so user=mail passwd=secret \ > host=localhost db=mail table=accountuser > usercolumn=username \ > passwdcolumn=password crypt=0 > imap account required pam_mysql.so user=mail passwd=secret \ > host=localhost db=mail table=accountuser > usercolumn=username \ > passwdcolumn=password crypt=0 i'm not very experienced with pam, but i think the service name shouldn't be prepended to the 'auth' and 'account' lines. in fact it should be omited, just write 'auth sufficient pam_mysql.so etc...'. or try to use 'pop' instead of 'pop3d'. regards, lukas -- Ein Schluck aus der Nase ist die Auster des kleinen Mannes
Re: update: Re: cyrus, mysql, is anyone out there?
> I have the pam solution WORKING for imap authentication, but not for pop3 > authentication. Weird, I know. First, let me show you the test connections: > you will probably find that pop3 does not allow usernames to start with numbers. Check the source or try a different username. -- Simon
2.0 to 2.1 migration procedure
I'm about to try out imapd-2.1.4 (as packaged by Henrique for Debian). I am currently running imapd-2.0.16 (custom-compiled) on a different machine. Can somone point me to tips for how to migrate my users and their mail? Do I just need to copy over the mailbox directory hierarchy and run reconstruct? Or do I also need to import and/or reconstruct the metadata?
