Terrible problem :(((((
Hi list Something terrible happened to my mailserver. (Redhat 7.1+cyrus 2.0.16) At mornining I found out that my server is down. After doing fsck it came up. But the strange thing was that the status of the /var/spool/imap/user was for one month ago! I mean that there were just emails up to 30 Jun and every emails which users had after this date had been deleted! I just found a few emails and two unreadable files in lost+found directory after fsck. I decided to restore my backups. I had level zero backup from last week and a level 9 backup from 1:00 AM. What was more strange was that the level zero backup was exactly what I had that day !!! and the level 9 (incrimental) backup had not recognizd any change on the file system after level zero date!!! I can not analyze this problem. We were working with the server and nothing was strange but it seems that the server had a problem for something around one month!! Also maybe it helps to say that one of mailboxes which receives antivirus alerts was badly bombared with email and I think maybe the huge volume or number may cause this problem. But I can not understand how one month emails has been deleted from the file system and how the server worked smoothly while my backup shows that there had been a very serious problem with the filesystem so that it could not recognize this one month changes and do a backup from those datas. Another thing is that after this problem when I read my emails trough webmail the status of every emails (even new ones) are READ. ANY HELP IS REALY APPRICIATED. Fatemeh Taj --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re[2]: cyrus/sendmail/smmapd question
A> I have a feeling you did not compile sendmail w/ smmap support. A> What version of sendmail are you using, and what does your A> site.config.m4 file look like? I am using FreeBSD's port, version 8.13.0, compiled with tls and sasl2 support. Do I have to change something in order to make it "understand" smmap? Regarding the site.config.m4, I am not 100% sure which one port system is using, but here are the site.config files I suspect it should (for "sendmail+tls+sasl2-8.13.0" port): /usr/ports/mail/sendmail/files # cat site.config.m4.tls APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS') APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_TLS_1') APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_SSL') APPENDDEF(`conf_sendmail_LIBS', `-lssl -lcrypto') /usr/ports/mail/sendmail/files # cat site.config.m4.sasl2 APPENDDEF(`conf_sendmail_ENVDEF', `-I%%LOCALBASE%%/include') APPENDDEF(`conf_sendmail_ENVDEF', `-DSASL=2') APPENDDEF(`confLIBDIRS', `-L%%LOCALBASE%%/lib') APPENDDEF(`conf_sendmail_LIBS', `-lsasl2') -- Best regards, Denismailto:[EMAIL PROTECTED] --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus/sendmail/smmapd question
Yea, looks like it's missing smmap support. Here's my site.config.m4 w/ STARTTLS and SASL2 support built in as well as smmap. I don't remember how FreeBSD's ports work, but I think you can rebuild them. If so, changing the site.config.m4 should do the trick, otherwise consider compiling from source. APPENDDEF(`confMAPDEF', `-DSOCKETMAP')dnl APPENDDEF(`confLIBDIRS', `-L/usr/local/BerkeleyDB.4.2/lib')dnl APPENDDEF(`confLIBDIRS', `-L/usr/local/ssl/lib')dnl APPENDDEF(`confLIBDIRS', `-L/usr/local/cyrus-sasl-2.1.18/lib')dnl APPENDDEF(`confINCDIRS', `-I/usr/local/BerkeleyDB.4.2/include')dnl APPENDDEF(`confINCDIRS', `-I/usr/local/ssl/include')dnl APPENDDEF(`confINCDIRS', `-I/usr/local/cyrus-sasl-2.1.18/include')dnl APPENDDEF(`confENVDEF', `-DSASL=2')dnl APPENDDEF(`confLIBS', `-lsasl2')dnl APPENDDEF(`confLIBS', `-lssl')dnl APPENDDEF(`confLIBS', `-lcrypto')dnl APPENDDEF(`confENVDEF', `-DSTARTTLS')dnl APPENDDEF(`confNO_HELPFILE_INSTALL')dnl HTH AJ Denis V. Suhanov wrote: A> I have a feeling you did not compile sendmail w/ smmap support. A> What version of sendmail are you using, and what does your A> site.config.m4 file look like? I am using FreeBSD's port, version 8.13.0, compiled with tls and sasl2 support. Do I have to change something in order to make it "understand" smmap? Regarding the site.config.m4, I am not 100% sure which one port system is using, but here are the site.config files I suspect it should (for "sendmail+tls+sasl2-8.13.0" port): /usr/ports/mail/sendmail/files # cat site.config.m4.tls APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS') APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_TLS_1') APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_SSL') APPENDDEF(`conf_sendmail_LIBS', `-lssl -lcrypto') /usr/ports/mail/sendmail/files # cat site.config.m4.sasl2 APPENDDEF(`conf_sendmail_ENVDEF', `-I%%LOCALBASE%%/include') APPENDDEF(`conf_sendmail_ENVDEF', `-DSASL=2') APPENDDEF(`confLIBDIRS', `-L%%LOCALBASE%%/lib') APPENDDEF(`conf_sendmail_LIBS', `-lsasl2') --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus/sendmail/smmapd question
I have a feeling you did not compile sendmail w/ smmap support.
What version of sendmail are you using, and what does your
site.config.m4 file look like?
AJ
Denis V. Suhanov wrote:
Hello,
I attempt to pass domain information from sendmail to cyrus, I've
followed the steps described at
http://anfi.homeunix.net/sendmail/rtcyrus2.html.
A have also turned on smmapd in cyrus.conf:
smmapd cmd="smmapd" prefork=1 listen="/data/cyrus/imap/socket/smmapd"
prefork = 1
and I can see that it is running:
# ps auxw | grep cyrus | grep sm
cyrus 42863 0.0 0.8 23088 2084 ?? S12:35PM 0:00.01 smmapd
it's socket does exist:
# ls -al /data/cyrus/imap/socket/ | grep sm
srwxrwxrwx 1 root mail0 Aug 6 12:35 smmapd=
-rw--- 1 cyrus mail0 Aug 6 12:23 smmapd-0.lock
and I have turned on mrs_cyrus in sendmail.mc:
...
define(`CYRUS_LMTP_SOCKET', `/data/cyrus/imap/socket/lmtp')
FEATURE(`no_default_msa')dnl
FEATURE(`mrs')dnl
FEATURE(`mrs_cyrus',`/data/cyrus/imap/socket/smmapd')
MODIFY_MAILER_FLAGS(`CYRUSV2', `-A5')dnl
MAILER(`cyrusv2')
...
I have created a mailertable:
# cat mailertable
domain.org mrs_cyrus_user:error:5.1.1:550 User unknown
and created a hash:
# makemap hash mailertable.db < mailertable
(by the way, do I have to turn FEATURE('mailertable') on or msr_cyrus
assumes it automatically? I've tried both with the same result,
anyway)
But now whenever I am trying to start sendmail, I am getting the
following error:
/etc/mail# make start
Starting: sendmail554 5.0.0 /etc/mail/sendmail.cf: line 137: readcf: map cyrus:
class socket not available
sendmail-clientmqueue.
I know that I've done something wrong. For now, I am just trying to
pass the domain information from sendmail to cyrus and verify
whether the receipient exists at all. Am I right assuming that once I
get this working I'll just have to add new entries to mailertable (w/o
removing the domain info, something like this:
defaultdomain.org mrs_cyrus_user:error:5.1.1:550 User unknown
domain2.orgmrs_cyrus_mailertable:error:5.1.1:550 User unknown
domain3.netmrs_cyrus_mailertable:error:5.1.1:550 User unknown
and I'll get it working (given that imapd.conf has virtual domain
turned on)?
Could anyone point me to what am I doing wrong here at the current
step? Thanks a lot for your help (hopefully, it was not an offtopic
given - my problem is Sendmail configuration, not really Cyrus).
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
cyrus imap with multiple domains
Hi everyone, I have been using cyrus-imapd-2.1.12 with multiple domains for a while now with great success. Instead of an /etc/imapd.conf I have an /etc/cyrus.conf and then an /etc/cyrus directory where I have domain1.com.conf, domain2.com.conf etc, each with their own IP address. I am now setting up a new server and installed it with all of the latest and greatest software versions including cyrus-imapd-2.2.8. It compiled fine and I configured everything the same as the old server. When I run '/usr/cyrus/bin/master &' it crashes and the log file shows the following error: can't open configuration file /etc/imapd.conf: No such file or directory On the old system cyrus.conf replaces imapd.conf but this new system does not seem to like that. Did something change with version 2.2.8 that is causing this? The only other possibility that I can think of is this is still in a test environment and DNS is not set up for the domains, but I have hard-coded them in /etc/hosts (though there is no reverse DNS). Any help would be great...I really don't want to backtrack to a 2.1 version. TIA, Brad --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: FYI: Sendmail and Cyrus IMAP - Real Time Integration
Ken Murchison wrote: AJ wrote: Tried that one, but it spits back a user unknown error, which is misleading, is this an error, should it report over quota? I *believe* this is a problem with Sendmail. AFAIR smmapd returns the correct code/response. Andrzej, is this correct? Current *sendmail-8.13* implementation *does not* make "explanation strings" passed by cyrus-imap (smmapd) with TEMP or PERM replies available in sendmail.cf. It is sendmail's implementation fault but it can be fixed in smmapd by making smmapd use differnt reply formats based on map name * "cyrus" map -> preserve current behavoiur * "cyrus-ib" (in band) map -> no TEMP/PERM replies for ok user return OK:[EMAIL PROTECTED] for over quota user retunrn over-quota:[EMAIL PROTECTED] [It would require small fixes of sendmail.cf feayures too ] [...] -- Andrzej [en:Andrew] Adam Filip [EMAIL PROTECTED] [EMAIL PROTECTED] Home Page http://anfi.homeunix.net/ [ PageRank 6 ] --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
cyrus/sendmail/smmapd question
Hello,
I attempt to pass domain information from sendmail to cyrus, I've
followed the steps described at
http://anfi.homeunix.net/sendmail/rtcyrus2.html.
A have also turned on smmapd in cyrus.conf:
smmapd cmd="smmapd" prefork=1 listen="/data/cyrus/imap/socket/smmapd"
prefork = 1
and I can see that it is running:
# ps auxw | grep cyrus | grep sm
cyrus 42863 0.0 0.8 23088 2084 ?? S12:35PM 0:00.01 smmapd
it's socket does exist:
# ls -al /data/cyrus/imap/socket/ | grep sm
srwxrwxrwx 1 root mail0 Aug 6 12:35 smmapd=
-rw--- 1 cyrus mail0 Aug 6 12:23 smmapd-0.lock
and I have turned on mrs_cyrus in sendmail.mc:
...
define(`CYRUS_LMTP_SOCKET', `/data/cyrus/imap/socket/lmtp')
FEATURE(`no_default_msa')dnl
FEATURE(`mrs')dnl
FEATURE(`mrs_cyrus',`/data/cyrus/imap/socket/smmapd')
MODIFY_MAILER_FLAGS(`CYRUSV2', `-A5')dnl
MAILER(`cyrusv2')
...
I have created a mailertable:
# cat mailertable
domain.org mrs_cyrus_user:error:5.1.1:550 User unknown
and created a hash:
# makemap hash mailertable.db < mailertable
(by the way, do I have to turn FEATURE('mailertable') on or msr_cyrus
assumes it automatically? I've tried both with the same result,
anyway)
But now whenever I am trying to start sendmail, I am getting the
following error:
/etc/mail# make start
Starting: sendmail554 5.0.0 /etc/mail/sendmail.cf: line 137: readcf: map cyrus:
class socket not available
sendmail-clientmqueue.
I know that I've done something wrong. For now, I am just trying to
pass the domain information from sendmail to cyrus and verify
whether the receipient exists at all. Am I right assuming that once I
get this working I'll just have to add new entries to mailertable (w/o
removing the domain info, something like this:
defaultdomain.org mrs_cyrus_user:error:5.1.1:550 User unknown
domain2.orgmrs_cyrus_mailertable:error:5.1.1:550 User unknown
domain3.netmrs_cyrus_mailertable:error:5.1.1:550 User unknown
and I'll get it working (given that imapd.conf has virtual domain
turned on)?
Could anyone point me to what am I doing wrong here at the current
step? Thanks a lot for your help (hopefully, it was not an offtopic
given - my problem is Sendmail configuration, not really Cyrus).
--
Best regards,
Denis mailto:[EMAIL PROTECTED]
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
sasl/pam/ldap authentication process
All, I'm installing my first cyrus imap server that uses LDAP for authentication. I understand the sasldb2/auxprop mechanism all right, but am confused when it comes to saslauthd/PAM/LDAP. I'm want to use PLAIN over TLS against an LDAP server. Seems like there's a LOT of ways to do that (auxprop, sasl-ldap, and sasl-pam-ldap). All the different ways confuse me, and I want to clarify my options. Would someone please verify what I THINK is supposed to happen? 1. --imapd.conf file has NO sasl parameters. --imapd file in sasl2 folder has one paramter pwcheck_method:pam This option does NOT run against the saslauthd daemon. IMAP knows to use SASL, and checks for the sasl config file which says don't use SASL, forward to PAM directly. I have my PAM imap file configured to use LDAP (/etc/ldap.conf). 2. --imapd.conf file has sasl_pwcheck_method:pam This is the same as #1 3. --imapd.conf file has no sasl parameter. --imapd file is sasl2 folder has one parameter pwcheck_method:saslauthd This option tells the imapd to forward the parameters to the saslauthd daemon. When the sasl daemon is started, the desired login mechanism is passed as a parameter (saslauthd -a pam). I have my PAM imap file configured to use LDAP (/etc/ldap.conf) 4. --imapd.conf file has sasl_pwcheck_method:saslauthd Same as #3. 5. --imapd.conf file has no sasl parameter. --imapd file in sasl2 folder has one parameter pwcheck_method:ldap This is similar to PAM process (#1) imap looks up imapd file and determines it's pam and uses sasl to configure against pam. The saslauthd.conf file stores the ldap config information. 6. --imapd.conf file has sasl_pwcheck_method:ldap Same as 5. The saslauthd.conf file stores the ldap config information. 7. --imapd.conf file has no sasl parameter. --imapd file is sasl2 folder has one parameter pwcheck_method:saslauthd This option tells the imapd to forward the parameters to the saslauthd daemon. When the sasl daemon is started, the desired login mechanism is passed as a parameter (saslauthd -a ldap). The saslauthd daemon uses the /saslauthd.conf file to store it's ldap config information. 8. --imapd.conf file has sasl_pwcheck_method:saslauthd Same as #7. Another question: 1. Does cyradm authenticate against the imapd.conf authentication process, or do I have to use the sasldb2 database regardless? I'd like to keep all authentication in LDAP, but one user in the sasldb2 database wouldn't be too bad... Thanks in advance for clarifying this for me. Hopefully this can help others down the road as well! Kevin Williams --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus Login
On Fri, 6 Aug 2004, Andreas wrote:
Try this patch:
--- plugins/cram.c 15 Dec 2003 20:04:22 - 1.83
+++ plugins/cram.c 5 Aug 2004 21:06:06 -
@@ -507,7 +507,7 @@
sasl_out_params_t *oparams)
{
client_context_t *text = (client_context_t *) conn_context;
-const char *authid;
+const char *authid = NULL;
sasl_secret_t *password = NULL;
unsigned int free_password = 0; /* set if we need to free password */
int auth_result = SASL_OK;
That fixed it. Should it be applied to 2.1.19 too?
Yes. I'll put it in CVS so it goes into the next version.
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
[no subject]
ght=2 width=0 border=0>dication. Whether you're suffering from depression or anxiety, impotence or h! air loss, diabetes or sleeping problems, we've got you covered and all without the need for a prescription! Order online and you can save as much as 70% of the regular price of medication. http://banach.internationalt00ls.com/index.php?id=113>Visit DiscountRX Now 07861842620266457-- --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html --==40872E097B29C6509016==-- >From [EMAIL PROTECTED] Fri Aug 06 08:05:19 2004 -0700 Return-Path: <[EMAIL PROTECTED]> Received: from mx2.uidaho.edu (mx2.uidaho.edu [129.101.155.249]) by kerplunk.kerplonk.com (8.12.10/8.12.10) with ESMTP id i766ae0t006595 for <[EMAIL PROTECTED]>; Thu, 5 Aug 2004 23:36:40 -0700 Received: from snow (mailA.its.uidaho.edu [129.101.155.252]) by mx2.uidaho.edu (8.12.10/8.12.10) with ESMTP id i766aTfP011972 for <[EMAIL PROTECTED]>; Thu, 5 Aug 2004 23:36:34 -0700 Received: from alumni-sandymos.ad.uidaho.edu (alumni-sandymos.campus.uidaho.edu [129.101.134.36]) by mailA.its.uidaho.edu (Go Vandals!) with SMTPA id <[EMAIL PROTECTED]> for [EMAIL PROTECTED]; Thu, 05 Aug 2004 23:36:29 -0700 (PDT) Date: Thu, 05 Aug 2004 23:36:29 -0700 (PDT) Date-warning: Date header was inserted by mailA.its.uidaho.edu From: UI Communications <[EMAIL PROTECTED]> To: "Greg Winters tein (V00010432)" <[EMAIL PROTECTED]> Message-id: <[EMAIL PROTECTED]> X-SpamDetails: rule=notspam score=0 mlx=0 adultscore=0 adjust=0 version=2.1.0-04080200 X-SpamScore: 0 Resent-Date: Fri, 06 Aug 2004 08:05:16 -0700 Resent-From: Greg Winterstein <[EMAIL PROTECTED]> X-Mulberry-Mail-From: Greg Winterstein <[EMAIL PROTECTED]> Resent-To: [EMAIL PROTECTED] X-Mulberry-Rcpt-To: [EMAIL PROTECTED] Subject: The Friday Letter Resent-Message-ID: <[EMAIL PROTECTED]> X-Resent-Mailer: Mulberry/3.1.6 (Win32 Demo) X-Mulberry-Identity: Default MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="==09EA00CF6D8B2D6C1A2E==" --==09EA00CF6D8B2D6C1A2E== Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit University of Idaho Office of the President Moscow, Idaho 83844-3151 Phone: 208-885-6365 Fax: 208-885-6558 The Friday Letter A Newsletter for University of Idaho Alumni and Friends August 6, 2004 Here's the latest news at the University of Idaho: ~ Incoming UI President Tim White officially assumed his new responsibilities on Monday and has spent much of the week meeting with university faculty and staff, touching base with the Vision and Resources Task Force and unpacking boxes. The Idaho Board of Education/UI Board of Regents selected White, formerly provost at Oregon State University, as UI's 16th president last February. "It will take some time --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: FYI: Sendmail and Cyrus IMAP - Real Time Integration
AJ wrote: Ken, Tried that one, but it spits back a user unknown error, which is misleading, is this an error, should it report over quota? I *believe* this is a problem with Sendmail. AFAIR smmapd returns the correct code/response. Andrzej, is this correct? Quoting Ken Murchison <[EMAIL PROTECTED]>: AJ wrote: I am using this, and sendmail will just queue the message that is over quota, is this normal? How can we get sendmail to reject at rcpt to: with a message the account is over quota? Enable the 'lmtp_over_quota_perm_failure' option in imapd.conf. Also, I could not find the solution to the sendmail rule set 5 at that link, it actually does not resolve for me. Where can I read about the problem and solution? Thanks. AJ > But some further improvements are possible e.g. making sendmail pass > message > size (as indicated in SIZE= parameter of "MAIL FROM:") when available. > > BTW It seems that *sendmail* has some problems with handling "over > quota" > replies from smapd in rule set 5 [ Solutions mentioned in > http://pse.anfi.org/sendmail/rtcyrus2.html based on LUSER_RELAY and > LOCAL_RELAY --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: SQL errors when not using SQL backend
Hi everyone, Ken Murchison wrote: Paul Boven wrote: Ken Murchison wrote: Paul Boven wrote: I'm building the latest Cyrus (imapd 2.2.8, sasl 2.1.19) and packaging it for Solaris to distrubute to several different Cyrus servers. Works like a charm but every time someone connects I get the following errors on my serial console: imap[18190]: sql_select option missing imap[18190]: auxpropfunc error no mechanism available The machine in question is not using SQL as a backend (though it has been compiled in). Should these messages turn up at all in this case? If the SQL plugin is installed, it will be initialized, and the initialization procedure checks for the sql_select option. You can either remove the SQL plugin or just add a dummy sql_select option. I appended 'sasl_sql_select: dummy' to the imapd.conf, but now I get: mozilla imap[9865]: sql plugin could not connect to host mozilla imap[9865]: sql plugin couldn't connect to any host >> Would it be a good idea to remove the sql-plugin from /usr/sasl2/lib or is it perhaps possible to explicitly disable it by setting sasl_auxprop_plugin? The first option will definitely work, the second option should work. Removing the plugin just caused 'dlopen' failures. Excluding the SQL plugin from sasl_auxprop_plugin *and* creating a dummy SQL statement did the trick, however. Thanks for the quick responses! Regards, Paul Boven. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus Login
On Thu, Aug 05, 2004 at 05:05:32PM -0400, Derrick J Brashear wrote:
> On Thu, 5 Aug 2004, Andreas wrote:
>
> >>Well, do you get a core file?
> >
> >Got a better one, just for completeness.
>
> Yeah, and I see the problem:
>
>
> >#0 0x4027355f in strlen () from /lib/libc.so.6
> >#1 0x4043cceb in _sasl_canon_user (conn=0x82ba478, user=0x4 >out of bounds>, ulen=0, flags=3,
> > oparams=0x82bacd8) at canonusr.c:103
> >#2 0x405aadf9 in crammd5_client_mech_step (conn_context=0x82a0b00,
> >params=0x8064740,
> > serverin=0x8219b87
> > "<[EMAIL PROTECTED]>NvbmVjdGl2YT4=", serverinlen=38,
> > prompt_need=0xb480, clientout=0xb484, clientoutlen=0xb488,
> > oparams=0x82bacd8) at cram.c:581
>
> Try this patch:
> --- plugins/cram.c 15 Dec 2003 20:04:22 - 1.83
> +++ plugins/cram.c 5 Aug 2004 21:06:06 -
> @@ -507,7 +507,7 @@
> sasl_out_params_t *oparams)
> {
> client_context_t *text = (client_context_t *) conn_context;
> -const char *authid;
> +const char *authid = NULL;
> sasl_secret_t *password = NULL;
> unsigned int free_password = 0; /* set if we need to free password */
> int auth_result = SASL_OK;
That fixed it. Should it be applied to 2.1.19 too?
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: SQL errors when not using SQL backend
Paul Boven wrote: Hi everyone, Ken Murchison wrote: Paul Boven wrote: I'm building the latest Cyrus (imapd 2.2.8, sasl 2.1.19) and packaging it for Solaris to distrubute to several different Cyrus servers. Works like a charm but every time someone connects I get the following errors on my serial console: imap[18190]: sql_select option missing imap[18190]: auxpropfunc error no mechanism available The machine in question is not using SQL as a backend (though it has been compiled in). Should these messages turn up at all in this case? If the SQL plugin is installed, it will be initialized, and the initialization procedure checks for the sql_select option. You can either remove the SQL plugin or just add a dummy sql_select option. I appended 'sasl_sql_select: dummy' to the imapd.conf, but now I get: mozilla imap[9865]: sql plugin could not connect to host mozilla imap[9865]: sql plugin couldn't connect to any host mozilla imap[9865]: sql plugin could not connect to host mozilla imap[9865]: sql plugin couldn't connect to any host Would it be a good idea to remove the sql-plugin from /usr/sasl2/lib or is it perhaps possible to explicitly disable it by setting sasl_auxprop_plugin? The first option will definitely work, the second option should work. -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: FYI: Sendmail and Cyrus IMAP - Real Time Integration
Ken, Tried that one, but it spits back a user unknown error, which is misleading, is this an error, should it report over quota? AJ Quoting Ken Murchison <[EMAIL PROTECTED]>: AJ wrote: I am using this, and sendmail will just queue the message that is over quota, is this normal? How can we get sendmail to reject at rcpt to: with a message the account is over quota? Enable the 'lmtp_over_quota_perm_failure' option in imapd.conf. Also, I could not find the solution to the sendmail rule set 5 at that link, it actually does not resolve for me. Where can I read about the problem and solution? Thanks. AJ > But some further improvements are possible e.g. making sendmail pass > message > size (as indicated in SIZE= parameter of "MAIL FROM:") when available. > > BTW It seems that *sendmail* has some problems with handling "over > quota" > replies from smapd in rule set 5 [ Solutions mentioned in > http://pse.anfi.org/sendmail/rtcyrus2.html based on LUSER_RELAY and > LOCAL_RELAY --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: SQL errors when not using SQL backend
Hi everyone, Ken Murchison wrote: Paul Boven wrote: I'm building the latest Cyrus (imapd 2.2.8, sasl 2.1.19) and packaging it for Solaris to distrubute to several different Cyrus servers. Works like a charm but every time someone connects I get the following errors on my serial console: imap[18190]: sql_select option missing imap[18190]: auxpropfunc error no mechanism available The machine in question is not using SQL as a backend (though it has been compiled in). Should these messages turn up at all in this case? If the SQL plugin is installed, it will be initialized, and the initialization procedure checks for the sql_select option. You can either remove the SQL plugin or just add a dummy sql_select option. I appended 'sasl_sql_select: dummy' to the imapd.conf, but now I get: mozilla imap[9865]: sql plugin could not connect to host mozilla imap[9865]: sql plugin couldn't connect to any host mozilla imap[9865]: sql plugin could not connect to host mozilla imap[9865]: sql plugin couldn't connect to any host Would it be a good idea to remove the sql-plugin from /usr/sasl2/lib or is it perhaps possible to explicitly disable it by setting sasl_auxprop_plugin? Regards, Paul Boven. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus-POP & SASL2 auxprop work together ?
Peter Markom wrote: Hello, I submit my question a second time since do not find the problem. I suppose it to be something simple which could easily be overlooked. Maybe it is related with the virtual-domains, but I checked the manual/Howto/faq various times. I also though about something that has to do with permissions / access-rights ? Any suggestion would be highly appreciated. Problem is: I can not authenticate imap/pop-users using auxprop and /etc/sasldb2 On the same machine runs postfix and authentication via TLS and SASL/auxprop works fine. So I can send mails but can not retrieve mails via pop/imap. When trying to do so, /var/log/messages reads like below when trying to authenticate via login & tls Aug 2 00:00:23 master master[23882]: about to exec /usr/lib/cyrus/bin/pop3d Aug 2 00:00:23 master pop3[23882]: executed Aug 2 00:00:23 master pop3[23882]: accepted connection Aug 2 00:00:23 master pop3[23882]: TLS server engine: cannot load CA data Aug 2 00:00:23 master pop3[23882]: TLS server engine: No CA file specified. Client side certs may not work Aug 2 00:00:23 master pop3[23882]: mystore: starting txn 2147483650 Aug 2 00:00:23 master pop3[23882]: mystore: committing txn 2147483650 Aug 2 00:00:23 master pop3[23882]: starttls: TLSv1 with cipher RC4-SHA (128/128 bits new) no authentication Aug 2 00:00:26 master pop3[23882]: badlogin: [212.166.101.83] LOGIN user not found or else via plaintext & tls Aug 2 00:12:49 master master[23899]: about to exec /usr/lib/cyrus/bin/pop3d Aug 2 00:12:49 master pop3[23899]: executed Aug 2 00:12:49 master pop3[23899]: accepted connection Aug 2 00:12:49 master pop3[23899]: TLS server engine: cannot load CA data Aug 2 00:12:49 master pop3[23899]: TLS server engine: No CA file specified. Client side certs may not work Aug 2 00:12:50 master pop3[23899]: mystore: starting txn 2147483658 Aug 2 00:12:50 master pop3[23899]: mystore: committing txn 2147483658 Aug 2 00:12:50 master pop3[23899]: starttls: TLSv1 with cipher RC4-SHA (128/128 bits new) no authentication Aug 2 00:12:50 master pop3[23899]: badlogin: [212.166.101.83] plaintext nospam SASL(-13): user not found: checkpass failed Does the cyrus user have read access to sasldb2? -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: SQL errors when not using SQL backend
Paul Boven wrote: Hi everyone, I'm building the latest Cyrus (imapd 2.2.8, sasl 2.1.19) and packaging it for Solaris to distrubute to several different Cyrus servers. For historic reasons we have quite a mix of authentication backends for these servers: some with /etc/passwd (via saslauthd), or MySQL (via sasl_sql_select) and now one with LDAP (Active Directory). If at all possible I wuld like to use the same binary package on all these servers, of course. So my configure statement looks like this: ./configure --with-perl=/bin/perl --with-sasl=/usr/local --with-cyrus-prefix=/usr/local/cyrus --with-dbdir=/usr/local/BerkeleyDB.4.1 And SASL is configured like this: ./configure --with-openssl=/usr/local --disable-krb4 --disable-gssapi --with-mysql=/usr/local/mysql --without-pgsql --enable-sql --with-ldap=/usr/local For the server that gets it's authentication from AD, the imapd.conf is below: configdirectory: /var/imap partition-default: /var/spool/imap admins: cyrus sasl_pwcheck_method: saslauthd allowplaintext: yes sieveusehomedir: false sievedir: /var/spool/sieve altnamespace: yes virtdomains: no hashimapspool: 1 fulldirhash: 1 createonpost: 1 autocreatequota: -1 Works like a charm but every time someone connects I get the following errors on my serial console: imap[18190]: sql_select option missing imap[18190]: auxpropfunc error no mechanism available The machine in question is not using SQL as a backend (though it has been compiled in). Should these messages turn up at all in this case? If the SQL plugin is installed, it will be initialized, and the initialization procedure checks for the sql_select option. You can either remove the SQL plugin or just add a dummy sql_select option. -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: FYI: Sendmail and Cyrus IMAP - Real Time Integration
AJ wrote: I am using this, and sendmail will just queue the message that is over quota, is this normal? How can we get sendmail to reject at rcpt to: with a message the account is over quota? Enable the 'lmtp_over_quota_perm_failure' option in imapd.conf. Also, I could not find the solution to the sendmail rule set 5 at that link, it actually does not resolve for me. Where can I read about the problem and solution? Thanks. AJ > But some further improvements are possible e.g. making sendmail pass > message > size (as indicated in SIZE= parameter of "MAIL FROM:") when available. > > BTW It seems that *sendmail* has some problems with handling "over > quota" > replies from smapd in rule set 5 [ Solutions mentioned in > http://pse.anfi.org/sendmail/rtcyrus2.html based on LUSER_RELAY and > LOCAL_RELAY --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
SQL errors when not using SQL backend
Hi everyone, I'm building the latest Cyrus (imapd 2.2.8, sasl 2.1.19) and packaging it for Solaris to distrubute to several different Cyrus servers. For historic reasons we have quite a mix of authentication backends for these servers: some with /etc/passwd (via saslauthd), or MySQL (via sasl_sql_select) and now one with LDAP (Active Directory). If at all possible I wuld like to use the same binary package on all these servers, of course. So my configure statement looks like this: ./configure --with-perl=/bin/perl --with-sasl=/usr/local --with-cyrus-prefix=/usr/local/cyrus --with-dbdir=/usr/local/BerkeleyDB.4.1 And SASL is configured like this: ./configure --with-openssl=/usr/local --disable-krb4 --disable-gssapi --with-mysql=/usr/local/mysql --without-pgsql --enable-sql --with-ldap=/usr/local For the server that gets it's authentication from AD, the imapd.conf is below: configdirectory: /var/imap partition-default: /var/spool/imap admins: cyrus sasl_pwcheck_method: saslauthd allowplaintext: yes sieveusehomedir: false sievedir: /var/spool/sieve altnamespace: yes virtdomains: no hashimapspool: 1 fulldirhash: 1 createonpost: 1 autocreatequota: -1 Works like a charm but every time someone connects I get the following errors on my serial console: imap[18190]: sql_select option missing imap[18190]: auxpropfunc error no mechanism available The machine in question is not using SQL as a backend (though it has been compiled in). Should these messages turn up at all in this case? Regards, Paul Boven. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Cyrus-POP & SASL2 auxprop work together ?
Hello, I submit my question a second time since do not find the problem. I suppose it to be something simple which could easily be overlooked. Maybe it is related with the virtual-domains, but I checked the manual/Howto/faq various times. I also though about something that has to do with permissions / access-rights ? Any suggestion would be highly appreciated. Problem is: I can not authenticate imap/pop-users using auxprop and /etc/sasldb2 On the same machine runs postfix and authentication via TLS and SASL/auxprop works fine. So I can send mails but can not retrieve mails via pop/imap. When trying to do so, /var/log/messages reads like below when trying to authenticate via login & tls Aug 2 00:00:23 master master[23882]: about to exec /usr/lib/cyrus/bin/pop3d Aug 2 00:00:23 master pop3[23882]: executed Aug 2 00:00:23 master pop3[23882]: accepted connection Aug 2 00:00:23 master pop3[23882]: TLS server engine: cannot load CA data Aug 2 00:00:23 master pop3[23882]: TLS server engine: No CA file specified. Client side certs may not work Aug 2 00:00:23 master pop3[23882]: mystore: starting txn 2147483650 Aug 2 00:00:23 master pop3[23882]: mystore: committing txn 2147483650 Aug 2 00:00:23 master pop3[23882]: starttls: TLSv1 with cipher RC4-SHA (128/128 bits new) no authentication Aug 2 00:00:26 master pop3[23882]: badlogin: [212.166.101.83] LOGIN user not found or else via plaintext & tls Aug 2 00:12:49 master master[23899]: about to exec /usr/lib/cyrus/bin/pop3d Aug 2 00:12:49 master pop3[23899]: executed Aug 2 00:12:49 master pop3[23899]: accepted connection Aug 2 00:12:49 master pop3[23899]: TLS server engine: cannot load CA data Aug 2 00:12:49 master pop3[23899]: TLS server engine: No CA file specified. Client side certs may not work Aug 2 00:12:50 master pop3[23899]: mystore: starting txn 2147483658 Aug 2 00:12:50 master pop3[23899]: mystore: committing txn 2147483658 Aug 2 00:12:50 master pop3[23899]: starttls: TLSv1 with cipher RC4-SHA (128/128 bits new) no authentication Aug 2 00:12:50 master pop3[23899]: badlogin: [212.166.101.83] plaintext nospam SASL(-13): user not found: checkpass failed I run cyrus-imapd-2.2.3 on SuSE Linux 9.1. There is a whole lot of other cyrus / sasl rpm's installed: cyrus-sasl-2.1.18-29 cyrus-imapd-2.2.3-79 cyrus-sasl-crammd5-2.1.18-29 cyrus-sasl-digestmd5-2.1.18-29 cyrus-sasl-otp-2.1.18-29 cyrus-sasl-devel-2.1.18-29 cyrus-sasl-gssapi-2.1.18-29 cyrus-sasl-plain-2.1.18-29 The user in question is listed with sasldblistusers2 (and works when sending mails). /etc/imapd.conf reads like: <...> sasl_pwcheck_method: auxprop sasl_mech_list: login plain allowplaintext: yes virtdomains: yes defaultdomain: koordinaten.at tls_cert_file: /var/lib/imap/server.pem tls_key_file: /var/lib/imap/server.pem <...> # ls -l /etc/sasldb2 -rw-r- 1 cyrus mail 12288 Jul 28 00:11 /etc/sasldb2 master:~ # sasldblistusers2 [EMAIL PROTECTED]: userPassword [EMAIL PROTECTED]: userPassword [EMAIL PROTECTED]: userPassword master:~ # master:~ # cyradm localhost IMAP Password: localhost> lm user.nospam (\HasNoChildren) I test using Opera 7.23 with the following configuration: Server: POP (port: 110) enable TLS: yes username: nospam%markom.at (also tried [EMAIL PROTECTED] - same result) Authentication: AUTH LOGIN(also tried "plaintext" - same result) When updating passwords with saslpasswd2 there is a strange message in /var/log/messages (although the user is created and/or password changed): Aug 3 21:55:55 master saslpasswd2: error deleting entry from sasldb: DB_NOTFOUND: No matching key/data pair found I could not find any useful explanation to that message - it still feels harmless to me (?) /etc/cyrus.conf: imapcmd="imapd" listen="imap" prefork=0 # imapscmd="imapd -s" listen="imaps" prefork=0 pop3cmd="pop3d" listen="pop3" prefork=0 # pop3scmd="pop3d -s" listen="pop3s" prefork=0 # sievecmd="timsieved" listen="sieve" prefork=0 saslauthd ist not running (and should not be necessary according to FAQ ?) I suppose that in some way the authentication mechanism is not ok or not supported - but I an't figure out any details about - and may also be completely misdirected. So if anyone coud give me a clue, it would be most appreciated (as likewise any hint on how to make imapd more verbous for debugging). thanks & regards Peter --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
