postix cyrus--imapd virtual domains

2006-10-29 Thread A Clockwork Orange 
Postfix send mail for user [EMAIL PROTECTED]

Oct 30 06:40:06 mow postfix/smtpd[10644]: warning: 127.0.0.1: hostname 
localhost verification failed: no address associated with name
Oct 30 06:40:06 mow postfix/smtpd[10644]: connect from unknown[127.0.0.1]
Oct 30 06:40:39 mow postfix/smtpd[10644]: 548722E1: client=unknown[127.0.0.1]
Oct 30 06:40:47 mow postfix/cleanup[13057]: 548722E1: message-id=<[EMAIL 
PROTECTED]>
Oct 30 06:40:47 mow postfix/qmgr[8166]: 548722E1: from=<[EMAIL PROTECTED]>, 
size=312, nrcpt=1 (queue active)
Oct 30 06:40:49 mow postfix/pipe[22851]: 548722E1: to=<[EMAIL PROTECTED]>, 
relay=cyrus, delay=20, delays=18/0.13/0/1.2, dsn=2.0.0, status=sent (delivered 
via cyrus service)
Oct 30 06:40:49 mow postfix/qmgr[8166]: 548722E1: removed
Oct 30 06:40:51 mow postfix/smtpd[10644]: disconnect from unknown[127.0.0.1]


BUT!
Cyrus recieve mail for user leo!!!

Oct 30 06:40:49 mow lmtpunix[10594]: duplicate_mark: <[EMAIL PROTECTED]>   
user.leo 1162179648 8



Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: Cyrus, clusters, GFS - HA yet again

2006-10-29 Thread Wesley Craig 

On 27 Oct 2006, at 03:35, Janne Peltonen wrote:

Or should I just give up and start considering Murder?


Before you decide on whether to give up on clustering, you should  
thoroughly consider Murder.  At a minimum, it provides the location  
independence that you'd like.  With replication, you have a  
realistic, immediate recovery path for machine failure.  Both of  
those are much better than what you have, while not as good as a real  
HA system.  But murder + replication will be a lot less work than  
developing an HA architecture from scratch.


:wes

Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: GSSAPI: A token had an invalid MIC

2006-10-29 Thread Phil Pennock 
On 2006-10-29 at 22:23 +0100, Jukka Salmi wrote:
> Which Kerberos version are you trying to use? Note that --with-krb
> enables Kerberos IV while Kerberos V is done throug GSSAPI
> (--enable-gssapi).

Aaaargh!  I looked all through the "Optional Packages:" output of
"configure --help", but gssapi is above under "Optional Features:".

Well, it's working now that imapd isn't trying to directly support it
but is instead relying upon cyrus-sasl2.

(Heimdal 0.7.2)
-- 
"Everything has three factors: politics, money, and the right way to do it.
 In that order."  -- Gary Donahue

Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: GSSAPI: A token had an invalid MIC

2006-10-29 Thread Jukka Salmi 
Phil Pennock --> info-cyrus (2006-10-29 18:10:41 +0100):
> It turns out that, of the software installed to date, Cyrus IMAP is the
> only one not handling the older Heimdal (from base-system) libraries in
> /usr/; if I move aside those libraries and change the Port Makefile to
> pass:
>   --with-krb=${HEIMDAL_HOME} --with-krbimpl=kth --without-krbdes
> (where HEIMDAL_HOME is /usr/local) then Cyrus just doesn't link against
> any Kerberos because it fails to use the location in --with-krb.  Which
> means that GSSAPI is provided by Cyrus-SASL and everything just works.
> 
> [gssapi]broken_des3_mic did not work around this.
> 
> Out of curiosity, is all the KRB5 support in cyrus-imapd a legacy from
> before the use of SASL or is there some other way in which it helps?

Which Kerberos version are you trying to use? Note that --with-krb
enables Kerberos IV while Kerberos V is done throug GSSAPI
(--enable-gssapi).


Cheers, Jukka

-- 
bashian roulette:
$ ((RANDOM%6)) || rm -rf ~

Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: GSSAPI: A token had an invalid MIC

2006-10-29 Thread Phil Pennock 
On 2006-10-28 at 04:35 +0200, Phil Pennock wrote:
> New server:
>  OS/Arch: FreeBSD 6.1 / amd64
>  Cyrus IMAPd: 2.3.7
>  Cyrus SASL 2.1.22
>  OpenSSL: 0.9.7i
>  Heimdal: 0.7.2 (OS port rev _1)

It turns out that, of the software installed to date, Cyrus IMAP is the
only one not handling the older Heimdal (from base-system) libraries in
/usr/; if I move aside those libraries and change the Port Makefile to
pass:
  --with-krb=${HEIMDAL_HOME} --with-krbimpl=kth --without-krbdes
(where HEIMDAL_HOME is /usr/local) then Cyrus just doesn't link against
any Kerberos because it fails to use the location in --with-krb.  Which
means that GSSAPI is provided by Cyrus-SASL and everything just works.

[gssapi]broken_des3_mic did not work around this.

Out of curiosity, is all the KRB5 support in cyrus-imapd a legacy from
before the use of SASL or is there some other way in which it helps?

Thanks,
-- 
"Everything has three factors: politics, money, and the right way to do it.
 In that order."  -- Gary Donahue

Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html