Re: Problems with paragraph characters in SASL passwords?
On Sat, 2017-05-27 at 10:30 -0300, Patrick Boutilier wrote:
> > I am very happy with Cyrus imapd since many years. I am using it to
> > host all IMAP mail boxes of my company. I am using SASL and its
> > tools (mainly saslpasswd2) for password management. The primary
> > IMAP client in the company is Thunderbird.
> > As soon as the password contained a paragraph character ("§"),
> > Cyrus / SASL refused the connection due to a wrong password even
> Works for me from a telnet to port 143 then issuing:
> . login
> replacing user and password with correct values.
> But it does fail in Thunderbird.
Yep, I have experienced this type of issue numerous times. A variety
of clients fail to correctly encode the authentication credentials -
particularly if you are using a chat-expect authorization like PLAIN or
LOGIN. To have something that always works it is best to keep
usernames and passwords to ASCII/UTF-7.
This is not a SASL bug.
This is an every-client-rolled-their-own issue. :(
--
Meetings Coordinator, Michigan Association of Railroad Passengers
537 Shirley St NE Grand Rapids, MI 49503-1754 Phone: 616.581.8010
E-mail: awill...@whitemice.org GPG#D95ED383 Web: http://www.marp.org
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: Problems with paragraph characters in SASL passwords?
On 05/27/2017 09:43 AM, Binarus wrote:
Dear all,
I am very happy with Cyrus imapd since many years. I am using it to host
all IMAP mail boxes of my company. I am using SASL and its tools (mainly
saslpasswd2) for password management. The primary IMAP client in the
company is Thunderbird.
Recently, I have decided to replace all IMAP passwords by longer ones.
While this worked in the vast majority of cases, there were several
mailboxes where Cyrus / SASL refused the connection with the new
password. I have lost several hours of debugging this until the
following turned out:
As soon as the password contained a paragraph character ("§"), Cyrus /
SASL refused the connection due to a wrong password even if the password
was entered correctly into Thunderbird's password dialog. This happened
with Thunderbird 52.1.1 and Cyrus imapd 2.4.16 (as shipped with Debian
wheezy).
My question is: Is there a known problem with paragraph characters in
SASL / Cyrus passwords, or does Thunderbird cause that problem (for
certain reasons, I haven't been able to test other clients yet, and
googling for some hours also did not lead to anything)?
Works for me from a telnet to port 143 then issuing:
. login
replacing user and password with correct values.
But it does fail in Thunderbird.
Thank you very much in advance,
Binarus
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
<>
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: How to control the header cyrus lmtp adds to an e-mail upon delivery
do you use postfix as MTA? there you can set in main.cf lmtp_lhlo_name = On 26.05.2017 12:30, Michael Hieb wrote: Hmmm.. servername is clearly set in /etc/imapd.conf and lmtp is clearly using the result of gethostname(). Do you know if there is there somewhere else that I need to define servername? On 05/26/2017 06:27 PM, Leena Heino wrote: Hi, The lmtp received line is defined in imap/lmtpengine.c: p += sprintf(p, " by %s", config_servername); The lmtp should use the servername setting or gethostname() if servername is unset. On Fri, 26 May 2017, Michael Hieb wrote: Does anyone know how to control the header cyrus lmtp adds to an e-mail upon delivery? I see following added to headers of e-mail received via cyrus lmtp from postfix Received: from mail.domain1.net (mail.domain1.net [192.168.1.75]) by MAILSERVER (Cyrus v2.4.18) with LMTPA; Fri, 26 May 2017 00:26:03 + I would like to change "MAILSERVER (Cyrus v2.4.18) with LMTPA" to show FQDN "imap.domain1.com (Cyrus v2.4.18) with LMTPA". Configuration as follows: Here is my configuration in /etc/cyrus.com # at least one LMTP is required for delivery lmtpdomain1 cmd="lmtpd -a" listen="mail.domain1.com:lmtp" maxchild=-1 maxforkrate=100 I have servename set in /etc/imapd.conf (and this does appear correctly in the banner when a client connects to imap - I realize this is independent from lmtp) servername: imap.domain1.com Here is the delivery in /etc/postfix/main.cf relay_transport = lmtp:mail.celoso.net:2003 Let me know what other information you require. Appreciate any clue or advice. smime.p7s Description: S/MIME Cryptographic Signature Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Problems with paragraph characters in SASL passwords?
Dear all,
I am very happy with Cyrus imapd since many years. I am using it to host
all IMAP mail boxes of my company. I am using SASL and its tools (mainly
saslpasswd2) for password management. The primary IMAP client in the
company is Thunderbird.
Recently, I have decided to replace all IMAP passwords by longer ones.
While this worked in the vast majority of cases, there were several
mailboxes where Cyrus / SASL refused the connection with the new
password. I have lost several hours of debugging this until the
following turned out:
As soon as the password contained a paragraph character ("§"), Cyrus /
SASL refused the connection due to a wrong password even if the password
was entered correctly into Thunderbird's password dialog. This happened
with Thunderbird 52.1.1 and Cyrus imapd 2.4.16 (as shipped with Debian
wheezy).
My question is: Is there a known problem with paragraph characters in
SASL / Cyrus passwords, or does Thunderbird cause that problem (for
certain reasons, I haven't been able to test other clients yet, and
googling for some hours also did not lead to anything)?
Thank you very much in advance,
Binarus
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
