Re: Problems with paragraph characters in SASL passwords?
On Sat, 2017-05-27 at 10:30 -0300, Patrick Boutilier wrote: > > I am very happy with Cyrus imapd since many years. I am using it to > > host all IMAP mail boxes of my company. I am using SASL and its > > tools (mainly saslpasswd2) for password management. The primary > > IMAP client in the company is Thunderbird. > > As soon as the password contained a paragraph character ("§"), > > Cyrus / SASL refused the connection due to a wrong password even > Works for me from a telnet to port 143 then issuing: > . login > replacing user and password with correct values. > But it does fail in Thunderbird. Yep, I have experienced this type of issue numerous times. A variety of clients fail to correctly encode the authentication credentials - particularly if you are using a chat-expect authorization like PLAIN or LOGIN. To have something that always works it is best to keep usernames and passwords to ASCII/UTF-7. This is not a SASL bug. This is an every-client-rolled-their-own issue. :( -- Meetings Coordinator, Michigan Association of Railroad Passengers 537 Shirley St NE Grand Rapids, MI 49503-1754 Phone: 616.581.8010 E-mail: awill...@whitemice.org GPG#D95ED383 Web: http://www.marp.org Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: Problems with paragraph characters in SASL passwords?
On 05/27/2017 09:43 AM, Binarus wrote: Dear all, I am very happy with Cyrus imapd since many years. I am using it to host all IMAP mail boxes of my company. I am using SASL and its tools (mainly saslpasswd2) for password management. The primary IMAP client in the company is Thunderbird. Recently, I have decided to replace all IMAP passwords by longer ones. While this worked in the vast majority of cases, there were several mailboxes where Cyrus / SASL refused the connection with the new password. I have lost several hours of debugging this until the following turned out: As soon as the password contained a paragraph character ("§"), Cyrus / SASL refused the connection due to a wrong password even if the password was entered correctly into Thunderbird's password dialog. This happened with Thunderbird 52.1.1 and Cyrus imapd 2.4.16 (as shipped with Debian wheezy). My question is: Is there a known problem with paragraph characters in SASL / Cyrus passwords, or does Thunderbird cause that problem (for certain reasons, I haven't been able to test other clients yet, and googling for some hours also did not lead to anything)? Works for me from a telnet to port 143 then issuing: . login replacing user and password with correct values. But it does fail in Thunderbird. Thank you very much in advance, Binarus Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus <> Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: How to control the header cyrus lmtp adds to an e-mail upon delivery
do you use postfix as MTA? there you can set in main.cf lmtp_lhlo_name = On 26.05.2017 12:30, Michael Hieb wrote: Hmmm.. servername is clearly set in /etc/imapd.conf and lmtp is clearly using the result of gethostname(). Do you know if there is there somewhere else that I need to define servername? On 05/26/2017 06:27 PM, Leena Heino wrote: Hi, The lmtp received line is defined in imap/lmtpengine.c: p += sprintf(p, " by %s", config_servername); The lmtp should use the servername setting or gethostname() if servername is unset. On Fri, 26 May 2017, Michael Hieb wrote: Does anyone know how to control the header cyrus lmtp adds to an e-mail upon delivery? I see following added to headers of e-mail received via cyrus lmtp from postfix Received: from mail.domain1.net (mail.domain1.net [192.168.1.75]) by MAILSERVER (Cyrus v2.4.18) with LMTPA; Fri, 26 May 2017 00:26:03 + I would like to change "MAILSERVER (Cyrus v2.4.18) with LMTPA" to show FQDN "imap.domain1.com (Cyrus v2.4.18) with LMTPA". Configuration as follows: Here is my configuration in /etc/cyrus.com # at least one LMTP is required for delivery lmtpdomain1 cmd="lmtpd -a" listen="mail.domain1.com:lmtp" maxchild=-1 maxforkrate=100 I have servename set in /etc/imapd.conf (and this does appear correctly in the banner when a client connects to imap - I realize this is independent from lmtp) servername: imap.domain1.com Here is the delivery in /etc/postfix/main.cf relay_transport = lmtp:mail.celoso.net:2003 Let me know what other information you require. Appreciate any clue or advice. smime.p7s Description: S/MIME Cryptographic Signature Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Problems with paragraph characters in SASL passwords?
Dear all, I am very happy with Cyrus imapd since many years. I am using it to host all IMAP mail boxes of my company. I am using SASL and its tools (mainly saslpasswd2) for password management. The primary IMAP client in the company is Thunderbird. Recently, I have decided to replace all IMAP passwords by longer ones. While this worked in the vast majority of cases, there were several mailboxes where Cyrus / SASL refused the connection with the new password. I have lost several hours of debugging this until the following turned out: As soon as the password contained a paragraph character ("§"), Cyrus / SASL refused the connection due to a wrong password even if the password was entered correctly into Thunderbird's password dialog. This happened with Thunderbird 52.1.1 and Cyrus imapd 2.4.16 (as shipped with Debian wheezy). My question is: Is there a known problem with paragraph characters in SASL / Cyrus passwords, or does Thunderbird cause that problem (for certain reasons, I haven't been able to test other clients yet, and googling for some hours also did not lead to anything)? Thank you very much in advance, Binarus Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus