RE: Looking for pointers - timsieved / sasl question
Hi Martin,
Instead of running that command as root, try su'ing to the user you're
trying to run sivtest for...
I had the same exact problem and that's the only way around it that I could
find.
Dan
From: Martin Richard [EMAIL PROTECTED]
Reply-To: Martin Richard [EMAIL PROTECTED]
To: info-cyrus@lists.andrew.cmu.edu
Subject: Looking for pointers - timsieved / sasl question
Date: Tue, 15 Feb 2005 22:35:03 -0500
Hello all,
I have a postfix + cyrus + sasl + pam setup, working nicely so far.
Users get and send mail. All account info is in mysql via
pam/pam_mysql as per the HOWTOs. IMAP mech LOGIN works fine:
[EMAIL PROTECTED] root]# imtest -u -a localhost -v
S: * OK mail..com Cyrus IMAP4 v2.2.8 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
S: C01 OK Completed
Please enter your password:
C: L01 LOGIN {8}
S: + go ahead
C: omitted
S: L01 OK User logged in
Authenticated.
Security strength factor: 0
L01 LOGOUT
* BYE LOGOUT received
L01 OK Completed
Connection closed.
[EMAIL PROTECTED] root]#
But I'm having trouble with sieve / timsieved. I want to use it via
mech PLAIN for automated scripts/interfaces for my users to put
filters or vacation messages.. Using same account info:
[EMAIL PROTECTED] root]# sivtest -u -a -m plain localhost
S: IMPLEMENTATION Cyrus timsieved v2.2.8
S: SIEVE fileinto reject envelope vacation imapflags notify
subaddress relational regex
S: OK
Please enter your password:
C: AUTHENTICATE PLAIN {60+}
base64removed
S: NO Authentication Error
Authentication failed. generic failure
Security strength factor: 0
LOGOUT
OK Logout Complete
Connection closed.
[EMAIL PROTECTED] root]#
I get this in /var/log/messages:
Feb 15 22:30:20 www sievelocal[2604]: badlogin: www[127.0.0.1] PLAIN
no mechanism available
sievelocal is started via /etc/cyrus.conf:
sievelocalcmd=timsieved -C /etc/imapd-local.conf
listen=127.0.0.1:sieve prefork=0
I'm thinking the culprit is SASL..
[EMAIL PROTECTED] root]# saslauthd -v
saslauthd 2.1.19
authentication mechanisms: getpwent kerberos5 pam rimap shadow
[EMAIL PROTECTED] root]#
No PLAIN.. But it was (at least I asked for) compiled with PLAIN..
from config.log:
[EMAIL PROTECTED] cyrus-sasl-2.1.19]# more config.log
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by configure, which was
generated by GNU Autoconf 2.57. Invocation command line was
$ ./configure --enable-plain --with-mysql=/u01/mysql --with-pam
the plain plugin is also in the lib directory:
[EMAIL PROTECTED] cyrus-sasl-2.1.19]# ls -al /usr/lib/sasl2/libpl*
-rwxr-xr-x 1 root root 679 Feb 15 13:53 /usr/lib/sasl2/libplain.la
lrwxrwxrwx 1 root root18 Feb 15 13:53 /usr/lib/sasl2/libplain.so
- libplain.so.2.0.19
lrwxrwxrwx 1 root root18 Feb 15 13:53
/usr/lib/sasl2/libplain.so.2 - libplain.so.2.0.19
-rwxr-xr-x 1 root root 90438 Feb 15 13:53
/usr/lib/sasl2/libplain.so.2.0.19
[EMAIL PROTECTED] cyrus-sasl-2.1.19]#
saslauthd is running and available, running with -a pam
So I must be missing something! How do I setup/use mech PLAIN (and
pam) in saslauthd to be able to use timsieved ???
Thanks for any pointers. I've been scratching my head at this for days
now.
Martin
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Sieve Authentication Fails
It has --authname and it works fine. Check man pages. Igor --- Sorry, unless I'm misunderstanding something... that's not it. According to the man pages --authname let's you pass in a different username for authentication, it doesn't let you specify a mechanism... Dan --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Sieve Authentication Fails - Resolved
OK, I'm not sure why this works, but if I su to the unix account which matches the mailbox name of the mailbox I'm trying to run sieveshell for and it works just fine. I had assumed I could be running as root, or another account I use to manage stuff and just pass in the username with a -u parameter. I only tried this because I installed the avelsieve squirrelmail plugin. Once installed, the plugin worked fine, so I knew authentication worked with sieve. That's when it occurred to me to actually su to that unix account, and re-run sieveshell. Thanks for the help guys. Appreciate it. Dan From: Igor Brezac [EMAIL PROTECTED] To: Dan Perez [EMAIL PROTECTED] CC: info-cyrus@lists.andrew.cmu.edu Subject: Re: Sieve Authentication Fails Date: Fri, 4 Feb 2005 14:30:07 -0500 (EST) On Fri, 4 Feb 2005, Dan Perez wrote: It has --authname and it works fine. Check man pages. Igor --- Sorry, unless I'm misunderstanding something... that's not it. According to the man pages --authname let's you pass in a different username for authentication, it doesn't let you specify a mechanism... You are correct, you cannot pass a mechanism to sieveshell. I incorrectly assumed that --auth in cyradm is an authentication username. -- Igor --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Sieve Authentication Fails
Hi All, I see that this question has been posted before, but I don't see a clear answer, so forgive me. Any leads would be appreciated. I'm running cyrus 2.2.10, on RHEL 3.0. It works great. Now I want to start using sieve... but I can't get sieveshell to connect to the server and I don't understand why. [EMAIL PROTECTED] log]# sieveshell -u cyrus localhost connecting to localhost Please enter your password: unable to connect to server at /usr/bin/sieveshell line 169, STDIN line 1. my imapd conf: configdirectory: /var/lib/imap partition-default: /var/spool/imap admins: cyrus sievedir: /var/lib/imap/sieve sendmail: /usr/sbin/sendmail hashimapspool: true sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt saslauthd is running w/ -a pam Authentication works fine for the IMAP server, cyradm. Sieve is listening... [EMAIL PROTECTED] log]# telnet localhost sieve Trying 127.0.0.1... Connected to localhost (127.0.0.1). Escape character is '^]'. IMPLEMENTATION Cyrus timsieved v2.2.10-Invoca-RPM-2.2.10-8 SASL PLAIN SIEVE fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex STARTTLS OK Heck, I even get sieve headers in my emails... X-Sieve: CMU Sieve 2.2 Any ideas? Thanks, Dan --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
re: Apple Mail.app not playing nicely with Cyrus on large mailboxes
I'm not sure if this is a Mac problem (probably) or a Cyrus problem... but I'm running into exactly the same thing. We just moved to Macs a little while ago, and some of our users have horrible response with the Mail client. I just built a new mail server (Cyrus 2.2.10-8 Sendmail running on red hat enterprise linux 3.0) and I'm doing some stress testing. At first I sent a 1000's of messages to my mailbox and things seemed to work fine with Mail.app. (100's of megs worth of data) Well... worked fine after the initial hour or 2 of caching the headers, downloading the messages, and indexing the local cache. Next I migrated one user's INBOX folder (170 megs in 3000+ messages) from exchange to the Cyrus server. The user's mailbox has 500+ megs of mail but I wanted to start small. Although my mailbox had more messages, and was larger, the Mail.app client works a lot better with my mailbox than it does with the first user I tried to test with. I copied the mail over using Outlook. It seemed like the easiest way (right click copy paste) even though it took 1hr to copy the 170 megs. I just read this thread so now I plan on trying to add a telemetry log for that user and do some more testing. I'll follow up if I learn anything worthwile. Dan --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
