Re: exim lmtp mechs
Solved. I've fallen for this gotcha before, so I'm kicking myself for doing it again. All that was wrong was that when I installed cyrus+sasl, I neglected to install the debian package libsasl2-modules. I'm not 100% sure why this fixed it, as I don't use PAM which is what this package seems to be for. Anyway, after installing it, I got the PLAIN LOGIN mechs coming up, the rest was easy. thanks for reading. Ken Murchison wrote: The you probably have a SASL config problem. --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: exim lmtp mechs
TN wrote: I've been trying to crack this problem for over a month, between the exim cyrus lists. Sometimes I think its a exim issue, sometimes cyrus. I'm back onto cyrus :) I've posted a lengthy explanation of what I am doing here: http://groups.yahoo.com/group/exim-users/message/62558 but the short version is: I have cyrus exim on the same local server. I am using ldap authentication (saslauths -a ldap), with virtual domains and the ldap authentication is working fine - I can send receive emails into my ldap users. I am delivering mail from exim to cyus using smtp/lmtp - preauthed using lmtpd -a in cyrus.conf My little problem is that I am trying to use exim's authenticated_sender to bypass the requirement of using anyone post acl's in cyrus so I can post to suffixes. I can't get it to work - because exim doesn't attach the AUTH= param onto the dialog it does with lmtp (verified by debug in exim). It appears that this is because I don't have any auth mechanisms on offer in the lmtp delivery (I am using lmtpd pre-auth lmtpd -a), so my questions are: how do I get lmtp to offer mechs to exim ? Why doesn't pre-auth work ? I've always assumed that lmtp would be going via saslauthd, which in turn was authing via ldap - but this migth be wrong ? I've noticed with pre-auth that ltmp says AUTH EXTERNAL as a mech, but exim just ignores this it seems, and doesn't attach an AUTH= parameter at all onto the MAIL cmd. I'm not an Exim expert (in fact, I've never used it), but from reading Philip's post, it appears that Exim will not pass AUTH= unless it has authenticated to lmtpd (although RFC 2554 states that this is not required). By pre-authing lmtpd (lmtpd -a), you're preventing Exim from authenticating, unless you can find a way to tell Exim that it can use the EXTERNAL mechanism. My guess is that if you remove the -a option (and connect via TCP) that Exim will do what you want. -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: exim lmtp mechs
Ken Murchison wrote: I'm not an Exim expert (in fact, I've never used it), but from reading Philip's post, it appears that Exim will not pass AUTH= unless it has authenticated to lmtpd (although RFC 2554 states that this is not required). By pre-authing lmtpd (lmtpd -a), you're preventing Exim from authenticating, unless you can find a way to tell Exim that it can use the EXTERNAL mechanism. My guess is that if you remove the -a option (and connect via TCP) that Exim will do what you want. Hi Ken, thanks for the feedback. I thought the same as you Philip, but if I remove pre-auth, then lmtp offers no AUTH mechs at all. This is why I think I've got something wrong on the lmtpd side, mail always fails without pre-auth so that's why in the past I've just had it enabled. With pre-auth, mail is delivered, but I cannot get authenticated_sender to appened AUTH= without some lmtp mechs it likes which I imagine is any mech apart from pre-auth. I can't find a way of setting up lmtpd with mechs. I've seen postfix guys setting up lmtp auth'ing to cyrus, but no hints about how to setup the lmtp mechs themselves. I obviously have an understanding gap somewhere, so I need some info about which mechs and how to set them up for lmtpd. I compiled cyrus 2.2.3 with only the configure option --with-saslauthd ; should I use anything more ? When I used the debian package for cyrus2.1, I still had this problem with authenticated_sender lmtpd, so I don't think its a problem peculiar to my compilation, but I'm no cyrus expert. I've usually just used the debian packages but I in this case I needed virtual domains so I had to compile 2.2.3 myself. ciao -Trevor. --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: exim lmtp mechs
TN wrote: Ken Murchison wrote: I'm not an Exim expert (in fact, I've never used it), but from reading Philip's post, it appears that Exim will not pass AUTH= unless it has authenticated to lmtpd (although RFC 2554 states that this is not required). By pre-authing lmtpd (lmtpd -a), you're preventing Exim from authenticating, unless you can find a way to tell Exim that it can use the EXTERNAL mechanism. My guess is that if you remove the -a option (and connect via TCP) that Exim will do what you want. Hi Ken, thanks for the feedback. I thought the same as you Philip, but if I remove pre-auth, then lmtp offers no AUTH mechs at all. The you probably have a SASL config problem. -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html