Hi Simon, I can pop-3 with keith and telnet to mailhost 2000 without a problem. Somehow, it does not like plain as the authentication method. I was successfully authenticated if I remove the sasl_mech_list, which sieveshell will then use MD5-CRAM to authenticate me against /etc/sasldb2. That worked, but then imap and pop will not authentication correctly. Is it possible for me to use sieve despite the fact that I cannot login to timsieved?
Thanks keith > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On > Behalf Of Simon Matter > Sent: Tuesday, February 26, 2002 9:32 AM > To: Keith Kee > Cc: Ken Murchison; Cyrus Info > Subject: Re: sieveshell authentication failed on Solaris > > > Hm, sorry, I don't know whats wrong with your setup. IIRC when you have > more than PLAIN in your mechlist, sieveshell can not use PLAIN. This > only works with cyradm by now. > > - Can you use pop-3 with user keith ? > - what do you get when telnet mailhost 2000 ? > > This is what works for me here: > > [root@dhcp-141-104 root]# cat /etc/imapd.conf > configdirectory: /var/lib/imap > partition-default: /var/spool/imap > admins: cyrus > allowanonymouslogin: no > sieveuserhomedir: no > sievedir: /var/lib/imap/sieve > sendmail: /usr/sbin/sendmail > hashimapspool: true > sasl_pwcheck_method: saslauthd > sasl_mech_list: PLAIN > tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem > tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem > > [root@dhcp-141-104 root]# cat /etc/pam.d/sieve > #%PAM-1.0 > auth required /lib/security/pam_stack.so service=system-auth > account required /lib/security/pam_stack.so service=system-auth > > [root@dhcp-141-104 root]# telnet localhost 2000 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > "IMPLEMENTATION" "Cyrus timsieved v1.1.0" > "SASL" "PLAIN" > "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress > regex" > "STARTTLS" > OK > logout > Ok "Logout Complete" > Connection closed by foreign host. > > [root@dhcp-141-104 root]# sieveshell --user=simix --authname=simix > localhost > connecting to localhost > Please enter your password: > > quit > > [/var/log/messages] > Feb 26 15:21:20 dhcp-141-104 timsieved[12244]: login: > localhost.localdomain[127.0.0.1] simix PLAIN User logged in > > Anything more you want to know? > > -Simon > > Keith Kee schrieb: > > > > Simon, > > I tried add the entry in pam.conf and it is still not > working. I think > > something else is wrong. Syslog register such an entry when I issue the > > command, /usr/local/bin/sieveshell --user=keith > --authname=keith mailhost. > > > > Feb 26 07:29:58 bragi timsieved[2817]: [ID 656617 > local6.notice] badlogin: > > localhost[127.0.0.1] PLAIN invalid parameter supplied. > > > > Thanks, > > keith > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On > > > Behalf Of Simon Matter > > > Sent: Tuesday, February 26, 2002 2:38 AM > > > To: Keith Kee > > > Cc: Ken Murchison; Cyrus Info > > > Subject: Re: sieveshell authentication failed on Solaris > > > > > > > > > As you mentioned you have started saslauthd to use PAM. Therefore you > > > need to have the different configs in PAM. If timsieved needs > > > authentication, it sends the request to saslauthd with service sieve, > > > saslauthd send the auth request to PAM with service sieve. That's why > > > you need a sieve config in PAM. > > > > > > -Simon > > > > > > Keith Kee schrieb: > > > > > > > > I don't quite understand why I should bother about pam.conf if the > > > > pwcheck_method is saslauthd? Should all the authentications are > > > done through > > > > saslauthd for imapd, popd, and timsieved? Here is my > /etc/imapd.conf: > > > > > > > > configdirectory: /ext/imap/config > > > > partition-default: /ext/imap/mailboxes > > > > servername: bragi.netsco.com > > > > admins: root cyrus > > > > sasl_pwcheck_method: saslauthd > > > > allowplaintext: yes > > > > allowanonymouslogin: no > > > > autocreatequota: 20 > > > > sendmail: /usr/lib/sendmail > > > > timeout: 30 > > > > imapidlepoll: 60 > > > > impaidreponse: yes > > > > umask: 077 > > > > sieveuserhomedir: false > > > > sievedir: /ext/imap/sieve > > > > sasl_auto_transition: yes > > > > postuser: bb > > > > lmtpsocket: /var/cyrus/socket/lmtp > > > > idlesocket: /var/cyrus/socket/idle > > > > dracinterval: 30 > > > > drachost: localhost > > > > altnamespace: yes > > > > userprefix: Other Users > > > > sharedprefix: Shared Folders > > > > logtimestamps: yes > > > > sasl_mech_list: plain > > > > sasl_sasldb_path: /etc/sasldb2 > > > > > > > > Running sieveshell returns authentication error with not > much detailed > > > > information: > > > > bash-2.03# /usr/local/bin/sieveshell --user=keith > > > --authname=keith mailhost > > > > connecting to mailhost > > > > Please enter your password: > > > > unable to connect to server: Authentication Error at > > > > /usr/local/bin/sieveshell line 172, <STDIN> chunk 1. > > > > > > > > peeking in /var/adm/messages shows: > > > > Feb 25 23:48:45 bragi timsieved[1459]: [ID 702911 > auth.notice] Password > > > > verification failed > > > > > > > > and /var/log/imapd.log shows: > > > > Feb 25 23:46:49 bragi master[1434]: [ID 392559 local6.debug] > > > about to exec > > > > /usr/ > > > > local/cyrus/bin/timsieved > > > > Feb 25 23:46:49 bragi sieve[1434]: [ID 518349 local6.debug] executed > > > > Feb 25 23:46:49 bragi sieve[1434]: [ID 921384 local6.debug] accepted > > > > connection > > > > Feb 25 23:46:52 bragi timsieved[1434]: [ID 656617 > > > local6.notice] badlogin: > > > > local > > > > host[127.0.0.1] PLAIN authentication failure > > > > Feb 25 23:46:52 bragi master[1365]: [ID 310780 local6.debug] > > > process 1434 > > > > exited > > > > , status 75 > > > > > > > > Thanks > > > > keith > > > > > > > > > -----Original Message----- > > > > > From: Ken Murchison [mailto:[EMAIL PROTECTED]] > > > > > Sent: Monday, February 25, 2002 8:24 PM > > > > > To: Keith Kee > > > > > Cc: Cyrus Info > > > > > Subject: Re: sieveshell authentication failed on Solaris > > > > > > > > > > > > > > > > > > > > > > > > > Keith Kee wrote: > > > > > > > > > > > > Hi: > > > > > > I am running cyrus-imap 2.1.2 and cyrus-sasl 2.1.1 on > > > > > Solaris 8, and I am > > > > > > having problem getting timsieved to authenticate right. > > > Following the > > > > > > instructions written in "installing sieve" in the docs > > > included with the > > > > > > source, I should be able to check my login to timsieved using > > > > > > sieveshell --user=keith --authname=keith localhost. However, I > > > > > am getting an > > > > > > error: unable to connect to server: Authentication Error at > > > > > > /usr/local/bin/sieveshell line 172, <STDIN> chunk 1. > > > > > > > > > > > > I am using saslauthd as my pwcheck_method, and started > > > > > saslauthd -a pam. > > > > > > I was able to login to the imap server but not the > > > timsieved. Reading > > > > > > through the posting in this mailing list archive, there was > > > some mention > > > > > > about having to copying pam.d/imap to pam.d/timsieved. I > > > believe this > > > > > > applies to linux only? I don't find a pamd.d directory > in Solaris 8. > > > > > > Besides, I did not edit pam.conf file to make imap server > > > authenticate > > > > > > correctly. Also, I have sasl_mech_list set to plain in > > > /etc/imapd.conf. > > > > > > > > > > Whether you have one big pam.conf or separate files under > pam.d, you > > > > > need to have a 'sieve' config which can be a copy of your > 'imap' or > > > > > 'pop' config. > > > > > > > > > > Ken > > > > > -- > > > > > Kenneth Murchison Oceana Matrix Ltd. > > > > > Software Engineer 21 Princeton Place > > > > > 716-662-8973 x26 Orchard Park, NY 14127 > > > > > --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp > > > > > > > > > > > > > > > > > > > > > > > > > >
