Daniel Lawson wrote:
I have a virtual domain system set up under Debian Woody with exim, ldap as an auth backend, and cyrus 2.1.15 (backported to Woody). I am using althierarchy and unixsep. Saslauthd is configured to use PAM as an authentication mechanism.
Mailboxes are created with the name "[EMAIL PROTECTED]". Delivery and retrieval works perfectly.
However, I cannot log in to timsieved with usernames in this format. The standard mail logs only show failed login style messages.
My authentication log has the following (edited) snippet:
Aug 31 17:16:18 server cyrus/timsieved[20862]: can't access srvtab file /etc/srvtab: No such file or directory
Aug 31 17:16:18 server cyrus/timsieved[20862]: server add_plugin entry_point error generic failure
Aug 31 17:16:18 server cyrus/timsieved[20862]: _sasl_plugin_load failed on sasl_server_plug_init for plugin: kerberos4
Aug 31 17:16:18 server cyrus/timsieved[20862]: cross-realm login [EMAIL PROTECTED] denied
The first three lines appear to occur every time someone logs in, so I dont think this is relevant. The last one seems to be the relevant one - 'cross-realm login ...'
Adding 'domain.net.nz' to the 'loginrealms' parameter in imapd.conf allows this user to login via sieve.
I'd rather not have to add every domain to this field if I can at all help it. I'll confess that I know very little about SASL, however it bothers me that it acts differently when used from Sieve (ie, wont allow logins) but both the IMAP and POP daemons allow logins fine.
Is there something about Sieve which means I cannot use "@" in usernames at all? Am i missing an obvious configuration option somewhere? :/ Anyone have any thoughts on how to fix this?
Daniel
-- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
