Am Mo, den 30.01.2006 schrieb Tux um 18:20: > I used the FreeBSD virtual mail HOWTO at > http://www.wistful.net/wiki/Ed%27s_FreeBSD_Virtual_Mail_How-To > to configure cyrus-imapd 2.2.12 with cyrus-sasl2 and MySQL v5.
Which Cyrus-SASL libraries does that include? Do you have Cyrus-SASL compiled and installed with PLAIN and LOGIN support? Are these libraries at their place? > Although, everything else seems to be in place, "cyradm" does > not seem to use SASL2 to authenticate. I keep getting the > following error in auth.log whenever I try to do > "cyradm --user cyrus localhost": > > ====== > Jan 30 08:47:25 mx1 perl: No worthy mechs found > Jan 30 08:47:32 mx1 imap[92434]: bad userid authenticated > ====== Do you allow PLAIN and LOGIN to be used without STARTTLS (check your imapd.conf)? > while on the Cyradm console, I get: > > ====== > [EMAIL PROTECTED] cyradm --user cyrus localhost > IMAP Password: > Invalid user at > /usr/local/lib/perl5/site_perl/5.8.7/mach/Cyrus/IMAP/Admin.pm line 118 > cyradm: cannot authenticate to server with as cyrus > ^^^^^^^ > ====== > > As you can see, SASL2 does not recognize the authentication > mechanism. > > I read in the SASL2 documentation and also found looking > through the code that if I am using PLAIN authentication > mechanism then I need to use TLS. I have followed all your > instructions about TLS setup but no luck. First sentence is not correct. It is configurable. Second statement: so TLS works? Do you successfully test with "imtest"? Be aware that "cyradm" can not use STARTTLS (though somewhere there is a patch). > Here is a portion of my /usr/local/etc/imapd.conf > > ====== > sasl_pwcheck_method: auxprop > sasl_auxprop_plugin: sql > sasl_sql_engine: mysql > sasl_sql_user: postfix > sasl_sql_passwd: postfix > sasl_sql_database: postfix > sasl_sql_hostnames: mx1.wearab.net > sasl_sql_select: SELECT password FROM mailbox WHERE username='[EMAIL > PROTECTED]' AND > active='1' > sasl_sql_verbose: yes > sasl_mech_list: plain login > sasl_password_format: crypt > sasl_log_level: 6 > > ====== > > And this one from /usr/local/lib/sasl2/smtpd.conf > > ====== > pwcheck_method: auxprop > auxprop_plugin: sql > sql_user: postfix > sql_passwd: postfix > sql_hostnames: localhost mx1.wearab.net > sql_database: postfix > sql_engine: mysql > sql_select: SELECT password FROM mailbox WHERE username = '[EMAIL PROTECTED]' > and active > = '1' > sql_verbose: yes > mech_list: plain > log_level: 6 > minimum_layer: 0 > auto_transition: no > password_format: crypt > ====== The smtpd.conf is only for Postfix, has nothing to do with Cyrus-IMAPd. > This is how /usr/local/etc/pam.d/imap looks like: > > ====== > auth sufficient /usr/local/lib/pam_mysql.so user=postfix > passwd=postfix host=localhost db=postfix table=mailbox usercolumn=username > passwdcolumn=password crypt=1 logtable=log logmsgcolumn=msg > logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time > sqllog=1 > > # account > account required /usr/local/lib/pam_mysql.so user=postfix > passwd=postfix host=localhost db=postfix table=mailbox usercolumn=username > passwdcolumn=password crypt=1 logtable=log logmsgcolumn=msg > logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time > sqllog=1 > ====== Both are useless as you don't use PAM with Cyrus-IMAPd. As your imapd.conf shows your are using the sql auxprop plugin. So no PAM involved at all. > - Tushar Alexander -- Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp Serendipity 18:57:09 up 56 days, 23:34, load average: 0.01, 0.03, 0.02
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
---- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
