Hi Alexander,
Thanks for your inputs.
> I used the FreeBSD virtual mail HOWTO at
> http://www.wistful.net/wiki/Ed%27s_FreeBSD_Virtual_Mail_How-To
> to configure cyrus-imapd 2.2.12 with cyrus-sasl2 and MySQL v5.
Which Cyrus-SASL libraries does that include? Do you have Cyrus-SASL
compiled and installed with PLAIN and LOGIN support? Are these libraries
at their place?
cyrus-sasl-2.1.21_2 and cyrus-imapd-2.2.12_2 are the package versions.
cyrus-sasl2 was configured as:
./configure --sysconfdir=/usr/local/etc --with-plugindir=/usr/local/lib/sasl2 --with-dbpath=/usr/local/etc/sasldb2 --includedir=/usr/local/include --mandir=/usr/local/man --enable-static --with-saslauthd=/var/run/saslauthd --enable-cram --enable-digest --enable-plain --disable-anon --with-mysql=/usr/local/lib --with-dblib=ndbm --with-mysql=/usr/local --without-pgsql --without-sqlite --enable-sql --enable-login --enable-ntlm --enable-gssapi --disable-krb4 --with-openssl=yes --prefix=/usr/local i386-portbld-freebsd6.0
Following libraries are installed:
/usr/local/lib/sasl2/libplain.a
/usr/local/lib/sasl2/libplain.so
/usr/local/lib/sasl2/libplain.so.2
/usr/local/lib/sasl2/liblogin.a
/usr/local/lib/sasl2/liblogin.so
/usr/local/lib/sasl2/liblogin.so.2
> not seem to use SASL2 to authenticate. I keep getting the
> following error in auth.log whenever I try to do
> "cyradm --user cyrus localhost":
>
> ======
> Jan 30 08:47:25 mx1 perl: No worthy mechs found
> Jan 30 08:47:32 mx1 imap[92434]: bad userid authenticated
> ======
Do you allow PLAIN and LOGIN to be used without STARTTLS (check your
imapd.conf)?
Which option in imapd.conf governs this feature?
> while on the Cyradm console, I get:
>
> ======
> [EMAIL PROTECTED] cyradm --user cyrus localhost
> IMAP Password:
> Invalid user at
> /usr/local/lib/perl5/site_perl/5.8.7/mach/Cyrus/IMAP/Admin.pm line 118
> cyradm: cannot authenticate to server with as cyrus
> ^^^^^^^
> ======
>
> As you can see, SASL2 does not recognize the authentication
> mechanism.
>
> I read in the SASL2 documentation and also found looking
> through the code that if I am using PLAIN authentication
> mechanism then I need to use TLS. I have followed all your
> instructions about TLS setup but no luck.
First sentence is not correct. It is configurable. Second statement: so
TLS works? Do you successfully test with "imtest"? Be aware that
"cyradm" can not use STARTTLS (though somewhere there is a patch).
I was not able to "imtest" it either. It gives me the same "mech" error.
> Here is a portion of my /usr/local/etc/imapd.conf
>
> ======
> sasl_pwcheck_method: auxprop
> sasl_auxprop_plugin: sql
> sasl_sql_engine: mysql
> sasl_sql_user: postfix
> sasl_sql_passwd: postfix
> sasl_sql_database: postfix
> sasl_sql_hostnames: mx1.wearab.net
> sasl_sql_select: SELECT password FROM mailbox WHERE username='[EMAIL PROTECTED]' AND
> active='1'
> sasl_sql_verbose: yes
> sasl_mech_list: plain login
> sasl_password_format: crypt
> sasl_log_level: 6
>
> ======
The smtpd.conf is only for Postfix, has nothing to do with Cyrus-IMAPd.
Thanks for your support.
- Tushar
---- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
