Andrew, I found one of your older posting which also covers this. Here is what I did. I added psotfixlmtp as a user to both the frontend and and then ran the 'runuser - postfixlmtp -c "lmtptest mds01"' and used the password and it authenticated just fine. So I added the entry to my lmtp_passwd file for postfix. I also added the additional entries into the postfix main.cf file as per the instructions. On the frontend I added lmtp_admins: postfixlmtp and on the backends I added lmtp_admins: murder postfixlmtp. I did notice that when I try connecting to the lmtp on the frontend I get an error. I suspect that it's because it's looking for lmtp and it's running the lmtpproxy # runuser - postfixlmtp -c "lmtptest" WARNING: no hostname supplied, assuming localhost connect: Connection refused failure: Network initialization - can not connect to localhost.localdomain:lmtp Anyway, postfix is kicking this out in the log: lmtp[6073]: lmtp connection preauth'd as postman <-- why I'm getting this, I don't know I assume that for some reason it's still allowing anonynous connections to lmtp. I checked my cyrus.conf files on all servers and there is no "-a". It's perplexing. The information you gave me makes sense but it's like something has cached a setting and isn't letting go even though I have restarted all of the services. I'm still working the issue but if this rings a bell I'd love any feedback.
________________________________ From: Andrew Morgan [mailto:mor...@orst.edu] Sent: Wed 12/10/2008 9:35 AM To: Gary W. Smith Cc: Wesley Craig; info-cyrus@lists.andrew.cmu.edu Subject: RE: murder configuration issue final stretch On Tue, 9 Dec 2008, Gary W. Smith wrote: > Andy/Wesley, > > First off, thanks for all of the help. I've gotten pretty far I think. > I ran into a couple problems and some notes on some list groups about > dead options that were shown in examples. > > http://garysmith.pbwiki.com/Cyrus > > I have put all of my configs into a wiki (broken down by server/type). > The problem that I'm running into right now is that if I log into the > frontend box using cyradmin (as root or cyrus) I can see mailboxes but > when I go to create one on a backend server, cyradm prompts me for the > password for the corresponding account on the remote machine. I'm not > sure if this is by design or an issue. > > The other big issue is that I have lmtp configured on the frontend to > forward to the backend. The lmtp process is running on the backend as I > can telnet to it (telnet ip lmtp). On the backend I seem to be getting > a SASL2 auth error. > > badlogin: 10.80.72.1 PLAIN SASL(-13): authentication failure: Password > verification failed The documentation doesn't state this, but in a murder environment all LMTP connections must be authenticated. Using the "-a" option doesn't work because then the frontend doesn't have a set of credentials for proxying. At least, that's what my testing showed. Try creating a "cyr_lmtp" (or whatever you want to call it) user on both your backends and frontends. Then add the following: On backends: lmtp_admins: cyr_lmtp murder On frontends: lmtp_admins: cyr_lmtp Then make sure your MTA is authenticating as cyr_lmtp when it connects to the Cyrus lmtpd. Andy
---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
