upgrade problem 2.0.16 Berkeley DB 3 to 2.2.12 Berkeley DB 4

2005-07-04 Thread Pascal Mouret 

Hello all,

I am having quite some troubles upgrading from cyrus imap 2.0.16 to 2.2.12.
The problem (of these past fews days) comes from the mailboxes.db which 
I fail to convert to skiplist.
The current cyrus imapd 2.0.16 was compiled using berkeley db 3, while I 
compiled the new 2.2.12 with berkeley db 4.2

As suggested in the cyrus upgrade procedures, I proceeded to convert my
berkeley mailboxes.db to skiplist using :
/opt/newcyrus/bin/cvt_cyrusdb /backup/test_cyrus_db/imap/mailboxes.db
berkeley /backup/test_cyrus_db/imap/mailboxes.db.skip skiplist
The result was :
fatal error: can't open old database
The logs show the following :
Jun 28 11:56:14 mailup cvt_cyrusdb[212914]: DBERROR db4: Program version
4.2 doesn't match environment version
Jun 28 11:56:14 mailup cvt_cyrusdb[212914]: DBERROR: dbenv->open
'/var/imap/db' failed: Invalid argument
Jun 28 11:56:14 mailup cvt_cyrusdb[212914]: DBERROR: init() on berkeley
Jun 28 11:56:14 mailup cvt_cyrusdb[212914]: DBERROR: reading
/var/imap/db/skipstamp, assuming the worst: No such file or directory
Jun 28 11:56:14 mailup cvt_cyrusdb[212914]: DBERROR db4: environment not
yet opened
Jun 28 11:56:14 mailup cvt_cyrusdb[212914]: DBERROR: opening
/backup/test_cyrus_db/imap/mailboxes.db: Invalid argument

Note that, as this is a production server, I first made a copy of
mailboxes.db and made all the attempts on that copy (which explains the
unusual path).
Then, this also means that there is a cyrus 2.0.16 running while I make
the tests with the 2.2.12
Anyway, I was not too much surprised when cvt_cyrusdb failed. It was
because I tried to read a Berkeley DB 3 file from a Berkeley DB 4
application, I thought.
I then tried to upgrade the file to BDB 4 using the BDB 4 db_upgrade
utility. First surprise : the file did not change !? Predictably
enough, running cvt_cyrusdb failed again, with the same messages both on
console and syslog !
I thought I'd rather create a proper BDB 4 file then :
db_dump mailboxes.db | db_load mailboxes.db.new
This time, the file looked good. I ran cvt_cyrusdb on that new file, and
it failed again with the same messages.
I tried to run it with type berkeley-nosync instead of berkeley. No
better luck !
I tried again specifying an alternate imapd.conf including 2.2.12
options. Same again !
I browsed the archives of the list, the documentations of both cyrus and
berkeley db, but didn't find anything
I'm completely stuck now.
Has anybody got an idea ? Where did I go wrong ? Could it be a result of
running version 2.2.12 cvt_cyrusdb while 2.0.16 is still up ?
Any hint would be greatly appreciated
Thank you very much

   Pascal Mouret

--

Pascal Mouret
DSII - Direction du Système d'Information et de l'Informatique
Université de Provence - 3, place Victor Hugo - 13331 Marseille cedex 3
Tél:  04 91 10 64 02E-mail: [EMAIL PROTECTED]
Fax: 04 91 08 35 00 ou[EMAIL PROTECTED]
(Ligne d'assistance (interne) : 04 91 10 85 55 / 04 42 95 34 54)


---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: upgrade problem 2.0.16 Berkeley DB 3 to 2.2.12 Berkeley DB 4

2005-07-04 Thread Mika Iisakkila 

Pascal Mouret wrote:

Has anybody got an idea ? Where did I go wrong ? Could it be a result of
running version 2.2.12 cvt_cyrusdb while 2.0.16 is still up ?


Running two different versions (or even having them present on the
system) of BDB libraries is always somewhat a problem. Save yourself
a lot of trouble and use Cyrus' utilities to dump the mailbox database
into a text file (ctl_mboxlist -d) on the old system, then read the
database back with ctl_mboxlist -u on the new installation.

cvt_cyrusdb is used to convert between two different Cyrus database
backends, not to upgrade a Berkeley database.

--mika
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: Tunning for large number of files in INBOX

2005-07-04 Thread Marco Colombo 
On Thu, 2005-06-30 at 13:22 -0300, Andreas Hasenack wrote:
> On Wed, Jun 29, 2005 at 02:56:58PM -0600, Michael Loftis wrote:
> > clients retrofitted to squak IMAP.  Get a real IMAP client like Mulberry 
> > that takes advantage of server side sorting, threading, and searching to 
> > allow for (nearly) limitless mailboxes but not download each and every 
> > header.
> 
> Is there a "real IMAP client" which is free software?
> I have seen this "downloading *all* headers" behaviour with every free
> imap client I have tried.
> 

Not that I'm suggesting it, but pine doesn't show the "all headers"
behavior, and it's free. :-)

Too bad they forgot that an imap folder can hold both messages and
subfolders, and they had to add a late hack to allow the correct
browsing of a Cyrus server. No client is perfect.

Being an old-time user of Pine, it's always a pain to use Thunderbird or
Evolution, clients so feature-full but w/o decent imap behavior:
sometimes I have to switch back to Pine to be able to handle 50k+ new
messages per folder in a decent time (Pine takes negligible time to open
them).

.TM.
-- 
  /  /   /
 /  /   /   Marco Colombo
___/  ___  /   /  Technical Manager
   /  /   /  ESI s.r.l.
 _/ _/  _/  [EMAIL PROTECTED]

---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

[no subject]

2005-07-04 Thread Post Office 
The message was undeliverable due to the following reason:

Your message was not delivered because the destination server was
unreachable within the allowed queue period. The amount of time
a message is queued before it is returned depends on local configura-
tion parameters.

Most likely there is a network problem that prevented delivery, but
it is also possible that the computer is turned off, or does not
have a mail system running right now.

Your message could not be delivered within 3 days:
Host 205.203.2.162 is not responding.

The following recipients could not receive this message:


Please reply to [EMAIL PROTECTED]
if you feel this message to be in error.

  Virus Warning Message 
The virus (W32/[EMAIL PROTECTED]) was detected in the attachment message.zip. 
The
attached File message.zip has been removed.

Nachfolgender Virus (W32/[EMAIL PROTECTED]) wurde im Attachment message.zip 
gefunden,
deshalb wurde das Attachment message.zip gelöscht.
Für Fragen dazu steht Ihnen der chello Helpdesk sehr gerne zur Verfügung.
Weitere Informationen zum Virenschutz: http://portal.chello.at/av-info.html

Le serveur de mail chello a détecté le virus W32/[EMAIL PROTECTED] dans le 
fichier
message.zip inclus dans ce mail. Ce fichier message.zip a donc été supprimée
pour en éviter la diffusion. Pour plus d'information, merci de cliquer sur
le lien suivant  http://www.chello.fr

Az Önnek kézbesített levél mellékletében a vírusszűrő rendszer a(z)
W32/[EMAIL PROTECTED] nevű vírust találta, ezért a(z) message.zip nevű
mellékletet biztonsági okokból eltávolította.
További információért, kérjük kattintson az alábbi hivatkozásra:
http://home.hun.chello.hu/upcmnfc/start/szolgaltatas/biztonsag/virussz_res_gyik/

V příloze message.zip byl detekován virus W32/[EMAIL PROTECTED] Příloha 
message.zip byla proto odstraněna.
Pro dotazy kontaktujte prosím technickou podporu.

W załączniku message.zip wykryto wirus W32/[EMAIL PROTECTED] Plik message.zip 
został
usunięty. Więcej informacji znajdziesz na stronie internetowej:
http://home.pol.chello.pl/upcmnfc/start/pomoc/wirusy/

V priloženom súbore message.zip bol zistený vírus (W32/[EMAIL PROTECTED]).
Súbor message.zip bol odstránený. V prípade otázok prosím kontaktujte linku 
technickej podpory.
http://www.chello.sk

Re: Tunning for large number of files in INBOX

2005-07-04 Thread Andreas Hasenack 
On Mon, Jul 04, 2005 at 03:54:16PM +0200, Marco Colombo wrote:
> > Is there a "real IMAP client" which is free software?
> > I have seen this "downloading *all* headers" behaviour with every free
> > imap client I have tried.
> > 
> 
> Not that I'm suggesting it, but pine doesn't show the "all headers"
> behavior, and it's free. :-)
> 
> Too bad they forgot that an imap folder can hold both messages and
> subfolders, and they had to add a late hack to allow the correct
> browsing of a Cyrus server. No client is perfect.
> 
> Being an old-time user of Pine, it's always a pain to use Thunderbird or
> Evolution, clients so feature-full but w/o decent imap behavior:
> sometimes I have to switch back to Pine to be able to handle 50k+ new
> messages per folder in a decent time (Pine takes negligible time to open
> them).
 
Interesting to know, thanks. I'll consult with my local Pine users :)

---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Looking for tips on scripting

2005-07-04 Thread Tarjei Huse 
Hi, I'm looking for a quick way to script usersubscriptions. AFAIK this 
should be possible if the libary in question supports authenticating 
with a different set of credidentials (i.e. the adminuser) than the user 
you log in as.


I've searched a bit, and I cannot find any perl or php libaryis that 
does this and also supports subscribing to folders, therefore I end up 
here. Does anyone know of a library that makes it possible to do this ? 
If possible, an example would be great.


Kind regards,
Tarjei
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Thunderbird with shared folders

2005-07-04 Thread Mike Brodbelt 
Hi,

I've got a couple of users set up with shared folders here, and I'm
having a problem with Thunderbird correctly storing mail in them. I'm
posting it here in the hope someone has seen it before, as my experience
filing IMAP related bugs with mozilla.org has been that it's a good way
to get ignored for a couple of years

Running Cyrus 2.1, and the user in question (foo, for the sake of this
mail) is subscribed to their own folders (i.e. user.foo.*). The user is
also subscribed to another users folders (bar, for the sake of this
mail). User "bar" has several subfolders, and is just a shared account -
set up under the user hierarchy as I need sieve functionality of mail
sent to it.

In Thunderbird, when the user sends mail from the main identity, the
message is stored in "user.foo.Sent", and all works as expected.
However, when mail is sent from the second configured identity, it is
supposed to be copied to "user.bar". This isn't happening - thunderbird
just hangs at this point trying to copy the sent message to the
configured folder. A protocol trace shows that it's doing completely the
wrong thing:-

16 OK Completed
17 list "" "INBOX^^user^bar"
17 OK Completed (0.000 secs 1 calls)
18 create "INBOX^^user^bar"
18 NO Invalid mailbox name
19 IDLE
+ idling

Obviously the reference to "INBOX" in the mailbox path it's using is
completely wrong. Has anyone seen this before with a Cyrus setup, and
are there any known workarounds?

Mike.
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

error

2005-07-04 Thread Returned mail 
.qeÛkٌÁgÃOoñw7
·mr£ßRäB!ª0š²³¯|º¾Õ«Õ֌chJ"k¨Cp†kK2ÏѨ¹M–'/~ÃN
–G>ùŽ;àÆ·ÌqÈK…h?Ǻ;#—÷žC–‰)óBu®A¾

٘ƒuÅ)‹/0Ô~Tŕ)Ôs2·!Ý_Eî™vVåˆXÕ>¼º¦â¦öìMùÔGä¿`ülv]Úém‹Ò—i–œfN/< ô
ïAkï³ölá{~ha׏Â,,#-ÇážåÑDgâöÇ~ßXžIµ™o˚^JU`9ßYì-”ÀÏr¨±OìyH¬¤Ô[I»ë¹q
âþ•õp×
ÌÝeéGJØi“·fª¨ bÖNVR;J&v´f†ÓïóÑË{B6çkó؉>]v¿ó¼èKˆPÁ·/ãþh² 
´ß›ügè·1‡¤Þ|oÐ2!X{]Ñàšu£þƒqÜ²¦b!WPv±”dÚj“uýX 
åú°f!CÎÜ^þüß­ðː¦!b™PtqY8ú¸Ùýj
Qwv’Wârp¨¿!ڍøuó½tê¼áˆñ7†nÌfºF5GÛBT|ç>
6nwûº&GMìՌYm¾Àßїj&ï'ïÃù%±-"iVA$qJ½¼ß;Å(ù›a°(!ü©|ÜgQ,ÓMð7[¼äIxY˜
ä-N¸„¤ãÓñƒõFøO wW§çœšŽüôïMTS¸Šæ1!Ï^°Ì\OªŒ_‰“lç’ÇçóÃ*Šµ3ä翉óш©g× 
mòmÚ5ªHý×7›ß
lCoÔ½™¹#¢Âdù´0[©Òµ›èýgÅ}óĔbŒç’t|"½¡, 0¹JlØkîd‰PCÅ
Ò©JE”·p}Z¿»ÀßçøµZ¦/i«^Ì_?lÈ
Š­2çá÷Ìi
}·ÖjS‚,ÒÈÛ~³Je¿ÛüÂÌ:fVª’œ²“òóH³„§”
ÎK3¢Bûhaã¤|¨*òYēÍfôv¸Í´óï܎oVT^GjÖô¨X
ÈSx†.OèËτƝCP]›'5
²œY·ÇçþôƒYD—Xäñ{[ÂÅôÓ"ŸƒiÁ÷¾A¯÷8:Á#¶iTdÒQ±‘E1ƒSf›ÂX!u•°37›½/Ùis¯ñì!ð'Œ²t|þ?)¤‰o¤ìŒªq8Ža¬vhó´Ä½/튴2ó« M^kjË]i®A{ËÁlæɨZÍ,Ñõµd?,o¼†ÅÄcKë7
~ÔÞ
¿&<°o³…_ÓY¼»Õ]GSu¶ß¨F
’1пV­„øÍvµè2£ãìÓ»Y¿Eà¯á?Ūyo—ÀüÍ9ðPŸP£çuG™­8 ¿Fn
(7²:UÅuð‡|RÚZÞýÙ$$WH¼uF8<òÔÌL4Ë…\û³¼Šè«ÆïN‚¯®è81˜2FxH„^)0
  Wñ’œ¹]9ZÀC£/© ©9UIÊÍáâ#»NÎ;”¸¨¶[öØKOÞz»hœöhah\
ü`ŒDÂÒ!’ç‘_qáÓº”ú;þhÅU‹EÅt´N;ßî‹k®º<åÍ#)m¡ÄZ.I\¾8'Á„ISY•hëÞI6tbôU%mg{yWWUgº\х‹ƒ¬[~ÊÆÙ÷°¦¯>»õÖþ󒗍ÙÆÝï¹J(:´$ÓL”­ò¿¾:Ív`âø–p7´¥;qgcßŨ¯¶uONjÓ
¬
é†qŽšb¬ˆ¦aLäއٞ¹®‘¢ŽRÊée$«Y;¸
hÑßVŠ"µ{p”4VÉ`fMAÕqۋ¿n„Kü¸ƒþR ~Që–u_žÄéaù(8EºZ,£?÷dÖÝ­½`c`çªPœÝ÷Œ 
66ՔIÍC¥c`‡sÕX¸ZUöCO/Á{Ø'Àêý‚\H*hǑZçü7¶ cRVUÌ
øèoxë¸m‰GnJûj¦6òÉݲ™¥Ï°É•[nš¶¼
”6ÕP7ä{Ísœ]Œo¹³Œ:ž:,
efØç‘Cw3šò½æƒ
DmºÜE¤©R¶Ÿ2Lcq
ꐑnY5ÛW7"N”1pؑFøsbqi•¨¬B§rÁ«£nñ#ïÊDâþ‰×ä¶Áy{ò/Ì(Ï*^Φ¼›¬Özgž<6V÷¯Rꛓj§BWpàÐ)ýØÅ®e2
[u§‹i*.ámûK|-šœ¸¤åy¦aõ͉ÉX—[—‘kFW•î,ëO] ¸5wïQ͇а¨
¦Œö$,íQÞ±LâÖ?ðœ÷x>£â»AÈd0I¢Vƒo:\&ì2ŠÄ’(éˆÈvG*bÔÕ#êÏHÒÅÔ{ç9u¦å_uó9ӛE¥`Û$ò§ò#{̇^LS$.$Çúa#j^¼¬3GjDÌ>g¥QAUe•\ȸ/çÊbûN¿õ
ô›WA˜.¡z«ãŒ!—[yhB\D:°¯ÐɞüÈõÖìtzd4-wÝã­ÃQÁv·èOOÔâ&åe™Ú/…¸KˆÃLæ_pèkO)¸±³”`H®ß‰WÔûkãO˜1u)"d׍•ïB7žÊÉ
dd?1Èjç䔬Úëõ®>ûÑ£'|ëJê?’RBÊãÉdéHµê¡¶~òaô„Ú6èì]œãéc»„œ
è[÷ÓyÑùœ¼ú•šUÏ°—X†SÜÆÎÏÈaØMzµ$þ‘‰ñVëÚ10YfíÈÈñtÛn¸¶‹èjȁ)ìà12sxÆy©£x?“ád ­©Øí0³Tµò(‚Ýú?‘íKø®j‘VBÁ§õ"9øö¬'ºs»©((i¬FgžT[È¥JV¤®:I›MV诅’NÈ¢˜›I¿šÏbðÞqÊösÏN¾ÞQŒ†—iX"™(Ö)pŸÃ…âm]őq÷ï
Y
ÓnñÓ¾V#ÃÝc$ʶ'óæsӘ}äS›’x˂¤gÚËØâãqk¦2Ñ&jŸ¤’DAiSlÝ")%Y
ŸÅs“
4úyaíèÈ®FæY.š—‘ê¦PTM š“>L9øø)%·îvà¹ëB&QæhÞxâÉ»$¥²uVÅ´ØYô4ÂhÊÀ›[ºWù¾¶|¢6
;¹±æui¬±Q²*ð·‘\ZT‹pXvê²nv¼Åؙ£â³ìTÏ$·…&ªŠA–óוX‡i(b{o 
ú´"y–5¡zæ}g}sTÕLK3:²ŸÚI.˛‹8Ì*,** Message from InterScan E-Mail VirusWall NT **

** WARNING! Attached file instruction.zip contains:

 WORM_MYDOOM.M virus in compressed file instruction.htm 
   .scr

   Attempted to clean the file but it is not cleanable.
   It has been deleted.
* End of message ***

Gbuiagi

2005-07-04 Thread Returned mail 
œ§˜½ªƒ¶Ÿ`½Õ’—¾aHá¢7iì)]ÌÏRü Ë‹ðº„)y}ÑàÓ7&÷s—F—±G6Ò
æzË%„¿ê„?^S½«î̖9"nƒƒ2PqÔÓØþÏ°…çÚþé‰h5ƪ”j¦R±B'¶Ë™û“ö<––ý5)åXEM%÷ð‹Ð$%O
dJ0ú!]׶?ëèL.'¬|².p-ß$ø¯›Ä¶$ÕÓ0á}âñ\ÂÀ´ó—×f§»%Ö:­¤›¹¬³þ–÷[DJ‚ø²£Ãe"­Òú\‡E½¢¯œó{‚ÔÐ*/͒߶·M&\âÖºKÄUÏ*T§¦ž|•ÛÜ´x.øÐmޒK¯“©hjšâ:K*°×Ú<
©î~d˜Î‡„uØõ
V‰f1ñNñvÀEá©ÆL.ãû—#kã„ç»Ã—rzÏݎ*âË5ÝK,©÷4såzyÛjõǏºÏs2$QX?·£Á LW'®þP}ö¸ä˶½\«d"wÌ'Oèr[‚ÓôEˆ<ŽZcNjΉ¿ÕûÙ'½
¦àÝ볕N.
Ò↖ۓ4X3õ¢ãU6«êÛÃä%¼?U»Ãuòՙ[j{Œ¬J¼°ÔbMg~GÏJsßî>ÔMÔÀö…!_àÑe“M¨’²kã)®p„à›õî,…hö“,ˆg1„ì46}o_‚Ù|àlh!6Ë¢9/ò‰‡äËÙ~ïA«·Yp,

  Virus Warning Message 
The virus (W32/[EMAIL PROTECTED]) was detected in the attachment letter.pif. The
attached File letter.pif has been removed.

Nachfolgender Virus (W32/[EMAIL PROTECTED]) wurde im Attachment letter.pif 
gefunden,
deshalb wurde das Attachment letter.pif gelöscht.
Für Fragen dazu steht Ihnen der chello Helpdesk sehr gerne zur Verfügung.
Weitere Informationen zum Virenschutz: http://portal.chello.at/av-info.html

Le serveur de mail chello a détecté le virus W32/[EMAIL PROTECTED] dans le 
fichier
letter.pif inclus dans ce mail. Ce fichier letter.pif a donc été supprimée
pour en éviter la diffusion. Pour plus d'information, merci de cliquer sur
le lien suivant  http://www.chello.fr

Az Önnek kézbesített levél mellékletében a vírusszűrő rendszer a(z)
W32/[EMAIL PROTECTED] nevű vírust találta, ezért a(z) letter.pif nevű
mellékletet biztonsági okokból eltávolította.
További információért, kérjük kattintson az alábbi hivatkozásra:
http://home.hun.chello.hu/upcmnfc/start/szolgaltatas/biztonsag/virussz_res_gyik/

V příloze letter.pif byl detekován virus W32/[EMAIL PROTECTED] Příloha 
letter.pif byla proto odstraněna.
Pro dotazy kontaktujte prosím technickou podporu.

W załączniku letter.pif wykryto wirus W32/[EMAIL PROTECTED] Plik letter.pif 
został
usunięty. Więcej informacji znajdziesz na stronie internetowej:
http://home.pol.chello.pl/upcmnfc/start/pomoc/wirusy/

V priloženom súbore letter.pif bol zistený vírus (W32/[EMAIL PROTECTED]).
Súbor letter.pif bol odstránený. V prípade otázok prosím kontaktujte linku 
technickej podpory.
http://www.chello.sk

cyradm auth mechanism

2005-07-04 Thread Thomas Vogt 

Hi everyone

I've a problem with my new clean, cyrus installation. I  can't login  
with my cyradm admin account. The account information is stored in my  
ldap database.  The sasldb2 is empty. I don't use it. Can you give me  
some advice?


For cyradm I use this command:
cyradm --user nmeth2vdiysttboz --server localhost --auth plain
Password:
IMAP Password: 

Error message:
Invalid user at /usr/local/lib/perl5/site_perl/5.8.7/mach/Cyrus/IMAP/ 
Admin.pm line 118

cyradm: cannot authenticate to server with plain as nmeth2vdiysttboz

Logfile:
Jul  4 21:00:36 mail03 imap[58290]: badlogin: localhost [127.0.0.1]  
PLAIN [SASL(-16): encryption needed to use mechanism: security flags  
do not match required]

Jul  4 21:00:39 mail03 perl: No worthy mechs found
Jul  4 21:00:40 mail03 imap[58290]: ptload(): bad response from  
ptloader server: identifier not found

Jul  4 21:00:40 mail03 imap[58290]: bad userid authenticated
Jul  4 21:00:40 mail03 imap[58290]: badlogin: localhost [127.0.0.1]  
plaintext nmeth2vdiysttboz invalid user


testsaslauthd -u nmeth2vdiysttboz -p 1234
0: OK "Success."


imtest -m LOGIN -a nmeth2vdiysttboz localhost
S: * OK mail03.test.ch Cyrus IMAP4 v2.2.12 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS  
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND  
BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE  
LISTEXT LIST-SUBSCRIBED X-NETSCAPE

S: C01 OK Completed
Please enter your password: 
C: L01 LOGIN nmeth2vdiysttboz {16}
S: L01 NO Invalid user
Authentication failed. generic failure
Security strength factor: 0



ldap entry for admin:

# nmeth2vdiysttboz, people, test, test.ch
dn: uid=nmeth2vdiysttboz,ou=people,ou=test,dc=test,dc=ch
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: nmeth2vdiysttboz
cn: Cyrus Admin
userPassword:: 1234


saslauthd.conf
ldap_servers: ldap://127.0.0.1/
ldap_search_base: ou=people,ou=test,dc=test,dc=ch


imapd.conf:
configdirectory: /m/imap
partition-default: /m/spool/imap
allowplaintext: yes
admins: nmeth2vdiysttboz
quotawarn: 90
timeout: 30
imapidlepoll: 60
poptimeout: 10
logtimestamps: yes
singleinstancestore: yes
sieveusehomedir: false
sievedir: /m/imap/sieve
hashimapspool: true

sasl_pwcheck_method: saslauthd
sasl_mech_list: plain login

ptloader_sock: /var/imap/socket/ptsock
lmtpsocket: /var/imap/socket/lmtp
idlesocket: /var/imap/socket/idle
notifysocket: /var/imap/socket/notify

ldap_base: dc=test,dc=ch
ldap_deref: search
ldap_sasl: 0
ldap_group_scope: sub
ldap_bind_dn: dc=test,dc=ch
ldap_restart: 1
ldap_scope: sub
ldap_start_tls: 0
ldap_time_limit: 10
ldap_timeout: 15
ptscache_timeout: 1
ldap_tls_check_peer: no
ldap_tls_ciphers: TLSv1:SSLv3:!NULL:!EXPORT:!DES:!LOW:@STRENGTH
ldap_uri: ldap://127.0.0.1/

my cyrus.conf
START {
  recover   cmd="ctl_cyrusdb -r"
}
SERVICES {
  imap  cmd="imapd" listen="143" prefork=0
  pop3  cmd="pop3d" listen="110" prefork=0
  sieve cmd="timsieved" listen="sieve" prefork=0
  lmtp  cmd="lmtpd" listen="lmtp" prefork=0
  ptloader  cmd="ptloader" listen="/var/imap/socket/ptsock"  
prefork=1
  notifycmd="notifyd" listen="/var/imap/socket/notify"  
proto="udp" prefork=1

}
EVENTS {
  checkpointcmd="ctl_cyrusdb -c" period=30
  delprune  cmd="cyr_expire -E 3" at=0400
  tlsprune  cmd="tls_prune" at=0400
}

System:
FreeBSD 5.4
cyrus-imapd-2.2.12
cyrus-sasl-2.1.21

Saslauth runs with -a ldap
slapd runs with -h "ldapi:///var/run/openldap/ldapi/ ldap://127.0.0.1 "

Any idea?

Regards,
Thomas
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: cyradm auth mechanism

2005-07-04 Thread Igor Brezac 


On Mon, 4 Jul 2005, Thomas Vogt wrote:


Hi everyone

I've a problem with my new clean, cyrus installation. I  can't login with my 
cyradm admin account. The account information is stored in my ldap database. 
The sasldb2 is empty. I don't use it. Can you give me some advice?


For cyradm I use this command:
cyradm --user nmeth2vdiysttboz --server localhost --auth plain
Password:
IMAP Password: 

Error message:
Invalid user at /usr/local/lib/perl5/site_perl/5.8.7/mach/Cyrus/IMAP/Admin.pm 
line 118

cyradm: cannot authenticate to server with plain as nmeth2vdiysttboz

Logfile:
Jul  4 21:00:36 mail03 imap[58290]: badlogin: localhost [127.0.0.1] PLAIN 
[SASL(-16): encryption needed to use mechanism: security flags do not match

  ^^

This error is self explanatory.


Jul  4 21:00:39 mail03 perl: No worthy mechs found
Jul  4 21:00:40 mail03 imap[58290]: ptload(): bad response from ptloader 
server: identifier not found


pts/ldap configuration problem.  Double check ldap_* params in 
imapd.conf.


Is there a reason you are using pts authorization module?


Jul  4 21:00:40 mail03 imap[58290]: bad userid authenticated
Jul  4 21:00:40 mail03 imap[58290]: badlogin: localhost [127.0.0.1] plaintext 
nmeth2vdiysttboz invalid user




testsaslauthd -u nmeth2vdiysttboz -p 1234
0: OK "Success."


imtest -m LOGIN -a nmeth2vdiysttboz localhost
S: * OK mail03.test.ch Cyrus IMAP4 v2.2.12 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS 
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY 
SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE LISTEXT 
LIST-SUBSCRIBED X-NETSCAPE

S: C01 OK Completed
Please enter your password: 
C: L01 LOGIN nmeth2vdiysttboz {16}
S: L01 NO Invalid user
Authentication failed. generic failure
Security strength factor: 0



ldap entry for admin:

# nmeth2vdiysttboz, people, test, test.ch
dn: uid=nmeth2vdiysttboz,ou=people,ou=test,dc=test,dc=ch
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: nmeth2vdiysttboz
cn: Cyrus Admin
userPassword:: 1234


saslauthd.conf
ldap_servers: ldap://127.0.0.1/
ldap_search_base: ou=people,ou=test,dc=test,dc=ch


imapd.conf:
configdirectory: /m/imap
partition-default: /m/spool/imap
allowplaintext: yes
admins: nmeth2vdiysttboz
quotawarn: 90
timeout: 30
imapidlepoll: 60
poptimeout: 10
logtimestamps: yes
singleinstancestore: yes
sieveusehomedir: false
sievedir: /m/imap/sieve
hashimapspool: true

sasl_pwcheck_method: saslauthd
sasl_mech_list: plain login

ptloader_sock: /var/imap/socket/ptsock
lmtpsocket: /var/imap/socket/lmtp
idlesocket: /var/imap/socket/idle
notifysocket: /var/imap/socket/notify

ldap_base: dc=test,dc=ch
ldap_deref: search
ldap_sasl: 0
ldap_group_scope: sub
ldap_bind_dn: dc=test,dc=ch
ldap_restart: 1
ldap_scope: sub
ldap_start_tls: 0
ldap_time_limit: 10
ldap_timeout: 15
ptscache_timeout: 1
ldap_tls_check_peer: no
ldap_tls_ciphers: TLSv1:SSLv3:!NULL:!EXPORT:!DES:!LOW:@STRENGTH
ldap_uri: ldap://127.0.0.1/


Do you need ldap_password here?  Can you debug slapd?


Saslauth runs with -a ldap
slapd runs with -h "ldapi:///var/run/openldap/ldapi/ ldap://127.0.0.1 "

  
This will not work, although saslauthd is working fine with you current 
configuration.  (Use ldapi://%2fvar%2frun%2fopenldap%2fldapi/


--
Igor
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html