[2.2.13-10] sieveshell uses global sieve folder when auth'ing as cyrus
Hello, I've got a weird problem with the timsieved of above mentioned version of cyrus. This cyrus is part of a so called Open-Xchange Appliance Edition (OXAE). First, everything was ok, but suddenly that problem appeared and I don't know, how to fix it: Whenever I use sieveshell to upload a script for a user without knowing his creds, I do as follows: sieveshell --user u...@domain.net --authname cyrus localhost The normal behaviour, which I know, is that I upload the script to the user's sieve directory. But in my installation, the script is stored into a global folder, and also a 'list' command shows up the contents of that one. Deleting the global folder is useless, because it is created again on next sieveshell login. This problem occured without anything changed in the config, or let me say: without any known change in the config. Additionally, the Open-Xchange support told me that this feature should not exist in the used cyrus version. Could anyone tell me, how to toggle (in this case: disable) this feature? Best regards Stefan -- STEFAN JURISCH | System Engineer | VMware(R), Software Development & Support OpenPGP: ID: 0xC6F20B3E keyserver: pool.sks-keyservers.net SIEGNETZ.Informationstechnologie(R) GmbH Schneppenkauten 1a, DE-57076 Siegen, Phone +49 (271) 68193 -0, Facsimile -28 http://www.siegnetz.de | supp...@siegnetz.de | developm...@siegnetz.de Geschaeftsfuehrer (executive): Oliver Seitz Handelsregister (comm. register): Amtsgericht (local court) Siegen HRB4838 Sitz der Gesellschaft/domicile: Siegen, Germany pgpxBpYtfSRvh.pgp Description: PGP signature Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: sieveshell uses global sieve folder when auth'ing as cyrus
On 10/12/10 09:38 +0100, Stefan Jurisch wrote: >Hello, > >I've got a weird problem with the timsieved of above mentioned version of >cyrus. >This cyrus is part of a so called Open-Xchange Appliance Edition (OXAE). >First, everything was ok, but suddenly that problem appeared and I don't >know, how to fix it: > >Whenever I use sieveshell to upload a script for a user without knowing >his creds, I do as follows: > > sieveshell --user u...@domain.net --authname cyrus localhost > >The normal behaviour, which I know, is that I upload the script to the >user's sieve directory. But in my installation, the script is stored >into a global folder, and also a 'list' command shows up the contents of >that one. Deleting the global folder is useless, because it is created >again on next sieveshell login. > >This problem occured without anything changed in the config, or let me >say: without any known change in the config. Additionally, the >Open-Xchange support told me that this feature should not exist in the >used cyrus version. > >Could anyone tell me, how to toggle (in this case: disable) this feature? It sounds like you are authenticating or proxying as an admin, which would explain what you're seeing. I'd imagine that you are authenticating via a mechanism that does not support proxy authentication. Try explicitly specifying PLAIN or DIGEST-MD5. I don't see a way to specify the client mechanism via sieveshell, so you may have to configure a list of proxyable mechanisms for timsieved to offer. Given a cyrus.conf entry of: sieve cmd="timsieved" ... Try this in imapd.conf: sieve_sasl_mech_list: digest-md5 external gssapi plain srp See: http://www.cyrusimap.org/docs/cyrus-sasl/2.1.23/mechanisms.php for a list of mechanisms which support proxy auth, and then verify which plugins you have installed on your client and server systems with pluginviewer/saslpluginviewer. -- Dan White Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: sieveshell uses global sieve folder when auth'ing as cyrus
On Fri, Dec 10, 2010 at 09:00:31AM -0600, Dan White wrote: > On 10/12/10?09:38?+0100, Stefan Jurisch wrote: > >Hello, > > > >I've got a weird problem with the timsieved of above mentioned version of > >cyrus. > >This cyrus is part of a so called Open-Xchange Appliance Edition (OXAE). > >First, everything was ok, but suddenly that problem appeared and I don't > >know, how to fix it: > > > >Whenever I use sieveshell to upload a script for a user without knowing > >his creds, I do as follows: > > > > sieveshell --user u...@domain.net --authname cyrus localhost > > > >The normal behaviour, which I know, is that I upload the script to the > >user's sieve directory. But in my installation, the script is stored > >into a global folder, and also a 'list' command shows up the contents of > >that one. Deleting the global folder is useless, because it is created > >again on next sieveshell login. > > > >This problem occured without anything changed in the config, or let me > >say: without any known change in the config. Additionally, the > >Open-Xchange support told me that this feature should not exist in the > >used cyrus version. > > > >Could anyone tell me, how to toggle (in this case: disable) this feature? > > It sounds like you are authenticating or proxying as an admin, which would > explain what you're seeing. > > I'd imagine that you are authenticating via a mechanism that does not > support proxy authentication. Try explicitly specifying PLAIN or > DIGEST-MD5. I don't see a way to specify the client mechanism via > sieveshell, so you may have to configure a list of proxyable mechanisms for > timsieved to offer. > > Given a cyrus.conf entry of: > > sieve cmd="timsieved" ... > > Try this in imapd.conf: > > sieve_sasl_mech_list: digest-md5 external gssapi plain srp > > See: > > http://www.cyrusimap.org/docs/cyrus-sasl/2.1.23/mechanisms.php > > for a list of mechanisms which support proxy auth, and then verify which > plugins you have installed on your client and server systems with > pluginviewer/saslpluginviewer. > > -- > Dan White We had this problem and it was caused by being in the sieve_admins list in the imapd.conf file on the same server as your actual mailbox. Removing your account from the sieve_admins list and putting it on the sieve_proxyservers list fixed the problem and allowed it to work as we (and you) expected. Cheers, Ken Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: sieveshell uses global sieve folder when auth'ing as cyrus
Hi there, On Fri, Dec 10, 2010 at 03:00:31PM +, Dan White wrote: > It sounds like you are authenticating or proxying as an admin, which > would > > explain what you're seeing. > [...] > Try this in imapd.conf: > > sieve_sasl_mech_list: digest-md5 external gssapi plain srp Okay, I didn't know an option like 'sieve_sasl_mech_list' yet. On Fri, Dec 10, 2010 at 03:08:51PM +, Kenneth Marshall wrote: > We had this problem and it was caused by being in the sieve_admins > list in the imapd.conf file on the same server as your actual > > > mailbox. Removing your account from the sieve_admins list and > putting it on the sieve_proxyservers list fixed the problem and > allowed it to work as we (and you) expected. It seems there are many options that I did (and do) not know yet. There is no option 'sieve_admins' in my configuration, neither the 'sieve_proxyservers' one. But I added the second one. I'll give both of your ideas a try, but I can't restart the productive server during our worktimes, so I can report the result recently tomorrow. Best regards Stefan -- STEFAN JURISCH | System Engineer | VMware(R), Software Development & Support OpenPGP: ID: 0xC6F20B3E keyserver: pool.sks-keyservers.net SIEGNETZ.Informationstechnologie(R) GmbH Schneppenkauten 1a, DE-57076 Siegen, Phone +49 (271) 68193 -0, Facsimile -28 http://www.siegnetz.de | supp...@siegnetz.de | developm...@siegnetz.de Geschaeftsfuehrer (executive): Oliver Seitz Handelsregister (comm. register): Amtsgericht (local court) Siegen HRB4838 Sitz der Gesellschaft/domicile: Siegen, Germany pgpDLAmlFB73Y.pgp Description: PGP signature Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: sieveshell uses global sieve folder when auth'ing as cyrus
On Fri, Dec 10, 2010 at 04:33:43PM +0100, Stefan Jurisch wrote: > Hi there, > > On Fri, Dec 10, 2010 at 03:00:31PM +, Dan White wrote: > > It sounds like you are authenticating or proxying as an admin, which > > would > > > > explain what you're seeing. > > [...] > > Try this in imapd.conf: > > > > sieve_sasl_mech_list: digest-md5 external gssapi plain srp > > Okay, I didn't know an option like 'sieve_sasl_mech_list' yet. > > > On Fri, Dec 10, 2010 at 03:08:51PM +, Kenneth Marshall wrote: > > We had this problem and it was caused by being in the sieve_admins > > list in the imapd.conf file on the same server as your actual > > > > > > mailbox. Removing your account from the sieve_admins list and > > putting it on the sieve_proxyservers list fixed the problem and > > allowed it to work as we (and you) expected. > > It seems there are many options that I did (and do) not know yet. There > is no option 'sieve_admins' in my configuration, neither the > 'sieve_proxyservers' one. But I added the second one. > > I'll give both of your ideas a try, but I can't restart the productive > server during our worktimes, so I can report the result recently > tomorrow. > > Best regards > Stefan > Hi Stefan, The sieve options take effect the next time the sieve program is started, i.e. immediately. You can test them now. Cheers, Ken Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: sieveshell uses global sieve folder when auth'ing as cyrus
On Fri, Dec 10, 2010 at 03:45:55PM +, Kenneth Marshall wrote: > On Fri, Dec 10, 2010 at 04:33:43PM +0100, Stefan Jurisch wrote: > > Hi there, > > > > On Fri, Dec 10, 2010 at 03:00:31PM +, Dan White wrote: > > > It sounds like you are authenticating or proxying as an admin, which > > > would > > > > > > explain what you're seeing. > > > [...] > > > Try this in imapd.conf: > > > > > > sieve_sasl_mech_list: digest-md5 external gssapi plain srp > > > > Okay, I didn't know an option like 'sieve_sasl_mech_list' yet. > > > > > > On Fri, Dec 10, 2010 at 03:08:51PM +, Kenneth Marshall wrote: > > > We had this problem and it was caused by being in the sieve_admins > > > list in the imapd.conf file on the same server as your actual > > > > > > > > > mailbox. Removing your account from the sieve_admins list and > > > putting it on the sieve_proxyservers list fixed the problem and > > > allowed it to work as we (and you) expected. > > > > It seems there are many options that I did (and do) not know yet. There > > is no option 'sieve_admins' in my configuration, neither the > > 'sieve_proxyservers' one. But I added the second one. > > > > I'll give both of your ideas a try, but I can't restart the productive > > server during our worktimes, so I can report the result recently > > tomorrow. > > > > Best regards > > Stefan > > > > Hi Stefan, > > The sieve options take effect the next time the sieve program is > started, i.e. immediately. You can test them now. Hi Kenneth, hi Dan, Learned something new again. :-) Thanks for all tipps. Now it works again as I knew it before. Best regards Stefan -- STEFAN JURISCH | System Engineer | VMware(R), Software Development & Support OpenPGP: ID: 0xC6F20B3E keyserver: pool.sks-keyservers.net SIEGNETZ.Informationstechnologie(R) GmbH Schneppenkauten 1a, DE-57076 Siegen, Phone +49 (271) 68193 -0, Facsimile -28 http://www.siegnetz.de | supp...@siegnetz.de | developm...@siegnetz.de Geschaeftsfuehrer (executive): Oliver Seitz Handelsregister (comm. register): Amtsgericht (local court) Siegen HRB4838 Sitz der Gesellschaft/domicile: Siegen, Germany pgpkvlA6pLnpF.pgp Description: PGP signature Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
IOERROR: index record 543384900 for user.pfoo past end of file
Hello, On my Cyrus 2.4.5 test system, I get this error on what seems to be an otherwise functioning mailbox; Dec 10 13:37:41 pop pop3[7635]: IOERROR: index record 543384900 for user.pfoo past end of file I have done a reconstruct that reports nothing, and still the error persists. I can POP mail or use IMAP and all seems well other than this strange message. Hints? R. Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
