Setting SIEVE parameters..
I need to know how to set SIEVE parameters that are not in my configuration file. For example I need to set the sieve_maxcripts parameter from the default of 5 to some higher number. I am running Cyrus-Imapd version 2.0.16_2. I found out about this parameter by using Google. I also need to find out the sieve script hierarchy and other rules that may apply. Where can I find documentation about this and other parameters? Mike Allen Independant Consultant
Re: Setting SIEVE parameters..
The basic problem with your suggestion is that my imapd.conf does not have those parameters within it to modify as I would like. Should I add those parameters to my imapd.conf file or does this situation suggest that version 2.0.16_2 of cyrus-imapd2 does not support these parameters? How do I find out that versions of cyrus-imapd supports what parameters? Mike Allen
Fundamental problem: Cannot create mailboxes
To All: I sucessfully setup a 2.0.12 Cyrus email server and it is running fine. Now in another case I setup a 2.1.15 Cyrus email server and I cannot 'talk' to the server. Setup FreeBSD 4.8 RELEASE-P1 Dual Processor Compaq ML350 server(currently configured for 1 processor) When I logon to this server and execute the simple test as outlined on page 42 of the book "Managing IMAP" by Dianna and Kevin Mullet I get no response of any kind except how to get out of a telnet session. I have done something fundamentally wrong so please help me get my server working properly. Mike Allen
Fatal Error in config file?
After configuration of Cyrus 2.1.12, there appears a Fatal Error after startup/reboot. The error is: imaps[186] Fatal Error: defaultpartition option contains non-alphanumeric character. There are no non-alphanumeric characters anywhere in the config file (imapd.conf). I even re-created imapd.conf by typing all the options by hand and I still get this error. Can someone point me where to start debugging this error? Any help would be appreciated. Mike Allen
Fatal error: tls_start_servertls() failed.
I get the above Fatal error when I try to do anything after the following command: telnet localhost imaps Would someone please direct me as to how to debug this? Thanks in advance for your help. Mike Allen
Re: Fatal Error in config file?
I discovered that I needed to replace two config files. The first one was /usr/local/etc/imapd.conf and the second one was designated by the first config file under the configdirectory option. In this case it was /var/imap/imapd.conf. Now the subject message has gone away. Mike Allen
Re: Fatal error: tls_start_servertls() failed. (fwd)
Ken, Thanks for your help and insight. I have attached my imapd.conf file with the values I currently use. SSL/TLS still does not let me communicate with port 993. imtest will not run to completion. What am I missing? Thanks again for your help. Mike Allen -- Forwarded message -- Date: Wed, 20 Aug 2003 20:55:57 -0400 From: Ken Murchison <[EMAIL PROTECTED]> To: Mike Allen <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED] Subject: Re: Fatal error: tls_start_servertls() failed. Mike Allen wrote: > I get the above Fatal error when I try to do anything after the > following command: > > telnet localhost imaps > > Would someone please direct me as to how to debug this? Thanks in > advance for your help. First or all, telneting to port 993 won't get you any visible data, since SSL/TLS is negotiated before any IMAP protocol data is exchanged. If you really want to test imaps, then you should use imtest (included with Cyrus) or OpenSSL's s_client. The error you are seeing most likely means that you haven't configured Cyrus for SSL/TLS (tls_* options in imapd.conf). -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp# Thie file was typed in by hand to eliminate non-alphanumeric # characters within it. configdirectory: /var/imap defaultpartition: default partition-default: /var/spool/imap umask: 077 allowanonymouslogin: no allowplaintext: yes quotawarn: 90 imapdresponse: yes admins: cyrus autocreatequota: 5 duplicatesuppression: yes mailnotifier: sieveusehomedir: false sievedir:/var/imap/sieve sendmail: /usr/sbin/sendmail postmaster: postmaster sieve_maxscriptsize: 32 sieve_maxscripts: 5 sasl_maximum_layer: 256 sasl_minimum_layer: 0 sasl_pwcheck_method: sasldb2 sasl_auto_transition: no #sasl_opiekeys: /etc/opiekeys tls_cert_file: /usr/local/ssl/global.crt tls_key_file: /usr/local/ssl/global.key tls_imap_cert_file: /usr/local/ssl/global.crt tls_imap_key_file: /usr/local/ssl/global.key #tls_lmtp_cert_file: /usr/local/etc/ssl/global.crt #tls_lmtp_key_file: /usr/local/etc/ssl/global.key tls_session_timeout: 1440 #tls_ca_file: global.crt #tls_ca_path: /usr/local/etc/ssl deleteright: c lmtpsocket: /var/imap/socket/lmtp idlesocket: /var/imap/socket/idle notifysocket: /var/imap/socket/notify
Re: Fatal error: tls_start_servertls() failed. (fwd)
Ken: Enclosed are two attached files with log info you requested. imtest -s runs with errors while imtest by itself does not show errors. It appears to me to be an authentication problem. Mike Allen On Thu, 21 Aug 2003, Ken Murchison wrote: > > > Mike Allen wrote: > > > Ken, > > > > Thanks for your help and insight. I have attached my imapd.conf file > > with the values I currently use. SSL/TLS still does not let me > > communicate with port 993. imtest will not run to completion. > > What am I missing? > > I don't know. Are imapd and/or imtest spitting out any additional > messages to imapd.log? Are you running both imapd and imtest with the > -s option? > > > > > > Thanks again for your help. > > > > Mike Allen > > > > -- Forwarded message ------ > > Date: Wed, 20 Aug 2003 20:55:57 -0400 > > From: Ken Murchison <[EMAIL PROTECTED]> > > To: Mike Allen <[EMAIL PROTECTED]> > > Cc: [EMAIL PROTECTED] > > Subject: Re: Fatal error: tls_start_servertls() failed. > > > > > > > > Mike Allen wrote: > > > > > >>I get the above Fatal error when I try to do anything after the > >>following command: > >> > >>telnet localhost imaps > >> > >>Would someone please direct me as to how to debug this? Thanks in > >>advance for your help. > > > > > > First or all, telneting to port 993 won't get you any visible data, > > since SSL/TLS is negotiated before any IMAP protocol data is exchanged. > > If you really want to test imaps, then you should use imtest (included > > with Cyrus) or OpenSSL's s_client. > > > > The error you are seeing most likely means that you haven't configured > > Cyrus for SSL/TLS (tls_* options in imapd.conf). > > > > > > > > > > > > # Thie file was typed in by hand to eliminate non-alphanumeric > > # characters within it. > > configdirectory: /var/imap > > defaultpartition: default > > partition-default: /var/spool/imap > > umask: 077 > > allowanonymouslogin: no > > allowplaintext: yes > > quotawarn: 90 > > imapdresponse: yes > > admins: cyrus > > autocreatequota: 5 > > duplicatesuppression: yes > > mailnotifier: > > sieveusehomedir: false > > sievedir:/var/imap/sieve > > sendmail: /usr/sbin/sendmail > > postmaster: postmaster > > sieve_maxscriptsize: 32 > > sieve_maxscripts: 5 > > sasl_maximum_layer: 256 > > sasl_minimum_layer: 0 > > sasl_pwcheck_method: sasldb2 > > sasl_auto_transition: no > > #sasl_opiekeys: /etc/opiekeys > > tls_cert_file: /usr/local/ssl/global.crt > > tls_key_file: /usr/local/ssl/global.key > > tls_imap_cert_file: /usr/local/ssl/global.crt > > tls_imap_key_file: /usr/local/ssl/global.key > > #tls_lmtp_cert_file: /usr/local/etc/ssl/global.crt > > #tls_lmtp_key_file: /usr/local/etc/ssl/global.key > > tls_session_timeout: 1440 > > #tls_ca_file: global.crt > > #tls_ca_path: /usr/local/etc/ssl > > deleteright: c > > lmtpsocket: /var/imap/socket/lmtp > > idlesocket: /var/imap/socket/idle > > notifysocket: /var/imap/socket/notify > > -- > Kenneth Murchison Oceana Matrix Ltd. > Software Engineer 21 Princeton Place > 716-662-8973 x26 Orchard Park, NY 14127 > --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp > > >Aug 25 14:46:03 mail2 imapd[57409]: TLS engine: cannot load CA data Aug 25 14:46:03 mail2 imapd[57409]: starttls: TLSv1 with cipher AES256-SHA (256/ 256 bits new) no authentication Aug 25 14:46:03 mail2 imapd[57409]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied Aug 25 14:46:11 mail2 imapd[57409]: no user in db Aug 25 14:46:11 mail2 imapd[57409]: client response doesn't match what we genera ted Aug 25 14:46:11 mail2 imapd[57409]: badlogin: localhost.familyradio.org[127.0.0. 1] DIGEST-MD5 [SASL(-13): authentication failure: client response doesn't match what we generated] Aug 25 14:55:38 mail2 sshd[57481]: error: PAM: Authentication token is no longer valid; new one required. Aug 25 14:55:47 mail2 last message repeated 2 times Aug 25 14:56:54 mail2 su: mallen to root on /dev/ttyp0 # Thie file was typed in by hand to eliminate non-alphanumeric # characters within it. configdirectory: /var/imap defaultpartition: default partition-default: /var/spool/imap umask: 077 allowanonymouslogin: no allowplaintext: yes quotawarn: 90 imapdresponse: yes admins: cyrus autocreatequota: 5 duplicatesuppression: yes mailnoti
Re: Fatal error: tls_start_servertls() failed. (fwd)
Ken: I forgot to include this information in my previous email. Mike Allen -- Forwarded message -- Date: Mon, 25 Aug 2003 15:12:59 -0700 (PDT) From: Mike Allen <[EMAIL PROTECTED]> To: Ken Murchison <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED] Subject: Re: Fatal error: tls_start_servertls() failed. (fwd) Ken: Enclosed are two attached files with log info you requested. imtest -s runs with errors while imtest by itself does not show errors. It appears to me to be an authentication problem. Mike Allen On Thu, 21 Aug 2003, Ken Murchison wrote: > > > Mike Allen wrote: > > > Ken, > > > > Thanks for your help and insight. I have attached my imapd.conf file > > with the values I currently use. SSL/TLS still does not let me > > communicate with port 993. imtest will not run to completion. > > What am I missing? > > I don't know. Are imapd and/or imtest spitting out any additional > messages to imapd.log? Are you running both imapd and imtest with the > -s option? > > > > > > Thanks again for your help. > > > > Mike Allen > > > > -- Forwarded message -- > > Date: Wed, 20 Aug 2003 20:55:57 -0400 > > From: Ken Murchison <[EMAIL PROTECTED]> > > To: Mike Allen <[EMAIL PROTECTED]> > > Cc: [EMAIL PROTECTED] > > Subject: Re: Fatal error: tls_start_servertls() failed. > > > > > > > > Mike Allen wrote: > > > > > >>I get the above Fatal error when I try to do anything after the > >>following command: > >> > >>telnet localhost imaps > >> > >>Would someone please direct me as to how to debug this? Thanks in > >>advance for your help. > > > > > > First or all, telneting to port 993 won't get you any visible data, > > since SSL/TLS is negotiated before any IMAP protocol data is exchanged. > > If you really want to test imaps, then you should use imtest (included > > with Cyrus) or OpenSSL's s_client. > > > > The error you are seeing most likely means that you haven't configured > > Cyrus for SSL/TLS (tls_* options in imapd.conf). > > > > > > > > > > > > # Thie file was typed in by hand to eliminate non-alphanumeric > > # characters within it. > > configdirectory: /var/imap > > defaultpartition: default > > partition-default: /var/spool/imap > > umask: 077 > > allowanonymouslogin: no > > allowplaintext: yes > > quotawarn: 90 > > imapdresponse: yes > > admins: cyrus > > autocreatequota: 5 > > duplicatesuppression: yes > > mailnotifier: > > sieveusehomedir: false > > sievedir:/var/imap/sieve > > sendmail: /usr/sbin/sendmail > > postmaster: postmaster > > sieve_maxscriptsize: 32 > > sieve_maxscripts: 5 > > sasl_maximum_layer: 256 > > sasl_minimum_layer: 0 > > sasl_pwcheck_method: sasldb2 > > sasl_auto_transition: no > > #sasl_opiekeys: /etc/opiekeys > > tls_cert_file: /usr/local/ssl/global.crt > > tls_key_file: /usr/local/ssl/global.key > > tls_imap_cert_file: /usr/local/ssl/global.crt > > tls_imap_key_file: /usr/local/ssl/global.key > > #tls_lmtp_cert_file: /usr/local/etc/ssl/global.crt > > #tls_lmtp_key_file: /usr/local/etc/ssl/global.key > > tls_session_timeout: 1440 > > #tls_ca_file: global.crt > > #tls_ca_path: /usr/local/etc/ssl > > deleteright: c > > lmtpsocket: /var/imap/socket/lmtp > > idlesocket: /var/imap/socket/idle > > notifysocket: /var/imap/socket/notify > > -- > Kenneth Murchison Oceana Matrix Ltd. > Software Engineer 21 Princeton Place > 716-662-8973 x26 Orchard Park, NY 14127 > --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp > > >Aug 25 14:46:03 mail2 imapd[57409]: TLS engine: cannot load CA data Aug 25 14:46:03 mail2 imapd[57409]: starttls: TLSv1 with cipher AES256-SHA (256/ 256 bits new) no authentication Aug 25 14:46:03 mail2 imapd[57409]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied Aug 25 14:46:11 mail2 imapd[57409]: no user in db Aug 25 14:46:11 mail2 imapd[57409]: client response doesn't match what we genera ted Aug 25 14:46:11 mail2 imapd[57409]: badlogin: localhost.familyradio.org[127.0.0. 1] DIGEST-MD5 [SASL(-13): authentication failure: client response doesn't match what we generated] Aug 25 14:55:38 mail2 sshd[57481]: error: PAM: Authentication token is no longer valid; new one required. Aug 25 14:55:47 mail2 last message repeated 2 times Aug 25 14:56:54 mail2 su: mallen to root on /dev/ttyp0
Re: Fatal error: tls_start_servertls() failed. (fwd)
Ken: I hope the attached file helps us solve the problem which started this thread. Thanks so much for your help. Mike Allen [mail2] ~> imtest -u cyrus -a cyrus -s localhost verify error:num=18:self signed certificate TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits) S: * OK mail2.familyradio.org Cyrus IMAP4 v2.1.12 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS AUTH=NTLM AUTH=LOGIN AUTH=PLAIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5 S: C01 OK Completed C: A01 AUTHENTICATE DIGEST-MD5 S: + bm9uY2U9ImdEaXQ2Y3d6ekRvNHhkdFlNUzVCSlZBSnpibmVQcnRQV1N1Nm5DczgxUW89IixyZWFsbT0ibWFpbDIuZmFtaWx5cmFkaW8ub3JnIixxb3A9ImF1dGgiLG1heGJ1Zj00MDk2LGNoYXJzZXQ9dXRmLTgsYWxnb3JpdGhtPW1kNS1zZXNz Please enter your password: C: dXNlcm5hbWU9ImN5cnVzIixyZWFsbT0ibWFpbDIuZmFtaWx5cmFkaW8ub3JnIixub25jZT0iZ0RpdDZjd3p6RG80eGR0WU1TNUJKVkFKemJuZVBydFBXU3U2bkNzODFRbz0iLGNub25jZT0iQUFUVkRndnJwUjgxL2Z0SDJxaXZHWWEzQVY1dVJac0FCTjJlWTU4Y2hLUT0iLG5jPTAwMDAwMDAxLHFvcD1hdXRoLG1heGJ1Zj0xMDI0LGRpZ2VzdC11cmk9ImltYXAvbG9jYWxob3N0LmZhbWlseXJhZGlvLm9yZyIscmVzcG9uc2U9ZjQ1YTkxY2Q4OTZiNTg0NzZhMGYyNTY4OTE4YjIzZTg= S: A01 NO authentication failure Authentication failed. generic failure Security strength factor: 256 ^CC: Q01 LOGOUT Connection closed. == Please note that user cyrus does have a saslpasswd2 and it is in sasldb2.db See attached 'cyrus.conf'. I;ll send more logging information if needed. Thanks for your help on this. Mike Allen
[no subject]
Ken: For your information my hardware and software system is as follows: Hardware -- Compaq ML350 with 4GB RAM and 128GB Raid 5 Raid array dual 2.2 GHz processors Software -- FreeBSD 4.8-RELEASE-p4 What follows is the result of running imtest as you described. > [mail2] ~> imtest -m plain -u cyrus -a cyrus -s localhost > verify error:num=18:self signed certificate > TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits) > S: * OK mail2.familyradio.org Cyrus IMAP4 v2.1.12 server ready > C: C01 CAPABILITY > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT > THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS AUTH=NTLM > AUTH=LOGIN > AUTH=PLAIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5 > S: C01 OK Completed > C: A01 AUTHENTICATE PLAIN > S: + > Please enter your password: > C: Y3lydXMAY3lydXMAcHdyNHRvZGF5 > S: A01 NO no mechanism available > Authentication failed. generic failure > Security strength factor: 256 > . logout > * BYE LOGOUT received > . OK Completed > Connection closed. Thanks for your help. I suspect I did something dumb in configuring this machine. :( Mike Allen
Re: Fatal error: tls_start_servertls() failed
-- Forwarded message -- Date: Wed, 27 Aug 2003 11:57:48 -0700 (PDT) From: Mike Allen <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Ken: For your information my hardware and software system is as follows: Hardware -- Compaq ML350 with 4GB RAM and 128GB Raid 5 Raid array dual 2.2 GHz processors Software -- FreeBSD 4.8-RELEASE-p4 What follows is the result of running imtest as you described. > [mail2] ~> imtest -m plain -u cyrus -a cyrus -s localhost > verify error:num=18:self signed certificate > TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits) > S: * OK mail2.familyradio.org Cyrus IMAP4 v2.1.12 server ready > C: C01 CAPABILITY > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT > THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS AUTH=NTLM > AUTH=LOGIN > AUTH=PLAIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5 > S: C01 OK Completed > C: A01 AUTHENTICATE PLAIN > S: + > Please enter your password: > C: Y3lydXMAY3lydXMAcHdyNHRvZGF5 > S: A01 NO no mechanism available > Authentication failed. generic failure > Security strength factor: 256 > . logout > * BYE LOGOUT received > . OK Completed > Connection closed. Thanks for your help. I suspect I did something dumb in configuring this machine. :( Mike Allen
Re: Fatal error: tls_start_servertls
Ken: There is no /etc/sasldb file. There is a /usr/local/etc/sasldb2 file and the result of the 'file' command on it yields: sasldb2: Berkeley DB (Hash, version 8, native byte-order) I compiled cyrus-imapd2 as a 'port' on my FreeBSD machine with nothing but default options. Hope this helps. Thanks for your help. Mike Allen -- Forwarded message -- Date: Wed, 27 Aug 2003 15:19:08 -0400 From: Ken Murchison <[EMAIL PROTECTED]> To: Mike Allen <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED] Subject: Re: Is /etc/sasldb readable by the cyrus user, or readable by a group that cyrus belongs to? Mike Allen wrote: > Ken: > > For your information my hardware and software system is as follows: > > Hardware -- Compaq ML350 with 4GB RAM and 128GB Raid 5 Raid array > dual 2.2 GHz processors > > Software -- FreeBSD 4.8-RELEASE-p4 > > What follows is the result of running imtest as you described. > > >>[mail2] ~> imtest -m plain -u cyrus -a cyrus -s localhost >>verify error:num=18:self signed certificate >>TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits) >>S: * OK mail2.familyradio.org Cyrus IMAP4 v2.1.12 server ready >>C: C01 CAPABILITY >>S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS >>NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT >>THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS AUTH=NTLM >>AUTH=LOGIN >>AUTH=PLAIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5 >>S: C01 OK Completed >>C: A01 AUTHENTICATE PLAIN >>S: + >>Please enter your password: >>C: Y3lydXMAY3lydXMAcHdyNHRvZGF5 >>S: A01 NO no mechanism available >>Authentication failed. generic failure >>Security strength factor: 256 >>. logout >>* BYE LOGOUT received >>. OK Completed >>Connection closed. > > > Thanks for your help. I suspect I did something dumb in configuring > this machine. :( > > Mike Allen > > -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp
Re: Fatal error: tls_start_servertls (fwd)
-- Forwarded message -- Date: Tue, 2 Sep 2003 09:16:36 -0700 (PDT) From: Mike Allen <[EMAIL PROTECTED]> To: Pat Lashley <[EMAIL PROTECTED]> Cc: Ken Murchison <[EMAIL PROTECTED]>, [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Fatal error: tls_start_servertls Thanks to Ken and Pat for their great help. Please see my comments interspersed with yours below. Mike Allen On Tue, 2 Sep 2003, Pat Lashley wrote: > --On Monday, September 01, 2003 21:08:25 -0400 Ken Murchison > <[EMAIL PROTECTED]> wrote: > > >> There is no /etc/sasldb file. There is a /usr/local/etc/sasldb2 file > >> and the result of the 'file' command on it yields: > >> > >> sasldb2: Berkeley DB (Hash, version 8, native byte-order) > >> > >> I compiled cyrus-imapd2 as a 'port' on my FreeBSD machine with > >> nothing but default options. > > > > Well, since your saskdb2 file is in a non-default location, you're going > > to have to tell the library where it is. You should have at least these > > options: > > > > sasl_pwcheck_method: auxprop > > sasl_sasldb_path: /usr/local/etc/sasldb2 > > No, that shouldn't be necessary - the FreeBSD port makes that the default > location at compile time. (In FreeBSD, non-bundled software is normally > installed in /usr/local rather than in the system directories.) > > Check ownership and permissions. Verify that it is readable by user > cyrus. (Or whatever userid you specify in /usr/local/etc/imapd.conf. > The FreeBSD port uses 'cyrus' by default.) It is fine. [mail2] /usr/local/etc# ls -ld sasldb2 -rw-r- 1 cyrus mail 49152 Aug 28 11:05 sasldb2 > > Also, run sasldblistusers2 to verify that you have an entry in the > database. There appears to be no users in the database. This will be fixed shortly. > > And check to make sure that the imapd was actually built using the > right version of cyrus-sasl. Run 'ldd /usr/local/cyrus/bin/imapd' > It should use libsasl.so.3. [mail2] ~# ldd /home/cyrus/bin/imapd /home/cyrus/bin/imapd: libsasl2.so.2 => /usr/local/lib/libsasl2.so.2 (0x2813a000) Is this OK? libdb3.so.3 => /usr/local/lib/libdb3.so.3 (0x2814e000) libssl.so.3 => /usr/lib/libssl.so.3 (0x281da000) libcrypto.so.3 => /usr/lib/libcrypto.so.3 (0x2820b000) libmd.so.2 => /usr/lib/libmd.so.2 (0x28316000) libwrap.so.3 => /usr/lib/libwrap.so.3 (0x2832) libc.so.5 => /usr/lib/libc.so.5 (0x28328000) [mail2] ~# I note the location of imapd. It is not in any existing path. I'll change that shortly also. > > > > -Pat > Thanks again for all your help. Mike Allen
Authentication problem
Much progress has been made (Thank you Ken and Pat) but I still have an authentication problem see below: imtest -m plain -u cyrus -a cyrus -s mail2 verify error:num=18:self signed certificate TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits) S: * OK mail2.familyradio.org Cyrus IMAP4 v2.1.15 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE AUTH=NTLM AUTH=LOGIN AUTH=PLAIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5 S: C01 OK Completed C: A01 AUTHENTICATE PLAIN S: + Please enter your password: C: Y3lydXMAY3lydXMAcHdyNHRvZGF5 S: A01 NO user not found Authentication failed. generic failure Security strength factor: 256 . logout * BYE LOGOUT received . OK Completed Connection closed. [mail2] /var/log# see also below: [mail2] ~# sasldblistusers2 [EMAIL PROTECTED]: userPassword [mail2] ~# Any help will be appreciated. Mike Allen
Authentication failed. generic failure
Gentlemen: When I run 'imtest' on my system, I get the following failure: -->: snip <-- S: A01 NO user not found Authentication failed. generic failure Security strength factor: 256 . logout<< manually typed-in because it stalled here. * BYE LOGOUT received . OK Completed Connection closed. saslpasswd appears to have the correct user/passwd combo. I don't know what to do next. My system is FreeBSD 5.1 with cyrus-imapd2 port installed(cyrus-imapd version 2.1.15). My configuration file is attached. Thanks in advance for any help you can give me. Mike Allen# # $FreeBSD: ports/mail/cyrus-imapd2/files/imapd.conf,v 1.8 2002/08/08 14:06:48 ume Exp $ # # Sample configurations file for Cyrus IMAPd # Most lines in this file are commented; in this case the default is used. # The commented lines (usually) contain the default value # The pathname of the IMAP configuration directory # configdirectory: /var/imap # The partition name used by default for new mailboxes # #defaultpartition: default # The directory for the different partitions # partition-default: /var/spool/imap # Use the UNIX separator character '/' for delimiting levels of # mailbox hierarchy. The default is to use the netnews separator # character '.'. #unixhierarchysep: no # Use the alternate IMAP namespace, where personal folders reside at # the same level in the hierarchy as INBOX. # #altnamespace: no # If using the alternate IMAP namespace, the prefix for the other # users namespace. The hierarchy delimiter will be automatically # appended. # #userprefix: Other Users # If using the alternate IMAP namespace, the prefix for the shared # namespace. The hierarchy delimiter will be automatically appended. # #sharedprefix: Shared Folders # The umask value used by various Cyrus IMAP programs # #umask: 077 # This is the hostname visible in the greeting messages of the POP, # IMAP and LMTP daemons. If it is unset, then the result returned from # gethostname(2) is used. # #servername: # Whether to allow anonymous logins # #allowanonymouslogin: no # Allow the use of the SASL PLAIN mechanism. # allowplaintext: yes # The percent of quota utilization over which the server generates # warnings. # quotawarn: 90 # The length of the IMAP server's inactivity autologout timer, in minutes. # The minimum value is 30, the default. # #timeout: 30 # The interval (in seconds) for polling the mailbox for changes while # running the IDLE command. This option is used when idled can not be # contacted or when polling is used exclusively. The minimum value is # 1. A value of 0 will disable polling (and disable IDLE if polling # is the only method available). # imapidlepoll: 60 # If enabled, the server responds to an ID command with a parameter # list containing: version, vendor, support-url, os, os-version, # command, arguments, environment. Otherwise the server returns NIL. # imapidresponse: yes # Set the length of the POP server's inactivity autologout timer, in # minutes. The minimum value is 10, the default. # #poptimeout: 10 # Set the minimum amount of time the server forces users to wait between # successive POP logins, in minutes. The default is 0. # #popminpoll: 0 # The number of days advertised as being the minimum a message may be # left on the POP server before it is deleted (via the CAPA command, # defined in the POP3 Extension Mechanism, which some clients may # support). "NEVER", the default, may be specified with a negative # number. The Cyrus POP3 server never deletes mail, no matter what # the value of this parameter is. However, if a site implements a # less liberal policy, it needs to change this parameter accordingly. # #popexpiretime: 0 # The list of userids with administrative rights. Separate each userid # with a space. We recommend that administrator userids be separate from # standard userids. Sites using Kerberos authentication may use separate # "admin" instances. # admins: cyrus, mallen # A list of users and groups that are allowed to proxy for other # users, seperated by spaces. Any user listed in this will be allowed # to login for any other user: use with caution. # #proxyservers: # The Access Control List (ACL) placed on a newly-created (non-user) # mailbox that does not have a parent mailbox. # defaultacl: anyone lrs # The pathname of the news spool directory. Only used if the partition-news # configuration option is set. # #newsspool: # Prefix to be prepended to newsgroup names to make the corresponding IMAP # mailbox names. # #newsprefix: # If nonzero, normal users may create their own IMAP accounts by creating # the mailbox INBOX. The user's quota is set to the value if it is positive, # otherwise the user has unlimited quota. # autocreatequota: 5 # Include notations in the protocol telemetry logs indicating the number # of seconds since the last command or response. # #logtimestamps:
Re: Authentication failed. generic failure
I assured that libraries were all in-sync by running 'portupgrade' under FreeBSD. (Thanks Oliver for the idea.) I cannot yet create a mailbox. Here is what I get when I try: [mail2] ~> whoami cyrus [mail2] ~> cyradm -u cyrus localhost Password: localhost.familyradio.org> lm localhost.familyradio.org> cm user.mja createmailbox: Permission denied localhost.familyradio.org> Checking Unix permissions ... [mail2] ~> cd /var/spool [mail2] /var/spool> ls -ld imap drwxrwx--- 4 cyrus cyrus 512 Sep 10 12:43 imap/ [mail2] /var/spool> cd imap [mail2] /var/spool/imap> ls -ld * drwxrwxrwx 2 cyrus cyrus 512 Sep 10 10:00 stage./ drwxrwxrwx 2 cyrus cyrus 512 Sep 10 12:43 user/ It appears that I do have a 'cyrus' password: [mail2] /usr/ports/mail/cyrus-imapd2# sasldblistusers2 [EMAIL PROTECTED]: userPassword Permissions on 'sasldb2' seem to be correct: -rw-r- 1 cyrus mail 49152 Sep 2 11:08 sasldb2 -rw-r- 1 cyrus mail 16384 Sep 10 10:37 sasldb2.db 'saslauthd' does not seem to be running at this time. 'imtest' was run successfully with 'auxprop' for the SASL method. I am researching more on the problem of not being able to create a mailbox. Thanks Ken for those ideas. Attached please find the latest configuration file in case that is any help. Thanks for any addittional help you can give. Mike Allen# # $FreeBSD: ports/mail/cyrus-imapd2/files/imapd.conf,v 1.8 2002/08/08 14:06:48 ume Exp $ # # Sample configurations file for Cyrus IMAPd # Most lines in this file are commented; in this case the default is used. # The commented lines (usually) contain the default value # The pathname of the IMAP configuration directory # #configdirectory: /usr/local/etc configdirectory: /var/imap # The partition name used by default for new mailboxes # defaultpartition: default # The directory for the different partitions # partition-default: /var/spool/imap # Use the UNIX separator character '/' for delimiting levels of # mailbox hierarchy. The default is to use the netnews separator # character '.'. #unixhierarchysep: no # Use the alternate IMAP namespace, where personal folders reside at # the same level in the hierarchy as INBOX. # #altnamespace: no # If using the alternate IMAP namespace, the prefix for the other # users namespace. The hierarchy delimiter will be automatically # appended. # #userprefix: Other Users # If using the alternate IMAP namespace, the prefix for the shared # namespace. The hierarchy delimiter will be automatically appended. # #sharedprefix: Shared Folders # The umask value used by various Cyrus IMAP programs # #umask: 077 # This is the hostname visible in the greeting messages of the POP, # IMAP and LMTP daemons. If it is unset, then the result returned from # gethostname(2) is used. # #servername: # Whether to allow anonymous logins # #allowanonymouslogin: no # Allow the use of the SASL PLAIN mechanism. # allowplaintext: yes # The percent of quota utilization over which the server generates # warnings. # quotawarn: 90 # The length of the IMAP server's inactivity autologout timer, in minutes. # The minimum value is 30, the default. # #timeout: 30 # The interval (in seconds) for polling the mailbox for changes while # running the IDLE command. This option is used when idled can not be # contacted or when polling is used exclusively. The minimum value is # 1. A value of 0 will disable polling (and disable IDLE if polling # is the only method available). # imapidlepoll: 60 # If enabled, the server responds to an ID command with a parameter # list containing: version, vendor, support-url, os, os-version, # command, arguments, environment. Otherwise the server returns NIL. # imapidresponse: yes # Set the length of the POP server's inactivity autologout timer, in # minutes. The minimum value is 10, the default. # #poptimeout: 10 # Set the minimum amount of time the server forces users to wait between # successive POP logins, in minutes. The default is 0. # #popminpoll: 0 # The number of days advertised as being the minimum a message may be # left on the POP server before it is deleted (via the CAPA command, # defined in the POP3 Extension Mechanism, which some clients may # support). "NEVER", the default, may be specified with a negative # number. The Cyrus POP3 server never deletes mail, no matter what # the value of this parameter is. However, if a site implements a # less liberal policy, it needs to change this parameter accordingly. # #popexpiretime: 0 # The list of userids with administrative rights. Separate each userid # with a space. We recommend that administrator userids be separate from # standard userids. Sites using Kerberos authentication may use separate # "admin" instances. # admins: cyrus, mallen # A list of users and groups that are allowed
Has anybody used NOD32 antivirus with Cyrus imapd?
To All: I have had Cyrus-imapd v2.1.16 running successfully for several years but am having difficulty interfacing the Linux version of NOD32 antivirus with cyrus-imapd? Any help would be appreciated. Thanks. Mike --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
