From: jocke khazad (no email)
Date: Thu Jul 27 2006 - 08:57:40 EDT
Hello everyone!
Iam trying to setup a mailserver with postfix, cyrus-imap, cyrus-sasl,
mysql, pam_mysql on Redhat Enterprise 4.
Everything seems to work ok accept when I use cyradm to login on my imap
server.
root> cyradm --user cyrus --server localhost --auth plain
root>password: <---- this is where my maillog spits out an error message
( imap[2302]: badlogin: localhost [127.0.0.1] PLAIN [SASL(-16): encryption
needed to use mechanism: security flags do not match required] )
root>IMAP password: <--- this checks against mysql and seems to work fine..
I get into my imap server after this.
here is a paste of my maillog after I tried this.
Jul 26 09:28:50 mail56 imap[2302]: accepted connection
Jul 26 09:28:51 mail56 imap[2302]: badlogin: localhost [127.0.0.1] PLAIN
[SASL(-16): encryption needed to use mechanism: security flags do not match
required]
Jul 26 09:28:55 mail56 imap[2302]: login: localhost [127.0.0.1] cyrus
plaintext User logged in
Ive been on this, googling, reading asking.. for a cpl of weeks now and it
starts to get on my nervs.
Can anyone give me a hint on what to do here?
A couple of notes:
1. postfix works fine, it also authenticates fine, I can send and resieve
mail
2. imap works, I can login to my imap server from outlook express, and view
my mails.
3. I tryed to auth against sasldb with testsasl, and imtest. It works
without any problems.
4. I prolly read every post out ther about this problem and noone gives a
clear answer why this problem exists =)
If someone want to explain to me why the first authentication is ther for I
would also be glad =)
cyradm --user cyrus --server localhost --auth plain
>password <----- why this one? what is it supposed to contact? Ive read
that its contacting sasldb2, but when I run saslauthd in debugmode I see
nothing
>IMAP password <----- this one makes sence, it checks my mysql tables and
this also works and lets me into my imap server, even tho the first pw auth
fails.
Here is my a few of my confs
/etc/imapd.conf:
postmaster: postmaster
configdirectory: /var/lib/imap/
partition-default: /var/spool/imap
admins: cyrus
allowanonymouslogin: no
allowplaintext: yes
sasl_mech_list: PLAIN
servername: mail56
autocreatequota: 10000
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
dracinterval: 0
drachost: localhost
sasl_pwcheck_method: saslauthd
sievedir: /usr/sieve
sendmail: /usr/sbin/sendmail
sieve_maxscriptsize: 32
sieve_maxscripts: 5
#unixhierarchysep: yes
tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt
--------------------------------------------------------
/etc/sysconfig/saslauthd
# Directory in which to place saslauthd's listening socket, pid file, and so
# on. This directory must already exist.
SOCKETDIR=/var/run/saslauthd
# Mechanism to use when checking passwords. Run "saslauthd -v" to get a
list
# of which mechanism your installation was compiled to use.
MECH=pam
# Additional flags to pass to saslauthd on the command line. See
saslauthd(8)
# for the list of accepted flags.
FLAGS=
--------------------------------------------------------
/etc/cyrus.conf
# standard standalone server implementation
START {
# do not delete this entry!
recover cmd="ctl_cyrusdb -r"
# this is only necessary if using idled for IMAP IDLE
# idled cmd="idled"
}
# UNIX sockets start with a slash and are put into /var/lib/imap/sockets
SERVICES {
# add or remove based on preferences
imap cmd="imapd" listen="imap" prefork=5
imaps cmd="imapd -s" listen="imaps" prefork=1
pop3 cmd="pop3d" listen="pop3" prefork=3
pop3s cmd="pop3d -s" listen="pop3s" prefork=1
sieve cmd="timsieved" listen="sieve" prefork=0
# these are only necessary if receiving/exporting usenet via NNTP
# nntp cmd="nntpd" listen="nntp" prefork=3
# nntps cmd="nntpd -s" listen="nntps" prefork=1
# at least one LMTP is required for delivery
# lmtp cmd="lmtpd" listen="lmtp" prefork=0
lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1
# this is only necessary if using notifications
# notify cmd="notifyd" listen="/var/lib/imap/socket/notify"
proto="udp" prefork=1
}
EVENTS {
# this is required
checkpoint cmd="ctl_cyrusdb -c" period=30
# this is only necessary if using duplicate delivery suppression,
# Sieve or NNTP
delprune cmd="cyr_expire -E 3" at=0400
# this is only necessary if caching TLS sessions
tlsprune cmd="tls_prune" at=0400
}
--------------------------------------------------------
Thank you all for reading and trying to help me with this!
/ Jocke
---- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
|
|
|