- Previous message: Nope: "No connection to Imap server after crash"
- Next in thread: Michael Menge: "Re: lmtp login mech"
- Maybe reply: Michael Menge: "Re: lmtp login mech"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Russell Galpin (no email)
Date: Tue Jul 03 2007 - 14:51:18 EDT
Hi There
I'm trying to setup a new cyrus server running cyrus-imapd-2.3.8. I've been
successfully running another server running the Invoca RPM version
(v2.2.12-Invoca-RPM-2.2.12-8.1.RHEL4).
I'm running postfix and delivering to cyrus via LMTP on the working server
everything is good. I'm now trying to get postfix on a different server to
deliver over lmtp to the new cyrus server.
I believe the problem is with the sasl_mech_list. The working server has:
local_transport = lmtp:localhost
mailbox_transport = lmtp:locahost
lmtp_sasl_auth_enable=yes
lmtp_sasl_password_maps=hash:/etc/postfix/lmtp_passwd
lmtp_sasl_security_options = noanonymous
In postfix's main.cf, this works fine and the messages are delievered. On the
new 2.3.8 server, changing them settings to:
local_transport = lmtp:10.0.0.201
mailbox_transport = lmtp:10.0.0.201
lmtp_sasl_auth_enable=yes
lmtp_sasl_password_maps=hash:/etc/postfix/lmtp_passwd
lmtp_sasl_security_options = noanonymous
Changing and re-hashing the lmtp_passwd file, gives an authentication error when
delivering:
Jul 3 17:26:50 mta1 postfix/lmtp[17245]: 6A6C815B5F0:
to=<***@***>, relay=10.0.0.201[10.0.0.201]:24, delay=0.03,
delays=0.01/0.02/0/0, dsn=4.0.0, status=deferred (host 10.0.0.201[10.0.0.201]
said: 430 Authentication required (in reply to MAIL FROM command))
Using the lmtptest app:
On the broken server:
S: 220 lrhosting.net LMTP Cyrus v2.3.8 ready
C: LHLO example.com
S: 250-lrhosting.net
S: 250-8BITMIME
S: 250-ENHANCEDSTATUSCODES
S: 250-PIPELINING
S: 250-SIZE
S: 250-STARTTLS
S: 250 IGNOREQUOTA
Authenticated.
On the working server:
S: 220 lrhosting.net LMTP Cyrus v2.2.12-Invoca-RPM-2.2.12-8.1.RHEL4 ready
C: LHLO example.com
S: 250-lrhosting.net
S: 250-8BITMIME
S: 250-ENHANCEDSTATUSCODES
S: 250-PIPELINING
S: 250-SIZE
S: 250-STARTTLS
S: 250-AUTH PLAIN
S: 250 IGNOREQUOTA
C: AUTH PLAIN *****
S: 235 Authenticated!
The working server sends "250-AUTH PLAIN" which I *believe* tells postfix how to
authenticate, since it isn't sending that, postfix chokes.
My imapd.conf is:
postmaster: postmaster
configdirectory: /var/lib/imap
partition-default: /var/spool/imap
allowanonymouslogin: no
allowplaintext: yes
admins: cyrus
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail
hashimapspool: true
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN LOGIN
servername: lrhosting.net
altnamespace: 1
virtdomains: yes
defaultdomain: th.lrhosting.net
tls_cert_file: /var/lib/imap/imap.crt
tls_key_file: /var/lib/imap/imap.key
tls_ca_file: /var/lib/imap/cacert.pem
lmtp_admins: lmtp_admin
tls_lmtp_cert_file: /var/lib/imap/imap.crt
tls_lmtp_key_file: /var/lib/imap/imap.key
tls_lmtp_ca_file: /var/lib/imap/cacert.pem
I've tried different variations on the sasl_mech_list setting (plain, plain
login etc). If I add "digest-md5 cram-md5" then LMTP will send:
250-AUTH CRAM-MD5 DIGEST-MD5
However, I want to use plain.
Does anyone know how to solve this? Feel free to correct me if I'm barking up
totally the wrong tree.
Any help appreciated.
Russ
---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
|
|
|