<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Hi<div class=""><br class=""></div><div class="">(btw. i was Guest39278 on IRC yesterday and got the chance to introduce myself on googletalk)</div><div class=""><br class=""></div><div class="">I’m trying to set up imapd to use saslauthd for authentication.</div><div class=""><br class=""></div><div class="">I have already a running saslauthd which uses PAM. I can run this</div><div class=""><br class=""></div><div class=""><div class=""><font face="Courier New" class="">root@cyrus3:/ # testsaslauthd -u mike -p mike</font></div><div class=""><font face="Courier New" class="">0: OK "Success.“</font></div></div><div class=""><br class=""></div><div class="">and if i run</div><div class=""><br class=""></div><div class=""><div class=""><font face="Courier New" class="">root@cyrus3:/ # testsaslauthd -u mike -p abc</font></div><div class=""><font face="Courier New" class="">0: NO "authentication failed“</font></div></div><div class=""><br class=""></div><div class="">i get that logged in auth.log like this</div><div class=""><br class=""></div><div class=""><font face="Courier New" class="">Jan 30 21:43:53 cyrus3 saslauthd[88721]: do_auth : auth failure: [user=mike] [service=imap] [realm=] [mech=pam] [reason=PAM auth error]</font></div><div class=""><br class=""></div><div class="">In imapd.conf i have</div><div class=""><font face="Courier New" class=""><br class=""></font></div><div class=""><font face="Courier New" class="">sasl_pwcheck_method: saslauthd</font></div><div class=""><br class=""></div><div class="">Now i’m authenticate against imapd</div><div class=""><br class=""></div><div class=""><div class=""><font face="Courier New" class="">root@cyrus3:~ # imtest -t "" -u mike -a mike -w mike localhost</font></div><div class=""><font face="Courier New" class="">S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS LOGINDISABLED AUTH=SCRAM-SHA-1 AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=NTLM SASL-IR] <a href="http://cyrus3.intern.rueger.me" class="">cyrus3.intern.rueger.me</a> Cyrus IMAP 3.0.5 server ready</font></div><div class=""><font face="Courier New" class="">C: S01 STARTTLS</font></div><div class=""><font face="Courier New" class="">S: S01 OK Begin TLS negotiation now</font></div><div class=""><font face="Courier New" class="">verify error:num=18:self signed certificate</font></div><div class=""><font face="Courier New" class="">TLS connection established: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)</font></div><div class=""><font face="Courier New" class="">C: C01 CAPABILITY</font></div><div class=""><font face="Courier New" class="">S: * CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE ACL RIGHTS=kxten QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY CATENATE CONDSTORE ESEARCH SEARCH=FUZZY SORT SORT=MODSEQ SORT=DISPLAY SORT=UID THREAD=ORDEREDSUBJECT THREAD=REFERENCES THREAD=REFS ANNOTATEMORE ANNOTATE-EXPERIMENT-1 METADATA LIST-EXTENDED LIST-STATUS LIST-MYRIGHTS LIST-METADATA WITHIN QRESYNC SCAN XLIST XMOVE MOVE SPECIAL-USE CREATE-SPECIAL-USE DIGEST=SHA1 X-REPLICATION URLAUTH URLAUTH=BINARY AUTH=SCRAM-SHA-1 AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=NTLM AUTH=PLAIN AUTH=LOGIN SASL-IR COMPRESS=DEFLATE X-QUOTA=STORAGE X-QUOTA=MESSAGE X-QUOTA=X-ANNOTATION-STORAGE X-QUOTA=X-NUM-FOLDERS IDLE</font></div><div class=""><font face="Courier New" class="">S: C01 OK Completed</font></div><div class=""><font face="Courier New" class="">C: A01 AUTHENTICATE SCRAM-SHA-1 bixhPW1pa2Usbj1taWtlLHI9Z2Z1Ukp1cVc1Z1BybHhaWTdFcjVYUDR2WUtuMVhRNHc=</font></div><div class=""><font face="Courier New" class="">S: A01 NO authentication failure</font></div><div class=""><font face="Courier New" class="">Authentication failed. generic failure</font></div><div class=""><font face="Courier New" class="">Security strength factor: 256</font></div></div><div class=""><br class=""></div><div class="">Nothing is reported in auth.conf</div><div class=""><br class=""></div><div class="">If i do this</div><div class=""><br class=""></div><div class=""><font face="Courier New" class="">root@cyrus3:~ # saslpasswd2 -c <a href="mailto:mike@cyrus3.intern.rueger.me" class="">mike@cyrus3.intern.rueger.me</a></font></div><div class=""><font face="Courier New" class="">…<entering „mike“ twice here></font></div><div class=""><font face="Courier New" class="">root@cyrus3:~ # imtest -t "" -u mike -a mike -w mike localhost</font></div><div class=""><font face="Courier New" class="">S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS LOGINDISABLED AUTH=SCRAM-SHA-1 AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=NTLM SASL-IR] <a href="http://cyrus3.intern.rueger.me" class="">cyrus3.intern.rueger.me</a> Cyrus IMAP 3.0.5 server ready</font></div><div class=""><font face="Courier New" class="">C: S01 STARTTLS</font></div><div class=""><font face="Courier New" class="">…</font></div><div class=""><div class=""><font face="Courier New" class="">Authenticated.</font></div><div class=""><font face="Courier New" class="">Security strength factor: 256</font></div></div><div class=""><br class=""></div><div class="">it is working against local db BUT NOT against saslauthd.</div><div class=""><br class=""></div><div class="">How do i setup imapd to talk to saslauthd?</div><div class=""><br class=""></div><div class="">BTW i’m using </div><div class="">* cyrus-imapd30-3.0.5</div><div class="">* cyrus-sasl-2.1.26_13</div><div class="">* cyrus-sasl-saslauthd-2.1.26_3</div><div class="">on FreeBSD 11.1</div><div class=""><br class=""></div><div class="">Thank you for any help,</div><div class="">Mike</div><div class=""><br class=""></div></body></html>