cyrus sasl realm problem

brad brad at bradandkim.net
Mon Oct 3 10:36:27 EDT 2005 

On Mon, 2005-10-03 at 15:57 +0200, Georg Gell wrote:
> brad schrieb:

> > With virtdomains turned on then cyrus will use the domain sent with the
> > username if the user logs in fully qualified.  Otherwise cyrus does a
> > reverse lookup on the IP that the user logged in on uses the domain from
> > that lookup as the user's domain.  The lookup can be either from DNS or
> > hosts file or any other means.
> > 
> > Hope that helps,
> > 
> Thanks for the quick reply. Sadly this is not true on my system.
> trying imtest:
> moritz> imtest -a georg localhost (on moritz.have2.com)
> ebug.log:
> Oct  3 15:46:21 [imap] sql plugin doing query SELECT password FROM
> accountuser WHERE username = 'georg at moritz.have2.com';_
>  moritz.have2.com is the fqdn of my sever.
> 
> moritz> imtest -a georg moritz.have2.com (on moritz.have2.com)
> Oct  3 15:49:23 [imap] sql plugin doing query SELECT password FROM
> accountuser WHERE username = 'georg at have2.com';_
> 
> notebook> imtest -a georg moritz.have2.com (from home dial up)
> Oct  3 15:49:23 [imap] sql plugin doing query SELECT password FROM
> accountuser WHERE username = 'georg at have2.com';_
> 
> Where does the realm part come from? If I connect to localhost, it uses
> the server's fqdn (which is also the defaultdomain in my imapd.conf),
> that's what I'd expect. If I connect from the same machine to the
> external IP, I have have2.com as realm. Why? And even worse from my
> dial-up ip (reverse lookup looks like dial-up-XXX.highway.telekom.at), I
> have also have2.com as realm. So the realm cannot be related to the ip
> of the logged in user, or am I missing something?
> 
> Regards
> 
> Georg

I think this would be the expected behavior.  It is stripping the sub-
domain which IIRC is what it should do.  But I am not positive why it is
not stripping the sub-domain on your localhost  test.  Might be the way
your hosts file is set up or it may not strip the sub-domain if it
resolves it from the hosts file but does if it resolves it from DNS.


-- 
Brad Crotchett, RHCE
brad at bradandkim.net

More information about the Info-cyrus mailing list