virtdomains and defaultdomain issue

Edwin Boersma edwin.boersma at secureoffice.net
Mon Feb 23 07:43:20 EST 2009 

Hi,

Just to make it clear: the problem only occurs with the default domain,
not with other virtual domains. All user are in the SQL database, and
cyrus does a correct translation to the mailbox for all the others. The
only problem is that the default domain is replaced with the local
computer name.

I made another user without domain extension, and then I can't login.
Cyrus tries to lookup the user with the domain extension from %r. So
only if I have a user "user@<local computer name>, i can login to imap.
But then Postfix requires an alias from <user>@default.domain to <user>,
else it won't accept any email.

Why is this such a big problem? It is, because the database is fed with
information from a script, where we add users to the mail system. Now I
have to tell the script to perform special actions when the user is in
the default domain, and this is not a good situation.

In my opinion (can you give me yours, Andrew?), cyrus should not rewrite
the default domain when using %r, but internally redirect to the local
mailbox (so after login). Or provide a mechanism where the local mailbox
is transformed into a virtual domain box.

Kind regards,

Edwin Boersma
Lead Developer Web Applications

SecureOffice Europe AB
Ideon Science Park B2 floor 2
Scheelevägen 17
22363 Lund
Sweden

W: http://www.secureoffice.net
T: +46 462868773
M: +46 709726431



Alain Spineux wrote:
> 2009/2/18 Edwin Boersma <edwin.boersma at secureoffice.net>:
>   
>> Hi,
>>
>> To be able to have user names like <user>@<our.domain> and
>> <sameuser>@<another.domain>, I have changed our IMAP config to use virtual
>> domains. To be able to access the existing mailboxes, I added the
>> "defaultdomain" option to imapd.conf.
>>     
>
> It looks correct !
>
>   
>> The user names were then renamed from
>> <user> to <user>@<our.domain>,
>>     
>
> Which user ? Not in cyrus imap ! In SQL then ?
> What happen if you don't rename it !
>
>   
>> so I would think we could login.
>> But we couldn't. We use a sql lookup for authentication and so does Postfix
>> to find the local users. Now, here I have found a problem.
>>
>> What happens? At authentication, the (default) domain name appears to get
>> replaced with the server's hostname and the authentication fails. If I
>> change the user name to <user>@<server name>, it works. But then Postfix
>> requires the email address to be present in the virtual users table,
>> pointing to the local user name again. And this is only the case for the
>> default domain, not for foreign domains.
>>
>> The server's local name should not be used here, as it is totally arbitrary.
>> It would make it impossible to e.g. migrate cyrus and Postfix to another
>> server.
>>
>> (I hope you still follow)
>>
>> Here's the imapd.conf:
>> configdirectory: /var/lib/imap
>> partition-default: /var/spool/imap
>> sievedir: /var/lib/sieve
>> admins: cyrus root
>>
>> allowanonymouslogin: no
>> autocreate_users: anyone
>> autocreatequota: 1000000
>> reject8bit: no
>> quotawarn: 90
>> timeout: 30
>> poptimeout: 10
>> dracinterval: 0
>> drachost: localhost
>> allowplaintext: yes
>> lmtp_overquota_perm_failure: no
>> lmtp_downcase_rcpt: yes
>> createonpost: yes
>> unixhierarchysep: yes
>> virtdomains: yes
>> defaultdomain: secureoffice.net
>>
>> sasl_pwcheck_method: auxprop
>> sasl_auxprop_plugin: sql
>> sasl_sql_engine: mysql
>> sasl_mech_list: login
>> sasl_sql_hostnames: localhost
>> sasl_sql_user: mail
>> sasl_sql_passwd: xxxxxxxxxxxxxxxxxxxxxxx
>> sasl_sql_database: maildb
>> sasl_sql_verbose: yes
>> sasl_sql_select: SELECT clear AS password FROM users WHERE id='%u@%r' AND
>> Active='Y'
>>
>> And this is from the logfile:
>> Feb 18 16:26:07 reindeer imap[14741]: sql plugin create statement from
>> userPassword edwin.boersma reindeer
>> Feb 18 16:26:07 reindeer imap[14741]: sql plugin doing query SELECT clear AS
>> password FROM users WHERE id='edwin.boersma at reindeer' AND Active='Y';
>>
>> My username is edwin.boersma at secureoffice.net, and the server's local name
>> is reindeer. Is there something wrong in my config, or is this
>> works-as-designed?
>>
>> --
>> Kind regards,
>>
>> Edwin Boersma
>> Lead Developer Web Applications
>>
>> SecureOffice Europe AB
>> Ideon Science Park B2 floor 2
>> Scheelevägen 17
>> 22363 Lund
>> Sweden
>>
>> W: http://www.secureoffice.net
>> T: +46 462868773
>> M: +46 709726431
>>
>> ----
>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>
>>     
>
>
>
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20090223/5f1e6621/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: edwin_boersma.vcf
Type: text/x-vcard
Size: 134 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20090223/5f1e6621/attachment.vcf

More information about the Info-cyrus mailing list