Hello everyone!<br><br>Iam trying to setup a mailserver with postfix, cyrus-imap, cyrus-sasl, mysql, pam_mysql on Redhat Enterprise 4.<br><br>Everything seems to work ok accept when I use cyradm to login on my imap server.
<br><br>root> cyradm --user cyrus --server localhost --auth plain<br>root>password: <---- this is where my maillog spits out an error message <br>( imap[2302]: badlogin: localhost [<a href="http://127.0.0.1">127.0.0.1
</a>] PLAIN [SASL(-16): encryption needed to use mechanism: security flags do not match required] )<br><br>root>IMAP password: <--- this checks against mysql and seems to work fine.. I get into my imap server after this.
<br><br>here is a paste of my maillog after I tried this.<br><br>Jul 26 09:28:50 mail56 imap[2302]: accepted connection<br>Jul 26 09:28:51 mail56 imap[2302]: badlogin: localhost [<a href="http://127.0.0.1">127.0.0.1</a>] PLAIN [SASL(-16): encryption needed to use mechanism: security flags do not match required]
<br>Jul 26 09:28:55 mail56 imap[2302]: login: localhost [<a href="http://127.0.0.1">127.0.0.1</a>] cyrus plaintext User logged in<br><br><br>Ive been on this, googling, reading asking.. for a cpl of weeks now and it starts to get on my nervs.
<br>Can anyone give me a hint on what to do here?<br><br>A couple of notes:<br><br>1. postfix works fine, it also authenticates fine, I can send and resieve mail<br>2. imap works, I can login to my imap server from outlook express, and view my mails.
<br>3. I tryed to auth against sasldb with testsasl, and imtest. It works without any problems.<br>4. I prolly read every post out ther about this problem and noone gives a clear answer why this problem exists =)<br><br>If someone want to explain to me why the first authentication is ther for I would also be glad =)
<br><br>cyradm --user cyrus --server localhost --auth plain<br>>password <----- why this one? what is it supposed to contact? Ive read that its contacting sasldb2, but when I run saslauthd in debugmode I see nothing
<br>>IMAP password <----- this one makes sence, it checks my mysql tables and this also works and lets me into my imap server, even tho the first pw auth fails.<br><br>Here is my a few of my confs<br><br>/etc/imapd.conf:
<br><br>postmaster: postmaster<br>configdirectory: /var/lib/imap/<br>partition-default: /var/spool/imap<br>admins: cyrus<br>allowanonymouslogin: no<br>allowplaintext: yes<br>sasl_mech_list: PLAIN<br>servername: mail56<br>
autocreatequota: 10000<br>reject8bit: no<br>quotawarn: 90<br>timeout: 30<br>poptimeout: 10<br>dracinterval: 0<br>drachost: localhost<br>sasl_pwcheck_method: saslauthd<br>sievedir: /usr/sieve<br>sendmail: /usr/sbin/sendmail
<br>sieve_maxscriptsize: 32<br>sieve_maxscripts: 5<br>#unixhierarchysep: yes<br>tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem<br>tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem<br>tls_ca_file: /usr/share/ssl/certs/ca-
bundle.crt<br><br>--------------------------------------------------------<br><br>/etc/sysconfig/saslauthd<br><br># Directory in which to place saslauthd's listening socket, pid file, and so<br># on. This directory must already exist.
<br>SOCKETDIR=/var/run/saslauthd<br><br># Mechanism to use when checking passwords. Run "saslauthd -v" to get a list<br># of which mechanism your installation was compiled to use.<br>MECH=pam<br><br># Additional flags to pass to saslauthd on the command line. See saslauthd(8)
<br># for the list of accepted flags.<br>FLAGS=<br><br>--------------------------------------------------------<br><br>/etc/cyrus.conf<br><br># standard standalone server implementation<br><br>START {<br> # do not delete this entry!
<br> recover cmd="ctl_cyrusdb -r"<br><br> # this is only necessary if using idled for IMAP IDLE<br># idled cmd="idled"<br>}<br><br># UNIX sockets start with a slash and are put into /var/lib/imap/sockets
<br>SERVICES {<br> # add or remove based on preferences<br> imap cmd="imapd" listen="imap" prefork=5<br> imaps cmd="imapd -s" listen="imaps" prefork=1<br> pop3 cmd="pop3d" listen="pop3" prefork=3
<br> pop3s cmd="pop3d -s" listen="pop3s" prefork=1<br> sieve cmd="timsieved" listen="sieve" prefork=0<br><br> # these are only necessary if receiving/exporting usenet via NNTP
<br># nntp cmd="nntpd" listen="nntp" prefork=3<br># nntps cmd="nntpd -s" listen="nntps" prefork=1<br><br> # at least one LMTP is required for delivery<br># lmtp cmd="lmtpd" listen="lmtp" prefork=0
<br> lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1<br><br> # this is only necessary if using notifications<br># notify cmd="notifyd" listen="/var/lib/imap/socket/notify" proto="udp" prefork=1
<br>}<br><br>EVENTS {<br> # this is required<br> checkpoint cmd="ctl_cyrusdb -c" period=30<br><br> # this is only necessary if using duplicate delivery suppression,<br> # Sieve or NNTP<br> delprune cmd="cyr_expire -E 3" at=0400
<br><br> # this is only necessary if caching TLS sessions<br> tlsprune cmd="tls_prune" at=0400<br>}<br><br>--------------------------------------------------------<br><br>Thank you all for reading and trying to help me with this!
<br><br>/ Jocke<br>