SASL config options in /etc/imapd.conf

ellie timoney ellie at fastmail.com
Sun Jul 19 20:30:57 EDT 2015 

> - Why is this commented out ? Is this meant to be uncommented at some
> point ?

Looking at git blame, that line has been commented out for as long as
the file has existed in the repository.  There is a comment above it
saying that it's commented out because it's used by libsasl, but I don't
understand the implications of that myself.  Maybe that it's not needed
in lib/imapoptions because libsasl takes care of it?  In which case I
guess it exists as a comment in the imapoptions file as documentation
that the option exists, even though it is not handled by this file
particularly.

> - Would you know if there is anything to configure manually to setup
> SASL authentication with saslauthd using sasldb ?

I noticed in the "Running a basic server" document you wrote that you
were using:

> sasl_pwcheck_method: saslauthd

Which is interesting because I had trouble getting that working when I
tried it (for reasons that ended up being unrelated, I think, but I
didn't try it again to verify).  I have my VM's configured with this,
based I think on the config/docs shipped with debian's cyrus-imapd
package:

> sasl_pwcheck_method: auxprop
> sasl_auxprop_plugin: sasldb

I'm not sure what the difference is myself, just that this seemed to
work (though I have not touched virtual domains yet).

I also see you're using:

> virtdomains: yes

There was a thread started by Willem Offermans on info-cyrus last week
asking about an issue with virtual domains, in which Bron suggested
instead using:

> virtdomains: userid

I don't know if it will help, but if you haven't already maybe give that
a try too?

On Mon, Jul 20, 2015, at 01:19 AM, Conrad Kleinespel wrote:
> Hello everyone,
> 
> After struggling a lot to try and get SASL authentication to work for
> users with a domain name (eg conradk at conradk.com), I have noticed that
> the "sasl_pwcheck_method" recommended in the documentation seems to be
> commented out of the Cyrus code.
> 
> See here for the commented out option:
> https://git.cyrus.foundation/diffusion/I/browse/master/lib/imapoptions;690587fd545c291f2f52e2e3a14c8d4b6faad146$1600
> 
> I have 2 questions:
> - Why is this commented out ? Is this meant to be uncommented at some
> point ?
> - Would you know if there is anything to configure manually to setup
> SASL authentication with saslauthd using sasldb ?
> 
> Thanks a lot for your help ! :-)
> 
> Best regards,
> 
> Conrad Kleinespel
> conradk at conradk.com
> +33 6 23 82 42 79

More information about the Cyrus-devel mailing list