Cyrus-sasl2+MySQL+Cyrus-IMAPD+Postfix

Tux tusharsg at gmail.com
Mon Jan 30 11:00:17 EST 2006 

Hello list,

I used the FreeBSD virtual mail HOWTO at
http://www.wistful.net/wiki/Ed%27s_FreeBSD_Virtual_Mail_How-To.

Although, everything else seems to be in place, "cyradm" does
not seem to use SASL2 to authenticate. I keep getting the
following error in auth.log whenever I try to do
"cyradm --user cyrus localhost":

======
Jan 30 08:47:25 mx1 perl: No worthy mechs found
Jan 30 08:47:32 mx1 imap[92434]: bad userid authenticated
======

while on the Cyradm console, I get:

======
root at mx1# cyradm --user cyrus localhost
IMAP Password:
              Invalid user at
/usr/local/lib/perl5/site_perl/5.8.7/mach/Cyrus/IMAP/Admin.pm line 118
cyradm: cannot authenticate to server with  as cyrus
                                      ^^^^^^^
======

As you can see, SASL2 does not recognize the authentication
mechanism.

I read in the SASL2 documentation and also found looking
through the code that if I am using PLAIN authentication
mechanism then I need to use TLS. I have followed all your
instructions about TLS setup but no luck.

Here is a portion of my /usr/local/etc/imapd.conf

======
sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: sql
sasl_sql_engine: mysql
sasl_sql_user: postfix
sasl_sql_passwd: postfix
sasl_sql_database: postfix
sasl_sql_hostnames: mx1.wearab.net
sasl_sql_select: SELECT password FROM mailbox WHERE username='%u@%r' AND
active='1'
sasl_sql_verbose: yes
sasl_mech_list: plain login
sasl_password_format: crypt
sasl_log_level: 6

======

And this one from /usr/local/lib/sasl2/smtpd.conf

======
pwcheck_method: auxprop
auxprop_plugin: sql
sql_user: postfix
sql_passwd: postfix
sql_hostnames: localhost mx1.wearab.net
sql_database: postfix
sql_engine: mysql
sql_select: SELECT password FROM mailbox WHERE username = '%u@%r' and active
= '1'
sql_verbose: yes
mech_list: plain
log_level: 6
minimum_layer: 0
auto_transition: no
password_format: crypt
======


This is how /usr/local/etc/pam.d/imap looks like:

======
auth        sufficient  /usr/local/lib/pam_mysql.so     user=postfix
passwd=postfix host=localhost db=postfix table=mailbox usercolumn=username
passwdcolumn=password crypt=1 logtable=log logmsgcolumn=msg
logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time
sqllog=1

# account
account     required    /usr/local/lib/pam_mysql.so user=postfix
passwd=postfix host=localhost db=postfix table=mailbox usercolumn=username
passwdcolumn=password crypt=1 logtable=log logmsgcolumn=msg
logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time
sqllog=1
======


Have you seen these "No worthy mechs" errors before?
You advice will be valuable.

Thanks in anticipation.
- Tushar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.andrew.cmu.edu/mailman/private/cyrus-sasl/attachments/20060130/5078f779/attachment.html

More information about the Cyrus-sasl mailing list