Problem with saslauthd

Dan White dwhite at
Thu Jan 21 19:30:11 EST 2010

On 21/01/10 11:07 +0100, Jimmy Renner wrote:
> I have configured saslauthd to use getpwent and if I use testsaslautd or 
> imtest all seems to work. However, if I change the password I cannot 
> login using either Horde/Imp nor Pine. If I again check with imtest it 
> gives a positive answer and if I then again try with Pine or Horde it 
> works.
> It is as imtest updates some other files besides passwd which Pine and  
> Horde looks in.
> Im running FreeBSD 7.2 with:
> cyrus-imapd-2.1.18
> cyrus-sasl-saslauthd-2.1.23
> cyrus-sasl-2.1.23
> Pine 4.64
> sasltauthd is started with:
> saslauthd_flags="-a getpwent"
> imapd.conf says:
> sasl_pwcheck_method: saslauthd

There could be an issue with horde/imp attempting to do a digest-md5 or
cram-md5 authentication.

Can you restrict what mechanism they use? If so, force them to plain or
login, since you are authenticating against saslauthd.

Alternatively, you could restrict which mechanisms imapd advertises with
the following in imapd.conf:
sasl_mech_list: PLAIN LOGIN

If that doesn't help, then see if your syslog as anything useful. See:

for hints on how to increase syslog debug messages. You can increase sasl
debugging by adding the following to imapd.conf:
sasl_log_level: 7

Dan White

More information about the Cyrus-sasl mailing list