Problem with saslauthd
Dan White
dwhite at olp.net
Thu Jan 21 19:30:11 EST 2010
On 21/01/10 11:07 +0100, Jimmy Renner wrote:
> I have configured saslauthd to use getpwent and if I use testsaslautd or
> imtest all seems to work. However, if I change the password I cannot
> login using either Horde/Imp nor Pine. If I again check with imtest it
> gives a positive answer and if I then again try with Pine or Horde it
> works.
>
> It is as imtest updates some other files besides passwd which Pine and
> Horde looks in.
>
> Im running FreeBSD 7.2 with:
> cyrus-imapd-2.1.18
> cyrus-sasl-saslauthd-2.1.23
> cyrus-sasl-2.1.23
>
> Pine 4.64
>
> sasltauthd is started with:
> saslauthd_flags="-a getpwent"
>
> imapd.conf says:
> sasl_pwcheck_method: saslauthd
There could be an issue with horde/imp attempting to do a digest-md5 or
cram-md5 authentication.
Can you restrict what mechanism they use? If so, force them to plain or
login, since you are authenticating against saslauthd.
Alternatively, you could restrict which mechanisms imapd advertises with
the following in imapd.conf:
sasl_mech_list: PLAIN LOGIN
If that doesn't help, then see if your syslog as anything useful. See:
http://cyrusimap.web.cmu.edu/imapd/install-configure.html
for hints on how to increase syslog debug messages. You can increase sasl
debugging by adding the following to imapd.conf:
sasl_log_level: 7
--
Dan White
More information about the Cyrus-sasl
mailing list