Sieve authentication

Ken Murchison ken at oceana.com
Fri Dec 27 09:03:39 EST 2002 

The service name for Sieve was changed from "imap" to "sieve".  Copy
your "imap" PAM config to "sieve" and you should be fine.


> David Chait wrote:
> 
> Greetings all,
>     I'm in the process of upgrading our current cyrus install and so
> far it has gone will with the one caviat that I cannot for some reason
> get Sieve to authenticate users. The IMAP daemon however works fine.
> As you can see below, I can see auth mechanisms:
> 
> [root at bonmail adm]# telnet localhost 2000
> Trying 127.0.0.1...
> Connected to bonmail.stanford.edu (127.0.0.1).
> Escape character is '^]'.
> "IMPLEMENTATION" "Cyrus timsieved v2.1.11"
> "SASL" "PLAIN"
> "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress
> relational regex"
> OK
> 
> However whenever I attempt to authenticate via the test utility, I get
> the following:
> 
> [root at bonmail adm]# sivtest -u dchait localhost
> S: "IMPLEMENTATION" "Cyrus timsieved v2.1.11"
> S: "SASL" "PLAIN"
> S: "SIEVE" "fileinto reject envelope vacation imapflags notify
> subaddress relational regex"
> S: OK
> Please enter your password:
> C: AUTHENTICATE "PLAIN" {28+}
> ZGNoYWl0AHJvb3QATTExa3kjV0B5
> S: NO "Authentication Error"
> Authentication failed. generic failure
> Security strength factor: 0
> 
> The logs show a PAM error, however my PAM file hasn't changed between
> installs:
> 
> Dec 27 01:17:28 bonmail saslauthd[19310]: DEBUG: auth_pam:
> pam_authenticate failed: Authentication failure
> Dec 27 01:17:28 bonmail saslauthd[19310]: AUTHFAIL: user=dchait
> service=sieve realm= [PAM auth error]
> Dec 27 01:17:28 bonmail timsieved[19607]: Password verification failed
> 
> imap file in pam.d shows:
> 
> auth       required     pam_nologin.so
> auth       required     pam_stack.so service=system-auth
> account    required     pam_stack.so service=system-auth
> session    required     pam_stack.so service=system-auth
> 
> My cyrus.conf file shows:
> 
> # standard standalone server implementation
> 
> START {
>   # do not delete this entry!
>   recover       cmd="ctl_cyrusdb -r"
> 
>   # this is only necessary if using idled for IMAP IDLE
> #  idled                cmd="idled"
> }
> 
> # UNIX sockets start with a slash and are put into /var/imap/socket
> SERVICES {
>   # add or remove based on preferences
>   imap          cmd="imapd" listen="imap" prefork=0
>   imaps         cmd="imapd -s" listen="imaps" prefork=0
> #  pop3         cmd="pop3d" listen="pop3" prefork=0
> #  pop3s                cmd="pop3d -s" listen="pop3s" prefork=0
>   sieve         cmd="timsieved" listen="sieve" prefork=0
> 
>   # at least one LMTP is required for delivery
> #  lmtp         cmd="lmtpd" listen="lmtp" prefork=0
>   lmtpunix      cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0
> 
>   # this is only necessary if using notifications
> #  notify       cmd="notifyd" listen="/var/imap/socket/notify"
> proto="udp" prefork=1
> }
> 
> EVENTS {
>   # this is required
>   checkpoint    cmd="ctl_cyrusdb -c" period=30
> 
>   # this is only necessary if using duplicate delivery suppression
>   delprune      cmd="ctl_deliver -E 3" period=1440
> 
>   # this is only necessary if caching TLS sessions
>   tlsprune      cmd="tls_prune" period=1440
> }
> 
> This is on a Red Hat 7.3 based Dell server Runing the latest stable
> versions of both sasl and cyrus imap. Any ideas?
> 
> Thanks,
> David

-- 
Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp

More information about the Info-cyrus mailing list