Sieve authentication

David Chait davidc at bonair.stanford.edu
Fri Dec 27 04:20:52 EST 2002 

Greetings all,
    I'm in the process of upgrading our current cyrus install and so far it has gone will with the one caviat that I cannot for some reason get Sieve to authenticate users. The IMAP daemon however works fine. As you can see below, I can see auth mechanisms:

[root at bonmail adm]# telnet localhost 2000
Trying 127.0.0.1...
Connected to bonmail.stanford.edu (127.0.0.1).
Escape character is '^]'.
"IMPLEMENTATION" "Cyrus timsieved v2.1.11"
"SASL" "PLAIN"
"SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational regex"
OK

However whenever I attempt to authenticate via the test utility, I get the following:

[root at bonmail adm]# sivtest -u dchait localhost
S: "IMPLEMENTATION" "Cyrus timsieved v2.1.11"
S: "SASL" "PLAIN"
S: "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational regex"
S: OK
Please enter your password: 
C: AUTHENTICATE "PLAIN" {28+}
ZGNoYWl0AHJvb3QATTExa3kjV0B5
S: NO "Authentication Error"
Authentication failed. generic failure
Security strength factor: 0

The logs show a PAM error, however my PAM file hasn't changed between installs:

Dec 27 01:17:28 bonmail saslauthd[19310]: DEBUG: auth_pam: pam_authenticate failed: Authentication failure
Dec 27 01:17:28 bonmail saslauthd[19310]: AUTHFAIL: user=dchait service=sieve realm= [PAM auth error]
Dec 27 01:17:28 bonmail timsieved[19607]: Password verification failed

imap file in pam.d shows:

auth       required     pam_nologin.so
auth       required     pam_stack.so service=system-auth
account    required     pam_stack.so service=system-auth
session    required     pam_stack.so service=system-auth

My cyrus.conf file shows:

# standard standalone server implementation

START {
  # do not delete this entry!
  recover       cmd="ctl_cyrusdb -r"

  # this is only necessary if using idled for IMAP IDLE
#  idled                cmd="idled"
}

# UNIX sockets start with a slash and are put into /var/imap/socket
SERVICES {
  # add or remove based on preferences
  imap          cmd="imapd" listen="imap" prefork=0
  imaps         cmd="imapd -s" listen="imaps" prefork=0
#  pop3         cmd="pop3d" listen="pop3" prefork=0
#  pop3s                cmd="pop3d -s" listen="pop3s" prefork=0
  sieve         cmd="timsieved" listen="sieve" prefork=0

  # at least one LMTP is required for delivery
#  lmtp         cmd="lmtpd" listen="lmtp" prefork=0
  lmtpunix      cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0

  # this is only necessary if using notifications
#  notify       cmd="notifyd" listen="/var/imap/socket/notify" proto="udp" prefork=1
}

EVENTS {
  # this is required
  checkpoint    cmd="ctl_cyrusdb -c" period=30

  # this is only necessary if using duplicate delivery suppression
  delprune      cmd="ctl_deliver -E 3" period=1440

  # this is only necessary if caching TLS sessions
  tlsprune      cmd="tls_prune" period=1440
}

This is on a Red Hat 7.3 based Dell server Runing the latest stable versions of both sasl and cyrus imap. Any ideas?

Thanks,
David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.andrew.cmu.edu/mailman/private/info-cyrus/attachments/20021227/a0d5e302/attachment.html

More information about the Info-cyrus mailing list