Sieve: "@" in user names wont work?
Ken Murchison
ken at oceana.com
Sun Aug 31 09:50:26 EDT 2003
The difference is that IMAP and POP have their own plaintext login
commands (LOGIN and USER/PASS respecitively) which your clients are
probably using. Even though SASL is still used to veirfy the passwords,
these commands have no concept of realms. MANAGESIEVE on the other
hand, has no built-in login command, so all authentication MUST happen
with a SASL mech.
Daniel Lawson wrote:
>
> I have a virtual domain system set up under Debian Woody with exim, ldap
> as an auth backend, and cyrus 2.1.15 (backported to Woody). I am using
> althierarchy and unixsep. Saslauthd is configured to use PAM as an
> authentication mechanism.
>
> Mailboxes are created with the name "user at domain.com". Delivery and
> retrieval works perfectly.
>
> However, I cannot log in to timsieved with usernames in this format. The
> standard mail logs only show failed login style messages.
>
> My authentication log has the following (edited) snippet:
>
> Aug 31 17:16:18 server cyrus/timsieved[20862]: can't access srvtab file
> /etc/srvtab: No such file or directory
> Aug 31 17:16:18 server cyrus/timsieved[20862]: server add_plugin
> entry_point error generic failure
> Aug 31 17:16:18 server cyrus/timsieved[20862]: _sasl_plugin_load failed
> on sasl_server_plug_init for plugin: kerberos4
> Aug 31 17:16:18 server cyrus/timsieved[20862]: cross-realm login
> test at domain.net.nz denied
>
> The first three lines appear to occur every time someone logs in, so I
> dont think this is relevant. The last one seems to be the relevant one -
> 'cross-realm login ...'
>
> Adding 'domain.net.nz' to the 'loginrealms' parameter in imapd.conf
> allows this user to login via sieve.
>
> I'd rather not have to add every domain to this field if I can at all
> help it. I'll confess that I know very little about SASL, however it
> bothers me that it acts differently when used from Sieve (ie, wont allow
> logins) but both the IMAP and POP daemons allow logins fine.
>
> Is there something about Sieve which means I cannot use "@" in usernames
> at all? Am i missing an obvious configuration option somewhere? :/
> Anyone have any thoughts on how to fix this?
>
> Daniel
>
>
>
>
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the Info-cyrus
mailing list