Murder and POP3

Andreas S. Kerber ask at andreas.kerber.name
Mon Dec 8 07:19:25 EST 2003 

I'm currently implementing a cyrus murder test environment (1 backend,
1 frontend and the mupdate-master on a seperate machine). All machines
with Cyrus 2.1.16, no virtual domains, unixhierarchysep: no, saslauthd uses
pam.
Everything is working fine (all mailbox operations and IMAP), except
POP3, which is not working.

After authenticating via POP3 at the frontend, it immediatly fails with
"-ERR Authentication to backend server failed".
IMAP works fine and talking POP3 directly to the backend works fine too.

According to "ngrep" the frontend connects to the backend,
reads the POP3 banner and thats it. It doesn't seem to even try to
authenticate.  Any idea what the problem could be? Is anybody using POP3 on
a murder?


This is the ngrep output from the backend when trying to connect
via POP3 to the frontend:

# ngrep port 110                
interface: eth0 (213.182.0.0/255.255.255.128)
filter: ip and ( port 110 )
####
T 213.182.0.<frontend>:110 -> 213.182.0.<backend>:38004 [AP]
  +OK osiris2 Cyrus POP3 v2.1.16 server ready <2075889155.1070884187 at osiris2>..
####

This is what happens on the frontend:

# pop3test -a test -w test -p 110 213.182.0.<frontend>   
S: +OK seth Cyrus POP3 Murder v2.1.16 server ready <2755492160.1070883991 at seth>
C: CAPA
S: +OK List of capabilities follows
S: SASL DIGEST-MD5 CRAM-MD5
S: EXPIRE NEVER
S: LOGIN-DELAY 0
S: TOP
S: UIDL
S: PIPELINING
S: RESP-CODES
S: AUTH-RESP-CODE
S: USER
S: IMPLEMENTATION Cyrus POP3 proxy server v2.1.16
S: .
C: AUTH CRAM-MD5
S: + PDM3NjE4NTI5NDIuMTM5MTk0NDZAc2V0aD4=
C: dGVzdCA2ZWVkMjE0NDhmMzM2ZmEwMDA4YTc0MzdhZDQwOWU1YQ==
S: -ERR Authentication to backend server failed
Authentication failed. generic failure
Security strength factor: 0
Connection closed. 


The logs on the frontend reveal nothing helpful:

Dec  8 12:51:52 seth pop3d[16023]: accepted connection
Dec  8 12:51:52 seth master[17910]: about to exec /usr/cyrus/bin/pop3proxyd
Dec  8 12:51:52 seth pop3[17910]: executed
Dec  8 12:51:52 seth pop3d[16023]: login: <client hostname>[213.182.0.X] test CRAM-MD5 User logged in
Dec  8 12:51:52 seth pop3d[16023]: couldn't authenticate to backend server
Dec  8 12:51:52 seth master[13756]: process 16023 exited, status 0


As you can see IMAP works fine:

# imtest -a test -w test -p 143 213.182.0.<frontend>
S: * OK seth Cyrus IMAP4 Murder v2.1.16 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UI5
S: C01 OK Completed
C: A01 AUTHENTICATE CRAM-MD5
S: + PDE4NzczNTIxNzEuMTM5MjA3NjVAc2V0aD4=
C: dGVzdCBhZjViMWIzYTAyMjdiNmM5OWE1ZmE2YmZkYjk1ZGI4Nw==
S: A01 OK Success (no protection)
Authenticated.
Security strength factor: 0
. LIST "" "*"
* LIST (\HasNoChildren) "." "INBOX"
. OK Completed



The is the frontend configuration:

configdirectory: /var/imap
partition-default: /data/imap
admins: cyradm
sasl_pwcheck_method: saslauthd
proxy_authname: murder
osiris2_password: XXXXXX
mupdate_server: <mupdatemaster hostname>
mupdate_port: 3905
mupdate_username: mupdateslave1
mupdate_authname: mupdateslave1
mupdate_password: XXXX


And this is the backend configuration:

configdirectory: /var/imap
partition-default: /data/imap
admins: cyradm
allowanonymouslogin: no
sasl_srvtab: /var/imap/srvtab
sasl_pwcheck_method: saslauthd
sendmail: /usr/sbin/sendmail
proxyservers: murder
mupdate_server: <mupdatemaster hostname>
mupdate_port: 3905
mupdate_username: backend1
mupdate_authname: backend1
mupdate_password: XXXXX

If needed I can post an "strace" from a running pop3proxyd, there
doesn't seem to be anything helpful in there either tough.

Your help would be greatly appreciated!

More information about the Info-cyrus mailing list