Murder and Backend Authentication

Rob Siemborski rjs3 at andrew.cmu.edu
Fri Jan 31 15:18:57 EST 2003 

You aren't offering any SASL mechanisms.  I believe the 2.2 code even
supports STARTTLS (and therefore PLAIN).

You need to support a SASL mechanism that allows proxy authentication.
The regular IMAP login command isn't good enough.

-Rob

On Fri, 31 Jan 2003, Hank Beatty wrote:

> And when I use imtest:
>
> [root at draco root]# imtest -u hbeatty -a hbeatty localhost
> S: * OK draco Cyrus IMAP4 v2.2.prealpha server ready
> C: C01 CAPABILITY
> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
> NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT
> THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE
> MUPDATE=mupdate://zeus.email.starband.net/
> S: C01 OK Completed
> Please enter your password:
> C: L01 LOGIN hbeatty {4}
> S: + go ahead
> C: <omitted>
> S: L01 OK User logged in
> Authenticated.
> Security strength factor: 0
>
> ----- Original Message -----
> From: "Rob Siemborski" <rjs3 at andrew.cmu.edu>
> To: "Hank Beatty" <hbeatty.lists at earthlink.net>
> Cc: "Cyrus-Info" <info-cyrus at lists.andrew.cmu.edu>
> Sent: Friday, January 31, 2003 2:29 PM
> Subject: Re: Murder and Backend Authentication
>
>
> > What SASL mechanism are you using between your frontend and backends?
> >
> > Or rather, what mechanisms are your backends advertising?
> >
> > -Rob
> >
> > On Fri, 31 Jan 2003, Hank Beatty wrote:
> >
> > > I'm working on getting a Murder setup and I can authenticate and pull
> mail
> > > directly from the backend server.
> > >
> > > However, when I try to proxy the connection I get this in
> /var/log/messages
> > > on the proxy/master:
> > >
> > > Jan 31 13:40:35 zeus pop3[5437]: login: SERVER[192.168.247.241] hbeatty
> > > plaintext
> > > Jan 31 13:40:35 zeus pop3[5437]: couldn't authenticate to backend
> server: no
> > > mechanism available
> > > Jan 31 13:40:35 zeus pop3[5437]: couldn't authenticate to backend server
> > >
> > > I get this in /var/log/imapd.log on the backend server:
> > >
> > > Jan 31 13:45:01 draco pop3[32718]: accepted connection
> > > Jan 31 13:45:01 draco master[32724]: about to exec /usr/cyrus/bin/pop3d
> > > Jan 31 13:45:01 draco master[32688]: process 32718 exited, status 0
> > > Jan 31 13:45:01 draco pop3[32724]: executed
> > >
> > > With this in mind it would seem that when using the proxy the
> authentication
> > > method is different somehow. Is this correct?
> > >
> > >
> > >
> >
> > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> > Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456
> > Research Systems Programmer * /usr/contributed Gatekeeper
> >
>
>
>

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456
Research Systems Programmer * /usr/contributed Gatekeeper

More information about the Info-cyrus mailing list