Cyrus-POP & SASL2 auxprop work together ?

Peter Markom peter at markom.at
Mon Aug 9 16:26:17 EDT 2004


When testing with imtest, it first says L0-LOGIN and then LOGIN FAILED.


master:~ # imtest -t "" -m login -u nospam at koordinaten.at -a 
nospam at koordinaten.at localhost
S: * OK master.koordinaten.at Cyrus IMAP4 v2.2.3 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS 
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME
UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT 
THREAD=REFERENCES ANNOTATEMORE IDLE STARTTLS
X-NETSCAPE
S: C01 OK Completed
C: S01 STARTTLS
S: S01 OK Begin TLS negotiation now
verify error:num=18:self signed certificate
TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits)
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS 
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME
UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT 
THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=LOGIN
  AUTH=PLAIN SASL-IR X-NETSCAPE
S: C01 OK Completed
Please enter your password:
C: L01 LOGIN nospam at koordinaten.at {8}
S: + go ahead
C: <omitted>
S: L01 NO Login failed: user not found
Authentication failed. generic failure
Security strength factor: 256

Am Fri, 06 Aug 2004 08:44:49 -0400 hat Ken Murchison <ken at oceana.com> 
geschrieben:

> Peter Markom wrote:
>
>> Hello,
>>
>> I submit my question a second time since do not find the problem. I 
>> suppose it to be something simple which could easily be overlooked. 
>> Maybe it is related with the virtual-domains, but I checked the 
>> manual/Howto/faq various times. I also though about something that has 
>> to do with permissions / access-rights ?
>>
>> Any suggestion would be highly appreciated.
>>
>> Problem is: I can not authenticate imap/pop-users using auxprop and 
>> /etc/sasldb2
>>
>> On the same machine runs postfix and authentication via TLS and 
>> SASL/auxprop works fine. So I can send mails but can not retrieve mails 
>> via pop/imap.
>>
>> When trying to do so, /var/log/messages reads like below when trying to 
>> authenticate via login & tls
>>
>> Aug  2 00:00:23 master master[23882]: about to exec 
>> /usr/lib/cyrus/bin/pop3d
>> Aug  2 00:00:23 master pop3[23882]: executed
>> Aug  2 00:00:23 master pop3[23882]: accepted connection
>> Aug  2 00:00:23 master pop3[23882]: TLS server engine: cannot load CA 
>> data
>> Aug  2 00:00:23 master pop3[23882]: TLS server engine: No CA file 
>> specified. Client side certs may not work
>> Aug  2 00:00:23 master pop3[23882]: mystore: starting txn 2147483650
>> Aug  2 00:00:23 master pop3[23882]: mystore: committing txn 2147483650
>> Aug  2 00:00:23 master pop3[23882]: starttls: TLSv1 with cipher RC4-SHA 
>> (128/128 bits new) no authentication
>> Aug  2 00:00:26 master pop3[23882]: badlogin: [212.166.101.83] LOGIN 
>> user not found
>>
>> or else via plaintext & tls
>>
>> Aug  2 00:12:49 master master[23899]: about to exec 
>> /usr/lib/cyrus/bin/pop3d
>> Aug  2 00:12:49 master pop3[23899]: executed
>> Aug  2 00:12:49 master pop3[23899]: accepted connection
>> Aug  2 00:12:49 master pop3[23899]: TLS server engine: cannot load CA 
>> data
>> Aug  2 00:12:49 master pop3[23899]: TLS server engine: No CA file 
>> specified. Client side certs may not work
>> Aug  2 00:12:50 master pop3[23899]: mystore: starting txn 2147483658
>> Aug  2 00:12:50 master pop3[23899]: mystore: committing txn 2147483658
>> Aug  2 00:12:50 master pop3[23899]: starttls: TLSv1 with cipher RC4-SHA 
>> (128/128 bits new) no authentication
>> Aug  2 00:12:50 master pop3[23899]: badlogin: [212.166.101.83] 
>> plaintext nospam SASL(-13): user not found: checkpass failed
>
>
> Does the cyrus user have read access to sasldb2?
>


---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html




More information about the Info-cyrus mailing list