proxyd and authenticating with the backend servers

Iain_Gray at scee.net Iain_Gray at scee.net
Tue Jan 27 10:52:19 EST 2004


HI

I am having a problem with cyrus murder setup.

I have these configured machines

2 frontend machines running proxyd and mupdate slaves
2 backend machines running imapd and lmtpd
1 mupdate master running lmtpproxyd
I am using sql for a password db

I can happily log in to the fe servers and see user mailboxes. Also I can 
log into the back end machines and retrieve mail . I can also deliver mail 
to the backend machines.

What I am having trouble with is when I try and read any mailboxes from 
the front end machines then I get this error in the logs

Jan 27 16:46:24 cetcb13-01-09 proxyd[5356]: login: 
cetcfw006h.inline.scee.com[10.18.13.10] bigbigray plaintext+TLS 
Jan 27 16:46:26 cetcb13-01-09 proxyd[5356]: couldn't authenticate to 
backend server: no mechanism available

If i run imtest from the front end machines either with or without TLS i 
can log in and see mail as below. Also if I deliver mail to either of the 
backends directly to the lmtpd then that is fine. 

The problem seems to be with proxyd and lmtpd not authenticating as the 
rest does.

I guess that this is because I am using PLAIN passwords and this is 
disabled unless using TLS.

Is there a way to enable TLS with proxyd and lmtpproxyd or am i just 
completely wrong.

TIA

Iain


[root at cyrus_fe2 log]# imtest -a bigbigray cyrus_be2
S: * OK cetcb09-01-09 Cyrus IMAP4 v2.1.16-Invoca-RPM-2.1.16-6 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS 
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT 
THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS 
MUPDATE=mupdate://10.18.13.95/ LISTEXT LIST-SUBSCRIBED ANNOTATEMORE 
X-NETSCAPE
S: C01 OK Completed
Please enter your password: 
C: L01 LOGIN bigbigray {6}
S: + go ahead
C: <omitted>
S: L01 OK User logged in
Authenticated.
Security strength factor: 0
C: Q01 LOGOUT


[root at cyrus_fe2 log]# imtest -t "" -a bigbigray cyrus_be2
S: * OK cetcb09-01-09 Cyrus IMAP4 v2.1.16-Invoca-RPM-2.1.16-6 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS 
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT 
THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS 
MUPDATE=mupdate://10.18.13.95/ LISTEXT LIST-SUBSCRIBED ANNOTATEMORE 
X-NETSCAPE
S: C01 OK Completed
C: S01 STARTTLS
S: S01 OK Begin TLS negotiation now
verify error:num=18:self signed certificate
TLS connection established: TLSv1 with cipher DES-CBC3-SHA (168/168 bits)
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS 
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT 
THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE 
MUPDATE=mupdate://10.18.13.95/ AUTH=PLAIN AUTH=LOGIN LISTEXT 
LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE
S: C01 OK Completed
C: A01 AUTHENTICATE PLAIN
S: + 
Please enter your password: 
C: YmlnYmlncmF5AGJpZ2JpZ3JheQB0ZXN0eXA=
S: A01 OK Success (tls protection)
Authenticated.
Security strength factor: 168
C: Q01 LOGOUT
Connection closed.


Iain Gray
Sony Computer Entertainment Europe
http://www.scee.com



**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
postmaster at scee.net

This footnote also confirms that this email message has been checked
for all known viruses.

**********************************************************************
 SCEE 2004





More information about the Info-cyrus mailing list