imapd dies when connecting with Mozilla-1.6beta Mail IMAP account

Hajo Beckefeld hajo at
Sun Jan 4 17:46:01 EST 2004

Hi Nix,

> Maybe that is refering to something else, like Kerberos5 (GSS-API) login,
> which is getting more and more popular with the advance of Microsoft's
> Active Directory.
Yes it seems so!

Now my configuration is working fine! I upgraded to cyrus-sasl-2.1.17! 
After that the imap connect with Mozilla-1.6beta works again.

  Jan  4 23:15:53 jinn imapd[25584]: login:[] hajo plaintext
Jan  4 23:19:04 jinn imapd[25587]: no secret in database
Jan  4 23:19:04 jinn imapd[25587]: badlogin:[] CRAM-MD5 [SASL(-13): user not 
found: no secret in database]
Jan  4 23:19:07 jinn imapd[25587]: login:[] hajo plaintext

Then I wrote in /etc/imapd.conf: "sasl_mech_list: PLAIN LOGIN" then I've 

Jan  4 23:05:42 jinn imapd[25410]: login:[] hajo plaintext

> This usually means that the server is failing to perform that
> authentication. My guess is that PLAIN is using "saslauthd" (SASL
> Authentication Daemon for PLAIN authentication) and that your /etc/sasldb2
> (SASL DataBase module) is empty or unreadable by Cyrus user.
My /etc/sasldb2 looks fine, I think:
jinn:[hajo]# ls -l /etc/sasldb2
-rw-r-----    1 cyrus    mail        12288 Jan  4 22:51 /etc/sasldb2

jinn:[hajo]# sasldblistusers2
cyrus at cmusaslsecretOTP
cyrus at userPassword

I can create the same entry for mail user "hajo" but noting changes at all!!

> In any case, server shouldn't crash. Ever. Try setting up /etc/sasldb2 and
> see what happens (run "saslpasswd2 -c cyrus").
It doesn't crashes anymore - more than that: I get an error message!

>>Jan  4 18:53:04 jinn perl: No worthy mechs found
> This is Perl side, which has nothing to do with IMAP server.
Yepp, it doesn't matter what kind of perl modules I have:-)

> No. Perl modules are solely for "cyradm" client. "cyradm" is just a Perl
> application using IMAP protocol to administer mailboxes. All it does you,
> can do yourself from telnet to IMAP port - providing you know IMAP protocol
> by heart :-)
Yes, Yes it's very nice to study RFCs;-) I speek a little bit pop3;-)

> Nix.

At last cyrus-imap works fine again, but I do not understand the 
/etc/sasldb2 thing working with CRAM-MD5! Would't it be right that an 
IMAP client can authenticate with CRAM-MD5???

Here my cyradm:

When I try:
jinn:[hajo]# cyradm --user cyrus --auth CRAM-MD5 localhost
cyradm: cannot authenticate to server with CRAM-MD5 as cyrus

Jan  4 23:25:16 jinn imapd[25591]: badlogin:[] CRAM-MD5 [SASL(-13): user not found: 
no secret in database]

With auth PLAIN everything works fine!

Thanks for your help!

More information about the Info-cyrus mailing list