imapd dies when connecting with Mozilla-1.6beta Mail IMAP account

Hajo Beckefeld hajo at beckefeld-online.de
Sun Jan 4 17:46:01 EST 2004 

Hi Nix,

> 
> Maybe that is refering to something else, like Kerberos5 (GSS-API) login,
> which is getting more and more popular with the advance of Microsoft's
> Active Directory.
> 
Yes it seems so!

Now my configuration is working fine! I upgraded to cyrus-sasl-2.1.17! 
After that the imap connect with Mozilla-1.6beta works again.

/var/log/messages:
  Jan  4 23:15:53 jinn imapd[25584]: login: 
luke.beckefeld-online.de[192.168.1.20] hajo plaintext
Jan  4 23:19:04 jinn imapd[25587]: no secret in database
Jan  4 23:19:04 jinn imapd[25587]: badlogin: 
oola.beckefeld-online.de[192.168.1.42] CRAM-MD5 [SASL(-13): user not 
found: no secret in database]
Jan  4 23:19:07 jinn imapd[25587]: login: 
oola.beckefeld-online.de[192.168.1.42] hajo plaintext

Then I wrote in /etc/imapd.conf: "sasl_mech_list: PLAIN LOGIN" then I've 
only:

/var/log/messages:
Jan  4 23:05:42 jinn imapd[25410]: login: 
luke.beckefeld-online.de[192.168.1.20] hajo plaintext

> 
> 
> This usually means that the server is failing to perform that
> authentication. My guess is that PLAIN is using "saslauthd" (SASL
> Authentication Daemon for PLAIN authentication) and that your /etc/sasldb2
> (SASL DataBase module) is empty or unreadable by Cyrus user.
> 
My /etc/sasldb2 looks fine, I think:
jinn:[hajo]# ls -l /etc/sasldb2
-rw-r-----    1 cyrus    mail        12288 Jan  4 22:51 /etc/sasldb2

jinn:[hajo]# sasldblistusers2
cyrus at jinn.beckefeld-online.de: cmusaslsecretOTP
cyrus at jinn.beckefeld-online.de: userPassword

I can create the same entry for mail user "hajo" but noting changes at all!!

> 
> In any case, server shouldn't crash. Ever. Try setting up /etc/sasldb2 and
> see what happens (run "saslpasswd2 -c cyrus").
> 
It doesn't crashes anymore - more than that: I get an error message!

> 
>>Jan  4 18:53:04 jinn perl: No worthy mechs found
> This is Perl side, which has nothing to do with IMAP server.
> 
Yepp, it doesn't matter what kind of perl modules I have:-)

> 
> No. Perl modules are solely for "cyradm" client. "cyradm" is just a Perl
> application using IMAP protocol to administer mailboxes. All it does you,
> can do yourself from telnet to IMAP port - providing you know IMAP protocol
> by heart :-)
> 
Yes, Yes it's very nice to study RFCs;-) I speek a little bit pop3;-)

> Nix.
> 
> 

At last cyrus-imap works fine again, but I do not understand the 
/etc/sasldb2 thing working with CRAM-MD5! Would't it be right that an 
IMAP client can authenticate with CRAM-MD5???

Here my cyradm:

When I try:
jinn:[hajo]# cyradm --user cyrus --auth CRAM-MD5 localhost
cyradm: cannot authenticate to server with CRAM-MD5 as cyrus

/var/log/messages:
Jan  4 23:25:16 jinn imapd[25591]: badlogin: 
jinn.beckefeld-online.de[127.0.0.1] CRAM-MD5 [SASL(-13): user not found: 
no secret in database]

With auth PLAIN everything works fine!

Thanks for your help!
c-You
Hajo

More information about the Info-cyrus mailing list