sieveshell authentication with debian testing - cyrus 2.1.16

MacManitou macmanitou at gmx.de
Sat Mar 13 12:07:10 EST 2004 

Hello,

normally I try to make all configurations on my own, but this seems to 
be a special case :(.
I have tried to install cyrus21 on a debian testing installation - so 
far everything is working really great.
Except sieve - I couldn't find a mistake in my configuration so maybe 
anyone knows if this might be a problem
with the debian cyrus 2.1.16 package?
On the other hand it could be my fault and I am really to blind to see 
it ;).
The authentication chain should be saslauthd (pam shadow) -> pam -> 
sasldb.
The user cyrus exists in the shadow and also in the sasldb.
If I only use plain authentification as mech - sieveshell shows the 
error from line 174 (couldn't connect to a server) and
the auth.log has an error entry from perl: no possible mech.

Thanks for your help,
Sascha


localhost:~#  cyradm --user cyrus localhost
IMAP Password:
               localhost>

localhost:~# sieveshell --user=cyrus --authname=cyrus localhost
connecting to localhost
Please enter your password:
Please enter your password:
Bad protocol from MANAGESIEVE server: lost connection

localhost:~# tail -f /var/log/auth.log
Mar 13 17:44:32 denver211 cyrus/timsieved[17261]: Password verification 
failed
Mar 13 17:44:32 denver211 perl: No worthy mechs found
Mar 13 17:44:35 denver211 postfix/smtpd[17270]: OTP unavailable because 
can't read/write key database /etc/opiekeys: No such file or directory
Mar 13 17:44:37 denver211 postfix/smtpd[17252]: OTP unavailable because 
can't read/write key database /etc/opiekeys: No such file or directory
Mar 13 17:45:43 denver211 cyrus/timsieved[17281]: attempting server 
step after doneflag

localhost:~# telnet localhost sieve
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
"IMPLEMENTATION" "Cyrus timsieved v2.1.16-IPv6-Debian-2.1.16-4"
"SASL" "LOGIN PLAIN"
"SIEVE" "fileinto reject envelope vacation imapflags notify subaddress 
relational regex"
"STARTTLS"
OK

My test configuration for using pam with the shadow.
/etc/pam.d/sieve
auth            required        /lib/security/pam_unix.so shadow nullok 
debug
account         required        /lib/security/pam_unix_acct.so debug

/etc/imapd.conf
.
.
sieve_admins: cyrus sieve
allowanonymouslogin: no
sieveusehomedir: false
sievedir: /var/spool/sieve
sieve_maxscriptsize:32
sieve_maxscripts:5
allowplaintext: yes
sasl_mech_list: PLAIN LOGIN
allowapop: no
sasl_minimum_layer: 0
# sasl_maximum_layer: 256
# loginrealms:
sasl_pwcheck_method: saslauthd
# sasl_auxprop_plugin: sasldb
# sasl_sasldb_path: /etc/sasldb2
# sasl_auto_transition: yes
tls_cert_file: /etc/ssl/certs/cyrus-global.pem
tls_key_file: /etc/ssl/private/cyrus-global.key
.
.
.

---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list