sieve problems

[Marc Williams]

On Mon, 2004-09-06 at 21:07, Alexander Dalloz wrote:
> Am Di, den 07.09.2004 schrieb Marc Williams um 3:50:
> 
> > Thanks for responding Alexander.  I look forward to your posts in the FC
> > lists.
> 
> Thanks :) You are welcome.
> 
> > The entirety of my imapd.conf is as follows:
> 
> > sasl_pwcheck_method: saslauthd
> > sasl_mech_list: pam
>                              ^^^^^^^
> 
> Hu? This can not work. So I wonder how you are able to authenticate with
> your IMAP/IMAPs client.
> 
> > It's *almost* stock.  As I recall, I changed "PLAIN" to "pam" and
> > commented hashimapspool.  The mech listed in /etc/sysconfig/saslauthd is
> > "shadow" which shouldn't matter, I believe, since the sasl_mech_list in
> > imapd.conf would override.
> 
> pam is no SASL MECH. With "sasl_mech_list" you have to have entries like
> "PLAIN" or "LOGIN" or "CRAM-MD5". That are MECHs. And the saslauthd,
> which comes with SASLv2, has different possibilities to contact which is
> holding the AUTH data. "saslauthd -v" shows you what is possible with
> your saslauthd. But that are not the MECHs.
> 
Indeed, that's exactly where I came up with pam for a mech - doing the
"saslauthd -v" like the instructions said to (I don't recall which
instructions right now).  I guess I'll have to dig a bit deeper to
discover why pam can't be a mech.


> In short: change "sasl_mech_list" back to "PLAIN" in the imapd.conf and
> things will work again after a service restart.

As you probably read by now, that's what I did.  And it did.

My only concern at this point is whether or not the "plain" mech is
adequate security.  Thanks!


---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html