Cryus IMAP accepts any password! - Solved
michuki at swiftkenya.com
Tue Mar 29 11:52:19 EST 2005
Sorry i should have googled better :) I have found a similar post
earlier which had the solution to the problem.
Thanks & apologies.
On Tue, 2005-03-29 at 19:35, Michuki Mwangi wrote:
> Dear list members,
> I seem to have the most bizarre situation on my new setup.
> FreeBSD 5.3
> Cyrus-imap2 2.2.8
> Cyrus-saslauthd 2.1.19_1
> mysql 184.108.40.206
> Postfix - 2.1.4
> Squirrelmail - 1.4.3a
> Setup and delivery is fine.I can check mail from the respective accounts
> created in mysql and cyradm with *ANY* PASSWORD!. in this case i have tried
> both through Webmail (Squirrelmail) and mail client.
> I can see the following from messages log
> Mar 29 19:16:23 mail pop3: starttls: TLSv1 with cipher RC4-MD5 (128/128 bits new) no authentication
> Mar 29 19:16:23 mail pop3: login: [x.x.x.x] info PLAIN+TLS User logged in
> I thought that my setup was wrong so i tried to debug by putting a wrong
> username or password or DB in the /etc/pam.d/pop and imap files
> Well i can see that an sql error is generated in auth.log as follows.
> Mar 29 19:15:25 mail saslauthd: pam_mysql: MySQL err Access denied for user: 'xxx'@'localhost' to database 'mail'
> Mar 29 19:15:32 mail saslauthd: pam_mysql: MySQL err Access denied for user: 'xxx'@'localhost' to database 'mail'
> however am still able to check mail through the webclient or Kmail.
> My /etc/pam.d/imap & pop files are as follows.
> # auth
> #auth required pam_nologin.so no_warn
> #auth sufficient pam_krb5.so no_warn try_first_pass
> #auth sufficient pam_ssh.so no_warn try_first_pass
> #auth required pam_unix.so no_warn try_first_pass
> auth sufficient pam_mysql.so user=xxxxxx passwd=xxxxx host=localhost db=mail tabl
> e=accountuser usercolumn=username passwdcolumn=password crypt=0
> account required pam_mysql.so user=xxxxxx passwd=xxxxx host=localhost db=mail tab
> le=accountuser usercolumn=username passwdcolumn=password crypt=0
> imap.conf file has the following options uncommented from the default settings.
> configdirectory: /var/imap
> partition-default: /home/mail
> allowanonymouslogin: no
> allowplaintext: yes
> timeout: 30
> poptimeout: 10
> admins: cyrus
> reject8bit: no
> sieveusehomedir: false
> sievedir: /home/sieve
> sendmail: /usr/sbin/sendmail
> sasl_pwcheck_method: saslauthd
> sasl_mech_list: PLAIN LOGIN
> # EOF
> Where am i going wrong?
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus