cyrus sasl realm problem
brad
brad at bradandkim.net
Mon Oct 3 10:36:27 EDT 2005
On Mon, 2005-10-03 at 15:57 +0200, Georg Gell wrote:
> brad schrieb:
> > With virtdomains turned on then cyrus will use the domain sent with the
> > username if the user logs in fully qualified. Otherwise cyrus does a
> > reverse lookup on the IP that the user logged in on uses the domain from
> > that lookup as the user's domain. The lookup can be either from DNS or
> > hosts file or any other means.
> >
> > Hope that helps,
> >
> Thanks for the quick reply. Sadly this is not true on my system.
> trying imtest:
> moritz> imtest -a georg localhost (on moritz.have2.com)
> ebug.log:
> Oct 3 15:46:21 [imap] sql plugin doing query SELECT password FROM
> accountuser WHERE username = 'georg at moritz.have2.com';_
> moritz.have2.com is the fqdn of my sever.
>
> moritz> imtest -a georg moritz.have2.com (on moritz.have2.com)
> Oct 3 15:49:23 [imap] sql plugin doing query SELECT password FROM
> accountuser WHERE username = 'georg at have2.com';_
>
> notebook> imtest -a georg moritz.have2.com (from home dial up)
> Oct 3 15:49:23 [imap] sql plugin doing query SELECT password FROM
> accountuser WHERE username = 'georg at have2.com';_
>
> Where does the realm part come from? If I connect to localhost, it uses
> the server's fqdn (which is also the defaultdomain in my imapd.conf),
> that's what I'd expect. If I connect from the same machine to the
> external IP, I have have2.com as realm. Why? And even worse from my
> dial-up ip (reverse lookup looks like dial-up-XXX.highway.telekom.at), I
> have also have2.com as realm. So the realm cannot be related to the ip
> of the logged in user, or am I missing something?
>
> Regards
>
> Georg
I think this would be the expected behavior. It is stripping the sub-
domain which IIRC is what it should do. But I am not positive why it is
not stripping the sub-domain on your localhost test. Might be the way
your hosts file is set up or it may not strip the sub-domain if it
resolves it from the hosts file but does if it resolves it from DNS.
--
Brad Crotchett, RHCE
brad at bradandkim.net
More information about the Info-cyrus
mailing list