sieve authentication

Mike Husmann husmann at
Thu Sep 14 16:18:53 EDT 2006

> Show your configuration imapd.conf, cyrus.conf. Hmm, maybe
> hosts.allow/hosts.deny, too.

# server conf
umask: 077
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
# singleinstancestore: yes

username_to_lower: yes
lmtp_downcase_rcpt: yes
lmtp_over_quota_perm_failure: yes

altnamespace: yes

# user conf
postmaster: postmaster
admins: cyrus cyrusadm

# directory and file locations
configdirectory: /var/spool/cyrus-imap
partition-default: /var/spool/cyrus-imap
sievedir: /var/spool/cyrus-imap/sieve
sendmail: /usr/sbin/sendmail

# authentication
allowanonymouslogin: no
allowplaintext: yes
sasl_mech_list: plain
sasl_minimum_layer: 0
sasl_pwcheck_method: saslauthd

# new user automated creates
autocreate_sieve_script: /var/spool/cyrus-imap/sieve/phpscript
autocreate_sieve_compiledscript: /var/spool/cyrus-imap/sieve/phpscript.bc
generate_compiled_sieve_script: yes
sieve_maxscriptsize: 64
sieve_maxscripts: 50

autocreateinboxfolders: Spam
autosubscribeinboxfolders: Spam
autocreatequota: 51200
createonpost: yes

# security certificate information
tls_cert_file: /etc/ssl/certs/
tls_key_file: /etc/ssl/certs/
tls_ca_file: /etc/ssl/certs/
# standard standalone server implementation

  # do not delete this entry!
  recover       cmd="ctl_cyrusdb -r"

  # this is only necessary if using idled for IMAP IDLE
#  idled                cmd="idled"

# UNIX sockets start with a slash and are put into /var/spool/cyrus-imap/socket
  # add or remove based on preferences
  imap          cmd="imapd" listen="imap" prefork=0
  imaps         cmd="imapd -s" listen="imaps" prefork=0
  pop3          cmd="pop3d" listen="pop3" prefork=0
  pop3s         cmd="pop3d -s" listen="pop3s" prefork=0
  sieve         cmd="timsieved" listen="sieve" prefork=0

  # at least one LMTP is required for delivery
#  lmtp         cmd="lmtpd" listen="lmtp" prefork=0
  lmtpunix      cmd="lmtpd" listen="/var/spool/cyrus-imap/socket/lmtp" prefork=0

  # this is only necessary if using notifications
#  notify       cmd="notifyd" listen="/var/spool/cyrus-imap/socket/notify"
proto="udp" prefork=1

  # this is required
  checkpoint    cmd="ctl_cyrusdb -c" period=15

  # this is only necessary if using duplicate delivery suppression
  delprune      cmd="ctl_deliver -E 3" at=0400

  # this is only necessary if caching TLS sessions
  tlsprune      cmd="tls_prune" at=0400
hosts.allow and hosts.deny are both empty.
I have been using nscd to cache lookups..  here is it's config:

        logfile                 /var/log/nscd.log
        threads                 10
        max-threads             128
#       server-user             nobody
#       stat-user               somebody
        debug-level             0
#       reload-count            5
        paranoia                no
#       restart-interval        3600

        enable-cache            passwd          yes
        positive-time-to-live   passwd          660
        negative-time-to-live   passwd          20
        suggested-size          passwd          1051
        check-files             passwd          yes
        persistent              passwd          yes
        shared                  passwd          yes

        enable-cache            group           yes
        positive-time-to-live   group           3600
        negative-time-to-live   group           60
        suggested-size          group           1051
        check-files             group           yes
        persistent              group           yes
        shared                  group           yes

        enable-cache            hosts           yes
        positive-time-to-live   hosts           3600
        negative-time-to-live   hosts           20
        suggested-size          hosts           1051
        check-files             hosts           yes
        persistent              hosts           yes
        shared                  hosts           yes

Thanks again,


More information about the Info-cyrus mailing list