sieve authentication
Mike Husmann
husmann at morningside.edu
Thu Sep 14 16:18:53 EDT 2006
>
> Show your configuration imapd.conf, cyrus.conf. Hmm, maybe
> hosts.allow/hosts.deny, too.
imapd.conf
------------------------------------------------
# server conf
servername: rusty.morningside.edu
umask: 077
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
# singleinstancestore: yes
username_to_lower: yes
lmtp_downcase_rcpt: yes
lmtp_over_quota_perm_failure: yes
altnamespace: yes
# user conf
postmaster: postmaster
admins: cyrus cyrusadm
# directory and file locations
configdirectory: /var/spool/cyrus-imap
partition-default: /var/spool/cyrus-imap
sievedir: /var/spool/cyrus-imap/sieve
sendmail: /usr/sbin/sendmail
# authentication
allowanonymouslogin: no
allowplaintext: yes
sasl_mech_list: plain
sasl_minimum_layer: 0
sasl_pwcheck_method: saslauthd
# new user automated creates
autocreate_sieve_script: /var/spool/cyrus-imap/sieve/phpscript
autocreate_sieve_compiledscript: /var/spool/cyrus-imap/sieve/phpscript.bc
generate_compiled_sieve_script: yes
sieve_maxscriptsize: 64
sieve_maxscripts: 50
autocreateinboxfolders: Spam
autosubscribeinboxfolders: Spam
autocreatequota: 51200
createonpost: yes
# security certificate information
tls_cert_file: /etc/ssl/certs/imap.morningside.edu.crt
tls_key_file: /etc/ssl/certs/imap.morningside.edu.key
tls_ca_file: /etc/ssl/certs/imap.morningside.edu.ca-bundle
-----------------------------------------------------------
cyrus.conf
-----------------------------------------------------------
# standard standalone server implementation
START {
# do not delete this entry!
recover cmd="ctl_cyrusdb -r"
# this is only necessary if using idled for IMAP IDLE
# idled cmd="idled"
}
# UNIX sockets start with a slash and are put into /var/spool/cyrus-imap/socket
SERVICES {
# add or remove based on preferences
imap cmd="imapd" listen="imap" prefork=0
imaps cmd="imapd -s" listen="imaps" prefork=0
pop3 cmd="pop3d" listen="pop3" prefork=0
pop3s cmd="pop3d -s" listen="pop3s" prefork=0
sieve cmd="timsieved" listen="sieve" prefork=0
# at least one LMTP is required for delivery
# lmtp cmd="lmtpd" listen="lmtp" prefork=0
lmtpunix cmd="lmtpd" listen="/var/spool/cyrus-imap/socket/lmtp" prefork=0
# this is only necessary if using notifications
# notify cmd="notifyd" listen="/var/spool/cyrus-imap/socket/notify"
proto="udp" prefork=1
}
EVENTS {
# this is required
checkpoint cmd="ctl_cyrusdb -c" period=15
# this is only necessary if using duplicate delivery suppression
delprune cmd="ctl_deliver -E 3" at=0400
# this is only necessary if caching TLS sessions
tlsprune cmd="tls_prune" at=0400
}
-----------------------------------------------------------
hosts.allow and hosts.deny are both empty.
-----------------------------------------------------------
I have been using nscd to cache lookups.. here is it's config:
logfile /var/log/nscd.log
threads 10
max-threads 128
# server-user nobody
# stat-user somebody
debug-level 0
# reload-count 5
paranoia no
# restart-interval 3600
enable-cache passwd yes
positive-time-to-live passwd 660
negative-time-to-live passwd 20
suggested-size passwd 1051
check-files passwd yes
persistent passwd yes
shared passwd yes
enable-cache group yes
positive-time-to-live group 3600
negative-time-to-live group 60
suggested-size group 1051
check-files group yes
persistent group yes
shared group yes
enable-cache hosts yes
positive-time-to-live hosts 3600
negative-time-to-live hosts 20
suggested-size hosts 1051
check-files hosts yes
persistent hosts yes
shared hosts yes
-----------------------------------------------------------
Thanks again,
Mike
More information about the Info-cyrus
mailing list