sieve authentication
Andreas Winkelmann
ml at awinkelmann.de
Fri Sep 15 03:03:49 EDT 2006
Am Thursday 14 September 2006 22:18 schrieb Mike Husmann:
> > Show your configuration imapd.conf, cyrus.conf. Hmm, maybe
> > hosts.allow/hosts.deny, too.
>
> imapd.conf
> ------------------------------------------------
> # server conf
> servername: rusty.morningside.edu
> umask: 077
> reject8bit: no
> quotawarn: 90
> timeout: 30
> poptimeout: 10
> # singleinstancestore: yes
>
> username_to_lower: yes
> lmtp_downcase_rcpt: yes
> lmtp_over_quota_perm_failure: yes
>
> altnamespace: yes
>
> # user conf
> postmaster: postmaster
> admins: cyrus cyrusadm
>
> # directory and file locations
> configdirectory: /var/spool/cyrus-imap
> partition-default: /var/spool/cyrus-imap
> sievedir: /var/spool/cyrus-imap/sieve
> sendmail: /usr/sbin/sendmail
>
> # authentication
> allowanonymouslogin: no
> allowplaintext: yes
> sasl_mech_list: plain
> sasl_minimum_layer: 0
> sasl_pwcheck_method: saslauthd
>
> # new user automated creates
> autocreate_sieve_script: /var/spool/cyrus-imap/sieve/phpscript
> autocreate_sieve_compiledscript: /var/spool/cyrus-imap/sieve/phpscript.bc
> generate_compiled_sieve_script: yes
> sieve_maxscriptsize: 64
> sieve_maxscripts: 50
>
> autocreateinboxfolders: Spam
> autosubscribeinboxfolders: Spam
> autocreatequota: 51200
> createonpost: yes
>
> # security certificate information
> tls_cert_file: /etc/ssl/certs/imap.morningside.edu.crt
> tls_key_file: /etc/ssl/certs/imap.morningside.edu.key
> tls_ca_file: /etc/ssl/certs/imap.morningside.edu.ca-bundle
> -----------------------------------------------------------
> cyrus.conf
> -----------------------------------------------------------
> # standard standalone server implementation
>
> START {
> # do not delete this entry!
> recover cmd="ctl_cyrusdb -r"
>
> # this is only necessary if using idled for IMAP IDLE
> # idled cmd="idled"
> }
>
> # UNIX sockets start with a slash and are put into
> /var/spool/cyrus-imap/socket SERVICES {
> # add or remove based on preferences
> imap cmd="imapd" listen="imap" prefork=0
> imaps cmd="imapd -s" listen="imaps" prefork=0
> pop3 cmd="pop3d" listen="pop3" prefork=0
> pop3s cmd="pop3d -s" listen="pop3s" prefork=0
> sieve cmd="timsieved" listen="sieve" prefork=0
>
> # at least one LMTP is required for delivery
> # lmtp cmd="lmtpd" listen="lmtp" prefork=0
> lmtpunix cmd="lmtpd" listen="/var/spool/cyrus-imap/socket/lmtp"
> prefork=0
>
> # this is only necessary if using notifications
> # notify cmd="notifyd" listen="/var/spool/cyrus-imap/socket/notify"
> proto="udp" prefork=1
> }
>
> EVENTS {
> # this is required
> checkpoint cmd="ctl_cyrusdb -c" period=15
>
> # this is only necessary if using duplicate delivery suppression
> delprune cmd="ctl_deliver -E 3" at=0400
>
> # this is only necessary if caching TLS sessions
> tlsprune cmd="tls_prune" at=0400
> }
> -----------------------------------------------------------
> hosts.allow and hosts.deny are both empty.
> -----------------------------------------------------------
Hmm, I don't see a reason, why sieve-logins from a Remote-Machine can fail.
Except for the Remote-Machine(s) itself. You have the Server configured to
offer "PLAIN" to the Clients. Check if the Clients have the Cyrus-SASL
Mechanism PLAIN (libplain.*) installed.
If PLAIN is installed, the next step would be to use a network-sniffer and
look for the Dialog between Server and Client.
--
Andreas
More information about the Info-cyrus
mailing list