sieve authentication

Fri Sep 15 03:03:49 EDT 2006

Am Thursday 14 September 2006 22:18 schrieb Mike Husmann:

> > Show your configuration imapd.conf, cyrus.conf. Hmm, maybe
> > hosts.allow/hosts.deny, too.
>
> imapd.conf
> ------------------------------------------------
> # server conf
> servername: rusty.morningside.edu
> umask: 077
> reject8bit: no
> quotawarn: 90
> timeout: 30
> poptimeout: 10
> # singleinstancestore: yes
>
> username_to_lower: yes
> lmtp_downcase_rcpt: yes
> lmtp_over_quota_perm_failure: yes
>
> altnamespace: yes
>
> # user conf
> postmaster: postmaster
> admins: cyrus cyrusadm
>
> # directory and file locations
> configdirectory: /var/spool/cyrus-imap
> partition-default: /var/spool/cyrus-imap
> sievedir: /var/spool/cyrus-imap/sieve
> sendmail: /usr/sbin/sendmail
>
> # authentication
> allowanonymouslogin: no
> allowplaintext: yes
> sasl_mech_list: plain
> sasl_minimum_layer: 0
> sasl_pwcheck_method: saslauthd
>
> # new user automated creates
> autocreate_sieve_script: /var/spool/cyrus-imap/sieve/phpscript
> autocreate_sieve_compiledscript: /var/spool/cyrus-imap/sieve/phpscript.bc
> generate_compiled_sieve_script: yes
> sieve_maxscriptsize: 64
> sieve_maxscripts: 50
>
> autocreateinboxfolders: Spam
> autosubscribeinboxfolders: Spam
> autocreatequota: 51200
> createonpost: yes
>
> # security certificate information
> tls_cert_file: /etc/ssl/certs/imap.morningside.edu.crt
> tls_key_file: /etc/ssl/certs/imap.morningside.edu.key
> tls_ca_file: /etc/ssl/certs/imap.morningside.edu.ca-bundle
> -----------------------------------------------------------
> cyrus.conf
> -----------------------------------------------------------
> # standard standalone server implementation
>
> START {
>   # do not delete this entry!
>   recover       cmd="ctl_cyrusdb -r"
>
>   # this is only necessary if using idled for IMAP IDLE
> #  idled                cmd="idled"
> }
>
> # UNIX sockets start with a slash and are put into
> /var/spool/cyrus-imap/socket SERVICES {
>   # add or remove based on preferences
>   imap          cmd="imapd" listen="imap" prefork=0
>   imaps         cmd="imapd -s" listen="imaps" prefork=0
>   pop3          cmd="pop3d" listen="pop3" prefork=0
>   pop3s         cmd="pop3d -s" listen="pop3s" prefork=0
>   sieve         cmd="timsieved" listen="sieve" prefork=0
>
>   # at least one LMTP is required for delivery
> #  lmtp         cmd="lmtpd" listen="lmtp" prefork=0
>   lmtpunix      cmd="lmtpd" listen="/var/spool/cyrus-imap/socket/lmtp"
> prefork=0
>
>   # this is only necessary if using notifications
> #  notify       cmd="notifyd" listen="/var/spool/cyrus-imap/socket/notify"
> proto="udp" prefork=1
> }
>
> EVENTS {
>   # this is required
>   checkpoint    cmd="ctl_cyrusdb -c" period=15
>
>   # this is only necessary if using duplicate delivery suppression
>   delprune      cmd="ctl_deliver -E 3" at=0400
>
>   # this is only necessary if caching TLS sessions
>   tlsprune      cmd="tls_prune" at=0400
> }
> -----------------------------------------------------------
> hosts.allow and hosts.deny are both empty.
> -----------------------------------------------------------

Hmm, I don't see a reason, why sieve-logins from a Remote-Machine can fail.

Except for the Remote-Machine(s) itself. You have the Server configured to 
offer "PLAIN" to the Clients. Check if the Clients have the Cyrus-SASL 
Mechanism PLAIN (libplain.*) installed.

If PLAIN is installed, the next step would be to use a network-sniffer and 
look for the Dialog between Server and Client.

-- 
	Andreas