sieve authentication
Mike Husmann
husmann at morningside.edu
Fri Sep 15 09:13:04 EDT 2006
>
> Hmm, I don't see a reason, why sieve-logins from a Remote-Machine can fail.
>
> Except for the Remote-Machine(s) itself. You have the Server configured to
> offer "PLAIN" to the Clients. Check if the Clients have the Cyrus-SASL
> Mechanism PLAIN (libplain.*) installed.
>
> If PLAIN is installed, the next step would be to use a network-sniffer and
> look for the Dialog between Server and Client.
This is where things get weird..
If I do a sivtest from a remote machine, here is the result:
---
sivtest -a bebo -u bebo imap.morningside.edu
S: "IMPLEMENTATION" "Cyrus timsieved v2.2.12"
S: "SASL" "PLAIN"
S: "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational
comparator-i;ascii-numeric regex"
S: "STARTTLS"
S: OK
Authentication failed. no mechanism available
Security strength factor: 0
C: LOGOUT
Connection closed.
---
On the local machine, this works fine, and prompts for a password. But from what
I'm seeing here, it's dropping the connection because it doesn't think there are any
auth mechs available...?
sieveshell has a similar result:
---
\>sieveshell -a bebo -u bebo imap.morningside.edu
connecting to imap.morningside.edu
unable to connect to server at /usr/bin/sieveshell line 169.
---
This is different from the others that include a line about <STDIN> (password).
Once again, the server drops the connection before it has a chance to
authenticate.
My /etc/pam.d/sieve looks like:
#%PAM-1.0
auth required pam_nologin.so
auth sufficient pam_ldap.so
auth required pam_pwdb.so shadow nodelay
account required pam_pwdb.so
session required pam_pwdb.so
And the strangest part of this whole deal is that it has worked flawlessly, as it is
set up now, since April.
Mike
More information about the Info-cyrus
mailing list