how to configure sieve to start STARTTLS ?

Rudy Gevaert Rudy.Gevaert at UGent.be
Tue Apr 3 05:58:23 EDT 2007


JOYDEEP wrote:
> Rudy Gevaert wrote:
>> JOYDEEP wrote:
>>> Dear list,
>>>
>>> after implementing the imaps , I need to configure sieve to start
>>> STARTTLS.
>>>
>>> sivtest -a aftab  -u aftab   linux.kolkatainfoservices.in  -m LOGIN  -t
>>> ""
>>>
>>> is working well. is there any config file for sieve so that I can force
>>> sieve to start STARTTLS ?  bcoz  I am using sieve from a web-based email
>>> client called felamimail.
>> I'm not sure what you are trying to say, because it is the client that
>> has to issue STARTTLS, and not the server.  The server just advertises
>> his capabilities.  E.g. TLS
> 
> OK Rudy, thanks for your hints. I think I must be more verbose here.

More verbose means you add the relevant parts of your imapd.conf and 
cyrus.conf.  I can't guess what you have in them.

> 
> I have imaps. whenever I try to use sieve from felamimail web mail
> client it reports
> 
> -------------------------------------------------------
> Apr  3 14:51:12 linux slapd[4169]: conn=727 op=0 RESULT tag=97 err=0 text=
> Apr  3 14:51:12 linux master[10304]: about to exec
> /usr/lib/cyrus/bin/timsieved
> Apr  3 14:51:12 linux sieve[10304]: executed
> Apr  3 14:51:12 linux sieve[10304]: accepted connection
> Apr  3 14:51:12 linux sieve[10304]: badlogin:

above is all syslog

> linux.kolkatainfoservices.in[127.0.0.1] PLAIN encryption needed to use
> mechanism

this is from the same syslog.  What generated that output?



> 
> If I manually test with the command
> sivtest -a aftab  -u aftab   linux.kolkatainfoservices.in  -m LOGIN  -t ""
> 
> it runs successfully.
> the log reports
> ----------------------------------------------------
> Apr  3 14:54:33 linux imaps[10364]: login: linux.kolkatainfoservices.in
> [127.0.0.1] aftab LOGIN+TLS User logged in
> ------------------------------------------------------------------------------
> 
> so here i need something so that sieve can work with imaps.
>

Sieve and imap are two DIFFERENT protocols.  They don't have anything to 
do with each other.

Like I and others have said.

When you configure your cyrus.conf to start timesieved it listens on a 
port that is different from the port imap(s) listens on.

I don't think you can use the LOGIN mechanism to login to timesieved.
I don't know what mechanism your webmail uses to login to timesieved. 
Does it use PLAIN?  LOGIN?  Or even something else.  Does it need TLS? 
Does it support TLS?

If you have an answers to does questions configure sieve to support them.

> 
> 
>> Btw I have in mine imapd.conf
>> allowplaintext: 0
>>
>> And that disables sending a password not encryped over the wire for
>> imap and sieve.  (I think lmtp has to be preauthed, I'm using it that
>> way).
>>
>> Also I can say you can't run sieve over ssl natively by cyrus.  I have
>> set up a second imapd.conf with in it the same as in my other
>> imapd.conf except:
>> allowplaintext: 1
>> and I have two timsieved's running in my cyrus.conf:
>>   sieve         cmd="/usr/cyrus/bin/timsieved -C
>> /mail/mail1/etc/imapd.conf" listen="mail1.ugent.be:sieve" prefork=0
>>   lsieve        cmd="/usr/cyrus/bin/timsieved -C
>> /mail/mail1/etc/imapd_local_sieve.conf" listen="localhost:sieve"
>> prefork=0
>>
>> I then have set up an stunnel that redirects port 4000 to the sieve on
>> localhost:sieve.  Users can then use sieve over ssl.  (In fact the
>> only user is our webmail client that supports sieve over ssl, but not
>> sieve+tls).
>>
>> Also note that I'm advertising only PLAIN in my sasl_mech_list.  I'm
>> not advertising "LOGIN" because setting allowplaintext:0 will disable
>> LOGIN.  See http://cyrusimap.web.cmu.edu//imapd/overview.html#login
>>
>>
>> Rudy
>>
>>> thanks
>>>
>>> ----
>>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>>
>>>
>>> ----
>>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>


-- 
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Rudy Gevaert          Rudy.Gevaert at UGent.be          tel:+32 9 264 4734
Directie ICT, afd. Infrastructuur ICT Department, Infrastructure office
Groep Systemen                    Systems group
Universiteit Gent                 Ghent University
Krijgslaan 281, gebouw S9, 9000 Gent, Belgie               www.UGent.be
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --


More information about the Info-cyrus mailing list