consultant help for cyrus pam_mysql (and exim)

Jarod Watkins jarod at jxxtech.net
Fri Aug 10 01:01:49 EDT 2007


Jerry,
I can't help you with pam_mysql, however I was able to setup Cyrus to 
auth against mysql with the auxprop plugin from SASL, which should be 
easier to configure than pam_mysql. Here is what you should have in your 
imap.conf:

sasl_mech_list: PLAIN LOGIN
sasl_pwcheck_method: auxprop
sasl_sql_engine: mysql
sasl_sql_user: cyrus
sasl_sql_passwd: cypass
sasl_sql_hostnames: localhost
sasl_sql_database: email
sasl_sql_statement: SELECT password FROM popusers WHERE email (or your 
concat statement) = '%u@%r' #(%u = username, %r = realm or domain)
sasl_sql_verbose: yes # this is handy for seeing what sql statements 
auxprop is using, however I wouldn't leave this set in production b/c it 
will fill up your logs

and that is it. Restart Cyrus and you should be good to go. Also I found 
this website that has a tutorial about how to create views inside mysql 
5, so that you don't have to have concat statements in your mysql query.

http://workaround.org/articles/ispmail-etch/#virtual-mailbox-maps

Hope this helps,
Jarod

jerry at cockatoos.com wrote:
> Hi,
>
> Could someone please point me to a consultant to help with the final
> configuration for a new server? A consulting system admin has had to give up
> getting this running and I need it in within the day. This consultant
> successfully did my last move, but had lots of issues. This time he decided
> to use pam_mysql and now can't finish.
>
> I can manage the migration, mysql, and cyrus management, but I have now
> stuggle through google and the archives, but it is not working yet.
>
> It is likely a configuration issue. 
>
> As a desperate attempt, here is what we currently have in 
> /etc/pam.d/imap
>
> #%PAM-1.0
> #auth       include      system-auth
> #account    include      system-auth
> #auth   required  pam_mysql.so  user=cyrus passwd=cypass host=127.0.0.1
> db=email table=popusers passwdcolumn=password, concat(alias,'@
> #account  required  pam_mysql.so  user=cyrus passwd=cypass host=127.0.0.1
> db=email table=popusers passwdcolumn=password, concat(alias,
> account required  pam_mysql.so  user=cyrus passwd=cypass host=127.0.0.1
> db=email table=blah passwdcolumn=password usercolumn=username
> auth  sufficient  pam_mysql.so  user=cyrus passwd=cypass host=127.0.0.1
> db=email table=blah passwdcolumn=password usercolumn=username 
>
> blah was just a test table to avoid the complication of the concat for alias
> and domain.
>
> imap.conf
>
> configdirectory: /cyrus/imap
> partition-default: /cyrus/spool/default
> virtdomains: yes
> #defaultdomain: nolet.com
> servername: peekdate.nolet.com
> unixhierarchysep: yes
> defaultacl: lrswipcd
> admins: cyrus at nolet.com cyrus
> allowanonymouslogin: no
> timeout: 400
> plaintextloginpause: 0
> quotawarn: 90
> autocreatequota: 0
> autocreateinboxfolders: no
> singleinstancestore: yes
> allowplaintext: yes
> duplicatesuppression: no
>
> sasl_pwcheck_method: saslauthd
> sasl_mech_list: plain
> ## LOGIN CRAM-MD5 DIGEST-MD5
>
> sieveusehomedir: false
> sievedir: /data/sieve
> sieve_maxscriptsize: 32
> sieve_maxscripts: 5
> anysievefolder: yes
> partition-0: /cyrus/spool/0
>
>
> Thanks, Jerry
>
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>   


More information about the Info-cyrus mailing list