Cyrus2.2 with IMAPS/SASLauthd not working
Roland Felnhofer
roland.felnhofer at chello.at
Fri Oct 26 13:58:14 EDT 2007
Hi Holger,
Are you using Thunderbird ?
Try these settings:
Port: 993
Use secure connection: SSL
Use secure authentication: NOT checked!
Best regards
Roland
FreiNet Technik wrote:
> Hello all,
>
> I set up a cyrus2.2 IMAP-Server with authentication to a
> LDAP-userdirectory via "saslauthd". All ist working well if i use IMAP.
> When i try to use IMAPs "mail auth" ist still working (used in groupware
> web-client), but IMAP connections from clients time out.
>
> It is logged in cyrus.log as:
> Oct 26 13:35:49 mailer cyrus/imaps[1531]: accepted connection
> Oct 26 13:35:49 mailer cyrus/imaps[1531]: telling master 3
> Oct 26 13:35:49 mailer cyrus/master[1407]: service imaps pid 1531 in
> READY state: now unavailable and in BUSY state
> Oct 26 13:35:49 mailer cyrus/master[1407]: service imaps now has 0
> ready workers
> Oct 26 13:35:49 mailer cyrus/master[1407]: service imaps pid 1531 in
> BUSY state: now serving connection
> Oct 26 13:35:49 mailer cyrus/master[1407]: service imaps now has 0
> ready workers
> Oct 26 13:36:31 mailer cyrus/imaps[1530]: imaps TLS negotiation
> failed: client.example.net [192.168.x.x]
> Oct 26 13:36:31 mailer cyrus/imaps[1530]: Fatal error:
> tls_start_servertls() failed
> Oct 26 13:36:31 mailer cyrus/master[1407]: process 1530 exited, status 75
> Oct 26 13:36:31 mailer cyrus/master[1407]: service imaps pid 1530 in
> BUSY state: terminated abnormally
>
> auth.log says:
> Oct 26 14:32:21 mailer cyrus/imaps[1972]: auxpropfunc error invalid
> parameter supplied
> Oct 26 14:32:21 mailer cyrus/imaps[1972]: _sasl_plugin_load failed on
> sasl_auxprop_plug_init for plugin: ldapdb
>
> If i test the configuration with "imtest -s -v -a client mailer -p 993"
> i am able to log in and fetch some mails.
>
> In this case the log looks like:
>
> Oct 26 14:56:12 mailer cyrus/imaps[1994]: accepted connection
> Oct 26 14:56:12 mailer cyrus/imaps[1994]: telling master 3
> Oct 26 14:56:12 mailer cyrus/master[1957]: service imaps pid 1994 in
> READY state: now unavailable and in BUSY state
> Oct 26 14:56:12 mailer cyrus/master[1957]: service imaps now has 0
> ready workers
> Oct 26 14:56:12 mailer cyrus/master[1957]: service imaps pid 1994 in
> BUSY state: now serving connection
> Oct 26 14:56:12 mailer cyrus/master[1957]: service imaps now has 0
> ready workers
> Oct 26 14:56:12 mailer cyrus/imaps[1994]: mydelete: starting txn
> 2147483659
> Oct 26 14:56:12 mailer cyrus/imaps[1994]: mydelete: committing txn
> 2147483659
> Oct 26 14:56:12 mailer cyrus/imaps[1994]: mystore: starting txn 2147483660
> Oct 26 14:56:12 mailer cyrus/imaps[1994]: mystore: committing txn
> 2147483660
> Oct 26 14:56:12 mailer cyrus/imaps[1994]: starttls: TLSv1 with cipher
> AES256-SHA (256/256 bits new) no authentication
> Oct 26 14:56:18 mailer cyrus/imaps[1994]: login: client.example.net
> [192.168.x.x] client PLAIN+TLS User logged in
> Oct 26 14:56:27 mailer cyrus/imaps[1994]: seen_db: user client opened
> /var/lib/cyrus/user/c/client.seen
> Oct 26 14:56:27 mailer cyrus/imaps[1994]: open: user client opened Inbox
> Oct 26 14:57:21 mailer cyrus/imaps[1994]: telling master 1
> Oct 26 14:57:21 mailer cyrus/master[1957]: service imaps pid 1994 in
> BUSY state: now available and in READY state
> Oct 26 14:57:21 mailer cyrus/master[1957]: service imaps now has 1
> ready workers
>
> Can someone tell me the difference between connecting with client (i
> tried with and without TLS, with and without "secure authentication" and
> "imtest"? Where come these strange "_sasl_plugin_load" errors from when
> "mail auth" works with imaps?
> Can somebody please enlighten me?
>
> Thanks in advance,
> Holger
>
> I use the following configs:
>
> /etc/saslauthd.conf:
> ldap_servers: ldaps://ds1.example.net
> ldap_search_base: dc=example,dc=net
> ldap_mech: DIGEST_MD5
>
>
> /etc/cyurus.conf (excerpt)
> #imap cmd="imapd -U 30" listen="localhost:imap" prefork=0
> maxchild=100
> imaps cmd="imapd -s -U 30" listen="imaps" prefork=0 maxchild=100
>
> /etc/imapd.conf (excerpt)
> # No anonymous logins
> allowanonymouslogin: no
> # Allow plaintext logins by default (SASL PLAIN)
> allowplaintext: yes
> sasl_mech_list: PLAIN
> sasl_pwcheck_method: saslauthd
>
> ________________________________________________________________________
> FreiNet Gesellschaft fuer Informationsdienste mbH
> Loerracher Strasse 5a, D-79115 Freiburg
> Telefon: +49-761-496-1700, Fax: +49-761-496-1790
> http://www.freinet.de
>
> Registergericht AG Freiburg i. Br. - HRB 4758
> Geschaeftsfuehrung: Manfred Neufang
> USt-Id-Nr.:DE142316038 - FA Freiburg Stadt - Steuernummer 06425/40959
> Sparkasse Freiburg-Noerdlicher Breisgau - BLZ 680 501 01 - Konto 10105414
> ________________________________________________________________________
>
>
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3673 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20071026/b3e5b1c9/attachment-0001.bin
More information about the Info-cyrus
mailing list