murder configuration issue final stretch

[Andrew Morgan]

On Tue, 9 Dec 2008, Gary W. Smith wrote:

> Andy/Wesley,
>
> First off, thanks for all of the help.  I've gotten pretty far I think. 
> I ran into a couple problems and some notes on some list groups about 
> dead options that were shown in examples.
>
> http://garysmith.pbwiki.com/Cyrus
>
> I have put all of my configs into a wiki (broken down by server/type). 
> The problem that I'm running into right now is that if I log into the 
> frontend box using cyradmin (as root or cyrus) I can see mailboxes but 
> when I go to create one on a backend server, cyradm prompts me for the 
> password for the corresponding account on the remote machine.  I'm not 
> sure if this is by design or an issue.
>
> The other big issue is that I have lmtp configured on the frontend to 
> forward to the backend.  The lmtp process is running on the backend as I 
> can telnet to it (telnet ip lmtp).  On the backend I seem to be getting 
> a SASL2 auth error.
>
> badlogin: 10.80.72.1 PLAIN SASL(-13): authentication failure: Password 
> verification failed

The documentation doesn't state this, but in a murder environment all LMTP 
connections must be authenticated.  Using the "-a" option doesn't work 
because then the frontend doesn't have a set of credentials for proxying. 
At least, that's what my testing showed.

Try creating a "cyr_lmtp" (or whatever you want to call it) user on both 
your backends and frontends.  Then add the following:

On backends:

lmtp_admins: cyr_lmtp murder

On frontends:

lmtp_admins: cyr_lmtp

Then make sure your MTA is authenticating as cyr_lmtp when it connects to 
the Cyrus lmtpd.

 	Andy