murder configuration issue final stretch

Gary W. Smith gary at primeexalia.com
Fri Dec 12 12:31:31 EST 2008 

Andrew, 
 
Any idea how this works with the lmtpproxy?  Also, I've tried to setup the lmtp using the local port but for some reason when I restart cyrus-imapd it doesn't who up in netstat.
 
Tried
lmtp         cmd="lmtpd" listen="lmtp" prefork=1
Tried
lmtp         cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1 maxchild=20
Current:
lmtp          cmd="lmtpproxyd" listen="/var/lib/imap/socket/lmtpunix" prefork=1
 
Do you have any examples of setting it up on a different port and forwarding it onwards to the backend (or I assume that we would forward it to the proxy) using postfix?.
 
Gary


________________________________

From: Andrew Morgan [mailto:morgan at orst.edu]
Sent: Fri 12/12/2008 9:00 AM
To: Gary W. Smith
Cc: Wesley Craig; info-cyrus at lists.andrew.cmu.edu
Subject: RE: murder configuration issue final stretch



On Thu, 11 Dec 2008, Gary W. Smith wrote:

> Andrew,
>
> I found one of your older posting which also covers this.  Here is what
> I did.
>
> I added psotfixlmtp as a user to both the frontend and and then ran the
> 'runuser - postfixlmtp -c "lmtptest mds01"' and used the password and it
> authenticated just fine.  So I added the entry to my lmtp_passwd file
> for postfix.  I also added the additional entries into the postfix
> main.cf file as per the instructions.
>
> On the frontend I added lmtp_admins: postfixlmtp and on the backends I
> added lmtp_admins: murder postfixlmtp.
>
> I did notice that when I try connecting to the lmtp on the frontend I
> get an error.  I suspect that it's because it's looking for lmtp and
> it's running the lmtpproxy
>
> # runuser  - postfixlmtp -c "lmtptest"
> WARNING: no hostname supplied, assuming localhost
> connect: Connection refused
> failure: Network initialization - can not connect to localhost.localdomain:lmtp
>
> Anyway, postfix is kicking this out in the log:
>
> lmtp[6073]: lmtp connection preauth'd as postman <-- why I'm getting
> this, I don't know
>
> I assume that for some reason it's still allowing anonynous connections
> to lmtp.  I checked my cyrus.conf files on all servers and there is no
> "-a". It's perplexing.  The information you gave me makes sense but it's
> like something has cached a setting and isn't letting go even though I
> have restarted all of the services.

Looking at the source code in lmtpengine.c:

         /* we're not connected to a internet socket! */
         func->preauth = 1;
         strcpy(cd.clienthost, "[unix socket]");
         syslog(LOG_DEBUG, "lmtp connection preauth'd as postman");

So it appears that unix socket connections are always preauth'd.  You'll
need to enable Cyrus' lmtpd to listen on the internet socket as well.  If
you are running Postfix on your frontends (it looks like you are), then
you could either disable Postfix's lmtp, or run the Cyrus lmtp on an
alternate port.

Maybe other folks know of a cleaner way to do this, or have other
suggestions.

        Andy


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081212/e2e63e85/attachment.html

More information about the Info-cyrus mailing list