plain and tls for communication between murder serves disabled, still no worthy mechs
Heiko Engemann
Heiko.Engemann at solvians.com
Tue Feb 5 11:40:11 EST 2008
Hello List,
i switched my cyurs version from 2.3.9. to 2.3.7 and now i cant get the frontend connect to the backend.
I can login list the box, but everything else doesnt work.
It complains about no worthy mechs found, but i installed the right package an can to successfull imtest and saslauthtest.
The old system was a i386 VMware Fedora 8 system, now we have AMD x64 machines running CentOS 5.1 Xen VMs.
I am using pam to acces a mysql DB with hased passwords. All the authentifications work fine, with PLAIN or LOGIN,
we dont use any of the others, beacuse we need hashed passwods in the Database.
telnet frontend-A1 imap
Trying 172.20.1.102...
Connected to frontend-A1.fra1.mailcluster (172.20.1.102).
Escape character is '^]'.
* OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID MUPDATE=mupdate://mupdater-A1.bla1.mailcluster/ AUTH=LOGIN AUTH=PLAIN SASL-IR] frontend-A1.bla1.mailcluster Cyrus IMAP4 (Murder) v2.3.7-Invoca-RPM-2.3.7-1.1.el5 server ready
a1 LOGIN albert at test.de albert
a1 OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID MUPDATE=mupdate://mupdater-A1.bla1.mailcluster/ LOGINDISABLED ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH] User logged in
. list "" "*"
* LIST (\HasChildren) "/" "INBOX"
* LIST (\HasNoChildren) "/" "INBOX/Bla"
* LIST (\HasNoChildren) "/" "INBOX/Junk"
. OK Completed (0.000 secs 4 calls)
. status INBOX (messages)
. NO Server(s) unavailable to complete operation
The logfile says this:
Feb 5 14:19:50 frontend-A1 imap[27903]: couldn't authenticate to backend server: no mechanism available
I had trouble getting the frontend and backend talk to the mupdate server, after I created a certificate on the mupdate server,
back and frontend could talk to it, and it replicates the DB to the frontend. Why is this different than on my old install?
Please give me some advice.
greetings
heiko
------------------------------
frontend imapd.conf
------------------------------
configdirectory: /var/lib/imap
partition-default: /var/spool/imap
postmaster: postmaster
reject8bit: no
timeout: 30
poptimeout: 10
unixhierarchysep: yes
virtdomains: yes
admins: cyrus cyrus-frontend cyrus-backend
sieve_allowreferrals: 0
sieveuserhomedir: no
sievedir: /var/lib/imap/sieve
#sieve_maxscriptsize: 32
#sieve_maxscripts: 5
#tls_ca_file: /etc/pki/cyrus-imapd/cyrus_ssl.cert
#tls_cert_file: /etc/pki/cyrus-imapd/cyrus_ssl.cert
#tls_key_file: /etc/pki/cyrus-imapd/cyrus_ssl.key
tls_key_file: disabled
allowplaintext: yes
sasl_mech_list: PLAIN LOGIN
sasl_pwcheck_method: saslauthd
saslauthd_path: /var/run/saslauthd/mux
#tls_imap_require_cert: 1
#tls_proxyd_require_cert: 1
#tls_lmtp_require_cert: 1
force_sasl_client_mech: PLAIN LOGIN
#sasl_minimum_layer: 0
#allowapop: 0
#sasl_auto_transition: no
# loginrealms: bla1.mailcluster test.de
allowplainwithouttls: 1
username_tolower: 1
#tls_cipher_list: PLAIN+TLS
mupdate_server: mupdater-A1.bla1.mailcluster
mupdate_port: 3905
mupdate_authname: cyrus-frontend
mupdate_username: cyrus-frontend
mupdate_password: backend
#mupdate_retry_delay: 10
proxy_authname: cyrus-backend
backend-A1_password: backend
# backend-B1_password: backend
proxyservers: cyrus-frontend
backend-A1_mechs: PLAIN
# proxyd_mechs: PLAIN
proxy:password: backend
proxyd_allow_status_referral: 0
proxyd_disable_mailbox_referrals: 1
servername: frontend-A1.bla1.mailcluster
lmtp_admins: cyrus-frontend
------------------------------
backend imapd.conf
------------------------------
configdirectory: /var/lib/imap
partition-default: /var/spool/imap
#sendmail: /usr/sbin/sendmail
#hashimapspool: true
postmaster: postmaster
allowanonymouslogin: no
#servername: mail1.mailfarm21.local
autocreatequota: 10000
reject8bit: no
#quotawarn: 90
timeout: 30
poptimeout: 10
#dracinterval: 0
#drachost: localhost
sieve_maxscriptsize: 32
sieve_maxscripts: 5
unixhierarchysep: yes
#virtuelle domains
virtdomains: yes
# defaultdomain: mailfarm21.local
admins: cyrus cyrus-backend cyrus-frontend lmtp_frontend
sievedir: /var/lib/imap/sieve
autocreate_sieve_script: /var/lib/imap/sieve/global/move_junk.sieve.script
# autocreate_sieve_compiledscript: /var/lib/imap/sieve/global/default.bc
autocreateinboxfolders: Junk
createonpost: 1
autosubscribeinboxfolders: Junk
tls_key_file: disabled
#tls_ca_file: /etc/pki/cyrus-imapd/ca.pem
#tls_cert_file: /etc/pki/cyrus-imapd/ca.pem
# tls_key_file: /etc/pki/cyrus-imapd/server_new.pem
#sasl_pwcheck_method: auxprop
#sasl_auxprop_plugin: sasldb
sasl_mech_list: PLAIN LOGIN
sasl_pwcheck_method: saslauthd
saslauthd_path: /var/run/saslauthd/mux
force_sasl_client_mech: PLAIN LOGIN
#sasl_minimum_layer: 0
#tls_imap_require_cert: 0
allowapop: 0
#sasl_auto_transition: yes
#loginrealms: bla1.mailcluster test.de
log_level: 3
tls_cipher_list: PLAIN+TLS
allowplainwithouttls: 1
allowplaintext: yes
username_tolower: 1
mupdate_server: mupdater-A1
mupdate_port: 3905
mupdate_username: cyrus-backend
mupdate_authname: cyrus-backend
mupdate_password: backend
#gegenstueck zu proxy_authname aufm frontend, msen gleich sein
proxyservers: cyrus-backend cyrus-frontend cyrus cyrus-backend at bla1.mailcluster
proxy_authname: cyrus-backend
proxy_password: backend
servername: backend-A1.bla1.mailcluster
frontend-A1_mechs: PLAIN LOGIN
# transfer between backends
#allowusermoves: yes
#allowsubscribes: yes
#defaultdomain: mailfarm21.local
#realm: mailfarm21.local
lmtp_admins: cyrus-frontend
# lmtp_admins: cyrus
# debug_command: /usr/bin/strace -tt -o /tmp/strace.cyrus.%s.%d -p %2$d <&- 2>&1 &
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20080205/46dc54fa/attachment.html
More information about the Info-cyrus
mailing list