LMTP/LDAP configuration issue

Dan White dwhite at olp.net
Mon Feb 18 09:58:34 EST 2008 

Jean-Francois Stenuit wrote:
> Hello list,
> 
> Altough I succeeded in configuring saslauthd to speak to an active 
> directory server on my gentoo machine, I'm unable to get cyrus lmtpd 
> deliver mail in a correct way.
> 
> My /etc/imapd.conf looks like :
> 
> configdirectory:        /var/imap
> partition-default:      /var/spool/imap
> sievedir:               /var/imap/sieve
> tls_ca_path:            /etc/ssl/certs
> tls_cert_file:          /etc/ssl/cyrus/server.crt
> tls_key_file:           /etc/ssl/cyrus/server.key
> admins:                 cyrus
> hashimapspool:          yes
> allowanonymouslogin:    no
> allowplaintext:         no
> ldap_uri: ldap://dc1.chryseis.be/
> ldap_base: cn=Users,dc=chryseis,dc=be
> ldap_filter: (sAMAccountName=%u)
> ldap_version: 3
> ldap_id: ldap at chryseis.be
> ldap_password: --password--
> sasl_pwcheck_method: saslauthd
> sasl_mech_list: PLAIN
> 
> But my logs still show :
> 
> Feb 18 11:44:42 bach lmtpunix[21989]: executed
> Feb 18 11:44:42 bach lmtpunix[21989]: sql_select option missing
> Feb 18 11:44:42 bach lmtpunix[21989]: auxpropfunc error no mechanism 
> available
> Feb 18 11:44:42 bach lmtpunix[21989]: _sasl_plugin_load failed on 
> sasl_auxprop_plug_init for plugin: sql
> Feb 18 11:44:42 bach lmtpunix[21989]: auxpropfunc error invalid parameter 
> supplied
> Feb 18 11:44:42 bach lmtpunix[21989]: _sasl_plugin_load failed on 
> sasl_auxprop_plug_init for plugin: ldapdb
> Feb 18 11:44:42 bach lmtpunix[21989]: accepted connection
> Feb 18 11:44:42 bach lmtpunix[21989]: lmtp connection preauth'd as postman
> Feb 18 11:44:42 bach lmtpunix[21989]: verify_user(user.jfs) failed: 
> Mailbox does not exist

The _sasl_plugin_load errors can be ignored here I think. If 
you're not using either the sql or ldapdb auxprop plugins, you 
can remove them from your system to get rid of these errors in 
your logs. See 'pluginviewer', and look for the plugins 
directory, typically in /usr/lib/sasl2.

The last error looks like the critical error. You should verify 
that the mailbox 'user.jfs' exists.

> And no ldap query is performed (I have a tcpdump running in another 
> window).

I don't think you would get any ldap traffic except during user 
authentication, unless your SMTP server is performing 
authentication for LMTP via saslauthd.

- Dan

More information about the Info-cyrus mailing list