Problem on creating users account and their mail boxes

Simon Matter simon.matter at invoca.ch
Sun Jun 15 06:07:44 EDT 2008 

> Hi folks,
>
>
> Ubuntu LTS 6.06 amd64
>
>
> Hi folks,
>
>
> Having tried a day unable to figure out how to add users' accounts.
>
>
> Steps performed as follows;
>
>
> $ su cyrus
> Password: xyz
>
> sh-3.1$ cyradm localhost
> IMAP Password: xyz
>               localhost> cm user.aaa
> localhost> cm user.bbb
> localhost> cm user.ccc
> etc.
> localhost> quit
> sh-3.1$
>
> all went through without complaint
>
>
> Change to root
>
> sh-3.1$ su
> Password:
>
> # saslpasswd2 aaa
> Password:
> Again (for verification):
>
>
> # saslpasswd2 bbb
> Password:
> Again (for verification):
>
>
> # saslpasswd2 bbb
> Password:
> Again (for verification)
>
> etc.  All also went through without complaint.
>
>
> However on SquirrelMail I can't login to their accounts.
>
>
> $ tail /var/log/mail.log
> Jun 15 10:13:11 lampserver cyrus/ctl_cyrusdb[4589]: archiving database
> file: /var/lib/cyrus/annotations.db
> Jun 15 10:13:11 lampserver cyrus/ctl_cyrusdb[4589]: archiving log file:
> /var/lib/cyrus/db/log.0000000001
> Jun 15 10:13:11 lampserver cyrus/ctl_cyrusdb[4589]: archiving database
> file: /var/lib/cyrus/mailboxes.db
> Jun 15 10:13:11 lampserver cyrus/ctl_cyrusdb[4589]: archiving log file:
> /var/lib/cyrus/db/log.0000000001
> Jun 15 10:13:11 lampserver cyrus/ctl_cyrusdb[4589]: done checkpointing
> cyrus databases
> Jun 15 10:13:11 lampserver cyrus/master[3869]: process 4589 exited,
> status 0
> Jun 15 10:31:55 lampserver cyrus/master[4593]: about to exec
> /usr/lib/cyrus/bin/imapd
> Jun 15 10:31:55 lampserver cyrus/imap[4593]: executed
> Jun 15 10:31:55 lampserver cyrus/imap[4593]: accepted connection
> Jun 15 10:31:57 lampserver cyrus/imap[4593]: badlogin: localhost
> [127.0.0.1] plaintext aaa SASL(-13): authentication failure: checkpass
> failed
> * end *
>
>
>
> $ su cyrus
> Password:
> sh-3.1$ cyradm localhost
> IMAP Password:
>               localhost> lm
> INBOX.Drafts (\NonExistent \HasNoChildren)
> INBOX.Sent (\NonExistent \HasNoChildren)
> INBOX.Trash (\NonExistent \HasNoChildren)
> user.aaa (\HasNoChildren)
> user.bbb (\HasNoChildren)
> user.groupware (\HasNoChildren)
> user.ccc (\HasNoChildren)
> user.satimiscyrus (\HasNoChildren)
> user.ddd (\HasNoChildren)
> user/satimiscyrus (\HasNoChildren)
> etc.
>
>
> They are there.  satimiscyrus appears there twice, as
> "user/satimiscyrus" and "user.satimiscyrus".  I don't know why?
>
>
>
> Emails sent to them are rejected.  Example email sent to user.aaa
>
>
> $ tail /var/log/mail.log
> Jun 15 10:46:15 lampserver cyrus/lmtpunix[4625]: accepted connection
> Jun 15 10:46:15 lampserver cyrus/lmtpunix[4625]: lmtp connection
> preauth'd as postman
> Jun 15 10:46:15 lampserver cyrus/lmtpunix[4625]: verify_user(user.aaa)
> failed: Mailbox does not exist
> Jun 15 10:46:15 lampserver postfix/lmtp[4624]: EF07387812F:
> to=<aaa at satimis.com>,
> relay=/var/run/cyrus/socket/lmtp[/var/run/cyrus/socket/lmtp], delay=1,
> status=bounced (host
> /var/run/cyrus/socket/lmtp[/var/run/cyrus/socket/lmtp] said:
> 550-Mailbox unknown.  Either there is no mailbox associated with this
> 550-name or you do not have authorization to see it. 550 5.1.1 User
> unknown (in reply to RCPT TO command))
> Jun 15 10:46:15 lampserver postfix/cleanup[4622]: 37E88878132:
> message-id=<20080615024615.37E88878132 at lampserver>
> Jun 15 10:46:15 lampserver postfix/qmgr[4167]: 37E88878132: from=<>,
> size=3894, nrcpt=1 (queue active)
> Jun 15 10:46:15 lampserver postfix/qmgr[4167]: EF07387812F: removed
> Jun 15 10:46:18 lampserver postfix/smtp[4627]: 37E88878132:
> to=<satimis at gmail.com>,
> relay=gmail-smtp-in.l.google.com[209.85.201.27], delay=3, status=sent
> (250 2.0.0 OK 1213497961 20si9089638wfi.11)
> Jun 15 10:46:18 lampserver postfix/qmgr[4167]: 37E88878132: removed
> Jun 15 10:46:45 lampserver postfix/smtpd[4618]: disconnect from
> ti-out-0910.google.com[209.85.142.189]
> * end *
>
>
> $ su aaa
> Unknown id: aaa
>
> $ su bbb
> Unknown id: bbb
>
> etc.
>
>
> Searching the notes taken down during installing this box.
>
>
> I ran;
> # cyradm -u cyrus localhost
> Password:
> localhost> cm user.satimiscyrus
>
>
> creating this acount "satimiscyrus" which is the only working account
> disregarding the problem re unable deleting the emails received and the
> sent_emails can't be saved on "INBOX.sent"

You really have to understand what you are doing and how your system you
configured works. Or how you want it to work.
1) didn't you use "unixhierarchysep: 1" in your config. My personal
impression is that it's just more confusing than using the default "." as
separator. I can't help you with it because I never use unixhierarchysep
but from what I see you already messed up, just look at your mailboxes
list:

user.satimiscyrus (\HasNoChildren)
user.ddd (\HasNoChildren)
user/satimiscyrus (\HasNoChildren)

Do you see?

2) How did you configure authentication?
IIRC you were using cyrus -> saslauthd -> PAM. That means your Cyrus users
need Unix accounts (but just for authentication). If so, then forget about
saslpasswd, it does nothing for you.

3) You have created a mailbox for user aaa and expected it to become a
Unix user, I see it because you tried "su aaa". Cyrus mailboxes have
nothing to do with Unix account so creating a Cyrus mailbox never creates
a Unix account.

What that all means is, if you really use cyrus -> saslauthd -> PAM for
authentication, then to create a mailbox, to this:

With cyradm, create a mailbox:
cm user.someuser

The create a Unix account for it (the command can be different for
distributions):

useradd someuser

And now give it a password:

passwd someuser

Now, when you login to the IMAP server as "someuser", the user is
authenticated to the Unix user "someuser" but that's it, there is no other
relation between the Cyrus user and the Unix user.

Simon

More information about the Info-cyrus mailing list