authentication and/or sieve problem?

Simon Matter simon.matter at invoca.ch
Thu Oct 29 04:06:02 EDT 2009 

> Dan White wrote:
>> On 28/10/09 00:47 -0700, Maria McKinley wrote:
>>> ella:/var/log# testsaslauthd -u "test" -p "xxx" -s smtp
>>> 0: OK "Success."
>>> ella:/var/log# testsaslauthd -u "test" -p "xxx" -s imaps
>>> 0: NO "authentication failed"
>>> ella:/var/log# testsaslauthd -u "test" -p "xxx" -s imap
>>> 0: OK "Success."
>>
>> Can you provide sanitized copies of the following?:
>>
>> Your saslauthd startup options (e.g. /etc/default/saslauthd)
>
> So, while copying file contents, I stumbled upon a missing file. I had
> looked in pam.d a bunch of times, but until you asked me for the actual
> contents, I had somehow overlooked that there was no imaps file. I

I'm a bit confused because I never had a imaps config for PAM. Doesn't
cyrus-imapd always use "imap" as service name for imap + imaps? If that's
the case then it's no error that you testsaslauthd call mentioned above
didn't succeed.

> copied the smtp file to the imaps file, and now testsaslauthd works for
> all three services. Yay! But, then I started going back through the
> logs, and realized that tls with imaps had been working all along. It

Yes, that makes sense now, doesn't it?

> was just one particular ip that was failing, it was just failing a lot,
> and there were very few scattered here and there that were successful.
> So, not sure why that was working (should I worry that it was?), but I
> am now pretty sure my problems with sieve are not related to
> authenticating.

I'm using squirrelmail-1.4.19 with avelsieve-1.9.8 against
cyrus-imapd-2.3.15 both on PHP4 and PHP5 but with plaintext. Older
versions had some issues when using the wrong combination IIRC. What are
your versions used?

Regards,
Simon

>
>>
>> What does your sieve entry look like in cyrus.conf? What's your
>> squirrelmail sieve (avelsieve?) configuration look like?
>>
>
> from cyrus.conf:
>
>    sieve           cmd="timsieved" listen="sieve" prefork=0 maxchild=100
>
>
> avelsieve-config.php. got rid of some comments in the interest of space
>
> Hadn't noticed this debugging option before. Would it send logs to syslog?
>
> /**
>   * Debug Mode. Enable this (change to 1) if you need to send a bug
> report.
>   */
> define('AVELSIEVE_DEBUG', 0);
>
> /* =================== IMAP Server / SIEVE Setup
> ========================= */
>
> /* Backend to use */
> global $avelsieve_backend;
> $avelsieve_backend = 'ManageSieve';
>
> /* =================== ManageSieve Backend Options
> ======================== */
>
> /* Port where timsieved listens on the Cyrus IMAP server. Default is
> 2000. */
>
> global $sieveport;
> $sieveport = 2000;
>
> /**
>   * @var string Space separated list of preferred SASL mechanisms for the
>   * authentication to timsieved. e.g. "PLAIN DIGEST-MD5";*/
>
> global $sieve_preferred_sasl_mech;
> $sieve_preferred_sasl_mech = 'PLAIN';
>
>
> /* ====== Implementation- and Server-Specific  Options
> ==================== */
>
> global $avelsieve_oldcyrus;
> $avelsieve_oldcyrus = true;
>
> global $avelsieve_enable_envelope_auth;
> $avelsieve_enable_envelope_auth = true;
>
> global $avelsieve_custom_sieve_implementation;
> $avelsieve_custom_sieve_implementation = '';
>
> global $avelsieve_hardcoded_capabilities;
> $avelsieve_hardcoded_capabilities = array(
>      'envelope', 'fileinto', 'copy', 'vacation',
> 'comparator-i;ascii-numeric'
> );
>
> global $avelsieve_imapproxymode, $avelsieve_imapproxyserv;
> $avelsieve_imapproxymode = false;
> $avelsieve_imapproxyserv = array(
>          'localhost' => 'imap.example.org'
> );
>
> /** @var boolean Ldapuserdata mode: Gets user's email addresses (including
>   * mailAlternate & mailAuthorized) from LDAP Prefs Backend plugin's
> cache */
>
> global $avelsieve_ldapuserdatamode;
> $avelsieve_ldapuserdatamode = false;
>
> /** @var array Map of cyrus administrator users, for proxy authentication
> */
>
> global $avelsieve_cyrusadmins_map;
> $avelsieve_cyrusadmins_map = array(
>          'cyrusimap' => 'cyrussieve'
> );
>
>
> /* =============== Avelsieve Interface / Behavior Setup
> ================== */
>
> /* Be conservative to our updates on the SIEVE server? If true, a button
>   * entitled "Save Changes" will appear, which will give the user the
>   * functionality to register her changes. 'false' is recommended. */
> $conservative = false;
>
> /* Use images for the move up / down, delete rule buttons and STOP? */
>
> $useimages = true;
>
> /* Translate the messages returned by the "Reject" and "Vacation"
> actions? The
>   * default behaviour since 0.9 is not to translate them. Change to true
> if in
>   * an intranet environment or in a same-language environment. */
>
> global $translate_return_msgs;
> $translate_return_msgs = false;
>
> $imagetheme = 'bluecurve_24x24';
> //$imagetheme = 'bluecurve_16x16';
>
> /* Number of items to display _initially_, when displaying the header
> match
>   * rule */
>
> $startitems = 3;
>
> /* Maximum number of items to allow in one header match rule. */
>
> $maxitems = 10;
>
> /* Headers to display in listbox widget, when adding a new header rule. */
>
> $headers = array(
>   'From', 'To', 'Cc', 'Bcc', 'Subject', 'Reply-To', 'Sender', 'List-Id',
>   'MailingList', 'Mailing-List', 'X-ML-Name', 'X-List', 'X-List-Name',
> 'X-MailingList',
>   'Resent-From',  'Resent-To', 'X-Mailer', 'X-Mailing-List',
> /* debian and ubuntu flags */
>   'X-PTS-Package', 'X-Loop', 'X-Debian-PR-Message', 'X-Debian-PR-Package',
>   'X-Debian-PR-Keywords', 'X-Debian-PR-Source', 'X-PTS-Keyword',
>   'X-Debian', 'X-Debian-Package',
>   'X-Launchpad-Bug', 'X-Launchpad-Bug-Private',
> 'X-Launchpad-Bug-Security-Vulnerability',
>   'X-Launchpad-Message-Rationale', 'X-Generated-By',
> /* debian and ubuntu flags end */
>   'X-Spam-Flag', 'X-Spam-Status',
>   'X-Priority', 'Importance', 'X-MSMail-Priority', 'Precedence',
>   'Return-Path', 'Received', 'Auto-Submitted'
>   );
>
> /* Available :method's for the :notify extension (if applicable) */
> global $notifymethods;
> $notifymethods = array(
> 'mailto', 'sms'
> );
> /* use the value "false" if you want to provide a simple input box so that
>   * users can edit the method themselves : */
> //$notifymethods = false;
>
> // $disable_avelsieve_capabilities = array("notify");
> global $disable_avelsieve_capabilities;
> $disable_avelsieve_capabilities = array();
>
> /* Display Filters link in the top Squirrelmail header? */
>
> global $avelsieveheaderlink;
> $avelsieveheaderlink = true;
>
> /* Default rules table display mode, one of 'verbose' or 'terse' */
> global $avelsieve_default_mode;
> $avelsieve_default_mode = 'terse';
>
> /* ========================= Custom rules Configuration
> =================== */
>
> $spamrule_enable = false;
> $spamrule_score_max = 100;
> $spamrule_score_default = 80;
> $spamrule_score_header = 'X-Spam-Score';
> $spamrule_tests_ldap = false; /* Try to ask Sendmail's LDAP Configuration
> */
> $spamrule_tests = array(
>          'Open.Relay.DataBase' => "Open Relay Database",
>          'Spamhaus.Block.List' => "Spamhaus Block List",
>          'SpamCop' => "SpamCop",
>          'Composite.Blocking.List' => "Composite Blocking List",
>          'FORGED' => "Forged Header"
> );
> $spamrule_tests_header = 'X-Spam-Tests';
> $spamrule_action_default = 'trash';
>
> /* Please keep the following setting false; it is alpha + needs
> Squirrelmail
>   * to be patched in three or four places. */
>
> $avelsieve_spam_highlight_enable = false;
> ?>
>
> Here is config.php
>
> <?php
>
> /**
>   * SquirrelMail Configuration File
>   * Created using the configure script, conf.pl
>   */
>
> global $version;
> $config_version = '1.4.0';
> $config_use_color = 1;
>
> $org_name      = "SquirrelMail";
> $org_logo      = SM_PATH . 'images/sm_logo.png';
> $org_logo_width  = '308';
> $org_logo_height = '111';
> $org_title     = "SquirrelMail $version";
> $signout_page  = '';
> $frame_top     = '_top';
>
> $provider_uri     = 'http://www.squirrelmail.org/';
>
> $provider_name     = 'SquirrelMail';
>
> $motd = "";
>
> $squirrelmail_default_language = 'en_US';
> $default_charset       = 'iso-8859-1';
> $lossy_encoding        = false;
>
> $domain                 = 'myorg.org';
> $imapServerAddress      = 'localhost';
> $imapPort               = 143;
> $useSendmail            = false;
> $smtpServerAddress      = 'smtp.myorg.org';
> $smtpPort               = 25;
> $sendmail_path          = '/usr/sbin/sendmail';
> $sendmail_args          = '-i -t';
> $pop_before_smtp        = false;
> $imap_server_type       = 'cyrus';
> $invert_time            = false;
> $optional_delimiter     = 'detect';
> $encode_header_key      = '';
>
> $default_folder_prefix          = '';
> $trash_folder                   = 'INBOX.Trash';
> $sent_folder                    = 'INBOX.Sent';
> $draft_folder                   = 'INBOX.Drafts';
> $default_move_to_trash          = true;
> $default_move_to_sent           = true;
> $default_save_as_draft          = true;
> $show_prefix_option             = false;
> $list_special_folders_first     = true;
> $use_special_folder_color       = true;
> $auto_expunge                   = true;
> $default_sub_of_inbox           = true;
> $show_contain_subfolders_option = false;
> $default_unseen_notify          = 2;
> $default_unseen_type            = 1;
> $auto_create_special            = true;
> $delete_folder                  = false;
> $noselect_fix_enable            = false;
>
> $data_dir                 = '/var/lib/squirrelmail/data/';
> $attachment_dir           = '/var/spool/squirrelmail/attach/';
> $dir_hash_level           = 0;
> $default_left_size        = '150';
> $force_username_lowercase = false;
> $default_use_priority     = true;
> $hide_sm_attributions     = false;
> $default_use_mdn          = true;
> $edit_identity            = true;
> $edit_name                = true;
> $hide_auth_header         = false;
> $allow_thread_sort        = false;
> $allow_server_sort        = false;
> $allow_charset_search     = true;
> $uid_support              = true;
> $plugins[0] = 'calendar';
> $plugins[1] = 'delete_move_next';
> $plugins[2] = 'abook_take';
> $plugins[3] = 'message_details';
> $plugins[4] = 'preview_pane';
> $plugins[5] = 'avelsieve';
> $plugins[6] = 'squirrel_logger';
>
> $theme_css = '';
> $theme_default = 0;
> $theme[0]['PATH'] = SM_PATH . 'themes/';
>
> **a bunch more theme stuff that I'm guessing don't matter...
>
>
> $default_use_javascript_addr_book = false;
> $ldap_server[0] = array(
>      'host' => 'xx.xxx.xxx.xx',
>      'base' => 'ou=people,dc=myorg,dc=org',
>      'maxrows' => 50
> );
>
> $abook_global_file = '';
> $abook_global_file_writeable = false;
> $abook_global_file_listing = true;
> $abook_file_line_length = 2048;
>
> $addrbook_dsn = '';
> $addrbook_table = 'address';
>
> $prefs_dsn = '';
> $prefs_table = 'userprefs';
> $prefs_user_field = 'user';
> $prefs_key_field = 'prefkey';
> $prefs_val_field = 'prefval';
> $addrbook_global_dsn = '';
> $addrbook_global_table = 'global_abook';
> $addrbook_global_writeable = false;
> $addrbook_global_listing = false;
>
> $no_list_for_subscribe = false;
> $smtp_auth_mech = 'none';
> $imap_auth_mech = 'login';
> $smtp_sitewide_user = '';
> $smtp_sitewide_pass = '';
> $use_imap_tls = false;
> $use_smtp_tls = false;
> $session_name = 'SQMSESSID';
> $only_secure_cookies   = true;
>
> $config_location_base     = '';
>
> @include SM_PATH . 'config/config_local.php';
>
> nothing in config_local.php
>
> thanks,
> maria
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>

More information about the Info-cyrus mailing list