Benachrichtung zum Übermittlungsstatus (Fehlgeschlagen)

Dan White dwhite at olp.net
Fri Jul 2 16:05:18 EDT 2010


On 02/07/10 14:43 -0300, D G Teed wrote:
>2010/7/2 D G Teed <donald.teed at gmail.com>
>> Subject: Authentication problems since Redhat 5.5 updates
>>>
>>> We had a nice trouble free cyrus running until it was updated with
>>> updates from Redhat today.
>>>
>>> I've tested with testsaslauthd (no service name given) and it works OK,
>>> so I'd think things are fine on the pam, AD and ldap end.
>>>
>>> In the cyrus server's maillog I'm seeing messages like this from
>>> attempts to connect from the remote webmail:
>>>
>>> Jul  2 13:54:22 navi imap[4073]: badlogin:
>>> webmail.example.com[XXX.YYY.ZZZ.111] CRAM-MD5 [SASL(-13): user not
>>> found: no secret in database]
>>>
>
>I have things working again.  I had disabled Unix authentication in pam
>temporarily to try troubleshooting with my account.  That had the side
>effect of disabling the cyrus user from authentication.  So that explains
>the scripts using IMAP::Admin breaking.
>
>I also removed the package cyrus-sasl-md5 and I believe this has an impact
>on the issue I was facing with "CRAM-MD5".
>
>Any tips on how to co-exist with that package are welcomed.

Cyrus imap will offer all available and initializable SASL authentication
plugins it can find (see pluginviewer for that list). In the case where you
have a plugin installed that you don't wish to offer, you can restrict the
list of mechanisms with the sasl_mech_list option.

If you're depending on saslauthd for authentication, you shouldn't be
offering anything other than plain and login:

sasl_mech_list: PLAIN LOGIN

-- 
Dan White


More information about the Info-cyrus mailing list