cyradm lm wildcard and the @ sign

Dan White dwhite at olp.net
Wed May 12 18:03:57 EDT 2010 

On 13/05/10 06:34 +1200, Berend de Boer wrote:
> I'm looking for a way to list all mailboxes for a given domain,
> i.e. in cyradm:
> 
>   lm *@example.com*
> 
> This does not return anything.
> 
>   lm *example.com*
> 
> does though. It appears the @ sign screws up the wildcard matching.
> 
> But what I really really need is the ability to list the mailboxes of
> a given user, i.e.:
> 
>   lm user.john at example.com*

This works for me, for listing child mailboxes:

neo.olp.net> lm user/dwhite/*@olp.net
user/dwhite/Drafts at olp.net (\HasNoChildren)  
user/dwhite/Sent at olp.net (\HasNoChildren)    
user/dwhite/Trash at olp.net (\HasNoChildren)   

I'm using unixhierarchysep: yes

On 13/05/10 07:37 +1200, Berend de Boer wrote:
> This doesn't work. I get:
> 
>   # nc localhost 143
>   * OK server2.xplainhosting.com Cyrus IMAP4
>   * v2.2.13-Debian-2.2.13-16ubuntu1 server ready
>   . LOGIN admin password
>   . NO Login only available under a layer
>   . LOGIN admin at server2.example.com password
>   . NO Login only available under a layer

Meaning that allowplaintext is turned off, which is off by default.

> The admin at server2.example.com is the one I use for cyradm. I.e. I
> always login as:
> 
>   cyradm -u admin at server2.example.com localhost

You must be using a SASL mechanism which supports a security layer.

> The admin user doesn't have mailboxes, it's just administrative only.
> 
> My imapd.conf has:
> 
>   admins: admin
>   virtdomains: yes
>   defaultdomain: server2.example.com

On 13/05/10 09:02 +1200, Berend de Boer wrote:
>>>>>> "Andrew" == Andrew Morgan <morgan at orst.edu> writes:
>
>    Andrew> Use "imtest" instead of "nc".  imtest can do all the SASL
>    Andrew> login magic and still gives you raw access to the
>    Andrew> connection for sending commands.
>
>Same thing:
>
>  # imtest -u admin at server2.example.com localhost

Try:

imtest -a admin at server2.example.com localhost

>Perhaps the "only available under a layer" is an indication I must use
>ssl or so? Tried that as well:

Correct, or a SASL mech that supports security layers (which CRAM-MD5
does).

>And perhaps something I should mention: all users are defined in a
>postgresql database, but the admin user is in an sasldb2 database.
>
>I think that explains the problem right? Both nc and imtest use the
>normal imap server interface but my admin user isn't defined there.

That depends on your sasl_* settings. CRAM-MD5 is going to use your
auxprop plugin(s). A telnet/nc with a 'login user pass' attempt is going to
use your sasl_pwcheck_method(s).

imtest *should* work if cyradm does.

-- 
Dan White

More information about the Info-cyrus mailing list