Cyrus Imap + Thunderbird 3

Dan White dwhite at
Fri Nov 5 12:48:13 EDT 2010

On 05/11/10 17:22 +0100, Dominique Couot wrote:
>I'm still being rejected. But what looks strange is that the telnet 
> 143 responds with * BYE Cannot connect to IMAP server 
> (*993*), connect error 10061 ... the 
>strange part is the porrt that answers... *993*. I thought that one 
>was for IMAPS not IMAP. Could that be part of the problem ?

It looks like there's a layer 5+ firewall or imap proxy stepping in the
middle of your imap connection attempt, and is to blame for that confusing
error message.

>I also tried from a remote PC on a different location. I could 
>connect although not login... Thanks to Andy for that one. I am 
>indeed behind a consumer router provided by my ISP for my business. 
>Andy, how did you solve that one ? Dan, stupid question but to login 
>can I use the user/password than for a SSH connection through Putty? 
>Or is there something else to be added ?

That depends on your saslauthd and/or pam configuration. Are you running
saslauthd with a '-a pam' option? If so, your imap file (or catchall) PAM
configuration will dictate how you authentication, which could very well
use the same authentication scheme as your SSH connections.

I don't believe that saslauthd strips the domain name part when it
authenticates, so to compare apples to apples, try authenticating to ssh
with user at domain, like:

ssh -l jsmith at <host>

Either way, you say it works from within the LAN, so I think you should
investigate your firewall/proxy configuration.

>Mail Account login.
>I used to have configured for username at when I had to 
>enter the login info, but I changed it a few days ago to username 
>only... but I think that it is a RoundCube option to assume 
> by default. Hence I believe the login is still done by 
>the full username at structure.
>From memory, users are created with the domain name... I use 
>Web-Cyradm to create the users and no option is offered to creat 
>users without domain attached.
>Any reasons why I should not have the user tied to a domain ? Does 
>that have an impact on adding more domains with the same user?

Not really. Just be aware there is some Cyrus configuration to go along
with adding mailboxes fully qualified with a domain. With your existing
config, I would always login with the full email address.

The defaultdomain and 'virtdomain: on' options may allow you to login
either with or without a domain name, but you should be careful in changing
those options on a live system. You may need to recreate your mailboxes if
you do.

Dan White

More information about the Info-cyrus mailing list