lmtp authentication ignored with tls enabled

Dan White dwhite at olp.net
Mon Jul 20 15:23:35 EDT 2015

On 07/20/15 19:15 +0200, Marcus Schopen wrote:
>Hi Dan,
>Am Montag, den 20.07.2015, 08:33 -0500 schrieb Dan White:
>> It appears you may be performing sasl EXTERNAL authentication. Your
>> auth-facility syslog should confirm that.
>How do I do that?

libsasl logs to the auth facility. Check your syslog configuration for
where that logs to, but on some systems, it's in /var/log/auth.log. You may
need to increase the syslog logging level (auth.*) and/or increase the sasl
debug level with 'sasl_log_level: 7' in imapd.conf to get the appropriate
debug information.

>> Configuring a restricted mechanism list would prevent that from happening:
>> lmtp_sasl_mech_list: digestmd5
>I set "lmtp_sasl_mech_list: DIGEST-MD5" to imapd.conf.
>Connected to localhost.
>Escape character is '^]'.
>220 roz Cyrus LMTP v2.4.12-Debian-2.4.12-2 server ready
>lhlo e
>But has no effect. As soon as tls is actived, mails are delivered
>without using LMTP_AUTH.

Dan White

More information about the Info-cyrus mailing list