lmtp authentication ignored with tls enabled
Dan White
dwhite at olp.net
Mon Jul 20 15:23:35 EDT 2015
On 07/20/15 19:15 +0200, Marcus Schopen wrote:
>Hi Dan,
>
>Am Montag, den 20.07.2015, 08:33 -0500 schrieb Dan White:
>> It appears you may be performing sasl EXTERNAL authentication. Your
>> auth-facility syslog should confirm that.
>
>How do I do that?
libsasl logs to the auth facility. Check your syslog configuration for
where that logs to, but on some systems, it's in /var/log/auth.log. You may
need to increase the syslog logging level (auth.*) and/or increase the sasl
debug level with 'sasl_log_level: 7' in imapd.conf to get the appropriate
debug information.
>> Configuring a restricted mechanism list would prevent that from happening:
>>
>> lmtp_sasl_mech_list: digestmd5
>
>I set "lmtp_sasl_mech_list: DIGEST-MD5" to imapd.conf.
>
>--------
>Connected to localhost.
>Escape character is '^]'.
>220 roz Cyrus LMTP v2.4.12-Debian-2.4.12-2 server ready
>lhlo e
>250-roz
>250-8BITMIME
>250-ENHANCEDSTATUSCODES
>250-PIPELINING
>250-SIZE
>250-STARTTLS
>250-AUTH DIGEST-MD5
>250 IGNOREQUOTA
>--------
>
>But has no effect. As soon as tls is actived, mails are delivered
>without using LMTP_AUTH.
--
Dan White
More information about the Info-cyrus
mailing list