Cannot connect with cyradm

Simon Matter simon.matter at invoca.ch
Fri May 6 08:03:05 EDT 2016


> That did it, but why did I have to specify PLAIN? None of the docs mention
> having to do that with a default install.

I don't know, but you don't have a default install but a configuration
tailored by fedora.

Simon

>
>
> On Fri, May 6, 2016 at 2:16 AM, Simon Matter <simon.matter at invoca.ch>
> wrote:
>
>> > I am trying to set up a basic system with cyrus-imap and postfix on
>> amazon
>> > linux
>> >
>> > I can connect using imtest, but cannot connect with cyradm:
>> >
>> > Additionally, when I connect via a client with a user I know has mail,
>> > it's
>> > saying that no INBOX exists. Postfix's mail spool is /var/spool/mail,
>> but
>> > I
>> > don't see anywhere to verify that imapd or lmtpd is looking there.
>> >
>> > Sorry if these are dumb questions. I'm completely new to cyrus-imap
>> and
>> > the
>> > documentation at cyrusimap.org is extremely sketchy.
>> >
>> > Any advice appreciated.
>> >
>> > $ more /etc/imapd.conf
>> > configdirectory: /var/lib/imap
>> > partition-default: /var/spool/imap
>> > admins: cyrus
>> > sievedir: /var/lib/imap/sieve
>> > sendmail: /usr/sbin/sendmail
>> > hashimapspool: true
>> > sasl_pwcheck_method: saslauthd
>> > sasl_mech_list: PLAIN LOGIN
>> > tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
>> > tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
>> > tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
>> >
>> > $ grep MECH /etc/init.d/saslauthd
>> > MECH=pam
>> >
>> > $ imtest -t "" -u cyrus -a cyrus localhost
>> > S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS LOGINDISABLED
>> > COMPRESS=DEFLATE] ip-172-31-1-214 Cyrus IMAP
>> > v2.3.16-Fedora-RPM-2.3.16-6.9.amzn1 server ready
>> > C: S01 STARTTLS
>> > S: S01 OK Begin TLS negotiation now
>> > verify error:num=18:self signed certificate
>> > TLS connection established: TLSv1 with cipher DHE-RSA-AES256-SHA
>> (256/256
>> > bits)
>> > C: C01 CAPABILITY
>> > S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID AUTH=PLAIN AUTH=LOGIN
>> SASL-IR
>> > COMPRESS=DEFLATE ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE
>> UIDPLUS
>> > NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ
>> > THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE
>> CONDSTORE
>> > SCAN IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH
>> > S: C01 OK Completed
>> > Please enter your password:
>> > C: A01 AUTHENTICATE PLAIN Y3lydXMAY3lydXMAaGVsbC1oYXRoLW5vLWZ1cnk=
>> > S: A01 OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID LOGINDISABLED
>> > COMPRESS=DEFLATE ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE
>> UIDPLUS
>> > NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ
>> > THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE
>> CONDSTORE
>> > SCAN IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH] Success (tls
>> > protection)
>> > Authenticated.
>> > Security strength factor: 256
>> > . LIST "" "*"
>> > . OK Completed (0.000 secs 1 calls)
>> > . LOGOUT
>> > * BYE LOGOUT received
>> > . OK Completed
>> > Connection closed.
>> >
>> > $ cyradm --user cyrus --authz cyrus localhost
>> > Login disabled.
>> > cyradm: cannot authenticate to server with  as cyrus
>> > $ cyradm --user cyrus --authz cyrus --auth pam localhost
>> > verify error:num=18:self signed certificate
>> > cyradm: cannot authenticate to server with pam as cyrus
>> > $ cyradm --user cyrus --authz cyrus --auth shadow localhost
>> > verify error:num=18:self signed certificate
>> > cyradm: cannot authenticate to server with shadow as cyrus
>>
>> What does it do if you run with "--auch PLAIN" instead?
>>
>> Regards,
>> Simon
>>
>>
>




More information about the Info-cyrus mailing list