headers
Martin Ziegler | 1 Jun 2008 12:43
Picon
Favicon

Re: IMSP Authentication issue

Any other ideas please?

Thanks and enjoy the rest of the weekend.

--On May 30, 2008 6:42:05 PM +0200 Martin Ziegler <mz <at> newyorkcity.de> wrote:

> Hi Simon,
>
> yes, it is also the same than on the old server.
>
> cat /etc/pam.d/imsp
>
> auth sufficient pam_mysql.so user=mail passwd=Paiste88 host=localhost
> db=mail table=accountuser usercolumn=username passwdcolumn=password
> crypt=0  logtable=log logmsgcolumn=msg logusercolumn=user
> loghostcolumn=host  logpidcolumn=pid logtimecolumn=time
>
> account required pam_mysql.so user=mail passwd=Paiste88 host=localhost
> db=mail table=accountuser usercolumn=username passwdcolumn=password
> crypt=0  logtable=log logmsgcolumn=msg logusercolumn=user
> loghostcolumn=host  logpidcolumn=pid logtimecolumn=time
>
> Any other ideas?
>
> Thanks, Martin
>
>
> --On May 30, 2008 10:47:17 AM +0200 Simon Matter <simon.matter <at> invoca.ch>
> wrote:
>
(Continue reading)

Permalink | Reply | 12 comments |
headers
Wesley Craig | 1 Jun 2008 19:49
Picon

Re: IMSP Authentication issue

--On Donnerstag, 29. Mai 2008 11:28 +0200 Martin Ziegler  
<mz <at> newyorkcity.de> wrote:
> When i try to log in to IMSPd saslauthd returns a successfull  
> authentication but IMSPd says, that there is no such user on this  
> server.

I presume you're also getting a syslog from imspd like this:

	badlogin: <host> <user> <at> invalid user

The message:

	User does not have an account on this server

is associated with checks for the user's option database, i.e.,

	does the user have an option database?
	is imsp.create.new.users on?
	can the user's option database be created?

Databases are in /var/imsp.  There doesn't appears to be any checking  
of permissions, just presence (at least in v1.7b), so you can get odd  
situations where early checks indicate no problem but attempts to  
access a user's database get "file not found".  For example, /var/ 
imsp exists, complete with a bunch of user DBs.  However, the daemon  
can't read what's under it.

:wes
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
(Continue reading)

Permalink | Reply | 11 comments |
headers
Martin Ziegler | 1 Jun 2008 20:08
Picon
Favicon

Re: IMSP Authentication issue

There is no other syslog message than the ones i posted in my initial email 
(SASLAUTHd which says that the authentication was successfull and IMSP 
which says "user does not have an account on this server). The user does 
have an option file. The IMSPd option file looks like

imsp.sasl.allowplaintext N +
common.date R +
common.delivery.hosts N <hostname>
common.domain N <domain>
imsp.admin.all N <username>
imsp.admin.bboards N <username>
imsp.create.new.users N +
imsp.create.policy N parent
imsp.log.level N 2
imsp.proxy.authlevel N 1
imsp.proxy.authtype N PLAINTEXT

As alerady mentioned this is exactly the same setup i used for years on the 
old server. Also the complete IMSP directory structure was copied from the 
old to the new server. Only IMSPd was compiled again due to a pathname that 
changed. On the old server IMSP was installed in /sys/cyrus/imsp/ and now 
it is installed in /opt/cyrus/imsp/.

# pwd
/opt/cyrus/imsp

# ls -al
total 16
drwxr-xr-x    4 root     root         4096 May 29 09:07 .
drwxr-x---    5 cyrus    mail         4096 Jun  1 19:59 ..
(Continue reading)

Permalink | Reply | 10 comments |
headers
Wesley Craig | 1 Jun 2008 20:38
Picon

Re: IMSP Authentication issue

On 01 Jun 2008, at 14:08, Martin Ziegler wrote:
> There is no other syslog message than the ones i posted in my  
> initial email (SASLAUTHd which says that the authentication was  
> successfull and IMSP which says "user does not have an account on  
> this server).

Perhaps your syslog isn't configured to record it.  The code logs  
that message directly before returning that code.

> Only IMSPd was compiled again due to a pathname that changed.

So you modified PREFIX in syncdb.c?

> drwx------    4 root     root         4096 Aug 25  2006 user
> drwx------    2 root     root         4096 Nov  5  2007 <user2>

So you're running imspd as root?

:wes
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Permalink | Reply | 9 comments |
headers
Martin Ziegler | 2 Jun 2008 08:55
Picon
Favicon

Re: IMSP Authentication issue

Yes it's running as root. I didn't modified any of the code. I just passed 
the new PREFIX to configure.

Thanks, Martin

--On Sonntag, 1. Juni 2008 14:38 -0400 Wesley Craig <wes <at> umich.edu> wrote:

> On 01 Jun 2008, at 14:08, Martin Ziegler wrote:
>> There is no other syslog message than the ones i posted in my
>> initial email (SASLAUTHd which says that the authentication was
>> successfull and IMSP which says "user does not have an account on
>> this server).
>
> Perhaps your syslog isn't configured to record it.  The code logs that
> message directly before returning that code.
>
>> Only IMSPd was compiled again due to a pathname that changed.
>
> So you modified PREFIX in syncdb.c?
>
>> drwx------    4 root     root         4096 Aug 25  2006 user
>> drwx------    2 root     root         4096 Nov  5  2007 <user2>
>
> So you're running imspd as root?
>
> :wes
>

----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
(Continue reading)

Permalink | Reply | 8 comments |
headers
Martin Ziegler | 2 Jun 2008 11:23
Picon
Favicon

Re: IMSP Authentication issue

Just recognized that authenticating to SIEVE is also no longer working. 
SASLAUTHd is returning a successfull authentication but SIEVE says:

sievelocal[14087]: badlogin: <hostname>[127.0.0.1] PLAIN authentication 
failure

Now i'm totally confused. Interestingly authenticating to IMAPd is working 
as it should.

--On Montag, 2. Juni 2008 08:55 +0200 Martin Ziegler <mz <at> newyorkcity.de> 
wrote:

> Yes it's running as root. I didn't modified any of the code. I just
> passed  the new PREFIX to configure.
>
> Thanks, Martin
>
> --On Sonntag, 1. Juni 2008 14:38 -0400 Wesley Craig <wes <at> umich.edu> wrote:
>
>> On 01 Jun 2008, at 14:08, Martin Ziegler wrote:
>>> There is no other syslog message than the ones i posted in my
>>> initial email (SASLAUTHd which says that the authentication was
>>> successfull and IMSP which says "user does not have an account on
>>> this server).
>>
>> Perhaps your syslog isn't configured to record it.  The code logs that
>> message directly before returning that code.
>>
>>> Only IMSPd was compiled again due to a pathname that changed.
>>
(Continue reading)

Permalink | Reply | 2 comments |
headers
Michael Menge | 2 Jun 2008 13:05
Picon

Re: IMSP Authentication issue

Hi

do you use SSL/TLS for Sieve/IMSP?
In 2.3.9 the dafaultvalue for allowplaintext changed to 0

Quoting Martin Ziegler <mz <at> newyorkcity.de>:

> Just recognized that authenticating to SIEVE is also no longer working.
> SASLAUTHd is returning a successfull authentication but SIEVE says:
>
> sievelocal[14087]: badlogin: <hostname>[127.0.0.1] PLAIN authentication
> failure
>
> Now i'm totally confused. Interestingly authenticating to IMAPd is working
> as it should.
>
> --On Montag, 2. Juni 2008 08:55 +0200 Martin Ziegler <mz <at> newyorkcity.de>
> wrote:
>
>> Yes it's running as root. I didn't modified any of the code. I just
>> passed  the new PREFIX to configure.
>>
>> Thanks, Martin
>>
>> --On Sonntag, 1. Juni 2008 14:38 -0400 Wesley Craig <wes <at> umich.edu> wrote:
>>
>>> On 01 Jun 2008, at 14:08, Martin Ziegler wrote:
>>>> There is no other syslog message than the ones i posted in my
>>>> initial email (SASLAUTHd which says that the authentication was
>>>> successfull and IMSP which says "user does not have an account on
(Continue reading)

Permalink | Reply | 1 comment |
headers
Martin Ziegler | 2 Jun 2008 14:18
Picon
Favicon

Re: IMSP Authentication issue

No, for IMSP i'm currently not using SSL/TLS. I think SASLAUTHd wouldn't 
return a successfull authentication if there would be a configuration 
mismatch. Anyway, the versions didn't changed. All the software packages 
are exactly the same version than on the old server. Furthermore they were 
compiled with the same options except the changed PREFIX.

--On Montag, 2. Juni 2008 13:05 +0200 Michael Menge 
<michael.menge <at> zdv.uni-tuebingen.de> wrote:

> Hi
>
> do you use SSL/TLS for Sieve/IMSP?
> In 2.3.9 the dafaultvalue for allowplaintext changed to 0
>
>
>
>
> Quoting Martin Ziegler <mz <at> newyorkcity.de>:
>
>> Just recognized that authenticating to SIEVE is also no longer working.
>> SASLAUTHd is returning a successfull authentication but SIEVE says:
>>
>> sievelocal[14087]: badlogin: <hostname>[127.0.0.1] PLAIN authentication
>> failure
>>
>> Now i'm totally confused. Interestingly authenticating to IMAPd is
>> working as it should.
>>
>> --On Montag, 2. Juni 2008 08:55 +0200 Martin Ziegler <mz <at> newyorkcity.de>
>> wrote:
(Continue reading)

Permalink | Reply | 0 comments |
headers
Shelley Waltz | 2 Jun 2008 15:01
Picon

Re: Imap spool directory


Alain Spineux said:
> On Sat, May 31, 2008 at 3:55 AM, Shelley Waltz <shwaltz <at> cabm.rutgers.edu>
> wrote:
>>
>> Simon Matter said:
>>>> I just created a new cyrus-2.3.7-2 server on RHEL5.  I created the
>>>> /etc/imapd.conf and started up /etc/init.d/cyrus-imapd start.
>>>>
>>>> On my old cyrus-2.2 server, the /var/spool/imap  has all the
>>>> directories
>>>> for the user's mail files under a b c ...
>>>>
>>>> Question is ... I specified /var/spool/imap as the sppol directory in
>>>> imapd.conf. however, when I started cyrus, no a b c ... directories
>>>> were
>>>> created.  Does this only happen as I add accounts or migrate accounts?
>>>
>>> Yes.
>>>
>>> Simon
>>>
>>>
>>>
>> I migrated my mailboxes.db to the new server, so I need to create the
>> /var/spool/imap/{a-z}/user/username/* and reconstruct?
>
> No need to create dirs! reconstruct is able to read mailbox.db and
> reconstruct all missing
> directories
(Continue reading)

Permalink | Reply | 2 comments |
headers
Alain Spineux | 2 Jun 2008 16:32
Picon

Re: Imap spool directory

On Mon, Jun 2, 2008 at 3:01 PM, Shelley Waltz <shwaltz <at> cabm.rutgers.edu> wrote:
>
> Alain Spineux said:
>> On Sat, May 31, 2008 at 3:55 AM, Shelley Waltz <shwaltz <at> cabm.rutgers.edu>
>> wrote:
>>>
>>> Simon Matter said:
>>>>> I just created a new cyrus-2.3.7-2 server on RHEL5.  I created the
>>>>> /etc/imapd.conf and started up /etc/init.d/cyrus-imapd start.
>>>>>
>>>>> On my old cyrus-2.2 server, the /var/spool/imap  has all the
>>>>> directories
>>>>> for the user's mail files under a b c ...
>>>>>
>>>>> Question is ... I specified /var/spool/imap as the sppol directory in
>>>>> imapd.conf. however, when I started cyrus, no a b c ... directories
>>>>> were
>>>>> created.  Does this only happen as I add accounts or migrate accounts?
>>>>
>>>> Yes.
>>>>
>>>> Simon
>>>>
>>>>
>>>>
>>> I migrated my mailboxes.db to the new server, so I need to create the
>>> /var/spool/imap/{a-z}/user/username/* and reconstruct?
>>
>> No need to create dirs! reconstruct is able to read mailbox.db and
>> reconstruct all missing
(Continue reading)

Permalink | Reply | 1 comment |

Gmane