Login problem.
I setup postfix +mysql + cyrus Imap today using the instructions locate on this site. http://www.wistful.net/~moon/my_freebsd_virtual_mail_howto.html all config files are as recommeded in the walk through but when I try to authenticate either through squirrelmail or telnetting to port 110 and manually authing I get this in the log. Jul 28 16:39:29 mx pop3[672]: sql plugin couldn't connect to any host Jul 28 16:39:29 mx pop3[672]: sql plugin could not connect to host localhost.gatewayconnections.com Jul 28 16:39:29 mx pop3[672]: sql plugin couldn't connect to any host Jul 28 16:39:29 mx pop3[672]: badlogin: localhost [::1] plaintext eric SASL(-13): user not found: checkpass failed or it says imap instead of pop3 if I use squirrelmail Mysql is running, I can connect to it using: mysql -h localhost -u postfix -p so I think that means the socket is good. I have replaced localhost.gatewayconnections.com with localhost, 127.0.0.1 and the ip address of the system and none have worked. Can anyone offer me any hints as to what I'm doing wrong here. The help is really appreciated Eric Gregory [EMAIL PROTECTED] --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Cyrus 2.3
Hi, Does anyone have any idea when Cyrus-IMAPd 2.3 might be ready for production release? Thanks Roland --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: problem with authentication
Yes you are right, but I inherited it. I tried it with authsufficient pam_ldap.so use_first_pass to no avail. It still locks me in when trying to open an IMAP session with outlook with a wrong password. I am lost. Sujit Andrew Morgan wrote: On Thu, 28 Jul 2005, Sujit Choudhury wrote: Following my earlier mail, I have forgot to mention the /etc/pamd/imap consists of the following lines: #%PAM-1.0 authsufficient pam_ldap.so authrequiredpam_unix.so authsufficient pam_ldap.so account requiredpam_unix.so Is the above config correct? You have pam_ldap.so listed twice under the 'auth' setting. I assume that 2nd pam_ldap.so should be under 'account'. Andy --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: problem with authentication
On Thu, 28 Jul 2005, Sujit Choudhury wrote: Following my earlier mail, I have forgot to mention the /etc/pamd/imap consists of the following lines: #%PAM-1.0 authsufficient pam_ldap.so authrequiredpam_unix.so authsufficient pam_ldap.so account requiredpam_unix.so Is the above config correct? You have pam_ldap.so listed twice under the 'auth' setting. I assume that 2nd pam_ldap.so should be under 'account'. Andy --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: problem with authentication
Following my earlier mail, I have forgot to mention the /etc/pamd/imap consists of the following lines: #%PAM-1.0 authsufficient pam_ldap.so authrequiredpam_unix.so authsufficient pam_ldap.so account requiredpam_unix.so And cyrus is running on SuSE Linux 9.0. Many thanks Sujit Sujit Choudhury wrote: We are running cyrus imapd which authenticates it's users against an ldap server. We are getting the problem if a user types the password wrong, it continues to try to authenticate and after 6 retries, ldap server locks out the account as intrusion detection is in place. The /etc/imapd.conf contains the following: configdirectory: /var/imap partition-default: /var/imap/spool admins: john sasl_pwcheck_method: saslauthd sasl_mech_list: plain altnamespace: yes unixhierarchysep: yes tls_cert_file: /var/imap/cyrus.pem tls_key_file: /var/imap/cyrus.pem virtdomains: userid defaultdomain: foobar.co.uk sendmail: /usr/sbin/sendmail # popminpoll: 2 Is there anything we should do to make sure that only one attempt is made and it does not attempt for indefinite period. ldap.conf is as follows: baseo=foobar uri ldap://ldap.foobar.co.uk tls never sasl_secprops none ldap_version3 #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never Would be grateful for some ideas. Many thanks Sujit Choudhury --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
problem with authentication
We are running cyrus imapd which authenticates it's users against an ldap server. We are getting the problem if a user types the password wrong, it continues to try to authenticate and after 6 retries, ldap server locks out the account as intrusion detection is in place. The /etc/imapd.conf contains the following: configdirectory: /var/imap partition-default: /var/imap/spool admins: john sasl_pwcheck_method: saslauthd sasl_mech_list: plain altnamespace: yes unixhierarchysep: yes tls_cert_file: /var/imap/cyrus.pem tls_key_file: /var/imap/cyrus.pem virtdomains: userid defaultdomain: foobar.co.uk sendmail: /usr/sbin/sendmail # popminpoll: 2 Is there anything we should do to make sure that only one attempt is made and it does not attempt for indefinite period. ldap.conf is as follows: baseo=foobar uri ldap://ldap.foobar.co.uk tls never sasl_secprops none ldap_version3 #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never Would be grateful for some ideas. Many thanks Sujit Choudhury --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: SMS notification in a cyrus-imapd environment
Hi, I am compiling into the Cyrus code attached files. Notification is set up by sieve as sms with options as telephone number. Then u can run another script which does send sms. B. notifyd.h Description: Binary data notify_sms.c Description: Binary data notify_sms.h Description: Binary data
quota on cyrus 2.2.12
Hello, after upgrading from 2.2.3 we are experiencing strange problems while running quota -f. Actually it takes about a few hours to completely fix all mailboxes and all this time randomly (I mean it's difficult to say what user and when) users are getting overquota errors or quota reports are going crazy. For ex.: 01:02 AM [EMAIL PROTECTED] Report mailbox quota for [EMAIL PROTECTED] Quota % UsedUsed Root 1 1 182 [EMAIL PROTECTED] 02:03 AM [EMAIL PROTECTED] Report mailbox quota for [EMAIL PROTECTED] Quota % UsedUsed Root 1 0 0 [EMAIL PROTECTED] 01:02 AM [EMAIL PROTECTED] Report mailbox quota for [EMAIL PROTECTED] Quota % UsedUsed Root 10 56 56300 [EMAIL PROTECTED] 01:20 AM [EMAIL PROTECTED] Report mailbox quota for [EMAIL PROTECTED] Quota % UsedUsed Root 10 84 84450 [EMAIL PROTECTED] 01:46 AM [EMAIL PROTECTED] Report mailbox quota for [EMAIL PROTECTED] Quota % UsedUsed Root 10 112 112600 [EMAIL PROTECTED] 01:55 AM [EMAIL PROTECTED] Report mailbox quota for [EMAIL PROTECTED] Quota % UsedUsed Root 10 28 28150 [EMAIL PROTECTED] quota -f starts about 1:05AM, and it's useless to say that there were no actual activity on selected mailboxes. :( After quota fixing everything seems to be ok, until next time we run it. So, my question is what reason could cause such a problem and the second one (that's about why we are running quota fixing every night) is why quotas breaks so frequent? Below there is some tech info: OS: FreeBSD 4.11-RELEASE Cyrus: 2.2.12 db-4.2.52 from imapd.conf: quotawarn: 90 lmtp_over_quota_perm_failure: yes quota_db: quotalegacy -- Ivan Synyeokov mailto:[EMAIL PROTECTED] Golden Telecom http://www.goldentele.com --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: ptloader and ldap_member_method: filter problem
Igor Brezac wrote: > > On Wed, 27 Jul 2005, Sava Chankov wrote: > >> Hi, >> I'm using cyrus-imapd-2.2.12 with ptloader patch from Igor Brezac that >> fixes the >> SASL authz bug. Groups are read from LDAP by ptloader properly, but group >> authorization doesn't work with this configuration: >> >> virtdomains: yes >> ldap_version: 3 >> ldap_sasl: 0 >> ldap_size_limit: 500 >> ldap_bind_dn: uid=proxy_user,o=ControlPanel >> ldap_base: ou=People,ou=%d,o=ControlPanel >> ldap_filter: uid=%U >> ldap_group_base: ou=Group,ou=%d,o=ControlPanel >> ldap_group_filter: cn=%U >> ldap_member_method: filter >> ldap_member_base: ou=Group,ou=%d,o=ControlPanel >> ldap_member_attribute: cn > > This assumes ldap_member_filter: (member=%D). Correct? Yes. >> A little example - user [EMAIL PROTECTED] is member of groups punk and >> ordinary_user. When the domain admin creates a shared folder named >> "test" and >> assigns read right to group punk with the command >> >> sam test group:[EMAIL PROTECTED] read >> >> the result is that user [EMAIL PROTECTED] doesn't see the shared folder. >> ptdump >> output is: >> user: group:[EMAIL PROTECTED] time: 1122481905 groups: 0 >> user: [EMAIL PROTECTED] time: 1122481327 groups: 2 >> ordinary_user >> punk > > ptdump shows punk instead of [EMAIL PROTECTED] Keep in mind that ptdump > shows pts cache content. Can you show a sample ldap entry for each > identifier? > This is the user: dn: uid=mincho, ou=People, ou=dve.bg, o=ControlPanel loginShell: /bin/false uidNumber: 1001 gidNumber: 1001 objectClass: top objectClass: account objectClass: posixAccount objectClass: shadowAccount uid: mincho cn: Mincho and the group: dn: cn=punk, ou=Group, ou=dve.bg, o=ControlPanel gidNumber: 1004 objectClass: top objectClass: posixGroup member: uid=mincho,ou=People,ou=dve.bg,o=ControlPanel memberUid: mincho cn: punk I also tried renaming the group to [EMAIL PROTECTED],ou=Group,ou=dve.bg,o=ControlPanel and it didn't work either. However, changing the group name to cn=group:[EMAIL PROTECTED],ou=Group,ou=dve.bg,o=ControlPanel and ldap_group_filter: cn=%u made it work. A similiar behaviour is observed when using ldap_member_method:attribute ldap_member_attribute:memberOf It only works when memberOf attribute of the user contains value "group:[EMAIL PROTECTED]". -- Sava Chankov Сава Чанков software developer софтуерен разработчик http://www.blueboard.biz блуборд --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: SMS notification in a cyrus-imapd environment
On Wed, 2005-07-27 at 09:52 +0200, Simon Matter wrote:
> I'm interested to hear how people implemented SMS text notification in a
> cyrus-imapd environment.
we use sieve's mailto notify action.
the user has an "sms notification" checkbox in webmail. all
notifications are sent to a special e-mail address which is recognized
by the MTA (exim). exim delives the mail via SOAP to our application
server, which parses the mail, retrieves the relevant billing data and
sends a notification SMS via its SMPP interface.
bg,
tom.
--
Thomas "Duke" Hager {duke,[EMAIL PROTECTED]
GPG: 1024D/D27F858Chttp://www.sigsegv.at/gpg/duke.gpg
=
"Never Underestimate the Power of Stupid People in Large Groups."
signature.asc
Description: This is a digitally signed message part
