Re: anthentication problem
On Friday 07 September 2007 19:21:19 Andrew Morgan wrote: On Fri, 7 Sep 2007, Guillaume Nadot wrote: Dear list, The problem is that I cannot use the email address of the user to perform their logins. Let me explain : I have succesfully setup cyrus with virtual domains, I use sasl with pam for the authentication, pam use ldap and use the email adress of the user as pam_login_attribute ( pam_login_attribute mail in /etc/ldap.conf ). When I run the command testsaslauthd -u [EMAIL PROTECTED] -p password, it returns 0: OK Success. When I want to perform a login on cyrus, it fails here is the log : Sep 7 15:50:40 imaptest pop3[5130]: badlogin: [192.168.34.208] plaintext [EMAIL PROTECTED] SASL(-13): authentication failure: checkpass failed. If I try to log on cyrus using [EMAIL PROTECTED]@truc.com, I can see this in the logs : Sep 7 15:52:30 imaptestfrontend1 pop3[5135]: login: [192.168.34.208] [EMAIL PROTECTED]@truc.com plaintext User logged in Sep 7 15:52:33 imaptestfrontend1 pop3[5135]: Unable to locate maildrop truc.com!: Invalid mailbox name The problem seems to be that when the user tries to authenticate, cyrus splits the login in two parts : the username and the domain, and tries to authenticate the user only with the local part of the mail adress. Is there anyway to telle cyrus not to split the login when passing the username to sasl ? I'm using cyrus-imapd 2.3.7. on a RedHat 5 EL. Here is my imapd.conf : configdirectory: /var/lib/imap partition-default: /var/spool/imap admins: cyrus sievedir: /var/lib/imap/sieve sendmail: /usr/sbin/sendmail hashimapspool: true sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt virtdomains: userid Try starting saslauthd with the -r argument. Andy Thanks, it works now. As testsaslauthd was working, I didn't think saslauthd was the problem. - Guillaume Nadot System Engineer CIRB - CIBG Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Shared folder filtering (probably a thousand times asked)
beloved list, i'm so free to ask this question probably for the 1000st time: how can i manage sieve script for shared folders? i have a few shared folders where i would like to have cyrus filter the incoming mails with sieve scripts, but i couldn't figure out a way to do so yet. any evil and nasty workaround is welcome, even if it is giving the postuser somehow all sieve scripts, that's absolutely fine. thanks for your help! best regards, johannes russek Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Murder works wonderfully but alarms users
We have a Cyrus murder configuration with one proxy front-end and one storage back-end. I'm very pleased with it. However, users who happen to look at the full headers of their e-mail are often alarmed by the word `murder' that appears in the first `Received' header. It's even worse when the message is from daemon! Here are some typical headers. Would it be possible to eliminate the offensive word or replace it with something more meaningful? Received: from murder (electra.cc.umanitoba.ca [130.179.16.23]) by mbox.cc.umanitoba.ca (Cyrus v2.3.8) with LMTPA; Sun, 09 Sep 2007 22:14:47 -0500 X-Sieve: CMU Sieve 2.3 Received: from electra.cc.umanitoba.ca ([unix socket]) by cc.umanitoba.ca (Cyrus v2.3.8) with LMTPA; Sun, 09 Sep 2007 22:14:47 -0500 X-Sieve: CMU Sieve 2.3 -- -Gary Mills--Unix Support--U of M Academic Computing and Networking- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Murder works wonderfully but alarms users
Its much more productive to eliminate the complaining users and replace them with something less alarmist. On Sep 10, 2007, at 11:59, Gary Mills wrote: We have a Cyrus murder configuration with one proxy front-end and one storage back-end. I'm very pleased with it. However, users who happen to look at the full headers of their e-mail are often alarmed by the word `murder' that appears in the first `Received' header. It's even worse when the message is from daemon! Here are some typical headers. Would it be possible to eliminate the offensive word or replace it with something more meaningful? Received: from murder (electra.cc.umanitoba.ca [130.179.16.23]) by mbox.cc.umanitoba.ca (Cyrus v2.3.8) with LMTPA; Sun, 09 Sep 2007 22:14:47 -0500 X-Sieve: CMU Sieve 2.3 Received: from electra.cc.umanitoba.ca ([unix socket]) by cc.umanitoba.ca (Cyrus v2.3.8) with LMTPA; Sun, 09 Sep 2007 22:14:47 -0500 X-Sieve: CMU Sieve 2.3 -- -Gary Mills--Unix Support--U of M Academic Computing and Networking- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Compile 2.2.12 in RHEL4
Hi. I need to compile Cyrus 2.2.12 in RHEL4, cause I need to use autocreate and autosieve patches. The platform is Opteron 64. My configure line is: ./configure --prefix=/usr/local/cyrus --with-perl=/usr/bin/perl --with-auth=unix --enable-murder --enable-listext --enable-annotatemore --with-cyrus-user=cyrus --with-cyrus-group=mail --with-syslogfacility=MAIL --with-pidfile=/var/run/cyrmaster.pid --with-lock=fcntl --with-bdb=/usr/lib --with-bdb-libdir=/usr/lib --with-bdb-incdir=/usr/include Make depend works fine, but when I run make, I received the following errors: In file included from mboxlist.c:75: imap_err.h:65: warning: struct et_list declared inside parameter list In file included from mupdate-client.h:47, from mboxlist.c:79: mupdate_err.h:20: warning: struct et_list declared inside parameter list gcc -c -I.. -I./../lib -I./../sieve -I/usr/include -DHAVE_CONFIG_H \ mupdate-client.c In file included from mupdate-client.h:47, from mupdate.h:56, from mupdate-client.c:75: mupdate_err.h:20: warning: struct et_list declared inside parameter list mupdate_err.h:20: warning: its scope is only this definition or declaration, which is probably not what you want In file included from mupdate.h:57, from mupdate-client.c:75: mupdate_err.h:20: warning: struct et_list declared inside parameter list mupdate_err.h:20: error: conflicting types for 'initialize_mupd_error_table_r' mupdate_err.h:20: error: previous declaration of 'initialize_mupd_error_table_r' was here mupdate_err.h:20: error: conflicting types for 'initialize_mupd_error_table_r' mupdate_err.h:20: error: previous declaration of 'initialize_mupd_error_table_r' was here In file included from mupdate-client.c:76: mupdate_err.h:20: warning: struct et_list declared inside parameter list mupdate_err.h:20: error: conflicting types for 'initialize_mupd_error_table_r' mupdate_err.h:20: error: previous declaration of 'initialize_mupd_error_table_r' was here mupdate_err.h:20: error: conflicting types for 'initialize_mupd_error_table_r' mupdate_err.h:20: error: previous declaration of 'initialize_mupd_error_table_r' was here make[1]: ** [mupdate-client.o] Erro 1 make[1]: Leaving directory `/home/mhterres/src/cyrus-imapd-2.2.12/imap' make: ** [all] Erro 1 Any ideas ? Thanks in advance, -- Marcelo H. Terres [EMAIL PROTECTED] Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: deliver reports (/var/lib/imap/socket/lmtp) failed: Connection refused
Hello Simon,
I tried you suggestion and there are no more
Sep 3 07:45:59 srv1 deliver[20650]:
connect(/var/lib/imap/socket/lmtp) failed: Connection refused
messages appearing in the error log file.
Many thanks for your help.
I run postfix chrooted so a hardlink pointing to
/var/lib/imap/socket/lmtp was required in
/var/spool/postfix/var/lib/imap/socket directory. This needs to be
refreshed every time cyrus is restarted.
It's much easier to make lmtp not chrooted. Simply remove the chroot
option from lmtp service in master.cf. I don't think that's a big security
problem.
But my collegaues told me that this is not the only problem. Cyrus
pop3, pop3s, imap and imaps services become unavailable time to time.
And only restart helps.
Delivery from postfix to cyrus mailboxes via this new setup (direct
lmtp) is OK during the outage of pop3, pop3s, imap, imaps service. The
services don't die at the same time. Sometimes imap dies but pop3
still works. Restart helps. It is really strange. It was a stable
system before and nothing was changed. I could find only the following
errormessages in the log files:
Sep 8 01:35:00 srv1 pop3s[15591]: Fatal error: tls_start_servertls()
failed
Sep 8 01:37:09 srv1 imaps[15687]: Fatal error: tls_start_servertls()
failed
Do you only have problems with pop3s and imaps, or also with pop3 and
imap? If it's only SSL/TLS, there yould be a problem with /dev/random and
you should try using /dev/urandom instead. Otherwise it could be that one
or more of your cyrus databases are corrupt. Did you try a reconstruct on
all you mailboxes?
Simon
and
Sep 8 02:17:47 srv1 cyrus-master[20423]: pop3 has -5 workers?!?
There are many of such messages. I can access my mailbox using TLS
without any problem.
Any help would be appreciated.
Thanks, Gyorgy
Idézet (Simon Matter [EMAIL PROTECTED]):
Hello,
We had a properly working postfix + cyrus-imap system till 23rd of
July. Then messages like the below one started to appear in the log
file.
Sep 3 07:45:59 srv1 deliver[20650]:
connect(/var/lib/imap/socket/lmtp) failed: Connection refused
The postfix log shows:
Sep 3 07:45:59 srv1 postfix/pipe[19972]: B88D01DC8EF8: to=xxx@
srv1.xxx.xx, orig_to=[EMAIL PROTECTED], relay=cyrus-deliver, delay=2
49424, status=deferred (temporary failure. Command output: couldn't
connect to l
mtpd: Connection refused_ 421 4.3.0 deliver: couldn't connect to lmtpd_
)
Do you have any ideas what could happen? It worked fine before.
cyrus.conf contains:
# at least one LMTP is required for delivery
# lmtp cmd=lmtpd listen=lmtp prefork=0
lmtpunix cmd=lmtpd listen=/var/lib/imap/socket/lmtp
prefork=5
postfix/master.cf contains:
cyrus-deliver unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
${extension} ${user}
postfix/main.cf contains:
mailbox_transport = cyrus-deliver
Hi,
I don't know why things suddenly fail but you shouldn't use the cyrus
transport anymore. You should use lmtp as a mailtransport directly. If
your postfix setup isn't somehow exotic you should be able to simply
switch with this config:
mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
Maybe you could give it a try.
Simon
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Compile 2.2.12 in RHEL4
Hi. I need to compile Cyrus 2.2.12 in RHEL4, cause I need to use autocreate and autosieve patches. Why don't you try my rpms http://www.invoca.ch/pub/packages/cyrus-imapd/ They include all the patches you want. Simon Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Compile 2.2.12 in RHEL4
I tried, but they don't support 64 architectures... + ./configure --host=x86_64-redhat-linux-gnu --build=x86_64-redhat-linux-gnu --target=x86_64-redhat-linux --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64 --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man --infodir=/usr/share/info --enable-netscapehack --enable-listext --with-idle=idled --enable-murder --enable-nntp --without-snmp --with-perl=/usr/bin/perl --with-cyrus-prefix=/usr/lib/cyrus-imapd --with-service-path=/usr/lib/cyrus-imapd --with-auth=unix --with-bdb-incdir=/usr/include/db4 --with-extraident=Invoca-RPM-2.2.12-19 --with-syslogfacility=MAIL checking build system type... Invalid configuration `x86_64-redhat-linux-gnu': machine `x86_64-redhat' not recognized configure: error: /bin/sh ./config.sub x86_64-redhat-linux-gnu failed erro: Código de saída inválido do /var/tmp/rpm-tmp.40337 (%build) Thanks. On 9/10/07, Simon Matter [EMAIL PROTECTED] wrote: Hi. I need to compile Cyrus 2.2.12 in RHEL4, cause I need to use autocreate and autosieve patches. Why don't you try my rpms http://www.invoca.ch/pub/packages/cyrus-imapd/ They include all the patches you want. Simon -- Marcelo H. Terres [EMAIL PROTECTED] Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Shared folder filtering (probably a thousand times asked)
On Mon, 10.09.2007 at 16:01:12 +0200, Johannes Rußek wrote: beloved list, i'm so free to ask this question probably for the 1000st time: how can i manage sieve script for shared folders? i have a few shared folders where i would like to have cyrus filter the incoming mails with sieve scripts, but i couldn't figure out a way to do so yet. upload a sieve script as your cyrus admin user. Let's call it foo. Then login with cyradm and attach that script to the shared folder bar. mboxcfg bar sieve foo hth, Ulrich Spoerlein -- It is better to remain silent and be thought a fool, than to speak, and remove all doubt. Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Compile 2.2.12 in RHEL4
Hi Simon. I have a config.sub and a config.guess that works with 64 architectures. There is some way to put these files in the rpm that I downloaded from invoca.ch ??? Maybe with these files I can use the rpm. Thanks in advance. Regards, On 9/10/07, Simon Matter [EMAIL PROTECTED] wrote: Hi. I need to compile Cyrus 2.2.12 in RHEL4, cause I need to use autocreate and autosieve patches. Why don't you try my rpms http://www.invoca.ch/pub/packages/cyrus-imapd/ They include all the patches you want. Simon -- Marcelo H. Terres [EMAIL PROTECTED] Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Compile 2.2.12 in RHEL4
Hi Simon. I have a config.sub and a config.guess that works with 64 architectures. There is some way to put these files in the rpm that I downloaded from invoca.ch ??? Maybe with these files I can use the rpm. Did you try the 2.3.x rpms? They should work fine. I don't maintain the 2.2.x version anymore. Simon Thanks in advance. Regards, On 9/10/07, Simon Matter [EMAIL PROTECTED] wrote: Hi. I need to compile Cyrus 2.2.12 in RHEL4, cause I need to use autocreate and autosieve patches. Why don't you try my rpms http://www.invoca.ch/pub/packages/cyrus-imapd/ They include all the patches you want. Simon -- Marcelo H. Terres [EMAIL PROTECTED] Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
