Hello,
My
cyrus.conf look like this:
# UNIX sockets start
with a slash and are put into /var/lib/imap/socket
SERVICES {
# add or remove based on preferences
# imap cmd="imapd" listen="imap" prefork=0
# imaps cmd="imapd -s" listen="imaps" prefork=0
# pop3 cmd="pop3d" listen="pop3" prefork=0
# pop3s cmd="pop3d -s" listen="pop3s" prefork=0
# sieve cmd="timsieved" listen="sieve" prefork=0
imap cmd="imapd" listen="212.70.0.0/16:imap" prefork=0
imaplocal cmd="imapd -C /etc/imapd-local.conf" listen="127.0.0.1:imap" prefork=0
imaps cmd="imapd -s" listen="212.70.0.0/16:imaps" prefork=0
SERVICES {
# add or remove based on preferences
# imap cmd="imapd" listen="imap" prefork=0
# imaps cmd="imapd -s" listen="imaps" prefork=0
# pop3 cmd="pop3d" listen="pop3" prefork=0
# pop3s cmd="pop3d -s" listen="pop3s" prefork=0
# sieve cmd="timsieved" listen="sieve" prefork=0
imap cmd="imapd" listen="212.70.0.0/16:imap" prefork=0
imaplocal cmd="imapd -C /etc/imapd-local.conf" listen="127.0.0.1:imap" prefork=0
imaps cmd="imapd -s" listen="212.70.0.0/16:imaps" prefork=0
imapslocal cmd="imapd -C /etc/imapd-local.conf"
listen="127.0.0.1:imaps" prefork=0
imapsext cmd="imapd -C /etc/imapd-external.conf -s" listen="132.74.41.18:imapsiext" prefork=0
pop3 cmd="pop3d" listen="pop3" prefork=0
pop3s cmd="pop3d -s" listen="pop3s" prefork=0
sieve cmd="timsieved" listen="212.70.41.18:sieve" prefork=0
imapsext cmd="imapd -C /etc/imapd-external.conf -s" listen="132.74.41.18:imapsiext" prefork=0
pop3 cmd="pop3d" listen="pop3" prefork=0
pop3s cmd="pop3d -s" listen="pop3s" prefork=0
sieve cmd="timsieved" listen="212.70.41.18:sieve" prefork=0
I'm trying
to achive this:
On my local network
(all clients are with external IP's) I want clients to connect via IMAP using
PLAIN/TLS/SSL.
All other clients
(from another IP's) could connect only with TLS/SSL options.
I've configured
cyrus.conf in such a way so "imapsext" (see above) is for external users,
imap/imaps for my network users (network 212.70.0.0 subnet 255.255.0.0), and
imaplocal/imaplocals for local users.
Local users
(connected on the server machine with Kmail) can use Plain and TLS Encription,
but no SSL (may be someone know why).
I'm testing now my
local net. users and they can't connect even without any encryption at
all.
Anyone have any
thoughts how to solve it?
imapd.conf
and imapd-local.conf are look like this:
configdirectory:
/var/lib/imap
partition-default: /var/spool/imap
sievedir: /var/lib/sieve
admins: cyrus
allowanonymouslogin: no
autocreatequota: 20000
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
dracinterval: 0
drachost: localhost
sasl_pwcheck_method: saslauthd
lmtp_overquota_perm_failure: no
servername: ns.edu.haifa.ac.il
unixhierarchysep: yes
altnamespace: yes
createonpost: 1
partition-default: /var/spool/imap
sievedir: /var/lib/sieve
admins: cyrus
allowanonymouslogin: no
autocreatequota: 20000
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
dracinterval: 0
drachost: localhost
sasl_pwcheck_method: saslauthd
lmtp_overquota_perm_failure: no
servername: ns.edu.haifa.ac.il
unixhierarchysep: yes
altnamespace: yes
createonpost: 1
allowplaintext:
yes
sasl_mech_list: PLAIN LOGIN
#
# if you want TLS, you have to generate certificates and keys
#
tls_cert_file: /usr/ssl/certs/cert.pem
tls_key_file: /usr/ssl/certs/skey.pem
tls_ca_file: /usr/ssl/CA/CAcert.pem
tls_ca_path: /usr/ssl/CA
sasl_mech_list: PLAIN LOGIN
#
# if you want TLS, you have to generate certificates and keys
#
tls_cert_file: /usr/ssl/certs/cert.pem
tls_key_file: /usr/ssl/certs/skey.pem
tls_ca_file: /usr/ssl/CA/CAcert.pem
tls_ca_path: /usr/ssl/CA
Regards,
Leon
_______________________________________________ This mailing list is hosted and supported by bit-heads GmbH | http://www.bit-heads.ch
_______________________________________________ Web-cyradm mailing list [email protected] http://www.web-cyradm.org/mailman/listinfo/web-cyradm
