Ken, Richard Gilbert and I had a discusion about this last week (which
I'll try to summarize).
Here is an alternative to the stunnel stuff.
1. Use imtest to issue XFER command (c: XFER user.phr2101test bacon)
you may need to
2. Remove 'force_sasl_client_mech: plain login' from the file. This line
will prevent plain+tls from happening correctly between backends when
issuing XFER from
imtest (my understanding is that the mech list is checked prior to the
STARTTLS, and since PLAIN isn't advertised until afterwards, Cyrus thinks
the mechanism isn't available. Removing this option prevents the mech
list from being checked.. or something).
-PAtrick
On Mon, 1 May 2006, Perry Brown wrote:
From a thread last month some fine folks on this listed suggested I set up
tls for plain so that I could do an xfer of mailboxes from one host to
another.
I got that set up and I am able to do an imtest from one host to the other
one and it gets authenticated with plain+tls.
My problem now happens when going back to cyradm to do the xfer. When I log
into the source host I'm authenticated with plain and when I run the xfer
command it tries to connnect to the destination server as plain.
How can I force cyradm to connect with plain+tls? Or possibly some work
around using Cyrus::IMAP::Shell
I looked at just about every news group and website and a couple of them
mentioned it's not possible to force tls in cyradm but the date on those
sites where from a few years ago and my hope is something has changed in the
interum.
Here is imapd.conf:
defaultpartition: imap1
configdirectory: /var/imap
partition-imap1: /var/spool/imap1
admins: cyrus support
srvtab: /var/imap/srvtab
quotawarn: 85
popminpoll: 0
autocreatequota: 30000
sasl_pwcheck_method: saslauthd
lmtp_over_quota_perm_failure: 1
allowusermoves: yes
proxy_authname: cyrus
proxy_password: password
force_sasl_client_mech: plain login
tls_cert_file: /local/imap/server1.sub1.domain.com.pem
tls_key_file: /local/imap/server1.sub1.domain.com.pem
Thank you
Perry
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
