On Thu, 23 Nov 2006, Peter Schober wrote:
I'm having a slight problem understanding the cyrus docs[0] regarding frontend to backend authentication for LMTP over TCP. all cyri are 2.2.13. # backend imapd.log: Nov 23 17:55:02 backend lmtp[21449]: accepted connection Nov 23 17:55:02 backend lmtp[21449]: connection from frontend.example.org [10.0.0.1] Nov 23 17:55:02 backend lmtp[21449]: frontend is not an admin Nov 23 17:55:05 backend lmtp[21449]: badlogin: 10.0.0.1 PLAIN SASL(-13): authentication failure: only admins may authenticate everything works fine if 'frontend' is listed under 'admins:' on the backends, but "Setting up the backends ..."[0] like in the docs: You will also want to configure atleast (sic) one user/group using the proxyservers imapd.conf option. This user should not be an administrator, since this means that anyone who can get ahold of your proxy servers now has full administrative control on your backend. leads me to including 'frontend' just in 'lmtp_admins' and 'proxyservers': # frontend config: proxy_authname: frontend backend_password: ... # backend config: admins: cyrus proxyservers: frontend lmtp_admins: frontend #for backend to backend auth proxy_authname: cyrus proxy_password: ... so while the error message above is exceptionally clear (and easy to "fix") I'd rather have this setup properly (not that we're too concerned with the security of our frontends currently). regards, -p.schober [0] http://cyrusimap.web.cmu.edu/imapd/install-murder.html
Just a confirmation that I had to do the same thing here to get lmtp delivery working to backends. :)
Andy ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
