Am Donnerstag 30 Oktober 2008 17:09:21 schrieb Wesley Craig: > I think the actual syntax would be: > > sasl_pop_pwcheck_method: auxprop > sasl_pop_auxprop_plugin: sasldb > > The documentation (which needs improvement, and since you're getting > free help on the cyrus list I hope you'll open a bugzilla with some > suggested improvements) is mostly in the imapd.conf man page. In > particular: > > sasl_option: 0 > Any SASL option can be set by preceding it with > "sasl_". This > file overrides the SASL configuration file. > > There are a couple of other examples, e.g.: > > sasl_pwcheck_method: <none> > The mechanism used by the server to verify plaintext > passwords. > Possible values include "auxprop", "saslauthd", and > "pwcheck". > > What's mentioned in the SASL documentation (which is considerably > worse than the IMAP documentation, IMHO) is that you can put the > service name between sasl_ and _option. No, the Service-Name is prepended before the complete Option. This means servicename_sasl_option: ... For example: pop3_sasl_mech_list: PLAIN LOGIN > Also missing is what Cyrus > IMAP uses for the service names -- I looked in the code to decide > that "pop" was probably right and "pop3" is probably wrong. Service-Name itself is the given name of the Daemon from cyrus.conf. It is not the service Name from Cyrus-SASL. Separating Options between the Daemons is not a Cyrus-SASL Feature it is a Cyrus-IMAP Feature. You can use it for other Options than Cyrus-SASL Options in imapd.conf, too. ... pop3 cmd="pop3d" listen="pop3" prefork=0 ... Here it is "pop3". So Options for this Service begin with: pop3_ > On 30 Oct 2008, at 06:42, Ian Eiloart wrote: > > Can I ask how you discovered the "well hidden feature" of > > imapd.conf? Is > > there proper documentation for this anywhere? > > > > --On 29 October 2008 20:16:21 +0100 Andreas Winkelmann > > <ml@xxxxxxxxxxxxxx> > > > > wrote: > >> # SASL-COnfig only for pop3 Daemon > >> pop3_sasl_pwcheck_method: auxprop > >> pop3_sasl_auxprop_plugin: sasldb > >> pop3_sasl_mech_list: plain login cram-md5 digest-md5 At the end, I would add another (and maybe the best) way. You (OP) can add the Servicename in the LDAP-Query from saslauthd with %s. So you only need to add something in the LDAP-Entry which includes the Service-Name. Here it is the Cyrus-SASL Service Name "imap", "pop", "sieve"... -- Andreas ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
