It seems like I've no plain text auth capability !! [root@client ~]# telnet cyrus_server imap Trying cyrus_server ... Connected to imap-sop.inria.fr (cyrus_server). Escape character is '^]'. * OK cyrus_server Cyrus IMAP4 v2.2.12 server ready . capability * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE STARTTLS How could I configure this, like my other server do ? [root@client ~]# telnet test1 imap Trying 1.2.3.4... Connected to test1 (1.2.3.4). Escape character is '^]'. * OK INRIA mail server - test1 ready. . capability * CAPABILITY IMAP4rev1 SASL-IR SORT THREAD=REFERENCES MULTIAPPEND UNSELECT LITERAL+ IDLE CHILDREN NAMESPACE LOGIN-REFERRALS UIDPLUS LIST-EXTENDED I18NLEVEL=1 QUOTA STARTTLS *AUTH=PLAIN* Michael Menge wrote: > Hi, > > Quoting Mathieu Kretchner <mathieu.kretchner@xxxxxxxxxxxxxxx>: > >> Ok thank you for your help, >> >> I've tried the allowplaintext: yes but the proxy sieve server I use is >> still complaining ! >> >> I don't know why? I've done a tcp/ip trace of data transmission between >> proxy and sieve cyrus server and the only thing I see is that : >> >> Data (41 bytes) >> 0000 41 55 54 48 45 4e 54 49 43 41 54 45 20 22 50 4c AUTHENTICATE "PL >> 0010 41 49 4e 22 20 22 41 47 6c 74 59 58 41 79 41 47 AIN" "AGltYXAyAG >> 0020 6c 74 59 58 41 79 22 0d 0a ltYXAy".. >> >> Data (22 bytes) >> 0000 4f 4b 20 22 4c 6f 67 6f 75 74 20 43 6f 6d 70 6c OK "Logout Compl >> 0010 65 74 65 22 0d 0a ete".. >> >> >> How could I debug this ? >> >> > > It seems your client tries PLAIN authentication. You can try sivtest, > it will show all the data send between sieved and sivtest. > Which database does saslauthd use for authentication, if you use pam > you need an entry for sieve in /etc/pam.d . > Are there any messages form saslauthd in the logs? > > > >> Raphael Jaffey wrote: >>> Sorry, we use this setting in our environment as we're using stunnel >>> for sieved connections rather than its built in TLS support. >>> >>> The relevant parts of our current config read: >>> >>> sasl_pwcheck_method: saslauthd >>> sasl_mech_list: PLAIN >>> >>> >>> allowplaintext: no >>> sasl_minimum_layer: 128 >>> sieve_allowplaintext: yes >>> sieve_sasl_minimum_layer: 0 >>> >>> tls_cert_file: <some-path> >>> tls_key_file: <some-path> >>> tls_ca_file: <some-path> >>> tls_cipher_list: !ADH:MEDIUM:HIGH >>> >>> sieve_tls_cert_file: disabled >>> >>> >>> >>> In your case, assuming you don't want PLAIN in the clear, I should >>> think the following would suffice: >>> >>> sasl_pwcheck_method: saslauthd >>> sasl_mech_list: PLAIN >>> >>> >>> allowplaintext: no >>> sasl_minimum_layer: 128 >>> >>> tls_cert_file: <some-path> >>> tls_key_file: <some-path> >>> tls_ca_file: <some-path> >>> tls_cipher_list: !ADH:MEDIUM:HIGH >>> >>> This assumes that your sieve client supports TLS. >>> >>> Quoting Raphael Jaffey <rjaffey@xxxxxxxxx>: >>> >>>> sieve_allowplaintext: yes >>>> >>>> Quoting Mathieu Kretchner <mathieu.kretchner@xxxxxxxxxxxxxxx>: >>>> >>>>> Hello, >>>>> >>>>> I would like to allow connection to sieved server with PLAIN mechanism. >>>>> But my configuration seems to already have this. What do I miss ? >>>>> >>>>> Cyrus is 2.2.12 >>>>> here is my imapd.conf : >>>>> >>>>> configdirectory: /data/imap >>>>> partition-default: /data/imap/spool >>>>> servername: imap-sop.inria.fr >>>>> admins: cyrus >>>>> hashimapspool: yes >>>>> duplicatesuppression: no >>>>> sasl_pwcheck_method: saslauthd >>>>> allowanonymouslogin: no >>>>> tls_session_timeout: 0 >>>>> allowapop: 0 >>>>> sasl_mech_list: PLAIN >>>>> sieveuserhomedir: no >>>>> sievedir: /data/imap/sieve >>>>> sieve_maxscripts: 8 >>>>> sieve_maxscriptsize: 640 >>>>> sendmail: /usr/sbin/sendmail >>>>> tls_ca_file: /data/imap/ssl/ca.crt >>>>> tls_cert_file: /data/imap/ssl/server.crt >>>>> tls_key_file: /data/imap/ssl/server.key >>>>> tls_ca_path: /data/imap/ssl >>>>> >>>>> Thank you >>>>> >>>>> >>>> >>>> ---- >>>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/ >>>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki >>>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html >>>> >>> >>> >>> ---- >>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/ >>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki >>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > > > > -------------------------------------------------------------------------------- > M.Menge Tel.: (49) 7071/29-70316 > Universität Tübingen Fax.: (49) 7071/29-5912 > Zentrum für Datenverarbeitung mail: > michael.menge@xxxxxxxxxxxxxxxxxxxx > Wächterstraße 76 > 72074 Tübingen > ---- > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
begin:vcard fn:Mathieu Kretchner n:Kretchner;Mathieu org:INRIA;Syslog adr;dom:;;2004 route des lucioles - BP93;Sophia Antipolis;;06902 CEDEX email;internet:mathieu.kretchner@xxxxxxxxxxxxxxx tel;work:04 92 38 76 67 x-mozilla-html:FALSE version:2.1 end:vcard
---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
