Hi,
Just to make it clear: the problem only occurs with the default domain,
not with other virtual domains. All user are in the SQL database, and
cyrus does a correct translation to the mailbox for all the others. The
only problem is that the default domain is replaced with the local
computer name.
I made another user without domain extension, and then I can't login.
Cyrus tries to lookup the user with the domain extension from %r. So
only if I have a user "user@<local computer name>, i can login to
imap. But then Postfix requires an alias from
<user>@default.domain to <user>, else it won't accept any
email.
Why is this such a big problem? It is, because the database is fed with
information from a script, where we add users to the mail system. Now I
have to tell the script to perform special actions when the user is in
the default domain, and this is not a good situation.
In my opinion (can you give me yours, Andrew?), cyrus should not
rewrite the default domain when using %r, but internally redirect to
the local mailbox (so after login). Or provide a mechanism where the
local mailbox is transformed into a virtual domain box.
Kind regards,
Edwin Boersma
Lead Developer Web Applications
SecureOffice Europe AB
Ideon Science Park B2 floor 2
Scheelevägen 17
22363 Lund
Sweden
W: http://www.secureoffice.net
T: +46 462868773
M: +46 709726431
Alain Spineux wrote:
2009/2/18 Edwin Boersma <edwin.boersma@xxxxxxxxxxxxxxxx>:
Hi,
To be able to have user names like <user>@<our.domain> and
<sameuser>@<another.domain>, I have changed our IMAP config to use virtual
domains. To be able to access the existing mailboxes, I added the
"defaultdomain" option to imapd.conf.
It looks correct !
The user names were then renamed from
<user> to <user>@<our.domain>,
Which user ? Not in cyrus imap ! In SQL then ?
What happen if you don't rename it !
so I would think we could login.
But we couldn't. We use a sql lookup for authentication and so does Postfix
to find the local users. Now, here I have found a problem.
What happens? At authentication, the (default) domain name appears to get
replaced with the server's hostname and the authentication fails. If I
change the user name to <user>@<server name>, it works. But then Postfix
requires the email address to be present in the virtual users table,
pointing to the local user name again. And this is only the case for the
default domain, not for foreign domains.
The server's local name should not be used here, as it is totally arbitrary.
It would make it impossible to e.g. migrate cyrus and Postfix to another
server.
(I hope you still follow)
Here's the imapd.conf:
configdirectory: /var/lib/imap
partition-default: /var/spool/imap
sievedir: /var/lib/sieve
admins: cyrus root
allowanonymouslogin: no
autocreate_users: anyone
autocreatequota: 1000000
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
dracinterval: 0
drachost: localhost
allowplaintext: yes
lmtp_overquota_perm_failure: no
lmtp_downcase_rcpt: yes
createonpost: yes
unixhierarchysep: yes
virtdomains: yes
defaultdomain: secureoffice.net
sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: sql
sasl_sql_engine: mysql
sasl_mech_list: login
sasl_sql_hostnames: localhost
sasl_sql_user: mail
sasl_sql_passwd: xxxxxxxxxxxxxxxxxxxxxxx
sasl_sql_database: maildb
sasl_sql_verbose: yes
sasl_sql_select: SELECT clear AS password FROM users WHERE id='%u@%r' AND
Active='Y'
And this is from the logfile:
Feb 18 16:26:07 reindeer imap[14741]: sql plugin create statement from
userPassword edwin.boersma reindeer
Feb 18 16:26:07 reindeer imap[14741]: sql plugin doing query SELECT clear AS
password FROM users WHERE id='edwin.boersma@reindeer' AND Active='Y';
My username is edwin.boersma@xxxxxxxxxxxxxxxx, and the server's local name
is reindeer. Is there something wrong in my config, or is this
works-as-designed?
--
Kind regards,
Edwin Boersma
Lead Developer Web Applications
SecureOffice Europe AB
Ideon Science Park B2 floor 2
Scheelevägen 17
22363 Lund
Sweden
W: http://www.secureoffice.net
T: +46 462868773
M: +46 709726431
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
|
begin:vcard
fn:Edwin Boersma
n:Boersma;Edwin
email;internet:edwin.boersma@xxxxxxxxxxxxxxxx
x-mozilla-html:TRUE
version:2.1
end:vcard
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
