Simon Matter írta:>>>> I have a postfix relay server and a (local) cyrus imap server on the>>>> same machine. Everything was fine until I thought, I change the imap>>>> authentication from sasldb to saslauth, to have global authentication>>>> on postfix and cyrus.<br>>>>> Postfix uses saslauthd, which is configured for PAM. It works>>>> perfectly, with plain/login/cram/digest mechanisms, with or without>>>> tls/ssl, absolutely no problems with it. Saslauth tests are all fine>>>> obviously.<br>>>>> So I decided to use this with cyrus imap too. Set it to use the same>>>> saslauth daemon, and plain, login, cram-md5 and digest-md5 mechs.<br>>>>> Since then, I can not login with plain or login mechs, because they>>>> aren't being offered at all by cyrus imapd. I can login with cram or>>>> digest fine.<br>>>>> I understand that plain login isn't offered by default, only after a>>>> successfull tls session setup, but if I understand correctly, the>>>> "allowplaintext: yes" option should still force imapd to offer plain>>>> logins. But it doesn't. I tried it with different sasl_min|max_levels,>>>> to no avail.<br>>>>>>>>> >>> "allowplaintext: 1" should indeed enable plain. At least that works well>>> for me. I expect you are using the packages from a distribution, maybe>>> they have added some kind of "security" patches to make things more>>> safe?>>> Could you try with the following line in your cyrus config:>>>>>> sasl_mech_list: PLAIN>>>>>> Regards,>>> Simon>>>>>>>>> >> yes, the server is running ubuntu 7.04 i386, 2.6.20-17-generic, and>> postfix and cyrus are installed via the ubuntu repositiories.>> >> Can you check which cyrus-sasl-* packages you have installed? Most> distributions split cyrus-sasl into multiple packages and maybe you have> not installed the -plain package?>> Simon>> I have these installed:cyrus-admin-2.2 (2.2.13-10ubuntu2), cyrus-clients-2.2 (2.2.13-10ubuntu2), cyrus-common-2.2 (2.2.13-10ubuntu2), cyrus-imapd-2.2 (2.2.13-10ubuntu2), cyrus-murder-2.2 (2.2.13-10ubuntu2), libauthen-sasl-cyrus-perl (0.13-server-1), libauthen-sasl-perl (2.10-1), libcyrus-imap-perl22 (2.2.13-10ubuntu2), libsasl2-2 (2.1.22.dsfg1-8ubuntu2), libsasl2-modules (2.1.22.dfsg1-8ubuntu2), sasl2-bin (2.1.22.dfsg1-8ubuntu2) And these AREN'T installed:libsasl2-modules-gssapi-heimdal, libsasl2-modules-gssapi-mit, libsasl2-modules-ldap, libsasl2-modules-otp, libsasl2-modules-sql. Can't seem to find separate -plain packages or anything similar. Postfix shows this, when in smtpd.conf the mech_list is set to PLAIN only: Apr 24 11:13:56 localhost postfix/smtpd[8026]: connect from client4[192.168.2.126]Apr 24 11:13:56 localhost postfix/smtpd[8026]: 4C4319CDF8: client=client4[192.168.2.126], sasl_method=PLAIN, sasl_username=user@piller-server when it's set to LOGIN only: Apr 24 11:16:42 localhost postfix/smtpd[8178]: connect from client4[192.168.2.126]Apr 24 11:16:42 localhost postfix/smtpd[8178]: 839B69CDF8: client=client4[192.168.2.126], sasl_method=LOGIN, sasl_username=user@piller-server with CRAM-MD5 only: Apr 24 11:18:24 localhost postfix/smtpd[8299]: connect from client4[192.168.2.126]Apr 24 11:18:24 localhost postfix/smtpd[8299]: 8164B9CDF8: client=client4[192.168.2.126], sasl_method=CRAM-MD5, sasl_username=user@piller-server Janos----Cyrus Home Page: http://cyrusimap.web.cmu.edu/Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twikiList Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
