!!!
Please be aware that the password for mailproxy was exposed below in
uuencoded form.
!!!
On 06/04/18 11:23 +0200, Jean-Christophe Delaye wrote:
On 06/01/2018 07:54 PM, Dan White wrote:
On 06/01/18 18:03 +0200, Jean-Christophe Delaye wrote:
[root@cassandra etc]# /opt/cyrus-imapd_3.0.7-cyrus/bin/imtest -m plain
-a mailproxy imap1.eurecom.fr
S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE
MUPDATE=mupdate://cassandra.eurecom.fr/ STARTTLS AUTH=PLAIN SASL-IR]
imap1.eurecom.fr Cyrus IMAP 3.0.7 server ready
Please enter your password:
C: A01 AUTHENTICATE PLAIN <removed>
Authenticated.
Security strength factor: 0
. LIST "" "*"
. OK Completed (0.000 secs)
imtest -m plain -a mailproxy -u <some_user> imap1.eurecom.fr
[root@cassandra etc]# /opt/cyrus-imapd_3.0.7-cyrus/bin/imtest -m plain
-a mailproxy -u delaye imap1.eurecom.fr
S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE
MUPDATE=mupdate://cassandra.eurecom.fr/ STARTTLS AUTH=PLAIN SASL-IR]
imap1.eurecom.fr Cyrus IMAP 3.0.7 server ready
Please enter your password:
C: A01 AUTHENTICATE PLAIN <removed>
S: A01 NO no mechanism available
Authentication failed. generic failure
Security strength factor: 0
Note, if I choose login mech , it works !
[root@cassandra etc]# /opt/cyrus-imapd_3.0.7-cyrus/bin/imtest -m login
-a mailproxy -u delaye imap1.eurecom.fr
S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE
MUPDATE=mupdate://cassandra.eurecom.fr/ STARTTLS AUTH=PLAIN SASL-IR]
imap1.eurecom.fr Cyrus IMAP 3.0.7 server ready
Please enter your password:
C: L01 LOGIN mailproxy {7}
S: + go ahead
Authenticated.
You may need 'sasl_minimum_layer: 0' within imapd.conf, on the backend.
If that doesn't work, please include syslog output for the above two
authentication attempts.
root@ipso:/opt/cyrus-imapd_3.0.7-cyrus1/sbin#
/opt/cyrus-sasl_2.1.27-cyrus1/sbin/pluginviewer -m plain
Installed and properly configured auxprop mechanisms are:
<none>
Installed and properly configured SASL (server side) mechanisms are:
SCRAM-SHA-1 SCRAM-SHA-256 DIGEST-MD5 EXTERNAL CRAM-MD5 PLAIN ANONYMOUS
Available SASL (server side) mechanisms matching your criteria are:
PLAIN
List of server plugins follows
Plugin "plain" [loaded], API version: 4
Available SASL (client side) mechanisms matching your criteria are:
SCRAM-SHA-1 SCRAM-SHA-256 DIGEST-MD5 EXTERNAL CRAM-MD5 PLAIN ANONYMOUS
List of client plugins follows
Plugin "plain" [loaded], API version: 4
mailproxy credentials are ok !
root@ipso:/opt/cyrus-imapd_3.0.7-cyrus1/sbin#
/opt/cyrus-sasl_2.1.27-cyrus1/sbin/pluginviewer
Installed and properly configured auxprop mechanisms are:
<none>
Installed and properly configured SASL (server side) mechanisms are:
SCRAM-SHA-1 SCRAM-SHA-256 DIGEST-MD5 EXTERNAL CRAM-MD5 PLAIN ANONYMOUS
Available SASL (server side) mechanisms matching your criteria are:
SCRAM-SHA-1 SCRAM-SHA-256 DIGEST-MD5 CRAM-MD5 PLAIN ANONYMOUS
List of server plugins follows
Plugin "scram" [loaded], API version: 4
Plugin "scram" [loaded], API version: 4
Plugin "digestmd5" [loaded], API version: 4
Plugin "crammd5" [loaded], API version: 4
Plugin "plain" [loaded], API version: 4
Plugin "anonymous" [loaded], API version: 4
Installed and properly configured SASL (client side) mechanisms are:
SCRAM-SHA-1 SCRAM-SHA-256 DIGEST-MD5 EXTERNAL CRAM-MD5 PLAIN ANONYMOUS
Available SASL (client side) mechanisms matching your criteria are:
SCRAM-SHA-1 SCRAM-SHA-256 DIGEST-MD5 EXTERNAL CRAM-MD5 PLAIN ANONYMOUS
List of client plugins follows
Plugin "scram" [loaded], API version: 4
Plugin "scram" [loaded], API version: 4
Plugin "digestmd5" [loaded], API version: 4
Plugin "EXTERNAL" [loaded], API version: 4
Plugin "crammd5" [loaded], API version: 4
Plugin "plain" [loaded], API version: 4
Plugin "anonymous" [loaded], API version: 4
On the backend:
allowplaintext: yes
proxyservers: mailproxy cyrus1 cyrus
sasl_saslauthd_path: /global/cyrus1/var/state/saslauthd/mux
sasl_mech_list: plain
sasl_auto_transition: no
sasl_pwcheck_method: saslauthd
on the frontend/mupdate master:
proxy_authname: mailproxy
proxy_password: yyyyyyyyy
sasl_saslauthd_path: /global/cyrus/var/state/saslauthd/mux
sasl_mech_list: plain
sasl_auto_transition: no
sasl_pwcheck_method: saslauthd
--
Dan White
----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
