| View previous topic :: View next topic |
| Author |
Message |
wilddev
n00b
Joined: 28 May 2003
Posts: 7
|
 Posted: Tue Jan 06, 2004 8:20 am Post subject: Email Server using Postfix, Cyrus-Imapd and SpamAssassin |
 |
|
Email Server using Postfix, Cyrus-Imapd and SpamAssassin
By Wilddev
Version 1.0
This guide was inspired by the excellent guide written by beowulf here. Hopefully it will evolve as I add features and suggestions to it as beowulf's guide has.
I've noticed quite a few posts by people wishing to setup cyrus-imapd instead of alternatives for a mailserver. Cyrus is an excellent choice. It is used and development is sponsored by a large university (Carnegie Mellon) and is designed to be a scalable, secure and most of all fast imap server.
Preparation:
Server;
Make sure /etc/hostname and /etc/dnsdomainname are setup.
Emerging Packages;
| Code: | | USE="ssl pam maildir sasl gdbm berkdb -mysql -ldap -mbox -postgres -kerberos -java -static" emerge cyrus-sasl cyrus-imapd cyrus-imap-admin Mail-SpamAssassin postfix |
Configuration:
Postfix;
Postfix configuration in general has been covered quite well both in the forums and in the user docs so I'll just outline what I have in my setup with little commentary. The main difference here is I'm using spamcheck from the spamassassin package as my mail transport to pass mail from postfix to spamassassin and then on to cyrus-imapd.
Postfix needs a link to the sasl directory;
| Code: | | ln -s /etc/sasl2 /etc/postfix/sasl2 |
Setup the main.cf file;
| Code: | vi /etc/postfix/main.cf
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
mail_owner = postfix
mydestination = $myhostname, localhost.$mydomain
unknown_local_recipient_reject_code = 450
alias_maps = hash:/etc/mail/aliases
alias_database = hash:/etc/mail/aliases
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
manpage_directory = /usr/share/man
sample_directory = /etc/postfix/sample
readme_directory = /usr/share/doc/postfix-2.0.11
mailbox_transport = spamcheck
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions =
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
permit_sasl_authenticated,
permit_mynetworks,
check_relay_domains
reject_unauth_destination,
reject_rbl_client zombie.dnsbl.sorbs.net,
reject_rbl_client relays.ordb.org,
reject_rbl_client opm.blitzed.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client blackholes.easynet.nl,
permit
smtpd_helo_required = yes
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain = $myhostname |
Setup the master.cf file;
| Code: | vi /etc/postfix/master.cf
smtp inet n - n - - smtpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr fifo - - n 300 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/cyrus/bin/deliver -e -m ${extension} ${user}
cyrus unix - n n - - pipe
user=cyrus argv=/usr/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
spamcheck unix - n n - - pipe
flags=R user=cyrus argv=/usr/lib/postfix/spamcheck.py -s ${sender} -r ${user} -l unix:/var/imap/socket/lmtp |
The use of auxprop as a method for sasl2 allows us to utilize directly the sasldb2 database and avoid having to setup users shell accounts. Having said this, for my 2 users I found I needed a ~/.spamassassin directory for spamcheck to function properly. I'd be interested to hear if anyone has been able to get this to work without home directories for users.
Move the smtpd.conf file into place;
| Code: | | mv /etc/sasl2/smtpd-2.0.conf /etc/sasl2/smtpd.conf |
| Code: | vi /etc/sasl2/smtpd.conf
pwcheck_method: auxprop |
Setting up the sasldb2 file is also covered quite well by beowulf. We also need to add a cyrus user so we can admin cyrus-imapd.
Make the sasl2 database file;
| Code: | | rm /etc/sasl2/sasldb2 |
/usr/sbin/saslpasswd2 -c -u FQDN -a smtpauth USERNAME for each user;
| Code: | /usr/sbin/saslpasswd2 -c -u host.wilddev.net -a smtpauth cyrus
Password: |
Check the users are added properly with sasldblistusers2.
I setup my file perms a little differently to beowulf as I need both postfix and cyrus to be able to access the user database.
Protect the file and add cyrus and postfix to the mail and saslauth groups;
| Code: | | chmod 660 /etc/sasl2/sasldb2 |
| Code: | vi /etc/group
mail::12:mail,cyrus,postfix
saslauth:x:441:cyrus,postfix |
| Code: | | chown :saslauth /etc/sasl2/sasldb2 |
Final setup for Postfix;
| Code: | vi /etc/mail/aliases
# Well-known aliases -- these should be filled in!
root: joe |
| Code: | | /etc/init.d/postfix start |
Cyrus-Imapd;
The imapd config file should be mostly setup for you. Notice here we again use auxprop and not the saslauthd method suggested in the default file. This avoids us needing to use the saslauthd daemon to access pam.
Setup the imapd.conf file;
| Code: | vi /etc/imapd.conf
configdirectory: /var/imap
partition-default: /var/spool/imap
sievedir: /var/imap/sieve
tls_cert_file: /etc/cyrusimapd/server.crt
tls_key_file: /etc/cyrusimapd/server.key
admins: cyrus
hashimapspool: yes
allowanonymouslogin: no
sieveusehomedir: no
postmaster: postmaster
servername: host.wilddev.net
sendmail: /usr/sbin/sendmail
sasl_pwcheck_method: auxprop
sasl_mech_list: PLAIN
altnamespace: yes
unixhierarchysep: yes |
For completeness I've added the cyrus.conf file here, but you shouldn't need to change it;
| Code: | vi /etc/cyrus.conf
START {
recover cmd="ctl_cyrusdb -r"
}
SERVICES {
imap cmd="imapd" listen="imap2" prefork=0
pop3 cmd="pop3d" listen="pop-3" prefork=0
imaps cmd="imapd -s" listen="imaps" prefork=0
pop3s cmd="pop3d -s" listen="pop3s" prefork=0
sieve cmd="timsieved" listen="sieve" prefork=0
lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0
}
EVENTS {
checkpoint cmd="ctl_cyrusdb -c" period=30
delprune cmd="ctl_deliver -E 3" period=1440
tlsprune cmd="tls_prune" period=1440
} |
I normally just create a couple of initial folders for each user and let the user setup any others needed with a mail client. The imap server can also automatically create folders and subfolders by the use of sieve scripts (I'll cover this in a later post)
Setup user folders on server;
| Code: | | /etc/init.d/cyrus start |
| Code: | cyradm --user cyrus localhost
cm user/joe@foo.dom
cm user/joe@foo.dom/Spam
sam user/joe@foo.dom/Spam anyone p |
The last entry allows anyone to access the spam folder so the mailserver can dump spam there (Yes, you can give other users access to your mail folders if you wish!).
SpamAssassin;
Setup the local.cf file (automated setup is available here.);
| Code: | | mkdir /var/spool/spamassassin |
| Code: | vi /etc/mail/spamassassin/local.cf
auto_whitelist_path /var/spool/spamassassin/auto-whitelist
report_safe 0
use_terse_report 1
required_hits 4.0
bayes_ignore_header X-Spam-Report
bayes_ignore_header X-Spam-Status |
| Code: | | /etc/init.d/spamd start |
Finally, copy spamd.py and spamcheck.py to the postfix daemon directory;
| Code: | | cp spamd.py /usr/lib/postfix |
| Code: | | cp spamcheck.py /usr/lib/postfix |
NOTE: These 2 files are not installed by default, to get them you need to untar the source tarball and grab them from the contrib directory. At this time it appears that spamd.py was left out of both the 2.60 and 2.61 releases. Grab it from here.
Links;
http://asg.web.cmu.edu/cyrus/imapd/
http://www.linuxjournal.com/article.php?sid=6998 |
|
| Back to top |
|
 |
nbensa
l33t
Joined: 10 Jul 2002
Posts: 799
Location: Buenos Aires, Argentina
|
| Posted: Sat Feb 28, 2004 9:24 am Post subject: |
|
|
Ok, postfix AUTH works with:
| Code: | | saslpasswd2 -c -u FQDN -a smtpauth user |
But I can't get cyrus-imapd to recognize my users! This started after upgrade to cyrus-sasl-2.1.17
| Code: | Feb 28 06:24:28 [imapd] no secret in database
Feb 28 06:24:28 [imapd] badlogin: venkman.bensa.ar[192.168.1.125] DIGEST-MD5 [SASL(-13): user not found: no secret in database] |
Please, help! |
|
| Back to top |
|
|
wilddev
n00b
Joined: 28 May 2003
Posts: 7
|
| Posted: Sat Feb 28, 2004 8:59 pm Post subject: |
|
|
| Well you don't really give me enough information to see where the problem is, but I suspect that it's a mismatch between your auth schemes. You need to post at least your imapd.conf and main.cf. |
|
| Back to top |
|
|
nbensa
l33t
Joined: 10 Jul 2002
Posts: 799
Location: Buenos Aires, Argentina
|
| Posted: Sat Feb 28, 2004 9:46 pm Post subject: |
|
|
Oops! Sorry, it was late when I posted that (too sleepy.) Here goes imapd.conf (no need for main.cf I guess, postfix SMTP AUTH works.)
| Code: | $ sudo cat /etc/imapd.conf
Password:
# $Header: /home/cvsroot/gentoo-x86/net-mail/cyrus-imapd/files/imapd_2.conf,v 1.1 2002/10/11 14:51:49 raker Exp $
#
# Don't forget to use chattr +S (if you are using ext[23])
# when you change these directories (read the docs).
#servername: imap.bensa.ar
configdirectory: /var/imap
partition-default: /var/spool/imap
sievedir: /var/imap/sieve
tls_cert_file: /etc/cyrusimapd/server.crt
tls_key_file: /etc/cyrusimapd/server.key
# Don't use an everyday user as admin.
admins: cyrus
hashimapspool: yes
allowanonymouslogin: no
allowplaintext: yes
# Use this if sieve-scripts could be in ~user/.sieve.
sieveusehomedir: no
# Use saslauthd if you want to use pam for imap.
# But be warned: login with DIGEST-MD5 or CRAM-MD5
# is not possible using pam.
sasl_pwcheck_method: auxprop
sendmail: /usr/sbin/sendmail
#duplicatesuppression: no
|
|
|
| Back to top |
|
|
nbensa
l33t
Joined: 10 Jul 2002
Posts: 799
Location: Buenos Aires, Argentina
|
| Posted: Sat Feb 28, 2004 10:37 pm Post subject: |
|
|
bah... Now it's working.
| Code: | | # saslpasswd2 -c -u "" user |
It seems that, for imapd, realm/DOM needs to be an empty string  |
|
| Back to top |
|
|
dj_goku
Tux's lil' helper
Joined: 29 Mar 2003
Posts: 78
Location: Earth
|
| Posted: Mon Mar 08, 2004 4:23 pm Post subject: |
|
|
| Code: | cyradm --user cyrus localhost
cm user/joe@foo.dom
cm user/joe@foo.dom/Spam
sam user/joe@foo.dom/Spam anyone p |
I can get to this point just fine but I'm not sure what to put for joe@foo.dom, do I put the email that is going to be create?
_________________
dj_goku | www.tektronic.org |
|
| Back to top |
|
|
doener
n00b
Joined: 18 Apr 2003
Posts: 23
Location: Berlin, Germany
|
| Posted: Thu Apr 15, 2004 8:26 pm Post subject: postfix/cleanup: fatal: opne database problem |
|
|
There are some many posts about postfix, I couldn't find a better one and didn't want to start a new thread for nothing, just want to share the solution for a problem that cost me a lot of time.
A year ago I had emerged postfix on my machine, but hadn't configured it, since I haven't need a MTA on that machine up until now. It was version 2.0.11, emerged most probably without any further options. Thinking a upgrade would not be necessary I got it running, except for a problem with the canonical_maps DB (/etc/postfix/canonical.db), causing the cleanup agent to exit, and therefore not rewriting properly.
The even until now sympton was a the syslog entry
| Code: |
postfix/cleanup[14363]: fatal : open database /etc/postfic/canonical.db: No such file or directory
|
This was very strange because after triple checking the file existed, was created by the postmap utility and was readable. I even chmodded and chowned down to security level akin to other less secure OSs, but to no avail.
The solution (for me at least): just upgrade, and use the USE flags as posted above. Now I'm running 2.0.19 without this crazy problem.
Hope this helps somebody somewhere.
_________________
....dosen, flaschen und herrenhandtaschen.... |
|
| Back to top |
|
|
DAWG98
n00b
Joined: 16 May 2004
Posts: 34
|
| Posted: Mon May 31, 2004 8:05 pm Post subject: postfix cyrus interaction - help me |
|
|
Thanks for the great guide. I was very helpful in getting me going. Postfix/SASL/Cyrus are running fine now. I can create mailboxes using cyradm. I can see the imap mailboxes using netscape.
However, when I send a testmessage from an outside pop account to my email it never arrives. Fetchmail does get the email and I can see it using mailq. But it does not seem to reach its destination.
I am surmising you point postfix to deliver the email using the /etc/mail/aliases files. I read the man page but it was not very helpful.
Accordingly my questions are as follows:
1. How exactly does postfix deliver messages to the appropriate user (waht mechanism is used and where can it be modified?)
2. What would be the appropriate code in aliases to direct postfix to deliver the mail (if that's what it does)
I tried:
user: /var/spool/imap/pathtouser
and
user: user@domain.com
Using the the first aliases config gives me an error in mail.log as postifx complains that it cannot append to the folder 'Inbox'.
The sencond seems to work fine, but the mail lands in never never land...
Thanks in advance. |
|
| Back to top |
|
|
jkcunningham
l33t
Joined: 28 Apr 2003
Posts: 649
Location: 47.49N 121.79W
|
| Posted: Wed Jun 02, 2004 3:06 am Post subject: |
|
|
| Usually the failure to "append" to a folder means it is trying to write to an mbox file format rather than maildir. |
|
| Back to top |
|
|
DAWG98
n00b
Joined: 16 May 2004
Posts: 34
|
| Posted: Wed Jun 02, 2004 3:37 am Post subject: |
|
|
Thanks JK...I was actually able to fix my issues today. I had several issues with my config.
1. I cut and pasted my /etc/postifx/master.cf from this thread into a file. Total n00b mistake. Whitespaces galore, lines messed. Anyway, to all n00b --> don't do that.
2. I added the local_recipient_maps = (leave blank) to my postfix main.cf. The default is 'on' and I think it served to reject my emails. Secondly, and more importantly, I added all my maildomains (I own three domains, that maintain a number of pop3 accounts) to the mydestination variable. Now it reads : mydestination = $myhostname, localhost.$mydomain, domain1.com, domain2.com, domain3.net.
Previously postfix rejected my mails (error 553) since the recepient (RCPT) did not match my localhost.$mydomain variable. (duh).
3. Finally, through some bonehead mistake I wiped out my /etc/passwd and /etc/group files a while back. When I re-created them I failed to give access to all users to these files. chmod a+r /etc/passwd fixed that. The problem was that postfix/cyrus tried to spawn processes as the cyrus user, but could not access the passwd file.
Anyway, it's all working now. I pull down my email from the various domains using fetchmail, which relays to postfix, which delivers to cyrus-imapd, which I can access using netscape mail ;)
Thanks again. |
|
| Back to top |
|
|
ajtidball
n00b
Joined: 30 May 2004
Posts: 7
|
| Posted: Wed Jun 02, 2004 7:19 pm Post subject: |
|
|
| Code: | mail / # cyradm --user cyrus localhost
Broken pipe
|
Can anyone help me with the broken pipe problem? |
|
| Back to top |
|
|
DAWG98
n00b
Joined: 16 May 2004
Posts: 34
|
| Posted: Wed Jun 02, 2004 7:39 pm Post subject: |
|
|
| post the contents of your master.cf and main.cf in the /etc/postfix directory. |
|
| Back to top |
|
|
ajtidball
n00b
Joined: 30 May 2004
Posts: 7
|
| Posted: Wed Jun 02, 2004 8:12 pm Post subject: |
|
|
| DAWG98 wrote: | | post the contents of your master.cf and main.cf in the /etc/postfix directory. |
| Code: |
/etc/postfix/main.cf
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
mail_owner = postfix
mydestination = $myhostname, localhost.$mydomain
unknown_local_recipient_reject_code = 450
alias_maps = hash:/etc/mail/aliases
alias_database = hash:/etc/mail/aliases
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.0.19-r3/sample
readme_directory = /usr/share/doc/postfix-2.0.19-r3/readme
default_destination_concurrency_limit = 2
alias_database = hash:/etc/mail/aliases
local_destination_concurrency_limit = 2
alias_maps = hash:/etc/mail/aliases
home_mailbox = .maildir/
mailbox_transport = spamcheck
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions =
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
permit_sasl_authenticated,
permit_mynetworks,
check_relay_domains
reject_unauth_destination,
reject_rbl_client zombie.dnsbl.sorbs.net,
reject_rbl_client relays.ordb.org,
reject_rbl_client opm.blitzed.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client blackholes.easynet.nl,
permit
smtpd_helo_required = yes
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain = $myhostname
|
| Code: |
/etc/postfix/master.cf
smtp inet n - n - - smtpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr fifo - - n 300 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/cyrus/bin/deliver -e -m ${extension} ${user}
cyrus unix - n n - - pipe
user=cyrus argv=/usr/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}uucp unix - n n
- - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)ifmail unix - n n
- - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
spamcheck unix - n n - - pipe
flags=R user=cyrus argv=/usr/lib/postfix/spamcheck.py -s ${sender} -r ${user} -l unix:/var/imap/socket/lmtp
|
|
|
| Back to top |
|
|
DAWG98
n00b
Joined: 16 May 2004
Posts: 34
|
| Posted: Wed Jun 02, 2004 8:26 pm Post subject: |
|
|
you copied the master.cf from this thread, didn't you. Well, read my post above, that's a no no ;)
uucp and ifmail are in new lines like this:
| Code: |
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail....
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
|
Don't copy the above, just edit your file to match that (note there is stuff missing in my stuff above to make it fit.)
replace mail_transport = spamcheck with mail_transport = cyrus
(you can worry about spamcheck later)
What do you get when you enter
| Code: |
imtest -m login -p imap2 localhost
|
Also, post your imapd.conf
Change allowplaintext: yes
and try logging into cyradm as such:
cyradm --user cyrus --auth plain localhost
Last edited by DAWG98 on Wed Jun 09, 2004 8:37 am; edited 1 time in total |
|
| Back to top |
|
|
ajtidball
n00b
Joined: 30 May 2004
Posts: 7
|
| Posted: Wed Jun 02, 2004 8:50 pm Post subject: |
|
|
/etc/imap.conf
| Code: |
configdirectory: /var/imap
partition-default: /var/spool/imap
sievedir: /var/imap/sieve
tls_cert_file: /etc/cyrusimapd/server.crt
tls_key_file: /etc/cyrusimapd/server.key
admins: cyrus
hashimapspool: yes
allowanonymouslogin: no
allowplaintext: yes
sieveusehomedir: no
postmaster: postmaster
servername: test.ajtidball.com
sendmail: /usr/sbin/sendmail
sasl_pwcheck_method: auxprop
sasl_mech_list: PLAIN
altnamespace: yes
unixhierarchysep: yes
|
Ok, I fixed the master.cf file, and things are looking better.
I changed main.cf
| Code: |
mail_transport = cyrus
allowplaintext: yes
|
| Code: |
imtest -m login -p imap2 localhost
|
That gives me : | Quote: | S: * OK test.ajtidball.com Cyrus IMAP4 v2.1.15 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS LISTEXT LIST-SUBSCRIBED X-NETSCAPE
S: C01 OK Completed
Please enter your password:
C: L01 LOGIN root {6}
S: + go ahead
C: <omitted>
S: L01 OK User logged in
Authenticated.
Security strength factor: 0
|
| Code: |
cyradm --user cyrus --auth plain localhost
|
That gives me :
| Quote: |
Password:
IMAP Password:
localhost>
|
Thanks for your help!
Now how do I create the .maildir(s) ???
Last edited by ajtidball on Wed Jun 02, 2004 9:30 pm; edited 2 times in total |
|
| Back to top |
|
|
DAWG98
n00b
Joined: 16 May 2004
Posts: 34
|
| Posted: Wed Jun 02, 2004 8:57 pm Post subject: |
|
|
Well first, you may want to consider fixing your sasl stuff unless you are happy with 'plain' authentication.
maildirs are used for procmail....you don't need that.
If you specify cyrus as your mail_transport in the main.cf postfix should forward/relay your messages to cyrus. Provided that you created the necessary mailboxes with cyradm and your /etc/mail/aliases is configured appropriately, you should be able to connect to the imap server using any mail client. |
|
| Back to top |
|
|
DAWG98
n00b
Joined: 16 May 2004
Posts: 34
|
| Posted: Wed Jun 02, 2004 11:49 pm Post subject: |
|
|
atjidball,
Insert/replace the following in your imapd.conf, this may fix the sasl authorization.
sasl_pwcheck_method: saslauthd
pwcheck_method: saslauthd
sasl_mech_list: PLAIN
altnamespace: yes
unixhierarchysep: yes
and comment out the allowplaintext line |
|
| Back to top |
|
|
lorano
n00b
Joined: 27 Sep 2003
Posts: 66
|
| Posted: Thu Jun 03, 2004 7:05 am Post subject: |
|
|
I can get all the way to the part below. And then I get the error below.
| Quote: |
cyradm --user cyrus localhost
Password:
localhost> cm user/user@server.org
createmailbox: Invalid mailbox name
|
Any ideas? |
|
| Back to top |
|
|
DAWG98
n00b
Joined: 16 May 2004
Posts: 34
|
| Posted: Thu Jun 03, 2004 8:36 pm Post subject: |
|
|
just use:
Then make sure that your /etc/mail/alias reflects:
| Code: |
username: user@server.org
|
That worked for me.
Alternatively, your cyradm is messed up? To test run:
| Code: |
imtest -m login -p imap2 localhost
|
|
|
| Back to top |
|
|
DooMi
Tux's lil' helper
Joined: 03 May 2004
Posts: 103
Location: /dev/null
|
| Posted: Fri Jun 04, 2004 6:31 pm Post subject: problem... |
|
|
hi,
i followed your howto step by step and all worked nice.
but when i try to authenticate on my home server with evolution using a imap accout my password is getting rejected. but its 100% correct.
| Code: | un 4 20:15:07 apex imapd[19552]: accepted connection
Jun 4 20:15:08 apex imapd[19552]: TLS engine: cannot load CA data
Jun 4 20:15:08 apex imapd[19552]: TLS engine: No CA file specified. Client side certs may not work
Jun 4 20:15:08 apex imapd[19552]: mystore: starting txn 2147483654
Jun 4 20:15:08 apex imapd[19552]: mystore: committing txn 2147483654
Jun 4 20:15:08 apex imapd[19552]: starttls: TLSv1 with cipher RC4-MD5 (128/128 bits new) no authentication
Jun 4 20:15:13 apex imapd[19552]: cannot connect to saslauthd server: No such file or directory
Jun 4 20:15:13 apex imapd[19552]: badlogin: xxx.dip.t-dialin.net[xxx.xxx.14.16] plaintext mc SASL(-1): generic failure: checkpass failed
Jun 4 20:16:20 apex master[19360]: process 19552 exited, status 0 |
i've searched in this forums a lot but havent found anything in this way.
any help? 
greets, doomi |
|
| Back to top |
|
|
ervandew
n00b
Joined: 27 Feb 2004
Posts: 24
|
| Posted: Mon Jul 12, 2004 10:52 pm Post subject: |
|
|
DooMi:
check that saslauthd is started
| Code: | | /etc/init.d/saslauthd |
One thing that i came across while getting all this install, is that imap worked perfectly but pop3 access wouldn't get past pam authentication.
to fix this i made sure that a "pop" file exists in /etc/pam.d
in my case i think i still had the pop3 file hanging around from my previous courier install, so i just used that. But you should be able to just create a symlink to your /etc/pam.d/imap
| Code: | | ln -s /etc/pam.d/imap /etc/pam.d/pop |
|
|
| Back to top |
|
|
|
Documentation, Tips & Tricks
