LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-10-2008, 04:08 AM   #16
i_nomad
Member
 
Registered: Mar 2008
Distribution: RedHatES4
Posts: 144

Original Poster
Rep: Reputation: 15

Many thanks for your reply.

First note for lame users like me to use the cyadm command you need to install the cyrus-utils package.

1)I created a mailbox using cm ie. cm user.firstuser

2)checked mailbox exists

# cyradm -u cyrus localhost
IMAP Password:
localhost> lm
user.inomad (\HasNoChildren) user.firstuser (\HasNoChildren)


3)Tested login to firstuser but I get authentication failure

localhost> imtest -a firstuser -m login -p imap -v localhost

S: * OK mail.XX.com Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-8.1.RHEL4 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE U IDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDE REDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE STARTTLS LISTEXT LIST-SUBSCRIBED X-NETSCAPE
S: C01 OK Completed
Please enter your password:
C: L01 LOGIN firstuser {8}
S: + go ahead
C: <omitted>
S: L01 NO Login failed: authentication failure
Authentication failed. generic failure
Security strength factor: 0

Any ideas on the authentication failure?

Last edited by i_nomad; 04-10-2008 at 04:09 AM.
 
Old 04-10-2008, 04:12 AM   #17
datopdog
Member
 
Registered: Feb 2008
Location: JHB South Africa
Distribution: Centos, Kubuntu, Cross LFS, OpenSolaris
Posts: 806

Rep: Reputation: 41
what is being logged in /var/log/secure ?
 
Old 04-10-2008, 04:16 AM   #18
i_nomad
Member
 
Registered: Mar 2008
Distribution: RedHatES4
Posts: 144

Original Poster
Rep: Reputation: 15
Apr 10 09:14:14 mail userhelper[4977]: pam_timestamp: updated timestamp file `/var/run/sudo/root/unknown'
Apr 10 09:14:14 mail userhelper[4978]: running '/usr/sbin/up2date cyrus-sasl-plain' with root privileges on behalf of 'root'
Apr 10 10:07:28 mail userhelper[6126]: pam_timestamp: updated timestamp file `/var/run/sudo/root/unknown'
 
Old 04-10-2008, 04:18 AM   #19
datopdog
Member
 
Registered: Feb 2008
Location: JHB South Africa
Distribution: Centos, Kubuntu, Cross LFS, OpenSolaris
Posts: 806

Rep: Reputation: 41
Please post your imapd.conf file.
 
Old 04-10-2008, 04:26 AM   #20
i_nomad
Member
 
Registered: Mar 2008
Distribution: RedHatES4
Posts: 144

Original Poster
Rep: Reputation: 15
imapd.conf:

configdirectory: /var/lib/imap
partition-default: /var/spool/imap
admins: cyrus
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail
hashimapspool: true
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN
tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt

smtpd.conf:

/usr/lib/sasl2/smtpd.conf
pwcheck_method: saslauthd

/usr/lib/sasl/smtpd.conf
pwcheck_method: saslauthd
saslauthd_version: 2

postfix/main.cf
mydomain = XX.com
myorigin = $mydomain
inet_interfaces = all
myhostname = mail.xxxx.com
mynetworks = 10.x.x.x/16

# TLS - SMTP AUTH
#disable_vrfy_command = yes
#smtpd_use_tls = yes
#smtpd_tls_auth_only = yes
#tls_random_source = dev:/dev/urandom
#smtpd_tls_cert_file = /etc/postfix/cert.pem
#smtpd_tls_key_file = /etc/postfix/key.pem
#smtpd_sasl_auth_enable = yes
#smtpd_sasl_security_options = noanonymous
#broken_sasl_auth_clients = yes

# Add some security
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks
smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination
fallback_transport = lmtp:unix:/var/lib/imap/socket/lmtp
mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp

Last edited by i_nomad; 04-10-2008 at 04:36 AM.
 
Old 04-10-2008, 04:33 AM   #21
datopdog
Member
 
Registered: Feb 2008
Location: JHB South Africa
Distribution: Centos, Kubuntu, Cross LFS, OpenSolaris
Posts: 806

Rep: Reputation: 41
Actually cyrus will not use the smtpd.conf file at all
you need this in /etc/sysconfig/saslauthd

Code:
SOCKETDIR=/var/run/saslauthd

# Mechanism to use when checking passwords.  Run "saslauthd -v" to get a list
# of which mechanism your installation was compiled to use.
MECH=pam

# Additional flags to pass to saslauthd on the command line.  See saslauthd(8)
# for the list of accepted flags.
FLAGS="-r -n 0 -c"
The restart saslauthd. The meaning of this is that you will be using actual users on the server that means you have to create these users give them passwords and validate that you can login as them.
 
Old 04-10-2008, 04:34 AM   #22
datopdog
Member
 
Registered: Feb 2008
Location: JHB South Africa
Distribution: Centos, Kubuntu, Cross LFS, OpenSolaris
Posts: 806

Rep: Reputation: 41
You possibly also need this in imapd.conf
Code:
allowplainwithouttls: 0
 
Old 04-10-2008, 04:47 AM   #23
i_nomad
Member
 
Registered: Mar 2008
Distribution: RedHatES4
Posts: 144

Original Poster
Rep: Reputation: 15
I changed the MECH from shadow to pam and made the other changes. I still get the same error.
Does the postfix main.cf come into play when authentication tries to take place with the cyrus-imap server? This is the only file I can see that may be impacting on authentication??

Thanks for your time on this.

Regards
 
Old 04-10-2008, 04:54 AM   #24
datopdog
Member
 
Registered: Feb 2008
Location: JHB South Africa
Distribution: Centos, Kubuntu, Cross LFS, OpenSolaris
Posts: 806

Rep: Reputation: 41
1. Can you login in to the system using those credentials ?
2. Test sasl authentication using testsaslauthd
3. Look at your logs to get hints on what is wrong

And smtp authentication and authenticating to cyrus-imapd are two different things
 
Old 04-10-2008, 05:36 AM   #25
i_nomad
Member
 
Registered: Mar 2008
Distribution: RedHatES4
Posts: 144

Original Poster
Rep: Reputation: 15
OK..when I was using webmin I was creating a cyrus mail account and a corresponding user system account.
When you posted on using the cm command I did not create a corresponding user system account..
I decided to create an acocunt and it authenticates

[root@mail ~]# imtest -a new2 -m login -p imap -v localhost
S: * OK mail.XXX.com Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-8.1.RHEL4 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE STARTTLS LISTEXT LIST-SUBSCRIBED X-NETSCAPE
S: C01 OK Completed
Please enter your password:
C: L01 LOGIN new2 {7}
S: + go ahead
C: <omitted>
S: L01 OK User logged in
Authenticated.
Security strength factor: 0

I took out the entries you posted and it still works....so the question is "do I have to create a user account as well as the cyrus mailbox account"
 
Old 04-10-2008, 05:43 AM   #26
datopdog
Member
 
Registered: Feb 2008
Location: JHB South Africa
Distribution: Centos, Kubuntu, Cross LFS, OpenSolaris
Posts: 806

Rep: Reputation: 41
Okay here is how this works, cyrus can authenticate using several mechanisms the mechanism you have chosen requires that you have a system user.

As for creating the mailbox cyrus does not like other imap servers automatically created mailboxes that is why you need to do that unless you are using the invoca rpm and you have specified the autocreate and autosubscribe options.

From what you have so far you will still have issues because all you have done is just cm user.username but NOTE that you need to also create the actual mailboxes
ie cm user.username.INBOX etc.

But since you are using the invoca rpm let the autocreate patch do that for you

For that to happen you need to specify the mailboxes that will be created and subscribed to, if you actually took time to read the links i posted you would have noticed that.
 
Old 04-10-2008, 05:47 AM   #27
i_nomad
Member
 
Registered: Mar 2008
Distribution: RedHatES4
Posts: 144

Original Poster
Rep: Reputation: 15
Many thanks I will try to understand the docs on the links posted.

If I get really stuck I will post.

Regards
 
Old 04-15-2008, 03:44 AM   #28
i_nomad
Member
 
Registered: Mar 2008
Distribution: RedHatES4
Posts: 144

Original Poster
Rep: Reputation: 15
Basically I am stuck and getting a bit frustrated with something quite simple.

I have set up postfix and cyrus. At the moment I want to make sure postfix is working on sending mail.
If I telnet mail sends and check the messages in /var/spool/mail/ I can not see the mail everytime, however some of the mails are seen. I dont know why this is...
Likewise if I use a mail client I do not see mail in the /var/spool/mail each time a mail is sent.
And most times there is no proof of mail being sent. I dont know why this is...

All I have is a local server with postfix and cyrus, local ip, local hosts file..thats it and I cant see why this is so complicated..

telnet into mail server, sending mail, output is:

Apr 15 08:48:42 mail postfix/smtpd[12293]: connect from mail[10.17.0.15]
Apr 15 08:49:14 mail postfix/smtpd[12293]: 5AEEB1AB6C8: client=mail[10.17.0.15]
Apr 15 08:49:28 mail postfix/cleanup[12295]: 5AEEB1AB6C8: message-id=<20080415074914.5AEEB1AB6C8@mail.test.com>
Apr 15 08:49:28 mail postfix/qmgr[5352]: 5AEEB1AB6C8: from=<m@test.com>, size=336, nrcpt=1 (queue active)
Apr 15 08:49:28 mail postfix/local[12296]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Apr 15 08:49:28 mail postfix/lmtp[12297]: 5AEEB1AB6C8: to=<a@test.com>, relay=none, delay=25, status=deferred (connect to /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp]: Permission denied)
Apr 15 08:49:29 mail postfix/smtpd[12293]: disconnect from mail[10.17.0.151]



Connected via a mail client and sending mail, output is:

Apr 15 08:51:03 mail imap[5379]: accepted connection
Apr 15 08:51:03 mail imap[5479]: accepted connection
Apr 15 08:51:03 mail imap[5379]: login: mail [10.17.0.15] a plaintext User logged in
Apr 15 08:51:03 mail imap[5479]: login: mail [10.17.0.15] m plaintext User logged in
Apr 15 08:51:04 mail imap[5379]: seen_db: user a opened /var/lib/imap/user/a/a.seen
Apr 15 08:51:04 mail imap[5479]: seen_db: user m opened /var/lib/imap/user/m/m.seen
Apr 15 08:51:04 mail imap[5479]: open: user m opened INBOX
Apr 15 08:51:04 mail imap[5479]: open: user m opened INBOX
Apr 15 08:51:17 mail postfix/smtpd[12357]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Apr 15 08:51:17 mail postfix/smtpd[12357]: connect from mail[10.17.0.15]
Apr 15 08:51:17 mail postfix/smtpd[12357]: 3CFFB1AB79D: client=mail[10.17.0.15]
Apr 15 08:51:17 mail postfix/cleanup[12359]: 3CFFB1AB79D: message-id=<1208245877.12328.0.camel@mail>
Apr 15 08:51:17 mail postfix/qmgr[5352]: 3CFFB1AB79D: from=<m@test.com>, size=445, nrcpt=1 (queue active)
Apr 15 08:51:17 mail postfix/smtpd[12357]: disconnect from mail[10.17.0.151]
Apr 15 08:51:17 mail postfix/local[12360]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Apr 15 08:51:17 mail postfix/lmtp[12361]: 3CFFB1AB79D: to=<a@test.com>, relay=none, delay=0, status=deferred (connect to /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp]: Permission denied)
Apr 15 08:51:19 mail imap[5479]: open: user m opened INBOX

I see no trace of the message in the /var/spool/mail/a

What can I do to get things working!!?


main.cf

fallback_transport = lmtp:unix:/var/lib/imap/socket/lmtp
mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
myorigin = $mydomain
mydomain = test.com
myhostname = mail.test.com
mydestination = $mydomain, $myhostname, localhost, test.com
mynetworks = 127.0.0.0/8 10.17.0.0/16
smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination
 
Old 04-15-2008, 03:58 AM   #29
datopdog
Member
 
Registered: Feb 2008
Location: JHB South Africa
Distribution: Centos, Kubuntu, Cross LFS, OpenSolaris
Posts: 806

Rep: Reputation: 41
Okay before you pull out your hair, cyrus stores mail under /var/spool/imap in and indexed system so user andrew will be under /var/spool/imap/a/andrew Not under /var/spool/mail or /var/mail

Now to your actual error you can see for your self that postfix cannot write to the lmtp socket that is used to deliver mail to cyrus. You need to fix this before mail will get to your users.

You can set the socket permissions in /etc/cyrus.conf

Hope that helps.
 
Old 04-15-2008, 04:12 AM   #30
i_nomad
Member
 
Registered: Mar 2008
Distribution: RedHatES4
Posts: 144

Original Poster
Rep: Reputation: 15
I only see: cyrus.cache cyrus.header cyrus.index Sent Trash
I see no inbox to trace if messages have arrived.


Is there a problem with the cyrus.conf:

# standard standalone server implementation

START {
# do not delete this entry!
recover cmd="ctl_cyrusdb -r"

# this is only necessary if using idled for IMAP IDLE
# idled cmd="idled"
}

# UNIX sockets start with a slash and are put into /var/lib/imap/sockets
SERVICES {
# add or remove based on preferences
imap cmd="imapd" listen="imap" prefork=5
imaps cmd="imapd -s" listen="imaps" prefork=1
pop3 cmd="pop3d" listen="pop3" prefork=3
pop3s cmd="pop3d -s" listen="pop3s" prefork=1
sieve cmd="timsieved" listen="sieve" prefork=0

# these are only necessary if receiving/exporting usenet via NNTP
# nntp cmd="nntpd" listen="nntp" prefork=3
# nntps cmd="nntpd -s" listen="nntps" prefork=1

# at least one LMTP is required for delivery
# lmtp cmd="lmtpd" listen="lmtp" prefork=0
lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1

# this is only necessary if using notifications
# notify cmd="notifyd" listen="/var/lib/imap/socket/notify" proto="udp" prefork=1
}

EVENTS {
# this is required
checkpoint cmd="ctl_cyrusdb -c" period=30

# this is only necessary if using duplicate delivery suppression,
# Sieve or NNTP
delprune cmd="cyr_expire -E 3" at=0400

Last edited by i_nomad; 04-15-2008 at 04:38 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Webmin problem Acoole Linux - Server 3 06-04-2007 05:14 PM
Webmin Problem Peter_APIIT Linux - Software 3 04-04-2007 07:36 AM
webmin troubles - Failed to write to /etc/webmin/module.infos.cache : No space left o coal-fire-ice Linux - Software 1 07-28-2005 10:08 AM
Webmin Problem andshrew Linux - Newbie 1 09-06-2004 12:48 AM
Webmin Problem ?? Morpheus Linux - Software 2 05-24-2003 05:27 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:02 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration