djechelon wrote:
> Outlook 2007 says the server replied “Mailbox does not exist”
>
> /var/log/messages says:
>
>
> Jun 2 15:32:50 marcus imap[25864]: badlogin: [151.53.234.154]
> DIGEST-MD5 [SASL(-13): authentication failure: realm changed:
> authentication aborted]
This seems to indicate an error with login (using digest-md5). Mmmm, let’s
leave “strong/secure auth” for later
> Jun 2 15:32:53 marcus imap[25864]: login: [151.53.234.154] cyrus
> plaintext User logged in
And here cyrus user logins correctly with plaintext. O.k.
> The following is a transcript from Wireshark (I would have preferred to
> attach it to the message but it looks like file attachments are disabled
> on these forums)
I’ll truncate the log to leave interesting data
> qtfp APPEND “INBOX” (\Seen) " 1-Jun-2009 17:47:33 +0200" {1760}
> qtfp NO [TRYCREATE] Mailbox does not exist
Mmm. There is a problem here. “Seen” is a hidden file Cyrus uses to track
messages already read by the user… and it seems can’t find that file.
> I currently must use Windows with Outlook, IExplore and Xmanager to
> work because my laptop’s openSUSE installation is victim of the KDE’s
> ‘e’ bug that “prvnts m to typ corrctly”
X-)
O.k. no problem. Many of my clients are still using Outlook 2000 MUAs, too.
In fact, my Cyruses here serve “a mix” of clients: windows mobile, kmail,
thunderbird, outlook 2000 and outlook 2007.
JFYI, the “e” bug can be solved by following these steps:
http://lists.opensuse.org/opensuse/2009-05/msg01022.html
> I think that some mess could be here:
>
> Code:
> --------------------
> marcus:/home/djechelon # cyradm --user cyrus localhost
> Password:
> localhost.localdomain> lm
> Posta indesiderata (\HasNoChildren)
> info.zighi (\HasNoChildren)
> localdomain!user/cyrus (\HasNoChildren)
>
> --------------------
First… with that setup I am not sure you are using a “multihost”
environment. Look how I have to login with cyradm:
cyradm --auth login domain.com --user cyrus@domain.com
I have to specify the domain name (“domain.com”) and the full user name
(“cyrus@domain.com”). Without that, Cyrus couldn’t differentiate which
users belong to which domain (i.e., you may have the same user in different
domains).
Take a look here to get the big picture
Configuring Virtual Domains
http://cyrusimap.web.cmu.edu/imapd/install-virtdomains.html
Second… all users listed in “cyradm” should start with “user\username” if
you have configured Cyrus to allow “dots” in username
(such “surname.name@domain.com”). So I think you should have to recreate
the users. How did you create them? :-?
> The “Posta indesiderata” (junk mail) folder has probably been created
> by Outlook. When I go into Webmin Cyrus administration, I can see that
> the junkmail folder has read/write privileges enabled for user “anyone”.
> For the “info.zighi” mailbox, which I created thinking it would be used
> as info@zighinetto.info mailbox (but it looks like a folder to me) I
> can’t set ACLs for cyrus user because anytime I set ACLs they disappear.
> So that mailbox/directory/whatever has no ACL.
Mmmm…
> Here follows my imapd.conf
I leave the interesting lines… Take into account that I am using openSUSE
10.3 (and sasldb) and some notes I make can be just right in your setup if
you are on a newer openSUSE release (i.e., 11.1).
> allowplaintext: yes
I do not have this one enabled
> yvirtdomains: 1
It seems there is a typo here :-?
> sasl_passwd_ceheck: saslauthd
That’s o.k. for using pam and /etc/shadow passwords. A typo here, also
> sasl_pwcheck_method: auxprop
I am not sure about this one. Shoudn’t be “sasluthd”, like the above?
> partition-djechelon: /home/djechelon/imap
What is this for? Just curiosity… O:-)
> defaultdomain: zighinetto.org
By setting this, all users you are creating will be for this domain
> pwcheck_method: saslauthd
Mmmm, not sure about this one. Better read the “man imapd.conf” to be sure
is O.K.
> About postfix, yesterday I simply deadlocked my server because
> running it with together with Apache and MySQL drains all the RAM haha.
> Waiting for the upgrade, then
Oh my… O:-)
> By the way, could somebody explain me why Cyrus refused Outlook’s MD5
> authentication and forces it to go plaintext? As you can see in
> Wireshark’s log the MD5 gets always rejected. I commented sasl_mech_list
> because I read that it limits the possible authentication mechanisms. Is
> that correct?
Well, I think you have the answer here:
Why do CRAM-MD5 and DIGEST-MD5 not work with CyrusSaslauthd?
http://cyrusimap.web.cmu.edu/twiki/bin/view/Cyrus/SaslauthdAndSharedSecretMechs
It’s a bit outdated, though…
Greetings,
–
Camaleón