Authentication problem in sieve in FC3

Alexander Dalloz ad+lists at uni-x.org
Mon Jan 17 16:16:09 UTC 2005


Am Mo, den 17.01.2005 schrieb Uno Engborg um 5:10:

> I'm trying to get sieve working on FC3. 
> 
> + imapd works fine.
> 
> + I can log in with sieveshell to add remove, list,... filters.

So authentication should be set up properly.

> -  But whenever a mail arrives that should trigger a filter I get an 
> authentication error from sieve  in /var/log/messages and the mail
> ends up in the inbox.

That can't be the case as no authentication appear when Cyrus-IMAPd
handles the mailbox delivery and calls Sieve to process the message.

> The log message looks like this:
> Jan 16 16:23:49 aslan imap(pam_unix)[28296]: authentication failure; 
> logname=root uid=0 euid=0 tty= ruser= rhost=  user=uno
> 
> The process mentioned 28296 is saslauthd

That log entry must match to a different occasion.

>  From reading the init.d scripts the saslauthd seam to get started like 
> this:
> saslauthd -a pam  /var/run/saslauthd

/usr/sbin/saslauthd -m /var/run/saslauthd -a pam

This means PAM as MECH is used and the mux socket is used from
/var/run/saslauthd directory.

> saslauthd seam to work for other services, and among them cyrus imapd. 
> If I connect with an impa client  the output from
> saslauthd -a pam  /var/run/saslauthd -d :
> 
> saslauthd[28295] :do_auth         : auth success: [user=uno] 
> [service=sieve] [realm=] [mech=pam]
> saslauthd[28295] :do_request      : response: OK

Yes, that looks like a successful saslauthd call.

> However, when sieve is triggered by the reception of a mail to be 
> filtered, I get no output what so ever from saslauthd when running in 
> debug mode. Just the message in /var/log/messages mentioned above.

There is no saslauthd call to be expected as no authentication is needed
for Sieve processing by Cyrus-IMAPd.

> By the way pam is backed by ldap over TLS, and that seam to work. I  can 
> log in, I can change passwords.

A fair detail about your setup.

> The user root, and cyrus exists , and they even have mailboxes.

> Any suggestions how to debug this or  what could be wrong?

Please use a new test mailbox with Cyrus-IMAPd where you have no Sieve
filter script. Send a mail to this account and post the maillog and
messages entries you get by that processing. An example from my older
log:

Oct  3 19:36:45 noc master[25468]: about to exec
/usr/local/cyrus/bin/lmtpd
Oct  3 19:36:45 noc lmtpunix[25468]: executed
Oct  3 19:36:45 noc lmtpunix[25468]: accepted connection
Oct  3 19:36:45 noc lmtpunix[25468]: lmtp connection preauth'd as
postman
Oct  3 19:36:45 noc lmtpunix[25468]: IOERROR: fstating sieve script
/var/imap/sieve/a/adalloz/defaultbc: No such file or directory

Then create a simple Sieve filter file for this test user and send a
mail again. Let us then compare the log entries.

> Uno Engborg

Alexander


-- 
Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.10-1.9_FC2smp 
Serendipity 16:56:56 up 3 days, 19 users, load average: 0.36, 0.43, 0.76
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20050117/ae32d7d8/attachment-0002.bin 


More information about the users mailing list