Authentication problem in sieve in FC3
ad+lists at uni-x.org
Mon Jan 17 16:16:09 UTC 2005
Am Mo, den 17.01.2005 schrieb Uno Engborg um 5:10:
> I'm trying to get sieve working on FC3.
> + imapd works fine.
> + I can log in with sieveshell to add remove, list,... filters.
So authentication should be set up properly.
> - But whenever a mail arrives that should trigger a filter I get an
> authentication error from sieve in /var/log/messages and the mail
> ends up in the inbox.
That can't be the case as no authentication appear when Cyrus-IMAPd
handles the mailbox delivery and calls Sieve to process the message.
> The log message looks like this:
> Jan 16 16:23:49 aslan imap(pam_unix): authentication failure;
> logname=root uid=0 euid=0 tty= ruser= rhost= user=uno
> The process mentioned 28296 is saslauthd
That log entry must match to a different occasion.
> From reading the init.d scripts the saslauthd seam to get started like
> saslauthd -a pam /var/run/saslauthd
/usr/sbin/saslauthd -m /var/run/saslauthd -a pam
This means PAM as MECH is used and the mux socket is used from
> saslauthd seam to work for other services, and among them cyrus imapd.
> If I connect with an impa client the output from
> saslauthd -a pam /var/run/saslauthd -d :
> saslauthd :do_auth : auth success: [user=uno]
> [service=sieve] [realm=] [mech=pam]
> saslauthd :do_request : response: OK
Yes, that looks like a successful saslauthd call.
> However, when sieve is triggered by the reception of a mail to be
> filtered, I get no output what so ever from saslauthd when running in
> debug mode. Just the message in /var/log/messages mentioned above.
There is no saslauthd call to be expected as no authentication is needed
for Sieve processing by Cyrus-IMAPd.
> By the way pam is backed by ldap over TLS, and that seam to work. I can
> log in, I can change passwords.
A fair detail about your setup.
> The user root, and cyrus exists , and they even have mailboxes.
> Any suggestions how to debug this or what could be wrong?
Please use a new test mailbox with Cyrus-IMAPd where you have no Sieve
filter script. Send a mail to this account and post the maillog and
messages entries you get by that processing. An example from my older
Oct 3 19:36:45 noc master: about to exec
Oct 3 19:36:45 noc lmtpunix: executed
Oct 3 19:36:45 noc lmtpunix: accepted connection
Oct 3 19:36:45 noc lmtpunix: lmtp connection preauth'd as
Oct 3 19:36:45 noc lmtpunix: IOERROR: fstating sieve script
/var/imap/sieve/a/adalloz/defaultbc: No such file or directory
Then create a simple Sieve filter file for this test user and send a
mail again. Let us then compare the log entries.
> Uno Engborg
Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.10-1.9_FC2smp
Serendipity 16:56:56 up 3 days, 19 users, load average: 0.36, 0.43, 0.76
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20050117/ae32d7d8/attachment-0002.bin
More information about the users