CentOS - Aug 2005 - cyrus-imapd - unable to connect to POP3

This is the first time I am using cyrus-imapd package.

I am unable to retrieve messages (pop3).  At first, I had not entered
the cyrus-master in /etc/hosts.allow and was getting connection refused.
After adding the entry I am able to connect to port 110 but for some
reason the pop3 server is failing the password authentication (see
below).  With the same userid/passwd I am able to ssh into the server.

What other configuration am I missing.

        $ telnet 192.168.1.21 110
        Trying 192.168.1.21...
        Connected to 192.168.1.21.
        Escape character is '^]'.
        +OK saraswati.surya-group.com Cyrus POP3
        v2.2.12-Invoca-RPM-2.2.12-3.RHEL4.1 server ready
        <82952692.1123769502 at saraswati.surya-group.com>
        USER arunk
        +OK Name is a valid mailbox
        PASS ********
        -ERR [AUTH] Invalid login
        
TIA,
-- 
Arun Khan <knura at yahoo.com>
Linux is a wigwam: No Windows, No Gates, Apache inside.

Arun K. Khan wrote:
> This is the first time I am using cyrus-imapd package.
> 
> I am unable to retrieve messages (pop3).  At first, I had not entered
> the cyrus-master in /etc/hosts.allow and was getting connection refused.
> After adding the entry I am able to connect to port 110 but for some
> reason the pop3 server is failing the password authentication (see
> below).  With the same userid/passwd I am able to ssh into the server.
> 
> What other configuration am I missing.
> 
>         $ telnet 192.168.1.21 110
>         Trying 192.168.1.21...
>         Connected to 192.168.1.21.
>         Escape character is '^]'.
>         +OK saraswati.surya-group.com Cyrus POP3
>         v2.2.12-Invoca-RPM-2.2.12-3.RHEL4.1 server ready
>         <82952692.1123769502 at saraswati.surya-group.com>
>         USER arunk
>         +OK Name is a valid mailbox
>         PASS ********
>         -ERR [AUTH] Invalid login
>         
> TIA,
Do you have saslauthd setup and running ?

- KB

-- 
Karanbir Singh   : http://www.karan.org/
GnuPG Public Key : http://www.karan.org/publickey.asc

Quoting "Arun K. Khan" <knura at yahoo.com>:
> This is the first time I am using cyrus-imapd package.
>
> I am unable to retrieve messages (pop3).  At first, I had not entered
> the cyrus-master in /etc/hosts.allow and was getting connection refused.
> After adding the entry I am able to connect to port 110 but for some
> reason the pop3 server is failing the password authentication (see
> below).  With the same userid/passwd I am able to ssh into the server.
Cyrus must be told how to authenticate users.  Normally, it doesn't do the
authentication itself (it's not running as root, so it can't access 
/etc/shadow
file).  What is the value of sasl_pwcheck_method and sasl_mech_list in
/etc/imapd.conf file?  You most likely want to set those to:

sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN LOGIN

If sasl_pwcheck_method is set to saslauthd, is saslauthd running?  If not fire
it up.  The configuration file for saslauthd (actually, it is config file for
/etc/init.d/saslauthd startup script, unless you want to use LDAP, saslauthd
does need/use any config files) is in /etc/sysconfig/saslauthd.  Again, 
to have
saslauthd authenticate against local user accounts in /etc/passwd and
/etc/shadow files, you would set it to:

MECH=shadow
FLAGS
Other often used values for MECH are pam, ldap and kerberos5 (in case you have
LDAP server or Kerberos KDC that you want to use for authentication, in which
case you do not need local user accounts on the machine).  In case you want to
use LDAP, you'd also need to create file /etc/saslauthd.conf and set at
least
ldap_servers and ldap_search_base options in it.

Said all that, default configuration on CentOS is sasl_pwcheck_method set to
saslauthd in /etc/imapd.conf and MECH set to shadow in 
/etc/sysconfig/saslauthd
(although "pam" would be better default value for MECH variable).  If
you use
this default configuration, most likely you forgot to enable saslauthd 
to start
during boot.  Just start it (/etc/init.d/saslauthd start) and enable 
its startup
script so that it is started during boot (chkconfig saslauthd reset).  If you
use local user accounts for authentication, and your users are not listed in
/etc/passwd and /etc/shadow file (for example, you are using NIS or LDAP),
change value of MECH variable in /etc/sysconfig/saslauthd to pam.

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.