CentOS - Dec 2011 - syncing imap servers with imapsync

hello list,

 I am attempting to sync two imap servers using the imapsync perl script. It
seems handy and easy.


Here's what happens when I try to do this:

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5
master").
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps     inet  n       -       n       -       -       smtpd
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
amavis    unix  -       -       -       -       2       smtp
          -o smtp_data_done_timeout=1200
          -o smtp_send_xforward_command=yes
[root at mail3 skins]# imapsync --syncinternaldates --host1 mail.example1.com
--user1 bluethundr --password1 secret --host2 roundcube.example2.com --user2
bluethundr --password2 secret
[root at mail3 skins]# imapsync --syncinternaldates --host1 mail.example1.com
--user1 bluethundr --password1 secret --host2 roundcube.example2.com --user2
bluethundr --password2 secret
$RCSfile: imapsync,v $ $Revision: 1.456 $ $Date: 2011/08/24 04:21:30 $
Here is a [linux] system (Linux mail3.example1.com 3.0.4-x86_64-linode21 #1 SMP
Thu Sep 1 21:28:01 EDT 2011 x86_64)
With perl 5.8.8 Mail::IMAPClient  3.28
Command line used:
/usr/bin/imapsync --syncinternaldates --host1 mail.example1.com --user1
bluethundr --password1 MASKED --host2 roundcube.example2.com --user2 bluethundr
--password2 MASKED
Temp directory is /tmp
PID file is /tmp/imapsync.pid
Modules version list:
Mail::IMAPClient     3.28
IO::Socket           1.29
IO::Socket::INET     1.29
IO::Socket::SSL      1.01
Digest::MD5          2.36
Digest::HMAC_MD5     1.01
Term::ReadKey        2.30
Authen::NTLM         1.09

Info: turned ON syncinternaldates, will set the internal dates (arrival dates)
on host2 same as host1.
Info: will try to use LOGIN authentication on host1
Info: will try to use LOGIN authentication on host2
Host1: imap server [mail.example1.com] port [143] user [bluethundr]
Host2: imap server [roundcube.example2.com] port [143] user [bluethundr]
Banner: * OK mail.example1.com Zimbra IMAP4rev1 server ready
Info: host mail.example1.com says it has NO CAPABILITY for AUTHENTICATE LOGIN
Info: success login on [mail.example1.com] with user [bluethundr] auth [LOGIN]
Banner: * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE
THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS]
Courier-IMAP ready. Copyright 1998-2011 Double Precision, Inc.  See COPYING for
distribution information.
Info: host roundcube.example2.com says it has NO CAPABILITY for AUTHENTICATE
LOGIN
Failure: error login [roundcube.example2.com] with user [bluethundr] auth
[LOGIN]: 2 NO Login failed.
Failure: error login [roundcube.example2.com] with user [bluethundr] auth
[LOGIN]: 2 NO Login failed.
[root at mail3 skins]# 




I can log into both imap servers without any problem. Server1 is a zimbra server
and Server2 is a plain vanilla postfix setup with courier imap. I believe the
problem is with courier authlib and the advertised capabilities of that server.


Info: host mail.example1.com says it has NO CAPABILITY for AUTHENTICATE LOGIN


This is my authmodulelist on server2.


authmodulelist="authuserdb authpam authpgsql authldap authmysql authcustom
authpipe"

This is all I see in the postfix logs on the second server when the
authentication failure happens:


Dec  3 22:54:59 li135-81 imapd: Connection, ip=[::ffff:69.164.220.81]
Dec  3 22:55:01 li135-81 imapd: LOGIN FAILED, user=bluethundr,
ip=[::ffff:69.164.220.81]
Dec  3 22:55:06 li135-81 imapd: Disconnected, ip=[::ffff:69.164.220.81], time=7
Dec  3 22:55:15 li135-81 imapd: Connection, ip=[::ffff:127.0.0.1]
Dec  3 22:55:15 li135-81 imapd: LOGIN, user=bluethundr at exmaple2.com,
ip=[::ffff:127.0.0.1], port=[57141], protocol=IMAP
Dec  3 22:55:15 li135-81 imapd: LOGOUT, user=bluethundr at example2.com,
ip=[::ffff:127.0.0.1], headers=0, body=0, rcvd=94, sent=460, time=0

I'm thinking I need to find a way for server2 to authenticate via plaintext
for this to happen.

I'd appreciate any advice you might have.

thanks in advance
tim

On Sun, 2011-12-04 at 04:00 +0000, Tim Dunphy wrote:
> hello list,
> 
>  I am attempting to sync two imap servers using the imapsync perl script.
It seems handy and easy.
> 
> 
> Here's what happens when I try to do this:
> 
> #
> # Postfix master process configuration file.  For details on the format
> # of the file, see the master(5) manual page (command: "man 5
master").
> #  -o smtpd_sasl_auth_enable=yes
> #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
> #smtps     inet  n       -       n       -       -       smtpd
> virtual   unix  -       n       n       -       -       virtual
> lmtp      unix  -       -       n       -       -       lmtp
> anvil     unix  -       -       n       -       1       anvil
> scache    unix  -       -       n       -       1       scache
> amavis    unix  -       -       -       -       2       smtp
>           -o smtp_data_done_timeout=1200
>           -o smtp_send_xforward_command=yes
> [root at mail3 skins]# imapsync --syncinternaldates --host1
mail.example1.com --user1 bluethundr --password1 secret --host2
roundcube.example2.com --user2 bluethundr --password2 secret
> [root at mail3 skins]# imapsync --syncinternaldates --host1
mail.example1.com --user1 bluethundr --password1 secret --host2
roundcube.example2.com --user2 bluethundr --password2 secret
> $RCSfile: imapsync,v $ $Revision: 1.456 $ $Date: 2011/08/24 04:21:30 $
> Here is a [linux] system (Linux mail3.example1.com 3.0.4-x86_64-linode21 #1
SMP Thu Sep 1 21:28:01 EDT 2011 x86_64)
> With perl 5.8.8 Mail::IMAPClient  3.28
> Command line used:
> /usr/bin/imapsync --syncinternaldates --host1 mail.example1.com --user1
bluethundr --password1 MASKED --host2 roundcube.example2.com --user2 bluethundr
--password2 MASKED
> Temp directory is /tmp
> PID file is /tmp/imapsync.pid
> Modules version list:
> Mail::IMAPClient     3.28
> IO::Socket           1.29
> IO::Socket::INET     1.29
> IO::Socket::SSL      1.01
> Digest::MD5          2.36
> Digest::HMAC_MD5     1.01
> Term::ReadKey        2.30
> Authen::NTLM         1.09
> 
> Info: turned ON syncinternaldates, will set the internal dates (arrival
dates) on host2 same as host1.
> Info: will try to use LOGIN authentication on host1
> Info: will try to use LOGIN authentication on host2
> Host1: imap server [mail.example1.com] port [143] user [bluethundr]
> Host2: imap server [roundcube.example2.com] port [143] user [bluethundr]
> Banner: * OK mail.example1.com Zimbra IMAP4rev1 server ready
> Info: host mail.example1.com says it has NO CAPABILITY for AUTHENTICATE
LOGIN
> Info: success login on [mail.example1.com] with user [bluethundr] auth
[LOGIN]
> Banner: * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE
THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS]
Courier-IMAP ready. Copyright 1998-2011 Double Precision, Inc.  See COPYING for
distribution information.
> Info: host roundcube.example2.com says it has NO CAPABILITY for
AUTHENTICATE LOGIN
> Failure: error login [roundcube.example2.com] with user [bluethundr] auth
[LOGIN]: 2 NO Login failed.
> Failure: error login [roundcube.example2.com] with user [bluethundr] auth
[LOGIN]: 2 NO Login failed.
> [root at mail3 skins]# 
> 
> 
> 
> 
> I can log into both imap servers without any problem. Server1 is a zimbra
server and Server2 is a plain vanilla postfix setup with courier imap. I believe
the problem is with courier authlib and the advertised capabilities of that
server.
> 
> 
> Info: host mail.example1.com says it has NO CAPABILITY for AUTHENTICATE
LOGIN
> 
> 
> This is my authmodulelist on server2.
> 
> 
> authmodulelist="authuserdb authpam authpgsql authldap authmysql
authcustom authpipe"
> 
> This is all I see in the postfix logs on the second server when the
authentication failure happens:
> 
> 
> Dec  3 22:54:59 li135-81 imapd: Connection, ip=[::ffff:69.164.220.81]
> Dec  3 22:55:01 li135-81 imapd: LOGIN FAILED, user=bluethundr,
ip=[::ffff:69.164.220.81]
> Dec  3 22:55:06 li135-81 imapd: Disconnected, ip=[::ffff:69.164.220.81],
time=7
> Dec  3 22:55:15 li135-81 imapd: Connection, ip=[::ffff:127.0.0.1]
> Dec  3 22:55:15 li135-81 imapd: LOGIN, user=bluethundr at exmaple2.com,
ip=[::ffff:127.0.0.1], port=[57141], protocol=IMAP
> Dec  3 22:55:15 li135-81 imapd: LOGOUT, user=bluethundr at example2.com,
ip=[::ffff:127.0.0.1], headers=0, body=0, rcvd=94, sent=460, time=0
> 
> I'm thinking I need to find a way for server2 to authenticate via
plaintext for this to happen.
> 
> I'd appreciate any advice you might have.
> 
> thanks in advance
> tim
----
Zimbra uses cyrus-imapd right?

if so, you need to configure it for login/plain, something like this...

# grep sasl_mech_list /etc/imapd.conf
sasl_mech_list: plain login gssapi external

Probably don't need the gssapi or external

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.