Solved

Cyrus setup on RHEL + other configuration Q's

Posted on 2004-03-23
23
802 Views
Last Modified: 2013-12-06
I've just done a "everything" install of Whitebox Linux on a server I plan to put into production.

( firstly, comments on my choice of whitebox vs free alternatives such as fedora, mandrake etc)

Now then, I've used jlevie's installation instructions for sendmail/cyrus on his page at entrophy-free.net ( Jim, if you're reading, I found a couple of things...)

I'm having difficulties with configuring my sendmail.mc file to wor with cyrus, I include the version that comes with WBL along with the changes I made:
Assuming my FQDN for this machine will be www.xxx.yyy, plz help me to change below to work with Cyrus. Also, plz explain the options related to non-resolvable domains and the issues (my users will all have normal dial-ups etc)

 [root@zen mail]# cat sendmail.mc
divert(-1)dnl
dnl #
dnl # This is the sendmail macro config file for m4. If you make changes to
dnl # /etc/mail/sendmail.mc, you will need to regenerate the
dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is
dnl # installed and then performing a
dnl #
dnl #     make -C /etc/mail
dnl #
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`Cyrus/SASL for Red Hat Linux')dnl
OSTYPE(`linux')dnl
dnl #
dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
dnl define(`SMART_HOST',`smtp.your.provider')
dnl #
define(`confDEF_USER_ID',``8:12'')dnl
dnl define(`confAUTO_REBUILD')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST',true)dnl
define(`confDONT_PROBE_INTERFACES',true)dnl
define(`confTRUSTED_USER', `cyrus')dnl
define(`confLOCAL_MAILER', `cyrusv2')dnl

define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
dnl define(`STATUS_FILE', `/etc/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
dnl #
dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl #
dnl define(`confAUTH_OPTIONS', `A p')dnl
dnl #
dnl # PLAIN is the preferred plaintext authentication method and used by
dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
dnl # use LOGIN. Other mechanisms should be used if the connection is not
dnl # guaranteed secure.
dnl #
dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl #
dnl # Rudimentary information on creating certificates for sendmail TLS:
dnl #     make -C /usr/share/ssl/certs usage
dnl #
dnl define(`confCACERT_PATH',`/usr/share/ssl/certs')
dnl define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
dnl define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
dnl define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
dnl #
dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's
dnl # slapd, which requires the file to be readble by group ldap
dnl #
dnl define(`confDONT_BLAME_SENDMAIL',`groupreadablekeyfile')dnl
dnl #
dnl define(`confTO_QUEUEWARN', `4h')dnl
dnl define(`confTO_QUEUERETURN', `5d')dnl
dnl define(`confQUEUE_LA', `12')dnl
dnl define(`confREFUSE_LA', `18')dnl
define(`confTO_IDENT', `0')dnl
dnl FEATURE(delay_checks)dnl
FEATURE(`no_default_msa',`dnl')dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
dnl #
dnl # The -t option will retry delivery if e.g. the user runs over his quota.
dnl #
FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
dnl #
dnl # The following causes sendmail to only listen on the IPv4 loopback address
dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.
dnl #
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
dnl #
dnl # The following causes sendmail to additionally listen to port 587 for
dnl # mail from MUAs that authenticate. Roaming users who can't reach their
dnl # preferred sendmail daemon due to port 25 being blocked or redirected find
dnl # this useful.
dnl #
dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
dnl #
dnl # The following causes sendmail to additionally listen to port 465, but
dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed
dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't
dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS
dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps
dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1.
dnl #
dnl # For this to work your OpenSSL certificates must be configured.
dnl #
dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
dnl #
dnl # The following causes sendmail to additionally listen on the IPv6 loopback
dnl # device. Remove the loopback address restriction listen to the network.
dnl #
dnl # NOTE: binding both IPv4 and IPv6 daemon to the same port requires
dnl #       a kernel patch
dnl #
dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl
dnl #
dnl # We strongly recommend not accepting unresolvable domains if you want to
dnl # protect yourself from spam. However, the laptop and users on computers
dnl # that do not have 24x7 DNS do need this.
dnl #
FEATURE(`accept_unresolvable_domains')dnl
dnl #
dnl FEATURE(`relay_based_on_MX')dnl
dnl #
dnl # Also accept email sent to "localhost.localdomain" as local email.
dnl #
LOCAL_DOMAIN(`localhost.localdomain')dnl
dnl #
dnl # The following example makes mail from this host and any additional
dnl # specified domains appear to be sent from mydomain.com
dnl #
dnl MASQUERADE_AS(`mydomain.com')dnl
dnl #
dnl # masquerade not just the headers, but the envelope as well
dnl #
dnl FEATURE(masquerade_envelope)dnl
dnl #
dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well
dnl #
dnl FEATURE(masquerade_entire_domain)dnl
dnl #
dnl MASQUERADE_DOMAIN(localhost)dnl
dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl
dnl MASQUERADE_DOMAIN(mydomainalias.com)dnl
dnl MASQUERADE_DOMAIN(mydomain.lan)dnl
define(`CYRUSV2_MAILER_FLAGS', `uA@/:|m')dnl
MAILER(smtp)dnl
MAILER(cyrusv2)dnl


Note for Jim:
Jim, your installation notes for cyrus seems to lack the creation of a /var/spool/imap/proc folder. Also, I'm getting strange errors in the cyruslog file after install:

tail cyruslog
Mar 23 22:32:05 zen lmtpunix[4443]: DBERROR: opening /var/spool/imap/config/deliver.db: cyrusdb error
Mar 23 22:32:05 zen lmtpunix[4443]: FATAL: lmtpd: unable to init duplicate delivery database
Mar 23 22:32:05 zen master[2745]: process 4443 exited, status 75
Mar 23 22:32:05 zen master[2745]: service lmtpunix pid 4443 in READY state: terminated abnormally
Mar 23 22:32:05 zen master[4444]: about to exec /usr/cyrus/bin/lmtpd
Mar 23 22:32:05 zen lmtpunix[4444]: DBERROR db4: /var/spool/imap/config/db/__db.001: No such file or directory
Mar 23 22:32:05 zen lmtpunix[4444]: DBERROR: dbenv->open '/var/spool/imap/config/db' failed: No such file or directory
Mar 23 22:32:05 zen lmtpunix[4444]: DBERROR: init() on berkeley
Mar 23 22:32:05 zen lmtpunix[4444]: DBERROR: reading /var/spool/imap/config/db/skipstamp, assuming the worst: No such file or directory
Mar 23 22:32:05 zen lmtpunix[4444]: executed

tail messages
Mar 23 22:33:18 zen master[2745]: service lmtpunix pid 4670 in READY state: terminated abnormally
Mar 23 22:33:18 zen lmtpunix[4671]: DBERROR db4: /var/spool/imap/config/db/__db.001: No such file or directory
Mar 23 22:33:18 zen lmtpunix[4671]: DBERROR: dbenv->open '/var/spool/imap/config/db' failed: No such file or directory
Mar 23 22:33:18 zen lmtpunix[4671]: DBERROR: init() on berkeley
Mar 23 22:33:18 zen lmtpunix[4671]: DBERROR: reading /var/spool/imap/config/db/skipstamp, assuming the worst: No such file or directory
Mar 23 22:33:18 zen lmtpunix[4671]: DBERROR db4: environment not yet opened
Mar 23 22:33:18 zen lmtpunix[4671]: DBERROR: opening /var/spool/imap/config/deliver.db: Invalid argument
Mar 23 22:33:18 zen lmtpunix[4671]: DBERROR: opening /var/spool/imap/config/deliver.db: cyrusdb error
Mar 23 22:33:18 zen lmtpunix[4671]: FATAL: lmtpd: unable to init duplicate delivery database
Mar 23 22:33:19 zen master[2745]: service lmtpunix pid 4671 in READY state: terminated abnormally

I'm sure it's also due to these errors that the cyruslog and messages log grows to more than a gig each in just 4 days running???



0
Comment
Question by:psimation
  • 13
  • 10
23 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 10661652
What version of Cyrus did you use?
0
 
LVL 17

Author Comment

by:psimation
ID: 10661727
The latest version available: 2.2.3
( Yes I know, your installation instructions are for an earlier version, but the installation of Cyrus has greatly remained the same?)
0
 
LVL 17

Author Comment

by:psimation
ID: 10674776
I've returned to take a public flogging...

Jim
As per usual, you are quite right; I reverted to an earlier build ( the last 2.1.x version), and all works fine now. I will READ the install files of 2.2.x as my well deserved punnishment for making assumptions...
0
 
LVL 40

Accepted Solution

by:
jlevie earned 500 total points
ID: 10823816
FYI: I've updated my page on Cyrus install (http://www.entrophy-free.net/mail-server-el.html)
0
 
LVL 17

Author Comment

by:psimation
ID: 10827782
Thanks Jim

All seems to be running smoothly now!
0
 
LVL 17

Author Comment

by:psimation
ID: 10863440
Hi Jim, hope you still follow this thread:

Just a quick one; I have 2.2.3 running like a dream, but I noticed that on my old system, all the users were located in their own folders on:
/var/spool/imap/user

However, on the new cyrus, it seems to be

/var/spool/imap/mail/X/user/

where X = {a,b,c...z};
Is this a "feature", or is this dictated by a .conf setting ,build parameter or more likely, the lack of grey matter in my cranial cavity?
I find it much more difficult to keep track of the mailboxes this way? If it's a "feature", is there a way to change it to the "good ol' days" ( except for the obvious way of sticking with 2.0.dinosaur)?

Thanks
0
 
LVL 40

Expert Comment

by:jlevie
ID: 10863611
That's the new user hash scheme that started with 2.1.something. And no I don't know how you could configure it to revert to the old hash scheme.
0
 
LVL 17

Author Comment

by:psimation
ID: 10937833
Jim,
hopefully the last time I "abuse" this closed question:

When sending mail , I get errors saying that the server rejected plaintext as an authentication method, yet, as you can see per my imapd.conf file:

configdirectory:      /var/spool/imap/config
partition-default:    /var/spool/imap/mail
lmtpsocket:           /var/spool/imap/socket/lmtp
sievedir:             /var/spool/imap/sieve
sieveusehomedir:      false
duplicate_db:         skiplist
hashimapspool:        true
sendmail:             /usr/sbin/sendmail
sasl_pwcheck_method:  auxprop
sasl_mech_list:       CRAM-MD5 DIGEST-MD5 PLAIN LOGIN
allowplaintext:       yes
postmaster:           postmaster@psimation.com
admins:               cyrus

Even when I do a "check for supported types" with Evolution, it only shows Cram-MD5 etc, but no Plain.

Is this something one must select at build time? I wouldn't mind NOT using plaintext as authentication, but most of my users are Windows users, and it seems outlook does not have that feature. Also, even if i select Cram-MD5, whenever I try to send with a new account on this box, i immediately get a "relaying denied" message as if it is not authenticating?
Can you give me some pointers please?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 10940164
Authentication for sending mail has nothing to do with what is in the imapd.conf file. In the case of Sendmail that is strictly controlled by sendmail.mc/cf and /usr/lib/sasl2/Sendmail.conf. Since PLAIN and LOGIN isn't available to the clients I'd guess that your sendmail.mc file includes:

define(`confAUTH_OPTIONS', `A p')dnl

which retricts PLAIN and LOGIN to TLS connections. Changing that to:

define(`confAUTH_OPTIONS', `A')dnl

will allow those methods over un-encrypted connections.
0
 
LVL 17

Author Comment

by:psimation
ID: 10940800
Hi Jim
OK, I changed that, built a new sendmail.cf and restarted sendmail, guess what??? Same thing. Won't take give plaintext as an option for auth, and still says relaying denied.

Now, I have used cram-md5 for receiving and sending auth, but that still says relaying denied, so it looks like the problems are not directly related, ie, the even if I got the plain text to work, the relaying denied would persist?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 10941597
I'm assuming that mail.psimation.com is your mail server, correct? Something still isn't quite right with your sendmail.mc since a 'telnet mail.psimation.com 25' only shows:

250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5

as allowed methods. For your environment the correct directives in sendmail.mc would be:

define(`confAUTH_OPTIONS', `A')dnl
dnl #
dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl #
dnl define(`confAUTH_OPTIONS', `A p')dnl
dnl #
dnl # PLAIN is the preferred plaintext authentication method and used by
dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
dnl # use LOGIN. Other mechanisms should be used if the connection is not
dnl # guaranteed secure.
dnl #
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

With that correctly in sendmail.mc, a new sendmail.cf generated, and sendmail restarted connecting to the SMTP port and issuing a 'ehlo localhost.localdomain' will show:

250-AUTH DIGEST-MD5 CRAM-MD5 LOGIN PLAIN

Simple clients (like Outlook) will then be able to autheticate and once authenticated sendmail will allow them to relay through the server.
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 17

Author Comment

by:psimation
ID: 10941786
This is the sendmail.mc I use to create sendmail.cf.
I can't understand it, it clearly shows the auth mechs there, but still, no plaintext... Could this mc file be "incompatible" with my version of sendmail (8.12.10)?

I've marked the 2 lines I commented out with <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<


**********************************************************************************************************************************
divert(-1)dnl
dnl #
dnl # This is the sendmail macro config file for m4. If you make changes to
dnl # /etc/mail/sendmail.mc, you will need to regenerate the
dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is
dnl # installed and then performing a
dnl #
dnl #     make -C /etc/mail
dnl #
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`Cyrus/SASL for Red Hat Linux')dnl
OSTYPE(`linux')dnl
dnl #
dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
dnl define(`SMART_HOST',`smtp.your.provider')
dnl #
define(`confDEF_USER_ID',``8:12'')dnl
define(`confTRUSTED_USER', `smmsp')dnl
define(`confTRUSTED_USER', `cyrus')dnl
define(`confLOCAL_MAILER', `cyrusv2')dnl
dnl define(`confAUTO_REBUILD')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST',true)dnl
define(`confDONT_PROBE_INTERFACES',true)dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/etc/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
dnl #
dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl #
dnl define(`confAUTH_OPTIONS', `A')dnl  <<<<<<<<<<<<<<<<<<<<< this one had a "p", but I removed it...
dnl #
dnl # PLAIN is the preferred plaintext authentication method and used by
dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
dnl # use LOGIN. Other mechanisms should be used if the connection is not
dnl # guaranteed secure.
dnl #
dnl TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl define(`confAUTH_MECHANISMS', `GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl #
dnl # Rudimentary information on creating certificates for sendmail TLS:
dnl #     make -C /usr/share/ssl/certs usage
dnl #
dnl define(`confCACERT_PATH',`/usr/share/ssl/certs')
dnl define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
dnl define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
dnl define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
dnl #
dnl define(`confTO_QUEUEWARN', `4h')dnl
dnl define(`confTO_QUEUERETURN', `5d')dnl
define(`confQUEUE_LA', `8')dnl
define(`confREFUSE_LA', `16')dnl
define(`confTO_IDENT', `0')dnl
dnl #
dnl # Set Mail restrictions as you see fit...
dnl #
define(`confMAX_MESSAGE_SIZE', `50000000')dnl
define(`confMAX_RCPTS_PER_MESSAGE', `50')dnl
dnl FEATURE(delay_checks)dnl
FEATURE(`no_default_msa',`dnl')dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
dnl # FEATURE(`genericstable',`hash -o /etc/mail/genericstable.db')dnl     <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
dnl # GENERICS_DOMAIN_FILE(`/etc/mail/generics-domains')dnl       <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
dnl #
dnl # The following causes sendmail to additionally listen to port 587 for
dnl # mail from MUAs that authenticate. Roaming users who can't reach their
dnl # preferred sendmail daemon due to port 25 being blocked or redirected find
dnl # this useful.
dnl #
dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
dnl #
dnl # The following causes sendmail to additionally listen to port 465, but
dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed
dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't
dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS
dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps
dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1.
dnl #
dnl # For this to work your OpenSSL certificates must be configured.
dnl #
dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
dnl #
dnl # The following causes sendmail to additionally listen on the IPv6 loopback
dnl # device. Remove the loopback address restriction listen to the network.
dnl #
dnl # NOTE: binding both IPv4 and IPv6 daemon to the same port requires
dnl #       a kernel patch
dnl #
dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl
dnl #
dnl FEATURE(`relay_based_on_MX')dnl     <<<<<<<<<<<<<<<<<<<<<<<is this applicable to me???
dnl #
dnl # Also accept email sent to "localhost.localdomain" as local email.
dnl #
LOCAL_DOMAIN(`localhost.localdomain')dnl
dnl #
dnl # The following example makes mail from this host and any additional
dnl # specified domains appear to be sent from mydomain.com
dnl #
MASQUERADE_AS(`your-domain.tld')dnl
dnl #
dnl # masquerade not just the headers, but the envelope as well
dnl #
FEATURE(masquerade_envelope)dnl
dnl #
dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well
dnl #
FEATURE(masquerade_entire_domain)dnl
dnl
FEATURE(`local_lmtp')dnl
FEATURE(`preserve_local_plus_detail')dnl
dnl #
dnl # To deliver to mixed case subfolders uncomment the next line.
dnl #
define(`CYRUSV2_MAILER_FLAGS', `uA@/:|m')dnl
MAILER(cyrusv2)dnl
MAILER(local)dnl
dnl
MAILER(smtp)dnl
****************************************************************************************************************

I first tried to use the default .mc file that came with WBL, but that also did not work, so I used yours.


0
 
LVL 40

Expert Comment

by:jlevie
ID: 10941999
These:

dnl TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl define(`confAUTH_MECHANISMS', `GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

are still commented out. Remove "dnl " from the beginning of each line. And you can take GSSAPI out of the
seond line since that method isn't usable in your setup and can just confuse clients.
0
 
LVL 17

Author Comment

by:psimation
ID: 10942122
Oh my word....

I swear, for all this time I was under the impression that the "dnl" was like some kind of "new line" statement, and that there had to be a # for it to be a comment...

Oh my word....

Well, as per usual, thanks to you, things are working PERFECTLY now....

What can I say, Thanks Jim, you thine saviour of mine bacon ...
0
 
LVL 17

Author Comment

by:psimation
ID: 10946718
Hi Jim
Are these db errors anything to worry about? Everything seems to be working fine???

Apr 28 23:16:30 zen ctl_cyrusdb[16547]: DBERROR: error listing log files: DB_NOTFOUND: No matching key/data pair found
Apr 28 23:16:30 zen ctl_cyrusdb[16547]: DBERROR: archive /var/imap/config/db: cyrusdb error
Apr 28 23:16:30 zen ctl_cyrusdb[16547]: done checkpointing cyrus databases
Apr 28 23:46:30 zen ctl_cyrusdb[16574]: checkpointing cyrus databases
Apr 28 23:46:30 zen ctl_cyrusdb[16574]: DBERROR: error listing log files: DB_NOTFOUND: No matching key/data pair found
Apr 28 23:46:30 zen ctl_cyrusdb[16574]: DBERROR: archive /var/imap/config/db: cyrusdb error
Apr 28 23:46:30 zen ctl_cyrusdb[16574]: done checkpointing cyrus databases
Apr 29 00:16:30 zen ctl_cyrusdb[16593]: checkpointing cyrus databases
0
 
LVL 40

Expert Comment

by:jlevie
ID: 10953691
One can see these errors  on a newly installed Cyrus mail server where there's not yet data in all of the DB's.
Is that the case here?
0
 
LVL 17

Author Comment

by:psimation
ID: 10953929
Well, I only have 4 test mailboxes atm, but the domain is "live" so there are quite a bit mail coming in already.
I've just had a look at the log now, and it looks better, only the checkpointing bit's are there, no errors yet, I will keep checking, hopefully it was just that...
Thanks
0
 
LVL 40

Expert Comment

by:jlevie
ID: 10954019
The checkpoints occur at regular intervals and are supposed to there. The DB errors usually dissappear after a day or so
0
 
LVL 17

Author Comment

by:psimation
ID: 10967484
Hi Jim
All is now fine and no more DB errors, however, windows users cannot authenticate when trying to send, and the log says this:
May  1 15:45:49 zen saslauthd[2952]: do_auth         : auth failure: [user=xxx1] [service=smtp] [realm=] [mech=shadow] [reason=Unknown]

It looks like for some reason Outlook 2003 has a "shadow" mech for sending the password? Can this be fixed ( I can't see anywhere in outlook where you can specify the password type)?  
0
 
LVL 40

Expert Comment

by:jlevie
ID: 10967851
That sounds like /usr/lib/sasl2/Sendmail.conf contains"pwcheck_method: saslauthd" instead of "pwcheck_method: auxprop".
Change that and Sendmail will authenticate against sasldb
0
 
LVL 17

Author Comment

by:psimation
ID: 10968653
Works like a charm....
Thanks
0
 
LVL 40

Expert Comment

by:jlevie
ID: 10969036
And you'd expect anything otherwise???
0
 
LVL 17

Author Comment

by:psimation
ID: 10970833
LOL, not really, only other thing I expected was that there was even more that I messed up somehow...But, touch wood, at the moment, all seems to be running without any problems...
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

The purpose of this article is to show how we can create Linux Mint virtual machine using Oracle Virtual Box. To install Linux Mint we have to download the ISO file from its website i.e. http://www.linuxmint.com. Once you open the link you will see …
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now