Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 13 Sep 2005 11:19:08 +0200
From:      Erik Norgaard <norgaard@locolomo.org>
To:        Vladimir Dvorak <dvorakv@vdsoft.org>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: cyrus-imap + virtualdomains
Message-ID:  <4326998C.1080600@locolomo.org>
In-Reply-To: <432693A9.5010706@vdsoft.org>
References:  <432693A9.5010706@vdsoft.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Vladimir Dvorak wrote:
> I add
>    
>     virtdomains: yes
>     loginrealms: devel testdomain.org
> 
> into imapd.conf, then I created mailbox using following commands:
> 
> devel~: cyradm -u cyrus@devel localhost
> Password: xxxx
> localhost> cm user.test@testdomain.org
> 
> Now, I can authenticate and work with this mailbox.
> 
> But problem occurs, when I create for example
> 
> localhost>cm user.test2@test2domain.org
> 
> and try to login. In maillog appears
> 
> plaintext test2@test2domain.org SASL(-13): authentication failure:
> cross-realm login test2@test2domain.org denied
> 
> It is clear - when I put test2domain.org behind the loginrealms item, it
> works.
> 
> My question is: is possible to allow * domains to loginrealms ( because
> this server will serve a lot of domains and adding domain items is not
> effective) ?

There are a few things that comes into mind: First, you write your login 
realms as devel testdomain.org - I don't see test2domain.org anywhere.

Second, depending on you mail client you may have to separate login name 
and realm with a % instead of @.

Third, the newly created mailbox may have wrong permissions - check.

Finally:

In my config I have only:

   defaultdomain: mydefaultdomain.org
   virtdomains: yes

and no list of loginrealms. Adding a virtual domain is as simple as 
adding a mailbox as you did: > cm user.myuser2@virtualdomain.org

I use sasl to authenticate against the system password so myuser 
(@mydefaultdomain.org) and myuser%myvirtualdomain.org is the same user.

Since cyrus does not deliver mail (is not an MTA) cyrus can safely 
assume that incoming mail matching user/domain is destined for storage 
in that users mailbox. For this reason I guess, there should be no need 
to specify realms in the config.

Cheers, Erik

-- 
Ph: +34.666334818                                  web: www.locolomo.org
S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F06.crt
Subject ID:  9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72
Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4326998C.1080600>