headers
Rosenbaum, Larry M. | 27 Jun 2012 23:11
Picon
Favicon

Authentication questions

I am currently running Cyrus IMAP 2.4.13-1.el6 on RHEL6. We currently have a bunch of IMAP user accounts that authenticate with plaintext+TLS using the system password data (saslauthd). We would like to add one POP3 account that authenticates via APOP with no TLS (port 110) using the sasldb2 database. Ideally, we would also like the IMAP users to not be able to connect via POP.  How should I set this up?

 

Larry

 

----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Permalink | Reply |
headers
Dan White | 27 Jun 2012 23:26
Gravatar

Re: Authentication questions

On 06/27/12 17:11 -0400, Rosenbaum, Larry M. wrote:
>I am currently running Cyrus IMAP 2.4.13-1.el6 on RHEL6. We currently have
>a bunch of IMAP user accounts that authenticate with plaintext+TLS using
>the system password data (saslauthd). We would like to add one POP3
>account that authenticates via APOP with no TLS (port 110) using the
>sasldb2 database. Ideally, we would also like the IMAP users to not be
>able to connect via POP.  How should I set this up?

If you are not currently using POP3, then when you add it to cyrus.conf,
you can specify unique sasl settings for it in /etc/imapd.conf, such as:

pop3_sasl_pwcheck_method: auxprop
#pop3_sasl_mech_list: (defaults to all mechanisms)
allowapop: 1

Where 'pop3' matches the name you provided to the service in cyrus.conf.
apop is a pseudo-authentication mechanism that is not specified in the
mech_list.

--

-- 
Dan White
----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Permalink | Reply |

Gmane