[Dovecot] managesieve proxy cyrus
Hello all,
I've configured a dovecot server in proxy mode. It seems to work well but. I've tested managesieve with squirrelmail and it's working correctly but I can't connect to cyrus sieve server : timsieved
Does anybody here have configure a sieve proxy to do this ?
Or is it a normal behavior and dovecot sieve proxy can't speak with cyrus sieve ?
Thanks.
Hello all,
I've configured a dovecot server in proxy mode. It seems to work well but. I've tested managesieve with squirrelmail and it's working correctly but I can't connect to cyrus sieve server : timsieved First of all, what versions are you using? How is it all configured? Do
Mathieu Kretchner wrote: the Dovecot and Cyrus logs contain anything useful?
Does anybody here have configure a sieve proxy to do this ? Your setup is a bit odd. I haven't tried this ever and doubt anyone else has. The proxying feature is mainly implemented with Dovecot back-ends in mind. In an ideal world this should work however, so there is a possibility that the Dovecot proxy is not working properly.
Or is it a normal behavior and dovecot sieve proxy can't speak with cyrus sieve ? Theoretically, this setup should be possible. However, the protocol specification is unfortunately not always followed to the letter. Also, Cyrus possibly does not allow you to login with the SASL PLAIN mechanism (the only one supported for proxying now). This seems unlikely though, since the IMAP proxy does work.
Without more information I can only guess what is going on. Could you sniff the communication between Dovecot and Cyrus (e.g. using ngrep)? Perhaps, if it is not too much trouble, I can make it work...
Regards,
Stephan
Stephan Bosch wrote:
Hello all,
I've configured a dovecot server in proxy mode. It seems to work well but. I've tested managesieve with squirrelmail and it's working correctly but I can't connect to cyrus sieve server : timsieved First of all, what versions are you using? How is it all configured? Do
Mathieu Kretchner wrote: the Dovecot and Cyrus logs contain anything useful?
I've to do a migration between cyrus and dovecot so we have choosen to use dovecot (1.1.8) proxy in front of an old cyrus 2.2.12 and our new dovecot server.
Does anybody here have configure a sieve proxy to do this ? Your setup is a bit odd. I haven't tried this ever and doubt anyone else has. The proxying feature is mainly implemented with Dovecot back-ends in mind. In an ideal world this should work however, so there is a possibility that the Dovecot proxy is not working properly.
Or is it a normal behavior and dovecot sieve proxy can't speak with cyrus sieve ? Theoretically, this setup should be possible. However, the protocol specification is unfortunately not always followed to the letter. Also, Cyrus possibly does not allow you to login with the SASL PLAIN mechanism (the only one supported for proxying now). This seems unlikely though, since the IMAP proxy does work. I think you've right, I've done some tcpdump and don't see a lot of thing but there is some data on the 2000 port of my cyrus server. But I realy wonder if the SASL PLAIN mechanism is the key of the problem ?
telnet imap-serv sieve Trying 138.XX.XX.XX... Connected to imap-serv. Escape character is '^]'. "IMPLEMENTATION" "Cyrus timsieved v2.2.12" "SASL" "PLAIN" "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex" "STARTTLS" OK
If I configure my remote squirrelmail to directly access to my cyrus server, it works ! But as soon as I plug squirrelmail on the proxy it's crashing ...
Thank you for your help
Without more information I can only guess what is going on. Could you sniff the communication between Dovecot and Cyrus (e.g. using ngrep)? Perhaps, if it is not too much trouble, I can make it work...
Regards,
Stephan
On Tue, 2009-01-27 at 18:04 +0100, Mathieu Kretchner wrote:
I think you've right, I've done some tcpdump and don't see a lot of thing but there is some data on the 2000 port of my cyrus server. But I realy wonder if the SASL PLAIN mechanism is the key of the problem ?
telnet imap-serv sieve Trying 138.XX.XX.XX... Connected to imap-serv. Escape character is '^]'. "IMPLEMENTATION" "Cyrus timsieved v2.2.12" "SASL" "PLAIN" "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex" "STARTTLS" OK
If I configure my remote squirrelmail to directly access to my cyrus server, it works ! But as soon as I plug squirrelmail on the proxy it's crashing ...
Does Squirrelmail try to use STARTTLS? Having full session traffic logs of when Squirrelmail is logging into Dovecot proxy and when logging into Cyrus proxy would be helpful (ngrep, wireshark, etc). If Squirrelmail uses STARTTLS, this doesn't really work though (but at least the logs will reveal that it is doing STARTTLS). Also if it is doing that, perhaps the issue is SASL PLAIN after all, since Dovecot proxy won't do STARTTLS to the Cyrus.
Also if you set auth_debug=yes, what do you see in Dovecot logs when attempting to log in?
Does Squirrelmail try to use STARTTLS? Having full session traffic logs I don't think Squirrelmail is trying to use STARTTLS. But anyway I've tried to trace the sieve connection protocol, you could find it in the attachement. It's approximatively the same data, I've posted yesterday with extra protocol tcp/ip :)
of when Squirrelmail is logging into Dovecot proxy and when logging into Cyrus proxy would be helpful (ngrep, wireshark, etc). If Squirrelmail uses STARTTLS, this doesn't really work though (but at least the logs will reveal that it is doing STARTTLS). Also if it is doing that, perhaps the issue is SASL PLAIN after all, since Dovecot proxy won't do STARTTLS to the Cyrus.
Also if you set auth_debug=yes, what do you see in Dovecot logs when attempting to log in?
Here is my dovecot log with auth_debug=yes :
Jan 28 09:31:24 myservername dovecot: auth(default): client in: AUTH 3 PLAIN service=managesieve secured lip=127.0.0.1 rip=127.0.0.1 lport=2000 rport=42791 resp=<hidden> Jan 28 09:31:24 myservername dovecot: auth-worker(default): sql(imap2,127.0.0.1): query: SELECT NULL AS password, host, destuser, 'Y' as nopassword, 'Y' AS proxy FROM proxy WHERE user = 'imap2' Jan 28 09:31:24 myservername dovecot: auth(default): client out: OK 3 user=imap2 host=138.138.138.138 destuser=imap2 proxy pass=<hidden> Jan 28 09:31:24 myservername dovecot: managesieve-login: Disconnected: user=<imap2>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 28 09:31:24 myservername dovecot: auth(default): new auth connection: pid=4760
Frame 1 (74 bytes on wire, 74 bytes captured) Arrival Time: Jan 28, 2009 09:31:24.796988000 Time delta from previous packet: 0.000000000 seconds Time since reference or first frame: 0.000000000 seconds Frame Number: 1 Packet Length: 74 bytes Capture Length: 74 bytes Protocols in frame: eth:ip:tcp Ethernet II, Src: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f), Dst: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Destination: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Source: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Type: IP (0x0800) Internet Protocol, Src: IP_proxy_dovecot (IP_proxy_dovecot), Dst: Ip_cyrus_server (Ip_cyrus_server) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 0000 00.. = Differentiated Services Codepoint: Default (0x00) .... ..0. = ECN-Capable Transport (ECT): 0 .... ...0 = ECN-CE: 0 Total Length: 60 Identification: 0x7d21 (32033) Flags: 0x04 (Don't Fragment) 0... = Reserved bit: Not set .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: TCP (0x06) Header checksum: 0xa5f8 [correct] Good: True Bad : False Source: IP_proxy_dovecot (IP_proxy_dovecot) Destination: Ip_cyrus_server (Ip_cyrus_server) Transmission Control Protocol, Src Port: 53996 (53996), Dst Port: sieve (2000), Seq: 0, Len: 0 Source port: 53996 (53996) Destination port: sieve (2000) Sequence number: 0 (relative sequence number) Header length: 40 bytes Flags: 0x0002 (SYN) 0... .... = Congestion Window Reduced (CWR): Not set .0.. .... = ECN-Echo: Not set ..0. .... = Urgent: Not set ...0 .... = Acknowledgment: Not set .... 0... = Push: Not set .... .0.. = Reset: Not set .... ..1. = Syn: Set .... ...0 = Fin: Not set Window size: 5840 Checksum: 0x384f [correct] Options: (20 bytes) Maximum segment size: 1460 bytes SACK permitted Time stamp: tsval 1185633227, tsecr 0 NOP Window scale: 4 (multiply by 16)
Frame 2 (74 bytes on wire, 74 bytes captured) Arrival Time: Jan 28, 2009 09:31:24.797024000 Time delta from previous packet: 0.000036000 seconds Time since reference or first frame: 0.000036000 seconds Frame Number: 2 Packet Length: 74 bytes Capture Length: 74 bytes Protocols in frame: eth:ip:tcp Ethernet II, Src: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e), Dst: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) Destination: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Source: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Type: IP (0x0800) Internet Protocol, Src: Ip_cyrus_server (Ip_cyrus_server), Dst: IP_proxy_dovecot (IP_proxy_dovecot) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 0000 00.. = Differentiated Services Codepoint: Default (0x00) .... ..0. = ECN-Capable Transport (ECT): 0 .... ...0 = ECN-CE: 0 Total Length: 60 Identification: 0x0000 (0) Flags: 0x04 (Don't Fragment) 0... = Reserved bit: Not set .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: TCP (0x06) Header checksum: 0x231a [correct] Good: True Bad : False Source: Ip_cyrus_server (Ip_cyrus_server) Destination: IP_proxy_dovecot (IP_proxy_dovecot) Transmission Control Protocol, Src Port: sieve (2000), Dst Port: 53996 (53996), Seq: 0, Ack: 1, Len: 0 Source port: sieve (2000) Destination port: 53996 (53996) Sequence number: 0 (relative sequence number) Acknowledgement number: 1 (relative ack number) Header length: 40 bytes Flags: 0x0012 (SYN, ACK) 0... .... = Congestion Window Reduced (CWR): Not set .0.. .... = ECN-Echo: Not set ..0. .... = Urgent: Not set ...1 .... = Acknowledgment: Set .... 0... = Push: Not set .... .0.. = Reset: Not set .... ..1. = Syn: Set .... ...0 = Fin: Not set Window size: 5792 Checksum: 0x4004 [correct] Options: (20 bytes) Maximum segment size: 1460 bytes SACK permitted Time stamp: tsval 4156540679, tsecr 1185633227 NOP Window scale: 0 (multiply by 1)
Frame 3 (66 bytes on wire, 66 bytes captured) Arrival Time: Jan 28, 2009 09:31:24.797483000 Time delta from previous packet: 0.000459000 seconds Time since reference or first frame: 0.000495000 seconds Frame Number: 3 Packet Length: 66 bytes Capture Length: 66 bytes Protocols in frame: eth:ip:tcp Ethernet II, Src: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f), Dst: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Destination: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Source: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Type: IP (0x0800) Internet Protocol, Src: IP_proxy_dovecot (IP_proxy_dovecot), Dst: Ip_cyrus_server (Ip_cyrus_server) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 0000 00.. = Differentiated Services Codepoint: Default (0x00) .... ..0. = ECN-Capable Transport (ECT): 0 .... ...0 = ECN-CE: 0 Total Length: 52 Identification: 0x7d22 (32034) Flags: 0x04 (Don't Fragment) 0... = Reserved bit: Not set .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: TCP (0x06) Header checksum: 0xa5ff [correct] Good: True Bad : False Source: IP_proxy_dovecot (IP_proxy_dovecot) Destination: Ip_cyrus_server (Ip_cyrus_server) Transmission Control Protocol, Src Port: 53996 (53996), Dst Port: sieve (2000), Seq: 1, Ack: 1, Len: 0 Source port: 53996 (53996) Destination port: sieve (2000) Sequence number: 1 (relative sequence number) Acknowledgement number: 1 (relative ack number) Header length: 32 bytes Flags: 0x0010 (ACK) 0... .... = Congestion Window Reduced (CWR): Not set .0.. .... = ECN-Echo: Not set ..0. .... = Urgent: Not set ...1 .... = Acknowledgment: Set .... 0... = Push: Not set .... .0.. = Reset: Not set .... ..0. = Syn: Not set .... ...0 = Fin: Not set Window size: 5840 (scaled) Checksum: 0x83fb [correct] Options: (12 bytes) NOP NOP Time stamp: tsval 1185633228, tsecr 4156540679
Frame 4 (259 bytes on wire, 259 bytes captured) Arrival Time: Jan 28, 2009 09:31:24.798489000 Time delta from previous packet: 0.001006000 seconds Time since reference or first frame: 0.001501000 seconds Frame Number: 4 Packet Length: 259 bytes Capture Length: 259 bytes Protocols in frame: eth:ip:tcp:skinny:data Ethernet II, Src: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e), Dst: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) Destination: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Source: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Type: IP (0x0800) Internet Protocol, Src: Ip_cyrus_server (Ip_cyrus_server), Dst: IP_proxy_dovecot (IP_proxy_dovecot) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 0000 00.. = Differentiated Services Codepoint: Default (0x00) .... ..0. = ECN-Capable Transport (ECT): 0 .... ...0 = ECN-CE: 0 Total Length: 245 Identification: 0x389b (14491) Flags: 0x04 (Don't Fragment) 0... = Reserved bit: Not set .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: TCP (0x06) Header checksum: 0xe9c5 [correct] Good: True Bad : False Source: Ip_cyrus_server (Ip_cyrus_server) Destination: IP_proxy_dovecot (IP_proxy_dovecot) Transmission Control Protocol, Src Port: sieve (2000), Dst Port: 53996 (53996), Seq: 1, Ack: 1, Len: 193 Source port: sieve (2000) Destination port: 53996 (53996) Sequence number: 1 (relative sequence number) Next sequence number: 194 (relative sequence number) Acknowledgement number: 1 (relative ack number) Header length: 32 bytes Flags: 0x0018 (PSH, ACK) 0... .... = Congestion Window Reduced (CWR): Not set .0.. .... = ECN-Echo: Not set ..0. .... = Urgent: Not set ...1 .... = Acknowledgment: Set .... 1... = Push: Set .... .0.. = Reset: Not set .... ..0. = Syn: Not set .... ...0 = Fin: Not set Window size: 5792 Checksum: 0x6e54 [correct] Options: (12 bytes) NOP NOP Time stamp: tsval 4156540680, tsecr 1185633228 Data (193 bytes)
0000 22 49 4d 50 4c 45 4d 45 4e 54 41 54 49 4f 4e 22 "IMPLEMENTATION" 0010 20 22 43 79 72 75 73 20 74 69 6d 73 69 65 76 65 "Cyrus timsieve 0020 64 20 76 32 2e 32 2e 31 32 22 0d 0a 22 53 41 53 d v2.2.12".."SAS 0030 4c 22 20 22 50 4c 41 49 4e 22 0d 0a 22 53 49 45 L" "PLAIN".."SIE 0040 56 45 22 20 22 66 69 6c 65 69 6e 74 6f 20 72 65 VE" "fileinto re 0050 6a 65 63 74 20 65 6e 76 65 6c 6f 70 65 20 76 61 ject envelope va 0060 63 61 74 69 6f 6e 20 69 6d 61 70 66 6c 61 67 73 cation imapflags 0070 20 6e 6f 74 69 66 79 20 73 75 62 61 64 64 72 65 notify subaddre 0080 73 73 20 72 65 6c 61 74 69 6f 6e 61 6c 20 63 6f ss relational co 0090 6d 70 61 72 61 74 6f 72 2d 69 3b 61 73 63 69 69 mparator-i;ascii 00a0 2d 6e 75 6d 65 72 69 63 20 72 65 67 65 78 22 0d -numeric regex". 00b0 0a 22 53 54 41 52 54 54 4c 53 22 0d 0a 4f 4b 0d ."STARTTLS"..OK. 00c0 0a .
Frame 5 (66 bytes on wire, 66 bytes captured) Arrival Time: Jan 28, 2009 09:31:24.799363000 Time delta from previous packet: 0.000874000 seconds Time since reference or first frame: 0.002375000 seconds Frame Number: 5 Packet Length: 66 bytes Capture Length: 66 bytes Protocols in frame: eth:ip:tcp Ethernet II, Src: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f), Dst: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Destination: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Source: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Type: IP (0x0800) Internet Protocol, Src: IP_proxy_dovecot (IP_proxy_dovecot), Dst: Ip_cyrus_server (Ip_cyrus_server) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 0000 00.. = Differentiated Services Codepoint: Default (0x00) .... ..0. = ECN-Capable Transport (ECT): 0 .... ...0 = ECN-CE: 0 Total Length: 52 Identification: 0x7d23 (32035) Flags: 0x04 (Don't Fragment) 0... = Reserved bit: Not set .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: TCP (0x06) Header checksum: 0xa5fe [correct] Good: True Bad : False Source: IP_proxy_dovecot (IP_proxy_dovecot) Destination: Ip_cyrus_server (Ip_cyrus_server) Transmission Control Protocol, Src Port: 53996 (53996), Dst Port: sieve (2000), Seq: 1, Ack: 194, Len: 0 Source port: 53996 (53996) Destination port: sieve (2000) Sequence number: 1 (relative sequence number) Acknowledgement number: 194 (relative ack number) Header length: 32 bytes Flags: 0x0010 (ACK) 0... .... = Congestion Window Reduced (CWR): Not set .0.. .... = ECN-Echo: Not set ..0. .... = Urgent: Not set ...1 .... = Acknowledgment: Set .... 0... = Push: Not set .... .0.. = Reset: Not set .... ..0. = Syn: Not set .... ...0 = Fin: Not set Window size: 6912 (scaled) Checksum: 0x82f5 [correct] Options: (12 bytes) NOP NOP Time stamp: tsval 1185633229, tsecr 4156540680
Frame 6 (107 bytes on wire, 107 bytes captured) Arrival Time: Jan 28, 2009 09:31:24.800109000 Time delta from previous packet: 0.000746000 seconds Time since reference or first frame: 0.003121000 seconds Frame Number: 6 Packet Length: 107 bytes Capture Length: 107 bytes Protocols in frame: eth:ip:tcp:skinny:data Ethernet II, Src: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f), Dst: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Destination: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Source: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Type: IP (0x0800) Internet Protocol, Src: IP_proxy_dovecot (IP_proxy_dovecot), Dst: Ip_cyrus_server (Ip_cyrus_server) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 0000 00.. = Differentiated Services Codepoint: Default (0x00) .... ..0. = ECN-Capable Transport (ECT): 0 .... ...0 = ECN-CE: 0 Total Length: 93 Identification: 0x7d24 (32036) Flags: 0x04 (Don't Fragment) 0... = Reserved bit: Not set .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: TCP (0x06) Header checksum: 0xa5d4 [correct] Good: True Bad : False Source: IP_proxy_dovecot (IP_proxy_dovecot) Destination: Ip_cyrus_server (Ip_cyrus_server) Transmission Control Protocol, Src Port: 53996 (53996), Dst Port: sieve (2000), Seq: 1, Ack: 194, Len: 41 Source port: 53996 (53996) Destination port: sieve (2000) Sequence number: 1 (relative sequence number) Next sequence number: 42 (relative sequence number) Acknowledgement number: 194 (relative ack number) Header length: 32 bytes Flags: 0x0018 (PSH, ACK) 0... .... = Congestion Window Reduced (CWR): Not set .0.. .... = ECN-Echo: Not set ..0. .... = Urgent: Not set ...1 .... = Acknowledgment: Set .... 1... = Push: Set .... .0.. = Reset: Not set .... ..0. = Syn: Not set .... ...0 = Fin: Not set Window size: 6912 (scaled) Checksum: 0xdee3 [correct] Options: (12 bytes) NOP NOP Time stamp: tsval 1185633230, tsecr 4156540680 Data (41 bytes)
0000 41 55 54 48 45 4e 54 49 43 41 54 45 20 22 50 4c AUTHENTICATE "PL 0010 41 49 4e 22 20 22 41 47 6c 74 59 58 41 79 41 47 AIN" "AGltYXAyAG 0020 6c 74 59 58 41 79 22 0d 0a ltYXAy"..
Frame 7 (66 bytes on wire, 66 bytes captured) Arrival Time: Jan 28, 2009 09:31:24.800129000 Time delta from previous packet: 0.000020000 seconds Time since reference or first frame: 0.003141000 seconds Frame Number: 7 Packet Length: 66 bytes Capture Length: 66 bytes Protocols in frame: eth:ip:tcp Ethernet II, Src: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e), Dst: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) Destination: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Source: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Type: IP (0x0800) Internet Protocol, Src: Ip_cyrus_server (Ip_cyrus_server), Dst: IP_proxy_dovecot (IP_proxy_dovecot) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 0000 00.. = Differentiated Services Codepoint: Default (0x00) .... ..0. = ECN-Capable Transport (ECT): 0 .... ...0 = ECN-CE: 0 Total Length: 52 Identification: 0x389c (14492) Flags: 0x04 (Don't Fragment) 0... = Reserved bit: Not set .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: TCP (0x06) Header checksum: 0xea85 [correct] Good: True Bad : False Source: Ip_cyrus_server (Ip_cyrus_server) Destination: IP_proxy_dovecot (IP_proxy_dovecot) Transmission Control Protocol, Src Port: sieve (2000), Dst Port: 53996 (53996), Seq: 194, Ack: 42, Len: 0 Source port: sieve (2000) Destination port: 53996 (53996) Sequence number: 194 (relative sequence number) Acknowledgement number: 42 (relative ack number) Header length: 32 bytes Flags: 0x0010 (ACK) 0... .... = Congestion Window Reduced (CWR): Not set .0.. .... = ECN-Echo: Not set ..0. .... = Urgent: Not set ...1 .... = Acknowledgment: Set .... 0... = Push: Not set .... .0.. = Reset: Not set .... ..0. = Syn: Not set .... ...0 = Fin: Not set Window size: 5792 Checksum: 0x6ddb [correct] Options: (12 bytes) NOP NOP Time stamp: tsval 4156540680, tsecr 1185633230
Frame 8 (70 bytes on wire, 70 bytes captured) Arrival Time: Jan 28, 2009 09:31:24.822573000 Time delta from previous packet: 0.022444000 seconds Time since reference or first frame: 0.025585000 seconds Frame Number: 8 Packet Length: 70 bytes Capture Length: 70 bytes Protocols in frame: eth:ip:tcp:skinny Ethernet II, Src: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e), Dst: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) Destination: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Source: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Type: IP (0x0800) Internet Protocol, Src: Ip_cyrus_server (Ip_cyrus_server), Dst: IP_proxy_dovecot (IP_proxy_dovecot) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 0000 00.. = Differentiated Services Codepoint: Default (0x00) .... ..0. = ECN-Capable Transport (ECT): 0 .... ...0 = ECN-CE: 0 Total Length: 56 Identification: 0x389d (14493) Flags: 0x04 (Don't Fragment) 0... = Reserved bit: Not set .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: TCP (0x06) Header checksum: 0xea80 [correct] Good: True Bad : False Source: Ip_cyrus_server (Ip_cyrus_server) Destination: IP_proxy_dovecot (IP_proxy_dovecot) Transmission Control Protocol, Src Port: sieve (2000), Dst Port: 53996 (53996), Seq: 194, Ack: 42, Len: 4 Source port: sieve (2000) Destination port: 53996 (53996) Sequence number: 194 (relative sequence number) Next sequence number: 198 (relative sequence number) Acknowledgement number: 42 (relative ack number) Header length: 32 bytes Flags: 0x0018 (PSH, ACK) 0... .... = Congestion Window Reduced (CWR): Not set .0.. .... = ECN-Echo: Not set ..0. .... = Urgent: Not set ...1 .... = Acknowledgment: Set .... 1... = Push: Set .... .0.. = Reset: Not set .... ..0. = Syn: Not set .... ...0 = Fin: Not set Window size: 5792 Checksum: 0x1178 [correct] Options: (12 bytes) NOP NOP Time stamp: tsval 4156540682, tsecr 1185633230 [Malformed Packet: SKINNY]
Frame 9 (66 bytes on wire, 66 bytes captured) Arrival Time: Jan 28, 2009 09:31:24.823219000 Time delta from previous packet: 0.000646000 seconds Time since reference or first frame: 0.026231000 seconds Frame Number: 9 Packet Length: 66 bytes Capture Length: 66 bytes Protocols in frame: eth:ip:tcp Ethernet II, Src: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f), Dst: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Destination: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Source: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Type: IP (0x0800) Internet Protocol, Src: IP_proxy_dovecot (IP_proxy_dovecot), Dst: Ip_cyrus_server (Ip_cyrus_server) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 0000 00.. = Differentiated Services Codepoint: Default (0x00) .... ..0. = ECN-Capable Transport (ECT): 0 .... ...0 = ECN-CE: 0 Total Length: 52 Identification: 0x7d25 (32037) Flags: 0x04 (Don't Fragment) 0... = Reserved bit: Not set .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: TCP (0x06) Header checksum: 0xa5fc [correct] Good: True Bad : False Source: IP_proxy_dovecot (IP_proxy_dovecot) Destination: Ip_cyrus_server (Ip_cyrus_server) Transmission Control Protocol, Src Port: 53996 (53996), Dst Port: sieve (2000), Seq: 42, Ack: 198, Len: 0 Source port: 53996 (53996) Destination port: sieve (2000) Sequence number: 42 (relative sequence number) Acknowledgement number: 198 (relative ack number) Header length: 32 bytes Flags: 0x0011 (FIN, ACK) 0... .... = Congestion Window Reduced (CWR): Not set .0.. .... = ECN-Echo: Not set ..0. .... = Urgent: Not set ...1 .... = Acknowledgment: Set .... 0... = Push: Not set .... .0.. = Reset: Not set .... ..0. = Syn: Not set .... ...1 = Fin: Set Window size: 6912 (scaled) Checksum: 0x82ad [correct] Options: (12 bytes) NOP NOP Time stamp: tsval 1185633253, tsecr 4156540682
Frame 10 (88 bytes on wire, 88 bytes captured) Arrival Time: Jan 28, 2009 09:31:24.823267000 Time delta from previous packet: 0.000048000 seconds Time since reference or first frame: 0.026279000 seconds Frame Number: 10 Packet Length: 88 bytes Capture Length: 88 bytes Protocols in frame: eth:ip:tcp:skinny:data Ethernet II, Src: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e), Dst: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) Destination: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Source: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Type: IP (0x0800) Internet Protocol, Src: Ip_cyrus_server (Ip_cyrus_server), Dst: IP_proxy_dovecot (IP_proxy_dovecot) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 0000 00.. = Differentiated Services Codepoint: Default (0x00) .... ..0. = ECN-Capable Transport (ECT): 0 .... ...0 = ECN-CE: 0 Total Length: 74 Identification: 0x389e (14494) Flags: 0x04 (Don't Fragment) 0... = Reserved bit: Not set .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: TCP (0x06) Header checksum: 0xea6d [correct] Good: True Bad : False Source: Ip_cyrus_server (Ip_cyrus_server) Destination: IP_proxy_dovecot (IP_proxy_dovecot) Transmission Control Protocol, Src Port: sieve (2000), Dst Port: 53996 (53996), Seq: 198, Ack: 43, Len: 22 Source port: sieve (2000) Destination port: 53996 (53996) Sequence number: 198 (relative sequence number) Next sequence number: 220 (relative sequence number) Acknowledgement number: 43 (relative ack number) Header length: 32 bytes Flags: 0x0018 (PSH, ACK) 0... .... = Congestion Window Reduced (CWR): Not set .0.. .... = ECN-Echo: Not set ..0. .... = Urgent: Not set ...1 .... = Acknowledgment: Set .... 1... = Push: Set .... .0.. = Reset: Not set .... ..0. = Syn: Not set .... ...0 = Fin: Not set Window size: 5792 Checksum: 0xfd20 [correct] Options: (12 bytes) NOP NOP Time stamp: tsval 4156540682, tsecr 1185633253 Data (22 bytes)
0000 4f 4b 20 22 4c 6f 67 6f 75 74 20 43 6f 6d 70 6c OK "Logout Compl 0010 65 74 65 22 0d 0a ete"..
Frame 11 (60 bytes on wire, 60 bytes captured) Arrival Time: Jan 28, 2009 09:31:24.823844000 Time delta from previous packet: 0.000577000 seconds Time since reference or first frame: 0.026856000 seconds Frame Number: 11 Packet Length: 60 bytes Capture Length: 60 bytes Protocols in frame: eth:ip:tcp Ethernet II, Src: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f), Dst: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Destination: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Source: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f) .... ...0 .... .... .... .... = Multicast: This is a UNICAST frame .... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address Type: IP (0x0800) Trailer: 000000000000 Internet Protocol, Src: IP_proxy_dovecot (IP_proxy_dovecot), Dst: Ip_cyrus_server (Ip_cyrus_server) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 0000 00.. = Differentiated Services Codepoint: Default (0x00) .... ..0. = ECN-Capable Transport (ECT): 0 .... ...0 = ECN-CE: 0 Total Length: 40 Identification: 0x0000 (0) Flags: 0x04 (Don't Fragment) 0... = Reserved bit: Not set .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: TCP (0x06) Header checksum: 0x232e [correct] Good: True Bad : False Source: IP_proxy_dovecot (IP_proxy_dovecot) Destination: Ip_cyrus_server (Ip_cyrus_server) Transmission Control Protocol, Src Port: 53996 (53996), Dst Port: sieve (2000), Seq: 43, Len: 0 Source port: 53996 (53996) Destination port: sieve (2000) Sequence number: 43 (relative sequence number) Header length: 20 bytes Flags: 0x0004 (RST) 0... .... = Congestion Window Reduced (CWR): Not set .0.. .... = ECN-Echo: Not set ..0. .... = Urgent: Not set ...0 .... = Acknowledgment: Not set .... 0... = Push: Not set .... .1.. = Reset: Set .... ..0. = Syn: Not set .... ...0 = Fin: Not set Window size: 0 Checksum: 0x5148 [correct]
I've found this in the cyrus log file :
Jan 28 13:19:18 cyrus_server sieve[10793]: login: proxy_dovecot[138.138.138.138] imap2 PLAIN User logged in
When I test with sivtest -a myuser I can connect with PLAIN mechanism.
If I replay with a telnet cyrus_server 2000 exactly what avelsieve send to a dovecot server I got this :
telnet cyrus_server sieve Trying 138.138.138.138... Connected to cyrus_server.inria.fr (138.138.138.138). Escape character is '^]'. "IMPLEMENTATION" "Cyrus timsieved v2.2.12" "SASL" "PLAIN" "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex" "STARTTLS" OK AUTHENTICATE "PLAIN" "AGltYXAyAGltYXAy" OK CAPABILITY "IMPLEMENTATION" "Cyrus timsieved v2.2.12" "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex" OK
It's like avelsieve just stop the connection by itself because once the user is logged, there is no other command send ! I don't understand why avelsieve tell me : unable to connect to server IMAP. localhost.
I've done some others tests :
- sivtest to a dovecot sieve server it's working.
- telnet cyrus_server 2000 : it's working too
- directly telnet dovecot 2000 : it's working too
- telnet dovecot_proxy 2000 : it's not working ! (complain with NO "Authentication failed.")
It seems like the problem comes from dovecot in proxy mode ?? (only to connect to a cyrus sieve server, because it's working well with a dovecot sieve server)
Mathieu Kretchner wrote:
Does Squirrelmail try to use STARTTLS? Having full session traffic logs I don't think Squirrelmail is trying to use STARTTLS. But anyway I've tried to trace the sieve connection protocol, you could find it in the attachement. It's approximatively the same data, I've posted yesterday with extra protocol tcp/ip :)
of when Squirrelmail is logging into Dovecot proxy and when logging into Cyrus proxy would be helpful (ngrep, wireshark, etc). If Squirrelmail uses STARTTLS, this doesn't really work though (but at least the logs will reveal that it is doing STARTTLS). Also if it is doing that, perhaps the issue is SASL PLAIN after all, since Dovecot proxy won't do STARTTLS to the Cyrus.
Also if you set auth_debug=yes, what do you see in Dovecot logs when attempting to log in?
Here is my dovecot log with auth_debug=yes :
Jan 28 09:31:24 myservername dovecot: auth(default): client in: AUTH 3 PLAIN service=managesieve secured lip=127.0.0.1 rip=127.0.0.1 lport=2000 rport=42791 resp=<hidden> Jan 28 09:31:24 myservername dovecot: auth-worker(default): sql(imap2,127.0.0.1): query: SELECT NULL AS password, host, destuser, 'Y' as nopassword, 'Y' AS proxy FROM proxy WHERE user = 'imap2' Jan 28 09:31:24 myservername dovecot: auth(default): client out: OK 3 user=imap2 host=138.138.138.138 destuser=imap2 proxy pass=<hidden> Jan 28 09:31:24 myservername dovecot: managesieve-login: Disconnected: user=<imap2>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 28 09:31:24 myservername dovecot: auth(default): new auth connection: pid=4760
Mathieu Kretchner schreef:
It seems like the problem comes from dovecot in proxy mode ?? (only to connect to a cyrus sieve server, because it's working well with a dovecot sieve server)
I'll do a few tests in the coming days. Let's see what I can find out.
Regards,
-- Stephan Bosch stephan@rename-it.nl
Ok thanks for your help,
By the way I've another question, we have configure a postfix smtp proxy with plain text database in order to redirect mail that coming to imap proxy to be delivered to the right imap backend.
Does the dovecot imap proxy do to the local delivery itself to the right backend server ?
Stephan Bosch wrote:
Mathieu Kretchner schreef:
It seems like the problem comes from dovecot in proxy mode ?? (only to connect to a cyrus sieve server, because it's working well with a dovecot sieve server)
I'll do a few tests in the coming days. Let's see what I can find out. If you want some other network capture or tests I've done let me known, it would be a pleasure to help you !
Regards,
Mathieu Kretchner schreef:
Ok thanks for your help,
By the way I've another question, we have configure a postfix smtp proxy with plain text database in order to redirect mail that coming to imap proxy to be delivered to the right imap backend.
Does the dovecot imap proxy do to the local delivery itself to the right backend server ? The IMAP proxy has nothing to do with mail delivery. It merely forwards IMAP connections to the backend.
Stephan Bosch wrote:
Mathieu Kretchner schreef:
It seems like the problem comes from dovecot in proxy mode ?? (only to connect to a cyrus sieve server, because it's working well with a dovecot sieve server)
I'll do a few tests in the coming days. Let's see what I can find out. If you want some other network capture or tests I've done let me known, it would be a pleasure to help you !
Ok, this was caused by Dovecot. Fixed:
http://hg.rename-it.nl/dovecot-1.1-managesieve/rev/f575c6b41697
I also added a proper log message in subsequent changes.
Regards,
-- Stephan Bosch stephan@rename-it.nl
Thanks you so much, it's working !!
I love when the week begin with a such good monday.
Stephan Bosch wrote:
Mathieu Kretchner schreef:
Ok thanks for your help,
By the way I've another question, we have configure a postfix smtp proxy with plain text database in order to redirect mail that coming to imap proxy to be delivered to the right imap backend.
Does the dovecot imap proxy do to the local delivery itself to the right backend server ? The IMAP proxy has nothing to do with mail delivery. It merely forwards IMAP connections to the backend.
Stephan Bosch wrote:
Mathieu Kretchner schreef:
It seems like the problem comes from dovecot in proxy mode ?? (only to connect to a cyrus sieve server, because it's working well with a dovecot sieve server)
I'll do a few tests in the coming days. Let's see what I can find out. If you want some other network capture or tests I've done let me known, it would be a pleasure to help you !
Ok, this was caused by Dovecot. Fixed:
http://hg.rename-it.nl/dovecot-1.1-managesieve/rev/f575c6b41697
I also added a proper log message in subsequent changes.
Regards,
Mathieu Kretchner wrote:
Thanks you so much, it's working !!
Yes, but keep in mind that Dovecot may show different SIEVE capabilities during login than Cyrus does. With v1.1 you are still using the cmusieve plugin, so these may match well. With the new Sieve plugin, this will definitely not match and I am not sure how this could be mended.
Regards,
Stephan.
I've tried to take some data with tethereal :
The only data I'm able to see between cyrus and dovecot (without protocol noise) :
Data (41 bytes) 0000 41 55 54 48 45 4e 54 49 43 41 54 45 20 22 50 4c AUTHENTICATE "PL 0010 41 49 4e 22 20 22 41 47 6c 74 59 58 41 79 41 47 AIN" "AGltYXAyAG 0020 6c 74 59 58 41 79 22 0d 0a ltYXAy"..
Data (22 bytes) 0000 4f 4b 20 22 4c 6f 67 6f 75 74 20 43 6f 6d 70 6c OK "Logout Compl 0010 65 74 65 22 0d 0a ete"..
As you told me, the problem seems to be at authentication time. Whereas I've found this in my imapd.conf of cyrus server : # for sieveshell sasl_mech_list: PLAIN
And in order to have a reference: between dovecot proxy and imap dovecot :
Data (41 bytes) 0000 41 55 54 48 45 4e 54 49 43 41 54 45 20 22 50 4c AUTHENTICATE "PL 0010 41 49 4e 22 20 22 41 47 6c 74 59 58 41 78 41 47 AIN" "AGltYXAxAG 0020 6c 74 59 58 41 78 22 0d 0a ltYXAx"..
Data (17 bytes) 0000 4f 4b 20 22 4c 6f 67 67 65 64 20 69 6e 2e 22 0d OK "Logged in.". 0010 0a .
Data (12 bytes) 0000 43 41 50 41 42 49 4c 49 54 59 0d 0a CAPABILITY..
Mathieu Kretchner wrote:
Stephan Bosch wrote:
Hello all,
I've configured a dovecot server in proxy mode. It seems to work well but. I've tested managesieve with squirrelmail and it's working correctly but I can't connect to cyrus sieve server : timsieved First of all, what versions are you using? How is it all configured? Do
Mathieu Kretchner wrote: the Dovecot and Cyrus logs contain anything useful?
I've to do a migration between cyrus and dovecot so we have choosen to use dovecot (1.1.8) proxy in front of an old cyrus 2.2.12 and our new dovecot server.
Does anybody here have configure a sieve proxy to do this ? Your setup is a bit odd. I haven't tried this ever and doubt anyone else has. The proxying feature is mainly implemented with Dovecot back-ends in mind. In an ideal world this should work however, so there is a possibility that the Dovecot proxy is not working properly.
Or is it a normal behavior and dovecot sieve proxy can't speak with cyrus sieve ? Theoretically, this setup should be possible. However, the protocol specification is unfortunately not always followed to the letter. Also, Cyrus possibly does not allow you to login with the SASL PLAIN mechanism (the only one supported for proxying now). This seems unlikely though, since the IMAP proxy does work. I think you've right, I've done some tcpdump and don't see a lot of thing but there is some data on the 2000 port of my cyrus server. But I realy wonder if the SASL PLAIN mechanism is the key of the problem ?
telnet imap-serv sieve Trying 138.XX.XX.XX... Connected to imap-serv. Escape character is '^]'. "IMPLEMENTATION" "Cyrus timsieved v2.2.12" "SASL" "PLAIN" "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex" "STARTTLS" OK
If I configure my remote squirrelmail to directly access to my cyrus server, it works ! But as soon as I plug squirrelmail on the proxy it's crashing ...
Thank you for your help
Without more information I can only guess what is going on. Could you sniff the communication between Dovecot and Cyrus (e.g. using ngrep)? Perhaps, if it is not too much trouble, I can make it work...
Regards,
Stephan
participants (4)
-
Mathieu Kretchner
-
Stephan Bosch
-
Stephan Bosch
-
Timo Sirainen