[CentOS] Which imapd?
jean-sebastien Hubert
security at air-austral.com
Tue Oct 25 06:25:42 UTC 2005
Nels Lindquist wrote:
>On 24 Oct 2005 at 14:23, jean-sebastien Hubert wrote:
>
><snip>
>
>
>
>>!!!!!!!!!!!!!!
>>I have a cyrus-imapd to admin (with mysql, postfix) and .. the thing i
>>can say is: in the next 3 month, I will install courier to kick this
>>... of . (there is 500 accounts on this server)
>>Cyrus is very hard to install/configure/manage.
>>
>>
>
>You seem to be confusing Cyrus-IMAPD with Cyrus-SASL. Cyrus-IMAPD
>doesn't use any kind of SQL backend, and I have no idea why you'd
>want to try.
>
>Cyrus SASL is used by Cyrus IMAPD (and many other applications) for
>authentication support, and it can indeed be quite complex to
>configure because of the enormous number of available backends and
>configuration options. Getting rid of Cyrus-IMAPD won't rid you of
>your SASL configuration headaches if, say, you're using SMTP AUTH
>with Postfix, because Postfix (along with many other MTAs) requires
>Cyrus-SASL for its AUTH support.
>
><snip>
>
>
>
That's a global problem in fact: cyrus-imapd/cyrus-sasl/postfix/mysql
must be run together; and that's hard to configure
them when you don't have a distro which is "cyrus ready", like RHAS3 or
Debian Woody ...
>>Maybe; the problem with cyrus is when you use it with mysql and postfix
>>.. you need to recompile so many stuff , and more you
>>modify your distrib, more it's hard to apply security updates.
>>
>>
>
>The version of Cyrus-SASL which shipped with CentOS3/RHEL3 is
>somewhat antiquated, and the SQL plugin support pretty clunky.
>
That was the main problem: use the default cyrus-sasl is ... impossible
(in RHAS3),
you need to modify your system with non-standard rpms so in a certain
way you "break" your RHAS3 compilance.
> I'd
>strongly recommend that if you're using Cyrus software on RHEL3 or
>smilar, you should download Simon Mattar's Cyrus SRPMs:
>
>http://www.invoca.ch/pub/packages/cyrus-sasl/
>http://www.invoca.ch/pub/packages/cyrus-imapd/
>
>Late in the SASL 2.1.x branch, support for both MySQL and Postgresql
>was shifted to a single sql plugin which allows for specific backend
>configuration in the sasl.conf files.
>
>
>
I will try it soon.
Thanks
More information about the CentOS
mailing list