[CentOS] syncing imap servers with imapsync

Sun Dec 4 04:46:42 UTC 2011
Craig White <craigwhite at azapple.com>

On Sun, 2011-12-04 at 04:00 +0000, Tim Dunphy wrote:
> hello list,
> 
>  I am attempting to sync two imap servers using the imapsync perl script. It seems handy and easy.
> 
> 
> Here's what happens when I try to do this:
> 
> #
> # Postfix master process configuration file.  For details on the format
> # of the file, see the master(5) manual page (command: "man 5 master").
> #  -o smtpd_sasl_auth_enable=yes
> #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
> #smtps     inet  n       -       n       -       -       smtpd
> virtual   unix  -       n       n       -       -       virtual
> lmtp      unix  -       -       n       -       -       lmtp
> anvil     unix  -       -       n       -       1       anvil
> scache    unix  -       -       n       -       1       scache
> amavis    unix  -       -       -       -       2       smtp
>           -o smtp_data_done_timeout=1200
>           -o smtp_send_xforward_command=yes
> [root at mail3 skins]# imapsync --syncinternaldates --host1 mail.example1.com --user1 bluethundr --password1 secret --host2 roundcube.example2.com --user2 bluethundr --password2 secret
> [root at mail3 skins]# imapsync --syncinternaldates --host1 mail.example1.com --user1 bluethundr --password1 secret --host2 roundcube.example2.com --user2 bluethundr --password2 secret
> $RCSfile: imapsync,v $ $Revision: 1.456 $ $Date: 2011/08/24 04:21:30 $
> Here is a [linux] system (Linux mail3.example1.com 3.0.4-x86_64-linode21 #1 SMP Thu Sep 1 21:28:01 EDT 2011 x86_64)
> With perl 5.8.8 Mail::IMAPClient  3.28
> Command line used:
> /usr/bin/imapsync --syncinternaldates --host1 mail.example1.com --user1 bluethundr --password1 MASKED --host2 roundcube.example2.com --user2 bluethundr --password2 MASKED
> Temp directory is /tmp
> PID file is /tmp/imapsync.pid
> Modules version list:
> Mail::IMAPClient     3.28
> IO::Socket           1.29
> IO::Socket::INET     1.29
> IO::Socket::SSL      1.01
> Digest::MD5          2.36
> Digest::HMAC_MD5     1.01
> Term::ReadKey        2.30
> Authen::NTLM         1.09
> 
> Info: turned ON syncinternaldates, will set the internal dates (arrival dates) on host2 same as host1.
> Info: will try to use LOGIN authentication on host1
> Info: will try to use LOGIN authentication on host2
> Host1: imap server [mail.example1.com] port [143] user [bluethundr]
> Host2: imap server [roundcube.example2.com] port [143] user [bluethundr]
> Banner: * OK mail.example1.com Zimbra IMAP4rev1 server ready
> Info: host mail.example1.com says it has NO CAPABILITY for AUTHENTICATE LOGIN
> Info: success login on [mail.example1.com] with user [bluethundr] auth [LOGIN]
> Banner: * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2011 Double Precision, Inc.  See COPYING for distribution information.
> Info: host roundcube.example2.com says it has NO CAPABILITY for AUTHENTICATE LOGIN
> Failure: error login [roundcube.example2.com] with user [bluethundr] auth [LOGIN]: 2 NO Login failed.
> Failure: error login [roundcube.example2.com] with user [bluethundr] auth [LOGIN]: 2 NO Login failed.
> [root at mail3 skins]# 
> 
> 
> 
> 
> I can log into both imap servers without any problem. Server1 is a zimbra server and Server2 is a plain vanilla postfix setup with courier imap. I believe the problem is with courier authlib and the advertised capabilities of that server.
> 
> 
> Info: host mail.example1.com says it has NO CAPABILITY for AUTHENTICATE LOGIN
> 
> 
> This is my authmodulelist on server2.
> 
> 
> authmodulelist="authuserdb authpam authpgsql authldap authmysql authcustom authpipe"
> 
> This is all I see in the postfix logs on the second server when the authentication failure happens:
> 
> 
> Dec  3 22:54:59 li135-81 imapd: Connection, ip=[::ffff:69.164.220.81]
> Dec  3 22:55:01 li135-81 imapd: LOGIN FAILED, user=bluethundr, ip=[::ffff:69.164.220.81]
> Dec  3 22:55:06 li135-81 imapd: Disconnected, ip=[::ffff:69.164.220.81], time=7
> Dec  3 22:55:15 li135-81 imapd: Connection, ip=[::ffff:127.0.0.1]
> Dec  3 22:55:15 li135-81 imapd: LOGIN, user=bluethundr at exmaple2.com, ip=[::ffff:127.0.0.1], port=[57141], protocol=IMAP
> Dec  3 22:55:15 li135-81 imapd: LOGOUT, user=bluethundr at example2.com, ip=[::ffff:127.0.0.1], headers=0, body=0, rcvd=94, sent=460, time=0
> 
> I'm thinking I need to find a way for server2 to authenticate via plaintext for this to happen. 
> 
> I'd appreciate any advice you might have.
> 
> thanks in advance
> tim
----
Zimbra uses cyrus-imapd right?

if so, you need to configure it for login/plain, something like this...

# grep sasl_mech_list /etc/imapd.conf
sasl_mech_list: plain login gssapi external

Probably don't need the gssapi or external

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.