Further Notes on Integration...
Posted on 8/20/2005 3:56 pm in This Old Site
I think I've gotten the mail server portion of my problem figured
out. My first attempt will be using the cyrus imapd daemon.
I've tried using this system wide before, but it doesn't suit my needs
for everything. Fortunately, I can configure it to only work for
one domain.
Cyrus allows me to use a MySQL database to authenticate my users. There are several steps involved to make all of this work.
Step One:
I've installed the security/cyrus-sasl2 port and the cryus-imapd22 port. The security/cryus-sasl2 port has to be installed with the WITH_MYSQL option though.
Step Two:
I've set up the cyrus.conf file to have a different listen= port for imap and imaps. I've also disabled pop3 access for it. I will be using 4143 and 4993 for my ports (i.e. just adding a 4 to the standard port number).
Step Three:
I've configured sendmail to use cyrus for the domain. First, we must remove the domain from local-host-names. Next, we add the following line into mailtertable:
Step Four:
I've added these lines to imapd.conf:
An sql database has been set up to hold my accumulated passwords.
Problem:
I've encoutered a problem with the solution above. It's not checking the MD5 hashed password from PHP-Nuke properly. If I set the password field to the plaintext password, it works fine, but that's not acceptable. I'm going to have to play a while longer to see what I can come up with. Right now, I'm thinking I might have to reconfigure PHP-Nuke to use a different password hashing algorithm.
Cyrus allows me to use a MySQL database to authenticate my users. There are several steps involved to make all of this work.
Step One:
I've installed the security/cyrus-sasl2 port and the cryus-imapd22 port. The security/cryus-sasl2 port has to be installed with the WITH_MYSQL option though.
Step Two:
I've set up the cyrus.conf file to have a different listen= port for imap and imaps. I've also disabled pop3 access for it. I will be using 4143 and 4993 for my ports (i.e. just adding a 4 to the standard port number).
Step Three:
I've configured sendmail to use cyrus for the domain. First, we must remove the domain from local-host-names. Next, we add the following line into mailtertable:
geektao.net cyrusv2After that, we have to add this to our %hostname%.mc file:
mailer(cyrusv2)dnlI'm probably going to have to add some arguments later, but I haven't found any that I need to change yet.
Step Four:
I've added these lines to imapd.conf:
sasl_pwcheck_method: auxpropStep Five:
sasl_auxprop_plugin: sql
sasl_sql_engine: mysql
sasl_mech_list: LOGIN DIGEST-MD5 CRAM-MD5
sasl_sql_hostnames: localhost
sasl_sql_user: cyrus
sasl_sql_passwd:
sasl_sql_database: cyrususers
sasl_sql_verbose: yes
sasl_sql_select: SELECT password FROM users WHERE username = '%u' AND realm = '%r'
An sql database has been set up to hold my accumulated passwords.
CREATE DATABASE cyrus;Next, we have to pull our passwords from the nuke_users table into the new table. I'm still working on how to automate this. If the MySQL version I'm using supported triggers, that would be a better option, but I believe we'll have to wait for 5.x for that. Instead, I'm probably going to have to use a crontab entry and an UPDATE or REPLACE statement. Here is the SQL statement to pull the users initially:
USE cyrus
CREATE TABLE `users` (`username` VARCHAR( 64 ) NOT NULL ,) TYPE = MYISAM ;
`realm` VARCHAR( 64 ) NOT NULL ,
`password` VARCHAR( 32 ) NOT NULL ,
PRIMARY KEY ( `username` )
INSERT INTO users SELECT username, 'geektao.net' AS realm, user_password AS password FROM geektao_net.nuke_users WHERE username <> "Anonymous"Now I should have a working users table.
Problem:
I've encoutered a problem with the solution above. It's not checking the MD5 hashed password from PHP-Nuke properly. If I set the password field to the plaintext password, it works fine, but that's not acceptable. I'm going to have to play a while longer to see what I can come up with. Right now, I'm thinking I might have to reconfigure PHP-Nuke to use a different password hashing algorithm.
