NTLM and fetchmail

hi,

on a RT3.8.8 i’ve successfully configured NTLM authentification, but now i
have a problem with fetchmail wich takes the emails from an imap server.
Fetchmail is able to grab the messages, but when forwarding to
/opt/rt3/sbin/rt-mailgate, apache is answering an “401 Authorization
required” so emails are not passed to RT (nor deleted from the server)

I beleive i have a misconfiguration either in apache or fetchmail rc file,
but can’t get it to work correctly, may someone have a look ?

/etc/crontab
*/1 * * * 1-5 root fetchmail -f /root/.fetchmailrc -v

.fetchmailrc (placed in /root/)
poll imapserver proto imap
user user@yy.com
pass xxxxx
mda “perl /opt/rt3/bin/rt-mailgate --url http://myserver --queue General
–action correspond”

rt3.conf

ServerName myserver
ServerAdmin xx@yy.com

DocumentRoot /opt/rt3/share/html
AddDefaultCharset UTF-8

<Directory /opt/rt3/share/html/>
Order allow,deny
Allow from all
AuthName "Request Tracker"
AuthType NTLM
NTLMAuth on
NTLMAuthoritative on
NTLMDomain mydomain
NTLMServer machine.mydomain
require valid-user

PerlModule Apache2::compat
PerlModule Apache::DBI
PerlRequire /opt/rt3/bin/webmux.pl

SetHandler perl-script PerlHandler RT::Mason Satisfy any Allow from all

Rapha�l
" Ce courriel et les documents qui lui sont joints peuvent contenir des
informations confidentielles ou ayant un caract�re priv�. S’ils ne vous sont
pas destin�s, nous vous signalons qu’il est strictement interdit de les
divulguer, de les reproduire ou d’en utiliser de quelque mani�re que ce
soit le contenu. Si ce message vous a �t� transmis par erreur, merci d’en
informer l’exp�diteur et de supprimer imm�diatement de votre syst�me
informatique ce courriel ainsi que tous les documents qui y sont attach�s."

" This e-mail and any attached documents may contain confidential or
proprietary information. If you are not the intended recipient, you are
notified that any dissemination, copying of this e-mail and any attachments
thereto or use of their contents by any means whatsoever is strictly
prohibited. If you have received this e-mail in error, please advise the
sender immediately and delete this e-mail and all attached documents
from your computer system."

Hi,

/REST/1.0/NoAuth/mail-gateway location should be excluded from
authentication. However, it’s better to limit hosts that can access by
IP.2011/5/24 Raphaël MOUNEYRES raphael.mouneyres@sagemcom.com:

hi,

on a RT3.8.8 i’ve successfully configured NTLM authentification, but now i
have a problem with fetchmail wich takes the emails from an imap server.
Fetchmail is able to grab the messages, but when forwarding to
/opt/rt3/sbin/rt-mailgate, apache is answering an “401 Authorization
required” so emails are not passed to RT (nor deleted from the server)

I beleive i have a misconfiguration either in apache or fetchmail rc file,
but can’t get it to work correctly, may someone have a look ?

/etc/crontab
*/1 * * * 1-5 root fetchmail -f /root/.fetchmailrc -v

.fetchmailrc (placed in /root/)
poll imapserver proto imap
user user@yy.com
pass xxxxx
mda “perl /opt/rt3/bin/rt-mailgate --url http://myserver --queue General
–action correspond”

rt3.conf

ServerName myserver
ServerAdmin xx@yy.com

DocumentRoot /opt/rt3/share/html
AddDefaultCharset UTF-8

<Directory /opt/rt3/share/html/>
Order allow,deny
Allow from all
AuthName "Request Tracker"
AuthType NTLM
NTLMAuth on
NTLMAuthoritative on
NTLMDomain mydomain
NTLMServer machine.mydomain
require valid-user

PerlModule Apache2::compat
PerlModule Apache::DBI
PerlRequire /opt/rt3/bin/webmux.pl

SetHandler perl-script PerlHandler RT::Mason Satisfy any Allow from all

Raphaël

" Ce courriel et les documents qui lui sont joints peuvent contenir des
informations confidentielles ou ayant un caractère privé. S’ils ne vous sont
pas destinés, nous vous signalons qu’il est strictement interdit de les
divulguer, de les reproduire ou d’en utiliser de quelque manière que ce
soit le contenu. Si ce message vous a été transmis par erreur, merci d’en
informer l’expéditeur et de supprimer immédiatement de votre système
informatique ce courriel ainsi que tous les documents qui y sont attachés."

                           ******

" This e-mail and any attached documents may contain confidential or
proprietary information. If you are not the intended recipient, you are
notified that any dissemination, copying of this e-mail and any attachments
thereto or use of their contents by any means whatsoever is strictly
prohibited. If you have received this e-mail in error, please advise the
sender immediately and delete this e-mail and all attached documents
from your computer system."

Best regards, Ruslan.

Brilliant, works perfectly :slight_smile: Thanks Ruz

just a comment : i’m surprised to have to exclude a REST directory that is
not used here, but i beleive it’s the RT internal logic.

May it be documented somewhere in the wiki ?

Ruslan Zakirov ruz@bestpractical.com
Envoy� par : ruslan.zakirov@gmail.com
24/05/2011 11:47

A
Rapha�l MOUNEYRES raphael.mouneyres@sagemcom.com
cc
rt-users@lists.bestpractical.com
Objet
Re: [rt-users] NTLM and fetchmail

Hi,

/REST/1.0/NoAuth/mail-gateway location should be excluded from
authentication. However, it’s better to limit hosts that can access by
IP.

hi,

on a RT3.8.8 i’ve successfully configured NTLM authentification, but now
i
have a problem with fetchmail wich takes the emails from an imap server.
Fetchmail is able to grab the messages, but when forwarding to
/opt/rt3/sbin/rt-mailgate, apache is answering an “401 Authorization
required” so emails are not passed to RT (nor deleted from the server)

I beleive i have a misconfiguration either in apache or fetchmail rc
file,
but can’t get it to work correctly, may someone have a look ?

/etc/crontab
*/1 * * * 1-5 root fetchmail -f /root/.fetchmailrc -v

.fetchmailrc (placed in /root/)
poll imapserver proto imap
user user@yy.com
pass xxxxx
mda “perl /opt/rt3/bin/rt-mailgate --url http://myserver --queue General
–action correspond”

rt3.conf

ServerName myserver
ServerAdmin xx@yy.com

DocumentRoot /opt/rt3/share/html
AddDefaultCharset UTF-8

<Directory /opt/rt3/share/html/>
Order allow,deny
Allow from all
AuthName "Request Tracker"
AuthType NTLM
NTLMAuth on
NTLMAuthoritative on
NTLMDomain mydomain
NTLMServer machine.mydomain
require valid-user

PerlModule Apache2::compat
PerlModule Apache::DBI
PerlRequire /opt/rt3/bin/webmux.pl

SetHandler perl-script PerlHandler RT::Mason Satisfy any Allow from all

Rapha�l

Best regards, Ruslan.

" Ce courriel et les documents qui lui sont joints peuvent contenir des
informations confidentielles ou ayant un caract�re priv�. S’ils ne vous sont
pas destin�s, nous vous signalons qu’il est strictement interdit de les
divulguer, de les reproduire ou d’en utiliser de quelque mani�re que ce
soit le contenu. Si ce message vous a �t� transmis par erreur, merci d’en
informer l’exp�diteur et de supprimer imm�diatement de votre syst�me
informatique ce courriel ainsi que tous les documents qui y sont attach�s."

" This e-mail and any attached documents may contain confidential or
proprietary information. If you are not the intended recipient, you are
notified that any dissemination, copying of this e-mail and any attachments
thereto or use of their contents by any means whatsoever is strictly
prohibited. If you have received this e-mail in error, please advise the
sender immediately and delete this e-mail and all attached documents
from your computer system."