Re: cyrus-2-1-sasl-v1-tail
I had to back out of the upgrade - well, sort of. I did manage to convert all of my 2.0.16 installs to flat file for the mailboxes, still using 2.0.16, which should help my situation. Apparently, the -C option is somehow broken in cyrus-2-1-sasl-v1-tail. Everything installed fine, but when I ran a server that was bound to more than one IP address, the server would not accept connections. When you telnet into port 143, you do not get a greeting prompt. No errors appear in the logs. Needless to say, on the one server I have that does not use the hacked up virtual domains, cyrus-2-1-sasl-v1-tail is working fine. Go figure. -John Jeremy Howard wrote: > > Tonight I am upgrading 4 mail servers currently running Cyrus 2.0.16 > > release versions to "cyrus-2-1-sasl-v1-tail" from cvs. > > > <...> > > > I am hoping this will correct allot of locking problems on the server > > and add most of the bug fixes from 2.0.16 (which is from June of 01) > > > To correct locking problems you may want to grab the skiplist backend from > the current CVS, and use that with 2.0.16. CMU are now using this backend in > production. -- __ John C. Amodeo, Associate Director Information Technology and Computer Operations Faculty of Arts & Sciences, Rutgers University 732.932.9455-voice 732.932.0013-fax
Re: cyrus-2-1-sasl-v1-tail
Jeremy, I forgot to mention I am also converting the mailboxes.db file to a flat file. This should help as well. I am a little hesitant to use skip list right now. These are production boxes. -John Jeremy Howard wrote: > > Tonight I am upgrading 4 mail servers currently running Cyrus 2.0.16 > > release versions to "cyrus-2-1-sasl-v1-tail" from cvs. > > > <...> > > > I am hoping this will correct allot of locking problems on the server > > and add most of the bug fixes from 2.0.16 (which is from June of 01) > > > To correct locking problems you may want to grab the skiplist backend from > the current CVS, and use that with 2.0.16. CMU are now using this backend in > production.
cyrdeliver doesn't complain when a mailbox doesn't exist
Hi, cyrdeliver doesn't complain when I try to deliver the message to a nonexistent mailbox and exits with 0, it this the normal behaviour or is something broken on my machine ? The message is delivered to the mailbox user.testimap, when I give a mailbox which exists it's delivered to this mailbox. strace shows that it reads /var/lib/cyrus/mailboxes 15:03:51 cyrus ~ $/usr/sbin/cyrdeliver -m this.mailbox.doesnt.exit -a testimap testimap < /tmp/n ; echo $? 0 I'm using the version 1.5.19 on Linux Debian woody. Thanks Alain
Re: cyrus-2-1-sasl-v1-tail
> Tonight I am upgrading 4 mail servers currently running Cyrus 2.0.16 > release versions to "cyrus-2-1-sasl-v1-tail" from cvs. > <...> > I am hoping this will correct allot of locking problems on the server > and add most of the bug fixes from 2.0.16 (which is from June of 01) > To correct locking problems you may want to grab the skiplist backend from the current CVS, and use that with 2.0.16. CMU are now using this backend in production.
Security certificate message.
We are using Cyrus version 1.6.24 on a Solaris 8 system. As of last night our Outlook 2000 clients that use POP3 and SSL to connect are receiving the following message every time the client checks for email: "Internet Security Warning The server you are connected to is using a security certificate that could not be verified. A certificate chain processed correctly, but terminated in a root certificate which is not trusted by the trust provider. Do you want to continue using this server? yes / No" Any ideas why the clients would be displaying this message? Is there anything I need to do to the Cyrus mail server? -Ed
Re: howto use the skiplist backend
We believe we've resolved at least some of the problems we were seeing with the skiplist backend. The performance problem may just have been due to memory overcommitment on our production server (we increased the memory). We've resolved the looping problem; it was a slight problem with one process updating header information and another process never reading that information. We're now running it in production and things seem to be working well; we'll let people know if we see any other problems. Larry Date: Tue, 26 Feb 2002 12:41:58 -0500 From: Walter Wong <[EMAIL PROTECTED]> [...] There also is bug that we can't reproduce that will result in the skiplist getting into a loop. "Luckily" this has only happened with seen state and only happens to one user every four to eight hours. Our plans are to look at making things more efficient -- possibly by separating the log from the data and so having two files and not just one. We're looking at throwing additional debugging code in to try to find out how it gets into the loop, or at worst throwing in a hack that if it detects the loop to break it automatically. So, right now, I wouldn't recommend switching your production system over to it. Walter
Re: Cyrus 2 and Sasl2
Are you sure your PAM configuration is the same for the service "pop" as it is for the service "imap"? Are you attempting to use APOP? APOP won't work with pam/shadow. Larry Date: Thu, 28 Feb 2002 15:49:54 +0100 (MET) From: Marc-Christian Petersen <[EMAIL PROTECTED]> Cc: Cyrus SASL <[EMAIL PROTECTED]> Hi all, i am using Cyrus IMAPd v2.1.2 and sasl v2.1.1 and want to use the saslauthd with pam/shadow. So far so good, imap works, but the pop3 daemon don't use that, it wants to read the sasldb2 which i won't use ... cause i have system users and i won't set up all the users again into the sasldb2 ... And there is also another problem with the sasldb2 i wrote in an email before ... Kind regards and thanks for your time and your help. Marc -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net
authentication failure with cyrus using ldap
I think I am very close to having this all work, I have postfix working with ldap properly but when a user tries to authenticate via a mail client it gets authentication failure, while this is going on the logs are showing connections to the slapd daemon so it must be close to working at the bottom of this post is the output from /var/log/messages when someone tries to connect.. below is my imapd.conf file which i believe is right this is cyrus imap 2.0.16 with sasl 1.5.27 and i have the sasl-ldap patch from surf.org. Any help is greatly appreciated thanks! imapd.conf = mail:/etc/postfix # cat /etc/imapd.conf configdirectory: /var/imap partition-default: /var/spool/imap admins: cyrus root allowanonymouslogin: no sasl_pwcheck_method: ldap ldap_server: mail.temperagen.com ldap_search_base: dc=temperagen,dc=com ldap_basedn: dc=temperagen,dc=com ldap_uidattr: uid ldap_port: 389 ldap_ssl: no ldap_filter_mode: yes ldap_filter: (objectClass=myPostfixPerson) ldap_bind_dn: uid=Manager,dc=temperagen,dc=com ldap_bind_pw: ldap_query_filter: (mailacceptinggeneralid=%s) ldap_result_attribute: maildrop here's the output from /var/log/messages Feb 28 13:55:15 mail slapd[1622]: daemon: activity on 1 descriptors Feb 28 13:55:15 mail slapd[1622]: daemon: new connection on 9 Feb 28 13:55:15 mail slapd[1622]: daemon: added 9r Feb 28 13:55:15 mail slapd[1622]: daemon: activity on: Feb 28 13:55:15 mail slapd[1622]: Feb 28 13:55:15 mail slapd[1622]: daemon: select: listen=6 active_threads=0 tvp=NULL Feb 28 13:55:15 mail slapd[1622]: daemon: activity on 1 descriptors Feb 28 13:55:15 mail slapd[1622]: daemon: activity on: Feb 28 13:55:15 mail slapd[1622]: 9r Feb 28 13:55:15 mail slapd[1622]: Feb 28 13:55:15 mail slapd[1622]: daemon: read activity on 9 Feb 28 13:55:15 mail slapd[1622]: daemon: select: listen=6 active_threads=1 tvp=NULL Feb 28 13:55:15 mail slapd[1622]: daemon: activity on 1 descriptors Feb 28 13:55:15 mail slapd[1622]: daemon: activity on: Feb 28 13:55:15 mail slapd[1622]: 9r Feb 28 13:55:15 mail slapd[1622]: Feb 28 13:55:15 mail slapd[1622]: daemon: read activity on 9 Feb 28 13:55:15 mail slapd[1622]: daemon: select: listen=6 active_threads=1 tvp=NULL Feb 28 13:55:15 mail slapd[1816]: daemon: removing 9 Feb 28 13:55:15 mail slapd[1622]: daemon: activity on 1 descriptors Feb 28 13:55:15 mail slapd[1622]: daemon: select: listen=6 active_threads=1 tvp=NULL __ Do You Yahoo!? Yahoo! Greetings - Send FREE e-cards for every occasion! http://greetings.yahoo.com
authentication failure with cyrus using ldap
I think I am very close to having this all work, I have postfix working with ldap properly but when a user tries to authenticate via a mail client it gets authentication failure, while this is going on the logs are showing connections to the slapd daemon so it must be close to working at the bottom of this post is the output from /var/log/messages when someone tries to connect.. below is my imapd.conf file which i believe is right this is cyrus imap 2.0.16 with sasl 1.5.27 and i have the sasl-ldap patch from surf.org. Any help is greatly appreciated thanks! imapd.conf = mail:/etc/postfix # cat /etc/imapd.conf configdirectory: /var/imap partition-default: /var/spool/imap admins: cyrus root allowanonymouslogin: no sasl_pwcheck_method: ldap ldap_server: mail.temperagen.com ldap_search_base: dc=temperagen,dc=com ldap_basedn: dc=temperagen,dc=com ldap_uidattr: uid ldap_port: 389 ldap_ssl: no ldap_filter_mode: yes ldap_filter: (objectClass=myPostfixPerson) ldap_bind_dn: uid=Manager,dc=temperagen,dc=com ldap_bind_pw: ldap_query_filter: (mailacceptinggeneralid=%s) ldap_result_attribute: maildrop here's the output from /var/log/messages Feb 28 13:55:15 mail slapd[1622]: daemon: activity on 1 descriptors Feb 28 13:55:15 mail slapd[1622]: daemon: new connection on 9 Feb 28 13:55:15 mail slapd[1622]: daemon: added 9r Feb 28 13:55:15 mail slapd[1622]: daemon: activity on: Feb 28 13:55:15 mail slapd[1622]: Feb 28 13:55:15 mail slapd[1622]: daemon: select: listen=6 active_threads=0 tvp=NULL Feb 28 13:55:15 mail slapd[1622]: daemon: activity on 1 descriptors Feb 28 13:55:15 mail slapd[1622]: daemon: activity on: Feb 28 13:55:15 mail slapd[1622]: 9r Feb 28 13:55:15 mail slapd[1622]: Feb 28 13:55:15 mail slapd[1622]: daemon: read activity on 9 Feb 28 13:55:15 mail slapd[1622]: daemon: select: listen=6 active_threads=1 tvp=NULL Feb 28 13:55:15 mail slapd[1622]: daemon: activity on 1 descriptors Feb 28 13:55:15 mail slapd[1622]: daemon: activity on: Feb 28 13:55:15 mail slapd[1622]: 9r Feb 28 13:55:15 mail slapd[1622]: Feb 28 13:55:15 mail slapd[1622]: daemon: read activity on 9 Feb 28 13:55:15 mail slapd[1622]: daemon: select: listen=6 active_threads=1 tvp=NULL Feb 28 13:55:15 mail slapd[1816]: daemon: removing 9 Feb 28 13:55:15 mail slapd[1622]: daemon: activity on 1 descriptors Feb 28 13:55:15 mail slapd[1622]: daemon: select: listen=6 active_threads=1 tvp=NULL __ Do You Yahoo!? Yahoo! Greetings - Send FREE e-cards for every occasion! http://greetings.yahoo.com
SASL and Kerberos V : not a pretty pair
Lawrence Greenfield wrote: >Date: Thu, 28 Feb 2002 11:20:03 -0500 >From: twk <[EMAIL PROTECTED]> > >It didn't used to be. More than one person here has given up on >making SASL work with Kerberos V. We are seriously considering >using the PAM SASL module with Kerberos support, though this adds >additional complexity. Until we can straighten this out, we'll be >running 1.5.19. > > Well, of course, 1.5.19 doesn't support Kerberos V at all. True, I forgot we're actually doing Kerberos IV > > There are so many different authentication schemes out there and > they'll all interact differently and it's really challenging to write > portable software that compiles for everyone. > > We do want to make it easier but we get precious few patches in this > area and we just don't have that many different systems here. > Kerberos is not exactly an obscure authentication scheme (at least in the nono-corporate world). Mind you, I take issue with SASL and not Cyrus. Smarter minds than mine have given up in disgust trying to get SASL and Kerberos V to work with server software other than Cyrus. Even the vendor couldn't figure out how to make it work. Has anyone out there patched the old authentication routines into a recent version of Cyrus? Thanks, Tom -- Tom Karchesemail : [EMAIL PROTECTED] Web Systems Administrator phone : 919.515.5508 NCSU Information Technology
Re: Newbie: cyradm login fails
Date: Thu, 28 Feb 2002 11:20:03 -0500 From: twk <[EMAIL PROTECTED]> Volker Hutten wrote: > On Thu, 28 Feb 2002, Simon Matter wrote: > > > Now I added also sasl_mech_list: PLAIN and tried with PAM - same > result. No mechanism available. > > What are the "needed" mechanisms? Are there any packages needed to run > cyrus correctly (I have db3 installed as RH rpm and compilation of cyrus > tells some warnings, but not unforeseen exit). > > And - last but not least - am I so silly, or is it really so hard to make > cyrus run??? ;-) It didn't used to be. More than one person here has given up on making SASL work with Kerberos V. We are seriously considering using the PAM SASL module with Kerberos support, though this adds additional complexity. Until we can straighten this out, we'll be running 1.5.19. Well, of course, 1.5.19 doesn't support Kerberos V at all. There are so many different authentication schemes out there and they'll all interact differently and it's really challenging to write portable software that compiles for everyone. We do want to make it easier but we get precious few patches in this area and we just don't have that many different systems here. Larry
Re: voicemail to IMAP (cyrus) gateway?
Perhaps this could be of use to you: http://www.gnu.org/software/bayonne/ Im not sure what others have done with it, but it should be worth a look. I shall be playing with it in the near future my self :) Regards, -Jev On Wed, Feb 27, 2002 at 11:37:56AM -0600, Dave Caplinger wrote: > Is anyone aware of a voicemail system that will inter-operate with a > cyrus IMAP server to either > [SNIP]
Dirs under partition-default after deletemailbox cyradm command
After I delete the user joe by doing >sam user.je cd >dm user.joe in cyradm The dir /user/joe (and the dirs below it representing the messages folder created by the user) still exists in the filesystem and the disk space is not recovered. Is this correct? Should I delete the /user dirs manually after deleting 'logically' the mailbox?. When I list the mailboxes in the server with lm the mailbox user.joe does not exist anymore for cyradm. It's a Intel Linux server running Cyrus 2.0.7. The dir is on a ext2 FS. TIA for any help. -- Ramiro
cyrus-2-1-sasl-v1-tail
Greetings, Tonight I am upgrading 4 mail servers currently running Cyrus 2.0.16 release versions to "cyrus-2-1-sasl-v1-tail" from cvs. Does anyone know of any problems i *may* run into with this particular cvs version. Is it safe to assume this is stable 2.1.0 code designed to work with sasl 1.5.27? Would anyone recommend using a different version (I am not ready to take the plunge to sasl v2...) I am hoping this will correct allot of locking problems on the server and add most of the bug fixes from 2.0.16 (which is from June of 01) Thanks, -John -- __ John C. Amodeo, Associate Director Information Technology and Computer Operations Faculty of Arts & Sciences, Rutgers University 732.932.9455-voice 732.932.0013-fax
Re: Newbie: cyradm login fails
Volker Hutten wrote: > On Thu, 28 Feb 2002, Simon Matter wrote: > > > Now I added also sasl_mech_list: PLAIN and tried with PAM - same > result. No mechanism available. > > What are the "needed" mechanisms? Are there any packages needed to run > cyrus correctly (I have db3 installed as RH rpm and compilation of cyrus > tells some warnings, but not unforeseen exit). > > And - last but not least - am I so silly, or is it really so hard to make > cyrus run??? ;-) > It didn't used to be. More than one person here has given up on making SASL work with Kerberos V. We are seriously considering using the PAM SASL module with Kerberos support, though this adds additional complexity. Until we can straighten this out, we'll be running 1.5.19. Tom -- Tom Karchesemail : [EMAIL PROTECTED] Web Systems Administrator phone : 919.515.5508 NCSU Information Technology
Re: RECENT/SEEN flags
After a hint from Larry that my mmap() call might be buggy, I upgraded my Linux kernel (I was running 2.2.14, now am running 2.4.18) and the problems have disappeared. Alec -- Alec H. Peterson -- [EMAIL PROTECTED] Chief Technology Officer Catbird Networks, http://www.catbird.com
Re: Debian and Cyrus/SASL2
> > Yeah, that did the trick (albeit with debug messages). I'm not able > > to authenticate yet, however; the client (imtest) reports > > "Authentication failed. generic failure" while the log file states > > "cannot connect to saslauthd server". > > I'm at the same stage now. Did you figure out a way around it? I've had no luck so far, though admittedly I haven't spent a great deal of time on it this week. (Have had other matters to attend to; playing with the CUPS print server instead, which is almost as much fun as Cyrus. :-) > > The saslauthd server by default is using /var/run/saslauthd/mux (and > > mux.accept, mux.pid). I'm not sure if imapd is using this or not, or > > if permissions are wrong (mux is srwxrwxrwx and the others are rw > > for owner only, owned by root:root). > > Yes... is user cyrus able to access these files and directories? I think I tried setting them all 777 with still no luck. Daniel
Cyrus 2 and Sasl2
Hi all, i am using Cyrus IMAPd v2.1.2 and sasl v2.1.1 and want to use the saslauthd with pam/shadow. So far so good, imap works, but the pop3 daemon don't use that, it wants to read the sasldb2 which i won't use ... cause i have system users and i won't set up all the users again into the sasldb2 ... And there is also another problem with the sasldb2 i wrote in an email before ... Kind regards and thanks for your time and your help. Marc -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net
RE: RPMs for cyrus-imapd and cyrus-sasl
Too bad for me, I am running Solaris 8. :-( > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Simon Matter > Sent: Thursday, February 28, 2002 3:27 AM > To: info-cyrus > Subject: RPMs for cyrus-imapd and cyrus-sasl > > > I'm in the process to create clean, FHS compliant RPM packages of Cyrus > IMAPD. It seems that many people are struggling to get things work as I > did when I started. One reason is that it's not trivial to compile all > nedded packages and it can be difficult to get it up and running first > time. > > WARNING: These packages are work in progress! Things can change in > future versions, like the database backends. For instance I have now > db3, I made new db4 based packages but this seems no better. I'll change > to skiplist when it's ready to use. If I change something and you're > upgrading, be sure to manually convert your DB files. > > The packages are built on RedHat 7.2. Rebuilding should be fine on any > 7.x, rebuilding on 6.x may require some updates of your system. > > For now, find the packages here > > http://home.teleport.ch/simix/ > > Any suggestions are welcome > > -Simon > > > >
Re: error function prot_printf
On Wed, 2002-02-27 at 20:17, Ana Belén Díez wrote: > I try to do 'make' for to install Cyrus-Imap 2.0.16, but I have this > problem:. > > # make all CFLAGS=-O > ... > gcc -c -I.. -I/usr/local/include -I/usr/local/BerkeleyDB.3.1/include -I/usr/ > local/include -I/usr/include -I/opt > /sfw/include -I/usr/local/include -I/usr/local/include -DHAVE_CONFIG_H -I. - > I. -O \ > prot.c > prot.c: In function `prot_printf': > prot.c:614: `__builtin_va_alist' undeclared (first use in this function) > prot.c:614: (Each undeclared identifier is reported only once > prot.c:614: for each function it appears in.) > make: *** [prot.o] Error 1 > OS version ? Configure options ?
RPMs for cyrus-imapd and cyrus-sasl
I'm in the process to create clean, FHS compliant RPM packages of Cyrus IMAPD. It seems that many people are struggling to get things work as I did when I started. One reason is that it's not trivial to compile all nedded packages and it can be difficult to get it up and running first time. WARNING: These packages are work in progress! Things can change in future versions, like the database backends. For instance I have now db3, I made new db4 based packages but this seems no better. I'll change to skiplist when it's ready to use. If I change something and you're upgrading, be sure to manually convert your DB files. The packages are built on RedHat 7.2. Rebuilding should be fine on any 7.x, rebuilding on 6.x may require some updates of your system. For now, find the packages here http://home.teleport.ch/simix/ Any suggestions are welcome -Simon