Re: Problems with authentication

[simon . brady]

Michael Obster wrote:

>S: L01 NO Login failed: generic failure
>Authentication failed. generic failure
>Security strength factor: 0

Are you logging cyrus (local6.debug) and SASL (auth.debug)? If so, what do 
they say?

--
Simon Brady mailto:[EMAIL PROTECTED]
ITS Technical Services
University of Otago, Dunedin, New Zealand

Re: Problems with authentication

[Ken Murchison]

David Chait wrote:
> 
> Michael,
> Did you remember to create the symbolic link between /usr/local/sasl2
> and /usr/sasl2 ?

Try again, imapd already sees the plugins (look at the CAPABILITY
response).


> - Original Message -
> From: "Michael Obster" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Thursday, January 02, 2003 2:24 PM
> Subject: Problems with authentication
> 
> > Hi,
> >
> > thx for the people who showed me the good documentation ;-)
> >
> > Ok. I have now tracked the problem a little bit.
> >
> > root@gutmann:/usr/lib# imtest -m login -a cyrus localhost
> > S: * OK gutmann Cyrus IMAP4 v2.1.11 server ready
> > C: C01 CAPABILITY
> > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
> NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT
> THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS AUTH=CRAM-MD5
> AUTH=DIGEST-MD5 AUTH=OTP
> > S: C01 OK Completed
> > Please enter your password:
> > C: L01 LOGIN cyrus {8}
> > S: + go ahead
> > C: 
> > S: L01 NO Login failed: generic failure
> > Authentication failed. generic failure
> > Security strength factor: 0
> > . logout
> > * BYE LOGOUT received
> > . OK Completed
> > Connection closed.
> >
> > Looks like for some reason cyrus cannot authenticate my users. I use sasl
> 2.1.10.
> >
> > Here is my /etc/imapd.conf:
> > configdirectory: /var/imap
> > partition-default: /var/spool/imap
> > admins: cyrus
> > sasl_pwcheck_method: saslauthd
> >
> > Regards,
> > Michael Obster
> >
> >

-- 
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26  Orchard Park, NY 14127
--PGP Public Key--http://www.oceana.com/~ken/ksm.pgp

Re: Problems with authentication

[Ken Murchison]

"John A. Tamplin" wrote:
> 
> Michael Obster wrote:
> 
> >Hi,
> >
> >thx for the people who showed me the good documentation ;-)
> >
> >Ok. I have now tracked the problem a little bit.
> >
> >root@gutmann:/usr/lib# imtest -m login -a cyrus localhost
> >S: * OK gutmann Cyrus IMAP4 v2.1.11 server ready
> >C: C01 CAPABILITY
> >S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE 
>UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT 
>THREAD=REFERENCES IDLE STARTTLS AUTH=CRAM-MD5 AUTH=DIGEST-MD5 AUTH=OTP
> >S: C01 OK Completed
> >Please enter your password:
> >C: L01 LOGIN cyrus {8}
> >S: + go ahead
> >C: 
> >S: L01 NO Login failed: generic failure
> >Authentication failed. generic failure
> >Security strength factor: 0
> >. logout
> >* BYE LOGOUT received
> >. OK Completed
> >Connection closed.
> >
> >Looks like for some reason cyrus cannot authenticate my users. I use sasl 2.1.10.
> >
> >Here is my /etc/imapd.conf:
> >configdirectory: /var/imap
> >partition-default: /var/spool/imap
> >admins: cyrus
> >sasl_pwcheck_method: saslauthd
> >
> >
> You also need allowplaintext: yes in your imapd.conf to enable LOGIN or
> AUTH PLAIN.

imapd accepted the LOGIN command, it just failed.  allowplaintext is on
by default.  If he had turned it off, you'd see LOGINDISABLED in the
CAPABILITY response.

-- 
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26  Orchard Park, NY 14127
--PGP Public Key--http://www.oceana.com/~ken/ksm.pgp

Re: Problems with authentication

[Scott Smith]

I think you mean `/usr/local/lib/sasl2' and `/usr/lib/sasl2'

Scott

David Chait wrote:

Michael,
Did you remember to create the symbolic link between /usr/local/sasl2
and /usr/sasl2 ?
- Original Message -
From: "Michael Obster" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, January 02, 2003 2:24 PM
Subject: Problems with authentication




Hi,

thx for the people who showed me the good documentation ;-)

Ok. I have now tracked the problem a little bit.

root@gutmann:/usr/lib# imtest -m login -a cyrus localhost
S: * OK gutmann Cyrus IMAP4 v2.1.11 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS


NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT
THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS AUTH=CRAM-MD5
AUTH=DIGEST-MD5 AUTH=OTP


S: C01 OK Completed
Please enter your password:
C: L01 LOGIN cyrus {8}
S: + go ahead
C: 
S: L01 NO Login failed: generic failure
Authentication failed. generic failure
Security strength factor: 0
. logout
* BYE LOGOUT received
. OK Completed
Connection closed.

Looks like for some reason cyrus cannot authenticate my users. I use sasl


2.1.10.


Here is my /etc/imapd.conf:
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: cyrus
sasl_pwcheck_method: saslauthd

Regards,
Michael Obster

Re: Problems with authentication

[John A. Tamplin]

Michael Obster wrote:


Hi,

thx for the people who showed me the good documentation ;-)

Ok. I have now tracked the problem a little bit.

root@gutmann:/usr/lib# imtest -m login -a cyrus localhost
S: * OK gutmann Cyrus IMAP4 v2.1.11 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS AUTH=CRAM-MD5 AUTH=DIGEST-MD5 AUTH=OTP
S: C01 OK Completed
Please enter your password:
C: L01 LOGIN cyrus {8}
S: + go ahead
C: 
S: L01 NO Login failed: generic failure
Authentication failed. generic failure
Security strength factor: 0
. logout
* BYE LOGOUT received
. OK Completed
Connection closed.

Looks like for some reason cyrus cannot authenticate my users. I use sasl 2.1.10.

Here is my /etc/imapd.conf:
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: cyrus
sasl_pwcheck_method: saslauthd
 

You also need allowplaintext: yes in your imapd.conf to enable LOGIN or 
AUTH PLAIN.

--
John A. Tamplin
Unix Systems Administrator

Re: Problems with authentication

[David Chait]

Michael,
Did you remember to create the symbolic link between /usr/local/sasl2
and /usr/sasl2 ?
- Original Message -
From: "Michael Obster" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, January 02, 2003 2:24 PM
Subject: Problems with authentication


> Hi,
>
> thx for the people who showed me the good documentation ;-)
>
> Ok. I have now tracked the problem a little bit.
>
> root@gutmann:/usr/lib# imtest -m login -a cyrus localhost
> S: * OK gutmann Cyrus IMAP4 v2.1.11 server ready
> C: C01 CAPABILITY
> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT
THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS AUTH=CRAM-MD5
AUTH=DIGEST-MD5 AUTH=OTP
> S: C01 OK Completed
> Please enter your password:
> C: L01 LOGIN cyrus {8}
> S: + go ahead
> C: 
> S: L01 NO Login failed: generic failure
> Authentication failed. generic failure
> Security strength factor: 0
> . logout
> * BYE LOGOUT received
> . OK Completed
> Connection closed.
>
> Looks like for some reason cyrus cannot authenticate my users. I use sasl
2.1.10.
>
> Here is my /etc/imapd.conf:
> configdirectory: /var/imap
> partition-default: /var/spool/imap
> admins: cyrus
> sasl_pwcheck_method: saslauthd
>
> Regards,
> Michael Obster
>
>

Problems with authentication

[Michael Obster]

Hi,

thx for the people who showed me the good documentation ;-)

Ok. I have now tracked the problem a little bit.

root@gutmann:/usr/lib# imtest -m login -a cyrus localhost
S: * OK gutmann Cyrus IMAP4 v2.1.11 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS 
ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT 
THREAD=REFERENCES IDLE STARTTLS AUTH=CRAM-MD5 AUTH=DIGEST-MD5 AUTH=OTP
S: C01 OK Completed
Please enter your password:
C: L01 LOGIN cyrus {8}
S: + go ahead
C: 
S: L01 NO Login failed: generic failure
Authentication failed. generic failure
Security strength factor: 0
. logout
* BYE LOGOUT received
. OK Completed
Connection closed.

Looks like for some reason cyrus cannot authenticate my users. I use sasl 2.1.10.

Here is my /etc/imapd.conf:
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: cyrus
sasl_pwcheck_method: saslauthd

Regards,
Michael Obster

Re: restoring from backup individual messages/folders

[Dave McMurtrie]

On Thu, 2 Jan 2003, Hein Roehrig wrote:

> I would be interested in what kind of services&strategies admins here
> offer to users regarding restoring accidentally deleted (&expunged)
> messages.
>
> In particular, while it is relatively safe to backup a running Cyrus
> and in the case of desaster reconstruct all mailboxes, stopping Cyrus
> for reconstructing a single mailbox seems unacceptable.

I'd prefer it if we only did disaster recovery restores here (if we delete
your data, we'll get if back -- if you delete it, tough rocks) but that's
not the case.

When a user requests a restore, we create (via IMAP protocol) a subfolder
in their INBOX and give it a separate quota root.  This subfolder will
contain their restored INBOX and all restored subfolders.  The mail files
are copied into the filesystem and then the restore folders are
reconstructed (which doesn't require us to stop cyrus).  The user is then
free to browse through their restore subfolders and copy any messages they
need.  After 14 days, their entire restore hierarchy is deleted.

Even though this whole process is automated, it's still a pain.

Thanks,

Dave
--
Dave McMurtrie, Systems Programmer
University of Pittsburgh
Computing Services and Systems Development,
Development Services -- UNIX and VMS Services
717P Cathedral of Learning
(412)-624-6413

Re: restoring from backup individual messages/folders

[Scott Russell]

On Thu, Jan 02, 2003 at 10:08:50PM +0100, Hein Roehrig wrote:
> Hi *,
> 
> I would be interested in what kind of services&strategies admins here
> offer to users regarding restoring accidentally deleted (&expunged)
> messages.

We make it clear that we're not responsible for user stup^W mistakes.
No, not very helpful I'm sure but sometimes the best solution is a
policy rather than a technical implementation.

-- 
  Scott Russell ([EMAIL PROTECTED])
  Linux Technology Center, System Admin, RHCE.
  Dial 877-735-8200 then ask for 919-543-9289 (TTY)

Re: Sendmail local mailer still needed ?

[marc . bigler]

>The documentation says there must always be a local mailer, but you
>don't have to use it.  Ie, in your .mc file you will have
>MAILER(`local'), MAILER(`cyrusv2'), and
>define(`confLOCAL_MAILER',`cyrusv2') (plus whatever else you need).

Thanks for your answer... Now what I don't really understand is when using
the Cyrusv2 mailer, what is my local mailer used for ? Because using
mailstats from Sendmail I can see that it has some messages from and to
using the local mailer.

Regards

Re: Cyrus-imapd2 with Cyrus-sasl2 with IMAP login/authenticate

[Rob Siemborski]

On Fri, 3 Jan 2003, Martin Y. Chiu wrote:

> After reading some document and tracing some code of imapd2 and
> sasl, I found that cyrus-imapd2 use the different authentication
> method with IMAP 'LOING' and 'AUTHENTICATE' command. LOGIN uses
> sasl_checkpass() and AUTHENTICATE uses sasl_server_start() and
> sasl_server_step() to authentication. This two method may use the
> difference user database -- sasl_checkpass() uses saslauthd and
> sasl_server_step() uses sasldb2, am I right ?

Yes and no.

sasl_checkpass can use saslauthd or an auxprop database (based on
pwcheck_method).  Depending on mechanism, they may also use
sasl_checkpass, or they may need to access a database directly.  In the
case of PLAIN and LOGIN, they just do a sasl_checkpass internally.
DIGEST-MD5, CRAM-MD5, etc, all need the plaintext password.

> This may cause some problem that PHP with cclinet-2002, and it
> trys to use AUTHENTICATE but Outlook Express can use only LOGIN.

I don't see a problem.

> Is there any way I can change this behavior or correct method to
> setup Cyrus-imapd2 with coherent user database ?

Either only allow LOGIN and PLAIN SASL mechanisms, or use the sasldb/mysql
database with a pwcheck method of "auxprop"

-Rob

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456
Research Systems Programmer * /usr/contributed Gatekeeper

Cyrus-imapd2 with Cyrus-sasl2 with IMAP login/authenticate

[Martin Y. Chiu]

Dear all,

After reading some document and tracing some code of imapd2 and
sasl, I found that cyrus-imapd2 use the different authentication
method with IMAP 'LOING' and 'AUTHENTICATE' command. LOGIN uses
sasl_checkpass() and AUTHENTICATE uses sasl_server_start() and 
sasl_server_step() to authentication. This two method may use the
difference user database -- sasl_checkpass() uses saslauthd and
sasl_server_step() uses sasldb2, am I right ?

This may cause some problem that PHP with cclinet-2002, and it
trys to use AUTHENTICATE but Outlook Express can use only LOGIN.

Is there any way I can change this behavior or correct method to
setup Cyrus-imapd2 with coherent user database ? 

Thanks.

-- 
-sothat

Re: Impossible to move messages to trash when overquota

[Rob Siemborski]

On Thu, 2 Jan 2003, Dave O wrote:

> > There is no 'move' command in the IMAP RFC iirc. A 'move' operation is
> > just client side semantics for 'copy and then delete'.
>
> Then why not use the hard links (essentially the same as SIS delivery) for
> IMAP copy?

Well, for one, IMAP commands don't have to correspond to an
implementation.

But, Cyrus does as you ask (it uses hard links when it processes a COPY
command, provided the two mailboxes are on the same partition).

The "problem" is that the message is still charged against the user's
quota (which cyrus maintains, and not the filesystem) twice.  This is a
(quite sane) requirement of RFC 2087, which specifies that the "STORAGE"
quota type has the sum of the message's RFC822.SIZE for each quota root.

-Rob

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456
Research Systems Programmer * /usr/contributed Gatekeeper

Re: Impossible to move messages to trash when overquota

[Dave O]

On Thu, 2 Jan 2003, Scott Russell wrote:

> On Thu, Jan 02, 2003 at 10:17:28AM -, [EMAIL PROTECTED] wrote:
> > > This has come up before. The move command is actually a two step
> > > operation where the file is first copied to the 'Trash' folder and then
> > > deleted from the source directory. The copy operation fails
> > > because the user is over quota.
> > >
> >
> > Since the mailbox is all on the same filesystem, why not use hard links to
> > move the file when the move command is used, like sendmail does, instead
> > of copy and delete ? It would give better performance, and take care of
> > the overquota problem.
>
> There is no 'move' command in the IMAP RFC iirc. A 'move' operation is
> just client side semantics for 'copy and then delete'.
>

Then why not use the hard links (essentially the same as SIS delivery) for
IMAP copy?

Re: Impossible to move messages to trash when overquota

[Rob Siemborski]

On Thu, 2 Jan 2003 [EMAIL PROTECTED] wrote:

> > There is no 'move' command in the IMAP RFC iirc. A 'move' operation is
> > just client side semantics for 'copy and then delete'.
> >
>
> True. Dumb me :-)
>
> Perhaps it should be implemented ? :)

This has been discussed on the IMAP list before, and it really isn't
possible, brief explanation available here (and there's a whole thread to
go with it about trash folders):

http://asg.web.cmu.edu/archive/message.php?mailbox=archive.imap&msg=9816

The thread is rooted at this URL, and it discusses various ways (though
they feel sort of hackish to me) of doing a virtual trash mailbox:

http://asg.web.cmu.edu/archive/message.php?mailbox=archive.imap&msg=9805

-Rob

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456
Research Systems Programmer * /usr/contributed Gatekeeper

Re: Sendmail local mailer still needed ?

[Gary Mills]

On Thu, Jan 02, 2003 at 09:01:47AM -0500, John A. Tamplin wrote:
> [EMAIL PROTECTED] wrote:
> >
> >I wanted to know if the local mailer of sendmail -> MAILER(`local')
> >directive in the Sendmail mc file is still needed when using Cyrus ?
> >
> The documentation says there must always be a local mailer, but you 
> don't have to use it.  Ie, in your .mc file you will have 
> MAILER(`local'), MAILER(`cyrusv2'), and 
> define(`confLOCAL_MAILER',`cyrusv2') (plus whatever else you need).

You could also simplify things by using the local mailer for LMTP
delivery to cyrus, and omit the cyrus or cyrusv2 mailer.  It works
fine for me.

-- 
-Gary Mills--Unix Support--U of M Academic Computing and Networking-

Re: Impossible to move messages to trash when overquota

[twk]

[EMAIL PROTECTED] wrote:

On Thu, Jan 02, 2003 at 10:17:28AM -, [EMAIL PROTECTED] wrote:


This has come up before. The move command is actually a two step


operation where the file is first copied to the 'Trash' folder and
then deleted from the source directory. The copy operation fails


because the user is over quota.



Since the mailbox is all on the same filesystem, why not use hard
links to move the file when the move command is used, like sendmail
does, instead of copy and delete ? It would give better performance,
and take care of the overquota problem.


There is no 'move' command in the IMAP RFC iirc. A 'move' operation is
just client side semantics for 'copy and then delete'.



True. Dumb me :-)

Perhaps it should be implemented ? :)




It's easier to just not use the trash (even though people like it for 
some reason.) I have found that "mark as deleted" is the only reliable 
way of deleting mail in mainstream IMAP clients. "Move to Trash" causes 
the problems you are having. "Delete immediately" often results in the 
message being removed from the local cache while leaving the original on 
the server. I have seen situations in which there are thousands of 
messages in a users' account that they "thought" were deleted.

Regards,
Tom


--
Tom Karchesemail : [EMAIL PROTECTED]
Web Systems Administrator  phone : 919.515.5508
NCSU Information Technology

Re: Sendmail local mailer still needed ?

[John A. Tamplin]

[EMAIL PROTECTED] wrote:


Hello,

I wanted to know if the local mailer of sendmail -> MAILER(`local')
directive in the Sendmail mc file is still needed when using Cyrus ?

I would say no as the LDA is now all done by Cyrus but I had a look in the
mailer/local.m4 file of Sendmail and saw quite a lot of stuff in it so I am
not so sure about removing it from my MC file. That would be only to have
the MAILER(`cyrusv2') directive in my MC file.
 

The documentation says there must always be a local mailer, but you 
don't have to use it.  Ie, in your .mc file you will have 
MAILER(`local'), MAILER(`cyrusv2'), and 
define(`confLOCAL_MAILER',`cyrusv2') (plus whatever else you need).

--
John A. Tamplin
Unix Systems Administrator

Re: Impossible to move messages to trash when overquota

[tosi]

> On Thu, Jan 02, 2003 at 10:17:28AM -, [EMAIL PROTECTED] wrote:
>> > This has come up before. The move command is actually a two step
>> operation where the file is first copied to the 'Trash' folder and
>> then deleted from the source directory. The copy operation fails
>> > because the user is over quota.
>> >
>>
>> Since the mailbox is all on the same filesystem, why not use hard
>> links to move the file when the move command is used, like sendmail
>> does, instead of copy and delete ? It would give better performance,
>> and take care of the overquota problem.
>
> There is no 'move' command in the IMAP RFC iirc. A 'move' operation is
> just client side semantics for 'copy and then delete'.
>

True. Dumb me :-)

Perhaps it should be implemented ? :)

> --
>   Scott Russell ([EMAIL PROTECTED])
>   Linux Technology Center, System Admin, RHCE.
>   Dial 877-735-8200 then ask for 919-543-9289 (TTY)

Re: Impossible to move messages to trash when overquota

[Scott Russell]

On Thu, Jan 02, 2003 at 10:17:28AM -, [EMAIL PROTECTED] wrote:
> > This has come up before. The move command is actually a two step
> > operation where the file is first copied to the 'Trash' folder and then
> > deleted from the source directory. The copy operation fails
> > because the user is over quota.
> >
> 
> Since the mailbox is all on the same filesystem, why not use hard links to
> move the file when the move command is used, like sendmail does, instead
> of copy and delete ? It would give better performance, and take care of
> the overquota problem.

There is no 'move' command in the IMAP RFC iirc. A 'move' operation is
just client side semantics for 'copy and then delete'.

-- 
  Scott Russell ([EMAIL PROTECTED])
  Linux Technology Center, System Admin, RHCE.
  Dial 877-735-8200 then ask for 919-543-9289 (TTY)

Sendmail local mailer still needed ?

[marc . bigler]

Hello,

I wanted to know if the local mailer of sendmail -> MAILER(`local')
directive in the Sendmail mc file is still needed when using Cyrus ?

I would say no as the LDA is now all done by Cyrus but I had a look in the
mailer/local.m4 file of Sendmail and saw quite a lot of stuff in it so I am
not so sure about removing it from my MC file. That would be only to have
the MAILER(`cyrusv2') directive in my MC file.

Many thanks

Regards

Re: [Annoyed] Cyrus-imapd/sasl upgrade and lmtpd behaviour...

[Ian G Batten]

On Mon, 30 Dec 2002, Scott Smith wrote:

> group and put cyrus and MTA user in it.  Or, you can run LMTP over TCP (keep
> it on loopback) with SASL.

I must confess that as a general rule I've given up on using AF_UNIX
sockets now that we're all aware that running all daemons as root is A
Bad Idea.  By the time you've wrestled with permissions, setuid bits,
setgid bits and all the rest, using TCP in loopback with some
authentication mechanism is far easier to debug.  Indeed, for a classic
``sealed box'' Cyrus setup, I'm not sure that just restricting lmtpd to
127.0.0.1 and using it unauthenticated is any weaker than having a Unix
domain socket which sendmail can get at.

ian

Re: Impossible to move messages to trash when overquota

[tosi]

> On Wed, Jan 01, 2003 at 11:14:38PM +0100, Stefano Tabacchiera wrote:
>> Hi all,
>> my box is running cyrus-2.1.11 and I set up quota for my users.
>> When someone is overquota, it's impossible to MOVE messages to Trash
>> and  then delete them. The only way is to NOT use Trash, mark messages
>> as  deleted and then expunge.
>> Question is: why ???
>
> This has come up before. The move command is actually a two step
> operation where the file is first copied to the 'Trash' folder and then
> deleted from the source directory. The copy operation fails
> because the user is over quota.
>

Since the mailbox is all on the same filesystem, why not use hard links to
move the file when the move command is used, like sendmail does, instead
of copy and delete ? It would give better performance, and take care of
the overquota problem.

>> Is there a workaround for this?
>> Almost all of my users use 'move-to-Trash->then-empty-Trash'. So I
>> dont  want to force them to change.
>> Any clue?
>
> This is an education issue for your users. Show them how to recover from
> an over quota situation without using the move-to-Trash features of
> their client. Also setup cyrus to provide warnings to users who are
> approaching their quota limits.
>
> --
>   Scott Russell ([EMAIL PROTECTED])
>   Linux Technology Center, System Admin, RHCE.
>   Dial 877-735-8200 then ask for 919-543-9289 (TTY)