ctl_cyrusdb DBERRORs
Hi All, I have a little bit strange problem with cyrus 2.1.11. After compiling sasl 2.1.10 and cyrus 2.1.11 everything seems to run fine. Mail is getting in an can be read by users. After I stop and restart cyrus, I keep getting errors while checkpointing. ctl_cyrusdb[1540910]: DBERROR: error listing log files: Permission denied ctl_cyrusdb[1540910]: DBERROR: archive /var/imap/db: cyrusdb error ctl_cyrusdb[1540910]: DBERROR: error listing log files: Permission denied ctl_cyrusdb[1540910]: DBERROR: archive /var/imap/db: cyrusdb error After looking into all the file permissions, everything seems to be ok. All files belong to cyrus:mail, and there is no change in ownership for any file. Except from producing this strange error cyrus seems to work well, mail still comes in and can be read. The only method I found to get rid of this error is to remove the complete /var/imap directory and to create a new directory structure there. Of course, this is not very usefull. In the archive I found that two guys encountered the same problem. But I could not find any solution for it. Does anybody know what I could do ? Regards, Juergen -- email: [EMAIL PROTECTED] gilb: FhG-IIS AEMT, Helmholtzring 1, 98693 Ilmenau Tel.: +49 3677 69-4882Fax: +49 3677 69-4399
signaled to death by 11 with newly created mailbox
Hi, On a new server, I was hit by a 'signaled to death by 11' problem recently. Logs looked like this: Jan 15 00:11:27 imapd[13435]: open: user xxeid opened INBOX Jan 15 00:11:27 master[1838]: process 13435 exited, signaled to death by 11 Jan 15 00:11:27 imapd[13617]: accepted connection Jan 15 00:11:27 imapd[13617]: login: [192.168.9.2] xxeid plaintext Jan 15 00:11:27 imapd[13617]: seen_db: user xxeid opened /var/lib/imap/user/x/xxeid.seen Jan 15 00:11:28 imapd[13617]: open: user xxeid opened INBOX Jan 15 00:11:28 master[1838]: process 13617 exited, signaled to death by 11 I checked the archives and found similar problem reports and the solution was to not use pam_ldap for authentication. I have then rebuilt cyrus-sasl with it's own, native LDAP support. Unfortunately the 'signaled to death by 11' problem didn't go away. Somebody pointed me to a description of another 'signaled to death by 11' problem where the solution was to reconstruct the mailbox. I tried reconstruct -r user.xxeid and the problme was solved. Now, my question is: - Why does this problem only affect about ~3% of the users on this server. - All mailboxes were empty. They have been created by a script which periodically reads the LDAP tree and creates mailboxes as needed. - Should I call reconstruct -r for every newly created mailbox? Any feedback is welcome Simon The server config is: name : Cyrus IMAPD version: v2.1.11-Invoca-RPM-2.1.11-6 2002/12/04 14:53:12 vendor : Project Cyrus support-url: http://asg.web.cmu.edu/cyrus os : Linux os-version : 2.4.18-18.7.xsmp environment: Cyrus SASL 2.1.10 Sleepycat Software: Berkeley DB 3.3.11: (July 12, 2001) OpenSSL 0.9.6b [engine] 9 Jul 2001 CMU Sieve 2.2 TCP Wrappers mmap = shared lock = fcntl nonblock = fcntl auth = unix idle = poll mboxlist.db = skiplist subs.db = flat seen.db = skiplist duplicate.db = db3-nosync tls.db = db3-nosync
Re: cyrus as trusted user in sendmail
Hi Igor, Exaclty it's sieve mails which have the sendmail warning header because of the use of the -f flag, thanks ! I will go and fix my trusted users... Regards Marc Igor Brezac To: [EMAIL PROTECTED] [EMAIL PROTECTED] cc: [EMAIL PROTECTED] t Subject: Re: cyrus as trusted user in sendmail 01/20/03 03:09 AM Please respond to info-cyrus On Sun, 19 Jan 2003 [EMAIL PROTECTED] wrote: Only if sendmail references files owned by the cyrus username. lmtp socket may qualify depending on your setup. Are there no cases where cyrus itselfs submits messages using directly /usr/lib/sendmail ? I would like to avoid the warning header sendmail used Sieve does that. In this case you need to add the cyrus user to trusted users list in the MSP config (submit.cf). Notice trusted users list as opposed trusted user. Two different things. the -f flag to send the from address. How does then Cyrus send it's auto-generataed failure messages like when there are no mailbox at address [EMAIL PROTECTED] ? lmtp will tell sendmail that such an address is not there and sendmail will send a bounce message back to the sender (MSP is not in the loop here). -- Igor
Using saslauthd with IMSP
Hi, I want to upgrade all the components of the college's mail system, and I'm wondering whether I can use plain authentication with IMSP via saslauthd. And if so, how? Thanks Rob Tanner Linfield College McMinnville, Oregon [EMAIL PROTECTED]
RE: Problem with invalid headers - SOLVED
On 17 Jan 2003, John Straiton writes: This one has been driving me crazy. I have a Cyrus/Postfix system in place that is working quite well. However, I have one customer who tries to deliver a particular message to an individual and I get a kick back that looks like this: Jan 13 11:22:33 courier postfix/pipe[7]: 2DBF85058B: to=[EMAIL PROTECTED], relay=cyrus, delay=0, status=bounced (data format error. Command output: asncin: Message contains invalid header ) From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Mon, 13 Jan 2003 16:19:55 GMT I think that is a pretty unusual Date: header. I've never seen one with actual quote marks around the zone. I just ran through some mail archives with a few thousand messages, grepping out the Date: headers... none did that. And from my reading of RFC 822 and RFC2822 I don't think they are permitted. Ok, I finally figured this one out working from the leads that Jonathan and Andreas gave me. Turns out it was this subject line: Subject: company name Event RSVP 1/22/2003 11:30 AM - 1 PM For some reason, it just really wouldn't take that subject line due to the part on the end. Trimming the line after RSVP made the message go through without error. I don't know why that end part would have thrown the error unless there's some hidden-ness in there (though I don't know how it would have lived through the many cut-n-pastes into notepad and SecureCRT). Thanks for the help guys! John
Sendmail procmail cyrusv2(/var/imap/socket/lmtp)
I have been looking for the proper way to configure sendmail to use procmail as a local mailer and filter messages globally and then dump them into cyrus' /var/imap/socket/lmtp. While this seems a sensible thing to do, I seem incapable of locating anyone else who has both accomplished it AND put the configuration on the web or on a mail list. I'm running cyrus-imapd-2.1.9, procmail-3.22_1, sendmail-8.12.7 and at the end of sendmail.cf I have: Mlocal, P=/usr/local/bin/procmail, F=lsDFMAw5:/|@qSPfhn9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, T=DNS/RFC822/X-Unix, A=procmail -Y -a $h -d $u Mprog, P=/bin/sh, F=lsDFMoqeu9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=$z:/, T=X-Unix/X-Unix/X-Unix, A=sh -c $u Mcyrusv2, P=[IPC], F=lsDFMnqXzA@/:|m, S=EnvFromSMTP/HdrFromL, R=EnvToL/HdrToL, E=\r\n, T=DNS/RFC822/SMTP, A=FILE /var/imap/socket/lmtp my procmailrc is: # File: Procmail.global PATH=/usr/bin:/usr/local/bin:/usr/local/cyrus/bin SHELL=/bin/sh DELIVER=/usr/local/cyrus/bin/deliver SPAM=/dev/null LOG=/var/log/procmail.log VERBOSE=ON # Make a backup copy off all incoming mail (comment the next entry # out ounce you've finished testing procmail integration) :0 ic | $DELIVER -a $CYRUSUSER -m user.$CYRUSUSER.backup :0:$CYRUSUSER.lock | $DELIVER -a $CYRUSUSER -m user.$CYRUSUSER Since I have made prcmail the local mailer, I still receive mail, but its' not being delivered by procmail. I can manually send a file into procmail via a pipe and see evidence of it being processed in the log, but the message is not delivered as expected. procmail: [44511] Sun Jan 19 22:35:21 2003 procmail: Assigning LASTFOLDER=/usr/local/cyrus/bin/deliver -a -hansc m user.hansc.backup procmail: Executing /usr/local/cyrus/bin/deliver,-a,-hansc,m,user.hansc.backup procmail: Locking .lock procmail: Executing /usr/local/cyrus/bin/deliver,-l,-a,hansc,-m,user.hansc procmail: Assigning LASTFOLDER=/usr/local/cyrus/bin/deliver -l -a hansc -m user.hansc procmail: Unlocking .lock From [EMAIL PROTECTED] Fri Nov 8 03:01:54 2002 Subject: siff.datamatrix.com security run output Folder: /usr/local/cyrus/bin/deliver -l -a hansc -m user.hansc 2360 What I believe is that I need to make a change to A=FILE /var/imap/socket/lmtp and aim the output into procamil, which would in turn process any recipes and wrtie its output to /var/imap/socket/lmtp. Can someone tell me what I'm doing wrong, please? Hans Christensen
Re: Per-Domain-Quota in 2.2 with virtual domains turned on ?
Ken Murchison wrote: This biggest problem here is that once again there is no incentive to do so. Neither I nor CMU have any (current) use for the virtdomain code. I did the current implementation because I got sick of hearing all of the bitching on the list about the lack of support. What bothers me most is that those people who can benefit the most from such support (eg, ISPs), don't seem willing to either pay for such support (either past or future work) or do the work themselves. Hey, just got round to reading this. Not a flame, I agree. I'm not really in a position to offer support financially, but I think part of the problem is that there isn't an advertised way to financially support Cyrus development. Maybe your organization could offer a product based on cyrus, and promote buying that as one way to support cyrus. Or maybe a donation page can be setup? Just a few suggestions. --Kervin
unix:lmtp vs /usr/cyrus/bin/deliver ?
Hi all,
I'm working on a Postfix+Cyrus IMAPd system, and am looking at whether to
have Postfix deliver mail to Cyrus via a unix lmtp socket
(/var/imap/socket/lmtp)
in /etc/postfix/main.cf:
mailbox_transport (or local_transport) = lmtp:unix:/var/imap/socket/lmtp
in /etc/postfix/master.cf:
lmtp unix --n -- lmtp
and in /etc/cyrus.conf under SERVICES:
lmtpunix cmd=lmtpd listen=/var/imap/socket/lmtp prefork=1
**OR** use /usr/cyrus/bin/deliver as follows:
in /etc/postfix/master.cf
cyrus unix - n n - - pipe
flags= user=cyrus argv=/usr/cyrus/bin/deliver -r ${sender} -m
${extension} ${user}
in /etc/postfix/main.cf:
mailbox_transport = cyrus
Are there any performance/security issues using one method versus the
other? Would one offer me greater flexibility in doing spam filtering (via
regex and/or blacklists), antivirus checking, etc?
We handle mail for 3 domains, and don't have anything too fancy set up for
user authentication on the IMAP side...
Thanks much!
Thomas Hannan
Re: unix:lmtp vs /usr/cyrus/bin/deliver ?
On Mon, 20 Jan 2003, Thomas Hannan wrote: Are there any performance/security issues using one method versus the other? Would one offer me greater flexibility in doing spam filtering (via regex and/or blacklists), antivirus checking, etc? We handle mail for 3 domains, and don't have anything too fancy set up for user authentication on the IMAP side... The deliver method is gonna be more costly in terms of resources than lmtp. Every time postfix is going to deliver the mail, it has to spawn a shell which loads the binary every time, chews up memory, etc, just to deliver mail. With lmtp, cyrus is allready spawning and listening on a socket and all postfix has to do is open and write to the socket. Not to mention that you'll have permissions and security issues with the deliver method over the lmtp method. If you're worried about filter flexibility, don't. Postfix is very flexible in this sense. I use AMaViS with my server (several domains) and I have it running as a local only smtp daemon, and I essentially redirect email through it to provide the filtering. It's alot safer this way. I have spam filtering defined as a postfix content filter but I could do it as a smtp redirect as well. -peace -- Let he who is without clue kiss my ass
Re: Per-Domain-Quota in 2.2 with virtual domains turned on ?
Christian Schulte wrote: Hi, I have a question for 2.2-cvs and virtual domain support turned on. The mailbox hierarchy mainly looks like a tree to me. Without virtual domain support turned on I have the following hierarchy: /user/Accounts /Shared-Folders With virtual domain support turned on this expands to: /domain/user/Accounts /domain/Shared-Folders I can manage quotas for the accounts and the shared folders but I cannot manage quotas for the domain, or ? Would it be possible to set a per-domain quota ? I just committed support for per-domain quotas which works for all domains except for the default domain (the code to make it work for the default domain would be particularly crufty). To set a domain quota, do something like the following in cyradm: sq @domain.tld 1024 To try this out, either do an update from CVS or apply the following (relatively small) patches: http://bugzilla.andrew.cmu.edu/cvsweb/src/cyrus/imap/mailbox.c.diff?r1=1.134.4.14r2=1.134.4.15 http://bugzilla.andrew.cmu.edu/cvsweb/src/cyrus/imap/mboxlist.c.diff?r1=1.198.2.29r2=1.198.2.30 -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp
Re: Per-Domain-Quota in 2.2 with virtual domains turned on ?
On Mon, 20 Jan 2003, Kervin L. Pierre wrote: I'm not really in a position to offer support financially, but I think part of the problem is that there isn't an advertised way to financially support Cyrus development. doc/readme.html: If you wish to provide financial support to the Cyrus Project, send a check payable to Carnegie Mellon University to Project Cyrus Computing Services Carnegie Mellon University 5000 Forbes Ave Pittsburgh, PA 15213 USA I'm not sure it can be stated more clearly than that. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
