Re: Problem with cyrus and deleting a message with a virus.
On Tue, 21 Jan 2003, Mark London wrote: I'm not messing with it, uvscan is doing it. Is there a better software alternative that will delete viruses on the server? Are we the only people using cyrus that are running virus scanning software on the server? I do the virus scanning and spam filtering before it even reaches cyrus. I use the sendmail milter interface to pipe the messages through Amavis. Amavis in its turn then uses SpamAssassin and Clam Antivirus. Works like a charm. -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Piet RUYSSINCKe-mail: [EMAIL PROTECTED] Unix Systeem Administratie tel: +32 9 264 4733 Directie Informatie- en Communicatietechnologie (ICT) fax: +32 9 264 4994 Universiteit Gent (RUG) Krijgslaan 281, gebouw S9 - 9000 Gent, Belgie -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Please avoid sending me Word or PowerPoint attachments See http://www.fsf.org/philosophy/no-word-attachments.html
Notify to perlscript
Hello, With cyrus 2.0.16 I adapted the suplied perlscript for notification with samba messages to clients (smbclient -M ...). Somehow I cannot get this configuration working again with Cyrus 2.1.11. The log is complaining about the wrong protocol (probably something todo with 'udp') and the available mechanism are not sufficient for what I want. Can somebody confirm that it's not possible and if not, are there plans for adding more notification mechanism? Regards, Marc Groot Koerkamp.
Re: Problem with cyrus and deleting a message with a virus.
On Jan 21 Jonathan Marsden wrote: Because (as mentioned elsewhere in this thread) lmtpd is not the only way messages can be stored on an IMAP server: eg think of sending a poisoned attachment, which magically ends up in your sent folder. I don't see the 'elsewhere in this thread' mail yet, but anyway: This is technically correct. (a) That 'poisoned attachment' came from somewhere -- where? If from Irrelevant question. The fact that it could happen is enough. I can't stop my users going to someone's computer (which has no virus protection) and connecting to my IMAP server. I have students who will no doubt use the IMAP server as a filestore when they run out of quota on the fileserver. (b) That attachment in the IMAP Sent folder can't exactly do much damage from there... it can't be sent to anyone, since the outgoing Imagine my answer to (a) but in reverse. [snip] Just because your chosen scanner apparently does not respect this principle in its current (default?) configuration, does not mean the problem lies with Cyrus :-) ..and, conversely, you can't say your IMAP server is free from viruses because you blindly trust your users not to do silly things.
Re: Problem with cyrus and deleting a message with a virus.
Bottom line: The virus scanning should be done by your MTA. If you muck around in user mailboxes, deleting messages willy nilly without letting Cyrus know, you *will* corrupt users' mailstores, unless you tediously plan to run reconstruct on a mailbox everytime a virus is found. Unless your name is Rube Goldberg, this seems like a bad idea to me. If you must alter messages after they've been delivered, run Courier or some other MH-based mailserver. Cyrus isn't for you. It's really that simple. commentary IMHO, all *YOU* can be expected to be responsible for as a socially responsible sys admin is the mail sent through your mailserver. If virus scanning is done on all outbound/inbound SMTP connections, then you can rest well knowing you're doing your part. If some clueless user uploads a virus as an IMAP piece of mail and they don't run anti-viral software, well it'll only happen to them once if they're smart ;-) /commentary The benefits of scanning inbound outbound SMTP traffic only becomes apparent if you really think about it. -- Brian
cyrus 2_2 cvs/ postfix / virtual domains
I have everything working correctly except delivery to virtual domains -- can connect to imapd and create folders, etc. I'm seeing this in the imap logs when I attempt to send mail to a virtual domain: append_check() of 'user.fred^johnson' failed I'm assuming the problem is that my MTA - postfix - is not passing the domain name along with the user name for the virtual. Realized this is a gray area question, but does anyone know how to make postfix pass the domain with the user name. Thanks. Ed.
Re: Problem with cyrus and deleting a message with a virus.
[EMAIL PROTECTED] wrote: Irrelevant question. The fact that it could happen is enough. I can't stop my users going to someone's computer (which has no virus protection) and connecting to my IMAP server. I have students who will no doubt use the IMAP server as a filestore when they run out of quota on the fileserver. The same arguments apply if you were talking about an Oracle database -- users could store viruses into the database and someone else could extract it from that database and execute it. However, you wouldn't run a virus scanner on Oracle databases that just deleted files if it didn't like them -- the Cyrus mailstore is no different, even if some of the parts are stored in a familiar format. The clean way would be to add a filtering layer wherever messages could be stored into Cyrus. It is easy enough to add a front-end to the delivery side using the various MTAs, but it would be more work to filter messages stored via IMAP. Until then, the correct way to do it would be to use IMAP to muck with the message store (even if you found which files you had a problem with by running directly on the filesystem, but of course there is no guarantee you are seeing a consistent state). If you insist on deleting the files out from under Cyrus, then be content with private hacks to work around the problem, reconstruct the mailboxes you tamper with, or just live with a partially broken mailstore. -- John A. Tamplin Unix System Administrator Emory University, School of Public Health +1 404/727-9931
Re: Cyrus emails backup
Yes, just backup your /var/mail and /var/spool/mail folders. Lee On Wednesday, January 22, 2003, at 01:03 AM, test s wrote: Hi, Does anyone knows how to backup cyrus emails? _ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail
Vacation problem
Hello, I have Cyrus IMAP + Sendmail installed in my imapd.conf ia have duplicatesuppression: yes sieveusehomedir: false sievedir: /var/imap/sieve sendmail: /usr/sbin/sendmail postmaster: postmaster sieve_maxscriptsize: 32 sieve_maxscripts: 50 And everything works fine, except for vacation message sending back to sender. This is the part of my maillog: Jan 22 14:54:34 synodon sm-mta[10247]: h0MLsXHp010247: from=[EMAIL PROTECTED], size=882, class=0, nrcpts=1, msgid=[EMAIL PROTECTED], proto=ESMTP, daemon=MTA, relay=[198.161.98.157] Jan 22 14:54:46 synodon sm-mta[10255]: h0MLsXHp010247: to=[EMAIL PROTECTED], delay=00:00:12, xdelay=00:00:00, mailer=cyrusv2, pri=30872, relay=localhost, dsn=2.0.0, stat=Sent Jan 22 14:55:42 synodon sm-mta[10261]: h0MLtgHp010261: from=dmitry@montana- education.ab.ca, size=954, class=0, nrcpts=1, msgid=[EMAIL PROTECTED], proto=ESMTP, daemon=MTA, relay=[198.161.98.159] Jan 22 14:55:46 synodon sendmail[10271]: h0MLtkqQ010271: Authentication- Warning: synodon.com: cyrus set sender to using -f Jan 22 14:55:46 synodon sendmail[10271]: h0MLtkqQ010271: from=, size=312, class=0, nrcpts=1, msgid=[EMAIL PROTECTED], relay=cyrus@localhost Jan 22 14:55:47 synodon sm-mta[10272]: STARTTLS=server, relay=localhost [127.0.0.1], version=TLSv1/SSLv3, verify=NO, cipher=EDH-RSA-DES-CBC3-SHA, bits=168/168 Jan 22 14:55:47 synodon sendmail[10271]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1/SSLv3, verify=FAIL, cipher=EDH-RSA-DES-CBC3-SHA, bits=168/168 Jan 22 14:55:47 synodon sm-mta[10272]: h0MLtkHq010272: from=, size=548, class=0, nrcpts=1, msgid=[EMAIL PROTECTED], proto=ESMTP, daemon=MTA, relay=localhost [127.0.0.1] Jan 22 14:55:50 synodon sendmail[10271]: h0MLtkqQ010271: to=dmitry@montana- education.ab.ca, delay=00:00:04, xdelay=00:00:04, mailer=relay, pri=30307, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (h0MLtkHq010272 Me ssage accepted for delivery) Jan 22 14:55:50 synodon sm-mta[10269]: h0MLtgHp010261: to=[EMAIL PROTECTED], delay=00:00:08, xdelay=00:00:0 4, mailer=cyrusv2, pri=30944, relay=localhost, dsn=2.0.0, stat=Sent Jan 22 14:55:50 synodon sm-mta[10280]: h0MLtkHq010272: to=dmitry@montana- education.ab.ca, delay=00:00:03, xdelay=00:00:00, mailer=esmtp, pri=30543, relay=mail.montana-education.ab.ca. [198.161.98.159], dsn=5.0.0, stat= Service unavailable Jan 22 14:55:50 synodon sm-mta[10280]: h0MLtkHq010272: h0MLtoHp010280: postmaster notify: Service unavailable Jan 22 14:55:50 synodon sm-mta[10280]: h0MLtoHp010280: [EMAIL PROTECTED], delay=00:00:00, xdelay=00: 00:00, mailer=esmtp, pri=31757, relay=mail.intellinetinc.com. [139.142.54.37], dsn=5.0.0, stat=Service unavailable Jan 22 14:55:50 synodon sm-mta[10280]: h0MLtoHp010280: h0MLtoHq010280: return to sender: Service unavailable Jan 22 14:55:50 synodon sm-mta[10280]: h0MLtoHq010280: [EMAIL PROTECTED], delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=32781, relay=mail.intellinetinc.com., dsn=5.0.0, stat=Service unavailable Jan 22 14:55:50 synodon sm-mta[10280]: h0MLtoHp010280: Losing ./qfh0MLtoHp010280: savemail panic Jan 22 14:55:50 synodon sm-mta[10280]: h0MLtoHp010280: SYSERR(root): savemail: cannot save rejected email anywhere So, the sender never gets the vacation message. I'm wondering why cyrus setting sender to , not to [EMAIL PROTECTED], or even postmaster as I made configuration in my imapd.conf? May be I missed something? What could be done to fix that problem? Thanks, Dmitry
Re: Vacation problem
[EMAIL PROTECTED] wrote: I'm wondering why cyrus setting sender to , not to [EMAIL PROTECTED], or even postmaster as I made configuration in my imapd.conf? May be I missed something? You don't want an auto-generated message generating a bounce message, since that could lead to an infinite loop. Thus, just like mailer-daemon messages in the MTA, a vacation message should have the envelope from set to . -- John A. Tamplin Unix System Administrator Emory University, School of Public Health +1 404/727-9931
Re: Vacation problem
Quoting John Alton Tamplin [EMAIL PROTECTED]: [EMAIL PROTECTED] wrote: I'm wondering why cyrus setting sender to , not to [EMAIL PROTECTED], or even postmaster as I made configuration in my imapd.conf? May be I missed something? You don't want an auto-generated message generating a bounce message, since that could lead to an infinite loop. Thus, just like mailer-daemon messages in the MTA, a vacation message should have the envelope from set to . So what is you suggestion? How do I fix this problem? Why the mail server doesn't accept the message if the envelope from set right?
Re: Vacation problem
[EMAIL PROTECTED] wrote: So what is you suggestion? How do I fix this problem? Why the mail server doesn't accept the message if the envelope from set right? It is hard to tell from the logs since you are using 4 different email addresses, but it looks like sieve tried to send mail from (which sendmail accepted, but gave an authentication warning since cyrus isn't listed as a trusted user in your sendmail.cf file) to [EMAIL PROTECTED] That gets sent, apparently to the same MTA, which then has a problem talking to the relay mail.montana-education.ab.ca. It then tries to send it to [EMAIL PROTECTED] (presumably an alias from postmaster), and again has a problem talking to mail.intellinetinc.com and panics since it has nowhere to send the bounce message. So, it looks like Cyrus is fine but your MTA is misconfigured. -- John A. Tamplin Unix System Administrator Emory University, School of Public Health +1 404/727-9931
Re: Vacation problem
Quoting John Alton Tamplin [EMAIL PROTECTED]: [EMAIL PROTECTED] wrote: So what is you suggestion? How do I fix this problem? Why the mail server doesn't accept the message if the envelope from set right? It is hard to tell from the logs since you are using 4 different email addresses, but it looks like sieve tried to send mail from (which sendmail accepted, but gave an authentication warning since cyrus isn't listed as a trusted user in your sendmail.cf file) to [EMAIL PROTECTED] That gets sent, apparently to the same MTA, which then has a problem talking to the relay mail.montana-education.ab.ca. It then tries to send it to [EMAIL PROTECTED] (presumably an alias from postmaster), and again has a problem talking to mail.intellinetinc.com and panics since it has nowhere to send the bounce message. So, it looks like Cyrus is fine but your MTA is misconfigured. I did some code change in lmtpd.c in function send_response (line 872): I changed smbuf[3] = ; to smbuf[3] = [EMAIL PROTECTED]; And it worked fine. Assuming that, I think the problem is in MTA (Sendmail in my case) configuration. BUT I didn't configured my sendmail to refuse empty Return-Path: I suspect Sendmail is configured to do that by default. And I'm sure there are thousands MTAs doing the same thing (let's say to reject spam messages using empty Return-Path) I'm not sure whose problem is that, cyrus or MTA but by defaulf installation (and wothout some code change in lmtpd.c) it simply does'n work! Dmitry
