lmtpd and virtual hosting question using Kenneth Murchison'scyrusv2.mc !
I took the yesterday's cyrus 2.2 cvs branch to test virtual hosting ability with sendmail. I configure imapd.conf with virtdomains: yes and defaultdomain. I defined one defaultdomain which is the local domain of the machine and 2 test domains using the host as mx. domain: test.testdomain.com domain: test1.testdomain.com every virtual domain has it's own mx privided by dns and pointed to the same ip address. (fqdn of mx mail.vdomain.testdomain.com). So i am using one IP for different domains. For authentication purposes, i use sasldb with users defined in the specified domain.like: [EMAIL PROTECTED] [EMAIL PROTECTED] The authentication works properly and even though the mailock is ready. That means for me that the setup should be right to go on. I use sendmail 8.12.7 with the cyrusv2.m4 provided by Kenneth Murchison. My sendmail.mc is provided on the end of the mail. Delivering to the defaultdomain works properly. But deliviering to the virtual domains fails. Lmtp says: (sendmail -v [EMAIL PROTECTED]) Feb 25 13:52:35 testserver sm-mta[7229]: h1PCqZuj007227: to=[EMAIL PROTECTED], delay=00:00:00, xdelay=00:00:00, mailer=cyrusv2, pri=120325, relay=localhost, dsn=5.1.1, stat=User unknown Feb 25 13:52:35 testserver sm-mta[7229]: h1PCqZuj007227: h1PCqZuj007229: DSN: User unknown Feb 25 13:52:35 testserver master[7230]: about to exec /usr/cyrus/bin/lmtpd Imapd.log show that: Feb 25 13:52:35 testserver lmtpunix[6680]: append_check() of 'user.test1' failed Why the lmtpunix doesn't show the fqdn of the user ? ([EMAIL PROTECTED]) My question now is: How can i tell ltmp to use the fqdn provided by sendmail ? I read the info archiv that i have to change the sendmail.mc file but with no success. Any help will be appreciated. Thx. Franz sendmail.mc strip: define(`confBIND_OPTS',`-DNSRCH -DEFNAMES') define(`confTO_IDENT',`0') define(`confTRUSTED_USER', `cyrus') define(`confLOCAL_MAILER', `cyrusv2') define(`CYRUSV2_MAILER_ARGS', `FILE /var/imap/socket/lmtp')dnl LOCAL_CONFIG FEATURE(`masquerade_envelope')dnl LOCAL_CONFIG FEATURE(`use_cw_file')dnl FEATURE(`use_ct_file')dnl FEATURE(`smrsh')dnl FEATURE(`preserve_local_plus_detail')dnl FEATURE(`nocanonify')dnl FEATURE(`always_add_domain')dnl include(`/etc/mail/dialup.m4')dnl include(`/etc/mail/provider.m4')dnl MAILER_DEFINITIONS MAILER(cyrusv2)dnl MAILER(smtp)dnl -- -- Franz Skale Systems Engineer Cubit IT Solutions GmbH. Albertgasse 43 A-1080 Wien Tel.: ++43 1 718 98 80 - 0 Fax.: ++43 1 718 98 80 - 11 email: [EMAIL PROTECTED]
Re: lmtpd and virtual hosting question using Kenneth Murchison'scyrusv2.mc !
Franz Skale wrote: I took the yesterday's cyrus 2.2 cvs branch to test virtual hosting ability with sendmail. I configure imapd.conf with virtdomains: yes and defaultdomain. I defined one defaultdomain which is the local domain of the machine and 2 test domains using the host as mx. domain: test.testdomain.com domain: test1.testdomain.com every virtual domain has it's own mx privided by dns and pointed to the same ip address. (fqdn of mx mail.vdomain.testdomain.com). So i am using one IP for different domains. For authentication purposes, i use sasldb with users defined in the specified domain.like: [EMAIL PROTECTED] [EMAIL PROTECTED] The authentication works properly and even though the mailock is ready. That means for me that the setup should be right to go on. I use sendmail 8.12.7 with the cyrusv2.m4 provided by Kenneth Murchison. My sendmail.mc is provided on the end of the mail. Delivering to the defaultdomain works properly. But deliviering to the virtual domains fails. Lmtp says: (sendmail -v [EMAIL PROTECTED]) Feb 25 13:52:35 testserver sm-mta[7229]: h1PCqZuj007227: to=[EMAIL PROTECTED], delay=00:00:00, xdelay=00:00:00, mailer=cyrusv2, pri=120325, relay=localhost, dsn=5.1.1, stat=User unknown Feb 25 13:52:35 testserver sm-mta[7229]: h1PCqZuj007227: h1PCqZuj007229: DSN: User unknown Feb 25 13:52:35 testserver master[7230]: about to exec /usr/cyrus/bin/lmtpd Imapd.log show that: Feb 25 13:52:35 testserver lmtpunix[6680]: append_check() of 'user.test1' failed Why the lmtpunix doesn't show the fqdn of the user ? ([EMAIL PROTECTED]) My question now is: How can i tell ltmp to use the fqdn provided by sendmail ? The cyrusv2 mailer won't work as-is because of the way Sendmail rewrites addresses for local mailers. I'm told by the Sendmail folks that 8.13 _might_ have a way of tweaking this. Until then, try the following (this documentation below was submitted to me a while ago, but I haven't added it to CVS yet): + h4Configuring a href=http://www.sendmail.org/;Sendmail/a/h4 + + pIn general, follow the instructions in the + a href=install-configure.htmlconfiguration documentation/a. + Here are the only caveots we have found:/p + + ul + li It is easiest to use the mailertable to route mail to Cyrus, rather than + adding the domain to the local-host-names file ($w). This prevents Sendmail + from changing the domain name to the local host name. + prekbd + example.com cyrusv2:/var/imap/socket/lmtp + /kbd/pre/li + + li You'll have to use the Cyrus mailer in LMTP mode, and you'll have to + change the mailer flags so that it provides the full domain while + communicating LMTP. Specifically these changes: + + prekbd + S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP + /kbd/pre/li + /ul + -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp
seen flag for multiple users // cyrus and procmail
Hello all,... ...being pretty new to imap, I am running cyrus on top of several Debian woody machines inside some small / mid-range company networks. By now, I am quite happy about cyrus, procmail and postfix handling mail on my servers, still there are (right now) two things I couldn't get along with, so far: (a) in this network, IMAP is used because the vast majority of mail traffic needs to be seen not only by a single user but by a group of persons. For what I have experienced and also read in the archive of this list, it is not possible in cyrus (in IMAP?) to have a general seen flag for mails or mailboxes so this way it is impossible for any user who is able to read mail in the shared mailboxes to find out whether or not anyone else already has read and possibly answered new mail. Is there a way to work around this condition? Reading the cyrus man pages I hoped that the s ACL setting would be doing right what I need here but obviously it didn't work. (b) On my machine, procmail is used to sort mails. In some situ- ations mail needs to be delivered to more than just one mailbox, so I tried to use procmail filtering recipes like that: :0 c * ^TOwhoever | $DELIVER_TO_ANOTHER_MAILBOX The :0 c is working well while delivering mail to mail folders but it doesn't work while using cyrdeliver to put mails into IMAP mail boxes. _Is_ it possible to make some procmail configuration like this work with cyrus? TIA, have a nice evening everyone... Cheers, Kris -- +++ GMX - Mail, Messaging more http://www.gmx.net +++ Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage!
Re: seen flag for multiple users // cyrus and procmail
Kristian Rink wrote: (a) in this network, IMAP is used because the vast majority of mail traffic needs to be seen not only by a single user but by a group of persons. For what I have experienced and also read in the archive of this list, it is not possible in cyrus (in IMAP?) to have a general seen flag for mails or mailboxes so this way it is impossible for any user who is able to read mail in the shared mailboxes to find out whether or not anyone else already has read and possibly answered new mail. Is there a way to work around this condition? Reading the cyrus man pages I hoped that the s ACL setting would be doing right what I need here but obviously it didn't work. This is a desired functionality for me too. While it is implemented (if it is) I'm using this method: for each shared folder I create a subfolder named (say) managed and instruct my users to move any answered/managed message to this subfolder. Bye -- Luca Olivetti
Re: Fw: PATCH: have lmtpd report sieve script file errors
Jay Levitt wrote: By the way.. just noticed a bug in the RPM's version of imapd.conf. It sets sieveuserhomedir to no. The actual imapd.conf variable is sieveusehomedir (use, not user). It doesn't matter, because the default is no, but should probably be fixed anyway, lest someone get confused when they try to set it to yes! Thanks. The next release of the rpm will have it fixed (I don't plan to release a new rpm just for this though). Bye -- Luca Olivetti
Re: seen flag for multiple users // cyrus and procmail
Kristian Rink wrote: (a) in this network, IMAP is used because the vast majority of mail traffic needs to be seen not only by a single user but by a group of persons. For what I have experienced and also read in the archive of this list, it is not possible in cyrus (in IMAP?) to have a general seen flag for mails or mailboxes so this way it is impossible for any user who is able to read mail in the shared mailboxes to find out whether or not anyone else already has read and possibly answered new mail. Is there a way to work around this condition? Reading the cyrus man pages I hoped that the s ACL setting would be doing right what I need here but obviously it didn't work. IMAP seen states are kept per-user, but the other flags are persistent and visible across any users viewing the mailbox. So, you should definitely see that a given message has been answered, and by convention you can use a different flag for meaning seen by the group. -- John A. Tamplin Unix System Administrator Emory University, School of Public Health +1 404/727-9931
Re: Cyrus IMAPd 2.1.12 Released
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'm pleased to announce the release of Cyrus IMAPd 2.1.12. This release fixes a significant number of bugs throughout the distribution. SunOS 5.8 Generic_108528-18 SASL 2.1.12 make fails with: (cd . ln -s plugin_common.lo plugin_common.o) ln: cannot create plugin_common.o: File exists make[2]: *** [libsasl2.la] Error 2 make[2]: Leaving directory `/export/home/root/src/Cyrus/cyrus-sasl-2.1.12/lib' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/export/home/root/src/Cyrus/cyrus-sasl-2.1.12' make: *** [all-recursive-am] Error 2 - -=-=-=-=-=-=-=-=-=-=-=-=-=-=- I applied a patch that I found in the e-mail archives. (http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl msg=2965) So now lib/Makefile.am is: # diff Makefile.am Makefile.am.orig 54c54 common_sources = auxprop.c canonusr.c checkpw.c client.c common.c config.c external.c md5.c saslutil.c server.c seterror.c dlopen.c ../plugins/plugin_common.c - --- common_sources = auxprop.c canonusr.c checkpw.c client.c common.c config.c external.c md5.c saslutil.c server.c seterror.c dlopen.c 55a56,58 LTLIBOBJS = @LTLIBOBJS@ plugin_common.lo LIBOBJS = @LIBOBJS@ plugin_common.o 62a66,73 plugin_common.lo: plugin_common.o rm -f plugin_common.lo ln -s $(top_builddir)/plugins/plugin_common.lo plugin_common.lo plugin_common.o: rm -f plugin_common.o ln -s $(top_builddir)/plugins/plugin_common.o plugin_common.o Ran make clean, make distclean. But I still receive that same plugin_common.o error message. There must be something that I need to disable on my configure to eliminate this. Suggestions for what it is? If you would, please reply directly to me as well as to the list. Thank you in advance for your insight. Christopher Crowley Technology Services Tulane University [EMAIL PROTECTED] 504.314.2535 PGP Key ID: 0x7CF18FDB -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.8 for non-commercial use http://www.pgp.com iQA/AwUBPlvEvc0q7cR88Y/bEQKnqQCff094qrdVS7TQ6vEaNt9trkb/HOcAnivr ac/lOSznBCeCyxfpqUXl75aC =fUj4 -END PGP SIGNATURE-
Cyrus process model...
[ Continued from an off mailing list conversation about killing cyrus lmtpd processes when they go haywire, and cyrus process accounting ] Surely this is a relatively well solved problem? Just about every unix system uses this master/forked child approach? How does apache do it? Net::Server::PreFork? I can't imagine that there aren't cookbook solutions to this issue since it's what unix has been doing for 30 years? Or is there something I'm missing here? There are many different possibilities. Most other systems limit the number of clients instead of forking new processes on demand without a set limit. Apache also doesn't have differentiated children or substantial shared state. (All children are members of the same service or you don't particularly care how many additional unused children you have...) I was under the impression that Apache 2 was planning on making it's forking/threading model much more generic, and supporting a general 'services' model, including a library to abstract the underlying OS? Hmmm, looking into that, it appears that it's mostly done already. http://apr.apache.org/ http://apr.apache.org/apr2_0intro/apr2_0intro.htm And more: Contains following functionality -Reading and writing of files -Character set conversion -Network communications using sockets -Time management used for Internet type conversions -String management like C++ including natural order management -UNIX Password management routines -Table management routines -UUID Internet generation -Filename canonicalization -Random data generation -Global lock management -Threads and process management -Dynamic library loading routines -Memory mapped and shared memory - http://www.arctic.org/~dean/apache/2.0/process-model.html I think the above is general enough to implement the interesting process models, and to implement optimizations that are available only in some of the multi-threaded models. Note that nothing above is specific to HTTP, and I believe that we should strive to keep the abstraction so that the same libraries can be used to implement other types of servers (i.e. FTP, streaming video/audio, corba). - Would the cyrus team think it worthwhile to consider refactoring to use the new Apache 2 APR modules? I know off hand that it would be a lot of work, but it could be a gradual re-factoring process, and the idea of actually reusing code between projects would be *really* nice. Joel Spolsky is a big proponent of refactoring over time to improve software and you can read some of his thoughts here. http://www.joelonsoftware.com/articles/fog69.html http://www.joelonsoftware.com/news/fog000328.html Ooops, I'm feeling a rant come along... *** RANT MODE *** I know this is a little off topic, but the source for cyrus is really showing it's age a bit. I know that happens with all software, you start with certain assumptions, and the more you go on, the more the original assumptions get blown away, so you hack this in here, and there, and then every now and then, you go on a big cleanup spree! The problem I feel is that the cleanup hasn't been big enough or often enough. Also, over time programming habits change. Many old C idioms are pretty much dead. Most of the C string handling methods are now annoying, or downright dangerous. There are several dozen replacement libraries, including the APR one above, and good ones like http://www.annexia.org/freeware/c2lib/index.msp. This library also implements automatically resizing arrays and memory pools, a common way to avoid all subtle leaks introduced by malloc() and the like, and to avoid the buffer overflows of stack buffers. I'm sure I could go on and on, and I'd eventually get back to the fact that the biggest problem is that the original C lanuage and library is pretty horrible in hindsight. But people in general still only dare to use the original library and idioms, and loath to include extra dependencies in their products, often instead rewriting the same new set of libraries from scratch! *sigh* Ok, better stop now... *** RANT MODE OFF *** Sorry, don't mean for any of this to come across as too negative. Actually, I'm hoping to inspire people enough to look into some of these alternatives, and see if there can at least be some pushes into what I feel would be a better direction for the coding of cyrus to go. Of course, it's only IMHO... Rob
Re: Cyrus process model...
as someone attempting to get apache 2 running (reliably) in a high volume environment I can say the idea is interesting, but I definantly wouldn't rush into useing it. if you have some time and want to get a start on something that may (or may not) be worth doing in the long run you can start on it, but don't stop maintaining the current version, the apache core code may not be the right thing in the long run. David Lang On Wed, 26 Feb 2003, Rob Mueller wrote: Date: Wed, 26 Feb 2003 16:45:00 +1100 From: Rob Mueller [EMAIL PROTECTED] To: Lawrence Greenfield [EMAIL PROTECTED], Rob Siemborski [EMAIL PROTECTED] Cc: Ken Murchison [EMAIL PROTECTED], info-cyrus [EMAIL PROTECTED] Subject: Cyrus process model... [ Continued from an off mailing list conversation about killing cyrus lmtpd processes when they go haywire, and cyrus process accounting ] Surely this is a relatively well solved problem? Just about every unix system uses this master/forked child approach? How does apache do it? Net::Server::PreFork? I can't imagine that there aren't cookbook solutions to this issue since it's what unix has been doing for 30 years? Or is there something I'm missing here? There are many different possibilities. Most other systems limit the number of clients instead of forking new processes on demand without a set limit. Apache also doesn't have differentiated children or substantial shared state. (All children are members of the same service or you don't particularly care how many additional unused children you have...) I was under the impression that Apache 2 was planning on making it's forking/threading model much more generic, and supporting a general 'services' model, including a library to abstract the underlying OS? Hmmm, looking into that, it appears that it's mostly done already. http://apr.apache.org/ http://apr.apache.org/apr2_0intro/apr2_0intro.htm And more: Contains following functionality -Reading and writing of files -Character set conversion -Network communications using sockets -Time management used for Internet type conversions -String management like C++ including natural order management -UNIX Password management routines -Table management routines -UUID Internet generation -Filename canonicalization -Random data generation -Global lock management -Threads and process management -Dynamic library loading routines -Memory mapped and shared memory - http://www.arctic.org/~dean/apache/2.0/process-model.html I think the above is general enough to implement the interesting process models, and to implement optimizations that are available only in some of the multi-threaded models. Note that nothing above is specific to HTTP, and I believe that we should strive to keep the abstraction so that the same libraries can be used to implement other types of servers (i.e. FTP, streaming video/audio, corba). - Would the cyrus team think it worthwhile to consider refactoring to use the new Apache 2 APR modules? I know off hand that it would be a lot of work, but it could be a gradual re-factoring process, and the idea of actually reusing code between projects would be *really* nice. Joel Spolsky is a big proponent of refactoring over time to improve software and you can read some of his thoughts here. http://www.joelonsoftware.com/articles/fog69.html http://www.joelonsoftware.com/news/fog000328.html Ooops, I'm feeling a rant come along... *** RANT MODE *** I know this is a little off topic, but the source for cyrus is really showing it's age a bit. I know that happens with all software, you start with certain assumptions, and the more you go on, the more the original assumptions get blown away, so you hack this in here, and there, and then every now and then, you go on a big cleanup spree! The problem I feel is that the cleanup hasn't been big enough or often enough. Also, over time programming habits change. Many old C idioms are pretty much dead. Most of the C string handling methods are now annoying, or downright dangerous. There are several dozen replacement libraries, including the APR one above, and good ones like http://www.annexia.org/freeware/c2lib/index.msp. This library also implements automatically resizing arrays and memory pools, a common way to avoid all subtle leaks introduced by malloc() and the like, and to avoid the buffer overflows of stack buffers. I'm sure I could go on and on, and I'd eventually get back to the fact that the biggest problem is that the original C lanuage and library is pretty horrible in hindsight. But people in general still only dare to use the original library and idioms, and loath to include extra dependencies in their products, often instead rewriting the same new set of libraries from scratch! *sigh* Ok, better stop now... *** RANT MODE OFF *** Sorry, don't mean for any of this to come across as too negative. Actually, I'm