delivering to bb folders
Hi all, I have Cyrus 2.1.12 setup with sendmail 8.11.6 on a RedHat 7.3 box. Everything works as expected except for one problem. Delivering mail to a bb folder fails unless I set the 'p' acl to anyone. What I would like is for all users to be able to read but only a few users able to post to the folder. for eg. with cyradm, localhost sam folder1 anyone lrs localhost sam folder1 user1 lrswip where folder1 is a mailbox used as a bulletin board and user1 is a special user with post permission to the folder. Mail sent by user1 to folder1 bounces with a permission denied error. Is there any way to achieve this? BTW, cyrus is setup to do lmtp over a UNIX socket and users are authenticated via pam. Any help on this is appreciated. Thanks in advance -Vijay
Re: I tried chinese in cyrus's folder name and chinese IMAP client,but something wrong
--On Sonntag, 23. März 2003 8:15 Uhr +0800 Temp [EMAIL PROTECTED] wrote: I tried chinese in postfix+cyrus-imap and in Outlook Express 5, the Inbox is still the one in chinese, but the Sent Items and Drafts folders which I saw in english IMAP client become normal folders, and there are another folder instead of them in chinese in chinese name. so, does IMAP server not provide a uniform interface? or just the problem of IMAP protocol? Whether there is a problem depends on your point of view. The name INBOX (not the case) is special in IMAP, so client verndors may choose to display a localized name in their interface. Sent Items and Drafts folders are irrelevant to IMAP. There is no automatic way to have these localized on the server side. So, whatever the client does will happen. Microsoft in their wisdom seem to have chosen to create those folders in their localized names. Thus you end up with one pair for each localized version of Outlook you use ... -- Sebastian Hagedorn M.A. - RZKR-R1 (Gebäude 52), Zimmer 18 Zentrum für angewandte Informatik - Universitätsweiter Service RRZK Universität zu Köln / Cologne University - Tel. +49-221-478-5587 pgp0.pgp Description: PGP signature
Little question about sieve
Hello,
I'm currently using postfix + spamassassin + cyrus-imapd, and would like
to have mails tagged as spam to be moved to my Spam folder, so I did
this small script and copied it to my ~/.sieve dir:
# SpamAssassin tagged mail goes to the Spam folder
#
if header :is X-Spam-Flag YES {
fileinto INBOX.Spam;
}
However, I see error messages in ther server like this one:
Mar 24 06:21:02 energyhq lmtpd[23999]: sieve parse error for flynn: line
1: parse error
And spam-tagged mail is never sent to my Spam folder. Any ideas why is
this happening?
Thanks in advance,
--
Miguel Mendez - [EMAIL PROTECTED]
GPG Public Key :: http://energyhq.homeip.net/files/pubkey.txt
EnergyHQ :: http://www.energyhq.tk
NetBSD :: One BSD to rule them all!
Tired of Spam? - http://www.trustic.com
pgp0.pgp
Description: PGP signature
Re: Little question about sieve
On Mon, 24 Mar 2003 09:41:43 +0100 Miguel Mendez [EMAIL PROTECTED] wrote: Nevermind, googled and found another way. Note to self, don't post before coffee :) Cheers, -- Miguel Mendez - [EMAIL PROTECTED] GPG Public Key :: http://energyhq.homeip.net/files/pubkey.txt EnergyHQ :: http://www.energyhq.tk NetBSD :: One BSD to rule them all! Tired of Spam? - http://www.trustic.com pgp0.pgp Description: PGP signature
Re: delivering to bb folders
On Mon, 24 Mar 2003 [EMAIL PROTECTED] wrote: for eg. with cyradm, localhost sam folder1 anyone lrs localhost sam folder1 user1 lrswip where folder1 is a mailbox used as a bulletin board and user1 is a special user with post permission to the folder. Mail sent by user1 to folder1 bounces with a permission denied error. Is there any way to achieve this? You need to be sure that your users are using SMTP auth and your MTA is passing this authorization information on to LMTP. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: cyrus acls problem on inboxes
On Sat, 22 Mar 2003, Scott McDaniel wrote: I am trying to get cyrus-imapd-2.1.12 running on a new Solaris box and havin some problems with acls. In short, I want to restrict end users from adding additional folders under their INBOX. Regardless of the acls I set, end users still can create the folders. It's like acls are NOT being considered for the top level directory. Any insite you might be able to provide would be greatly appreciated. http://bugzilla.andrew.cmu.edu/show_bug.cgi?id=1778 (You can change the implicit rights on an INBOX in 2.2) -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: I tried chinese in cyrus's folder name and chinese IMAP client,but something wrong
Temp wrote: I tried chinese in postfix+cyrus-imap and in Outlook Express 5, the Inbox is still the one in chinese, but the Sent Items and Drafts folders which I saw in english IMAP client become normal folders, and there are another folder instead of them in chinese in chinese name. so, does IMAP server not provide a uniform interface? or just the problem of IMAP protocol? or just my fault to set up something wrong?? yes, the Inbox is good at all in chinese. Inbox is the only special folder in IMAP -- the others are just conventions used by the mail clients. If two different clients (OE/English and OE/Chinese) decide to name them differently, there is nothing the IMAP server can or should do about it. -- John A. Tamplin Unix System Administrator Emory University, School of Public Health +1 404/727-9931
Defining Special Mailboxes like 'Inbox'
I am writing a general question to ask if any cyrus administrators have accomplished this goal. We are looking at setting up a very rudimentary server side delivery of messages to one of two places. We would like to create a folder called 'SPAM' in each of our users mailboxes. Since incoming email is being checked and spam tagged in the headers by another server, we would like to deliver the spam-tagged mail to the SPAM folder and everything else to the INBOX. The question: Is there a way in Cyrus to create a folder 'SPAM' that cannot be deleted by the end user so we know it will be there if we set up a filtering rule to deliver to such a folder? Basically same sort of criteria the Inbox folder has. Any feedback most welcome. Thanks, Scott -- Scott Nickerson Director, Networks and Systems Dalhousie University Killam Library B523 Halifax NS B3H 4H8 [EMAIL PROTECTED] Phone: (902)494-3811 Fax: (902)484-6790
Re: Defining Special Mailboxes like 'Inbox'
Scott Nickerson wrote: I am writing a general question to ask if any cyrus administrators have accomplished this goal. We are looking at setting up a very rudimentary server side delivery of messages to one of two places. We would like to create a folder called 'SPAM' in each of our users mailboxes. Since incoming email is being checked and spam tagged in the headers by another server, we would like to deliver the spam-tagged mail to the SPAM folder and everything else to the INBOX. The question: Is there a way in Cyrus to create a folder 'SPAM' that cannot be deleted by the end user so we know it will be there if we set up a filtering rule to deliver to such a folder? Basically same sort of criteria the Inbox folder has. There is no way to guarantee this in 2.1 or earlier because the owner is always given enough implicit rights to get around it. In 2.2 there is an implicitrights option which can be used to limit these rights (eg, remove 'a') and then you can remove the user's 'c' right from the SPAM folder. -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp
Re: Mozilla vs. Cyrus Imap acl errors
On Fri, 21 Mar 2003, Alessandro Oliveira wrote: I've been using mozilla acessing a cyrus-imap server for about 6 months, and I've been experiencing some problems related to acl's, on mozilla I often get the message The current command did not succeed. The mail server responded: Permission denied on the first time I try to access another users INBOX, but if I change to other folder and come back to the first one, the access becames enabled. If you are using a version of Mozilla older than 1.3a, upgrade. The release notes of 1.3a mention ACL problems on Cyrus servers have been fixed. -- Tuuli Tuominen University of Helsinki IT Department
RE: Defining Special Mailboxes like 'Inbox'
Scott Nickerson wrote: [ ... ] The question: Is there a way in Cyrus to create a folder 'SPAM' that cannot be deleted by the end user so we know it will be there if we set up a filtering rule to deliver to such a folder? Basically same sort of criteria the Inbox folder has. There is no way to guarantee this in 2.1 or earlier because the owner is always given enough implicit rights to get around it. In 2.2 there is an implicitrights option which can be used to limit these rights (eg, remove 'a') and then you can remove the user's 'c' right from the SPAM folder. Another posibility would be to run through all mailboxes and create the folder if it doesn't exist... About every hour... At some point the user will stop to deleting it... :-) If you use Sieve for delivering the SPAM-mails and the SPAM-folder doesn't exist, it will go to the Inbox... I think this is OK. Lg, Oliver
Trafficaccounting in a mysql db ?
Hello,
I wrote a patch which enables one to do traffic logging into a mysql
database. (mainly lib/prot.c lib/prot.h) The table in which that happens
could look something like:
CREATE TABLE cyrus_accounting (
id int(11) NOT NULL auto_increment,
login varchar(128) NOT NULL default '',
service
enum('IMAP','POP','OTHER','FILESYSTEM','BACKEND','LMTP','DELIVER','LMTP_FILESYSTEM','LMTP_TEMP','LMTP_SHUTDOWN','SHUTDOWN')
NOT NULL default 'OTHER',
bytes double NOT NULL default '0',
type enum('IN','OUT') NOT NULL default 'UNSPECIFIED',
connect_time datetime default NULL,
disconnect_time datetime NOT NULL default '-00-00 00:00:00',
PRIMARY KEY (id),
KEY stamp (connect_time),
KEY login (login)
) TYPE=InnoDB;
If anybody has interest in that I could post the patch. I would have to
do some changes to make everything configurable in the imapd.conf file
first so that I cannot post the patch unchanged for now and wanted to
ask first.
--Christian--
lmtpd don't advertise the EXTERNAL auth method
Hi! I use a backported version of debian's (thanks hmh) cyrus21 2.1.11-5 package. My problem is that, lmtpd don't advertise the EXTERNAL auth method on unix socket (neither on tcp). Because it cyrdeliver (deliver) cant use AUTH parameter of the MAIL FROM command (see lmtp_runtxn in lmtpengine.c), and because it, cyrdeliver (-a auth-id option) and the mta cant provide the authenticated userid to cyrus. Every post is run as So our users cant post to the shared folders etc etc. # socat UNIX-CONNECT:/var/run/cyrus/socket/lmtp - 220 mail.rit.bme.hu LMTP Cyrus v2.1.11-Debian-4.woody.1 ready LHLO mail.rit.bme.hu 250-mail.rit.bme.hu 250-8BITMIME 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-SIZE 250 IGNOREQUOTA Note,that lmtpd misses the 250-AUTH EXTERNAL line. /etc/cyrus.conf: lmtpunixcmd=lmtpd listen=/var/run/cyrus/socket/lmtp prefork=1 maxchild=20 /etc/imapd.conf: configdirectory: /var/lib/cyrus defaultpartition: default partition-default: /var/spool/cyrus/mail partition-news: /var/spool/cyrus/news newsspool: /var/spool/news altnamespace: no unixhierarchysep: no admins: cyrus admin realman allowanonymouslogin: no popminpoll: 0 autocreatequota: 0 umask: 077 sendmail: /usr/sbin/sendmail sieveusehomedir: false sievedir: /var/spool/sieve hashimapspool: true allowplaintext: yes # i dont think, that EXTERNAL is neaded here sasl_mech_list: PLAIN LOGIN GSSAPI KERBEROS_V4 EXTERNAL sasl_minimum_layer: 56 sasl_pwcheck_method: saslauthd sasl_auto_transition: yes servername: mail.rit.bme.hu loginrealms: RIT.BME.HU tls_cert_file: /etc/ssl/certs/mail.rit.bme.hu.crt tls_key_file: /etc/ssl/certs/mail.rit.bme.hu.key.nopass tls_ca_file: /etc/ssl/certs/ca.crt tls_session_timeout: 1440 tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH lmtpsocket: /var/run/cyrus/socket/lmtp idlesocket: /var/run/cyrus/socket/idle notifysocket: /var/run/cyrus/socket/notify
lmtpd don't advertise the EXTERNAL auth method
Hi! I use a backported version of debian's (thanks hmh) cyrus21 2.1.11-5 package. My problem is that, lmtpd don't advertise the EXTERNAL auth method on unix socket (neither on tcp). Because it, cyrdeliver (deliver) can't use the AUTH parameter of the MAIL FROM command (see lmtp_runtxn in lmtpengine.c), and because it, cyrdeliver (-a auth-id option) and the mta can't provide the authenticated userid to cyrus. Every post run as anyone, so our users cant post to the shared folders etc etc. 2.1.9 and under seems to works fine. (I didn't use 2.1.10) What's the solution? Can anybody reproduce it? Thanks: balsa # socat UNIX-CONNECT:/var/run/cyrus/socket/lmtp - 220 mail.rit.bme.hu LMTP Cyrus v2.1.11-Debian-4.woody.1 ready LHLO mail.rit.bme.hu 250-mail.rit.bme.hu 250-8BITMIME 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-SIZE 250 IGNOREQUOTA Note,that lmtpd misses the 250-AUTH EXTERNAL line. /etc/cyrus.conf: lmtpunixcmd=lmtpd listen=/var/run/cyrus/socket/lmtp prefork=1 maxchild=20 /etc/imapd.conf: configdirectory: /var/lib/cyrus defaultpartition: default partition-default: /var/spool/cyrus/mail partition-news: /var/spool/cyrus/news newsspool: /var/spool/news altnamespace: no unixhierarchysep: no admins: cyrus admin realman allowanonymouslogin: no popminpoll: 0 autocreatequota: 0 umask: 077 sendmail: /usr/sbin/sendmail sieveusehomedir: false sievedir: /var/spool/sieve hashimapspool: true allowplaintext: yes # i dont think, that EXTERNAL is neaded here sasl_mech_list: PLAIN LOGIN GSSAPI KERBEROS_V4 EXTERNAL sasl_minimum_layer: 56 sasl_pwcheck_method: saslauthd sasl_auto_transition: yes servername: mail.rit.bme.hu loginrealms: RIT.BME.HU tls_cert_file: /etc/ssl/certs/mail.rit.bme.hu.crt tls_key_file: /etc/ssl/certs/mail.rit.bme.hu.key.nopass tls_ca_file: /etc/ssl/certs/ca.crt tls_session_timeout: 1440 tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH lmtpsocket: /var/run/cyrus/socket/lmtp idlesocket: /var/run/cyrus/socket/idle notifysocket: /var/run/cyrus/socket/notify
Signaled to death by 7?
I have a user that can't access her mail right now. She has about 150 subfolders of her INBOX (none nested more than 3 levels deep), and when she tries to access the INBOX she logs in successfully but Cyrus disconnects, and I get a message in the log that reads master[898]: process 4819 exited, signaled to death by 7. If I telnet to port 143 and log in to her account, everything works OK until I run the following command (which is the first thing Mozilla does when one connects with it): 1 LSUB * It lists most of her mailboxes and then the process dies with a signal 7. Any idea what might cause that, or what I can try that might fix the problem, besides deleting some of her mailboxes (not an option)? I ran reconstruct -r user.userid and restarted master, but that didn't help... I am using Cyrus-imapd 2.1.2 on RedHat 7.2. I have version 2.1.12 installed on a new server and am almost ready to migrate all the users to the new box, but for right now I'm stuck with 2.1.2. I hope version 2.1.12 will allow a user to have over 150 mailboxes without dying... not that there are many users who legitimately need 150 mailboxes... Any suggestions are appreciated.
Re: lmtpd don't advertise the EXTERNAL auth method
2003-03-24, h keltezssel Rob Siemborski ezt rta: I'm unclear what the problem is here. Certainly I don't believe there is one with LMTPd (though perhaps there is one with cyrdeliver). Sorry this was an old draft mail. (Evolution is buggy) This was a sasl2 bug (as I can recollect sasl 2.1.9), sasl2 upgrade solved the problem. (though perhaps there is one with cyrdeliver). No, as you see I used socat, so this was not cyrdeliver's fault. balsa
Re: lmtpd don't advertise the EXTERNAL auth method
Please ignore my previous (old draft) mail. Evolution is little buggy. Sorry and Thanks. balsa
Re: lmtpd don't advertise the EXTERNAL auth method
On Mon, 24 Mar 2003, Balazs GAL wrote: I'm unclear what the problem is here. Certainly I don't believe there is one with LMTPd (though perhaps there is one with cyrdeliver). Sorry this was an old draft mail. (Evolution is buggy) This was a sasl2 bug (as I can recollect sasl 2.1.9), sasl2 upgrade solved the problem. (though perhaps there is one with cyrdeliver). No, as you see I used socat, so this was not cyrdeliver's fault. I meant in its interpretation of what was going on. In any case, I'm glad its fixed. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: lmtpd don't advertise the EXTERNAL auth method
On Mon, 24 Mar 2003, Balazs GAL wrote: I use a backported version of debian's (thanks hmh) cyrus21 2.1.11-5 package. My problem is that, lmtpd don't advertise the EXTERNAL auth method on unix socket (neither on tcp). Because it, cyrdeliver (deliver) can't use the AUTH parameter of the MAIL FROM command (see lmtp_runtxn in lmtpengine.c), and because it, cyrdeliver (-a auth-id option) and the mta can't provide the authenticated userid to cyrus. Every post run as anyone, so our users cant post to the shared folders etc etc. I'm unclear what the problem is here. Certainly I don't believe there is one with LMTPd (though perhaps there is one with cyrdeliver). Over TCP, you're going to need an external authentication source (e.g. TLS client cert) before you can advertise EXTERNAL as a SASL auth mech. On a unix socket, the connection is assumed to be preauthenticated as an admin, so you shouldn't need to authenticate at all (i.e. don't let non admins write to the unix socket!). -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Upgrading from db-3.2 to db-4.1 ?
Hi, I want to upgrade my cyrus installation to a new berkeley db version. Currently I am running db-3.2. All other services like sendmail with sasl are allready running with db-4.1.25. I am running the 2.2 version from cvs and now need to know how I have to convert the different mailboxes after installing the new binaries. The currently running version is configured with the 2.2 defaults for all database backends. checking for db.h... yes checking for db_create in -ldb-4.1... no this will change to yes checking for db_create in -ldb4.1... no checking for db_create in -ldb-4.0... no checking for db_create in -ldb4.0... no checking for db_create in -ldb-4... no checking for db_create in -ldb4... no checking for db_create in -ldb-3.3... no checking for db_create in -ldb3.3... no checking for db_create in -ldb-3.2... yes this will change to no Do any of the following change because of the new db-4.1 version ? I did not specify them on the configure commandline so that are the defaults for db-4.1 also ? checking duplicate db database backend... berkeley_nosync checking mboxlist database backend... skiplist checking seen state database backend... skiplist checking pts database backend... berkeley checking subscription database backend... flat checking TLS cache database backend... berkeley_nosync checking netnews db database backend... berkeley Is there anything I have to do before starting the new cyrus master binary ? --Christian--
