Planning a cyrus upgrade
L.S., I've been running cyrus imapd version 2.1.10 with cyrus-sasl-2.1.9 for a while, and apart of some glitches with Berkely-dB 4.1.25, am quite pleased with it. From this mailinglist I understand that the Berkeley-dB bug has been solved, so that sounds like a good reason to upgrade. Is this particular bug-fix already in a stable release? I'm planning to upgrade to 2.1.12, given the 'alpha' status of the 2.2 branch. Secondly, most of my mail-users use Mozilla or Outlook. Both open multiple connections, and because of this, mail you've already read tends to become unread again. I've heard about a patch to make cyrus write these changes to disk right away to keep them synchronized between connections. Where to find such a patch? Is it already part of the cyrus tree? From the documentation, I understand that (I won't change Berkely-dB versions) upgrading from this version of Cyrus to a more recent one shouldn't be a problem, just stop the server, replace the binaries, and start it again. Is this enough of a plan, apart from making a full backup first? Regards, Paul Boven.
Re: Planning a cyrus upgrade
Paul Boven wrote: Secondly, most of my mail-users use Mozilla or Outlook. Both open multiple connections, and because of this, mail you've already read tends to become unread again. I've heard about a patch to make cyrus write these changes to disk right away to keep them synchronized between connections. Where to find such a patch? Is it already part of the cyrus tree? Don't know if the fix is in current (2.1.13) cyrus, but if you use skiplist for the seen.db you'll almost not notice the problem. And if you're using a recent version of mozilla (=1.3) take a look at bug 195787 http://bugzilla.mozilla.org/show_bug.cgi?id=195787 (hint: disable junk mail controls). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Planning a cyrus upgrade
On Mon, 9 Jun 2003, Paul Boven wrote: I've been running cyrus imapd version 2.1.10 with cyrus-sasl-2.1.9 for a while, and apart of some glitches with Berkely-dB 4.1.25, am quite pleased with it. From this mailinglist I understand that the Berkeley-dB bug has been solved, so that sounds like a good reason to upgrade. Is this particular bug-fix already in a stable release? I'm planning to upgrade to 2.1.12, given the 'alpha' status of the 2.2 branch. It isn't in any released version of cyrus, but this is the patch you want: http://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/cyrus/master/service.c.diff?r1=1.42r2=1.43 and http://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/cyrus/master/service-thread.c.diff?r1=1.10r2=1.11 -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: Murder installation: authentication hints.
On Mon, 9 Jun 2003, Dmitry Novosjolov wrote: As I understand the murder concept: imapproxyd at frontends proxies connections to the backends, and it authenticates incoming connections (for example, person1) at frontend, and then authenticates itself at the backend server as some other user (for example, proxy1) (which is allowed to proxy) and acts on behave of the user (person1). Right ? Almost. For referrals-supporting clients (cyradm, pine), the frontends will occasionally refer a request to the backend. timsieved works in other way: it supports referrals and so it authenticates at the backend directly (person1), so the password for the user (person1) should be the same on a fronend and on backend servers. Correct ? They need to be the same. In general every fronend authenticates incoming IMAP connections locally, so if I want to have *exactly* the same frontends I should take care of syncying passwords between my frontends and If I use sieve I also should sync user passwords on backends and fronends as well. You should have the same password store for your users on all the systems. The frontends, however, only need to be able to authenticate to the backends (not to eachother). So the question is how I can achieve that ? Maybe I should use some other way of performing authentication which uses a centrilized password storage? Please point me in right direction. Yes, this is definately preferred. Kerberos authentication is ideal for this sort of thing. Otherwise you probably want a MySQL password store. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
cyrus-imapd-2.1.13 sieve curiosity
I and a few others here have begun noticing that periodically Sieve won't filter a message properly. Sometimes I've even resent the message again to find that on that occasion it did get filtered just as expected. I wonder, could that BerkeleyDB leak for which Rob just posted those two patches have any bearing on this? Sadly, so far I haven't been able to detect a pattern to make this report more meaningful, but I'll keep an eye out. -- Amos
Re: cyrus-imapd-2.1.13 sieve curiosity
On Mon, 9 Jun 2003, Amos Gouaux wrote: I and a few others here have begun noticing that periodically Sieve won't filter a message properly. Sometimes I've even resent the message again to find that on that occasion it did get filtered just as expected. I wonder, could that BerkeleyDB leak for which Rob just posted those two patches have any bearing on this? Sadly, so far I haven't been able to detect a pattern to make this report more meaningful, but I'll keep an eye out. The sieve parser state doesn't get reset properly after an error. Thus once a script fails to parse, all scripts will fail to parse (try to submit a good script after a bad one in a timsieved session to see this in action). If badly-formed sieve scripts could have snuck in, then this will affect lmtpd as well, leading to behavior like you describe here. The bytecode, of course, solves this problem (But that won't ever be seen in 2.1) -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: cyrus-imapd-2.1.13 sieve curiosity
On Mon, 9 Jun 2003 12:14:15 -0400 (EDT), Rob Siemborski [EMAIL PROTECTED] (rs) writes: rs The sieve parser state doesn't get reset properly after an error. Thus rs once a script fails to parse, all scripts will fail to parse (try to rs submit a good script after a bad one in a timsieved session to see this in rs action). Interesting. Would an error like this also apply? sieve runtime error for X id [EMAIL PROTECTED]: Fileinto: Mailbox does not exist (The X is one of our users, but not myself.) -- Amos
Re: cyrus-imapd-2.1.13 sieve curiosity
On Mon, 9 Jun 2003, Amos Gouaux wrote: Interesting. Would an error like this also apply? sieve runtime error for X id [EMAIL PROTECTED]: Fileinto: Mailbox does not exist (The X is one of our users, but not myself.) I don't think so, I'm pretty sure its only caused by errors during sieve_script_parse, not during sieve_execute_script. That said, it should be relatively easy to construct a test case based on sieve/test.c which proves this. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: Linking imapd with db-4.1.25
On Fri, June 6, 2003 3:28 pm, you wrote: On Fri, June 6, 2003 2:46 pm, John Alton Tamplin wrote: Igor Brezac wrote: This problem is fixed in cvs for both 2.1.x and 2.2. Ok, so it was a problem in Cyrus not db? Thanks. I'm not so sure. Checked 2.1 branch out of CVS and I still can't get it to work. Same results with 2.2-ALPHA. It finds db-4.0 but not db-4.1. Upon further investigation, it looks like maybe the problem is with db-4.1.25 and not cyrus... Here's some output from config.log: snip configure:5808: checking for db_create in -ldb-4.1 configure:5839: gcc -o conftest -Wall -g -O2 -I/usr/local/itech/iwaymail/include -L/usr/local/lib -Wl,-rpath,/usr/local/lib - L/usr/local/itech/iwaymail/lib conftest.c -ldb-4.1 -L/usr/local/itech/iwaymail/lib -lresolv -Wl,-rpath,/usr/local/itech/iw aymail/lib 5 /usr/local/itech/iwaymail/lib/libdb-4.1.so: undefined reference to `pthread_condattr_setpshared' /usr/local/itech/iwaymail/lib/libdb-4.1.so: undefined reference to `pthread_mutexattr_destroy' /usr/local/itech/iwaymail/lib/libdb-4.1.so: undefined reference to `pthread_mutexattr_setpshared' /usr/local/itech/iwaymail/lib/libdb-4.1.so: undefined reference to `pthread_mutexattr_init' /usr/local/itech/iwaymail/lib/libdb-4.1.so: undefined reference to `pthread_mutex_trylock' collect2: ld returned 1 exit status configure:5842: $? = 1 snip Any ideas where I might find some support for db-4.1.25? Can't find any mailing lists or news feeds on sleepycat's site. Lars I finally figured out how to get cyrus-imapd linked up with my 4.1.25 on RedHat 9. You need to add -lpthread to LDFLAGS (and export it to the environment) before running the configure script. I don't know who's job it should be to figure out that additional linker flag...the addition of nptl in RedHat 9 is turning out to be really problematic thus far. Lars
Re: cyrus-imapd-2.1.13 sieve curiosity
On Mon, 9 Jun 2003 12:50:16 -0400 (EDT), Rob Siemborski [EMAIL PROTECTED] (rs) writes: rs I don't think so, I'm pretty sure its only caused by errors during rs sieve_script_parse, not during sieve_execute_script. I'm not sure yet, but I think I might have found the culprit. The other day my boss was playing with uploading Sieve scripts using Mulberry. It would seem that a string of binary characters was included in this script after the comment '# Generated from text'. I've commented out that line. We'll see if things resume back to abby-normal. When I learn more just what he did, I'll contact Cyrusoft. -- Amos
Re: Cyrus-Imap-2.2 with postfix
On Fri, 2003-06-06 at 09:43, Vernon A. Fort wrote: Has or does anyone use the 2.2 version with postfix. I cannot get any mail delivered to cyrus. the ususal statement (unknown user). I have created a user like cm [EMAIL PROTECTED] Set the imapd.conf file per the docs use the standard LMTP config within postfix Still no mail can be delivered outside of the default domain name. What should the master.cf file look like? Any help would be great Andy Vernon A. Fort (Andy) Provident Solutions, LLC (615) 427-4016 http://www.provident-solutions.com Is it possible that you have unixhierarchysep set to yes? If so, the command to create a mailbox would be: cm user/[EMAIL PROTECTED] Regards, -- Hank Beatty [EMAIL PROTECTED]
info-cyrus@lists.andrew.cmu.edu
Title: [EMAIL PROTECTED] ¡@ §ó¦h¦n±d¸ê°T °ê¤º§K¶O50MBEmail«H½c http://netd.idv.tw/mail/ ©`¯S¹F-°ê»Ú«H½c ¯S¦â 1.¥i½u¤W¦¬µo«H.outlook¦¬µo¬Ò¥i [EMAIL PROTECTED] 3.¶Â¦W³æ¹LÂo(»Ý¥Î¤á´£¨Ñ¦W³æ) 4.¨Ï¥Î¤W¦³°ÝÃD¥iICQ78007441»PºÞ²zûÁpµ¸ 5.¥¼¨Ó±N¥[¤JSSL¦w¥þ³s½u 6.¥i¦P®É¦¬¨ä¥LISP«H½c,[EMAIL PROTECTED] 7.¨¾¬r¡A¥Î¤á¦¬µo«H±NÄY®æ±½¬r è¥Ó½Ð¥ß¨è¥Ó½Ð¥i¥H¥ß§Y¨Ï¥Î ÁÙ¥i¥H¨Ï¥ÎOUTLOOK¦¬µo«H¥ó. ´£¨Ñ¤é¥»©]´º¡A¨S¬Ý¹L¤é¥»©]´º¨Ó³o¨à´N¨S¿ù¤F¡I http://ww4.tiki.ne.jp/~mmurakami/setoy/map.html ¡@ ¬P®yªºª¾¤ß²Õ¦X ¡°¨d¦Ï®yªºª¾¤ß²Õ¦X ¦Ï¨à©MÂù¤l¥H¤ÎÄ_²~®y«Ü®e©ö¦¨¬°ª¾¥æ¦n¤Í¡A¥Dn¬O¦]¬°¨d¦Ï©MÂù¤l®y³£¬O¤ÏÀ³«Ü§Öªº¬P®y¡A¨âÓ¤H¥æ½Í°«¼L±`±`¥u¦³¨âÓ¤HÅ¥±oÀ´¡C¦ý¬O¦Ï¨à³Ì«H¥ôªºªB¤Í²ö¹L©ó²~¤lÅo¡I¤Ñ¯uªº¥LÌ·|§â©Ò¦³ªº¨Æ³£¸ò²~¤l»¡¡AÅ¥¨ú²~¤lªº·N¨£¡A¦Ó¥B±`±`¬O²`«H¤£²¾ªº¡I ¡°ª÷¤û®yªºª¾¤ß²Õ¦X ¤û®y¦³®É¬OÆZ©T°õ¤v¨£ªº¡A¦Ó¥B·|§N²´®ÇÆ[¡A¥L̨䣷|¦³¤Ó¦hªºª¾¤ß¦n¤Í¡A¥Dn¬O¦]¬°¤û®yªº¥Ø¼Ð©w¥ß±o¤Ó¦¤F¡A¤]¤Ó±M¤ß¤F¡C¤£¹L¥¨ÃÉ©MÂù³½Ë¬O¤ñ¸û®e©ö·|[EMAIL PROTECTED] ¡°Âù¤l®yªºª¾¤ß²Õ¦X Âù¤lÌÁöµM¥¤é¥æ¹C¼sÁï¡A¦ý¬OÂIÀY¤§¥æ©M°s¦×ªB¤ÍÁÙ¬O¥e¤Fµ´¤j¦h¼Æ¡A¯à©MÂù¤l¦³¹L©R¥æ±¡ªºÂ²ª½¹é¹é¥i¼Æ¡A¤£¹L¨d¦Ï®y©M·à¤l®yˬO«Ü®e©öÅܦ¨¥L̪º«ô§â¤l¡I¥Dn¬O¦]¬°Âù¤l«ÜÃø±o«H¥ô¥L¤H¡A¹ï©ó¦Ï¨à©M·à®y³oºØÁ¿¸q®ðªºªB¤Í¯u¬O³Ì¦n¤£¹L¤F¡A¥LÌ°í«ùªºªB¤Í¹D¸qµ¹Âù¤l«Ü¤jªº¦w¥þ·P¡C ¡°¥¨ÃÉ®yªºª¾¤ß²Õ¦X ³ßÅw©M¤H²á¤ß¨ÆªºÃÉ®y¡A³Ì»Ýn¦³¶|[EMAIL PROTECTED]@¡I ¡°·à¤l®yªºª¾¤ß²Õ¦X [EMAIL PROTECTED]|¦ÛµM³\¦h¡A¤]§Ö¼Ö³\¦h¡I ¡°³B¤k®yªºª¾¤ß²Õ¦X [EMAIL PROTECTED]@¡I¯à¦¨¬°¥L̪ºª¾¤ß¦n¤Í¹ê¦b»¡¨Ó¤]¨S´XÓ©O¡I³q±`©M³B¤k®y¤ñ¸û³B±o¨Óªº¬O¥¨ÃÉ®y©M¤ÑÃÈ®y¡C ³B¤k©M¥¨ÃɬO«Ü®e©ö¦¨¬°¦nªB¤Íªº¡A¦]¬°¥¨Ãɪº±Ó·P«Ü®e©ö´N·Pı±o³B¤k®y¤º¤ßªºªi°Ê¡A¦Ó³B¤k¤]ÆZ¯à¶}¾É¥¨ÃÉ®y¦hÅܪº±¡ºü¡A¨âÓ¤H¦b±¡·P¤W¯à°÷¬Û¤¬À°¦£¡A·|[EMAIL PROTECTED]@©w·|¬Û¤¬§ß«ù¡A·P±¡·|«Ü²`«p¡C ¡°¤Ñ¯¯®yªºª¾¤ß²Õ¦X ¯¯¤l·|¦³¤£¤ÖªºªB¤Í¡A¦ý¬O¤j¦h¼Æ¬OÂIÀY¤§¥æ¡A¤ñ¸û¯à©M¥L̦¨¬°¦n¤Íªº¬O·à¤l®y©M®g¤â®y¡C¦]¬°¦pªG¤£¬O¦³¤°»ò¤j¨Æªº¸Ü¯¯¤l¬O¤ñ¸û³ßÅw»´ÃP©Mª±¼Öªº¬P®y¡A¦Ó·à¤l©M®g¤â®y´N¬Oª±¼Öªº°ª¤â¡A¥LÌ·|[EMAIL PROTECTED] ¡°¤ÑÃÈ®yªºª¾¤ß²Õ¦X ¦M¾÷·P±jªºÃȤl¬O¤£®e©ö©M§O¤H±Ç¤ß¸m¸¡ªº¡A¯à©M¥L̦¨¬°¦n¤Íªº¤H¤]¤£¦h¡A¦ý¬O³B¤k®y©MÅ]½~®y¬O¤ñ¸û¥i¯à³Q¥LÌ©Ò«H¥ôªº¡C¥i¯à¬O³o¨âÓ¬P®y³£¤ñ¸û¹ê¦b¦³®Æ§a¡A¦Ó¥B¥L̤ºÀĪº®ð½èÅýÃȤl¦³Ã©wªº·Pı¡A©Ò¥HÃȤl·|[EMAIL PROTECTED] ¡°®g¤â®yªºª¾¤ß²Õ¦X ®g¤â¯u¬O¬Û¥æº¡¤Ñ¤U¡AÁöµM¤£¦Ü©ó·P¹Äª¾¤ß¦³´X¤H¡A¦ý¤]¤£¬O¨CÓ¤H³£¯à·í¦nªB¤Í¬Ýªº¡I©M®g¤â®y®e©ö¦¨¬°ª¾¤ß¦n¤Íªº¬O¤Ñ¯¯®y©MÄ_²~®y¡C¥Dn¬O¥L̳£¬O«Ü§NÀRªº¬P®y¡A¥i¥Hµ¹¤£±`±`¥X¿ùªº®g¤â®y«Ü¤¤ªÖªº«Øij¡A©Ò¥H±`¥i¥H«Ø¥ß«Ü¦nªº¤Í½Ë¡C ¡°Å]½~®yªºª¾¤ß²Õ¦X [EMAIL PROTECTED]@[EMAIL PROTECTED]@¨Ó¥LÌ´NÅܦ¨Å]½~®y«Ün¦nªºª¾¤vªB¤ÍÅo¡I ¡°Ä_²~®yªºª¾¤ß²Õ¦X ²~¤lªºªB¤Í¤]¬O¹M¥¬¤´ò¥|®ü¡A¥u¬Oª¾¤ßªB¤Í·íµM¤]¬O¤£·|«Ü¦hÅo¡I³q±`®g¤â®y©M¨d¦Ï®y¥i¥H¬O²~¤l³Ì©¾¹êªºªB¤Í¡A¦]¬°®g¤â·|[EMAIL PROTECTED] ¡°Âù³½®yªºª¾¤ß²Õ¦X Âù³½ªº¤º¤ß¬O¤£¬°¤Hª¾ªº¡A¦]¬°¥Ḻ`±`¬O¬¡¦b¦Û¤vªº·Q¹³¤¤¡A©ÎªÌ¬O¯¸¦b²{¹ê»P·Q¹³ªº¤¤¶¡¡A¦Ó©MÂù³½®y³Ì®e©ö¦¨¬°¦n¤Íªº¬OÅ]½~®y©Mª÷¤û®y¡C¥L̤]³£¬O¤£¤Óªí¹F¦Û¤vªº¬P®y¡A©Ò¥H¯à¤F¸ÑÂù³½®yÂæb¦Û¤v¤º¤ßªº±¡·P¡A¤]¯àÀ°§UÂù³½®y±¹ï²{¹ê¡A¦b²{¹ê¤¤¹Á¸Õ¹ê²{¹Ú·Q¡C [EMAIL PROTECTED] ¦³¦n±d¸ê°T¡AÅwªï¨Ó¹q«ü±Ð¡A¾ã²z«áµo³øµ¹¦U¦ì³ø¤Í
Detailed logging for lmtpd?
Is there anyway to get detailed logging out of lmtpd and pop3d? I've recently started monitoring mail delivery from end-to-end, and the nagios plugin that I'm using is reporting about 1 lost message a day. I'd like to get some better logging data out of lmtpd and pop3d (mails written to disk and retrieved from box at the least) so that I can isolate the problem and find the bug in cyrus or the monitoring script. Will using -d be sufficient, or are there other logging options that aren't documented. I've got syslog running at debug level, but that doesn't give much. -- Ted Cabeen http://www.pobox.com/~secabeen[EMAIL PROTECTED] Check Website or Keyserver for PGP/GPG Key BA0349D2 [EMAIL PROTECTED] I have taken all knowledge to be my province. -F. Bacon [EMAIL PROTECTED] Human kind cannot bear very much reality.-T.S.Eliot[EMAIL PROTECTED]
Several issues with 2.1.13
I've just upgraded my office mail server from 2.0.16 to 2.1.13, in preparation for upgrading some of my client's servers. My server is Red Hat Linux 7.3. My 2.0.16 installation was from Ramiro Morales's RPMs; the 2.1.13 from Simon Matter's. The upgrade wasn't entirely smooth; I wrote up some notes about what I did: http://nakedape.cc/wiki/index.cgi/CyrusImapNotes in case someone else wanders along this path... The biggest issue was that ctl_cyrusdb wasn't able to read my old mailboxes.db file; I reverted to my old installation and dumped the database to a flat file and it went okay. For some reason that I don't understand, I had to remove the /var/lib/imap/db directory for the rebuilding of the database to work correctly. 'rehash full' did very strange things; it only created directories of A-Z, none of a-z and my own mailbox information was under 'I/' in both the mailbox spool and the '/var/lib/imap/user' directory. As a result, I had to disable 'hashimapspool', which Simon's RPMs enabled by default. 'squatter' doesn't seem to work correctly either. I checked the archives and there seem to be a number of other people with the same problem; it dies with SQUAT: Unknown error 1 (Closing index). I built a version w/o optimization and with debugging symbols and ran DDD on it, but I wasn't really able to tell what was going wrong. It seems to go wrong somewhere in 'squat_build.c:dump_index_trie_words()'. My system has Perl v5.6.1; I don't know if that's part of the problem or what. I have several messages that are GPG-signed (using PGP/MIME format) that were sent through a Mailman 2.1 server that will only show the footer appended by Mailman. I've looked at the message in the spool, and it's complete there. I turned on telemetry logging and found out that the entire message is not being sent over the IMAP connection; so it's the server and not just my client. I can make a copy of the message available if someone wants to verify (it's not a private message). I had this problem with 2.0.16 and still with 2.1.13. I don't seem to have this problem with other GPG-signed messages going through Mailman lists. Finally, I have a customer that's a small ISP that's currently running 2.0.16. I'm going to upgrade regardless, just so I can bounce messages delivered through LMTP to boxes that are over-quota. However, I recurrent problem we have is with POP3 users (which everyone is) who lose their connection (usually because of problems with dial-up). The pop3d stays running and locks the mailbox for 15 minutes or so, causing lots of support calls and grumbling. I'm guessing the connection stays in TIME_WAIT for this period, but 15 minutes seems like a long time for it to stay open. I see the 'poptimeout' setting that might help, but even 10 minutes might be too long. (This 15 minutes could be only 10 minutes already; I'm just being told this by the guy who does support.) Will anything that's changed between 2.0.16 and 2.1.13 help assuage this problem? Wil -- Wil Cooley [EMAIL PROTECTED] Naked Ape Consultinghttp://nakedape.cc * * * * Linux, UNIX, Networking and Security Solutions * * * * * Tired of spam and viruses in your e-mail? Get the * * Naked Ape Mail Defender! http://nakedape.cc/r/maildefender * signature.asc Description: This is a digitally signed message part
Re: RH 9.0 ssl compiler error
Thanks to all that responded to my issue. The one that worked for me was setting defs in configure to be; DEFS=-DHAVE_CONFIG_H -DOPENSSL_NO_KRB5 Fix provided by Gareth Butt!!! Thank dude. Thanks again everyone. Rich On Mon, 2003-06-09 at 14:31, Hank Beatty wrote: On Fri, 2003-06-06 at 13:22, Jon Nelson wrote: Richard Houston said: Hi all, I am trying to compile Cyrus 2.1.13 on RH 9.0 but it keeps crapping out I had the same problem recently. Let me know if --without-krb works, but I don't think it does. A friend of mine wrote this perl script to fix it: it's actually --without-openssl #!/usr/bin/perl -w # FIXIT: for use in cyrus-imapd until they catch up to Redhat's recent #location for kerberos include files use strict; # these are the subdirectories with Makefiles which need modification my @dirs = qw( acap lib imap imtest perl/sieve/lib timsieved ); foreach (@dirs) { my $file = $_/Makefile; open F, $file; # read all lines from the Makefile my @lines = F; close F; open F, $file;# rewrite the Makefile foreach (@lines) { chomp;# strip off newline # append -I/usr/kerberos/include to the CPPFLAGS line # if it's not already there $_ .= -I/usr/kerberos/include if /^CPPFLAGS/ ! /kerberos/; print F $_\n;# write the line to the file } close F; } this script worked for me with this mod: my @dirs = ( lib imap imtest perl/sieve/lib timsieved); Thank you for all of your help. Regards,
Re: Several issues with 2.1.13
Wil Cooley wrote: The upgrade wasn't entirely smooth; I wrote up some notes about what I did: http://nakedape.cc/wiki/index.cgi/CyrusImapNotes in case someone else wanders along this path... The biggest issue was that ctl_cyrusdb wasn't able to read my old mailboxes.db file; I reverted to my old installation and dumped the database to a flat file and it went okay. For some reason that I don't understand, I had to remove the /var/lib/imap/db directory for the rebuilding of the database to work correctly. If the version of db is different, you can't just expect to use the binary database files and logs. Dumping the contents to a text file, wiping the transaction logs, and then reloading them is the safest way. 'rehash full' did very strange things; it only created directories of A-Z, none of a-z and my own mailbox information was under 'I/' in both the mailbox spool and the '/var/lib/imap/user' directory. As a result, I had to disable 'hashimapspool', which Simon's RPMs enabled by default. You should have had A-W, not Z (23 is a prime to give better distribution of the hash values between directories) -- full hashing chooses a hash directory based on the complete mailbox name rather than just the first character. Traditional hashing tends to overload some directories while leaving others almost empty. mbpath will give you the path for the mailbox, or just ls -ld /cyrus/*/user/wcooley (for example). If you have less than a thousand mailboxes, there is no need to worry about hashing. Otherwise, you will likely get poor performance with long namei lookups. Finally, I have a customer that's a small ISP that's currently running 2.0.16. I'm going to upgrade regardless, just so I can bounce messages delivered through LMTP to boxes that are over-quota. However, I recurrent problem we have is with POP3 users (which everyone is) who lose their connection (usually because of problems with dial-up). The pop3d stays running and locks the mailbox for 15 minutes or so, causing lots of support calls and grumbling. I'm guessing the connection stays in TIME_WAIT for this period, but 15 minutes seems like a long time for it to stay open. I see the 'poptimeout' setting that might help, but even 10 minutes might be too long. (This 15 minutes could be only 10 minutes already; I'm just being told this by the guy who does support.) Will anything that's changed between 2.0.16 and 2.1.13 help assuage this problem? In this day, is there really any good reason to continue using POP? There are so many problems with it (including support issues when people downloaded their mail to one computer and wonder why they can't access it from another) it seems best to retire it. When the user calls up complaining about this, that gives you a perfect opening to convince them to move to IMAP. -- John A. Tamplin Unix System Administrator Emory University, School of Public Health +1 404/727-9931
Re: Several issues with 2.1.13
On Mon, 9 Jun 2003, Wil Cooley wrote: 'rehash full' did very strange things; it only created directories of A-Z, none of a-z and my own mailbox information was under 'I/' in both the mailbox spool and the '/var/lib/imap/user' directory. As a result, I had to disable 'hashimapspool', which Simon's RPMs enabled by default. This is exactly what is expected in a fulldirhash system. I have several messages that are GPG-signed (using PGP/MIME format) that were sent through a Mailman 2.1 server that will only show the footer appended by Mailman. I've looked at the message in the spool, and it's complete there. I turned on telemetry logging and found out that the entire message is not being sent over the IMAP connection; so it's the server and not just my client. I can make a copy of the message available if someone wants to verify (it's not a private message). I had this problem with 2.0.16 and still with 2.1.13. I don't seem to have this problem with other GPG-signed messages going through Mailman lists. Sending the message and logs would be helpful, but I won't promise anything. Even better, create a bug on bugzilla.andrew.cmu.edu. However, I recurrent problem we have is with POP3 users (which everyone is) who lose their connection (usually because of problems with dial-up). The pop3d stays running and locks the mailbox for 15 minutes or so, causing lots of support calls and grumbling. I'm guessing the connection stays in TIME_WAIT for this period, but 15 minutes seems like a long time for it to stay open. I see the 'poptimeout' setting that might help, but even 10 minutes might be too long. (This 15 minutes could be only 10 minutes already; I'm just being told this by the guy who does support.) Will anything that's changed between 2.0.16 and 2.1.13 help assuage this problem? No thing between the versions affected this behavior. You can try turning down the poptimeout setting (since most likely if they are getting disconnected it is just the idle timeout that is waiting for them). You can always stop having your people rudely disconnect, or encourage them to use IMAP clients. Using Cyrus as a POP-only server is sort of like using a semi-trailer to haul a bag of groceries. ;) -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: Several issues with 2.1.13
On Mon, 2003-06-09 at 12:53, John Alton Tamplin wrote: If the version of db is different, you can't just expect to use the binary database files and logs. Dumping the contents to a text file, wiping the transaction logs, and then reloading them is the safest way. That was sort of what I figured. You should have had A-W, not Z (23 is a prime to give better distribution of the hash values between directories) -- full hashing chooses a hash directory based on the complete mailbox name rather than just the first character. Traditional hashing tends to overload some directories while leaving others almost empty. Yeah, you're probably right; I just saw a directory full of capital letters and assumed it was all of them. I do recall prime-based hash functions being better. However, after I did the hash, imapd seemed to still be using the traditional first-letter-hash. I had this in my logs and couldn't open my mailboxes: Jun 8 17:51:46 rheingold imapd[14729]: IOERROR: opening /home/imap/w/user/wcooley/cyrus.header: No such file or directory mbpath will give you the path for the mailbox, or just ls -ld /cyrus/*/user/wcooley (for example). If you have less than a thousand mailboxes, there is no need to worry about hashing. Otherwise, you will likely get poor performance with long namei lookups. In this day, is there really any good reason to continue using POP? There are so many problems with it (including support issues when people downloaded their mail to one computer and wonder why they can't access it from another) it seems best to retire it. When the user calls up complaining about this, that gives you a perfect opening to convince them to move to IMAP. Our customers have a 10MB mail quota which they can fill up pretty quickly. We don't want them leaving their stuff on our server, and they want to be able to have their mail even when they're off-line (I know there's IMAP sync, but it's questionable how well supported it is, and I don't really want to try to explain it to customers). Wil -- Wil Cooley [EMAIL PROTECTED] Naked Ape Consultinghttp://nakedape.cc * * * * Linux, UNIX, Networking and Security Solutions * * * * * Tired of spam and viruses in your e-mail? Get the * * Naked Ape Mail Defender! http://nakedape.cc/r/maildefender * signature.asc Description: This is a digitally signed message part
Re: Several issues with 2.1.13
On Mon, 2003-06-09 at 13:01, Rob Siemborski wrote: On Mon, 9 Jun 2003, Wil Cooley wrote: 'rehash full' did very strange things; it only created directories of A-Z, none of a-z and my own mailbox information was under 'I/' in both the mailbox spool and the '/var/lib/imap/user' directory. As a result, I had to disable 'hashimapspool', which Simon's RPMs enabled by default. This is exactly what is expected in a fulldirhash system. Okay, but see my other message about imapd not looking in the right hashed directory. Sending the message and logs would be helpful, but I won't promise anything. Even better, create a bug on bugzilla.andrew.cmu.edu. Will do. I hadn't noticed the Bugzilla link before. No thing between the versions affected this behavior. You can try turning down the poptimeout setting (since most likely if they are getting disconnected it is just the idle timeout that is waiting for them). Will it actually allow me to set it below 10 minutes? You can always stop having your people rudely disconnect, or encourage them to use IMAP clients. Using Cyrus as a POP-only server is sort of like using a semi-trailer to haul a bag of groceries. ;) There's no way to clean up the phone lines in rural areas or to force people to buy good modems (although when they have lots of problems we recommend that they do). As I said in my other response to John, I don't think IMAP would work very well for our customers, and user-visible changes always cause lots of suffering--the support guy has to spend hours on the phone when we could have him doing better things and I have to listen to his complaining. There are other good reasons to use Cyrus, though. Wil -- Wil Cooley [EMAIL PROTECTED] Naked Ape Consultinghttp://nakedape.cc * * * * Linux, UNIX, Networking and Security Solutions * * * * * Tired of spam and viruses in your e-mail? Get the * * Naked Ape Mail Defender! http://nakedape.cc/r/maildefender * signature.asc Description: This is a digitally signed message part
Re: Several issues with 2.1.13
On Mon, 9 Jun 2003, Wil Cooley wrote: On Mon, 2003-06-09 at 13:01, Rob Siemborski wrote: On Mon, 9 Jun 2003, Wil Cooley wrote: 'rehash full' did very strange things; it only created directories of A-Z, none of a-z and my own mailbox information was under 'I/' in both the mailbox spool and the '/var/lib/imap/user' directory. As a result, I had to disable 'hashimapspool', which Simon's RPMs enabled by default. This is exactly what is expected in a fulldirhash system. Okay, but see my other message about imapd not looking in the right hashed directory. Right, apparently your binaries weren't built to deal with a fulldirhash system, but you ran the rehash command to use a fulldirhash system. No thing between the versions affected this behavior. You can try turning down the poptimeout setting (since most likely if they are getting disconnected it is just the idle timeout that is waiting for them). Will it actually allow me to set it below 10 minutes? Well, not in the default code base. RFC 1939 states: A POP3 server MAY have an inactivity autologout timer. Such a timer MUST be of at least 10 minutes' duration. The receipt of any command from the client during that interval should suffice to reset the autologout timer. I'm not going to recommend you run a non-complient server, but finding the place to fix this in pop3d.c shouldn't be very hard (Hint: search for poptimeout). There's no way to clean up the phone lines in rural areas or to force people to buy good modems (although when they have lots of problems we recommend that they do). Right, I was joking about that part ;) -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: Several issues with 2.1.13
Wil Cooley wrote: Yeah, you're probably right; I just saw a directory full of capital letters and assumed it was all of them. I do recall prime-based hash functions being better. However, after I did the hash, imapd seemed to still be using the traditional first-letter-hash. I had this in my logs and couldn't open my mailboxes: Jun 8 17:51:46 rheingold imapd[14729]: IOERROR: opening /home/imap/w/user/wcooley/cyrus.header: No such file or directory Then it sounds like your imapd was not compiled with --enable-fulldirhash. The argument to rehash should match however your imapd was compiled (and using someone else's package may make it hard to tell). Our customers have a 10MB mail quota which they can fill up pretty quickly. We don't want them leaving their stuff on our server, and they want to be able to have their mail even when they're off-line (I know there's IMAP sync, but it's questionable how well supported it is, and I don't really want to try to explain it to customers). Your call, but even when I worked at an ISP we had far more problems with customers who used POP than those that didn't. Also, reducing the Cyrus timeout isn't going to help clear the half-connected sockets in the kernel if the customers just disconnect without dropping all their TCP connections first. -- John A. Tamplin Unix System Administrator Emory University, School of Public Health +1 404/727-9931
Re: Several issues with 2.1.13
On Mon, 2003-06-09 at 13:52, Rob Siemborski wrote: Right, apparently your binaries weren't built to deal with a fulldirhash system, but you ran the rehash command to use a fulldirhash system. Yeah, duh. Re-RTFMing, I see Simon has in README.RPM: 4) Please note that this RPM uses 'basic' hashed imap spool per default. Fulldirhash is supported as build time option but the RPM does not rehash your mailspool when upgrading. You have to run rehash on your existing mailspool if you have changed the hashing mode. Now I understand the difference between 'basic' and 'full'. No thing between the versions affected this behavior. You can try turning down the poptimeout setting (since most likely if they are getting disconnected it is just the idle timeout that is waiting for them). Will it actually allow me to set it below 10 minutes? Well, not in the default code base. RFC 1939 states: A POP3 server MAY have an inactivity autologout timer. Such a timer MUST be of at least 10 minutes' duration. The receipt of any command from the client during that interval should suffice to reset the autologout timer. I'm not going to recommend you run a non-complient server, but finding the place to fix this in pop3d.c shouldn't be very hard (Hint: search for poptimeout). Got it. But John's probably right about the kernel keeping the sockets open. But we never had this problem with cucipop (that's what I always have to listen to: We didn't have this problem before blah blah blah). Somehow, even though cucipop locked the mailboxes, it was able to operate concurrently on them (somewhat), without stupidly making a whole copy, the way UW's pop3d did. There's no way to clean up the phone lines in rural areas or to force people to buy good modems (although when they have lots of problems we recommend that they do). Right, I was joking about that part ;) Yeah, I know :) It'll be a beautiful day when customers don't have all those needless disconnections. But no thoughts on the squatter problem? I saw in the archives other people reporting the same problem, but no responses to indicate why. Anything more I could do to help debug it? Research Systems Programmer * /usr/contributed Gatekeeper You might want to look at the couple scripts I wrote to replace the TCL-based ones in Managing IMAP: http://nakedape.cc/wiki/index.cgi/CyrusImapNotes Wil -- Wil Cooley [EMAIL PROTECTED] Naked Ape Consultinghttp://nakedape.cc * * * * Linux, UNIX, Networking and Security Solutions * * * * * Tired of spam and viruses in your e-mail? Get the * * Naked Ape Mail Defender! http://nakedape.cc/r/maildefender * signature.asc Description: This is a digitally signed message part
Re: Several issues with 2.1.13
Wil Cooley wrote: Got it. But John's probably right about the kernel keeping the sockets open. But we never had this problem with cucipop (that's what I always have to listen to: We didn't have this problem before blah blah blah). Somehow, even though cucipop locked the mailboxes, it was able to operate concurrently on them (somewhat), without stupidly making a whole copy, the way UW's pop3d did. Yikes -- I know nothing about cucipop, but allowing multiple POP clients to operate on the same mailbox at the same time is begging for problems, since the protocol doesn't have any of the features that would be needed to support concurrent access. Maybe they assumed that when that happened that it was because the other connection was dropped and they automatically dropped it (releasing any locks held), but that still seems very dangerous. -- John A. Tamplin Unix System Administrator Emory University, School of Public Health +1 404/727-9931
RE: Several issues with 2.1.13
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Wil Cooley Sent: Tuesday, 10 June 2003 9:23 a.m. To: [EMAIL PROTECTED] Subject: Re: Several issues with 2.1.13 Got it. But John's probably right about the kernel keeping the sockets open. But we never had this problem with cucipop (that's what I always Do you really care about the kernel keeping the sockets open? You *probably* have plenty of them available, user who got disconnected will *probably* get new IP address assigned when he next time dials-in and he'll be able to download his e-mail, at least from the kernel TCP/IP stack perspective, assuming that pop3d is working ok. Or am I missing something here? Best regards, Bojan Zdrnja
remotepurge from cron
Greets. In Cyrus IMAPd 2.0.11 ... The remotepurge doesn't seem to let you set a passwd via the ENV or from the command line. I'm wondering how others avoid the passwd prompt and run it out of cron. I'm looking to use the remotepurge tool to delete all 'old posts' to a shared mailbox. I assume this is what it was designed for :) -- Scott Russell [EMAIL PROTECTED] IBM Linux Technology Center, System Admin pgp0.pgp Description: PGP signature
Re: Several issues with 2.1.13
On Mon, 9 Jun 2003, Wil Cooley wrote: Research Systems Programmer * /usr/contributed Gatekeeper You might want to look at the couple scripts I wrote to replace the TCL-based ones in Managing IMAP: http://nakedape.cc/wiki/index.cgi/CyrusImapNotes I don't believe anything in Managing IMAP, since it's written about Cyrus v1, which is ancient ;) -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: remotepurge from cron
On Mon, 9 Jun 2003, Scott Russell wrote: The remotepurge doesn't seem to let you set a passwd via the ENV or from the command line. I'm wondering how others avoid the passwd prompt and run it out of cron. Kerberos ;) Patches welcome. I'm looking to use the remotepurge tool to delete all 'old posts' to a shared mailbox. I assume this is what it was designed for :) Yup. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: remotepurge from cron
Scott Russell wrote: Greets. In Cyrus IMAPd 2.0.11 ... The remotepurge doesn't seem to let you set a passwd via the ENV or from the command line. I'm wondering how others avoid the passwd prompt and run it out of cron. I'm looking to use the remotepurge tool to delete all 'old posts' to a shared mailbox. I assume this is what it was designed for :) You could take a look at ipurge (assuming its available in 2.0.x) and run it as an EVENT in cyrus.conf. -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp
Re: Several issues with 2.1.13
On Mon, 2003-06-09 at 16:15, Rob Siemborski wrote: On Mon, 9 Jun 2003, Wil Cooley wrote: Research Systems Programmer * /usr/contributed Gatekeeper You might want to look at the couple scripts I wrote to replace the TCL-based ones in Managing IMAP: http://nakedape.cc/wiki/index.cgi/CyrusImapNotes I don't believe anything in Managing IMAP, since it's written about Cyrus v1, which is ancient ;) Well, that's why I wrote replacements :) The Perl scripts he provides still work and with my replacements, you can effectively convert a system from mbox mailboxes to Cyrus. At least, I did for 2.0.16. Oh, now that I look at the source, I see the scripts from the book aren't actually in contrib/; they're just packaged with Simon's RPMs. Guess I should be talking to him. Wil -- Wil Cooley [EMAIL PROTECTED] Naked Ape Consultinghttp://nakedape.cc * * * * Linux, UNIX, Networking and Security Solutions * * * * * Tired of spam and viruses in your e-mail? Get the * * Naked Ape Mail Defender! http://nakedape.cc/r/maildefender * signature.asc Description: This is a digitally signed message part
Re: remotepurge from cron
On Mon, Jun 09, 2003 at 07:19:29PM -0400, Rob Siemborski wrote: On Mon, 9 Jun 2003, Scott Russell wrote: The remotepurge doesn't seem to let you set a passwd via the ENV or from the command line. I'm wondering how others avoid the passwd prompt and run it out of cron. Kerberos ;) Patches welcome. I suck at C or the patch would have been attached. This gives me a 30 day window to write a perl script I guess. :) -- Scott Russell [EMAIL PROTECTED] IBM Linux Technology Center, System Admin pgp0.pgp Description: PGP signature
Re: remotepurge from cron
On Mon, Jun 09, 2003 at 07:21:38PM -0400, Ken Murchison wrote: Scott Russell wrote: Greets. In Cyrus IMAPd 2.0.11 ... I'm looking to use the remotepurge tool to delete all 'old posts' to a shared mailbox. I assume this is what it was designed for :) You could take a look at ipurge (assuming its available in 2.0.x) and run it as an EVENT in cyrus.conf. Duh. That should have been 2.1.11. The ipurge man page looks like what I needed. Thanks for the pointer. -- Scott Russell [EMAIL PROTECTED] IBM Linux Technology Center, System Admin pgp0.pgp Description: PGP signature
Murder and another IMAP server than cyrus-imapd
Hi, Can I using another IMAP server than cyrus-imapd with cyrus-murder ? If not, how can I add a IMAP proxy for remote IMAP server to my local IMAP server ? Best regards, -- Raphaël SurcouF Bordet [EMAIL PROTECTED]