Re: Summary/Confirmation - RedHat sasl libraries don't work with 2.2.x
Sorry, you are right -- I failed to qualify that. On Wed, Oct 01, 2003 at 08:50:00AM +0200, Simon Matter wrote: > Joe Rhett schrieb: > > > > I'd like to note for the record (and anyone else searching) that the sasl > > that ships with Redhat WILL NOT work with 2.2.1. It returns OK with an > > empty realm. For unknown reasons, Cyrus then returns an > > "Login failed: can't request info until later in exchange" > > > > I'm not sure why Cyrus 2.2.1 is unhappy with the OK response, but it is. > > IIRC this is only the case when authenticating using saslauthd, not when > using sasldb. > > Simon > > > > > As per the only thread I could find on this subject, upgrading to sasl 2.1.15 > > solved the problem. I left the Redhat plugins and saslauthd in place, just > > replaced the shared library and it works. So Rob's suggestion was correct. > > (Sorry, can't find the original thread handy) > > > > Can someone with a RedHat contract persuade them to provide updates from > > 2.1.10-3 to 2.1.15 ? > > > > As stated above, I'm just reaffirming this for other searchers. When I'm > > searching for solutions to problems, I always appreciate finding confirmation > > that a problem was replicable. > > > > -- > > Joe Rhett Chief Geek > > [EMAIL PROTECTED] Isite Services, Inc. -- Joe Rhett Chief Geek [EMAIL PROTECTED] Isite Services, Inc.
Re: What do you call the layer that Cyrus IMAP fills?
On Wed, 2003-10-01 at 15:19, Pat Lashley wrote: > 'Mail spool' is usually used to indicate storage of outgoing messages; > or incoming messages that are awaiting relay or final delivery. I believe > that 'mail store' is the more accurate term. I agree about 'mail spool', but 'mail store' itself I think describes a component of the MPA--how the MPA stores and indexes the mail, be it the Cyrus databases, Maildir, mbox, an SQL database, etc. Wil -- Wil Cooley [EMAIL PROTECTED] Naked Ape Consultinghttp://nakedape.cc * * * * Linux, UNIX, Networking and Security Solutions * * * * * Tired of spam and viruses in your e-mail? Get the * * Naked Ape Mail Defender! http://nakedape.cc/r/maildefender * signature.asc Description: This is a digitally signed message part
Re: What do you call the layer that Cyrus IMAP fills?
--On Wednesday, October 01, 2003 18:49:12 -0300 Henrique de Moraes Holschuh <[EMAIL PROTECTED]> wrote: On Wed, 01 Oct 2003, Wil Cooley wrote: In common parlance, we have the MTA, the LDA, and the MUA, but we don't seem to have a name or TLA for the layer between the LDA and the MUA--the POP or IMAP server. At least, I don't know of one. Or is it really the LDA? Well, I call it "the mail spool" in all my design documents... 'Mail spool' is usually used to indicate storage of outgoing messages; or incoming messages that are awaiting relay or final delivery. I believe that 'mail store' is the more accurate term. -Pat
Re: What do you call the layer that Cyrus IMAP fills?
On Wed, 01 Oct 2003, Wil Cooley wrote: > In common parlance, we have the MTA, the LDA, and the MUA, but we don't > seem to have a name or TLA for the layer between the LDA and the > MUA--the POP or IMAP server. At least, I don't know of one. Or is it > really the LDA? Well, I call it "the mail spool" in all my design documents... -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh
Re: Murder Authentication Methods
Rob Siemborski wrote: On Wed, 1 Oct 2003, anthony mayes wrote: We would like to implement a murder including 2 frontends and 3+ backends in a switched (or vpn) environment. After reading the cyrus-info archives and the documents included in the Cyrus source, we are unclear about the authentication process between the front and the back ends. We would like to avoid using Kerberos if at all possible being as we do not have an existing Kerberos installation. What authentication methods would be best suited for this environment? Kerberos is best suited to this enviornment. Seriously, it's deseigned to let services authenticate to eachother. The murder has also been extensively tested in a Kerberos enviornment, and testing in other enviornments has been incidental at best. Failing that, DIGEST-MD5 or PLAIN+TLS (in Cyrus 2.2) are your best bets. Since we are in a sealed environment, we would like to try using DIGEST-MD5 (at least for testing). It would be very much appreciated if someone would share their configuration files with us. Thanks in advance. -- Anthony Mayes UNIX Server Administration Southern Illinois University Edwardsville [EMAIL PROTECTED]
Re: Murder Authentication Methods
On Wed, 1 Oct 2003, Etienne Goyer wrote: > Replace 'backend1' and 'backend2' with the actual name of your backend. > Also, the user specified in 'proxy_authname' must be authenticable on > the backend (by auxprop, most likely, since it connect with DIGEST-MD5). > > A question : is the 'proxy_authname' required to be admin on the > backend? Could it be just in proxyservers ? Yes. That's the idea, in fact. However this causes some design headaches (regarding the treatment of admin users). Namely, top level creates need to be issued directly to the appropriate backend. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: Murder Authentication Methods
On Wed, Oct 01, 2003 at 02:24:04PM -0500, anthony mayes wrote: > We would like to implement a murder including 2 frontends and 3+ > backends in a switched (or vpn) environment. After reading the > cyrus-info archives and the documents included in the Cyrus source, we > are unclear about the authentication process between the front and the > back ends. We would like to avoid using Kerberos if at all possible > being as we do not have an existing Kerberos installation. What > authentication methods would be best suited for this environment? The frontend authenticate to the backend as a special users, defined as the 'proxy_authname' on the frontend. The revelant part of imapd.conf on the frontend would look like : proxy_authname: proxy backend1_password: * backend1_mechs: DIGEST-MD5 backend2_password: * backend2_mechs: DIGEST-MD5 Replace 'backend1' and 'backend2' with the actual name of your backend. Also, the user specified in 'proxy_authname' must be authenticable on the backend (by auxprop, most likely, since it connect with DIGEST-MD5). A question : is the 'proxy_authname' required to be admin on the backend? Could it be just in proxyservers ? -- Etienne GoyerLinux Québec Technologies Inc. http://www.LinuxQuebec.com [EMAIL PROTECTED]
Re: Murder Authentication Methods
On Wed, 1 Oct 2003, anthony mayes wrote: > We would like to implement a murder including 2 frontends and 3+ > backends in a switched (or vpn) environment. After reading the > cyrus-info archives and the documents included in the Cyrus source, we > are unclear about the authentication process between the front and the > back ends. We would like to avoid using Kerberos if at all possible > being as we do not have an existing Kerberos installation. What > authentication methods would be best suited for this environment? Kerberos is best suited to this enviornment. Seriously, it's deseigned to let services authenticate to eachother. The murder has also been extensively tested in a Kerberos enviornment, and testing in other enviornments has been incidental at best. Failing that, DIGEST-MD5 or PLAIN+TLS (in Cyrus 2.2) are your best bets. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Murder Authentication Methods
We would like to implement a murder including 2 frontends and 3+ backends in a switched (or vpn) environment. After reading the cyrus-info archives and the documents included in the Cyrus source, we are unclear about the authentication process between the front and the back ends. We would like to avoid using Kerberos if at all possible being as we do not have an existing Kerberos installation. What authentication methods would be best suited for this environment? -- Anthony Mayes UNIX Server Administration Southern Illinois University Edwardsville [EMAIL PROTECTED]
RE: reconstrucing mailbox ?
Etienne Goyer wrote: > All the file in a particuliar mailbox, including indexes, had been > deleted by hand, so that the directory in the spool > (/var/imap/spool/part1/user/test) is empty. [...] > sudo -u cyrus /usr/cyrus/bin/reconstruct > /var/imap/spool/part1/user/test > > but the cyrus.[cache|header|index] does reappear. Did I missed > something ? See this thread, it may help you: http://marc.theaimsgroup.com/?l=info-cyrus&m=106209239511551&w=2 ___ Michael Sims Project Analyst - Information Technology Crye-Leike Realtors Office: (901)758-5648 Pager: (901)769-3722 ___
reconstrucing mailbox ?
Here's an easy question ... All the file in a particuliar mailbox, including indexes, had been deleted by hand, so that the directory in the spool (/var/imap/spool/part1/user/test) is empty. Obviously, this break many thing and cyradm refuse to delete this mailbox with a IO error. My guess was that reconstruct was that the tool to use to rebuild the lost index. I tried : sudo -u cyrus /usr/cyrus/bin/reconstruct /var/imap/spool/part1/user/test but the cyrus.[cache|header|index] does reappear. Did I missed something ? -- Etienne GoyerLinux Québec Technologies Inc. http://www.LinuxQuebec.com [EMAIL PROTECTED]
What do you call the layer that Cyrus IMAP fills?
In common parlance, we have the MTA, the LDA, and the MUA, but we don't seem to have a name or TLA for the layer between the LDA and the MUA--the POP or IMAP server. At least, I don't know of one. Or is it really the LDA? Hm, a little Google turned up this message[1] calling it an MPA--"mail presentation agent". However, subsequent searches for "mail presentation agent" yield minimal results, and no results when searching for both MPA and "mail presentation agent". Searching the Zvon[2] RFC archive similarly yields nothing related (although there are uses of the "MPA" acronym, but in context of MPEG and ATM). 1. http://dovecot.procontrol.fi/list/dovecot/2003-August/002114.html 2. http://www.zvon.org/tmRFC/RFC_share/Output/index.html So clearly "MPA" isn't in wide use. Should it be? If so, why isn't it? Wil -- Wil Cooley [EMAIL PROTECTED] Naked Ape Consultinghttp://nakedape.cc * * * * * * Linux Services for Small Businesses * * * * * * * Easy, reliable solutions for small businesses * *Naked Ape Business Server http://nakedape.cc/r/sms * signature.asc Description: This is a digitally signed message part
Re: Problematic error checking in lmtpd.c
On Wed, 1 Oct 2003, Michael Bacon wrote: > The following is a diff against 2.0.17, just because it was what I had > handy, but the code appears to be roughly the same in the current CVS. > This seems to fix it, but there may be better ways to go about it that I > haven't considered. Yeah, this is a bug. I'm going to change the fix though -- instead I'm going to have open_sendmail set sm to NULL if sm_pid < 0. That way there's still only one error condition for the caller to check... Though probably it should always return -1 in case of failure and we should check that instead. Patch will be in CVS shortly. -Rob Index: lmtpd.c === RCS file: /afs/andrew.cmu.edu/system/cvs/src/cyrus/imap/lmtpd.c,v retrieving revision 1.118 diff -u -r1.118 lmtpd.c --- lmtpd.c 13 Aug 2003 18:39:38 - 1.118 +++ lmtpd.c 1 Oct 2003 18:15:53 - @@ -384,7 +384,14 @@ printf("451 lmtpd: didn't exec?!?\r\n"); fatal("couldn't exec", EC_OSERR); } -/* i'm the parent */ + +if(p < 0) { + /* failure */ + *sm = NULL; + return p; +} + +/* parent */ close(fds[0]); ret = fdopen(fds[1], "w"); *sm = ret; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Problematic error checking in lmtpd.c
Hello, folks, We've got a post office that sporadically goes into states where it gets about 4 or 5 lmtpd processes eating huge amounts of CPU time. After spending some quality time with my debugger and a stack of core files, I think I've found the issue. Somehow, we're getting into a state where the fork() call in open_sendmail() [lmtpd.c] fails and returns -1, but the subsequent fdopen() succeeds and returns something other than NULL. The return values of these two functions get passed back to the calling funciton as sm_pid and sm, respectively. In the three instances where open_sendmail() is called, the calling function checks to ensure that sm is not NULL, but does not check to ensure that sm_pid is positive. As such, in the instances of the runaway lmtpds that we've seen, sm_pid comes back as -1, and is subsequently passed to waitpid(). Because of the special symantecs of waitpid(), this causes the process to request status for any child in the same process group as init. No wonder it's eating so much CPU time! The following is a diff against 2.0.17, just because it was what I had handy, but the code appears to be roughly the same in the current CVS. This seems to fix it, but there may be better ways to go about it that I haven't considered. Thanks, Michael Bacon OIT Systems and Core Services Duke University diff -u -r1.63.2.2 lmtpd.c --- lmtpd.c 21 Aug 2001 17:50:12 - 1.63.2.2 +++ lmtpd.c 1 Oct 2003 17:49:56 - @@ -498,7 +498,7 @@ smbuf[4] = rejto; smbuf[5] = NULL; sm_pid = open_sendmail(smbuf, &sm); -if (sm == NULL) { +if ( (sm == NULL) || (sm_pid < 1) ) { return -1; } @@ -582,7 +582,7 @@ smbuf[5] = NULL; sm_pid = open_sendmail(smbuf, &sm); -if (sm == NULL) { +if ( (sm == NULL) || (sm_pid < 1) ) { return -1; } @@ -827,7 +827,7 @@ smbuf[4] = src->addr; smbuf[5] = NULL; sm_pid = open_sendmail(smbuf, &sm); -if (sm == NULL) { +if ( (sm == NULL) || (sm_pid < 1) ) { *errmsg = "Could not spawn sendmail process"; return -1; }
Re: Sieve outgoing mail sorting question.
On Wed, 1 Oct 2003, Denis V. Suhanov wrote: > Is there a way to use sieve for sorting an outgoing mail? For example, I > have folders user.test.work.received and user.test.work.sent and want > all work-related incoming mail to go to the user.test.work.received > (this part works just fine) but also all outgoing mail to go to > user.test.work.sent? I am not sure what is the right way to do it. I > tried something like this: > > if allof(header :contains "from" "[EMAIL PROTECTED]", > header :contains "to" "workdomain.com") { >fileinto "work.sent"; > } If you can configure your MUA to do it without sieve, do that... Otherwise, you might be able to simulate it by configuring your MUA to send you a copy of the message like To: [EMAIL PROTECTED] Bcc: [EMAIL PROTECTED] and then have sieve filter on that address. It's clunky but its the only way to get sieve to do this (it only filters on mail delivered via LMTP--not IMAP). -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: SASL mechanism PLAIN advertising in IMAP capabilites
PLAIN is not allowed to be advertised without a security layer present. Start a TLS session and it should be advertised. On Wed, 1 Oct 2003, Earl R Shannon wrote: > Hello, > > I'm getting confused. I'm trying to have AUTH=PLAIN show > up in the response to a capability query of the IMAP server. > Here is what I currently get: > > /var/log # telnet uni99map 143 > Trying 152.1.4.242... > Connected to uni99map.unity.ncsu.edu. > Escape character is '^]'. > * OK uni99map.unity.ncsu.edu Cyrus IMAP4 v2.1.13 server ready > 0 capability > * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT > THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS > MUPDATE=mupdate://uni99map.unity.ncsu.edu/ AUTH=GSSAPI AUTH=KERBEROS_V4 > LISTEXT LIST-SUBSCRIBED ANNOTATEMORE > 0 OK Completed > > Note that only GSSAPI and KERBEROS_V4 show up. > > In the imapd.conf file I have: > > sasl_pwcheck_method: saslauthd > sasl_saslauthd_path: /local/sasl/var/mux > sasl_mech_list: PLAIN GSSAPI KERBEROS_V4 > allowplaintext: yes > > Libraries in /usr/lib/sasl2 are: > /usr/lib # ls /usr/lib/sasl2/ > . libcrammd5.so.2 libgssapiv2.so.2.0.10 > liblogin.so.2.0.0 libplain.so.2 > .. libcrammd5.so.2.0.13libgssapiv2.so.2.0.13 > liblogin.so.2.0.10 libplain.so.2.0.0 > libanonymous.la libdigestmd5.la libkerberos4.la > libotp.la libplain.so.2.0.10 > libanonymous.so libdigestmd5.so libkerberos4.so > libotp.so libplain.so.2.0.13 > libanonymous.so.2 libdigestmd5.so.2 libkerberos4.so.2 > libotp.so.2 libsasldb.la > libanonymous.so.2.0.0 libdigestmd5.so.2.0.13 libkerberos4.so.2.0.0 > libotp.so.2.0.0 libsasldb.so > libanonymous.so.2.0.10 libgssapiv2.la libkerberos4.so.2.0.10 > libotp.so.2.0.10libsasldb.so.2 > libanonymous.so.2.0.13 libgssapiv2.so liblogin.la > libotp.so.2.0.13libsasldb.so.2.0.10 > libcrammd5.la libgssapiv2.so.2liblogin.so libplain.la > libsasldb.so.2.0.13 > libcrammd5.so libgssapiv2.so.2.0.0liblogin.so.2 libplain.so > > If I remove the sasl_mech_list line from the imapd.conf file > DIGEST-MD5, CRAM-MD5, and OTP are also advertised: > > var/log # telnet uni99map 143 > Trying 152.1.4.242... > Connected to uni99map.unity.ncsu.edu. > Escape character is '^]'. > * OK uni99map.unity.ncsu.edu Cyrus IMAP4 v2.1.13 server ready > 0 capability > * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT > THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS > MUPDATE=mupdate://uni99map.unity.ncsu.edu/ AUTH=DIGEST-MD5 AUTH=CRAM-MD5 > AUTH=GSSAPI AUTH=KERBEROS_V4 AUTH=OTP LISTEXT LIST-SUBSCRIBED ANNOTATEMORE > 0 OK Completed > > But still no PLAIN. > > Heres a uname -a: > SunOS uni99map.unity.ncsu.edu 5.7 Generic_106541-15 sun4u sparc > SUNW,Ultra-1 IMAP version is 2.1.13 (as in the capability response ) > and sasl is 2.1.13 > > Am I missing something here? > > Regards, > Earl Shannon > > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
SASL mechanism PLAIN advertising in IMAP capabilites
Hello, I'm getting confused. I'm trying to have AUTH=PLAIN show up in the response to a capability query of the IMAP server. Here is what I currently get: /var/log # telnet uni99map 143 Trying 152.1.4.242... Connected to uni99map.unity.ncsu.edu. Escape character is '^]'. * OK uni99map.unity.ncsu.edu Cyrus IMAP4 v2.1.13 server ready 0 capability * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS MUPDATE=mupdate://uni99map.unity.ncsu.edu/ AUTH=GSSAPI AUTH=KERBEROS_V4 LISTEXT LIST-SUBSCRIBED ANNOTATEMORE 0 OK Completed Note that only GSSAPI and KERBEROS_V4 show up. In the imapd.conf file I have: sasl_pwcheck_method: saslauthd sasl_saslauthd_path: /local/sasl/var/mux sasl_mech_list: PLAIN GSSAPI KERBEROS_V4 allowplaintext: yes Libraries in /usr/lib/sasl2 are: /usr/lib # ls /usr/lib/sasl2/ . libcrammd5.so.2 libgssapiv2.so.2.0.10 liblogin.so.2.0.0 libplain.so.2 .. libcrammd5.so.2.0.13libgssapiv2.so.2.0.13 liblogin.so.2.0.10 libplain.so.2.0.0 libanonymous.la libdigestmd5.la libkerberos4.la libotp.la libplain.so.2.0.10 libanonymous.so libdigestmd5.so libkerberos4.so libotp.so libplain.so.2.0.13 libanonymous.so.2 libdigestmd5.so.2 libkerberos4.so.2 libotp.so.2 libsasldb.la libanonymous.so.2.0.0 libdigestmd5.so.2.0.13 libkerberos4.so.2.0.0 libotp.so.2.0.0 libsasldb.so libanonymous.so.2.0.10 libgssapiv2.la libkerberos4.so.2.0.10 libotp.so.2.0.10libsasldb.so.2 libanonymous.so.2.0.13 libgssapiv2.so liblogin.la libotp.so.2.0.13libsasldb.so.2.0.10 libcrammd5.la libgssapiv2.so.2liblogin.so libplain.la libsasldb.so.2.0.13 libcrammd5.so libgssapiv2.so.2.0.0liblogin.so.2 libplain.so If I remove the sasl_mech_list line from the imapd.conf file DIGEST-MD5, CRAM-MD5, and OTP are also advertised: var/log # telnet uni99map 143 Trying 152.1.4.242... Connected to uni99map.unity.ncsu.edu. Escape character is '^]'. * OK uni99map.unity.ncsu.edu Cyrus IMAP4 v2.1.13 server ready 0 capability * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS MUPDATE=mupdate://uni99map.unity.ncsu.edu/ AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=GSSAPI AUTH=KERBEROS_V4 AUTH=OTP LISTEXT LIST-SUBSCRIBED ANNOTATEMORE 0 OK Completed But still no PLAIN. Heres a uname -a: SunOS uni99map.unity.ncsu.edu 5.7 Generic_106541-15 sun4u sparc SUNW,Ultra-1 IMAP version is 2.1.13 (as in the capability response ) and sasl is 2.1.13 Am I missing something here? Regards, Earl Shannon
Re: Sieve interface for spam filtering scripts?
On Wed, 1 Oct 2003 17:30:07 +0100 Patrick Welche <[EMAIL PROTECTED]> wrote: > Just one note for avelsieve, Yes, that is also in the TODO, but let's not get that off-topic here, squirrelmail-plugins is the place. :) Cheers, Alexandros
Sieve outgoing mail sorting question.
Hello, Is there a way to use sieve for sorting an outgoing mail? For example, I have folders user.test.work.received and user.test.work.sent and want all work-related incoming mail to go to the user.test.work.received (this part works just fine) but also all outgoing mail to go to user.test.work.sent? I am not sure what is the right way to do it. I tried something like this: if allof(header :contains "from" "[EMAIL PROTECTED]", header :contains "to" "workdomain.com") { fileinto "work.sent"; } (I am using altnamespace, so INBOX.work.sent is not supposed to work here, right?) but it does not work, the mail still appears in default 'Sent' folder (the on is used by MUA). Thanks a lot for your comments. Sincerely yours, Denis
Re: Sieve interface for spam filtering scripts?
On Wed, Oct 01, 2003 at 12:33:01PM +0300, Alexandros Vellis wrote: > On Wed, 1 Oct 2003 00:33:33 +0100 (BST) > "Mike Brodbelt" <[EMAIL PROTECTED]> wrote: > > > > Squirrelmail has a sieve plugin. Maybe give that a try ;) > > > > I'll second that. I'm using Squirrelmail and the sieve plugin in > > production, and can vouch for it. > > In my TODO list there has been an entry for "ready-made" rules for a > long time; I'm planning to implement this probably in the next (major?) > release. It will essentially let the user click on "Add Spam Rule" or > something equivalent, and an administrator-defined spam rule will be > created in a snap. > > I'm still looking into the options that this kind of simplified rule > could offer to Joe User, or any other possibilities for "ready-made", > site-specific rules, for that matter. Now realise I sent a pointless reply to an earlier message.. Just one note for avelsieve, the original poster mentioned "X-Spam-Status: Yes" and X-Spam-Status doesn't appear in the headers array of config.php, at least not the version I have. So, for those who don't feel like editing config.php, could a text box for typing the header name be feasible in avelsieve, rather than just the drop down menu for headers? Cheers, Patrick
Re: Sieve interface for spam filtering scripts?
On Tue, Sep 30, 2003 at 12:44:12PM -0700, Pat Lashley wrote: .. > I'll also be checking out Websieve, Smartsieve, and "damn, none of > these do what I want so I'll have to roll my own". .. and the avelsieve plugin to squirrelmail.. Cheers, Patrick
Problem Make perl imap ld
Is there anybody to help me ?? I try to compile Cyrus 2.2.1 on AIX 5.2. I got this error in perl/imap : Running Mkbootstrap for Cyrus::IMAP () chmod 644 IMAP.bs rm -f blib/arch/auto/Cyrus/IMAP/IMAP.so LD_RUN_PATH="/lib:/usr/local/lib:/opt/freeware/lib" ld -bhalt:4 -bM:SRE -bI:/usr/opt/perl5/lib/5.8.0/aix-thread-multi/CORE/perl.exp -bE:IMAP.exp -bnoentry -lpthreads -lc_r IMAP.o -o blib/arch/auto/Cyrus/IMAP/IMAP.so ../../lib/libcyrus.a ../../lib/libcyrus_min.a -ldb-3.3 -L/usr/local/lib -lsasl2 -L/opt/freeware/lib -L/opt/freeware/lib -lssl -lcrypto ld: 0711-317 ERROR: Undefined symbol: .__eprintf ld: 0711-345 Use the -bloadmap or -bnoquiet option to obtain more information. make: 1254-004 The error code from the last command is 8. I haven't found anything about this ! Fred
Re: mailboxes.db problem cont.
Many thanks to Scott Adkins and Joe Hrbek for all of their help. Here are a couple of scripts that I wrote to rebuild the mailboxes.db. The scripts do not take into account default domain, basic or no directory hashing, multiple partitions, and possibly other things, but I figured they might give someone a head start if they run into this problem. shell script "repairMBoxDB" #!/bin/sh #stop Cyrus imapd before running this script #get the directories ls -R /var/spool/imap/* | grep "/" > /bin/scripts/mboxRepair/directories #run perl repair script (this doesn't actually do any repairing) /bin/scripts/mboxRepair/mboxRepair.pl #cp the file to Cyrus' home directory and change the ownership cp /bin/scripts/mboxRepair/newMBoxList /home/cyrus/ chown cyrus:mail /home/cyrus/newMBoxList #save off the current mailboxes.db mv /var/imap/mailboxes.db /var/imap/mailboxes.db.backup #import the new mailbox list su - cyrus -c "umask 077 ; /usr/cyrus/bin/ctl_mboxlist -u < /home/cyrus/newMBoxList" #EOF perl script mboxRepair.pl #!/usr/bin/perl &openDirectoriesFile; &rewriteFormat; &scriptExit; sub openDirectoriesFile { my ($lSuccess, $lName); $lName = "directories"; $lSuccess = open (fhDirectories, "/bin/scripts/mboxRepair/$lName"); if (!$lSuccess) { print "Didn't open " . $lName . ": $!\n"; &scriptExit (); } } sub scriptExit { close (fhDirectories); close (fhNewMBoxList); exit(); } sub rewriteFormat { my ($lSuccess, $lNewLine, $lCount, $lArrayCount, $lSortedCount); my (@lArray, @lUnsortedArray, @lSortedArray); $lName = "newMBoxList"; $lSuccess = open (fhNewMBoxList, ">/bin/scripts/mboxRepair/$lName"); if (!$lSuccess) { print "Didn't open " . $lName . ": $!\n"; &scriptExit (); } $lArrayCount = 0; while(){ chomp; # no newline s/#.*//; # no comments s/^\s+//; # no leading white s/\s+$//; # no trailing white next if ($_ =~ m/\/mail:$/); # no lines ending with /mail: s/:$//;# no ending colons s/^\/var\/spool\/imap\///; # no /var/spool/imap/ next if ($_ !~ m/\//); # get rid of any line that doesn't have a / s/domain\/[A-Z]//; # get rid of domain/A, domain/B, domain/C, etc. s/^\///; # no / at the beginning of a line next if ($_ !~ m/\//); # get rid of any line that doesn't have a / next if ($_ !~ m/\/user\//); # get rid of any line that doesn't have /user next unless length;# anything left? @lArray = split ("/", $_); $lNewLine = sprintf ("%s!%s.%s", $lArray[0], $lArray[2], $lArray[3]); $lCount = 4; while ($lArray[$lCount]) { $lNewLine = sprintf ("%s.%s", $lNewLine, $lArray[$lCount]); $lCount++; } #now we are going to put it into an array so we can sort it $lUnsortedArray[$lArrayCount] = $lNewLine; $lArrayCount++; } @lSortedArray = sort { $a cmp $b } @lUnsortedArray; #now take the sorted array and put it in the proper format and #write it to a file while ($lSortedArray[$lSortedCount]) { @lArray = split (/\./, $lSortedArray[$lSortedCount]); $lArray[2] =~ s/\^/\./; my @lDomain = split (/!/, $lSortedArray[$lSortedCount]); $lNewLine = sprintf ("[EMAIL PROTECTED]", $lSortedArray[$lSortedCount], $lArray[2], $lDomain[0]); print fhNewMBoxList "" . $lNewLine . "\n";# write to a new file $lSortedCount++; } } On Mon, 2003-09-29 at 08:52, Hank Beatty wrote: > It was indeed the tab at the end of each line that caused the problem. I > added the tab to the end of each line and implemented it about 3 PM > Saturday afternoon and brought the server back on line. > > On Sun, 2003-09-28 at 12:14, Rob Siemborski wrote: > > On Sat, 27 Sep 2003, Hank Beatty wrote: > > > > > Took dir.txt and converted it to the format of mboxlist file (except for > > > the tab on the end of each line. Not sure if this caused a problem) > > > > This will likely cause a problem with the ACLs. > > > > > The above steps got POP working, but IMAP gives ???Mailbox does not > > > exist??? when trying to select the ???INBOX??? using squirrelmail. > > > > I suspect this can be caused by a munged ACL. > > > > > I also tried using the reconstruct command before and after moving the > > > mailboxes.db to no avail. At this point I???m thinking of writing the > > > ???m option of reconstruct unless anyon
Re: Sieve interface for spam filtering scripts?
On Wed, 1 Oct 2003 00:33:33 +0100 (BST) "Mike Brodbelt" <[EMAIL PROTECTED]> wrote: > > Squirrelmail has a sieve plugin. Maybe give that a try ;) > > I'll second that. I'm using Squirrelmail and the sieve plugin in > production, and can vouch for it. In my TODO list there has been an entry for "ready-made" rules for a long time; I'm planning to implement this probably in the next (major?) release. It will essentially let the user click on "Add Spam Rule" or something equivalent, and an administrator-defined spam rule will be created in a snap. I'm still looking into the options that this kind of simplified rule could offer to Joe User, or any other possibilities for "ready-made", site-specific rules, for that matter. -- Alexandros Vellis University of Athens [EMAIL PROTECTED] Network Operations Centre http://www.noc.uoa.gr/~avel/ Public Key: http://www.noc.uoa.gr/~avel/gpgkey.asc pgp0.pgp Description: PGP signature
Problems with pop access
I am using cyrus imapd 2.1.13 on redhat 9.0 with saslauthd and pam_ldap for authentication Most of my users are using pop access but sometimes the server just refuses connection, or accepts connection and delivers mail but does not delete mail from the server. I restart cyrus and things start working fine If such a thing happens How do I start cyrus in a debug mode so that I can see what is going wrong Thanks Ram
Re: Summary/Confirmation - RedHat sasl libraries don't work with 2.2.x
Joe Rhett schrieb: > > I'd like to note for the record (and anyone else searching) that the sasl > that ships with Redhat WILL NOT work with 2.2.1. It returns OK with an > empty realm. For unknown reasons, Cyrus then returns an > "Login failed: can't request info until later in exchange" > > I'm not sure why Cyrus 2.2.1 is unhappy with the OK response, but it is. IIRC this is only the case when authenticating using saslauthd, not when using sasldb. Simon > > As per the only thread I could find on this subject, upgrading to sasl 2.1.15 > solved the problem. I left the Redhat plugins and saslauthd in place, just > replaced the shared library and it works. So Rob's suggestion was correct. > (Sorry, can't find the original thread handy) > > Can someone with a RedHat contract persuade them to provide updates from > 2.1.10-3 to 2.1.15 ? > > As stated above, I'm just reaffirming this for other searchers. When I'm > searching for solutions to problems, I always appreciate finding confirmation > that a problem was replicable. > > -- > Joe Rhett Chief Geek > [EMAIL PROTECTED] Isite Services, Inc.