我白天還是一個學生晚上在這裡兼差
Title: 無標題文件
Re: Cyrus IMAP, sendmail and LDAP
John, Thanks again, I wound up just using the socket map option w/ cyrus and sendmail, which seems to be working well for me. Apparently, you can't have an aliases file and ldap_routing unless your aliases are in an ldap map. AJ John Arthur wrote: Ok, so I recompiled sendmail w/ LDAP support.. Here are the relavent parts of my mc file: define(`confLOCAL_MAILER', `cyrusv2') define(`CYRUSV2_MAILER_ARGS', `FILE /var/cyrus/imap/socket/lmtp') # LDAP Related FEATURE(`ldap_routing') LDAPROUTE_DOMAIN(`panther.mydomain.com') define(`confLDAP_DEFAULT_SPEC', `-h localhost -b ou=Users,dc=mydomain,dc=com') define(`confLDAP_DEFAULT_SPEC', `-h localhost -b ou=Users,dc=mydomain,dc=com') LDAPROUTE_DOMAIN(`panther.mydomain.com') dnl # LDAPROUTE_DOMAIN_FILE(`/etc/mail/LDAP-Routing') FEATURE(`ldap_routing',,,`bounce',`preserve') --- You have not configured Sendmail to bounce addresses that are not in LDAP. I also like to preserver '+' addresses John --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
RE: Cyrus IMAP, sendmail and LDAP
> Ok, so I recompiled sendmail w/ LDAP support.. > Here are the relavent parts of my mc file: > > define(`confLOCAL_MAILER', `cyrusv2') > define(`CYRUSV2_MAILER_ARGS', `FILE /var/cyrus/imap/socket/lmtp') > > # LDAP Related > FEATURE(`ldap_routing') > LDAPROUTE_DOMAIN(`panther.mydomain.com') > define(`confLDAP_DEFAULT_SPEC', `-h localhost -b > ou=Users,dc=mydomain,dc=com') > define(`confLDAP_DEFAULT_SPEC', `-h localhost -b ou=Users,dc=mydomain,dc=com') LDAPROUTE_DOMAIN(`panther.mydomain.com') dnl # LDAPROUTE_DOMAIN_FILE(`/etc/mail/LDAP-Routing') FEATURE(`ldap_routing',,,`bounce',`preserve') --- You have not configured Sendmail to bounce addresses that are not in LDAP. I also like to preserver '+' addresses John --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
RE: Cyrus IMAP, sendmail and LDAP
On Thu, 8 Jul 2004, AJ wrote: > Well, because I read on various lists that if you don't use ldap_routing then > the cyrus mail server can become cluttered with various bounces and spoofed > sender addresses.. This way, sendmail will verify each user before accepting > delivery. I may try the other alternative via socket map. > What do you recommend? This is what virtusertable does. It accepts mail only for known users. Just make sure you have a 'catch all' entry for each domain. Something like: @example.com error:nouser 550 User unknown -Igor > > Quoting Igor Brezac <[EMAIL PROTECTED]>: > > > On Thu, 8 Jul 2004, AJ wrote: > > > >> John, > >> Thanks, everything is up and running now, but I have one final question... > >> Is it possible for sendmail to check the alias file or virtusertable before > >> doing an ldap lookup. I am not ready to move these into ldap and I want to > >> preserve them. > > > > If you are already using virtusertable, why do you bother setting up > > ldap_routing? You can just setup an ldap based virtusertable map. > > > > -Igor > > > >> Thanks again for all of your help. > >> > >> AJ > >> > >> Quoting John Andrews <[EMAIL PROTECTED]>: > >> > >> > You will want to have something similar to this for ldap_routing. > >> > > >> > FEATURE(`ldap_routing', `ldap -1 -T -v mailHost -k > >> > (mailLocalAddress=%0)', `ldap -1 -T -v mailRoutingAddress -k > >> > (mailRoutingAddress=%0)', `bounce', `preserve')dnl > >> > > >> > http://www.sendmail.org/m4/ldap_routing.html > >> > > >> >> # LDAP Related > >> >> FEATURE(`ldap_routing') > >> >> LDAPROUTE_DOMAIN(`panther.mydomain.com') > >> >> define(`confLDAP_DEFAULT_SPEC', `-h localhost -b > >> >> ou=Users,dc=mydomain,dc=com') > >> > > >> > -- > >> > > >> > John Andrews > >> > Systems Administrator > >> > NPG Cable, Inc. > >> > (816) 273-0337 > >> > [EMAIL PROTECTED] > >> > >> > >> > >> --- > >> Cyrus Home Page: http://asg.web.cmu.edu/cyrus > >> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu > >> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > >> > > > > -- > > Igor > > > > -- Igor --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
RE: Cyrus IMAP, sendmail and LDAP
Well, because I read on various lists that if you don't use ldap_routing then the cyrus mail server can become cluttered with various bounces and spoofed sender addresses.. This way, sendmail will verify each user before accepting delivery. I may try the other alternative via socket map. What do you recommend? Quoting Igor Brezac <[EMAIL PROTECTED]>: On Thu, 8 Jul 2004, AJ wrote: John, Thanks, everything is up and running now, but I have one final question... Is it possible for sendmail to check the alias file or virtusertable before doing an ldap lookup. I am not ready to move these into ldap and I want to preserve them. If you are already using virtusertable, why do you bother setting up ldap_routing? You can just setup an ldap based virtusertable map. -Igor Thanks again for all of your help. AJ Quoting John Andrews <[EMAIL PROTECTED]>: > You will want to have something similar to this for ldap_routing. > > FEATURE(`ldap_routing', `ldap -1 -T -v mailHost -k > (mailLocalAddress=%0)', `ldap -1 -T -v mailRoutingAddress -k > (mailRoutingAddress=%0)', `bounce', `preserve')dnl > > http://www.sendmail.org/m4/ldap_routing.html > >> # LDAP Related >> FEATURE(`ldap_routing') >> LDAPROUTE_DOMAIN(`panther.mydomain.com') >> define(`confLDAP_DEFAULT_SPEC', `-h localhost -b >> ou=Users,dc=mydomain,dc=com') > > -- > > John Andrews > Systems Administrator > NPG Cable, Inc. > (816) 273-0337 > [EMAIL PROTECTED] --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html -- Igor --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: MTA - where to send mail in a MURDER env
--- Rob Siemborski <[EMAIL PROTECTED]> wrote: > You need to send it to an lmtpproxyd, but there's no > reason to put that on > a frontend -- we run our lmtpproxyd's on the same > hosts as our MTAs (via > unix socket). Well actually in our case we will start with one frontend and one backend server where the mupdate server and the MTA will both run on the frontend server. So for this case I guess it makes sense to have our MTA on the frontend server send mails via LMTP (unix socket) to the lmtpproxyd on that same frontend server, am I right so far ? Or would you suggest something better ? I think I have no other choice because I really want to start with the minimum (one frontend and one backend). Thanks Regards __ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
RE: Cyrus IMAP, sendmail and LDAP
On Thu, 8 Jul 2004, AJ wrote: > John, > Thanks, everything is up and running now, but I have one final question... > Is it possible for sendmail to check the alias file or virtusertable before > doing an ldap lookup. I am not ready to move these into ldap and I want to > preserve them. If you are already using virtusertable, why do you bother setting up ldap_routing? You can just setup an ldap based virtusertable map. -Igor > Thanks again for all of your help. > > AJ > > Quoting John Andrews <[EMAIL PROTECTED]>: > > > You will want to have something similar to this for ldap_routing. > > > > FEATURE(`ldap_routing', `ldap -1 -T -v mailHost -k > > (mailLocalAddress=%0)', `ldap -1 -T -v mailRoutingAddress -k > > (mailRoutingAddress=%0)', `bounce', `preserve')dnl > > > > http://www.sendmail.org/m4/ldap_routing.html > > > >> # LDAP Related > >> FEATURE(`ldap_routing') > >> LDAPROUTE_DOMAIN(`panther.mydomain.com') > >> define(`confLDAP_DEFAULT_SPEC', `-h localhost -b > >> ou=Users,dc=mydomain,dc=com') > > > > -- > > > > John Andrews > > Systems Administrator > > NPG Cable, Inc. > > (816) 273-0337 > > [EMAIL PROTECTED] > > > > --- > Cyrus Home Page: http://asg.web.cmu.edu/cyrus > Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > -- Igor --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: MTA - where to send mail in a MURDER env
On Thu, 8 Jul 2004, ML mail wrote: Well actually in our case we will start with one frontend and one backend server where the mupdate server and the MTA will both run on the frontend server. So for this case I guess it makes sense to have our MTA on the frontend server send mails via LMTP (unix socket) to the lmtpproxyd on that same frontend server, am I right so far ? Yes. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
RE: Cyrus IMAP, sendmail and LDAP
On Thu, 8 Jul 2004, AJ wrote: > John, > Thanks, everything is up and running now, but I have one final question... > Is it possible for sendmail to check the alias file or virtusertable before > doing an ldap lookup. I am not ready to move these into ldap and I want to > preserve them. If you are already using virtusertable, why do you bother setting up ldap_routing? You can just setup an ldap based virtusertable map. -Igor > Thanks again for all of your help. > > AJ > > Quoting John Andrews <[EMAIL PROTECTED]>: > > > You will want to have something similar to this for ldap_routing. > > > > FEATURE(`ldap_routing', `ldap -1 -T -v mailHost -k > > (mailLocalAddress=%0)', `ldap -1 -T -v mailRoutingAddress -k > > (mailRoutingAddress=%0)', `bounce', `preserve')dnl > > > > http://www.sendmail.org/m4/ldap_routing.html > > > >> # LDAP Related > >> FEATURE(`ldap_routing') > >> LDAPROUTE_DOMAIN(`panther.mydomain.com') > >> define(`confLDAP_DEFAULT_SPEC', `-h localhost -b > >> ou=Users,dc=mydomain,dc=com') > > > > -- > > > > John Andrews > > Systems Administrator > > NPG Cable, Inc. > > (816) 273-0337 > > [EMAIL PROTECTED] > > > > --- > Cyrus Home Page: http://asg.web.cmu.edu/cyrus > Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > -- Igor --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
RE: Cyrus IMAP, sendmail and LDAP
John, Thanks, everything is up and running now, but I have one final question... Is it possible for sendmail to check the alias file or virtusertable before doing an ldap lookup. I am not ready to move these into ldap and I want to preserve them. Thanks again for all of your help. AJ Quoting John Andrews <[EMAIL PROTECTED]>: You will want to have something similar to this for ldap_routing. FEATURE(`ldap_routing', `ldap -1 -T -v mailHost -k (mailLocalAddress=%0)', `ldap -1 -T -v mailRoutingAddress -k (mailRoutingAddress=%0)', `bounce', `preserve')dnl http://www.sendmail.org/m4/ldap_routing.html # LDAP Related FEATURE(`ldap_routing') LDAPROUTE_DOMAIN(`panther.mydomain.com') define(`confLDAP_DEFAULT_SPEC', `-h localhost -b ou=Users,dc=mydomain,dc=com') -- John Andrews Systems Administrator NPG Cable, Inc. (816) 273-0337 [EMAIL PROTECTED] --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus IMAP, sendmail and LDAP
AJ wrote: Ok, so I recompiled sendmail w/ LDAP support.. Here are the relavent parts of my mc file: define(`confLOCAL_MAILER', `cyrusv2') define(`CYRUSV2_MAILER_ARGS', `FILE /var/cyrus/imap/socket/lmtp') # LDAP Related FEATURE(`ldap_routing') LDAPROUTE_DOMAIN(`panther.mydomain.com') define(`confLDAP_DEFAULT_SPEC', `-h localhost -b ou=Users,dc=mydomain,dc=com') # # The mailer definitions # MAILER(`cyrusv2') MAILER(`local') MAILER(`smtp') It looks like sendmail is still delivering via cyrus mailer, it accepts the message even if the account does not exist in ldap. What am I doing wrong? You have not specified that sendmail should bounce messages to addresses without ldap_routing entries: FEATURE(`ldap_routing',,,`bounce') http://www.sendmail.org/m4/ldap_routing.html -- Andrzej [en:Andrew] Adam Filip [EMAIL PROTECTED] [EMAIL PROTECTED] http://anfi.homeunix.net/ http://slashdot.org/~anfi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: MTA - where to send mail in a MURDER env
On Thu, 8 Jul 2004, ML mail wrote: I am currently setting up a MURDER environement with one frontend server and one backend server to start with. The MTA (Sendmail) for incoming mails (MX) will be running on the frontend server. Now my question: where should the MTA send the incoming mails ? Should the MTA send it to the frontend server via LMTPProxy or should it send it to the backend via LMTP ? You need to send it to an lmtpproxyd, but there's no reason to put that on a frontend -- we run our lmtpproxyd's on the same hosts as our MTAs (via unix socket). -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
RE: Cyrus IMAP, sendmail and LDAP
You will want to have something similar to this for ldap_routing. FEATURE(`ldap_routing', `ldap -1 -T -v mailHost -k (mailLocalAddress=%0)', `ldap -1 -T -v mailRoutingAddress -k (mailRoutingAddress=%0)', `bounce', `preserve')dnl http://www.sendmail.org/m4/ldap_routing.html > # LDAP Related > FEATURE(`ldap_routing') > LDAPROUTE_DOMAIN(`panther.mydomain.com') > define(`confLDAP_DEFAULT_SPEC', `-h localhost -b ou=Users,dc=mydomain,dc=com') -- John Andrews Systems Administrator NPG Cable, Inc. (816) 273-0337 [EMAIL PROTECTED] --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
MTA - where to send mail in a MURDER env
Hello, I am currently setting up a MURDER environement with one frontend server and one backend server to start with. The MTA (Sendmail) for incoming mails (MX) will be running on the frontend server. Now my question: where should the MTA send the incoming mails ? Should the MTA send it to the frontend server via LMTPProxy or should it send it to the backend via LMTP ? Regards Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages!
RE: Cyrus IMAP, sendmail and LDAP
Ok, so I recompiled sendmail w/ LDAP support.. Here are the relavent parts of my mc file: define(`confLOCAL_MAILER', `cyrusv2') define(`CYRUSV2_MAILER_ARGS', `FILE /var/cyrus/imap/socket/lmtp') # LDAP Related FEATURE(`ldap_routing') LDAPROUTE_DOMAIN(`panther.mydomain.com') define(`confLDAP_DEFAULT_SPEC', `-h localhost -b ou=Users,dc=mydomain,dc=com') # # The mailer definitions # MAILER(`cyrusv2') MAILER(`local') MAILER(`smtp') It looks like sendmail is still delivering via cyrus mailer, it accepts the message even if the account does not exist in ldap. What am I doing wrong? Thanks. AJ Quoting John Arthur <[EMAIL PROTECTED]>: Thanks.. is there any LDAP attribute that will tell sendmail what server and cyrus mailbox to deliver to. Yes, mailLocalAddress -- Addresses to accept email to (as many as you want) mailRoutingAddress -- The address to send the mail to mailHost -- The host to deliver mail to It seems that using ldap routing w/ mailLocalAddress and mailHost will cause a loop if everything is all one one server. You're not giving Sendmail enough credit ;-) IF mailHost == local-host-name sendmail delivers localy. No loop. John --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
line after message-id
I think this was discussed before, but googling didn't reveal much (to me).. I posted a note to someone who has a vacation message. Part of the message returned is here: === Received: from cyrus by imap.newn.cam.ac.uk with local (Exim 4.20) id 1Biax5-0007W4-An for [EMAIL PROTECTED]; Thu, 08 Jul 2004 16:36:47 +0100 Message-ID: <[EMAIL PROTECTED]> Date: Thu, 08 Jul 2004 16:36:47 +0100 X-Sieve: CMU Sieve 2.2 === Note the extra line after the Message-ID. This then confuses mail readers and makes the messages appear not to have a subject line etc. I vaguely remember this had something to do with using exim, but I can't remember.. Any ideas? Cheers, Patrick --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Wanted: an example imapd.conf for authenticating against Active Directory
On Thu, 8 Jul 2004, Paul Boven wrote: > Hi everyone, > > For a new customer, I'm setting up a Cyrus server that will have to > authenticate against an Active Directory server. > > So far, I've gotten Kerberos, TSL, SASL all working together from the > command-line with ldapsearch, so what remains is to build an imapd.conf > and have Cyrus play nice with the ADS. But here are about 3 pages of > ldap-options to imapd.conf, and I still don't know what attribute to use > to check authentication against, so I'm a bit stuck for inspiration. > These are pts related commands. You need to look at cyrus-sasl documentation ($cyrus-sasl-src/doc) -- Igor --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Bug in Cyrus-2.2.6 configure (with suggested patch)
On Thu, 8 Jul 2004 [EMAIL PROTECTED] wrote: > I hate to ask, but what's on the table for things that need to be > done before a 2.2.7 release? There isn't a specific table, I'm just extraordinaraly busy right now. We will almost certainly see a 2.2.7 before the end of the month. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Sieve Problem
Hi Folks,
a few months ago I set up a new server with Cyrus SASL and IMAPD 2.1.16.
Everything runs perfectly fine, but now I want to enable sieve on that
host. So I set up a line in cyrus.conf like
sieve cmd="timsieved" listen="sieve" prefork=0
and now I can telnet like "telnet localhost sieve"
and get the following result:
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
"IMPLEMENTATION" "Cyrus timsieved v2.1.16"
"SIEVE" "fileinto reject envelope vacation imapflags notify subaddress
relational regex"
OK
The thing about it is that I can't login with sieveshell. So I searched
the lists and found that there's a line missing like "SASL PLAIN" in my
output above. One posting said that I should install the sasl libs, but
that is what I did when I installed SASL from source - and the imap
users can log in fine using the running "saslauthd -a shadow" and PLAIN
login.
So I really don't understand what the problem is - please can anybody
help me?
cyrus.conf and imap.conf are included hereby.
Thanks in advance,
Andreas Grimmel
System Administrator
ADDITIVE GmbH
Germany
cyrus.conf:
# standard standalone server implementation
START {
# do not delete this entry!
recover cmd="ctl_cyrusdb -r"
# this is only necessary if using idled for IMAP IDLE
# idledcmd="idled"
}
# UNIX sockets start with a slash and are put into /var/imap/sockets
SERVICES {
# add or remove based on preferences
imap cmd="imapd" listen="imap" prefork=0
pop3 cmd="pop3d" listen="pop3" prefork=0
sieve cmd="timsieved" listen="sieve" prefork=0
# LMTP is required for delivery
lmtpunix cmd="lmtpd" listen="/usr/cyrus/var/socket/lmtp" prefork=0
# this is only necessary if using notifications
# notify cmd="notifyd" listen="/usr/cyrus/var/socket/notify"
proto="udp" prefork=1
}
EVENTS {
# this is required
checkpointcmd="ctl_cyrusdb -c" period=30
# this is only necessary if using duplicate delivery suppression
delprune cmd="ctl_deliver -E 3" period=1440
# this is only necessary if caching TLS sessions
tlsprune cmd="tls_prune" period=1440
}
imapd.conf:
configdirectory: /usr/cyrus/var
partition-default: /usr/cyrus/var/spool
altnamespace: yes
unixhierarchysep: yes
defaultacl: anyone lrswipcda
admins: cyrus root
allowplaintext: yes
allowanonymouslogin: no
sasl_mech_list: PLAIN
#autocreatequota: 1
#reject8bit: no
#quotawarn: 90
#timeout: 30
#poptimeout: 10
#dracinterval: 0
#drachost: localhost
sasl_pwcheck_method: saslauthd
sendmail: /usr/sbin/sendmail
sievedir: /usr/cyrus/sieve
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Bug in Cyrus-2.2.6 configure (with suggested patch)
On Thu, 8 Jul 2004, Rob Siemborski wrote: > On Thu, 8 Jul 2004, Paul Boven wrote: > > > The last statement (with_bdb_inc="$with_bdbval/include") does not work > > because $with_bdbval does not exist. Changing it to $with_bdb fixes > > things. I've attached a patch for configure.in (trivial but untested > > because I don't have the whole automake/autoconf family setup right now) > > This has already been fixed in cvs. > > -Rob I hate to ask, but what's on the table for things that need to be done before a 2.2.7 release? Amos --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: High availability ... again
On Thu, 8 Jul 2004, Ken Murchison wrote: > Its not unheard of, in fact its been done for Cyrus before. I was paid > a rather large sum by a semiconductor company to implement the > altnamespace feature, and Fastmail.fm has contracted me for several > features, most recently almost all of the new stuff in 2.3. And in fact I've seen corporate partners with other open source projects. An example would be Unicon (formerly IBS) and their role with the uPortal project (www.uportal.org). A number of schools have contracted them either for deployment of the software in a "turn-key" bundle, or to help with making certain mods. When contracted to make mods, those paying for it can then decide to release that work back into the community, or keep it privately. Fortunately, it seems like a number of schools in such a situation have opted to return that work back to the community---way cool! Then there's the seriously funded, seriously aggressive Sakai project (www.sakaiproject.org). Not only have they received some big grants for this work, but there also are a number of schools pitching in with big contributions. I believe one of the corporate partners for this is a group called "r-smart". I think Unicon has also joined too. I think this is an interesting development in open source contribution, and might help to give it even more credibility in the corporate IT world. Amos --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Bug in Cyrus-2.2.6 configure (with suggested patch)
On Thu, 8 Jul 2004, Paul Boven wrote: > The last statement (with_bdb_inc="$with_bdbval/include") does not work > because $with_bdbval does not exist. Changing it to $with_bdb fixes > things. I've attached a patch for configure.in (trivial but untested > because I don't have the whole automake/autoconf family setup right now) This has already been fixed in cvs. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Bug in Cyrus-2.2.6 configure (with suggested patch)
L.S.,
While trying to build the latest Cyrus, I ran into a small problem with
configure.
From configure (line 6346 and onwards)
---
# Check whether --with-dbdir or --without-dbdir was given.
if test "${with_dbdir+set}" = set; then
withval="$with_dbdir"
with_bdb=$withval
fi;
case "$with_bdb" in
no)
use_berkeley="no"
;;
yes)
use_berkeley="yes"
with_bdb_lib=none
with_bdb_inc=none
;;
*)
use_berkeley="yes"
with_bdb_lib="$with_bdb/lib"
with_bdb_inc="$with_bdbval/include"
;;
--
The last statement (with_bdb_inc="$with_bdbval/include") does not work
because $with_bdbval does not exist. Changing it to $with_bdb fixes
things. I've attached a patch for configure.in (trivial but untested
because I don't have the whole automake/autoconf family setup right now)
Regards, Paul Boven.
*** configure.in.orgThu Jul 8 15:05:27 2004
--- configure.inThu Jul 8 15:05:42 2004
***
*** 186,192
*)
use_berkeley="yes"
with_bdb_lib="$with_bdb/lib"
! with_bdb_inc="$with_bdbval/include"
;;
esac
--- 186,192
*)
use_berkeley="yes"
with_bdb_lib="$with_bdb/lib"
! with_bdb_inc="$with_bdb/include"
;;
esac
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: High availability ... again
Kevin Baker wrote: Fair enough ;) So what would it cost to have this feature implemented? Specifically adding the application level redundancy patch that was submitted. I think it is certainly worth discussion if nothing else to see if it is something we, people interested, might collectively be able to pay for. Actually a pretty interesting topic... maybe more suited for a general Slashdot thread. Paying for open source dev.. I think there was something on that recently. Its not unheard of, in fact its been done for Cyrus before. I was paid a rather large sum by a semiconductor company to implement the altnamespace feature, and Fastmail.fm has contracted me for several features, most recently almost all of the new stuff in 2.3. -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: login problem using cyrus-sasl-2.1.18 and cyrus-imapd-2.2.6
On Thu, 8 Jul 2004, victor wrote: > I have corrected the problem and restarted cyrus but is still not working. > > I have the same error. > Jul 8 10:46:03 mail68 imap[24978]: cannot connect to saslauthd server: > No such file or directory > > imapd.conf contains a line : "saslauthd_path:/var/state/saslauthd" This needs to be "sasl_saslauthd_path: /var/state/saslauthd" -- Igor --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Wanted: an example imapd.conf for authenticating against Active Directory
Hi everyone, For a new customer, I'm setting up a Cyrus server that will have to authenticate against an Active Directory server. So far, I've gotten Kerberos, TSL, SASL all working together from the command-line with ldapsearch, so what remains is to build an imapd.conf and have Cyrus play nice with the ADS. But here are about 3 pages of ldap-options to imapd.conf, and I still don't know what attribute to use to check authentication against, so I'm a bit stuck for inspiration. I would therefore very much appreciate it if someone could send me a copy of their imapd.conf that talks to an ADS, with of course anything sensitive deleted. Regards, Paul Boven. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
login problem using cyrus-sasl-2.1.18 and cyrus-imapd-2.2.6
I try to detail the problem(I have some more information):
The error:
Jul 8 10:46:03 mail68 imap[24978]: cannot connect to saslauthd server:
No such file or directory
What I have tryed to debug the problem:
1) imapd.conf contains a line : "saslauthd_path:/var/state/saslauthd"
2) Saslauthd is running and I have the directory /var/state/saslauthd
with a file mux in it.
3) When I try the command: "echo 1 > /var/state/saslauthd/mux", the error is
bash: /var/state/saslauthd/mux: No such device or address
4) When I start cyrus I have a error(I don't know if is related with the
insuccesfull login):
master[28489]: setrlimit: Unable to set file descriptors limit to -1:
Operation not permitted
5) When I do "strace /usr/cyrus/bin/master -f -v" the output is:
open("/etc/imapd.conf", O_RDONLY) = 4
fstat64(4, {st_mode=S_IFREG|0644, st_size=1439, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x40018000
read(4, "postmaster: postmaster\nconfigdir"..., 4096) = 1439
read(4, "", 4096) = 0
close(4)= 0
munmap(0x40018000, 4096)= 0
close(0)= 0
open("/dev/null", O_RDWR) = 0
close(1)= 0
open("/dev/null", O_RDWR) = 1
close(2)= 0
open("/dev/null", O_RDWR) = 2
close(3)= 0
dup(0) = 3
close(4)= -1 EBADF (Bad file descriptor)
dup(0) = 4
setrlimit(RLIMIT_NOFILE, {rlim_cur=RLIM_INFINITY,
rlim_max=RLIM_INFINITY}) = -1 EPERM (Operation not permitted)
time([1089283367]) = 1089283367
open("/etc/localtime", O_RDONLY)= 6
fstat64(6, {st_mode=S_IFREG|0644, st_size=798, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x40018000
read(6, "TZif\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\7\0\0\0\7\0"...,
4096) = 798
close(6)= 0
munmap(0x40018000, 4096)= 0
getpid()= 28542
rt_sigaction(SIGPIPE, {0x40316ea0, [], SA_RESTORER, 0x40259718},
{SIG_DFL}, 8) = 0
socket(PF_UNIX, SOCK_DGRAM, 0) = 6
fcntl64(6, F_SETFD, FD_CLOEXEC) = 0
connect(6, {sa_family=AF_UNIX, path="/dev/log"}, 16) = 0
send(6, "<179>Jul 8 13:42:47 master[2854"..., 114, 0) = 114
rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
getrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=1024}) = 0
time([1089283367]) = 1089283367
getpid()= 28542
rt_sigaction(SIGPIPE, {0x40316ea0, [], SA_RESTORER, 0x40259718},
{SIG_DFL}, 8) = 0
send(6, "<179>Jul 8 13:42:47 master[2854"..., 68, 0) = 68
rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
setrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=1024}) = 0
open("/var/run/cyrus-master.pid", O_RDWR|O_CREAT, 0644) = 8
fcntl64(8, F_SETLK, {type=F_WRLCK, whence=SEEK_SET, start=0, len=0}) =
-1 EAGAIN (Resource temporarily unavailable)
write(-1, "G\0\0\0", 4) = -1 EBADF (Bad file descriptor)
time([1089283367]) = 1089283367
getpid()= 28542
rt_sigaction(SIGPIPE, {0x40316ea0, [], SA_RESTORER, 0x40259718},
{SIG_DFL}, 8) = 0
send(6, "<178>Jul 8 13:42:47 master[2854"..., 107, 0) = 107
rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
time([1089283367]) = 1089283367
getpid()= 28542
rt_sigaction(SIGPIPE, {0x40316ea0, [], SA_RESTORER, 0x40259718},
{SIG_DFL}, 8) = 0
send(6, "<181>Jul 8 13:42:47 master[2854"..., 43, 0) = 43
rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
exit_group(71) = ?
Thank you.
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: login problem using cyrus-sasl-2.1.18 and cyrus-imapd-2.2.6
I have corrected the problem and restarted cyrus but is still not working. I have the same error. Jul 8 10:46:03 mail68 imap[24978]: cannot connect to saslauthd server: No such file or directory imapd.conf contains a line : "saslauthd_path:/var/state/saslauthd" Saslauthd is running. And I have the directory /var/state/saslauthd fith a file mux in it. Thank you --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: login problem using cyrus-sasl-2.1.18 and cyrus-imapd-2.2.6
> I con't login. > > Syslog message: > Jul 8 10:46:03 mail68 imap[24978]: badlogin: localhost [127.0.0.1] > plaintext root SASL(-1): generic failure: checkpass failed > Jul 8 10:47:31 mail68 master[24916]: process 24978 exited, status 0 > Jul 8 03:50:00 mail68 CROND[25009]: (root) CMD ( > /usr/share/sshd-monitor/sshd-restarter) > > Auth.log message > Jul 8 10:52:48 mail68 saslauthd[25086]: ipc_init: listening on > socket: /var/state/saslauthd/mux > Jul 8 10:46:03 mail68 imap[24978]: cannot connect to saslauthd server: > No such file or directory > > But saslauthd is listening in "/var/state/saslauthd/mux" Check your imapd.conf, it is configured for /var/run/saslauthd/mux > > My imapd.conf is: > > postmaster: postmaster > configdirectory: /mail/imap > partition-default: /mail/spool/imap > virtualdomains: yes > defaultdomain: ambra.ro > admins: cyrus > allowanonymouslogin: no > allowplaintext: yes > sasl_mech_list: PLAIN NTLM DIGEST-MD5 CRAM-MD5 > servername: cyrus.ambranet.com > autocreatequota: 1 > reject8bit: no > quotawarn: 90 > timeout: 30 > poptimeout: 10 > dracinterval: 0 > drachost: localhost > altnamespace: yes > unixhierarchysep: yes > saslauthd_path: /var/run/saslauthd/mux > sasl_pwcheck_method: saslauthd > sievedir: /usr/sieve > sendmail: /usr/sbin/sendmail > > > --- > Cyrus Home Page: http://asg.web.cmu.edu/cyrus > Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > > --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Getting libwrap compiled into Cyrus IMAPd
Hi, I am trying in vain to get libwrap activated in Cyrus IMAPd. I am using Cyrus IMAPd 2.2.6, Cyrus SASL 2.1.18 on OpenBSD 3.5. And here is my configure command: ./configure --prefix=/usr/local/cyrus-imapd --with-cyrus-prefix=/usr/local/cyrus-imapd --with-openssl --with-sasl=/usr/local/sasl2 --with-bdb-libdir=/usr/local/lib/db4 --with-bdb-incdir=/usr/local/include/db4 --with-libwrap configure then simply reports that it didn't find libwrap and if I have a look in the generated config.log I can see the following error: /usr/lib/libwrap.so.3.0: undefined reference to `allow_severity' /usr/lib/libwrap.so.3.0: undefined reference to `deny_severity' Does anyone have a solution for this ? Many thanks Regards __ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
login problem using cyrus-sasl-2.1.18 and cyrus-imapd-2.2.6
I con't login. Syslog message: Jul 8 10:46:03 mail68 imap[24978]: badlogin: localhost [127.0.0.1] plaintext root SASL(-1): generic failure: checkpass failed Jul 8 10:47:31 mail68 master[24916]: process 24978 exited, status 0 Jul 8 03:50:00 mail68 CROND[25009]: (root) CMD ( /usr/share/sshd-monitor/sshd-restarter) Auth.log message Jul 8 10:52:48 mail68 saslauthd[25086]: ipc_init: listening on socket: /var/state/saslauthd/mux Jul 8 10:46:03 mail68 imap[24978]: cannot connect to saslauthd server: No such file or directory But saslauthd is listening in "/var/state/saslauthd/mux" My imapd.conf is: postmaster: postmaster configdirectory: /mail/imap partition-default: /mail/spool/imap virtualdomains: yes defaultdomain: ambra.ro admins: cyrus allowanonymouslogin: no allowplaintext: yes sasl_mech_list: PLAIN NTLM DIGEST-MD5 CRAM-MD5 servername: cyrus.ambranet.com autocreatequota: 1 reject8bit: no quotawarn: 90 timeout: 30 poptimeout: 10 dracinterval: 0 drachost: localhost altnamespace: yes unixhierarchysep: yes saslauthd_path: /var/run/saslauthd/mux sasl_pwcheck_method: saslauthd sievedir: /usr/sieve sendmail: /usr/sbin/sendmail --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: High availability ... again
Fair enough ;) So what would it cost to have this feature implemented? Specifically adding the application level redundancy patch that was submitted. I think it is certainly worth discussion if nothing else to see if it is something we, people interested, might collectively be able to pay for. Actually a pretty interesting topic... maybe more suited for a general Slashdot thread. Paying for open source dev.. I think there was something on that recently. Kevin > On Tue, 6 Jul 2004, Kevin Baker wrote: > >> How would we indicate our interest to the development >> team? How are updates and future development project >> priorities decided? > > Several methods.. > > Supplied patches often get a high priority (though not in > this case, since > we have a patch that is very complicated and not easy to > apply since it is > based off of different implementations of the expunge code > that is in the > 2.3 CVS). > > Quite honestly, development priorities are most often > (Though not always) > set around what CMU needs most at the time. Sort of > selfish, but very > true. Things like virtual domains got implemented because > Ken was bored > though. > > Another way to indicate your interest is with a hefty > donation to CMU, of > course :) > > -Rob > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * > 412-268-7456 > Research Systems Programmer * /usr/contributed Gatekeeper > > --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
