Re: Sieve Authentication Fails
On Thu, 2005-02-03 at 14:24 -0800, Dan Perez wrote: Hi All, I see that this question has been posted before, but I don't see a clear answer, so forgive me. Any leads would be appreciated. I'm running cyrus 2.2.10, on RHEL 3.0. It works great. Now I want to start using sieve... but I can't get sieveshell to connect to the server and I don't understand why. [EMAIL PROTECTED] log]# sieveshell -u cyrus localhost connecting to localhost Please enter your password: unable to connect to server at /usr/bin/sieveshell line 169, STDIN line 1 saslpasswd cyrus #add password for cyrus to sasldb Well, if sieve uses saslauthd - pam to authenticate, there is no need for having a sasldb file with cyrus user. IIRC the problem is that sieveshell doesn't have the --auth parameter like cyradm. The sieve server works, but not sieveshell. Can someone confirm this or has someone already made a patch to fix sieveshell? Simon --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Shared folders and seen-flag
Hi. I'm playing around with shared folders and I was under the impression that Cyrus operated with two kinds of shared folders 1. Bullitin board - Like news. All mail appears as unread for all 2. Support folder - One person reads, marked as read for all other users 1. is easy and works flawlessly, but 2. does not seem to work. I can open for writing other flags (like the important-flag ), but the seen-flag is allways uniqe pr user. Today we use inn/nntp for 1. and courier with a useraccout all support-people log in to using the same user/password. My question is: Is there a way to share seen-flags? Preferably using your own user, not a special account for all to log into. -- Audun --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
cascade auth
We're currently using a cascading authentication mechanism to preserve compatibility with legacy users. The system works like this.. [EMAIL PROTECTED] [EMAIL PROTECTED] (where both usernames are the same) The user can log in with either their fully qualified address, or as just the short username. If the short username is used, the database looks up the account by matching [EMAIL PROTECTED] with the password. I realize that this is a security concern, but we haven't had an issue and it keeps the customers happy. I've been looking at Cyrus as a possible migration path from our current setup, which uses a maildir/NFS backend that has caused me endless grief. Is there any way to accomplish this kind of lookup in Cyrus? I think I'd need a way for SASL to tell Cyrus the real mailbox name (the fully qualified address) after a successful auth, instead of just telling Cyrus that the auth was successful (sort of how Courier's authdaemon does it). Also, has there been any work on storing quotas in an external database? -- Steve Kondik [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part
Re: Sieve Authentication Fails
On Fri, 4 Feb 2005, Simon Matter wrote: On Thu, 2005-02-03 at 14:24 -0800, Dan Perez wrote: Hi All, I see that this question has been posted before, but I don't see a clear answer, so forgive me. Any leads would be appreciated. I'm running cyrus 2.2.10, on RHEL 3.0. It works great. Now I want to start using sieve... but I can't get sieveshell to connect to the server and I don't understand why. [EMAIL PROTECTED] log]# sieveshell -u cyrus localhost connecting to localhost Please enter your password: unable to connect to server at /usr/bin/sieveshell line 169, STDIN line 1 saslpasswd cyrus #add password for cyrus to sasldb Well, if sieve uses saslauthd - pam to authenticate, there is no need for having a sasldb file with cyrus user. IIRC the problem is that sieveshell doesn't have the --auth parameter like cyradm. The sieve server works, but not sieveshell. It has --authname and it works fine. Check man pages. -- Igor --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
cyrus-sasl-2.1.20 and db-4.3.27 problem (atleast I think its in db)
Hi, I am trying to compile cyrus-sasl-2.1.20, but during the configure I get checking db.h usability... yes checking db.h presence... yes checking for db.h... yes checking DB library to use... no configure: WARNING: Disabling SASL authentication database support - why can't it find the library? the ./configure line I use is: ./configure \ --enable-anon \ --enable-plain \ --enable-login \ --disable-krb4 \ --disable-otp \ --disable-cram \ --disable-digest \ --with-saslauthd=/var/run/saslauthd \ --with-pam=/lib/security \ --with-dblib=berkeley \ --with-bdb-libdir=/usr/local/bdb/current/lib \ --with-bdb-incdir=/usr/local/bdb/current/include \ --with-openssl=/usr/local/ssl \ --with-plugindir=/usr/local/lib/sasl2 \ --with-pgsql=/usr/local/pgsql/current \ --with-mysql=/usr/local/mysql/current This is a problem with Berkeley, right? I have compiled and installed version 4.3.27. (/usr/local/bdb/current/lib is in /etc/ld.so.conf and I have done ldconfig) atlantis:/usr/src/cyrus-sasl-2.1.20# ls -la /usr/local/bdb/current/lib/ total 5640 drwxr-xr-x 2 chaser chaser4096 Feb 4 12:29 . drwxr-xr-x 6 chaser staff 4096 Feb 4 12:29 .. -r--r--r-- 1 chaser chaser 193857 Feb 4 12:29 db.jar -rw-r--r-- 1 chaser src1132142 Feb 4 12:29 libdb-4.3.a -rw-r--r-- 1 chaser src806 Feb 4 12:27 libdb-4.3.la -rwxr-xr-x 1 chaser src 910934 Feb 4 12:27 libdb-4.3.so lrwxr-xr-x 1 chaser chaser 12 Feb 4 12:29 libdb-4.so - libdb-4.3.so -rw-r--r-- 1 chaser src1132142 Feb 4 12:29 libdb.a lrwxr-xr-x 1 chaser chaser 12 Feb 4 12:29 libdb.so - libdb-4.3.so -rw-r--r-- 1 chaser src1280498 Feb 4 12:29 libdb_java-4.3.a -rw-r--r-- 1 chaser src851 Feb 4 12:28 libdb_java-4.3.la -rwxr-xr-x 1 chaser src1070486 Feb 4 12:28 libdb_java-4.3.so lrwxr-xr-x 1 chaser chaser 17 Feb 4 12:29 libdb_java-4.3_g.so - libdb_java-4.3.so lrwxr-xr-x 1 chaser chaser 17 Feb 4 12:29 libdb_java-4.so - libdb_java-4.3.so lrwxr-xr-x 1 chaser chaser 17 Feb 4 12:29 libdb_java.so - libdb_java-4.3.so atlantis:/usr/src/cyrus-sasl-2.1.20# Seems that the libraries are there, maybe my problem is in something else, but I suspect berkeley. Any kind of help is welcome. PS. I have searched the mailing-list for the past half a year and done some googleing, but haven't found a solution. PS2. Trying to follow this howto http://howtos.linux.com/howtos/Postfix-Cyrus-Web-cyradm-HOWTO/install.shtml#CYRUS-INSTALL PS3. Running Debian testing, kernel 2.6.8 , i686 Thank You all in advance, Oliver --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
How to update cyrus db to BerkeleyDB 4.3?
Hi, I'm trying to find out how to convert configdirectory/db/ from BerkeleyDB 4.2 to the 4.3 version. I tried to do what's written in http://www.sleepycat.com/docs/ref/upgrade/process.html with a little helper program implemented to convert openldap2 db backend from 4.2 to 4.3 without success. The only chance I had was to remove configdirectory/db/* Does anybody know, how to do that conversion? -- With best regards, Carsten Hoeger pgp4lRte40qc8.pgp Description: PGP signature
RE: intergrate cyrus and postfix
Carl P. Corliss wrote: You already know this to be untrue - as posted by Magnus Bäck on the postfix-users mailing list (to your exact same question there), you only need deliver if that's the method in which you want to have messages passed off to cyrus. The people over on postfix-users mailing list have also already explained that you should be using LMTP (not cyrus' deliver). Perhaps it might be a good idea to read the README.postfix.gz that Hans Van Kranenburg was kind enough to send you. Might also be a good idea to follow his suggestions in his most recent posting on the postfix-users mailing list - or those of Magnus Bäck and Matt, etc. Also, I still haven't seen you post a link to any logs with errors that you recv (both here or on the postfix-users mailing list)... When i run a search of an email sent to an imap mailbox address([EMAIL PROTECTED]), this is what I get- Feb 4 10:55:21 mta1 postfix/smtpd[24927]: mta1.charmer.com[127.0.0.1]: rcpt to: [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: extract_addr: input: [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: smtpd_check_addr: [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: send attr address = [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: input attribute value: [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: rewrite_clnt: canonicalize: [EMAIL PROTECTED] - [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: send attr address = [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: input attribute value: [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: resolve_clnt: [EMAIL PROTECTED]' - transp=`local' host=`sales.charmer.com' [EMAIL PROTECTED]' flags= class=local Feb 4 10:55:21 mta1 postfix/smtpd[24927]: ctable_locate: install entry key [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: extract_addr: result: [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: reject_unauth_destination: [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: permit_auth_destination: [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: ctable_locate: leave existing entry key [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: ctable_locate: leave existing entry key [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: maps_find: recipient_canonical_maps: [EMAIL PROTECTED]: not found Feb 4 10:55:21 mta1 postfix/smtpd[24927]: mail_addr_find: [EMAIL PROTECTED] - (not found) Feb 4 10:55:21 mta1 postfix/smtpd[24927]: maps_find: canonical_maps: [EMAIL PROTECTED]: not found Feb 4 10:55:21 mta1 postfix/smtpd[24927]: mail_addr_find: [EMAIL PROTECTED] - (not found) Feb 4 10:55:21 mta1 postfix/smtpd[24927]: maps_find: virtual_alias_maps: [EMAIL PROTECTED]: not found Feb 4 10:55:21 mta1 postfix/smtpd[24927]: mail_addr_find: [EMAIL PROTECTED] - (not found) Feb 4 15:55:31 mta1 amavis[25877]: (25877-10) ESMTP::10024 /var/amavis/amavis-20050204T155213-25877: [EMAIL PROTECTED] - [EMAIL PROTECTED] Received: SIZE=367 from mta1.charmer.com ([127.0.0.1]) by localhost (mta1.charmer.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 25877-10 for [EMAIL PROTECTED]; Fri, 4 Feb 2005 15:55:31 + (UTC) Feb 4 15:55:31 mta1 amavis[25877]: (25877-10) Checking: [EMAIL PROTECTED] - [EMAIL PROTECTED] Feb 4 15:55:35 mta1 amavis[25877]: (25877-10) FWD via SMTP: [127.0.0.1]:10025 [EMAIL PROTECTED] - [EMAIL PROTECTED] Feb 4 15:55:35 mta1 amavis[25877]: (25877-10) Passed, [EMAIL PROTECTED] - [EMAIL PROTECTED], Message-ID: [EMAIL PROTECTED], Hits: 1.676 Feb 4 10:55:35 mta1 postfix/smtp[24612]: 26CC928497A: to=[EMAIL PROTECTED], relay=localhost[127.0.0.1], delay=26, status=sent (250 2.6.0 Ok, id=25877-10, from MTA: 250 Ok: queued as 68A1028498F) Feb 4 11:07:40 mta1 postfix/smtpd[24927]: ctable_locate: purge entry key [EMAIL PROTECTED] what else should i be looking for? thanks Kern, Tom wrote: I already have that in main.cf its my understanding that i need the path to the deliver program in master.cf for cyrus to work with postfix. thanks -Original Message- From: Carl P. Corliss [mailto:[EMAIL PROTECTED] Sent: Thursday, February 03, 2005 2:06 PM To: Kern, Tom Subject: Re: intergrate cyrus and postfix try using lmtp as it incurs less overhead than using deliver. In your main.cf use something like: mailbox_transport = lmtp:unix:/var/imap/socket/lmtp or virtual_transport = lmtp:unix:/var/imap/socket/lmtp you'll need to read up on the postfix site to determine exactly which one should should use (a good start would be: http://www.postfix.org/VIRTUAL_README.html). Cheers, -- Carl --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ:
Re: cyrus-sasl-2.1.20 and db-4.3.27 problem (atleast I think its in db)
Check config.log for more clues, however I do not think cyrus-sasl-2.1.20 build script supports berkeley 4.3.x. You need to fetch the cvs version. -Igor On Fri, 4 Feb 2005, [ISO-8859-1] Oliver Aruväli wrote: Hi, I am trying to compile cyrus-sasl-2.1.20, but during the configure I get checking db.h usability... yes checking db.h presence... yes checking for db.h... yes checking DB library to use... no configure: WARNING: Disabling SASL authentication database support - why can't it find the library? the ./configure line I use is: ./configure \ --enable-anon \ --enable-plain \ --enable-login \ --disable-krb4 \ --disable-otp \ --disable-cram \ --disable-digest \ --with-saslauthd=/var/run/saslauthd \ --with-pam=/lib/security \ --with-dblib=berkeley \ --with-bdb-libdir=/usr/local/bdb/current/lib \ --with-bdb-incdir=/usr/local/bdb/current/include \ --with-openssl=/usr/local/ssl \ --with-plugindir=/usr/local/lib/sasl2 \ --with-pgsql=/usr/local/pgsql/current \ --with-mysql=/usr/local/mysql/current This is a problem with Berkeley, right? I have compiled and installed version 4.3.27. (/usr/local/bdb/current/lib is in /etc/ld.so.conf and I have done ldconfig) atlantis:/usr/src/cyrus-sasl-2.1.20# ls -la /usr/local/bdb/current/lib/ total 5640 drwxr-xr-x 2 chaser chaser4096 Feb 4 12:29 . drwxr-xr-x 6 chaser staff 4096 Feb 4 12:29 .. -r--r--r-- 1 chaser chaser 193857 Feb 4 12:29 db.jar -rw-r--r-- 1 chaser src1132142 Feb 4 12:29 libdb-4.3.a -rw-r--r-- 1 chaser src806 Feb 4 12:27 libdb-4.3.la -rwxr-xr-x 1 chaser src 910934 Feb 4 12:27 libdb-4.3.so lrwxr-xr-x 1 chaser chaser 12 Feb 4 12:29 libdb-4.so - libdb-4.3.so -rw-r--r-- 1 chaser src1132142 Feb 4 12:29 libdb.a lrwxr-xr-x 1 chaser chaser 12 Feb 4 12:29 libdb.so - libdb-4.3.so -rw-r--r-- 1 chaser src1280498 Feb 4 12:29 libdb_java-4.3.a -rw-r--r-- 1 chaser src851 Feb 4 12:28 libdb_java-4.3.la -rwxr-xr-x 1 chaser src1070486 Feb 4 12:28 libdb_java-4.3.so lrwxr-xr-x 1 chaser chaser 17 Feb 4 12:29 libdb_java-4.3_g.so - libdb_java-4.3.so lrwxr-xr-x 1 chaser chaser 17 Feb 4 12:29 libdb_java-4.so - libdb_java-4.3.so lrwxr-xr-x 1 chaser chaser 17 Feb 4 12:29 libdb_java.so - libdb_java-4.3.so atlantis:/usr/src/cyrus-sasl-2.1.20# Seems that the libraries are there, maybe my problem is in something else, but I suspect berkeley. Any kind of help is welcome. PS. I have searched the mailing-list for the past half a year and done some googleing, but haven't found a solution. PS2. Trying to follow this howto http://howtos.linux.com/howtos/Postfix-Cyrus-Web-cyradm-HOWTO/install.shtml#CYRUS-INSTALL PS3. Running Debian testing, kernel 2.6.8 , i686 Thank You all in advance, Oliver --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html -- Igor
Performance Monitoring?
Performance Monitoring? - What are people using to monitor their Cyrus Imap Server performance? - things we would like to monitor: connect to imap port to banner response time imap login time mailbox selection time imap process time (maybe create a new folder, move a few messages, delete them and expung) - We would also prefer graphing / trending, like a MRTG add-on. Thanks, Bill William B. Earle Computing Information Technology University at Buffalo Voice: 716.645.6580 301 Computing Center Fax: 716.645.5972 Buffalo, NY 14260 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Performance Monitoring?
On Fri, 4 Feb 2005 12:20:32 -0500 (EST) Bill Earle [EMAIL PROTECTED] wrote: - things we would like to monitor: connect to imap port to banner response time what exactly do you want to measure here? if it's machine responsiveness, use standard w/free/vmstat/iostat info. imap login time that depends mostly on where your accounts are stored. in my example, mysql; so i monitor that. mailbox selection time this is i/o problem. use iostat for that. imap process time (maybe create a new folder, move a few messages, delete them and expung) same. iostat. - We would also prefer graphing / trending, like a MRTG add-on. mrtg is a bit too much router oriented to plot everything you want nicely ... rrd is a better solution. as to how to do it ... there are many many scripts floating around for the general things like cpu load, bandwith and so on, but what we have here is a higly specific stuff and so the best way is to roll your own scripts. -- Jure Pear http://jure.pecar.org/ --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus-sasl-2.1.20 and db-4.3.27 problem (atleast I think its in db)
hi oliver, fwiw, sasl-2.1.20 + bdb-4.3.27 runs just great on my OSX 10.3.7 sys ... which, alas, is diff from yours. that said, i've had a similar issue b4 that may be worth mentioning here; dunno if it's your solution =) if you poke around in sasl's code, you'll note that the sasl code, walks -ldb-4.2 -ldb-4 -ldb for ID'ing DB libs ... trouble is, a fresh build of bdb 4.3.27 has *no* -ldb-4.2 (at least 4 me), so if you've got db-4.2, etc. (i.e., your OLD or DEFAULT install ...) in another dir in your default path, e.g. /usr/lib etc., the Makefile seemingly/eventually picks up THAT _default_install, hence not finding your intended install. the workaround's fairly simple ... after your DB 4.3.27 build, % cd ...berkeley-db-4.3.27/lib % ln -sf libdb-4.3.a libdb-4.2.a % ln -sf libdb-4.3.dylib libdb-4.2.dylib % ln -sf libdb-4.3.la libdb-4.2.la or, of course, the equivalent for your platform extensions ... add to that: setenv CPPFLAGS -I/usr/local/DarkMatter/berkeley-db/include ... setenv LDFLAGS -L/usr/local/DarkMatter/berkeley-db/lib -ldb ... ./configure \ ... --with-dblib=berkeley \ --with-bdb-libdir=/usr/local/DarkMatter/berkeley-db/lib \ --with-bdb-incdir=/usr/local/DarkMatter/berkeley-db/include \ ... , so far, this has done the trick for me: % otool -L libsasl2.dylib libsasl2.dylib: /usr/local/cyrus-sasl/lib/libsasl2.2.dylib (compatibility version 3.0.0, current version 3.20.0) /usr/local/berkeley-db/lib/libdb-4.3.dylib (compatibility version 0.0.0, current version 0.0.0) /usr/lib/libdl.1.dylib (compatibility version 1.0.0, current version 1.0.0) /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 71.1.1) /usr/lib/libresolv.9.dylib (compatibility version 1.0.0, current version 324.9.0) for all I know, this has been addressed in sasl-CVS, but, unfortunately, it does not build successfully for me ... so can't testify. hope this actually helps cheers, richard -- On February 4, 2005 12:08:14 PM -0500 Igor Brezac [EMAIL PROTECTED] wrote: Check config.log for more clues, however I do not think cyrus-sasl-2.1.20 build script supports berkeley 4.3.x. You need to fetch the cvs version. -Igor On Fri, 4 Feb 2005, [ISO-8859-1] Oliver Aruvli wrote: Hi, I am trying to compile cyrus-sasl-2.1.20, but during the configure I get checking db.h usability... yes checking db.h presence... yes checking for db.h... yes checking DB library to use... no configure: WARNING: Disabling SASL authentication database support - why can't it find the library? the ./configure line I use is: ./configure \ --enable-anon \ --enable-plain \ --enable-login \ --disable-krb4 \ --disable-otp \ --disable-cram \ --disable-digest \ --with-saslauthd=/var/run/saslauthd \ --with-pam=/lib/security \ --with-dblib=berkeley \ --with-bdb-libdir=/usr/local/bdb/current/lib \ --with-bdb-incdir=/usr/local/bdb/current/include \ --with-openssl=/usr/local/ssl \ --with-plugindir=/usr/local/lib/sasl2 \ --with-pgsql=/usr/local/pgsql/current \ --with-mysql=/usr/local/mysql/current This is a problem with Berkeley, right? I have compiled and installed version 4.3.27. (/usr/local/bdb/current/lib is in /etc/ld.so.conf and I have done ldconfig) atlantis:/usr/src/cyrus-sasl-2.1.20# ls -la /usr/local/bdb/current/lib/ total 5640 drwxr-xr-x 2 chaser chaser4096 Feb 4 12:29 . drwxr-xr-x 6 chaser staff 4096 Feb 4 12:29 .. -r--r--r-- 1 chaser chaser 193857 Feb 4 12:29 db.jar -rw-r--r-- 1 chaser src1132142 Feb 4 12:29 libdb-4.3.a -rw-r--r-- 1 chaser src806 Feb 4 12:27 libdb-4.3.la -rwxr-xr-x 1 chaser src 910934 Feb 4 12:27 libdb-4.3.so lrwxr-xr-x 1 chaser chaser 12 Feb 4 12:29 libdb-4.so - libdb-4.3.so -rw-r--r-- 1 chaser src1132142 Feb 4 12:29 libdb.a lrwxr-xr-x 1 chaser chaser 12 Feb 4 12:29 libdb.so - libdb-4.3.so -rw-r--r-- 1 chaser src1280498 Feb 4 12:29 libdb_java-4.3.a -rw-r--r-- 1 chaser src851 Feb 4 12:28 libdb_java-4.3.la -rwxr-xr-x 1 chaser src1070486 Feb 4 12:28 libdb_java-4.3.so lrwxr-xr-x 1 chaser chaser 17 Feb 4 12:29 libdb_java-4.3_g.so - libdb_java-4.3.so lrwxr-xr-x 1 chaser chaser 17 Feb 4 12:29 libdb_java-4.so - libdb_java-4.3.so lrwxr-xr-x 1 chaser chaser 17 Feb 4 12:29 libdb_java.so - libdb_java-4.3.so atlantis:/usr/src/cyrus-sasl-2.1.20# Seems that the libraries are there, maybe my problem is in something else, but I suspect berkeley. Any kind of help is welcome. PS. I have searched the mailing-list for the past half a year and done some googleing, but haven't found a solution. PS2. Trying to follow this howto http://howtos.linux.com/howtos/Postfix-Cyrus-Web-cyradm-HOWTO/install.shtml# CYRUS-INSTALL PS3. Running Debian testing, kernel 2.6.8 , i686 Thank You all in advance, Oliver --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info:
Re: Sieve Authentication Fails
It has --authname and it works fine. Check man pages. Igor --- Sorry, unless I'm misunderstanding something... that's not it. According to the man pages --authname let's you pass in a different username for authentication, it doesn't let you specify a mechanism... Dan --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: intergrate cyrus and postfix
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Kern, Tom wrote: | still trying to intergrate cyru-imap 2.2.10-10 and postfix with no luck. | i keep getting a command died with status 1: /cyrus/bin/deliver. | | with my cyrus, the deliver program is in /usr/lib/cyrus-imapd/. | i changed my master.cf to reflect this | | here is my master.cf- | | [...] | # | # The Cyrus deliver program has changed incompatibly, multiple times. | # | #old-cyrus unix - n n - - pipe | # flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} | # Cyrus 2.1.5 (Amos Gouaux) | cyrus unix - n n - - pipe | user=cyrus argv=/usr/lib/cyrus-imapd/deliver -r ${sender} -m ${extension} ${user} | [...] | what should i change? | cyrus seems to keep changing and i can't find a doc stating how master.cf should be with cyrus 2.2.10-10. IMHO you should use LMTP over unix socket instead of deliver program. Sample LMTP configuration is provided in Postfix: The Definitive Guide published by O'Reilly (~2 pages). - -- Andrzej [en:Andrew] Adam Filip [EMAIL PROTECTED] [EMAIL PROTECTED] Home Page http://anfi.homeunix.net/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCA8XHyOtLQUuVK/MRAn0eAJ9+M5cxPA1Yaod+xdLWazHXfdio6ACg5j01 OUqT0jxDbAjjJVCpgfz5GSc= =FkPo -END PGP SIGNATURE- --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Sieve Authentication Fails
On Fri, 4 Feb 2005, Dan Perez wrote: It has --authname and it works fine. Check man pages. Igor --- Sorry, unless I'm misunderstanding something... that's not it. According to the man pages --authname let's you pass in a different username for authentication, it doesn't let you specify a mechanism... You are correct, you cannot pass a mechanism to sieveshell. I incorrectly assumed that --auth in cyradm is an authentication username. -- Igor --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
RE: intergrate cyrus and postfix
Kern, Tom wrote: Carl P. Corliss wrote: You already know this to be untrue - as posted by Magnus Bäck on the postfix-users mailing list (to your exact same question there), you only need deliver if that's the method in which you want to have messages passed off to cyrus. The people over on postfix-users mailing list have also already explained that you should be using LMTP (not cyrus' deliver). Perhaps it might be a good idea to read the README.postfix.gz that Hans Van Kranenburg was kind enough to send you. Might also be a good idea to follow his suggestions in his most recent posting on the postfix-users mailing list - or those of Magnus Bäck and Matt, etc. Also, I still haven't seen you post a link to any logs with errors that you recv (both here or on the postfix-users mailing list)... When i run a search of an email sent to an imap mailbox address([EMAIL PROTECTED]), this is what I get- Feb 4 10:55:21 mta1 postfix/smtpd[24927]: mta1.charmer.com[127.0.0.1]: rcpt to: [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: extract_addr: input: [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: smtpd_check_addr: [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: send attr address = [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: input attribute value: [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: rewrite_clnt: canonicalize: [EMAIL PROTECTED] - [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: send attr address = [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: input attribute value: [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: resolve_clnt: [EMAIL PROTECTED]' - transp=`local' host=`sales.charmer.com' [EMAIL PROTECTED]' flags= class=local Feb 4 10:55:21 mta1 postfix/smtpd[24927]: ctable_locate: install entry key [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: extract_addr: result: [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: reject_unauth_destination: [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: permit_auth_destination: [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: ctable_locate: leave existing entry key [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: ctable_locate: leave existing entry key [EMAIL PROTECTED] Feb 4 10:55:21 mta1 postfix/smtpd[24927]: maps_find: recipient_canonical_maps: [EMAIL PROTECTED]: not found Feb 4 10:55:21 mta1 postfix/smtpd[24927]: mail_addr_find: [EMAIL PROTECTED] - (not found) Feb 4 10:55:21 mta1 postfix/smtpd[24927]: maps_find: canonical_maps: [EMAIL PROTECTED]: not found Feb 4 10:55:21 mta1 postfix/smtpd[24927]: mail_addr_find: [EMAIL PROTECTED] - (not found) Feb 4 10:55:21 mta1 postfix/smtpd[24927]: maps_find: virtual_alias_maps: [EMAIL PROTECTED]: not found Feb 4 10:55:21 mta1 postfix/smtpd[24927]: mail_addr_find: [EMAIL PROTECTED] - (not found) Feb 4 15:55:31 mta1 amavis[25877]: (25877-10) ESMTP::10024 /var/amavis/amavis-20050204T155213-25877: [EMAIL PROTECTED] - [EMAIL PROTECTED] Received: SIZE=367 from mta1.charmer.com ([127.0.0.1]) by localhost (mta1.charmer.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 25877-10 for [EMAIL PROTECTED]; Fri, 4 Feb 2005 15:55:31 + (UTC) Feb 4 15:55:31 mta1 amavis[25877]: (25877-10) Checking: [EMAIL PROTECTED] - [EMAIL PROTECTED] Feb 4 15:55:35 mta1 amavis[25877]: (25877-10) FWD via SMTP: [127.0.0.1]:10025 [EMAIL PROTECTED] - [EMAIL PROTECTED] Feb 4 15:55:35 mta1 amavis[25877]: (25877-10) Passed, [EMAIL PROTECTED] - [EMAIL PROTECTED], Message-ID: [EMAIL PROTECTED], Hits: 1.676 Feb 4 10:55:35 mta1 postfix/smtp[24612]: 26CC928497A: to=[EMAIL PROTECTED], relay=localhost[127.0.0.1], delay=26, status=sent (250 2.6.0 Ok, id=25877-10, from MTA: 250 Ok: queued as 68A1028498F) Feb 4 11:07:40 mta1 postfix/smtpd[24927]: ctable_locate: purge entry key [EMAIL PROTECTED] what else should i be looking for? thanks I also keep getting this in my log- Feb 1 14:24:45 mta1 master[19838]: about to exec /usr/lib/cyrus-imapd/lmtpd Feb 2 16:45:39 mta1 master[31396]: about to exec /usr/lib/cyrus-imapd/lmtpd According to cyrus.conf, lmtp is in /var/lib/imap/socket/ and my mailbox_transport entry in main.cf reflects this. So, where is postfix getting the above path from? i checked master.cf and my trnasport file and there is no entry like that. this is the contents of my cyrus.conf file- # standard standalone server implementation START { # do not delete this entry! recover cmd=ctl_cyrusdb -r # this is only necessary if using idled for IMAP IDLE idled cmd=idled } # UNIX sockets start with a slash and are put into /var/lib/imap/sockets SERVICES { # add or remove based on preferences imap cmd=imapd listen=imap prefork=5 imaps cmd=imapd -s listen=imaps prefork=1 pop3
Restrict IMAP usage to certain hosts
Hello all, Cyrus IMAP relies on Cyrus SASL for authentication purposes. I now want to set-up the following configuration : 1) Certain users should be allowed IMAP access from any host, all other users should use POP3 2) IMAP access should be allowed for all users, when they check their e-mail via webmail (which retrieves the mail via IMAP). Webmail is installed on a web server located near the mail server. Currently saslauthd uses PAM and PAM connects to a MySQL database in order to verify the login credentials. There's also a PAM listfile that allows/denies access based on the service and username supplied by saslauthd (so, condition 1 is met). So far, I didn't succeed in meeting condition 2. I already discovered (correct me if I'm wrong) that the saslauthd does not pass the remote host to PAM. Filtering on the remote host via a listfile would otherwise have solved my problem. Can anyone give me an alternative for meeting both condition 1 and 2? Thanks in advance! Bart. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Performance Monitoring?
On 2005-02-04, Bill Earle [EMAIL PROTECTED] wrote: Performance Monitoring? - What are people using to monitor their Cyrus Imap Server performance? - things we would like to monitor: connect to imap port to banner response time imap login time mailbox selection time imap process time (maybe create a new folder, move a few messages, delete them and expung) - We would also prefer graphing / trending, like a MRTG add-on. I'm not doing it, but it sounds like a good job for SmokePing: http://people.ee.ethz.ch/~oetiker/webtools/smokeping/ Wil -- Wil Cooley [EMAIL PROTECTED] Naked Ape Consultinghttp://nakedape.cc * * * * Linux, UNIX, Networking and Security Solutions * * * * --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: intergrate cyrus and postfix
On 2005-02-04, Andrzej Adam Filip [EMAIL PROTECTED] wrote: IMHO you should use LMTP over unix socket instead of deliver program. Sample LMTP configuration is provided in Postfix: The Definitive Guide published by O'Reilly (~2 pages). There's also a (still very rudimentary) example here: http://nakedape.cc/info/Cyrus-IMAP-HOWTO/quickstart.html#id2900018 and here: http://nakedape.cc/info/Cyrus-IMAP-HOWTO/quickstart-fedora.html#id2900732 Wil -- Wil Cooley [EMAIL PROTECTED] Naked Ape Consultinghttp://nakedape.cc * * * * Linux, UNIX, Networking and Security Solutions * * * * --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
RE: intergrate cyrus and postfix
On Fri, 4 Feb 2005, Kern, Tom wrote: I also keep getting this in my log- Feb 1 14:24:45 mta1 master[19838]: about to exec /usr/lib/cyrus-imapd/lmtpd Feb 2 16:45:39 mta1 master[31396]: about to exec /usr/lib/cyrus-imapd/lmtpd According to cyrus.conf, lmtp is in /var/lib/imap/socket/ and my mailbox_transport entry in main.cf reflects this. So, where is postfix getting the above path from? i checked master.cf and my trnasport file and there is no entry like that. The confusion here is that there is both a Cyrus and Postfix master process. The one in your logs above is the Cyrus master process exec'ing lmtpd, not Postfix. Andy --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Restrict IMAP usage to certain hosts
Hello, Frankly, I'd ask you to justify having to meet both conditions. If they can use Webmail, why not let them use a real client? That's what we do here at NCSU. That said, since you say you can meet condition 1, You might create a proxy user who does all logins from the Webmail service. Users would/should still have to authenticate to Webmail. After they do that the proxy user actually logs in to the IMAP server. This would probably take some work writing code on the webmail side of things though in order to make sure users don't do things to other users. Unless of course a webmail client already supports doing this. Regards, Earl Shannon Bart Boelaert wrote: Hello all, Cyrus IMAP relies on Cyrus SASL for authentication purposes. I now want to set-up the following configuration : 1) Certain users should be allowed IMAP access from any host, all other users should use POP3 2) IMAP access should be allowed for all users, when they check their e-mail via webmail (which retrieves the mail via IMAP). Webmail is installed on a web server located near the mail server. Currently saslauthd uses PAM and PAM connects to a MySQL database in order to verify the login credentials. There's also a PAM listfile that allows/denies access based on the service and username supplied by saslauthd (so, condition 1 is met). So far, I didn't succeed in meeting condition 2. I already discovered (correct me if I'm wrong) that the saslauthd does not pass the remote host to PAM. Filtering on the remote host via a listfile would otherwise have solved my problem. Can anyone give me an alternative for meeting both condition 1 and 2? Thanks in advance! Bart. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html -- Systems Programmer ,Information Technology Division NC State University. http://www.earl.ncsu.edu Anonymous child Some people can tell the time by looking at the sun, but I have trouble seeing the numbers. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Sieve Authentication Fails - Resolved
OK, I'm not sure why this works, but if I su to the unix account which matches the mailbox name of the mailbox I'm trying to run sieveshell for and it works just fine. I had assumed I could be running as root, or another account I use to manage stuff and just pass in the username with a -u parameter. I only tried this because I installed the avelsieve squirrelmail plugin. Once installed, the plugin worked fine, so I knew authentication worked with sieve. That's when it occurred to me to actually su to that unix account, and re-run sieveshell. Thanks for the help guys. Appreciate it. Dan From: Igor Brezac [EMAIL PROTECTED] To: Dan Perez [EMAIL PROTECTED] CC: info-cyrus@lists.andrew.cmu.edu Subject: Re: Sieve Authentication Fails Date: Fri, 4 Feb 2005 14:30:07 -0500 (EST) On Fri, 4 Feb 2005, Dan Perez wrote: It has --authname and it works fine. Check man pages. Igor --- Sorry, unless I'm misunderstanding something... that's not it. According to the man pages --authname let's you pass in a different username for authentication, it doesn't let you specify a mechanism... You are correct, you cannot pass a mechanism to sieveshell. I incorrectly assumed that --auth in cyradm is an authentication username. -- Igor --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Sieve Authentication Fails - Resolved
OK, I'm not sure why this works, but if I su to the unix account which matches the mailbox name of the mailbox I'm trying to run sieveshell for and it works just fine. I had assumed I could be running as root, or another account I use to manage stuff and just pass in the username with a -u parameter. I just tried it and it worked this way (as root): sieveshell --user=simix --authname=simix localhost Simon I only tried this because I installed the avelsieve squirrelmail plugin. Once installed, the plugin worked fine, so I knew authentication worked with sieve. That's when it occurred to me to actually su to that unix account, and re-run sieveshell. Thanks for the help guys. Appreciate it. Dan From: Igor Brezac [EMAIL PROTECTED] To: Dan Perez [EMAIL PROTECTED] CC: info-cyrus@lists.andrew.cmu.edu Subject: Re: Sieve Authentication Fails Date: Fri, 4 Feb 2005 14:30:07 -0500 (EST) On Fri, 4 Feb 2005, Dan Perez wrote: It has --authname and it works fine. Check man pages. Igor --- Sorry, unless I'm misunderstanding something... that's not it. According to the man pages --authname let's you pass in a different username for authentication, it doesn't let you specify a mechanism... You are correct, you cannot pass a mechanism to sieveshell. I incorrectly assumed that --auth in cyradm is an authentication username. -- Igor --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
IMAP password
Hi, I'm trying to setup users using cyradm, I tried # su cyrus # cyradm localhost I get prompted for IMAP password, I type in the cyrus password, but system says it is invalid. May I ask where should I set the password for cyrus? I already changed the default by # passwd cyrus Regards, Norman Zhang --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
IMAP Password
I'm trying to use cyradm localhost # su cyrus # cyradm localhost However it prompts me for the IMAP password. I tried the cyrus password, but didn't work. May I ask where do I set cyrus password? Regards, Norman Zhang --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Can't find /usr/lib/sasl2/smtpd.conf
I installed cyrus-sasl-2.1.19-5mdk on LM 10.1, but can't find /usr/lib/sasl2/smtpd.conf. Has something changed recently? Is smtpd.conf still needed? Regards, Norman Zhang --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Restrict IMAP usage to certain hosts
On Fri, 2005-02-04 at 16:01, Bart Boelaert wrote: Hello all, Cyrus IMAP relies on Cyrus SASL for authentication purposes. I now want to set-up the following configuration : 1) Certain users should be allowed IMAP access from any host, all other users should use POP3 2) IMAP access should be allowed for all users, when they check their e-mail via webmail (which retrieves the mail via IMAP). Webmail is installed on a web server located near the mail server. This could be easily met, by firewall rules, but you still want to allow some users to access IMAP directly. A possible solution may be to look at perdition http://www.vergenet.net/linux/perdition/ [snip] -- Edward Rudd [EMAIL PROTECTED] Website http://www.outoforder.cc/ --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
SASL Failed
I'm using cyrus-imapd-2.2.8-4.1.101mdk cyrus-sasl-2.1.19-5mdk cyrus-imapd-utils-2.2.8-4.1.101mdk When tyring cyradm localhost # su cyrus # cyradm localhost however cyrus' UNIX password does not work. I tried to create cyrus with saslpasswd2, but sasldblistusers2 returns listusers failed and no sasldb is created. /etc/sysconfig/saslauthd says SASL_AUTHMECH=pam. I also manually created /usr/local/lib/sasl2/smtpd.conf. pwcheck_method: saslauthd mech_list: plain login /etc/imapd.conf configdirectory: /var/lib/imap partition-default: /var/spool/imap admins: cyrus allowanonymouslogin: no deleteright: cyrus quotawarn: 90 sieveusehomedir: no sievedir: /var/lib/imap/sieve sendmail: /usr/sbin/sendmail hashimapspool: true sasl_pwcheck_method: auxprop sasl_mech_list: cram-md5 lmtp_admins: cyruslmtp lmtp_downcase_rcpt: yes tls_ca_file: /etc/ssl/cyrus-imapd/cacert.pem tls_cert_file: /etc/ssl/cyrus-imapd/cert.pem Regards, Norman Zhang --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html