Re: POP3 stops accepting connections?
Scott Bye wrote: An update - just done an strace, and it seems to be stalling sometimes when trying to read from /dev/random. I'm guessing that because /dev/random is fed from user input, when there is no user input - being a server - entropy runs low and the kernel blocks access. Sure enough, catting /dev/random reveals only the most pathetic amount of data. I've removed /dev/random and symlinked /dev/urandom instead. Is this likely to cause me any problems? http://acs-wiki.andrew.cmu.edu/twiki/bin/view/Cyrus/POP3DevRandomIssue -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: POP3 stops accepting connections?
On Fri, Apr 22, 2005 at 03:05:09AM +0100, Scott Bye wrote: > An update - just done an strace, and it seems to be stalling sometimes > when trying to read from /dev/random. I'm guessing that because > /dev/random is fed from user input, when there is no user input - > being a server - entropy runs low and the kernel blocks access. > > Sure enough, catting /dev/random reveals only the most pathetic amount > of data. I've removed /dev/random and symlinked /dev/urandom instead. > Is this likely to cause me any problems? I think so. I had the exact same problem on a server which just handles ssl/tls connections. SASL was changed to read from /dev/random by default. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: crypto mailbox
On Thu, Apr 21, 2005 at 11:11:48PM +0200, Natalino Picone wrote: > Hi all, > i was wondering if there is a way to crypt the user mail spool in order > to avoid that other users (root included) can read the user mailbox > content. Something like gpg encryption on the mail file. Any idea ? This means the cyrus-imap server would need access to the necessary key to decrypt the mailbox's contents before sending them to the client. And root would have access to that key as well. This would only work to avoid "accidental" email readings done by root. The best way is to make the user encrypt his/her own emails whenever needed. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: DB Errors
On Thu, Apr 21, 2005 at 03:05:31PM -0700, Daniel Hazelbaker wrote: > YDL 4.0 (This started a month or two after upgrading to YDL 4.0, can't > say if it is related) > cyrus-imapd 2.2.10 (release 3.yd4) > cyrus-sasl 2.1.18 (release 2.2) > db4 4.2.52 (release 3.1.ydl.1) Could you verify that this db4 package has the two official sleepycat patches applied? > compat-db 4.1.25 (release 2.1) Does anything use this one? ldd the cyrus-imapd binaries to make sure you are not using a mix of different DB4 versions. > If there is any other information I can give, please let me know. The > situation is getting bad, we are having to "service cyrus-imapd > restart" almost every morning (doing so fixes the problem until the > next morningish time). Do you have a DB_CONFIG file in /var/lib/imap/db/? It's needed for some installations. I have one with the following, it may get you started: # Sample BDB configuration file. # Please adjust as necessary! # See http://www.openldap.org/faq/data/cache/893.html for hints and tips # even if you are not using openldap. # cache # use "db4.2_stat -m" to measure cache performance # see http://www.sleepycat.com/docs/api_c/env_set_cachesize.html # syntax: gigabytes_of_cache additional_bytes_of_cache number_of_caches set_cachesize 0 524288 1 # buffer size for transaction log # The default of 32Kbytes is too small # see http://www.sleepycat.com/docs/api_c/env_set_lg_bsize.html set_lg_bsize 524288 # other options you may be interested in # set_lg_dir: configure a separate directory for the transaction logs # For optimum performance, these should reside on a different disk # see http://www.sleepycat.com/docs/api_c/env_set_lg_dir.html # set_lg_max: configure the maximum size of the transaction log file, in bytes # See http://www.sleepycat.com/docs/api_c/env_set_lg_max.html # Note that lg_max must at least be 4x the size of lg_bsize. The default is 10Mb. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: DB Errors
Thanks, I'll take a look and check on that. While I am doing so, here is the actual output from my log files showing the errors (grepped for DBERROR). We only have 74 mailboxes and my mail system is set to only deliver 5 messages at a time. Could this be a "locker" leak or something I am running into? Apr 21 14:32:24 kempis lmtpunix[6726]: DBERROR db4: 174 lockers Apr 21 14:37:05 kempis lmtpunix[7358]: DBERROR db4: 170 lockers Apr 21 14:48:33 kempis lmtpunix[9039]: DBERROR db4: 250 lockers Apr 21 14:48:37 kempis lmtpunix[9145]: DBERROR db4: 251 lockers Apr 21 14:50:12 kempis lmtpunix[9385]: DBERROR db4: 253 lockers Apr 21 14:50:12 kempis lmtpunix[9387]: DBERROR db4: 254 lockers Apr 21 14:50:19 kempis lmtpunix[9348]: DBERROR db4: 254 lockers Apr 21 14:50:19 kempis lmtpunix[9385]: DBERROR db4: 254 lockers Apr 21 14:50:23 kempis lmtpunix[9348]: DBERROR db4: 254 lockers Apr 21 14:50:24 kempis lmtpunix[9387]: DBERROR db4: 254 lockers Apr 21 14:50:27 kempis lmtpunix[9348]: DBERROR db4: 254 lockers Apr 21 14:50:27 kempis lmtpunix[9389]: DBERROR db4: 254 lockers Apr 21 15:27:06 kempis lmtpunix[10710]: DBERROR db4: 256 lockers Apr 21 15:27:06 kempis lmtpunix[10705]: DBERROR db4: 256 lockers Apr 21 15:46:55 kempis lmtpunix[11383]: DBERROR db4: 257 lockers Apr 21 15:46:55 kempis lmtpunix[11431]: DBERROR db4: 257 lockers Apr 21 15:46:55 kempis lmtpunix[11433]: DBERROR db4: 258 lockers Apr 21 16:50:53 kempis lmtpunix[14259]: DBERROR db4: 336 lockers Apr 21 16:50:53 kempis lmtpunix[14129]: DBERROR db4: 336 lockers Apr 21 16:52:26 kempis lmtpunix[14261]: DBERROR db4: 338 lockers Apr 21 16:52:26 kempis lmtpunix[14129]: DBERROR db4: 338 lockers Apr 21 16:52:26 kempis lmtpunix[14259]: DBERROR db4: 339 lockers Apr 21 16:52:57 kempis lmtpunix[14259]: DBERROR db4: 338 lockers Apr 21 21:08:23 kempis lmtpunix[23666]: DBERROR db4: 664 lockers Apr 21 21:55:18 kempis lmtpunix[24721]: DBERROR db4: 662 lockers Apr 21 21:55:21 kempis lmtpunix[24721]: DBERROR db4: 662 lockers Apr 21 21:55:21 kempis lmtpunix[24843]: DBERROR db4: 662 lockers Apr 22 01:36:01 kempis lmtpunix[31532]: DBERROR db4: 918 lockers Apr 22 01:36:01 kempis lmtpunix[31563]: DBERROR db4: 918 lockers Apr 22 01:36:01 kempis lmtpunix[31561]: DBERROR db4: 919 lockers Apr 22 01:36:01 kempis lmtpunix[31565]: DBERROR db4: 918 lockers Apr 22 01:49:44 kempis lmtpunix[31871]: DBERROR db4: 913 lockers Apr 22 01:49:54 kempis lmtpunix[31871]: DBERROR db4: 917 lockers Apr 22 07:22:44 kempis lmtpunix[10246]: DBERROR db4: 1248 lockers Apr 22 07:22:44 kempis lmtpunix[10250]: DBERROR db4: 1248 lockers Apr 22 07:22:44 kempis lmtpunix[10180]: DBERROR db4: 1249 lockers Apr 22 07:47:38 kempis lmtpunix[11081]: DBERROR db4: 1248 lockers Apr 22 08:31:24 kempis lmtpunix[13733]: DBERROR db4: 1331 lockers Apr 22 08:31:25 kempis lmtpunix[13612]: DBERROR db4: 1332 lockers Apr 22 08:31:25 kempis lmtpunix[13541]: DBERROR db4: 1333 lockers Apr 22 08:31:25 kempis lmtpunix[13562]: DBERROR db4: 1334 lockers Apr 22 08:31:25 kempis lmtpunix[13733]: DBERROR db4: 1332 lockers Apr 22 08:31:30 kempis lmtpunix[13541]: DBERROR db4: 1332 lockers Apr 22 08:31:30 kempis lmtpunix[13612]: DBERROR db4: 1333 lockers Apr 22 08:31:30 kempis lmtpunix[13340]: DBERROR db4: 1334 lockers Apr 22 08:31:37 kempis lmtpunix[13541]: DBERROR db4: 1332 lockers Apr 22 08:31:37 kempis lmtpunix[13340]: DBERROR db4: 1333 lockers Apr 22 08:31:37 kempis lmtpunix[13733]: DBERROR db4: 1333 lockers Apr 22 08:31:42 kempis lmtpunix[13612]: DBERROR db4: 1332 lockers Apr 22 08:31:42 kempis lmtpunix[13340]: DBERROR db4: 1333 lockers Apr 22 08:38:49 kempis lmtpunix[14249]: DBERROR db4: 1328 lockers Apr 22 08:38:49 kempis lmtpunix[14568]: DBERROR db4: 1328 lockers Apr 22 08:38:49 kempis lmtpunix[14284]: DBERROR db4: 1328 lockers Apr 22 09:00:12 kempis lmtpunix[16493]: DBERROR db4: Logging region out of memory; you may need to increase its size Apr 22 09:00:12 kempis lmtpunix[16493]: DBERROR: opening /var/lib/imap/deliver.db: Cannot allocate memory Apr 22 09:00:12 kempis lmtpunix[16493]: DBERROR: opening /var/lib/imap/deliver.db: cyrusdb error Apr 22 09:00:12 kempis lmtpunix[16494]: DBERROR db4: Logging region out of memory; you may need to increase its size Apr 22 09:00:12 kempis lmtpunix[16494]: DBERROR: opening /var/lib/imap/deliver.db: Cannot allocate memory Apr 22 09:00:12 kempis lmtpunix[16494]: DBERROR: opening /var/lib/imap/deliver.db: cyrusdb error On Apr 22, 2005, at 10:11 AM, Andreas Hasenack wrote: On Fri, Apr 22, 2005 at 09:36:35AM -0700, Daniel Hazelbaker wrote: On Apr 22, 2005, at 6:29 AM, Andreas Hasenack wrote: Could you verify that this db4 package has the two official sleepycat patches applied? I'll try to download the srpm and check. Which two official sleepycat patches are these - is there some name they would likely be under? They are here at sleepycat's site: http://www.sleepycat.com/update/4.1.25/patch.4.1.25.html --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
Default realm for cyrus imapd
With postfix and several other SASL aware applications, I can specify the default realm if none was passed with the login credentials, however AFACT Cyrus IMAPd does not provide this functionality.. It always uses the machines local hostname.. The reason I am needing this is that I am setting up a HA failover setup and need to specify the a "common" realm for both servers (ie. the domain) otherwise I'd have to maintain two separate sasldb files or have all the accounts in the sasldb twice, once for each domain. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: crypto mailbox
On Thu, 21 Apr 2005, Natalino Picone wrote: Hi all, i was wondering if there is a way to crypt the user mail spool in order to avoid that other users (root included) can read the user mailbox content. Something like gpg encryption on the mail file. Any idea ? I had an idea for this where basically you'd put a public key into an annotation on a mailbox, and all mail payloads (not the headers) would be encrypted. It breaks things like search, but has the benefit you want. But it's low on the list of things to do. You could do similar with a sendmail milter or somesuch. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: DB Errors
On Fri, Apr 22, 2005 at 09:36:35AM -0700, Daniel Hazelbaker wrote: > > On Apr 22, 2005, at 6:29 AM, Andreas Hasenack wrote: > > >Could you verify that this db4 package has the two official sleepycat > >patches applied? > > I'll try to download the srpm and check. Which two official sleepycat > patches are these - is there some name they would likely be under? They are here at sleepycat's site: http://www.sleepycat.com/update/4.1.25/patch.4.1.25.html --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
No ObIigation
Hello, [EMAIL PROTECTED] We tried to contact you earlier about f-inanc-ing your home at a better a p r We would like to let you know that we have gone ahead and started the p-re-app-roval process. Here are the results: Amount: $203,100 - $870,000 h: 3.72 - 6.91 to continue visit.. timelydelivery.info/mg/1 Scincerely Edgar T. Scofield .. to quit...visit... querysearchis.info/r
Re: DB Errors
On Apr 22, 2005, at 6:29 AM, Andreas Hasenack wrote: Could you verify that this db4 package has the two official sleepycat patches applied? I'll try to download the srpm and check. Which two official sleepycat patches are these - is there some name they would likely be under? compat-db 4.1.25 (release 2.1) Does anything use this one? ldd the cyrus-imapd binaries to make sure you are not using a mix of different DB4 versions. [EMAIL PROTECTED] cyrus-imapd]# ldd imapd libdb-4.2.so => /lib/tls/libdb-4.2.so (0x0fc8f000) [EMAIL PROTECTED] cyrus-imapd]# ls -l /lib/tls/libdb-4.2.so -rwxr-xr-x 1 root root 909884 May 31 2004 /lib/tls/libdb-4.2.so [EMAIL PROTECTED] cyrus-imapd]# ls -l /lib/libdb-4.2.so -rwxr-xr-x 1 root root 909836 May 31 2004 /lib/libdb-4.2.so I just double checked, both files are from the db4 rpm. Do you have a DB_CONFIG file in /var/lib/imap/db/? It's needed for some installations. I have one with the following, it may get you started: I did until the other day. I did not originally, then saw a couple references in the archives of this list to DB_CONFIG and loaded it in. I took it out the other day to see if it made a difference again (so far it hasn't), and in reply to your other message, yes I did run db_recover. Even have had it in place after "nuking" the db files to let it rebuild from scratch. Daniel --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: emails of multiple domain on one IMAP server
On Tue, 19 Apr 2005 16:21:44 -0400, Anthony Tibbs <[EMAIL PROTECTED]> wrote: Hello George, to fetch mail from a server you can use fetchmail and hand that mail to cyrus. I am not sure if you can hand it directly to cyrus or pass it first to an MTA like postfix which delivers email to cyrus. Ulf Assuming you have no "intermediary" processing via Postfix that you actually want to happen (for virus scans or what have you), Fetchmail can deliver directly to cyrus via lmtp. That's how I have it setup here... Hi, Thnx It works now with lmtp :) But now I'd like to deliver the incoming mail not to the INBOX, but to another folder. Can I do it with this solution? Can procmail be used in this case (without postfix)? By the way I tried it also through postfix, but the mail was always bounced: fetchmail poll 'server' protocol POP3 user 'x' there with password 'x' is test here warnings 3600 So I have the user test on the cyrus server (auth throug ldap) But it wasn't delivered to cyrus throug postfix mail log Apr 22 15:27:30 wien postfix/smtp[30108]: CF2BD164E1: to=<[EMAIL PROTECTED]>, orig_to=<[EMAIL PROTECTED]>, relay=smtp.etixpert.com[62.99.194.14], delay=1, status=bounced (host smtp.etixpert.com[62.99.194.14] said: 550 unrouteable address: [EMAIL PROTECTED] (in reply to RCPT TO command)) So I don't know how I can do so that the domain (sprcified in the main.cf) isn't appended to the test user... Or what did I do wrong? Thnx George -- Using Opera's revolutionary e-mail client: http://www.opera.com/m2/ --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: DB Errors
On Fri, Apr 22, 2005 at 10:29:31AM -0300, Andreas Hasenack wrote: > Do you have a DB_CONFIG file in /var/lib/imap/db/? It's needed for some > installations. I have one with the following, it may get you started: Forgot to tell: after changing these parameters in DB_CONFIG, you have to run a db_recover on the database directory to apply them. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
