Re: Sieve vacation extension recipient address matching
James Ralston wrote: On 2006-02-22 at 17:00-05 Ken Murchison [EMAIL PROTECTED] wrote: James Ralston wrote: Hmmm. From my read of the imapd.conf, I think this will do what I want: virtdomains: off defaultdomain: example.com I am understanding these options correctly? I.e, does the defaultdomain also apply to the recipient matching that Sieve's vacation extension performs? It probably won't help. Chances are that the domain is completely stripped off of the envelope recipient by the time the sieve script is executed. Because there is no way for lmtpd or Sieve to know what a user's email address is, you almost always have to use :addresses in the vacation action. You're right; using defaultdomain doesn't help. But this brings up an interesting point: why is Sieve matching against the envelope recipient address in the first place? Per draft-ietf-sieve-vacation-06.txt, address matching applies to the headers in the message (e.g.; To, CC), not to the envelope recipients. And while Sieve can't know for certain what the user's email address is, I think a reasonable default guess would be the username for the local-part and the default virtual domain for the domain. (I think that's the logic already, but I wasn't sure based on my quick read of the code.) So, I think this is really a bug in Sieve. If Sieve would perform the address matching against the headers instead of the envelope recipient, then I think this problem would be a lot less common. Thoughts? I wasn't clear. We *do* compare the recipient's email addresses against the recipients headers (To, Cc, etc). However, in the absence of the :addresses parameter, the only email address that we have for the recipient is the envelope RCPT TO address (which may or may not contain the domain). In other words, if you look at section 4.5 of draft-ietf-sieve-vacation-06, CMU Sieve uses points 1. and 2. -- Kenneth Murchison Systems Programmer Project Cyrus Developer/Maintainer Carnegie Mellon University Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
SOLVED Re: [2.3.1] Sieve daemon : closes connection at once on some conditions (?)
On Jeu 16 février 2006 17:51, Vincent Deffontaines a écrit : Ken Murchison wrote: Vincent Deffontaines wrote: Greetings, I am having a quite weird behaviour from the sieve daemon. I have in my config (SERVICES) : sieve cmd=timsieved listen=sieve prefork=0 The daemon listens fine on TCP port 2000. If I telnet to localhost on port 2000, I get : Trying 127.0.0.1... Connected to sexa-mail1.ecn.loc. Escape character is '^]'. IMPLEMENTATION Cyrus timsieved v2.3.1 SASL PLAIN SIEVE comparator-i;ascii-numeric fileinto reject vacation imapflags notify envelope relational regex subaddress copy STARTTLS OK Which I am happy with. If I telnet from another box from the same network (10.0.0.0/8), I get the same prompt. If I telnet to it from a host on another network (dmz - 192.168.X) : Trying 10.1.122.49... Connected to sexa-mail.ecn.loc. Escape character is '^]'. Connection closed by foreign host. The connection opens, and gets closed straight away. So this is not a firewall nor a routing problem. I get in the logs on the sieve server : Feb 15 23:20:25 sexa-mail1 master[26216]: about to exec /usr/cyrus/bin/timsieved Feb 15 23:20:25 myhost sieve[26216]: executed Feb 15 23:20:25 myhost sieve[26216]: telling master 2 Feb 15 23:20:25 myhost sieve[26216]: accepted connection Feb 15 23:20:25 myhost sieve[26216]: telling master 3 Feb 15 23:20:25 myhost master[17464]: service sieve pid 26216 in READY state: now unavailable and in BUSY state Feb 15 23:20:25 myhost master[17464]: service sieve now has 0 ready workers Feb 15 23:20:25 myhost master[17464]: service sieve pid 26216 in BUSY state: now serving connection Feb 15 23:20:25 myhost master[17464]: service sieve now has 0 ready workers Feb 15 23:20:25 myhost master[17464]: process 26216 exited, status 0 Feb 15 23:20:25 myhost master[17464]: service sieve now has 0 ready workers So the process just closes the connection and exits with status 0. Is there some config option that I don't know of? Is there something obvious I am not seeing? Why is there no prompt when connecting from that host? Are you using TCP wrappers or something? Is some other process (xinetd) listening on port 2000? Not using TCP wrappers (well hosts.allow and hosts.deny are both empty). And it is cyrus that listens on port 2000 : tcp0 0 0.0.0.0:20000.0.0.0:* LISTEN 17464/master Vincent I have found out what happens. This is in no way a Cyrus problem. Tcpdumping -xx on both server and client has shown that the Sieve server was sending the Greeting banner, just before a connection being reset by the firewall. The client was never receiving the banner. I guess that's what one gets (and deserves) for using a WinGate firewall :-P Weirdly enough, the wingate firewall breaks the sieve protocol on port 2000, but not on port 2001. Of couse, nothing in the filtering rules reflects that. However, I thought I'd just post this info, just in case other clueless wingate users wonder about weird things, and just to solve this problem in case anyone reads this thread later. Cheers, Vincent Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Setting seen while migrating?
I'm new to cyrus and migrating from UW-IMAP. The procedures at http://www.onid.orst.edu/docs/technical/cyrusmigration.shtml look like they should do the job. I'm wondering if there is a way to save the seen state? Should be easy to scan messages for Status: RO and then flag as seen. Is there a way to set a message as seen? I only have about 150 accounts and 10gb of mail so can afford a little less efficient method. If one has to do this as the user need to be able to deal with authorization. Thanks John -- John McMonagle IT Manager Advocap Inc. Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Setting seen while migrating?
On Thu, 2006-02-23 at 09:16 -0600, John McMonagle wrote: I'm new to cyrus and migrating from UW-IMAP. The procedures at http://www.onid.orst.edu/docs/technical/cyrusmigration.shtml look like they should do the job. I'm wondering if there is a way to save the seen state? Should be easy to scan messages for Status: RO and then flag as seen. Is there a way to set a message as seen? I only have about 150 accounts and 10gb of mail so can afford a little less efficient method. If one has to do this as the user need to be able to deal with authorization. I've used the perl program called imapsync - worked nicely. Craig Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Setting seen while migrating?
Craig White wrote: On Thu, 2006-02-23 at 09:16 -0600, John McMonagle wrote: I'm new to cyrus and migrating from UW-IMAP. The procedures at http://www.onid.orst.edu/docs/technical/cyrusmigration.shtml look like they should do the job. I'm wondering if there is a way to save the seen state? Should be easy to scan messages for Status: RO and then flag as seen. Is there a way to set a message as seen? I only have about 150 accounts and 10gb of mail so can afford a little less efficient method. If one has to do this as the user need to be able to deal with authorization. I've used the perl program called imapsync - worked nicely. Craig Did a couple tests. Looks like it can do it, but creates a new problem. Need passwords for all users. On the cyrus side can temporarily set sasl_pwcheck_method: allwaystrue. Need some way to get into the uw-imap side. The uw-imap side uses pam via ldap. Thinking of a couple possibilities: pam_rhosts_auth allow from just from new server. pam_userdb and create a database for the project. pam_permit and restrict in hosts.allow or iptables. Prefer something that allows doing some test runs with without restricting user access. Also that would help with the the speed problem as I could run it overnight before the switch and then run again after stopping incoming mail and user access. Any thoughts? John begin:vcard fn:John McMonagle n:McMonagle;John org:Advocap inc email;internet:[EMAIL PROTECTED] title:IT manager x-mozilla-html:FALSE url:http://www.advocap.org version:2.1 end:vcard Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
AW: ipurge error
Hey! :) Von: Scott Russell [mailto:[EMAIL PROTECTED] I try to reask you experts for the usage of the tool ipurge: dev:~# ipurge -f -d 0 user/miro/Test usage: ipurge [-f] [-s] [-C alt_config] [-x] [-X] [-i] {-d days | -b bytes|-k Kbytes|-m Mbytes} .. and so on dev:~# ipurge -f -d 0 user.miro.SPAM usage: ipurge [-f] [-s] [-C alt_config] [-x] [-X] [-i] {-d days | -b bytes|-k Kbytes|-m Mbytes} .. and so on So all of these don't work. What's wrong here? Seems odd. Are you running this as the cyrus admin user? I see a # prompt which leads me to think you may be running this as root. From your examples you're running with unixhierarchysep enabled. Have you tried running against user^micro^Test ? You're right! I didn't know this need to be executed under cyrus user... As root it won't work as expected. I have unixhierarchysep=yes but queries need to be named like: [EMAIL PROTECTED]:~$ /usr/sbin/ipurge -f -d 10 user/miro.md/Test In contrast to the root execution i see results of this query! [EMAIL PROTECTED]:~$ /usr/sbin/ipurge -f -d 10 user/miro.md/TEST Working on user.miro^md.TEST... total messages 1 total bytes 90459 Deleted messages 0 Deleted bytes0 Remaining messages 1 Remaining bytes 90459 Thanks! I don't run with unixhierarchysep so I'm not sure that's actually needed when passing mailbox names to the cyrus tools. If you aren't running withunixhierarchysep then you definitely should be using user.micro.Test and not user/micro/Test. -- Scott Russell [EMAIL PROTECTED] IBM Linux Technology Center +---+ +---+ | Miro Dietiker | | MD Systems Miro Dietiker | +---+ +---+ Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
reoccuring DBERRORs
Hello there, I'm running Debian Sarge with Cyrus 2.1.18 on an IBM xSeries Dual-Xeon with 8GB RAM and 450GB disks (ServeRaid controller, RAID5 w/ hot-spare). The machine serves 22000 accounts (mostly POP3, ca. 250 IMAP users) and has been running happily without any notable load for a year. When one of the RAID disks failed, the following rebuild, propably due to a not very sensible default setting in the RAID controller, caused the machine to stall. Authentication took forever and pop3d and imapd processes were piling up. The server had to be shutdown rather ungracefully making the various Cyrus DBs and some filesystems suffer. After a successfull RAID rebuild, filesystem checks and a longish cyrreconstruct run (7 hours) things seemed to be fine again. But since then the system is causing trouble on a daily basis with issues like these: cyrus/lmtpd[29054]: DBERROR: init /var/lib/cyrus/db: cyrusdb error cyrus/lmtpd[29054]: FATAL: lmtpd: unable to init duplicate delivery database cyrus/pop3d[29049]: DBERROR: init (TLS: /var/lib/cyrus/db): cyrusdb error cyrus/lmtpd[29070]: DBERROR: dbenv-open '/var/lib/cyrus/db' failed: DB_RUNRECOVERY: Fatal error, run database recovery Removing deliver.db and tls_cache.db between stopping and re-starting Cyrus has worked till now, but the same thing breaking again and again really starts to annoy me and the users. I've run cyrreconstruct. I've wandered through the mailing list archive and found countless posts mentioning DB errors, but no real solution. Documentation seems to be outdated, wrong, or non-existant. I feel lost. Is there *any* way to make this setup work again reliably or is there no other solution than to switch to a less fragile software?! Sincerely. -- 10 GB Mailbox, 100 FreeSMS/Monat http://www.gmx.net/de/go/topmail +++ GMX - die erste Adresse für Mail, Message, More +++ Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Setting seen while migrating?
Zachariah Mully wrote: On Thu, 2006-02-23 at 14:56 -0600, John McMonagle wrote: Did a couple tests. Looks like it can do it, but creates a new problem. Need passwords for all users. On the cyrus side can temporarily set sasl_pwcheck_method: allwaystrue. Need some way to get into the uw-imap side. The uw-imap side uses pam via ldap. Thinking of a couple possibilities: pam_rhosts_auth allow from just from new server. pam_userdb and create a database for the project. pam_permit and restrict in hosts.allow or iptables. Also, look at the postmaster UWIMAP login, I believe you can enable 'postmaster' as a super IMAP user. The only problem with this is that the su namespace is everything on the server, not just one user. Don't see anything about a uw-imap super user. Can't log in as root. Prefer something that allows doing some test runs with without restricting user access. Also that would help with the the speed problem as I could run it overnight before the switch and then run again after stopping incoming mail and user access. Any thoughts? imapsync can be run with the --dry switch, which won't copy anything. Depending on your UW setup (maildir, mbox, etc) you may or may not have problems with concurrent mailbox access. IME, bad things happen with mbox/UWIMAP/imapsync when the user logs in while a sync is being done. And if anybody uses Outlook 2000/2003, make sure to use --syncinternaldates or all the dates on the emails will be pooched in Outlook. I added the --syncinternaldates. Were a linux shop and have outlook disabled on all internal computers but some users use it from home. Boss would consider messing up outlook a plus ;-) John begin:vcard fn:John McMonagle n:McMonagle;John org:Advocap inc email;internet:[EMAIL PROTECTED] title:IT manager x-mozilla-html:FALSE url:http://www.advocap.org version:2.1 end:vcard Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: reoccuring DBERRORs
On 2/23/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: I've run cyrreconstruct. I've wandered through the mailing list archive and found countless posts mentioning DB errors, but no real solution. Documentation seems to be outdated, wrong, or non-existant. I feel lost. Is there *any* way to make this setup work again reliably or is there no other solution than to switch to a less fragile software?! Upgrade to version 2.2.12 and switch your databases to using skiplist works fairly reliably. -- Huaqing Zheng Beer and Code Wrangler at Large Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: reoccuring DBERRORs
Hello there, I'm running Debian Sarge with Cyrus 2.1.18 on an IBM xSeries Dual-Xeon with 8GB RAM and 450GB disks (ServeRaid controller, RAID5 w/ hot-spare). The machine serves 22000 accounts (mostly POP3, ca. 250 IMAP users) and has been running happily without any notable load for a year. When one of the RAID disks failed, the following rebuild, propably due to a not very sensible default setting in the RAID controller, caused the machine to stall. Authentication took forever and pop3d and imapd processes were piling up. The server had to be shutdown rather ungracefully making the various Cyrus DBs and some filesystems suffer. After a successfull RAID rebuild, filesystem checks and a longish cyrreconstruct run (7 hours) things seemed to be fine again. But since then the system is causing trouble on a daily basis with issues like these: cyrus/lmtpd[29054]: DBERROR: init /var/lib/cyrus/db: cyrusdb error cyrus/lmtpd[29054]: FATAL: lmtpd: unable to init duplicate delivery database cyrus/pop3d[29049]: DBERROR: init (TLS: /var/lib/cyrus/db): cyrusdb error cyrus/lmtpd[29070]: DBERROR: dbenv-open '/var/lib/cyrus/db' failed: DB_RUNRECOVERY: Fatal error, run database recovery Removing deliver.db and tls_cache.db between stopping and re-starting Cyrus has worked till now, but the same thing breaking again and again really starts to annoy me and the users. I've run cyrreconstruct. I've wandered through the mailing list archive and found countless posts mentioning DB errors, but no real solution. Documentation seems to be outdated, wrong, or non-existant. I feel lost. Is there *any* way to make this setup work again reliably or is there no other solution than to switch to a less fragile software?! I guess your cyrus configdirectory is /var/lib/cyrus. Then, did you try removing the transaction logs in /var/lib/cyrus/db after removing deliver.db and tls_cache.db? Simon Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html