Re: pop3 CLOSE_WAIT hang
On Tue, 3 Apr 2007, tloudev wrote: hi, I have serious problem with my cyrus21 (debian sarge 2.1.18-1) - I have hundreds of connectin in CLOSE_WAIT state. I can telnet to port 110 , but sometimes I can't even get the banner of the service. I tried to increase maxchild (now -1 - unlimited), I tried babysit, increasing maxfds up to 2000 etc, but it still doesn't kick out the CLOSE_WAIT state connections. Any suggestion? Thank you Ondrej Pachner I don't run POP here, but you might search the mailing list archives for information about running out of entropy for POP (using /dev/urandom instead of /dev/random). If I remember correctly, each POP connection requires a certain amount of entropy from /dev/random. When you run out of available entropy, POP will hang waiting for more. The list archives should have some more information, or hopefully someone else can chime in. :) Andy Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Murder / frontend does not connect to backend
On Tue, 3 Apr 2007, [EMAIL PROTECTED] wrote: Hello, I'm setting up a cyrus murder in a lab and I'm facing a problem. The architecture is quite simple : 1 frontend, 1 backend and a mupdate master We are using cyrus 2.2.13-10 on Debian etch. The Mupdate seems OK, I can LIST from everywhere. If I create a mailbox on the backend I can see it with mupdatetest on the frontend quickly. But I cannot make a single IMAP SELECT command on the frontend. This problem can be tracked with cyradm. When I try to create a mailbox. I've this strange message and there is NO trafic between frontend and backend. The same message arises when connecting with a IMAP client localhost> cm user.user1.tutu createmailbox: Server(s) unavailable to complete operation Log line associated : Mar 23 00:01:31 proxy1 cyrus/proxyd[12155]: connect(default) failed: Invalid argument --- But if I try to delete a mailbox I can see trafic between front and back servers. So my (maybe first) question is : Why there is no communication when connecting to IMAP ? What does mean "connect(default) failed: Invalid argument" in the log Everything I found was related to authentication but this does not seem an issue in my setup. Thanks in advance In my experience, you cannot create a mailbox when connected to a frontend server. Your environment with 1 backend makes it seem silly, but in the case with multiple backends you would need some way to specify where to create the mailbox. In our case, our script randomly picks a backend, connects to it, and creates the mailbox. Andy Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Murder / frontend does not connect to backend
Hello, I'm setting up a cyrus murder in a lab and I'm facing a problem. The architecture is quite simple : 1 frontend, 1 backend and a mupdate master We are using cyrus 2.2.13-10 on Debian etch. The Mupdate seems OK, I can LIST from everywhere. If I create a mailbox on the backend I can see it with mupdatetest on the frontend quickly. But I cannot make a single IMAP SELECT command on the frontend. This problem can be tracked with cyradm. When I try to create a mailbox. I've this strange message and there is NO trafic between frontend and backend. The same message arises when connecting with a IMAP client localhost> cm user.user1.tutu createmailbox: Server(s) unavailable to complete operation Log line associated : Mar 23 00:01:31 proxy1 cyrus/proxyd[12155]: connect(default) failed: Invalid argument --- But if I try to delete a mailbox I can see trafic between front and back servers. So my (maybe first) question is : Why there is no communication when connecting to IMAP ? What does mean "connect(default) failed: Invalid argument" in the log Everything I found was related to authentication but this does not seem an issue in my setup. Thanks in advance -- Arnaud Brugnon Opensquad Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Plain text dump of cyrus.index?
On Sun, Apr 01, 2007 at 07:30:11PM -0400, Miller, Greg wrote: > Hello, > > > > I found myself in a the situation where I need to do the opposite of a > reconstruct on my mailboxes. That is, instead of rebuilding the cyrus.* > files to reflect the messages on the file system, I want to query the > cyrus.* files to see which message files are indexed, and then delete > any extraneous message files on the file system. > > > > My first step is to find a utility that can dump cyrus.index so that I > can determine which message file are valid, and therefore should not be > deleted. This isn't a utility as such, but still: #!/usr/bin/perl require 'IndexFile.pm'; my $path = shift; my $index = Cyrus::IndexFile->new_file($path); while (my $record = $index->next_record()) { print "$record->{Uid}\n"; } I've written enough little tools to unpack parts of the index file that I got sick of it and just wrote something that can pack and unpack the whole thing! Yay for evil little perl utilities. It's not safe against index file format changes, but it's quite extensible in that case, just add some more formats to the start of the file :) Bron. #!/usr/bin/perl -c # Package to handle Cyrus Index files (version 9 only) package Cyrus::IndexFile; use strict; use warnings; use IO::File; use IO::Handle; use File::Temp; use Data::Dumper; # Set up header and record formatting information {{{ my $VersionFormats = { 9 => { HeaderSize => 96, HeaderFields => _make_fields(< 80, # defined in file too, check it! RecordFields => _make_fields(< $version }, ref($class) || $class; if (my $frm = $VersionFormats->{$version}) { $Self->{format} = $frm; my $rest; sysread($handle, $rest, $frm->{HeaderSize} - 12); $buf .= $rest; } $Self->{rawheader} = $buf; $Self->{header} = $Self->parse_header($buf); $Self->{records_done} = 0; $Self->{handle} = $handle; return $Self; } sub new_file { my $class = shift; my $file = shift; my $fh = IO::File->new("< $file") || die "Can't open $file for read: $!"; return $class->new($fh); } sub header { my $Self = shift; my $Field = shift; if ($Field) { return $Self->{header}{$Field}; } return $Self->{header}; } sub next_record { my $Self = shift; my $RecordSize = $Self->header('RecordSize'); my $Exists = $Self->header('Exists'); if ($Self->{records_done} < $Exists) { my $buf; sysread($Self->{handle}, $buf, $RecordSize); $Self->{records_done}++; my $rec = $Self->parse_record($buf); $Self->{rawrecord} = $buf; $Self->{record} = $rec; return $rec; } else { delete $Self->{rawrecord}; delete $Self->{record}; return undef; # no more records! } } sub record { my $Self = shift; my $Field = shift; return undef unless ($Self->{record}); if ($Field) { return $Self->{record}{$Field}; } return $Self->{record}; } sub write_header { my $Self = shift; my $fh = shift; my $header = shift; my $buf = $Self->make_header($header); syswrite($fh, $buf); } sub write_record { my $Self = shift; my $fh = shift; my $record = shift; my $buf = $Self->make_record($record); syswrite($fh, $buf); } # SOMEWHAT INTERNAL METHODS sub make_header { my $Self = shift; my $ds = shift; my @parts; foreach my $item (@{$Self->{format}{HeaderFields}}) { my $res = convert_to($item->[1], $ds->{$item->[0]}); unless (length($res) == $item->[2]) { # bytes? die "Incorrect length for $item->[0] ($ds->{$item->[0]}) ($res)" . length($res); } push @parts, $res; } my $res = join('', @parts); unless (length($res) == $Self->{format}{HeaderSize}) { die "Header length mismatch! " . length($res); } # XXX - check length.. return $res; } sub make_record { my $Self = shift; my $ds = shift; my @parts; foreach my $item (@{$Self->{format}{RecordFields}}) { my $res = convert_to($item->[1], $ds->{$item->[0]}); push @parts, $res; } my $res = join('', @parts); unless (length($res) == $Self->{format}{RecordSize}) { die "Record length mismatch!"; } # XXX - check length.. return $res; } sub parse_header { my $Self = shift; my $buf = shift; my $base = 0; my %res; foreach my $item (@{$Self->{format}{HeaderFields}}) { my $raw = substr($buf, $base, $item->[2]); $base += $item->[2]; $res{$item->[0]} = convert_from($item->[1], $raw); } return \%res; } sub parse_record { my $Self = shift; my $buf = shift; # this checks that the parsed size matches the expected size :) unless (length($buf) == $Self->{format}{RecordSize}) { die "Mismatched record length\n"; } my $base = 0; my %res; foreach my $item (@{$Self->{format}{RecordFields}}) { my $raw = substr($buf, $base, $item->[2]); $base += $item->[2]; $res{$item->[0]} = convert_from($item->[1], $raw); } return \%res; } sub convert_from { my $format = shift; my $item = shift; if ($format eq 'i
Re: Bare newlines problem
--On Tuesday, April 3, 2007 13:27 +0200 Paul van der Vlis <[EMAIL PROTECTED]> wrote: Hello, When I move a message to another mailbox, I get a warning about bare newlines. How can I remove these bare newlines? It's a big message with foto's, 3.5 MB. I am not sure this warning is correct. I allready tried a perl-script of Joseph Brennan what I found in this list, but it did not change the message (checked with diff). The script prepares mbox-format mailboxes for mailutil, which complains if there are CR characters (\015) in the mbox-format files. It changes CRLF to LF and then changes remaining CR to LF. Bare LF is normal for unix files. Are you sure it says "bare newlines"? Newline is an ambiguous term. Joseph Brennan Lead Email Systems Engineer Columbia University Information Technology Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Bare newlines problem
Hello, When I move a message to another mailbox, I get a warning about bare newlines. How can I remove these bare newlines? It's a big message with foto's, 3.5 MB. I am not sure this warning is correct. I allready tried a perl-script of Joseph Brennan what I found in this list, but it did not change the message (checked with diff). -- while(<>) { # The \000 character (NUL) is not allowed if ($line =~ s/\000//g) { print STDERR "WARNING: Removing NUL\n"; } # Change CRLF or bare CR to LF $endcr = $midcr = 0; $endcr++ if ($line =~ s/\015$//g); # \n already there $midcr++ if ($line =~ s/\015/\n/g); # add \n if ($endcr || $midcr) { print STDERR "WARNING: Correcting CR characters\n"; } print; } - With regards, Paul van der Vlis. -- http://www.vandervlis.nl/ Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: how to configure sieve to start STARTTLS ?
On Tue, 2007-04-03 at 14:55 +0530, JOYDEEP wrote: > Rudy Gevaert wrote: > > JOYDEEP wrote: > >> Dear list, > >> > >> after implementing the imaps , I need to configure sieve to start > >> STARTTLS. > >> > >> sivtest -a aftab -u aftab linux.kolkatainfoservices.in -m LOGIN -t > >> "" > >> > >> is working well. is there any config file for sieve so that I can force > >> sieve to start STARTTLS ? bcoz I am using sieve from a web-based email > >> client called felamimail. > > > > I'm not sure what you are trying to say, because it is the client that > > has to issue STARTTLS, and not the server. The server just advertises > > his capabilities. E.g. TLS > > OK Rudy, thanks for your hints. I think I must be more verbose here. > > I have imaps. whenever I try to use sieve from felamimail web mail > client it reports > > --- > Apr 3 14:51:12 linux slapd[4169]: conn=727 op=0 RESULT tag=97 err=0 text= > Apr 3 14:51:12 linux master[10304]: about to exec > /usr/lib/cyrus/bin/timsieved > Apr 3 14:51:12 linux sieve[10304]: executed > Apr 3 14:51:12 linux sieve[10304]: accepted connection > Apr 3 14:51:12 linux sieve[10304]: badlogin: > linux.kolkatainfoservices.in[127.0.0.1] PLAIN encryption needed to use > mechanism Sorry for interruption ;) In the log you can see that: 1. Using sivtest with LOGIN mechanism and TLS you are able to connect to timsievd. (IT IS NOT IMAP - SIEVE !=IMAP). 2. Using PLAIN mechanism and with NO TLS the felamimail failed to connect to timsievd. It says to you: If you want PLAIN then encryption is required Conclusion: You need to configure __felamimail__ to use STARTTLS for sieve connections. On the cyrus side everything is OK (so far). Regards, Olaf -- Olaf Fraczyk <[EMAIL PROTECTED]> NAVI Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
sieve is working with allowplaintext: yes
OK list, finally I have solved it. in /etc/imapd.cong I have modified allowplaintext: yes sasl_minimum_layer: 0 sasl_mech_list: LOGIN PLAIN and now sieve is working well. but I like to know how [allowplaintext: yes] can effect my security than [allowplaintext: no] ? thanks Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: how to configure sieve to start STARTTLS ?
JOYDEEP wrote: Rudy Gevaert wrote: JOYDEEP wrote: Dear list, after implementing the imaps , I need to configure sieve to start STARTTLS. sivtest -a aftab -u aftab linux.kolkatainfoservices.in -m LOGIN -t "" is working well. is there any config file for sieve so that I can force sieve to start STARTTLS ? bcoz I am using sieve from a web-based email client called felamimail. I'm not sure what you are trying to say, because it is the client that has to issue STARTTLS, and not the server. The server just advertises his capabilities. E.g. TLS OK Rudy, thanks for your hints. I think I must be more verbose here. More verbose means you add the relevant parts of your imapd.conf and cyrus.conf. I can't guess what you have in them. I have imaps. whenever I try to use sieve from felamimail web mail client it reports --- Apr 3 14:51:12 linux slapd[4169]: conn=727 op=0 RESULT tag=97 err=0 text= Apr 3 14:51:12 linux master[10304]: about to exec /usr/lib/cyrus/bin/timsieved Apr 3 14:51:12 linux sieve[10304]: executed Apr 3 14:51:12 linux sieve[10304]: accepted connection Apr 3 14:51:12 linux sieve[10304]: badlogin: above is all syslog linux.kolkatainfoservices.in[127.0.0.1] PLAIN encryption needed to use mechanism this is from the same syslog. What generated that output? If I manually test with the command sivtest -a aftab -u aftab linux.kolkatainfoservices.in -m LOGIN -t "" it runs successfully. the log reports Apr 3 14:54:33 linux imaps[10364]: login: linux.kolkatainfoservices.in [127.0.0.1] aftab LOGIN+TLS User logged in -- so here i need something so that sieve can work with imaps. Sieve and imap are two DIFFERENT protocols. They don't have anything to do with each other. Like I and others have said. When you configure your cyrus.conf to start timesieved it listens on a port that is different from the port imap(s) listens on. I don't think you can use the LOGIN mechanism to login to timesieved. I don't know what mechanism your webmail uses to login to timesieved. Does it use PLAIN? LOGIN? Or even something else. Does it need TLS? Does it support TLS? If you have an answers to does questions configure sieve to support them. Btw I have in mine imapd.conf allowplaintext: 0 And that disables sending a password not encryped over the wire for imap and sieve. (I think lmtp has to be preauthed, I'm using it that way). Also I can say you can't run sieve over ssl natively by cyrus. I have set up a second imapd.conf with in it the same as in my other imapd.conf except: allowplaintext: 1 and I have two timsieved's running in my cyrus.conf: sieve cmd="/usr/cyrus/bin/timsieved -C /mail/mail1/etc/imapd.conf" listen="mail1.ugent.be:sieve" prefork=0 lsievecmd="/usr/cyrus/bin/timsieved -C /mail/mail1/etc/imapd_local_sieve.conf" listen="localhost:sieve" prefork=0 I then have set up an stunnel that redirects port 4000 to the sieve on localhost:sieve. Users can then use sieve over ssl. (In fact the only user is our webmail client that supports sieve over ssl, but not sieve+tls). Also note that I'm advertising only PLAIN in my sasl_mech_list. I'm not advertising "LOGIN" because setting allowplaintext:0 will disable LOGIN. See http://cyrusimap.web.cmu.edu//imapd/overview.html#login Rudy thanks Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Rudy Gevaert [EMAIL PROTECTED] tel:+32 9 264 4734 Directie ICT, afd. Infrastructuur ICT Department, Infrastructure office Groep SystemenSystems group Universiteit Gent Ghent University Krijgslaan 281, gebouw S9, 9000 Gent, Belgie www.UGent.be -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: how to configure sieve to start STARTTLS ?
Olaf Fraczyk wrote: > On Tue, 2007-04-03 at 14:16 +0530, JOYDEEP wrote: > >> Olaf Fraczyk wrote: >> >>> On Tue, 2007-04-03 at 12:27 +0530, JOYDEEP wrote: >>> >>> Dear list, after implementing the imaps , I need to configure sieve to start STARTTLS. sivtest -a aftab -u aftab linux.kolkatainfoservices.in -m LOGIN -t "" is working well. is there any config file for sieve so that I can force sieve to start STARTTLS ? bcoz I am using sieve from a web-based email client called felamimail. >>> Man, sending the same message 3 times will not help you to get an >>> answer. Just opposite - people will start ignoring you. >>> >>> Read some book about SSL TLS etc. If you want to use it, you need to >>> understand it a little. >>> How do you want to force a server to "start STARTTLS"? It's not server's >>> job. Read the previous mails about imaps. >>> >>> >> sorry to say that I have not found any solution yet :-( >> > > Briefly (not technically 100% accurate :): > 1. SSL/TLS - you get secure connection from beginning. Both client and > server must know that SSL is to be used before a connection is made. > 2. STARTTLS - you use normal connection. At some point the __client__ > decides that it wants to secure the traffic. So the client issues > STARTTLS and negotiates secure connection. The server needs to support > this (the client either knows it from elsewhere or is told about this > fact by server earlier). Look at http://tools.ietf.org/html/rfc3207 (it > is about SMTP over TLS but it describes the basic idea). > 3. If you have a server that is unable to do point 1. you may use > stunnel. But the client side needs to support this too. > > Thanks a lot for the clarification. > Regards, > > Olaf > > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: how to configure sieve to start STARTTLS ?
On Tue, 2007-04-03 at 14:16 +0530, JOYDEEP wrote: > Olaf Fraczyk wrote: > > On Tue, 2007-04-03 at 12:27 +0530, JOYDEEP wrote: > > > >> Dear list, > >> > >> after implementing the imaps , I need to configure sieve to start STARTTLS. > >> > >> sivtest -a aftab -u aftab linux.kolkatainfoservices.in -m LOGIN -t > >> "" > >> > >> is working well. is there any config file for sieve so that I can force > >> sieve to start STARTTLS ? bcoz I am using sieve from a web-based email > >> client called felamimail. > >> > > Man, sending the same message 3 times will not help you to get an > > answer. Just opposite - people will start ignoring you. > > > > Read some book about SSL TLS etc. If you want to use it, you need to > > understand it a little. > > How do you want to force a server to "start STARTTLS"? It's not server's > > job. Read the previous mails about imaps. > > > > sorry to say that I have not found any solution yet :-( Briefly (not technically 100% accurate :): 1. SSL/TLS - you get secure connection from beginning. Both client and server must know that SSL is to be used before a connection is made. 2. STARTTLS - you use normal connection. At some point the __client__ decides that it wants to secure the traffic. So the client issues STARTTLS and negotiates secure connection. The server needs to support this (the client either knows it from elsewhere or is told about this fact by server earlier). Look at http://tools.ietf.org/html/rfc3207 (it is about SMTP over TLS but it describes the basic idea). 3. If you have a server that is unable to do point 1. you may use stunnel. But the client side needs to support this too. Regards, Olaf -- Olaf Fraczyk <[EMAIL PROTECTED]> NAVI Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: how to configure sieve to start STARTTLS ?
Rudy Gevaert wrote: > JOYDEEP wrote: >> Dear list, >> >> after implementing the imaps , I need to configure sieve to start >> STARTTLS. >> >> sivtest -a aftab -u aftab linux.kolkatainfoservices.in -m LOGIN -t >> "" >> >> is working well. is there any config file for sieve so that I can force >> sieve to start STARTTLS ? bcoz I am using sieve from a web-based email >> client called felamimail. > > I'm not sure what you are trying to say, because it is the client that > has to issue STARTTLS, and not the server. The server just advertises > his capabilities. E.g. TLS OK Rudy, thanks for your hints. I think I must be more verbose here. I have imaps. whenever I try to use sieve from felamimail web mail client it reports --- Apr 3 14:51:12 linux slapd[4169]: conn=727 op=0 RESULT tag=97 err=0 text= Apr 3 14:51:12 linux master[10304]: about to exec /usr/lib/cyrus/bin/timsieved Apr 3 14:51:12 linux sieve[10304]: executed Apr 3 14:51:12 linux sieve[10304]: accepted connection Apr 3 14:51:12 linux sieve[10304]: badlogin: linux.kolkatainfoservices.in[127.0.0.1] PLAIN encryption needed to use mechanism --- If I manually test with the command sivtest -a aftab -u aftab linux.kolkatainfoservices.in -m LOGIN -t "" it runs successfully. the log reports Apr 3 14:54:33 linux imaps[10364]: login: linux.kolkatainfoservices.in [127.0.0.1] aftab LOGIN+TLS User logged in -- so here i need something so that sieve can work with imaps. > > Btw I have in mine imapd.conf > allowplaintext: 0 > > And that disables sending a password not encryped over the wire for > imap and sieve. (I think lmtp has to be preauthed, I'm using it that > way). > > Also I can say you can't run sieve over ssl natively by cyrus. I have > set up a second imapd.conf with in it the same as in my other > imapd.conf except: > allowplaintext: 1 > and I have two timsieved's running in my cyrus.conf: > sieve cmd="/usr/cyrus/bin/timsieved -C > /mail/mail1/etc/imapd.conf" listen="mail1.ugent.be:sieve" prefork=0 > lsievecmd="/usr/cyrus/bin/timsieved -C > /mail/mail1/etc/imapd_local_sieve.conf" listen="localhost:sieve" > prefork=0 > > I then have set up an stunnel that redirects port 4000 to the sieve on > localhost:sieve. Users can then use sieve over ssl. (In fact the > only user is our webmail client that supports sieve over ssl, but not > sieve+tls). > > Also note that I'm advertising only PLAIN in my sasl_mech_list. I'm > not advertising "LOGIN" because setting allowplaintext:0 will disable > LOGIN. See http://cyrusimap.web.cmu.edu//imapd/overview.html#login > > > Rudy > >> >> thanks >> >> >> Cyrus Home Page: http://cyrusimap.web.cmu.edu/ >> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki >> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html >> >> >> >> Cyrus Home Page: http://cyrusimap.web.cmu.edu/ >> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki >> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: how to configure sieve to start STARTTLS ?
Olaf Fraczyk wrote: > On Tue, 2007-04-03 at 12:27 +0530, JOYDEEP wrote: > >> Dear list, >> >> after implementing the imaps , I need to configure sieve to start STARTTLS. >> >> sivtest -a aftab -u aftab linux.kolkatainfoservices.in -m LOGIN -t >> "" >> >> is working well. is there any config file for sieve so that I can force >> sieve to start STARTTLS ? bcoz I am using sieve from a web-based email >> client called felamimail. >> > Man, sending the same message 3 times will not help you to get an > answer. Just opposite - people will start ignoring you. > > Read some book about SSL TLS etc. If you want to use it, you need to > understand it a little. > How do you want to force a server to "start STARTTLS"? It's not server's > job. Read the previous mails about imaps. > sorry to say that I have not found any solution yet :-( > If you had spent just 5 minutes using google you would have found that > sieve supports only STARTTLS. If you want to force encrypted connection > you need to use stunnel. Probably you would also want to disable foreign > traffic to unencrypted sieve port using iptables. > > > Regards, > > Olaf > > > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: how to configure sieve to start STARTTLS ?
On Tue, 2007-04-03 at 12:27 +0530, JOYDEEP wrote: > Dear list, > > after implementing the imaps , I need to configure sieve to start STARTTLS. > > sivtest -a aftab -u aftab linux.kolkatainfoservices.in -m LOGIN -t > "" > > is working well. is there any config file for sieve so that I can force > sieve to start STARTTLS ? bcoz I am using sieve from a web-based email > client called felamimail. Man, sending the same message 3 times will not help you to get an answer. Just opposite - people will start ignoring you. Read some book about SSL TLS etc. If you want to use it, you need to understand it a little. How do you want to force a server to "start STARTTLS"? It's not server's job. Read the previous mails about imaps. If you had spent just 5 minutes using google you would have found that sieve supports only STARTTLS. If you want to force encrypted connection you need to use stunnel. Probably you would also want to disable foreign traffic to unencrypted sieve port using iptables. Regards, Olaf -- Olaf Fraczyk <[EMAIL PROTECTED]> NAVI Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: how to configure sieve to start STARTTLS ?
JOYDEEP wrote: Dear list, after implementing the imaps , I need to configure sieve to start STARTTLS. sivtest -a aftab -u aftab linux.kolkatainfoservices.in -m LOGIN -t "" is working well. is there any config file for sieve so that I can force sieve to start STARTTLS ? bcoz I am using sieve from a web-based email client called felamimail. I'm not sure what you are trying to say, because it is the client that has to issue STARTTLS, and not the server. The server just advertises his capabilities. E.g. TLS Btw I have in mine imapd.conf allowplaintext: 0 And that disables sending a password not encryped over the wire for imap and sieve. (I think lmtp has to be preauthed, I'm using it that way). Also I can say you can't run sieve over ssl natively by cyrus. I have set up a second imapd.conf with in it the same as in my other imapd.conf except: allowplaintext: 1 and I have two timsieved's running in my cyrus.conf: sieve cmd="/usr/cyrus/bin/timsieved -C /mail/mail1/etc/imapd.conf" listen="mail1.ugent.be:sieve" prefork=0 lsievecmd="/usr/cyrus/bin/timsieved -C /mail/mail1/etc/imapd_local_sieve.conf" listen="localhost:sieve" prefork=0 I then have set up an stunnel that redirects port 4000 to the sieve on localhost:sieve. Users can then use sieve over ssl. (In fact the only user is our webmail client that supports sieve over ssl, but not sieve+tls). Also note that I'm advertising only PLAIN in my sasl_mech_list. I'm not advertising "LOGIN" because setting allowplaintext:0 will disable LOGIN. See http://cyrusimap.web.cmu.edu//imapd/overview.html#login Rudy thanks Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Rudy Gevaert [EMAIL PROTECTED] tel:+32 9 264 4734 Directie ICT, afd. Infrastructuur ICT Department, Infrastructure office Groep SystemenSystems group Universiteit Gent Ghent University Krijgslaan 281, gebouw S9, 9000 Gent, Belgie www.UGent.be -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
pop3 CLOSE_WAIT hang
hi, I have serious problem with my cyrus21 (debian sarge 2.1.18-1) - I have hundreds of connectin in CLOSE_WAIT state. I can telnet to port 110 , but sometimes I can't even get the banner of the service. I tried to increase maxchild (now -1 - unlimited), I tried babysit, increasing maxfds up to 2000 etc, but it still doesn't kick out the CLOSE_WAIT state connections. Any suggestion? Thank you Ondrej Pachner -- Check my PGP public key at http://poblijon.ubal.to/~tloudev/pgp.pub Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
RE: shared mailboxes with virtual domain setup
i got it all working right know. i found out that outlook and thunderbird don´t support acl´s. i´m using the horde client too and there it is possible to define acl´s. > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Philippe > Trolliet > Sent: Montag, 2. April 2007 14:21 > To: Info-cyrus > Subject: shared mailboxes with virtual domain setup > > > hi, > i´m using cyrus-imapd-2.2.12-6.fc4 on fedora core 4 with virtual domains. > virtual domain and user information is stored in a mysql database. the > authentication works with sasl configured with pam. > everything works fine. i can check mails over pop/imap and send mail. the > usernames are of the following format [EMAIL PROTECTED] > i want to create shared mailboxes with user-specific access rights. in the > cyrus documentation i´ve seen that i have to use the command > cyradm for it. > $ cyradm --user localhost > > i created a mailbox with the command: > localhost> cm shared.department1 > > then i´ve set the access rights: > localhost> sam shared.department1 [EMAIL PROTECTED] lrs > > i get the error message: > setaclmailbox: <[EMAIL PROTECTED]>: lrs: Invalid identifier > > i created the domains and accounts with a cvs version of web-cyradm. > listmailbox produces the following output (changed usernames and domains): > user/[EMAIL PROTECTED] (\HasNoChildren) > user/[EMAIL PROTECTED] (\HasChildren) > user/user1/[EMAIL PROTECTED] (\HasNoChildren) > user/[EMAIL PROTECTED] (\HasNoChildren) > > why doesn´t the above command work? > is it possible to define a shared mailbox for users that already have a > mailbox? > how can i setup an imap connection in outlook or thunderbird (the > user could > already have an imap connection to his own mailbox)? > is it possible to define a shared folder for a user-account? how can other > users access this folder if they already have an imap connection? > > regards > philippe > > > -- > I am using the free version of SPAMfighter for private users. > It has removed 4593 spam emails to date. > Paying users do not have this message in their emails. > Get the free SPAMfighter here: http://www.spamfighter.com/len > > > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > > __ NOD32 2162 (20070402) Information __ > > This message was checked by NOD32 antivirus system. > http://www.eset.com > > -- I am using the free version of SPAMfighter for private users. It has removed 4610 spam emails to date. Paying users do not have this message in their emails. Get the free SPAMfighter here: http://www.spamfighter.com/len <> Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
how to configure sieve to start STARTTLS ?
Dear list, after implementing the imaps , I need to configure sieve to start STARTTLS. sivtest -a aftab -u aftab linux.kolkatainfoservices.in -m LOGIN -t "" is working well. is there any config file for sieve so that I can force sieve to start STARTTLS ? bcoz I am using sieve from a web-based email client called felamimail. thanks Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html