date:20090710

Re: Cyrus Imap final setup problems

2009-07-10 Thread Nybbles2Byte

Hello Dan,

I just wanted to clarify one thing so no one gets the wrong idea. When I 
rebuilt the data there was still one problem and that was the "badlogin" I 
was getting. I tracked it down just now to fetchmail polling Cyrus. This 
must have been a leftover from the guy before because I have never 
touched fetchmail and don't know anything about it except what I read
in the last 30mins. 

From what I can see it is meant to strengthen the communication between 
two other parts of a mail system. However, my Postfix and Cyrus are on 
the same computer so as I see it Fetchmail could do little more than be an 
overhead. Would you happen to know if that is a fair assessment because
I really am very new to all this and I noticed that Fetchmail is not 
mentioned in either the Postfix or the Cyrus documentation or books I 
have gathered.

Thanks,
-Reg


Wednesday, July 8, 2009, 10:18:28 AM, you wrote:

> Nybbles2Byte wrote:
>> However, it stopped receiving messages after two tests and looking at 
>> the logs it said it was at it's quota limit so I went back to cyradm 
>> to set the quota (I didn't bother the first time so it was at zero) 
>> and I got a "quota permission denied" error. This was from the same 
>> admin, I created the user with and it showed that the admin had all 
>> rights.

>> I then used the admin to create another user and immediately tried to 
>> set the quota of that new user and got the same permission denied 
>> error. I could however remove the user that I could no set the quota for. 


> Below, you've specified 'altnamespace: 1'. When connecting via an admin
> user, altnamespace is ignored, which may complicate what you're 
> expecting to see.

> Also, you've specified 'autocreatequota: 5', which limits the user to 
> 5KBs of space.

> What do your cyradm createmailbox and setquota commands look like?

> You have 'virtdomains: on'. Personally, I prefer configuring 
> 'virtdomains: userid'. 'doc/install-virtdomains.html' within the source
> documents the difference. It might matter when connecting as an admin 
> user (without specifying a domain name).

>> That is my first problem but I have two other as follow:

>> Sieve is not working when I try to telnet to it and I get this error:

>> neutrino:~ # telnet mydomain.com sieve
>> Trying nnn.nn.nn.nn...
>> telnet: connect to address nnn.nn.nn.nn: Connection refused


> Your sieve entry in cyrus.conf looks correct. Verify that the service is
> running with 'fuser 2000/tcp' or 'netstat -an | grep LISTEN | grep 
> 2000'. If not, there should be something in syslog about why it couldn't
> start. Locate where your cyrus binaries are installed (/usr/sbin ?) and
> verify there's a timesieved binary located there.

> Also, stop cyrus, and make sure something else isn't already listening
> on port 2000, like inetd or xinetd.

> If it is starting, but crashing somewhere, you can use the debug_command
> (in imapd.conf) to trouble shoot. See:

> https://langhorst.com/cgi-bin/dwww//usr/share/doc/cyrus21-common/README.Debian.debug.gz

> for some usage scenarios.
>> The last thing is I am getting a "badlogin" error in my cyrus log as 
>> you can see below:

>> Jul  8 08:12:00 neutrino SeoWS/imap[20686]: badlogin: localhost 
>> [127.0.0.1] CRAM-MD5 [SASL(-13): user not found: no secret in database]
>> Jul  8 08:12:00 neutrino SeoWS/imap[20694]: sql auxprop plugin using 
>> mysql engine
>> Jul  8 08:12:03 neutrino SeoWS/imap[20686]: sql plugin Parse the 
>> username reg


> I don't know what that could be.

> - Dan

>> # UNIX sockets start with a slash and are put into /var/lib/imap/socket
>> SERVICES {
>>   # DEFAULT DOMAIN
>>   imap   cmd="imapd" listen="imap"   
>>  prefork=0
>> # imapscmd="imapd -s"listen="imaps"   
>>  prefork=0
>> # pop3cmd="pop3d"listen="pop3"prefork=0
>> # pop3scmd="pop3d -s"listen="pop3s"   
>>  prefork=0
>>   sievecmd="timsieved"listen="sieve"   
>>  prefork=0
>>   lmtpunixcmd="lmtpd"
>>  listen="/var/lib/imap/socket/lmtp" prefork=0
>>   notifycmd="notifyd"
>>  listen="/var/lib/imap/socket/notify" proto="udp" prefork=0
>> }

>> *IMAPD.CONF
>> *altnamespace: 1
>> autocreatequota: 5
>> unixhierarchysep: 1
>> virtdomains: on





-- 
 Nybbles2Bytemailto:nybbles2b...@gmail.com
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: Cyrus Imap final setup problems

2009-07-10 Thread Marc Patermann

Hi,

Nybbles2Byte schrieb:

> I have a setup with the following: 
> 
> OpenSuSE 11.0 (x86_64)
> Postfix 2.5.1-28.5 (x86_64)
> Cyrus SASL 2.1.22-140.1 (x86_64)
> Cyrus Imap 2.3.11-31.1 (x86_64)
> MySQL 5.1.35-34.1
> All of these are on the same computer.
Yuo can have "newer" version, if you look at 
http://software.opensuse.org/search
I.e. cyrus-imapd-2.3.14-12.1 
http://download.opensuse.org/repositories/home:/Marcus_H/openSUSE_11.0/x86_64/cyrus-imapd-2.3.14-12.1.x86_64.rpm
I also have an LDAP enabled version for SuSE here.

Marc

Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

IOERROR: opening quota file: File name too long

2009-07-10 Thread Gary Mills

We're running cyrus-imapd-2.3.8 on Solaris 10.  Recently, the `quota'
command failed with this error in syslog:

Jun 29 19:58:49 castor quota[27067]: [ID 240394 local6.error] IOERROR: 
opening quota file 
/imap/conf/quota/N/user.___.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.INBOX.Deleted
 Messages: File name too long

Running it by hand resulted in this error:

# /usr/local/cyrus/bin/quota > /var/tmp/1.quota
failed building quota list for '*': System I/O error: %m

The deeply-nested folder seems to be created by Apple Mail.  I could
delete it with `cyradm', but the user kept recreating it.  Is there a
fix for this problem, perhaps in later Cyrus versions?  We use the
`quota' command to generate over-quota warnings automatically.

-- 
-Gary Mills--Unix Support--U of M Academic Computing and Networking-

Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: Cyrus Imap final setup problems

2009-07-10 Thread Dan White

Nybbles2Byte wrote:
> Hello Dan,
>
> I just wanted to clarify one thing so no one gets the wrong idea. When I 
> rebuilt the data there was still one problem and that was the 
> "badlogin" I 
> was getting. I tracked it down just now to fetchmail polling Cyrus. This 
> must have been a leftover from the guy before because I have never 
> touched fetchmail and don't know anything about it except what I read
> in the last 30mins. 
>
> From what I can see it is meant to strengthen the communication between 
> two other parts of a mail system. However, my Postfix and Cyrus are on 
> the same computer so as I see it Fetchmail could do little more than 
> be an 
> overhead. Would you happen to know if that is a fair assessment because
> I really am very new to all this and I noticed that Fetchmail is not 
> mentioned in either the Postfix or the Cyrus documentation or books I 
> have gathered.
>
> Thanks,
> -Reg

Reg,

Fetchmail's documentation is located here:

http://fetchmail.berlios.de/

When I did use fetchmail, it was to download a copy of my email from 
another provider's POP3 mailserver down into my own personal IMAP server 
(via local SMTP). I'm not sure why one would configure fetchmail to 
connect to an IMAP server running on local host.

- Dan

Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

How to _mandatory upgrade to TLS_ with sieve or other cyrus services?

2009-07-10 Thread Thomas Harding

Hello,
I use imaps with a single CA (home made), which make me able to filter
users basing on trusted-CA signed certificates.

This allows me to restrict user's login on their ability to present
a certificate signed by my CA, and only by it  (that's what I hope),
as I disabled all services but imaps and sieve.

However, I can't find how to obtain the same behavior with sieve :
it still allows non-encrypted sessions.

My version is a Debian packaged one:
ii  cyrus-imapd-2.2   2.2.13-14+b3


Here the relevant lines of my /etc/imapd.conf :
tls_cert_file: /etc/ssl/certs/xxx.pem
tls_key_file: /etc/ssl/private/xx.key.pem
tls_ca_file: /etc/ssl/certs/.pem
tls_require_cert: true

How to disable non-TLS sessions on sieve, and more generally for any
cyrus service?

T.Harding

Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: How to _mandatory upgrade to TLS_ with sieve or other cyrus services?

2009-07-10 Thread Andrew Morgan

On Fri, 10 Jul 2009, Thomas Harding wrote:

> Hello,
> I use imaps with a single CA (home made), which make me able to filter
> users basing on trusted-CA signed certificates.
>
> This allows me to restrict user's login on their ability to present
> a certificate signed by my CA, and only by it  (that's what I hope),
> as I disabled all services but imaps and sieve.
>
> However, I can't find how to obtain the same behavior with sieve :
> it still allows non-encrypted sessions.
>
> My version is a Debian packaged one:
> ii  cyrus-imapd-2.2   2.2.13-14+b3
>
>
> Here the relevant lines of my /etc/imapd.conf :
> tls_cert_file: /etc/ssl/certs/xxx.pem
> tls_key_file: /etc/ssl/private/xx.key.pem
> tls_ca_file: /etc/ssl/certs/.pem
> tls_require_cert: true
>
> How to disable non-TLS sessions on sieve, and more generally for any
> cyrus service?

I can't remember if this setting was in Cyrus 2.2 versions, but have you 
tried setting:

   allowplaintext: 0

in your imapd.conf?

Andy

Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: How to _mandatory upgrade to TLS_ with sieve or other cyrus services?

2009-07-10 Thread Thomas Harding

Thomas Harding wrote:
> I use imaps with a single CA (home made), which make me able to filter
> users basing on trusted-CA signed certificates.
> How to disable non-TLS sessions on sieve, and more generally for any
> cyrus service?
>   
Answering to my own question: by reading carefully imapd.conf man page :)
combining:
sasl_mech_list: PLAIN  LOGIN
with:
 allowplaintext: no
will do the trick.

Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: Cyrus Imap final setup problems

Re: Cyrus Imap final setup problems

IOERROR: opening quota file: File name too long

Re: Cyrus Imap final setup problems

How to _mandatory upgrade to TLS_ with sieve or other cyrus services?

Re: How to _mandatory upgrade to TLS_ with sieve or other cyrus services?

Re: How to _mandatory upgrade to TLS_ with sieve or other cyrus services?

7 matches

Site Navigation

Mail list logo

Footer information