Re: email inaccessible through imap after reading
Quoting Martin Kraus lists...@wujiman.net: On Tue, May 11, 2010 at 06:44:47PM +0200, Michael Menge wrote: If you use the delayed expunge feature of cyrus and the eMail gets deleted it stayes on the filesystem till cyr_expire removes them. See expunge_mode in imapd.conf I'm not using expunge mode delayed. Haven't been able to get it to work it just segfaults when expunging. I guess Outlook is using POP and deletes the mail after download. Check your logfiles and/or use telemetry log for that user. outlook uses imap and I've tried to access that mailbox using mutt both through imap and pop3 and I've also tried squirrelmail. The message is there, I can see it on the filesystem but it doesn't show up after being read. Since I've never had any similar problems with other cyrus servers, I'm inclined to say it is something outlook did to that message but I can't figure out what. If it deleted that message, it wouldn't be on the filesystem. did you try an reconstruct on that mailbox? M.MengeTel.: (49) 7071/29-70316 Universität Tübingen Fax.: (49) 7071/29-5912 Zentrum für Datenverarbeitung mail: michael.me...@zdv.uni-tuebingen.de Wächterstraße 76 72074 Tübingen smime.p7s Description: S/MIME Signatur Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Two diferent salt in change_sqlpass
Hi all, Anyone know how to configure two diferent salt for PHPCRYPT method? It is because my email server administration use one salt to encrypt new password and other one to verify password. Thanks Juan-Francisco Diez Léglise Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Two diferent salt in change_sqlpass
Hi all, Anyone know how to configure two diferent salt for PHPCRYPT method? It is because my email server administration use one salt to encrypt new password and other one to verify password. Thanks Juan-Francisco Diez Léglise Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Cyrus via NFS
Hello, I have a Mail server with 6000 mailbox running in debian 5.0.4 with cyrus-imapd-2.2 (2.2.13-14+lenny3) I want move both the configdirectory and partition-default to a storage NetApp 2020 via NFS. In my linux I mount in fstab whith this nfs options: ( hard,intr,proto=tcp,_netdev ) Has anyone done this? Any recommendation or commentary, before move this to NFS ? Thanks, and sorry for my English I'm from Argentine. Agustin. Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus via NFS
Quoting Agustín Eijo ague...@gmail.com: Hello, I have a Mail server with 6000 mailbox running in debian 5.0.4 with cyrus-imapd-2.2 (2.2.13-14+lenny3) I want move both the configdirectory and partition-default to a storage NetApp 2020 via NFS. NFS3 or NFS4? Cyrus needs working File-Locking, which does not work with NFS3. I didn't test it with NFS4. Do you intend to run an active-active cluster? If not have a look at iscsi. In my linux I mount in fstab whith this nfs options: ( hard,intr,proto=tcp,_netdev ) noatime Has anyone done this? Any recommendation or commentary, before move this to NFS ? Thanks, and sorry for my English I'm from Argentine. Agustin. Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html M.MengeTel.: (49) 7071/29-70316 Universität Tübingen Fax.: (49) 7071/29-5912 Zentrum für Datenverarbeitung mail: michael.me...@zdv.uni-tuebingen.de Wächterstraße 76 72074 Tübingen smime.p7s Description: S/MIME Signatur Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus via NFS
Hello, I asked somebody from another french university. They use a NetApp, put evrything on it and it works perfectly. I stayed on SAN anyway, but I would have liked the snapshot and the facilities to restore mails... Dom 2010/5/12 Agustín Eijo ague...@gmail.com Hello, I have a Mail server with 6000 mailbox running in debian 5.0.4 with cyrus-imapd-2.2 (2.2.13-14+lenny3) I want move both the configdirectory and partition-default to a storage NetApp 2020 via NFS. In my linux I mount in fstab whith this nfs options: ( hard,intr,proto=tcp,_netdev ) Has anyone done this? Any recommendation or commentary, before move this to NFS ? Thanks, and sorry for my English I'm from Argentine. Agustin. Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html -- Dominique LALOT Ingénieur Systèmes et Réseaux http://annuaire.univmed.fr/showuser.php?uid=lalot Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus via NFS
Hello, Thanks for the reply. I set noatime option and I'll try setting it to NFSv4 in order to avoid problems with File Locking So, anyone have experience with NetApp cyrus via NFSv4? Greetings, Agustín. 2010/5/12 Michael Menge michael.me...@zdv.uni-tuebingen.de: Quoting Agustín Eijo ague...@gmail.com: Hello, I have a Mail server with 6000 mailbox running in debian 5.0.4 with cyrus-imapd-2.2 (2.2.13-14+lenny3) I want move both the configdirectory and partition-default to a storage NetApp 2020 via NFS. NFS3 or NFS4? Cyrus needs working File-Locking, which does not work with NFS3. I didn't test it with NFS4. Do you intend to run an active-active cluster? If not have a look at iscsi. In my linux I mount in fstab whith this nfs options: ( hard,intr,proto=tcp,_netdev ) noatime Has anyone done this? Any recommendation or commentary, before move this to NFS ? Thanks, and sorry for my English I'm from Argentine. Agustin. Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html M.Menge Tel.: (49) 7071/29-70316 Universität Tübingen Fax.: (49) 7071/29-5912 Zentrum für Datenverarbeitung mail: michael.me...@zdv.uni-tuebingen.de Wächterstraße 76 72074 Tübingen Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html -- Saludos, Agustín. Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Cyrus active-active cluster checklist
Hello I've been keeping a list of configuration changes to setup Cyrus in an active-active two-node cluster (I'm using DRBD and OCFS2 for that). Here's the list of things I have so far: * Don't use BerkeleyDB (set all databases which default to berkeley to skiplist); * Under configdirectory, move the log, proc, db and socket directories to local storage and symlink (or mount -obind) them to avoid conflicts between the two cyrus instances; * Change the append_newstage() function in imap/append.c to add some host information to the stage. file names, to avoid PID clashes between the two cluster nodes; Dave McMurtrie has also suggested me modifying the mmap() call in the map_refresh() function to use MAP_PRIVATE instead of MAP_SHARED for performance reasons. Is anyone aware of any side effects that this could cause? Any input on this list would be really appreciated. I think it's important to keep a list of things like this that people thinking about a similar setup can refer to (or give up on the idea :) Thanks, Andre Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
cyradm lm wildcard and the @ sign
Hi people, I'm looking for a way to list all mailboxes for a given domain, i.e. in cyradm: lm *...@example.com* This does not return anything. lm *example.com* does though. It appears the @ sign screws up the wildcard matching. But what I really really need is the ability to list the mailboxes of a given user, i.e.: lm user.j...@example.com* but this does not work. Is there any workaround or fix? My environment is Ubuntu 9.10 (Karmic) with Cyrus 2.2. -- All pointers appreciated, Berend de Boer Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm lm wildcard and the @ sign
On Wed, May 12, 2010 at 3:34 PM, Berend de Boer ber...@pobox.com wrote: Hi people, I'm looking for a way to list all mailboxes for a given domain, i.e. in cyradm: lm *...@example.com* This does not return anything. lm *example.com* does though. It appears the @ sign screws up the wildcard matching. But what I really really need is the ability to list the mailboxes of a given user, i.e.: lm user.j...@example.com* but this does not work. Is there any workaround or fix? Maybe the authenticated user isn't global admin. -- Reinaldo de Carvalho http://korreio.sf.net http://python-cyrus.sf.net Don't try to adapt the software to the way you work, but rather yourself to the way the software works (myself) Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm lm wildcard and the @ sign
Reinaldo == Reinaldo de Carvalho reinal...@gmail.com writes: I'm looking for a way to list all mailboxes for a given domain, i.e. in cyradm: lm *...@example.com* This does not return anything. lm *example.com* does though. It appears the @ sign screws up the wildcard matching. Maybe the authenticated user isn't global admin. Clearly I can get the mailboxes to list if I don't use the @ sign so doesn't that indicate I am indeed the global admin? The user I'm logged in at can change the acl on all mailboxes for example, so that indicates to me it is a global admin as wel. -- Cheers, Berend de Boer Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm lm wildcard and the @ sign
On Wed, May 12, 2010 at 4:04 PM, Berend de Boer ber...@pobox.com wrote: Clearly I can get the mailboxes to list if I don't use the @ sign so doesn't that indicate I am indeed the global admin? The user I'm logged in at can change the acl on all mailboxes for example, so that indicates to me it is a global admin as wel. I agree. Try: # all mailboxes $ nc server 143 * OK maindeua Cyrus IMAP4 [...] server ready . LOGIN admin password . OK User logged in . LIST * *...@example.com # user top folders $ nc server 143 * OK maindeua Cyrus IMAP4 [...] server ready . LOGIN admin password . OK User logged in . LIST * user/%...@example.com -- Reinaldo de Carvalho http://korreio.sf.net http://python-cyrus.sf.net Don't try to adapt the software to the way you work, but rather yourself to the way the software works (myself) Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm lm wildcard and the @ sign
Reinaldo == Reinaldo de Carvalho reinal...@gmail.com writes: Reinaldo On Wed, May 12, 2010 at 4:04 PM, Berend de Boer Reinaldo ber...@pobox.com wrote: Clearly I can get the mailboxes to list if I don't use the @ sign so doesn't that indicate I am indeed the global admin? The user I'm logged in at can change the acl on all mailboxes for example, so that indicates to me it is a global admin as wel. I agree. Try: Reinaldo # all mailboxes Reinaldo $ nc server 143 Reinaldo * OK maindeua Cyrus IMAP4 [...] server ready Reinaldo . LOGIN admin password . OK Reinaldo User logged in Reinaldo . LIST * *...@example.com This doesn't work. I get: # nc localhost 143 * OK server2.xplainhosting.com Cyrus IMAP4 v2.2.13-Debian-2.2.13-16ubuntu1 server ready . LOGIN admin password . NO Login only available under a layer . LOGIN ad...@server2.example.com password . NO Login only available under a layer The ad...@server2.example.com is the one I use for cyradm. I.e. I always login as: cyradm -u ad...@server2.example.com localhost The admin user doesn't have mailboxes, it's just administrative only. My imapd.conf has: admins: admin virtdomains: yes defaultdomain: server2.example.com -- Thanks so far! Berend de Boer Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm lm wildcard and the @ sign
On Thu, 13 May 2010, Berend de Boer wrote: Reinaldo == Reinaldo de Carvalho reinal...@gmail.com writes: Reinaldo On Wed, May 12, 2010 at 4:04 PM, Berend de Boer Reinaldo ber...@pobox.com wrote: Clearly I can get the mailboxes to list if I don't use the @ sign so doesn't that indicate I am indeed the global admin? The user I'm logged in at can change the acl on all mailboxes for example, so that indicates to me it is a global admin as wel. I agree. Try: Reinaldo # all mailboxes Reinaldo $ nc server 143 Reinaldo * OK maindeua Cyrus IMAP4 [...] server ready Reinaldo . LOGIN admin password . OK Reinaldo User logged in Reinaldo . LIST * *...@example.com This doesn't work. I get: # nc localhost 143 * OK server2.xplainhosting.com Cyrus IMAP4 v2.2.13-Debian-2.2.13-16ubuntu1 server ready . LOGIN admin password . NO Login only available under a layer . LOGIN ad...@server2.example.com password . NO Login only available under a layer Use imtest instead of nc. imtest can do all the SASL login magic and still gives you raw access to the connection for sending commands. Andy Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm lm wildcard and the @ sign
On Wed, May 12, 2010 at 4:51 PM, Andrew Morgan mor...@orst.edu wrote: Use imtest instead of nc. imtest can do all the SASL login magic and still gives you raw access to the connection for sending commands. Or use 'openssl s_client -host server -port 143 -starttls imap' -- Reinaldo de Carvalho http://korreio.sf.net http://python-cyrus.sf.net Don't try to adapt the software to the way you work, but rather yourself to the way the software works (myself) Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm lm wildcard and the @ sign
Andrew == Andrew Morgan mor...@orst.edu writes: Andrew Use imtest instead of nc. imtest can do all the SASL Andrew login magic and still gives you raw access to the Andrew connection for sending commands. Same thing: # imtest -u ad...@server2.example.com localhost S: * OK server2.example.com Cyrus IMAP4 v2.2.13-Debian-2.2.13-16ubuntu1 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE STARTTLS LOGINDISABLED AUTH=CRAM-MD5 SASL-IR S: C01 OK Completed C: A01 AUTHENTICATE CRAM-MD5 S: + PDI4ODc2MDU3MTUuMTU0MDU3ODZAc2VydmVyMi54cGxhaW5ob3N0aW5nLmNvbT4= Please enter your password: C: cm9vdCAzNmJhYWUzMGY1MGEwNjkzYWEyMjI1MzM1OTc0ZmE0NQ== S: A01 NO authentication failure Authentication failed. generic failure Security strength factor: 0 . LIST * *...@example.com . BAD Please login first . LOGIN cy...@server2.example.com oUQR8keuun . NO Login only available under a layer C: Q01 LOGOUT * BYE LOGOUT received Q01 OK Completed Connection closed. Perhaps the only available under a layer is an indication I must use ssl or so? Tried that as well: # imtest -s -u admin -r server2.example.com WARNING: no hostname supplied, assuming localhost verify error:num=19:self signed certificate in certificate chain TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits) S: * OK server2.example.com Cyrus IMAP4 v2.2.13-Debian-2.2.13-16ubuntu1 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=CRAM-MD5 SASL-IR S: C01 OK Completed C: A01 AUTHENTICATE CRAM-MD5 S: + PDQwNDczMDY5My4xNTQwNTk4NEBzZXJ2ZXIyLnhwbGFpbmhvc3RpbmcuY29tPg== Please enter your password: C: cm9vdCBhODUyNzIxZDM4MjVkMzEwMGNjMDlkNmM0YzEzMmM1Yw== S: A01 NO authentication failure Authentication failed. generic failure Security strength factor: 256 And perhaps something I should mention: all users are defined in a postgresql database, but the admin user is in an sasldb2 database. I think that explains the problem right? Both nc and imtest use the normal imap server interface but my admin user isn't defined there. But isn't this a side track? I.e. I just want to have a wildcard on a string with an @ character working? Or is this actually the root cause? I thought I had to create users and set acls and such by using cyradm. If not, can I just create users by login in the normal way, i.e. through the imap daemon itself? Because that would open up a different avenue. -- Cheers, Berend de Boer Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm lm wildcard and the @ sign
On Thu, 13 May 2010, Berend de Boer wrote: Andrew == Andrew Morgan mor...@orst.edu writes: Andrew Use imtest instead of nc. imtest can do all the SASL Andrew login magic and still gives you raw access to the Andrew connection for sending commands. Same thing: # imtest -u ad...@server2.example.com localhost S: * OK server2.example.com Cyrus IMAP4 v2.2.13-Debian-2.2.13-16ubuntu1 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE STARTTLS LOGINDISABLED AUTH=CRAM-MD5 SASL-IR S: C01 OK Completed C: A01 AUTHENTICATE CRAM-MD5 S: + PDI4ODc2MDU3MTUuMTU0MDU3ODZAc2VydmVyMi54cGxhaW5ob3N0aW5nLmNvbT4= Please enter your password: C: cm9vdCAzNmJhYWUzMGY1MGEwNjkzYWEyMjI1MzM1OTc0ZmE0NQ== S: A01 NO authentication failure Authentication failed. generic failure Security strength factor: 0 . LIST * *...@example.com . BAD Please login first . LOGIN cy...@server2.example.com oUQR8keuun . NO Login only available under a layer C: Q01 LOGOUT * BYE LOGOUT received Q01 OK Completed Connection closed. Perhaps the only available under a layer is an indication I must use ssl or so? Tried that as well: # imtest -s -u admin -r server2.example.com WARNING: no hostname supplied, assuming localhost verify error:num=19:self signed certificate in certificate chain TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits) S: * OK server2.example.com Cyrus IMAP4 v2.2.13-Debian-2.2.13-16ubuntu1 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=CRAM-MD5 SASL-IR S: C01 OK Completed C: A01 AUTHENTICATE CRAM-MD5 S: + PDQwNDczMDY5My4xNTQwNTk4NEBzZXJ2ZXIyLnhwbGFpbmhvc3RpbmcuY29tPg== Please enter your password: C: cm9vdCBhODUyNzIxZDM4MjVkMzEwMGNjMDlkNmM0YzEzMmM1Yw== S: A01 NO authentication failure Authentication failed. generic failure Security strength factor: 256 And perhaps something I should mention: all users are defined in a postgresql database, but the admin user is in an sasldb2 database. I think that explains the problem right? Both nc and imtest use the normal imap server interface but my admin user isn't defined there. But isn't this a side track? I.e. I just want to have a wildcard on a string with an @ character working? Or is this actually the root cause? I thought I had to create users and set acls and such by using cyradm. If not, can I just create users by login in the normal way, i.e. through the imap daemon itself? Because that would open up a different avenue. cyradm is just an IMAP client too. :) If you are able to login with cyradm, then obviously it should be possible to login with imtest. Andy Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm lm wildcard and the @ sign
On 13/05/10 06:34 +1200, Berend de Boer wrote: I'm looking for a way to list all mailboxes for a given domain, i.e. in cyradm: lm *...@example.com* This does not return anything. lm *example.com* does though. It appears the @ sign screws up the wildcard matching. But what I really really need is the ability to list the mailboxes of a given user, i.e.: lm user.j...@example.com* This works for me, for listing child mailboxes: neo.olp.net lm user/dwhite/*...@olp.net user/dwhite/dra...@olp.net (\HasNoChildren) user/dwhite/s...@olp.net (\HasNoChildren) user/dwhite/tr...@olp.net (\HasNoChildren) I'm using unixhierarchysep: yes On 13/05/10 07:37 +1200, Berend de Boer wrote: This doesn't work. I get: # nc localhost 143 * OK server2.xplainhosting.com Cyrus IMAP4 * v2.2.13-Debian-2.2.13-16ubuntu1 server ready . LOGIN admin password . NO Login only available under a layer . LOGIN ad...@server2.example.com password . NO Login only available under a layer Meaning that allowplaintext is turned off, which is off by default. The ad...@server2.example.com is the one I use for cyradm. I.e. I always login as: cyradm -u ad...@server2.example.com localhost You must be using a SASL mechanism which supports a security layer. The admin user doesn't have mailboxes, it's just administrative only. My imapd.conf has: admins: admin virtdomains: yes defaultdomain: server2.example.com On 13/05/10 09:02 +1200, Berend de Boer wrote: Andrew == Andrew Morgan mor...@orst.edu writes: Andrew Use imtest instead of nc. imtest can do all the SASL Andrew login magic and still gives you raw access to the Andrew connection for sending commands. Same thing: # imtest -u ad...@server2.example.com localhost Try: imtest -a ad...@server2.example.com localhost Perhaps the only available under a layer is an indication I must use ssl or so? Tried that as well: Correct, or a SASL mech that supports security layers (which CRAM-MD5 does). And perhaps something I should mention: all users are defined in a postgresql database, but the admin user is in an sasldb2 database. I think that explains the problem right? Both nc and imtest use the normal imap server interface but my admin user isn't defined there. That depends on your sasl_* settings. CRAM-MD5 is going to use your auxprop plugin(s). A telnet/nc with a 'login user pass' attempt is going to use your sasl_pwcheck_method(s). imtest *should* work if cyradm does. -- Dan White Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm lm wildcard and the @ sign
Dan == Dan White dwh...@olp.net writes: Dan This works for me, for listing child mailboxes: neo.olp.net lm user/dwhite/*...@olp.net Dan user/dwhite/dra...@olp.net (\HasNoChildren) Dan user/dwhite/s...@olp.net (\HasNoChildren) Dan user/dwhite/tr...@olp.net (\HasNoChildren) Dan I'm using unixhierarchysep: yes Ah, that's exactly what I am looking for. Unfortunately I have unixhierarchysep: no; not sure if I can change this midflight on a live system? Or would that break all clients, i.e. you use either yes or no, but you can't switch that easily. Better clone the environment and test I suppose. -- All the best, Berend de Boer Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm lm wildcard and the @ sign
On 12/05/10 17:03 -0500, Dan White wrote: On 13/05/10 09:02 +1200, Berend de Boer wrote: # imtest -u ad...@server2.example.com localhost Try: imtest -a ad...@server2.example.com localhost Perhaps the only available under a layer is an indication I must use ssl or so? Tried that as well: Correct, or a SASL mech that supports security layers (which CRAM-MD5 does). That's incorrect. CRAM-MD5 does not support a security layer. Try: imtest -m DIGEST-MD5 -a ad...@server2.example.com server2.example.com or imtest -s -a ad...@server2.example.com server2.example.com -- Dan White Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm lm wildcard and the @ sign
On 13/05/10 10:17 +1200, Berend de Boer wrote: Dan == Dan White dwh...@olp.net writes: Dan This works for me, for listing child mailboxes: neo.olp.net lm user/dwhite/*...@olp.net Dan user/dwhite/dra...@olp.net (\HasNoChildren) Dan user/dwhite/s...@olp.net (\HasNoChildren) Dan user/dwhite/tr...@olp.net (\HasNoChildren) Dan I'm using unixhierarchysep: yes Ah, that's exactly what I am looking for. Unfortunately I have unixhierarchysep: no; not sure if I can change this midflight on a live system? Try: lm user.joh...@example.com -- Dan White Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm lm wildcard and the @ sign
Dan == Dan White dwh...@olp.net writes: Dan Try: Dan lm user.joh...@example.com Yeah, I already had tried that. I'm fairly sure I tried all permutations before I went to this list :-) -- Cheers, Berend de Boer Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyradm lm wildcard and the @ sign
Dan == Dan White dwh...@olp.net writes: Dan That's incorrect. CRAM-MD5 does not support a security Dan layer. Try: Dan imtest -m DIGEST-MD5 -a ad...@server2.example.com Dan server2.example.com That worked. Now back to Reinaldo's queries: # all mailboxes $ nc server 143 * OK maindeua Cyrus IMAP4 [...] server ready . LOGIN admin password . OK User logged in . LIST * *...@example.com This returns one entry, the main folder in case the domain has only one email address. It returns every folder in case a domain has more. For my particular domain when I do: . LIST * user.principal* I get this: * LIST (\HasNoChildren) . user.princi...@example.com * LIST (\HasNoChildren) . user.princi...@example.com.drafts * LIST (\HasNoChildren) . user.princi...@example.com.sent * LIST (\HasNoChildren) . user.princi...@example.com.templates * LIST (\HasNoChildren) . user.princi...@example.com.trash . OK Completed (0.000 secs 6 calls) Interestingly for other domains the folders are listed as: * LIST (\HasNoChildren) . user.dieuwe.s...@foo.com * LIST (\HasNoChildren) . user.dieuwe.spec...@foo.com So I think I understand what's happening here actually. I wanted to batch create users, but this program, instead of creating folders, created domains. So to create the Drafts folder I should see: user.principal.dra...@example.com Instead I created the domain example.com.Drafts! Ah right, I think I've figured out what the real problem was. Guys, thanks heaps for all your help and pointing me in the right direction. It wasn't wildcard after all, it was this batch script that didn't handle domains and therefore created wrong entries. -- All the best, Berend de Boer Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus active-active cluster checklist
On Wed, May 12, 2010 at 02:17:18PM -0300, Andre Nathan wrote: * Change the append_newstage() function in imap/append.c to add some host information to the stage. file names, to avoid PID clashes between the two cluster nodes; I've got no problem with adding this upstream by the way. Bron. Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
cyrus processes maxchild
Hi there, I have a problem with my mail program hanging when too many processes are spawned by cyrus. The problem seems to occur when the maxchild limit is reached. I was wondering what is suppose to happen when the maxchild limit is reached, because at this point, I have to restart cyrus when this happens. What would happen if I removed the maxchild limit entirely? thanks, maria Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus processes maxchild
Maria == Maria McKinley ma...@shadlen.org writes: Maria Hi there, I have a problem with my mail program hanging Maria when too many processes are spawned by cyrus. The problem Maria seems to occur when the maxchild limit is reached. I was Maria wondering what is suppose to happen when the maxchild limit Maria is reached, because at this point, I have to restart cyrus Maria when this happens. What would happen if I removed the Maria maxchild limit entirely? Can't you limit the number of processes started by cyrus? See /etc/cyrus.conf where I have seen maxchild settings. Never used it though. -- Cheers, Berend de Boer Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus processes maxchild
On Wed, 12 May 2010, Maria McKinley wrote: Hi there, I have a problem with my mail program hanging when too many processes are spawned by cyrus. The problem seems to occur when the maxchild limit is reached. I was wondering what is suppose to happen when the maxchild limit is reached, because at this point, I have to restart cyrus when this happens. What would happen if I removed the maxchild limit entirely? The Maxchild limit is there to protect your servers from overloading if you have misbehaving clients or abusive users. If your server can handle a higher setting, feel free to increase the value. You may need to increase the ulimits on your cyrus process as well. My Cyrus servers set the following in the /etc/init.d/cyrus script: # Crank up the limits ulimit -n 209702 ulimit -u 4096 ulimit -c 102400 and I have the following service entries in /etc/cyrus.conf: imap cmd=/usr/local/cyrus/bin/imapd listen=imap prefork=10 maxchild=2000 imaps cmd=/usr/local/cyrus/bin/imapd -s listen=imaps prefork=10 maxchild=1500 This is a VMWare guest with 4 vcpus and 6GB of RAM. If you remove the Maxchild setting entirely, eventually your Cyrus process will run into the process limits (ulimits) anyways, and may fail in exciting ways. It's better to let Cyrus limit itself. Andy Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus processes maxchild
Andrew Morgan wrote: On Wed, 12 May 2010, Maria McKinley wrote: Hi there, I have a problem with my mail program hanging when too many processes are spawned by cyrus. The problem seems to occur when the maxchild limit is reached. I was wondering what is suppose to happen when the maxchild limit is reached, because at this point, I have to restart cyrus when this happens. What would happen if I removed the maxchild limit entirely? The Maxchild limit is there to protect your servers from overloading if you have misbehaving clients or abusive users. If your server can handle a higher setting, feel free to increase the value. You may need to increase the ulimits on your cyrus process as well. My Cyrus servers set the following in the /etc/init.d/cyrus script: # Crank up the limits ulimit -n 209702 ulimit -u 4096 ulimit -c 102400 and I have the following service entries in /etc/cyrus.conf: imap cmd=/usr/local/cyrus/bin/imapd listen=imap prefork=10 maxchild=2000 imaps cmd=/usr/local/cyrus/bin/imapd -s listen=imaps prefork=10 maxchild=1500 This is a VMWare guest with 4 vcpus and 6GB of RAM. If you remove the Maxchild setting entirely, eventually your Cyrus process will run into the process limits (ulimits) anyways, and may fail in exciting ways. It's better to let Cyrus limit itself. Andy Good info, thanks Andy, I will probably up the limits. Still curious about what is suppose to happen when the limit is reached, however. As users, what we notice is that some people that are already logged on, can continue to use email, but no one new can log on. I'm sure not all of the running processes at this point are active, so I would expect cyrus to start shutting down sleeping processes, but that doesn't seem to happen. Is it really the mode that cyrus will just stop starting new processes, until someone with root power notices and restarts Cyrus? Is there a way to at least send out a notification this is happening? Usually I am one of the people always logged on, so don't notice until someone else lets me know... Oh, also how are the ulimits different from the maxchild limits? thanks a bunch, maria Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus processes maxchild
On 12/05/10 20:26 -0700, Maria McKinley wrote: Good info, thanks Andy, I will probably up the limits. Still curious about what is suppose to happen when the limit is reached, however. As users, what we notice is that some people that are already logged on, can continue to use email, but no one new can log on. I'm sure not all of the running processes at this point are active, so I would expect cyrus to start shutting down sleeping processes, but that doesn't seem to happen. Is it really the mode that cyrus will just stop starting new processes, until someone with root power notices and restarts Cyrus? Is there a way to at least send out a notification this is happening? Usually I am one of the people always logged on, so don't notice until someone else lets me know... It's been my experience that when you've reached the limit on the number of imapd processes defined by maxchild, no new connections will be served until one of the actively served users issues a logout, or a 30 minute inactivity timeout has been reached, at which point the imapd process will be freed up for new connections (and possibly destroyed depending on if it's reached its maximum number of uses). The length of that session timeout is defined by the 'timeout' imapd.conf, which defaults to 30 minutes and cannot be lowered below 30 minutes (per RFC3501 spec). -- Dan White Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus active-active cluster checklist
On Thu, 2010-05-13 at 05:50 +1000, Bron Gondwana wrote: I've got no problem with adding this upstream by the way. That would be great :) Andre Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus processes maxchild
On Wed, 12 May 2010, Maria McKinley wrote: Oh, also how are the ulimits different from the maxchild limits? ulimits are limits the operating system places on processes. Usually they are set via your command shell, such as bash, so you can find documentation with man bash if you search for ulimit. These are the limits that can be set: -c The maximum size of core files created -d The maximum size of a process’s data segment -e The maximum scheduling priority (nice) -f The maximum size of files written by the shell and its children -i The maximum number of pending signals -l The maximum size that may be locked into memory -m The maximum resident set size -n The maximum number of open file descriptors (most systems do not allow this value to be set) -p The pipe size in 512-byte blocks (this may not be set) -q The maximum number of bytes in POSIX message queues -r The maximum real-time scheduling priority -s The maximum stack size -t The maximum amount of cpu time in seconds -u The maximum number of processes available to a single user -v The maximum amount of virtual memory available to the shell -x The maximum number of file locks It is better to let Cyrus handle resource limits internally, in a (relatively) graceful way, rather than hit the process limits. I only mention the ulimits because you can very easily reach the ulimits when you have large numbers of connections. Andy Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
