Re: idled thoughts
On Tue, 18 May 2004, Andreas wrote: > Is it useful? Does it use too much resources? Is it not used that much, > and as such not well tested? Haven't really noticed it taking up too much resources myself. In terms of it being useful, rather informal trial and error experimentation here seemed to indicate that the Microsoft clients were much happier with it enabled. Not sure if that was the ultimate fix, but these particular individuals are no longer having problems, so that's good enough for me! ;) > I see that thunderbird 0.6 can use the IDLE extension and I like the idea > of the server notifying the client whenever there is new mail. Using the I haven't tried it in a while, but previously when I told TBird to check for new mail in a bunch of folders and had IDLE enabled, things seemed to get really wacky. (Number of new messages would be bogus, some folders tagged as having new mail when they didn't, etc.) So in the end I just turned off the IDLE support in TBird. That was a while ago, though, so I don't know if that has improved. Amos --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus and Spamassassin bayes rules
On Tue, 27 Apr 2004, Scott Russell wrote: > I'm looking at setting up a DSPAM + Postfix + Cyrus solution here as > well. I have to wonder about the advantages of setting up a shared spam > folder for the system though. Oh, not that it really matters, but we're using Postfix + amavisd-new to call ClamAV, McAfee uvscan, and SpamAssassin. Overall, it seems to be doing pretty well. Amos --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus and Spamassassin bayes rules
On Tue, 27 Apr 2004, Scott Russell wrote: > Would it really have any serious advantage over forwarding the false > negatives/positives to an email address for processing? At this point I would say "yes". It's been hell trying to get folks to forward the spam with the headers intact. Seems like every client has their own goofy way to do this. The Microsoft clients are the worst. Just when we thought we had figured it out (drag the spam into the body of a new message), we *still* get plenty of useless reports. Haven't taken the time to figure out if it's in the difference of versions or what. Adding Exchange into the mix has made it even more sucky. :-( -- Amos --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: [news:comp.mail.imap.cyrus] Is it needed ?
On Sat, 24 Apr 2004, Carl P. Corliss wrote: > Better yet, now that cyrus supports exporting shared folders via nntp, > why not set up the complete cyrus archive (the shared folder on cmu.edu) > as nntp newsgroups using cyrus 2.2.x? If it's NNTP access you're after, why not use http://gmane.org/ ? -- Amos --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Client hang after some idle time
On Mon, 19 Apr 2004, ADNET Ghislain wrote:
> My problem is that the client (i tried mozilla, netscape, thunderbird,
> outlook2003, evolution...) that is working perfectly at login but it
> hang on every imap access after some time. The mail client is just
> standing there and after some time for evolution drop a 'error
> refreshing folder: succes' (yes success as an error!), other mail client
> just hangup there with no message at all.
[...]
> on the server side i have some "idle for too long, closing connection"
> messages.
You might try increasing the 'timeout' value in imapd.conf. This is
what I'm currently using, and so far seems to be doing OK:
timeout: 90
Also, do you have idle support compiled/enabled? Once I compiled it
in and added the following to cyrus.conf, along with the timeout
value above, it seems some of the issues we were seeing with the
Microsoft clients went away.
START {
# do not delete this entry!
recover cmd="ctl_cyrusdb -r"
# this is only necessary if using idled for IMAP IDLE
idled cmd="idled"
}
Though, I've noticed that if you tell Mozilla Thunderbird to check
for new mail in some folders AND enable IDLE support (latest snapshots),
it gets a bit loopy and message counts get totally out of whack. In that
case I think it's best to turn off IDLE support in that client.
--
Amos
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: R: ?????????
On Fri, 16 Apr 2004, Luca Manganelli wrote: > NO SPAM, DAMN IT! What? You don't like spam with your eggs? -- Amos --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Sieve for shared mailboxes
On Tue, 23 Mar 2004, Craig Ringer wrote: > On Tue, 2004-03-23 at 02:28, Rob Siemborski wrote: > > > It also opens a world of possibility for new bugs. There definately isn't > > a consensus on what the desireable behavior here is. > > User-created sieve loops strike me as one "fun" possibility to be > avoided at all costs. > > Craig Ringer > Maybe a too simplistic notion on my part, but could the deliverydb be used to prevent that somehow? Though, I guess that would entail chaning the key to reflect the target folder, maybe? (Currently only the Message-Id is used, right?) -- Amos --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Sieve for shared mailboxes
On Fri, 19 Mar 2004, Stephen Grier wrote: > On Fri, 2004-03-19 at 01:09, Ken Murchison wrote: > > The biggest issue with sieve opn shared folders is how to use them. Are > > they only executed when mail is delivered via LMTP, or are they executed > > any time a message is inserted into the mailbox? > > Isn't it the case that for user-space mailboxes, sieve scripts are only > applied on delivery via LMTP, and not when a message is copied or > fileintod it? I don't see why the same behaviour wouldn't be adequate > for shared mailboxes. Agreed. > > Are sieve scripts > > inherited by subfolders, etc? > > This is effectively the case with user-space mailboxes, although I > realise this is because sieve scripts are applied to users rather than > mailboxes. Again, the same behaviour would be appropriate for shared > mailboxes. Agreed. > This might be a bit tricky using IMAP annotations though. Why? Do annotations *always* have to be recursive in nature? I've noticed some of the recent discussions on mta-filter, and there it seems that message expiration could be folder-specific, and not necessarily recursive. (Personally, I wish there was a way to specify that expiration could either be recursive or not. I briefly played with something like that for squat, but I don't know if there's any interest in that, and I didn't really pursue it.) > I think for the sort of sieve functionality we need on shared mailboxes > here, I would be happy to just have lmtpd look for scripts owned by the > postuser user, and apply that to all mail destined for a shared mailbox. > Are there any complicating factors in implementing this? I'm looking at > the deliver function of lmtpd.c, and it appears to be fairly straight > forward to do this. I would be anxious about this. Not only do we have a ton of shared folders, but some see some pretty serious traffic. To have all of that unconditionally going through one Sieve script worries me. Also, if it were possible to tie a Sieve script to a folder (any folder?), perhaps it would be possible to leverage the loginuseacl imapd.conf setting with timsieved. That is, if a user had the admin ACL item on a shared folder, that user would be able to update the Sieve script on that folder. I know some of our folks would be really tickled to have that. In fact in a few cases the need was so pressing for that that I just created the "shared" folder under the "user." hierarchy. -- Amos --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus and Mozilla (and other multi-threaded clients)
On Fri, 12 Mar 2004, Luca Olivetti wrote: > Sure, upgrade to mozilla 1.6 or thunderbird 0.5. They use "status" to > check for new mail instead of downloading all the headers, and perform > bayesian filtering only when you select a mailfolder. As a result I > didn't see the problem with moz1.6/thunderbird 0.5. Also, the very latest Thunderbird builds have initial support for the IDLE extension. Though, I've noticed that the new mail check can get kinda confused at times. Amos --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: I: R: Problem with Cyrus IMAP and Cyrus SASL
On Mon, 8 Mar 2004, Luca Manganelli wrote: > Mar 8 18:57:19 ksmail-test perl: No worthy mechs found Totally absurd I know, and I'm sorry that this doesn't help your situation at all, but whenever I see this message, I can't help but to think of Wayne's World. Yeah, pretty sad. It's a Monday. -- Amos --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Auto Timeout in Outlook 98 and others
On Wed, 3 Mar 2004, Cesar Lagarrigue wrote:
> well, i put into production my server for 450 users... and have a lot of
> troubles with the clients outlook express and other few problems with the
> server.
Not too long ago we experienced some issues with Outlook users as
well. I made the following changes, and _so_far_, these very same
folks have not indicated any problems. I don't know what exactly
improved things, but since things are OK, I'm not too concerned
about it.
1. Configured cyrus-imapd (2.2.3) with --with-idle=idled and
uncommented the following from cyrus.conf:
START {
# ...
# this is only necessary if using idled for IMAP IDLE
idled cmd="idled"
}
2. Changed timeout in imapd.conf:
timeout: 90
--
Amos
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: newspostuser --> To, but what about Reply-To?
On Tue, 17 Feb 2004, Ken Murchison wrote: > > If the message is inserted directly into this folder via just lmtp, > > then the Reply-To (Newsgroups, etc.) header won't be added anyway > > True, but if the client replies to more than just the Reply-To, then the > post address will get exposed. Oh yeah. I imagine it would be a lot of work, but what if this newspostuser setting was an annotation, so that it could be set more specifically than globally? Maybe this setting just doesn't make sense for external news groups? If smtp posting is desired, perhaps a true gateway a la gmane.org is required? -- Amos --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: newspostuser --> To, but what about Reply-To?
On Tue, 17 Feb 2004, Ken Murchison wrote: > I've actually been looking for more info on this type of thing, and here > is what I found: > > http://www.unicom.com/pw/reply-to-harmful.html > http://cr.yp.to/proto/replyto.html > > I can strip the address before transferring the article via NNTP, but > this doesn't help if the article is posted/replied via SMTP. Ultimately, isn't that also just an NNTP post, via lmtp2nntp? If the message is inserted directly into this folder via just lmtp, then the Reply-To (Newsgroups, etc.) header won't be added anyway > I'm having a bad day, so this little problem (and any possible Bummer. > solutions) are just adding to my frustration. If anybody has any > suggestions, I'm all ears. I know about the Reply-To evil stuff, but isn't this a bit different? I mean, we're talking about a newsgroup, not a mailing list. With a mailing list, the Reply-To munging would impact all those on that list. However, with a newsgroup, it's only impacting that newsgroup, right? Of course I guess this all gets *really* muddy if you're doing any sort of mirroring between a list and a newsgroup (anybody try that yet?), but that's something for the implementor of such a gateway to worry about, right? -- Amos --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: newspostuser --> To, but what about Reply-To?
On Tue, 17 Feb 2004, Ken Murchison wrote: > Any article which gets posted to Cyrus nntpd will have the post address > added to the Reply-To header, and this address will be present in the > article when it is transferred to the outside news peer. I thought I raised this concern, but it may have just been a mumble to myself, something I do way too often and it gets confusing. Anyway, yeah, I think it should be stripped before posting to peers. Even if you block it at the MTA, it'll no doubt cause confusion for those outside of your kingdom. -- Amos --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
[2.2.3] Fun with Outlook Express...
Well, a colleague here reported spurious disconnects when attempting
to check his mail via Outlook Express. I noticed that a number of
his telemetry logs ended with:
03ZJ OK Completed (0.000 sec)
<1076565897<03ZK IDLE
>1076565897>+ idling
>1076565897>* BYE Connection reset by peer
Yeah, I know that a "reset by peer" means the client went away, but
he was not experiencing any network connectivity problems what so
ever.
OK, so after searching the archives, I thought I'd try adding these
two lines to our imapd.conf:
timeout: 60
imapidlepoll: 0
I then did a "touch" of all our Cyrus binaries so I wouldn't have to
wait for the max use limit to get reached. (Handy little feature of
2.2.3, I might add.)
This morning I checked with him, and he reports that Outlook Express
is now working much more smoothly. No spurious disconnects. The
end? Hardly.
I just now happened to notice that the load on the box was reaching
levels I've never seen before. I did a truss on one of these
processes, and this is what I saw:
13397: read(0, " 4 4 Z P I D L E\r\n", 4096) = 11
13397: open("/po/var/imap/msg/shutdown", O_RDONLY) Err#2 ENOENT
13397: poll(0xFFBEDD58, 1, 0) = 0
13397: fd=0 ev=POLLRDNORM rev=0
13397: write(1, 0x00151408, 31)= 31
13397: 4 4 Z P B A D U n r e c o g n i z e d c o m m a n d\r\n
13397: time() = 1076608804
13397: poll(0xFFBEDD58, 1, 4) = 1
13397: fd=0 ev=POLLRDNORM rev=POLLRDNORM
13397: time() = 1076608804
13397: read(0, " 4 4 Z Q I D L E\r\n", 4096) = 11
13397: open("/po/var/imap/msg/shutdown", O_RDONLY) Err#2 ENOENT
13397: poll(0xFFBEDD58, 1, 0) = 0
13397: fd=0 ev=POLLRDNORM rev=0
13397: write(1, 0x00151408, 31)= 31
13397: 4 4 Z Q B A D U n r e c o g n i z e d c o m m a n d\r\n
13397: time() = 1076608804
13397: poll(0xFFBEDD58, 1, 4) = 1
13397: fd=0 ev=POLLRDNORM rev=POLLRDNORM
13397: time() = 1076608804
13397: read(0, " 4 4 Z R I D L E\r\n", 4096) = 11
13397: open("/po/var/imap/msg/shutdown", O_RDONLY) Err#2 ENOENT
13397: poll(0xFFBEDD58, 1, 0) = 0
13397: fd=0 ev=POLLRDNORM rev=0
13397: write(1, 0x00151408, 31)= 31
13397: 4 4 Z R B A D U n r e c o g n i z e d c o m m a n d\r\n
13397: time() = 1076608804
13397: poll(0xFFBEDD58, 1, 4) = 1
13397: fd=0 ev=POLLRDNORM rev=POLLRDNORM
13397: time() = 1076608804
13397: read(0, " 4 4 Z S I D L E\r\n", 4096) = 11
13397: open("/po/var/imap/msg/shutdown", O_RDONLY) Err#2 ENOENT
13397: poll(0xFFBEDD58, 1, 0) = 0
13397: fd=0 ev=POLLRDNORM rev=0
13397: write(1, 0x00151408, 31)= 31
13397: 4 4 Z S B A D U n r e c o g n i z e d c o m m a n d\r\n
13397: time() = 1076608804
13397: poll(0xFFBEDD58, 1, 4) = 1
13397: fd=0 ev=POLLRDNORM rev=POLLRDNORM
13397: time() = 1076608804
13397: read(0, " 4 4 Z T I D L E\r\n", 4096) = 11
13397: open("/po/var/imap/msg/shutdown", O_RDONLY) Err#2 ENOENT
Sigh. Damn, I know people like this client, but I am so friggin' sick
and tired of it. So much pandering to this empire.
Anyway... any thoughts as to what to try now? Should I recompile with
--with-idle=no, or should I try --with-idle=idled? Would idled pose
the same problems he was originally seeing with the default, using poll?
Maybe in the future Cyrus should keep track of the number of errors,
then forcibly disconnect if that error count went beyond a certain
number?
--
Amos
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: ACL usage revisted (need feedback)
On Tue, 11 Feb 2004, Alberto Tablado wrote: > I think that is the key. Both Sendmail and Exim remember the AUTH= > keyword issued by an authenticated MUA or MTA and pass along to the MDA > (Cyrus) in the LMTP conversation. Postfix doesn't do this. Correct, as evident in recent thread: http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&threadm=bvouu7%24gdf%241%40FreeBSD.csie.NCTU.edu.tw&rnum=4&prev=/groups%3Fq%3Dlmtp%2Bauth%2Bgroup:mailing.postfix.users%26hl%3Den%26lr%3D%26ie%3DUTF-8%26group%3Dmailing.postfix.users%26sa%3DG%26scoring%3Dd -- Amos --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: newspostuser --> To, but what about Reply-To?
On Fri, 6 Feb 2004, Ken Murchison wrote: > I just committed this change to CVS. It seems to work just fine with > Mozilla, Outlook and Pine. > > It also gave me the opportunity to cleanup the handling of netnews > specific headers (Path, Xref) and to actually append the post addresses > to the Reply-To header (previously I was just adding another To: header). Excellent! Thanks! -- Amos --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: newspostuser --> To, but what about Reply-To?
On Thu, 5 Feb 2004, Ken Murchison wrote: > I *believe* the logic that Larry and I worked out was that there might > already be a Reply-To header (if a message was sent to a person and CC'd > to a newsgroup for instance), so we thought it would be safer to just > create or add to any existing To header. I see. Maybe which header is used could be a simple config toggle? > I might be able to be convinced otherwise. Maybe you can have multiple > addresses in a Reply-To, I'll have to look. Well, thought I'd do a little browsing through RFC 2822. This is what I found: 3.6.2. Originator fields In either case, an optional reply-to field MAY also be included, which contains the field name "Reply-To" and a comma-separated list of one or more addresses. ... reply-to= "Reply-To:" address-list CRLF ... The originator fields also provide the information required when replying to a message. When the "Reply-To:" field is present, it indicates the mailbox(es) to which the author of the message suggests that replies be sent. So, at least according to that doc, sounds like an address list is valid. I have to admit I don't recall ever seeing it used that way, though. Perhaps further indication it would be safest as a config toggle? -- Amos --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
newspostuser --> To, but what about Reply-To?
Just out of curiosity, is there any reason why newspostuser results in the adding of the To header instead of the Reply-To header? -- Amos --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
cyrus.conf events: days?
Any thought to having a << days="0,3" >> parameter to events in cyrus.conf? I'm thinking it might be better to not have squatter kick off when various VxFS filesystem maintenance is scheduled -- Amos
Re: CYRUS = GARBAGE
On Mon, 2 Feb 2004, Paul Bender wrote: > By the way, I think that Garbage is beyond version 2.2.3. Version 2.0 > came out around 1998, and they have had at least one major release since > then. ;-) Oh, that's funny. -- Amos
Re: Question on ACL's
On Fri, 30 Jan 2004, Ken Murchison wrote: > Jason Williams wrote: > > > Morning everyone, > > > > I've been working on implementing Bulletin Boards over here for our > > company which will allow our users to be able to "share" a folder and > > post/move messages into the folder for other users to view. > > > > Creating the actual mailbox is no problem. The question lies when > > assigning the ACL's to the mailbox in order to allow users to view and > > post to the mailbox/bulletin board. > > > > For example, I did the following: > > > > I created a mailbox: > > user.loanofficers > > and > > user.loanofficers.announce > > First off, is there a reason why you are using a personal mailbox as a > bulletin board? Is there actually a loanofficer user? If not, you > could just create loanofficers.announce (notice the lack of user.) > Unless that destination needed/wanted to use Sieve. :-P Don't mind me. Just a harmless little ping and run. :-) -- Amos
Re: 2.2.3: namespace & list
On Mon, 26 Jan 2004, Ken Murchison wrote:
> [EMAIL PROTECTED] wrote:
>
> > I've been tinkering a little with a Java client, and just happened to
> > notice something I haven't noticed before:
> >
> > . namespace
> > * NAMESPACE (("" ".")) (("Other_Users." ".")) (("Shared_Folders." "."))
> > . OK Completed
> > . list "" Other_Users
> > * LIST (\Noselect \HasChildren) "." "Other_Users"
> > . OK Completed (0.230 secs 52 calls)
> > . list "" Shared_Folders
> > . OK Completed (0.080 secs 1 calls)
>
> This should fix it. Let me know if it breaks anythine else.
>
> http://bugzilla.andrew.cmu.edu/cvsweb/src/cyrus/imap/mboxlist.c.diff?r1=1.228&r2=1.229
Thanks! I will.
--
Amos
2.2.3: namespace & list
I've been tinkering a little with a Java client, and just happened to
notice something I haven't noticed before:
. namespace
* NAMESPACE (("" ".")) (("Other_Users." ".")) (("Shared_Folders." "."))
. OK Completed
. list "" Other_Users
* LIST (\Noselect \HasChildren) "." "Other_Users"
. OK Completed (0.230 secs 52 calls)
. list "" Shared_Folders
. OK Completed (0.080 secs 1 calls)
Why the difference in response between the two non-personal namespaces?
I looked over RFC 2342, and it didn't seem to indicate exactly what the
response of a LIST on a namespace prefix should be.
Also, the above differs with this:
. list "" %
* LIST (\Noinferiors) "." "INBOX"
* LIST (\HasNoChildren) "." "Deleted"
* LIST (\HasNoChildren) "." "JunkMail"
* LIST (\HasNoChildren) "." "Sent"
* LIST (\HasNoChildren) "." "Trash"
* LIST (\Noselect \HasChildren) "." "Other_Users"
* LIST (\Noselect \HasChildren) "." "Shared_Folders"
. OK Completed (0.200 secs 404 calls)
--
Amos
Re: SQUAT indexes?
On Fri, 16 Jan 2004 [EMAIL PROTECTED] wrote:
> On Sat, 17 Jan 2004, Craig Ringer wrote:
>
> > Nils Vogels wrote:
> > > Why not just run squatter from master ?
> > >
> > > This works deliciously over here:
> > >
> > > EVENTS {
> > >...
> > > # Let's squat em
> > > squat_usercmd="squatter -r -s user" period=1440
> > >...
> > > }
> >
> > That indexes all user mailboxes, including the trash etc. I only want to
> > automatically index INBOXES, plus any other mailboxes the user requests.
>
> Could always use the new squat annotation. That's also... tasty?
>
> localhost> mboxconfig user.amos squat true
>
> Yum, yum.
Actually, I forgot that the squat annotation is inherited:
-a Only create indexes for mailboxes which have the shared
/vendor/cmu/cyrus-imapd/squat annotation set to "true".
The value of the /vendor/cmu/cyrus-imapd/squat annota-
tion is inherited by all children of the given mailbox,
so an entire mailbox tree can be indexed (or not
indexed) by setting a single annotation on the root of
that tree with a value of "true" (or "false"). If a
mailbox does not have a /vendor/cmu/cyrus-imapd/squat
annotation set on it (or does not inherit one), then
the mailbox is not indexed. In other words, the impli-
cit value of /vendor/cmu/cyrus-imapd/squat is "false".
Shame because I thought this might be handy to just squat the
inboxes. So, this loops right back into the discussion of
"squatter -s user.%" ;-)
I wonder if maybe there could/should be additional annotations,
one for recursive, one for not. So maybe, to be backwards
compatible, "/squat" would be recursive, but "/squatthis" would
not?
More tasty?
--
Amos
Re: PTS & LDAP Take 3
On Sat, 17 Jan 2004, Tim Pushor wrote: > I am assuming by the lack of response that no-one really cares (at least > at this point) about LDAP group based authorization. Oh, I wouldn't go that far. I just think folks haven't gotten too deep into it yet. If you search the archive you'll see it was discussed just a short while ago. > I have determined that the way its currently setup (the ldap ptloader) > won't do what I want, so I am in the process of rewriting it for my needs. Interesting. Why is that? (Not using it myself right now, but would like to at some point.) -- Amos
Re: SQUAT indexes?
On Sat, 17 Jan 2004, Craig Ringer wrote:
> Nils Vogels wrote:
> > Why not just run squatter from master ?
> >
> > This works deliciously over here:
> >
> > EVENTS {
> >...
> > # Let's squat em
> > squat_usercmd="squatter -r -s user" period=1440
> >...
> > }
>
> That indexes all user mailboxes, including the trash etc. I only want to
> automatically index INBOXES, plus any other mailboxes the user requests.
Could always use the new squat annotation. That's also... tasty?
localhost> mboxconfig user.amos squat true
Yum, yum.
--
Amos
Re: nntp fiddling
On Sat, 17 Jan 2004, Nils Vogels wrote: > When I try to set the news2mail annotation to my normal email address, I > can verify the Return-Path header is indeed empty (Return-Path: <>) > > AFAIK, the use of <> is reserved for the popular Mailer-Daemon ;) > > Would it be an idea for Cyrus to use either the 'From' header of the > post, or maybe even the imapd.conf postmaster variable ? I noticed this in my fiddling and asked Ken about it. Apparently the site that requested this annotation didn't have problems with the <> sender, and since we're not currently using it, and other issues on my mind at the time, it didn't seem worthwhile pursuing that train of thought further. (He's done so much that I hate to ask for too much more. ;-) Though, I guess I have to admit that having some sort of setable something for the sender probably would be "nice". It might also make it more useful, I should think, in mirroring posts to NNTP to an email list, at least a list that had closed posting. -- Amos
Re: /opt/cyrus/mailboxes.db: Not enough space
On Thu, 15 Jan 2004, Igor Brezac wrote: > How many clients did you have connected at that time? At 01/13/04 23:30:00, looks like there were 465 cyrus processes. Looking a bit more closely lately, I notice a couple of these pop up: Jan 15 06:41:07 area51 imaps[4242]: Fatal error: tls_start_servertls() failed Jan 15 07:16:13 area51 imaps[5346]: Fatal error: tls_start_servertls() failed Jan 15 07:33:50 area51 imaps[7045]: Fatal error: tls_start_servertls() failed I wonder if that's some Eudora clients not liking our SSL. Though, it doesn't look like that caused a process to crash, so I don't know if that's related to DB issues. I applied that DB 4.2.52 patch and am now running with it, so we'll see if that makes any difference. -- Amos
Re: /opt/cyrus/mailboxes.db: Not enough space
On Wed, 14 Jan 2004, Igor Brezac wrote: > Hmm. You can clear this up by running db_recover from the /po/var/imap/db > directory. What does db_stat -c say before you run db_recover? Do > tls_prune|cyr_expire|ctl_cyrusdb -c run properly on your system? > > Also apply http://www.sleepycat.com/update/4.2.52/patch.4.2.52.html... Ah, thanks for pointing that out, and naughty me for not thinking to check for patches at the db site. Anyway... $ /usr/local/BerkeleyDB.4.2/bin/db_stat -c -h /po/var/imap/db 227362 Last allocated locker ID. 2147M Current maximum unused locker ID. 9 Number of lock modes. 5 Maximum number of locks possible. 5 Maximum number of lockers possible. 5 Maximum number of lock objects possible. 332 Number of current locks. 604 Maximum number of locks at any one time. 664 Number of current lockers. 1198Maximum number of lockers at any one time. 2 Number of current lock objects. 13 Maximum number of lock objects at any one time. 12M Total number of locks requested. 12M Total number of locks released. 0 Total number of lock requests failing because DB_LOCK_NOWAIT was set. 454 Total number of locks not immediately available due to conflicts. 0 Number of deadlocks. 0 Lock timeout value. 0 Number of locks that have timed out. 0 Transaction timeout value. 0 Number of transactions that have timed out. 19MB 624KB The size of the lock region.. 8560The number of region locks granted after waiting. 19M The number of region locks granted without waiting. Though, things much quieter now than they were earlier. Hmmm... I wonder if I need to raise some of those limits. As to tls_prune|cyr_expire|ctl_cyrusdb, haven't seen any problems with those. I wonder if I should run tls_prune more often than the default once a day at 4am -- Amos
Re: /opt/cyrus/mailboxes.db: Not enough space
Hmmm... I guess these issues are still present with DB-4.2.52: imaps[26503]: [ID 729713 local6.error] DBERROR: opening /po/var/imap/tls_sessions.db: cyrusdb error imaps[26828]: [ID 729713 local6.error] DBERROR: opening /po/var/imap/tls_sessions.db: Not enough space imaps[26828]: [ID 729713 local6.error] DBERROR: opening /po/var/imap/tls_sessions.db: cyrusdb error imaps[26832]: [ID 729713 local6.error] DBERROR: opening /po/var/imap/tls_sessions.db: Not enough space Someone back there in the early days of this thread mentioned the db_stat command: /usr/local/BerkeleyDB.4.2/bin/db_stat -e -h /po/var/imap/db 4.2.52 Environment version. 120897 Magic number. 0 Panic value. 968 References. 1911972 Locks granted without waiting. 28816 Locks granted after waiting. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Mpool Region: 2. 264KB Size. -1 Segment ID. 2353977 Locks granted without waiting. 190 Locks granted after waiting. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Log Region: 3. 96KBSize. -1 Segment ID. 6430275 Locks granted without waiting. 14697 Locks granted after waiting. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Lock Region: 4. 19MB 624KB Size. -1 Segment ID. 19M Locks granted without waiting. 8420Locks granted after waiting. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Txn Region: 5. 32KBSize. -1 Segment ID. 2765561 Locks granted without waiting. 1152Locks granted after waiting. Is the only way to clear this up is to shutdown and blow away tls_sessions.db? I doubt it matters, but this is on: v2.2.2-BETA 2003/12/19 18:38:42 -- Amos
Re: Using singleinstancestore on a large scale (thousands of recipients)
On Tue, 13 Jan 2004, Sebastian Hagedorn wrote: > we've got Cyrus 2.1.16 running on Red Hat AS 2.1 with singleinstancestore > and it's working well. A common case is that mails will have up to 5 > recipients: > > -rw---5 cyrusmail 3754 Jan 13 11:13 > /var/spool/imap/S/user/a0620/88222. > > We haven't yet moved all our student accounts to Cyrus, but once we've done > that, I'd like to be able to use this mechanism for sending mails to all of > them. We've got around 30,000 student accounts. Now I wonder: > > - can a single inode have 30,000+ links? We're using ext3 as this is the > only file system supported by Red Hat. > > - can I invoke "deliver" with such a long argument list? If not, is there > an alternative? We don't have as many students, but we see a fair number of "large distribution" posts as well. You don't indicate what MTA you're using, but as pointed out, you need to use LMTP for this feature to have any impact. If you're using Postfix, you can control how many recipients are allowed to be handled by a single post: # Cyrus will hard link messages to multiple recipients # on the same Cyrus partition. lmtp_destination_recipient_limit = 3000 So a message to 6K will result in two messages with 3K links to each. I figured that was good enough, and not likely to freak anything out. -- Amos
Re: Annotations
On Sun, 11 Jan 2004, Ken Murchison wrote: > The 3 vendor-specific annotations used by Cyrus are all documented in > the appropriate locations: > > squat: squatter(8) > expire: cyr_expire(8), install-netnews.html > news2mail: install-netnews.html What about these? https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/cyrus/perl/imap/cyradm.sh.diff?r1=1.14&r2=1.15 I'm curious how this comment annotation was envisioned to be used -- Amos
Re: Cyrus and Postfix question
On Fri, 9 Jan 2004, Joakim Ryden wrote:
> Jason Williams wrote:
> [...]
> > Then in my master.cf
> >
> > # Cyrus 2.1.5
> > cyrus unix - n n - - pipe
> > user=cyrus argv=/usr/local/cyrus/bin/deliver -r ${sender} -m
> > ${extension} ${user}
> >
> > So it envokes the cyrus deliver program.
> > I see how that works.
> > Just trying to find out more on the two options: advantages and
> > disadvantages of both.
>
>
> If you have any kind of traffic I would *NOT* use this option as any
> Postfix calls to external programs will slow things down and eat far
> more resources than necessary.
I would concur with that sentiment. The ancient master.cf deliver
method would not be optimal under very heavy load.
> LMTP over tcp works well if you have a setup like... firewall -> Postfix
> server - Cyrus server, which is what I use. The Cyrus server as well as
> the Postfix are on internal IPs, Postfix server has port 25 open and
> Nat'ed from firewall, Cyrus server has IMAP and IMAP over SSL (ports 143
> & 993 NAT'ed from firewall so (hopefully) no one should even know that
> the LMTP tcp port is open on the Cyrus server. Even so I still use
> password authentication for Postfix to deliver to the Cyrus box.
We do something similar. Or, you could just have LMTP bound to local
interface.
--
Amos
Re: nntp fiddling
On Sun, 4 Jan 2004, Ken Murchison wrote: > [EMAIL PROTECTED] wrote: > > On Sun, 4 Jan 2004, Ken Murchison wrote: > >>Until I add POST support, you could set a news2mail annotation on the > > Hmm... grepping the source this would just be an email address, no? > Yes, and email address (or alias which the MTA can expand to multiple > addresses). Is this missing from install-netnews.html? There's the annotation about expire, but I don't see this one. Amos
Re: nntp fiddling
On Sun, 4 Jan 2004 [EMAIL PROTECTED] wrote:
> On Sun, 4 Jan 2004, Ken Murchison wrote:
>
> > Until I add POST support, you could set a news2mail annotation on the
>
> Hmm... grepping the source this would just be an email address, no?
>
I keep this up and nobody will ever answer any of my posts. ;-)
This is sweet. Works like a charm.
. SETANNOTATION news.utd.test "/vendor/cmu/cyrus-imapd/news2mail" ("value.shared"
"[EMAIL PROTECTED]")
Hmmm... if the duplicate delivery db is enabled, then this and the
lmtp2nntp thing could be used to mirror listserv list <-> and news
group, huh?
Amos
Re: nntp fiddling
On Sun, 4 Jan 2004, Ken Murchison wrote: > Until I add POST support, you could set a news2mail annotation on the Hmm... grepping the source this would just be an email address, no? Amos
Re: nntp fiddling
On Tue, 30 Dec 2003, Ken Murchison wrote: > Any perceivable difference in performance? I was considering making the > Xref stuff enabled by a config option, since not all clients need it, > but if it doesn't slow things down too much, I won't bother. > > On this box? My test box is a scruffy old U10 with nearly no memory and slow drives. I can't really see a difference myself. The only slight difference appears when I unset newsprefix, presumedly because it has to search out more folders. However, even this difference seems very slight. I'm not even sure it really exists. ;-) Amos
Re: 2.2.2 BETA stability
On Thu, 25 Dec 2003, Will Prater wrote: > How is the stability on this release? I have been re-vamping one of my > production machines and I wanted to make use of the virtual support > with fully qualified domain logins. How are you guys liking this!! At least based on the way things seem to be going, should know by next week. ;-) If you do go this route, I would personally pull from CVS since the latest BETA snapshot was taken a while ago Amos
Re: ldap ptloader
On Tue, 23 Dec 2003, Igor Brezac wrote: > Good luck building it! ;) This code needs work. When I find some time > I'll try to work on it... > > -Igor I notice the imapd.conf man page mentions the 'memberOf' attribute. Unless I'm mistaken, that's a bit of a controversial thing, huh? That is, whether to use "static" groups containing all the members, or to have a multi-valued attribute contained within the user DN listing the groups that DN is associated with, what iPlanet/SunONE refers to as "roles". I guess AD also takes that approach. I don't know where I'm going with this, other than maybe clarification that my interpretation is correct. I'm still exploring this LDAP group business. We do map the standard UNIX group file to LDAP, but in a way I don't consider those to be "LDAP groups". Interestingly enough, for a while now we've been using an attribute in the user DN to perform some access permissions checks, so unwittingly have been using SunONE roles-like approach for a while now. (We are using the SunONE server.) Amos
Re: cyrus 2.2 status
--On Tuesday, December 17, 2002 4:24 PM -0800 Jonathan Marsden <[EMAIL PROTECTED]> wrote: | So the question becomes: what, if anything can non-CMU people do that | would help cause a release of 2.2 (or 2.1 with virtdomains in it??) to | happen sooner rather than later? Just a guess... send Ken some money. Amos
Re: DBERROR: skiplist recovery errors
--On Friday, December 13, 2002 10:48 AM +1100 Rob Mueller <[EMAIL PROTECTED]> wrote: | Yes. I think it's better to at least startup with a reduced DB, then fail | to start at all. Which means mail to those poor soles that got dropped from the db will start bouncing horribly, right? If so, these folks might not agree with you Amos
Re: Shared folders and virtual domains ?
--On Sunday, December 8, 2002 2:57 AM +0100 Christian Schulte <[EMAIL PROTECTED]> wrote: [..] | Thanks a lot! After cvs update delivery now works! Great | If I only would know how to use the gdb to step through sourcecode I | could have provided you with more detailed information or even a patch | but I am totally not used in using this thing... Call me grumpy, but I'd just be happy if folks could learn to edit their posts just a tad! ;-) Amos
Re: Cyrus and Postfix
--On Thursday, December 5, 2002 11:38 PM +0100 Christoph Burger-Scheidlin <[EMAIL PROTECTED]> wrote: | Dec 5 23:03:25 Hades postfix/lmtp[16388]: 04316100F: | to=<[EMAIL PROTECTED]>, relay=public/lmtp[public/lmtp], | delay=21490, status=deferred (host public/lmtp[public/lmtp] said: 451 | 4.3.0 System I/O error) | Dec 5 23:03:25 Hades postfix/lmtp[16387]: AFB60100E: | to=<[EMAIL PROTECTED]>, relay=public/lmtp[public/lmtp], | delay=21840, status=deferred (host public/lmtp[public/lmtp] said: 451 | 4.3.0 System I/O error) In your master.cf, at the end of the lmtp line, add "-v". That will cause the Postfix lmtp client to run in verbose mode. This might help to track things down. Also turn up the logging of Cyrus to debug and see what is recorded there. In general, the more logging, the easier it is to track these sort of things down. Next, it is a bad idea to use anything under the Postfix hierarchy for 3rd-party software. While public/lmtp is probably okay, I think it is best to simply not fiddle with anything under there---less possibility for surprises. Finally, make sure that both the Postfix user and the Cyrus user are able to access this named pipe. This means temporarily assigning a shell to these two users, doing an su to them, and make absolutely certain that both can access this file. --On Friday, December 6, 2002 2:54 PM -0200 Darci Antônio Tartari <[EMAIL PROTECTED]> wrote: | In my main.cf I use mailbox_transport = cyrus and its working very well. Yeah, but if you're using a stock install, that ultimately uses the deliver command, which will incur a bit more overhead. Using lmtp directly is a better way to go if at all possible. Amos
Re: Which version of Cyrus IMAPD
2.1.11, with skiplist for mboxlist.db (I believe now the default). --On Friday, December 6, 2002 4:49 PM +0100 [EMAIL PROTECTED] wrote: | Hello, | | For a production mail server, which version of Cyrus IMAPD should I use ? | Version 2.0.17 or version 2.1.11 ? And what are the differences really | between those two latest versions ? | | Regards | Marc | |
Re: cyrus on vxfs
--On Friday, December 6, 2002 3:27 PM +0100 Jure Pecar <[EMAIL PROTECTED]> wrote: | I'm sure some of you use vxfs on solaris for cyrus mail spool ... What are | your expiriences? Tunning tips? Maybe any vxfs on linux expiriences out | there? Works fine for us. Tis nice not having to worry about running out of inodes. ;-) (Using Solaris vxfs, BTW.) Amos
RE: PostgreSQL backend: a waste of time?
--On Monday, November 25, 2002 4:36 PM +0100 Noll Janos <[EMAIL PROTECTED]> wrote: | I think that's a very good idea, but we found that MySQL is much faster | than Postgres, when there are no complex queries (this is the case here), | so it might be a better idea to use MySQL. Seems kinda ironic in a way---doesn't MySQL use BerkeleyDB? I guess it's all in the indexing/caching Amos
Re: SpamAssassin & Sieve?
--On Saturday, November 23, 2002 12:49 PM -0800 Bill Wester <[EMAIL PROTECTED]> wrote: | So with Cyrus, how did you get spamassassin to run? That is the problem | im having is there is not a tight well done integration between | sendmail/postfix -> spamassassin -> cyrus ->sieve -> spam happiness!!! | | any clues as to how your doing this part? Since we're running Postfix: http://spamassassin.org/ http://www.ijs.si/software/amavisd/ There are some rough spots to clear with this arrangment, but it seems to be a potentially more scalable approach than just running SA from a script, especially with amavisd-new-20021116. Amos
SpamAssassin & Sieve?
I guess slightly off-topic, but I was wondering if any folks on here are using SpamAssassin, and if so, what sort of Sieve scripts you're using on such tagged mail. I know that recent releases of Sieve have a numeric comparator. Are you using that somehow, or just a simple match on the "X-Spam-Level: ***" header? Amos
Re: Timsieved valid commands
--On Tuesday, November 19, 2002 9:46 PM -0500 Ken Murchison <[EMAIL PROTECTED]> wrote: | You should use the SASL library to to the authentication so you can | handle any available mechanism. The imtest.c program that comes with | Cyrus is a good example of a SASL client - it handles SSL/TLS and SASL | for IMAP, POP3, SMTP, LMTP, NNTP, MANAGESIEVE and MUPDATE. All this talk about SASL and MANAGESIEVE, I don't suppose anybody is tinkering with a Java implementation, maybe? I notice there's some Java support in Cyrus-SASL. Amos
Re: locking problems with 2.1.9
--On Friday, November 8, 2002 7:49 PM -0500 Peter Krotkov <[EMAIL PROTECTED]> wrote: | Prior to a code fix to address the problems you observed, do you think it | would be unreasonable to configure master so that imaps is not offered? | We could revert to running stunnel for ssl support and then take our Could this also be an entropy issue? On this Solaris 8 box, what are you using for /dev/random, anyway? That Solaris patch? Amos
ipurge -s option?
What about the following? I was thinking it might be nice if ipurge had a -s option for skipping "special" messages. That is, if you flag certain messages as special[*], then run ipurge -s on that folder, these flagged messages would not be deleted even if they otherwise matched the criteria for being removed. Thoughts? Amos *-- some clients refer to flagged messages as "special" or "important". I'm not sure if there's an official name for this.
Re: Can't get Cyrus/Postfix to work
On Sun, 25 Feb 2001, Yom, Francis wrote: > Postfix Beta 19991231 Patchlevel 8 - which came with 7.2 [...] > Whenever I do the imtest. I also know Postfix can't deliver due to > some lmtp failer - can't connect. As for the Postfix part, you'll need to get a much more recent snapshot than that. The version you have won't work with Cyrus 2.x very well at all. -Amos
Re: perl cyradm
Yeah, I recollect something like this. Since I was concentrating on other things at the moment, I forced my way through this issue as follows: LIBS="-L/usr/local/lib -R/usr/local/lib -L/usr/local/ssl/lib -R/usr/local/ssl/lib" SASL_LIB="$LIBS -lsasl" ./configure gmake SASL_LIB="$SASL_LIB" gmake install SASL_LIB="$SASL_LIB" Oh, this was on a Solaris 8 SPARC box. Anyway, after forcing the value of SASL_LIB, I was able to get past the Perl stuff. Was going to look further into this, but forgot. -- Amos On Sat, 23 Dec 2000, Ilya wrote: > Guys, you've been great help. Couple of last things, like: > cyradm > Can't load > '/usr/local/lib/perl5/site_perl/5.005/i386-freebsd/auto/Cyrus/IMAP/IMAP.so' > for module Cyrus::IMAP: > /usr/local/lib/perl5/site_perl/5.005/i386-freebsd/auto/Cyrus/IMAP/IMAP.so: > Undefined symbol "sasl_client_init" at > /usr/libdata/perl/5.00503/DynaLoader.pm line 169. > > at /usr/local/lib/perl5/site_perl/5.005/i386-freebsd/Cyrus/IMAP/Admin.pm > line 43 > BEGIN failed--compilation aborted at > /usr/local/lib/perl5/site_perl/5.005/i386-freebsd/Cyrus/IMAP/Admin.pm line > 43. > BEGIN failed--compilation aborted at > /usr/local/lib/perl5/site_perl/5.005/i386-freebsd/Cyrus/IMAP/Shell.pm line > 58. > BEGIN failed--compilation aborted. > > any ideas? > i went through the code where I could, but didnt notice any suspiciouse. > >
Re: LMTP vs SMTP
If you watch the protocols, one difference should become apparent. With SMTP, after the `.' concluding the `DATA' command, you'll only get one response, no matter how many recipients were listed for that message. However, with LMTP, you get a response for each recipient, in the order that the recipients were listed. That way you know which recipients were able to receive the message, and which weren't. Since Cyrus supports quotas, consider a situation where all but one of the recipients were over quota. Why should that one that's not over quota see the same message several times as the MTA attempts redelivery to those that are over quota? -- Amos On Wed, 13 Dec 2000, Scot W. Hetzel wrote: > LMTP will send the message only once to cyrus and allow cyrus to deliver the > message internally to the list of recipients provided during the LMTP > exchange with sendmail. One nice feature that this provides to cyrus is > single-message store, where the message is stored in the first recipients > mailbox, and the remaining recipients are hardlinked to this message, thus > saving space on the server.
