unsubscribe
Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: defaultdomain question
If I set defaultdomain: retrix.com, the full hostname of my machine strongmad.retrix.com gets used as the default of domain. Likewise, if I set defaultdomain: strongmad.retrix.com, then retrix.com is the default domain (as expanded in my database query using the %r variable). From 'man imapd.conf': virtdomains: off Enable virtual domain support. If enabled, the user's domain will be determined by splitting a fully qualified userid at the last '@' or '%' symbol. If the userid is unqualified, and the virtdo- mains option is set to on, then the domain will be determined by doing a reverse lookup on the IP address of the incoming network interface, otherwise the user is assumed to be in the default domain (if set). Allowed values: off, userid, on I suspect you have 'virtdomains: on' which means the domain for a unqualified user is determined by reverse dns. Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Is it possible to clean the trash folder automatic?
This almost answers the same question I had. On Sun, 10 Oct 2004, Bob Tito wrote: purgetrashcmd=ipurge -d 7 -f user/%/Trash at=0200 Does this also remove old message from anything below user/%/Trash, like user/%/Trash/SPAM and user/%/Trash/Virus? The above purgetrash event is not recursive. It should only operate on user/*/Trash (INBOX/Trash, from the user's point of view). Mailboxes fitting the pattern, user/%/Trash/SPAM would be untouched. I am finally getting to implement this. Most of my other questions have been successfully answered. This question really comes back to my original question of how to match multiple mailboxes in cyrus-imap with virtdomains: turned on. I am trying to delete message in the INBOX.junmail folder of every user on the system. I am not using unixhierachy so I replaced the slashed with dots - no go. This works: ./bin/ipurge -b 10 -X -f [EMAIL PROTECTED] This works: ./bin/ipurge -b 10 -X -f [EMAIL PROTECTED] These won't work: ./bin/ipurge -b 10 -X -f user.%.junkmail* ./bin/ipurge -b 10 -X -f user.%.junkmail% ./bin/ipurge -b 10 -X -f user.%.junkmail* ./bin/ipurge -b 10 -X -f [EMAIL PROTECTED] ./bin/ipurge -b 10 -X -f [EMAIL PROTECTED] To repeat the question, how can I delete the contents of all of the user.%.junkmail folders on the system regardless of virtual domain they belong to? Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Is it possible to clean the trash folder automatic?
Does this work: purgetrashcmd=ipurge -d 7 -f *.Trash at=0300 I adapted it to my particular situation and ran it from command line as user cyrus: ./bin/ipurge -b 10 -X -f *.junkmail This works. It also processes nested folders: ./bin/ipurge -b 10 -X -f *.junkmail Working on [EMAIL PROTECTED] Working on [EMAIL PROTECTED] Any way to limit its actions to just the INBOX.junkmail folder of every user on the system regardless of domain? Is there a document anywhere that describes the matching of mailbox paths and the purpose of '*' versus '%'? Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Setting ACL and deleting multiple users?
I can use cyradm and delete multiple users just like this: localhost.localdomain setacl [EMAIL PROTECTED] cyrus d localhost.localdomain dm [EMAIL PROTECTED] However, I cannot do the same thing when I connect to the imap port: telnet localhost imap Trying 127.0.0.1... Connected to localhost.localdomain. Escape character is '^]'. * OK host.example.org Cyrus IMAP4 v2.2.8 server ready a login cyrus testing a OK User logged in a setacl [EMAIL PROTECTED] cyrus d a NO Mailbox does not exist So how can I delete all mailboxes that match a particular domain in one shot? Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: user+folder@domain delivery
Please tell me what you will find out. I think it's important to have a recent cyrus version. I am using Debian/Sarge but built cyrus-imap-2.2.8 from source. Probably adding Post for anonymous to the folder gets you further. Yes, that was the missing link. Looking at folder permissions, this poses another idea. Is it possible to set permissions on a folder that prevent the owner from deleting the folder by accident? Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Need some 'Mail System Help' pages
Has someone written up some good user documentation on how to use email services? I am looking for a bunch of html pages I can refer users to on how to setup POP3/IMAP and SMTP AUTH on mail clients. Something on websieve would also be good. Obviously can I roll my own but it would be nice if I could use something that has been done already as a basis. Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Quota math
What is the proper multiplier to go from MB to the number I have to send to imap via the SETQUOTA command? a006 SETQUOTA [EMAIL PROTECTED] (STORAGE 1024) Is this kB? Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Quota math
What is the proper multiplier to go from MB to the number I have to send to imap via the SETQUOTA command? My apologies for the noise. Found the answer in the list archive: Its documented in RFC 2087, as groups of 1024 octets (or KBytes). Its also documented in doc/install-admin-mb.html: To limit smith to 10,000 kilobytes of mail, type: setquota user.smith 1 Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: postfix to cyrus-imap via lmtp?
I am having great difficulties getting postfix to use lmtp. Things are working if I use deliver: Pardon my asking, but I'm just now learning how to use Cyrus and am about to set Postfix to send to it. If it is working to use deliver, why do you want to use lmtp? Is there some advantage to using lmtp over deliver? I'd just like to know which one would be best to go with. The way I understand the process, deliver is a redundant step if the MTA supports lmtp. With deliver the path is: postfix pipe deliver lmtp cyrus Without deliver it is: postfix lmtp cyrus For what it's worth, as Simon Matter pointed out, lmtp didn't work because I had multiple version and builds of cyrus-sasl on the system. Instead of patching and building cyrus-sasl, I am using saslauthd and pam-mysql to authenticate users. This is working quite well and ironed out the postfix bugs I had. Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: postfix to cyrus-imap via lmtp?
Why don't you use Debian packages for cyrus-sasl, cyrus-imapd and postfix? While not being a Debian user I'm quite sure those packages exist and will prevent from such mess. I am only interested in plain password authentication, with encrypted passwords kept in some database (trying mysql). The Debian cyrus-sasl package does not include any way to lookup encrypted passwords in mysql. I had built cyrus-sasl with a patch from http://frost.ath.cx/software/cyrus-sasl-patches/. The Debian cyrus-imap built has loads of dependencies. Since I had to built cyrus-sasl, I did the same for cyrus-imapd and just included what was necessary to meet my needs. No matter how I look at it, in order to do SMTP AUTH with encrypted passwords in the user database I still need the above mentioned patch for cyrus-sasl. Also means I still have to built everything from sources, including postfix. Is there a way to have uw-imapd log user passwords in the clear? With that I could collect all my users passwords and store them clear text in the database. Everywhere it says that this is not a good idea. But why? As system administrator I have access to everyones 'secret' emails anyways. Whether or not the passwords are clear text should be irrelevant. Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: postfix to cyrus-imap via lmtp?
Then the problem is really that debian's postfix packages don't include postfix's SMTP AUTH/sasl patch, right? I've done a lot of postfix builds in the past and they're really nothing to be afraid of. Even on the machines where I run debian, I still build postfix from source to gain access to things like LDAP and the latest versions. No, Debian's cyrus-sasl doesn't include the patch to lookup encrypted passwords in sql. This means I have to build cyrus-sasl from source and everything that depends on it, cyrus-imapd, postfix, anything else? It also mans I have to build a 'dummy' MTA package so I can remove Debian's postfix package without wrecking my system. I guess I could use pam. SMTP AUTH would look like: postfix - sasl - saslauthd - pam - mysql And cyrus-imap would do the same: imap - sasl - saslauthd - pam - mysql What if a user gains access to your database? Furthermore, what would be the point of having them stored in plain text? Might as well encrypt them then. Having encrypted passwords is part of the problem, in addition the fact that there are many different encryption schemes. My users already have a mix of crypt and md5crypt passwords. Still need a way to rectify this. Stil might be handy to temorarily collect usernames and a clear text passwords, then store them encrypted in mysql. Oh man, I am almost ready to toss the idea of a 'sealed' mail server alltogether. Instead keep unix accounts, shadow passwords and lock down the box so mail users do not have shell access Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
configdirectory and partition-default
I have a large scale cyrus-imap deployment with /var/spool/imap as a seperate disk partition but that means configdirectory is on a different filesystem. For another installation I ould like to keep both, databases and mailboxes, in a seperate partition. What should this look like? A partition mounted at /var/cyrus and configdirectory: /var/cyrus/conf partition-default: /var/cyrus/spool Is there a 'standard' way of doing this? Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: postfix to cyrus-imap via lmtp?
My first guess was, and now again is, that you have a mix of sasl1 and sasl2 on your system. Postfix was a bit of a problem because you couldn't have it support LDAP and SASL2 at the same time when your OpenLDAP was using SASL1. You may ldd check your postfix binaries. Your are probably right. Postfix was installed from a Debian package. But cyrus-sasl and cyrus-imap were installed from source. The end result is that the sasl libs used by postfix are not the sasl libs it was built with. Not sure where I'll go next. I could build postfix from source as well, I do need sasl support for SMTP AUTH. Or, I could give courier-imap a try to see if I can get away with stock Debian packages. Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
postfix to cyrus-imap via lmtp?
I am building a mailsystem that uses postfix as MTA. I am having great difficulties getting postfix to use lmtp. Things are working if I use deliver: master.cf: cyrus unix - n n - - pipe flags= user=cyrus argv=/usr/local/cyrus/bin/deliver -r ${sender} -m ${extension} ${user} main.cf: mailbox_transport = cyrus If I try to configure lmtp things go very wrong. The default install results in a permission problem vith the parent directories for the socket. If I get this out of the way by doing chmod 777 /var/imap I am still getting errors. cyrus.conf: lmtpunix cmd=lmtpd listen=/var/imap/socket/lmtp prefork=0 master.cf: lmtp unix - - n - - lmtp main.cf: mailbox_transport = lmtp:unix:/var/imap/socket/lmtp mail.log: Oct 19 10:45:18 yoda postfix/local[31445]: warning: premature end-of-input on private/lmtp socket while reading input attribute name Oct 19 10:45:18 yoda postfix/local[31445]: warning: private/lmtp socket: malformed response Oct 19 10:45:18 yoda postfix/local[31447]: warning: premature end-of-input on private/lmtp socket while reading input attribute name Oct 19 10:45:18 yoda postfix/local[31447]: warning: private/lmtp socket: malformed response Oct 19 10:45:18 yoda postfix/master[31283]: warning: process /usr/lib/postfix/lmtp pid 31453 killed by signal 11 Oct 19 10:45:18 yoda postfix/master[31283]: warning: /usr/lib/postfix/lmtp: bad command startup -- throttling Oct 19 10:45:18 yoda postfix/master[31283]: warning: process /usr/lib/postfix/lmtp pid 31452 killed by signal 11 Any ideas where I might be going wrong? This is on Debian/Sarge with the current postfix Debian package installed and the latest cyrus-sasl and cyrus-imapd build from source. Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: postfix to cyrus-imap via lmtp?
Other than using prefork=1, I'm set up using lmtp with the same postfix/cyrus config as you, so I think you can eliminate that as an issue. Could it possibly be a permissions problem with the socket? Also, check to see that the cyrus lmtpd is executable by the cyrus master program. I finally figured out that it postfix lmtp which seg faults. Not sure how to go about fixing that yet... I can use cyrus deliver, it works just fine. Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
setrlimit
When I start the master process I get this message in the log file: Oct 17 12:17:05 yoda master[25460]: setrlimit: Unable to set file descriptors limit to -1: Operation not permitted Is this something I need to attend to or is it safe to ignore Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Building cyrus-imap on Debian/Sarge.
I managed to figure out how to get thing to build with the Debian libdb4.2 package. I am still working on getting things configured, so how knows, maybe I'll into more issues later. But this is how I built cyrus-sasl and cyrus-imap on Debian/Sarge. First a patch war required to force configure to use libdb-4.2. These changes I found somewhere deep within the bowels of Google, didn't record the actual link/source. --- berkdb.m4.orig 2004-10-16 11:37:49.0 -0500 +++ berkdb.m4 2004-10-16 11:41:11.0 -0500 @@ -211,11 +211,13 @@ BDB_LIBADD= fi -for dbname in db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db - do -AC_CHECK_LIB($dbname, db_create, BDB_LIBADD=$BDB_LIBADD -l$dbname; - dblib=berkeley; break, dblib=no) - done +#for dbname in db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db +# do +#AC_CHECK_LIB($dbname, db_create, BDB_LIBADD=$BDB_LIBADD -l$dbname; +# dblib=berkeley; break, dblib=no) +# done +BDB_LIBADD=$BDB_LIBADD -ldb-4.2; + dblib=berkeley; if test $dblib = no; then AC_CHECK_LIB(db, db_open, BDB_LIBADD=$BDB_LIBADD -ldb; dblib=berkeley; dbname=db, I haven't used libtool, automake, autoconf, etc all that much. I really don't understand what happens, but the order I did these things in seemed to work. cyrus-sasl -- The cyrus-sasl package was installed from source since the Debian package had many dependencies and feature we didn't need. The source file was obtained from ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.19.tar.gz. tar xzf cyrus-sasl-2.1.19.tar.gz cd cyrus-sasl-2.1.19 The patches/berkdb.m4.diff patch was applied to correctly build cyrus-sasl with the Debian libdb4.2 package. cd cmulocal patch ../../cyrus-sasl-berkdb.m4.diff cd .. rm -f config/libtool.m4 libtoolize --force aclocal-1.6 -I cmulocal -I config autoheader automake-1.6 autoconf cd saslauthd aclocal-1.6 -I ../cmulocal -I ../config autoheader automake-1.6 autoconf cd .. ./configure \ --enable-plain \ --enable-login \ --disable-anon \ --disable-java \ --disable-cram \ --disable-digest \ --disable-otp \ --disable-srp \ --disable-krb4 \ --disable-gssapi \ --disable-ntlm \ --disable-sql \ --with-dblib=berkeley \ --with-bdb-libdir=/usr/lib \ --with-bdb-incdir=/usr/include \ --with-openssl=/usr/lib \ --with-pam=/lib/security \ --with-saslauthd=/var/run/saslauthd \ --with-mysql=/usr/lib make make install mkdir -p /var/run/saslauthd cd saslauthd/ make testsaslauthd cp testsaslauthd /usr/local/bin echo /usr/local/lib/sasl2 /etc/ld.so.conf ldconfig ln -s /usr/local/lib/sasl2 /usr/lib/sasl2 cyrus-imapd --- The cyrus-imapd package was installed from source. The source was obtained from ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-imapd-2.2.8.tar.gz. tar xzf cyrus-imapd-2.2.8.tar.gz cd cyrus-imapd-2.2.8 The patches/berkdb.m4.diff patch was applied to correctly build cyrus-imapd with the Debian libdb4.2 package. cd cmulocal patch ../../cyrus-imapd-berkdb.m4.diff cd .. rm -f config/libtool.m4 rm -f configure sh SMakefile ./configure \ --enable-sieve \ --enable-servers \ --disable-nntp \ --disable-murder \ --disable-cmulocal \ --disable-gssapi \ --with-cyrus-prefix=/usr/local/cyrus \ --with-auth=unix \ --with-dbdir \ --with-bdb-libdir=/usr/lib \ --with-bdb-incdir=/usr/include \ --with-openssl=/usr/lib \ --with-perl \ --with-sasl=/usr/local/lib \ --without-afs \ --without-ldap \ --without-krb make make install Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Building cyrus-imap on Debian/Sarge.
I am having problems getting cyrus-imap to build on Debian/Sarge. During configure cyrus-imap complains about the lack of a db_create function in -ldb-4.2. However, the /usr/lib/libdb-4.2.so file does exist. Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Is it possible to clean the trash folder automatic?
Don't know if others have replied to you directly already... Nope. On Sun, 10 Oct 2004, Bob Tito wrote: purgetrashcmd=ipurge -d 7 -f user/%/Trash at=0200 Does this also remove old message from anything below user/%/Trash, like user/%/Trash/SPAM and user/%/Trash/Virus? The above purgetrash event is not recursive. It should only operate on user/*/Trash (INBOX/Trash, from the user's point of view). Mailboxes fitting the pattern, user/%/Trash/SPAM would be untouched. This is good to know. This would be the ideal way to specify an account to drop spam into. Just need to figure out how to have SpamAssassin deliver positive hits into a mailbox other than INBOX. Using this method it'll apply to all accounts no matter what. cyr_expire does the work of purging messages that have expired (see the man page for cyr_expire for more details). It is usually configured as an event in cyrus.conf. Ok, in my particular case, I am subscribed to a large number of mailing lists. On the current mail server I am running uw-imap, procmail and mboxes. A cronjob runs a script every day that trims every mailbox in the lists directory to only keep the 200 most recent messages. Works like a charm. Once I switch to cyrus-imap I can use the expire flag to automatically purge old messages from these mailing list mailfolders. One advantage of using the expire annotation is that users can potentially specify how long they want mail in the specified mailbox to hang around before it expires (or if they want mail in the specified folder to expire at all!). For end users a web based interface to make these tweaks would probably be preferable. Just have to find a web based tool to do these things to make it available to everyone on the server. Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Mailserver Solution
Hi, Are there any complete mail server solutions available that are based on a cyrus-imap backend? I am looking for either a comprehensive guide or a complete solution for a mail server that can handle a few user accounts for multiple domains. It should include cyrus-imap mail store, MTA, anti-virus, anti-SPAM and webbased frontend for mail and administration. I figured that anyone who has done this with cyrus-imap will hopefully read this list. I am looking after a mail server that does this on a larger scale with a large and multi purpose user databae in LDAP and a corresponding web frontend. However, right now I don't have the time to shrink this into a mailserver-in-a-box solution. Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
saslauthd filter
Hi, I am using saslauthd to control access to a mail server running SMATP AUTH. Can I check for the existance or lack of existance of a ldap attribute using saslauthd? Here is what I have in /etc/saslauthd.conf now: ldap_auth_method: bind ldap_servers: ldap://172.28.1.22 ldap_search_base: ou=people,dc=example,dc=ca ldap_use_sasl: no ldap_method: simple If I add a line such as: ldap_filter: myNewUser=true I would have expected the authentication to succeed if the user has the myNewUser attribute set to true. That doesn't work, that's my first problem. The second problem is that once this is working I need to invert the meaning in the sense that users with myNewUser=true should not authenticate... Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: saslauthd filter
Hi John, You are correct in that the myNewUser attribute is optional. Therefore I configured /etc/saslauth.dconf like this: ldap_auth_method: bind ldap_servers: ldap://172.28.1.22 ldap_search_base: ou=people,dc=example,dc=ca ldap_use_sasl: no ldap_filter: ((uid=%u)(|(!(myNewUser=true)))(!(myNewUser=*))) This is working perfectly. The saslauthd documentation wasn't clear on this. Never occured to me to try proper LDAP syntax. Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Refuse over quota mail
How can I configure cyrus-imapd to refuse over quota mail instead of having sendmail generate a bounce message. Is this possible? Enable lmtp_over_quota_perm_failure in imapd.conf I did that. Now it no longer queues over quota messages but generates a bounce message to the sender that message delivery failed. For the most part these messages are spam with nonexistant senders. This means the bounces still clog the spool. What I would have liked seen is sendmail refusing the message during the conversation with the sending MTA, therefore eliminating the need for a bounce message. I realized that this is probably not possible because the over quota conditioned isn't recognized until sendmail received the complete message. Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
From address reported in bounce messages with cyrus-imapd, sendmail and ldap routing
I have yet another annoying little detail I ran into. I am using ldap routing with sendmail to direct mail (in the future) to multiple cyrus-imapd mail stores. When the cyrus-imapd box generates a bounce email it reports the email failed address as the mail stores address (i.e. [EMAIL PROTECTED]) instead of the address prior to ldap routing (i.e. [EMAIL PROTECTED]). How can I fix the email addresses to be proper? Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Refuse over quota mail
Use the Sendmail socket daemon (smmapd) which comes with Cyrus. You'll need either Sendmail 8.13 or the patch for 8.12 (http://www.sendmail.org/~ca/email/smenhanced.html) Great! Time to go googling for more information on smmapd and how to configure it... :) This will check for over quota at RCPT TO time and send back a failure within the SMTP session. Right now I am using Local_check_rcpt in sendmail to lookup the user in LDAP. If I can do both, determine existance of user and quota status at the same time would be great. Looks lie if I replace my ldap rule with smmapd it'll do just that. Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: quota -f dies with segmentation fault
IIRC the 'quota -f' also generated something like 'too many open files'. A second run of 'quota -f' has then finished without problems. When I tested migrating users from server A to server B I only used a copied a small number of users (about 30) only with less than 200MB of mail. Instead of copying the existing quota database I pulled the quota setting from the old server, made sure the settings were sane, and built a new file for each user. The first line contained 0 and the second line the quota in kb. Example for a user with 50MB limit: [EMAIL PROTECTED] root]# cat /var/lib/imap/quota/a/user.anthonylegarde 0 5 'quota -f' ran just fine but when it finished it set the disk usage to double of the actual amount. A second run of 'quota -f' set the disk usage to the proper value. I thought thiswas odd but being on a schedule I had a working solution, so I ran with it. I'm not sure about the open files limit. This is on Linux, kernel 2.4. The cyrus user, under which quota was started, has the default ulimit of 1024 open files. The kernel according to /proc/sys/fs/file-max has 838860. Could it be that the 'quota -f' opens more that 1024 files and segfaults because of it? When I moved user data from the old server to the new, the 'quota -f' run died with a 'too many open files' error during the first few hundred users. I did a 'ulimit -a 65536' as root before becoming cyrus and doing 'quota -f'. This made this error go away but now I get the seg fault after the last user has been processed but before the process is complete. Because 'quota -f' takes nearly an hour to run it is difficult for me to do any troubleshooting. There are few opportunities when I can shutdown the cyrus-imapd processes to run 'quota -f'. And I cannot replicate the problem on a smaller box that has a smaller number of users If it is safe to run 'quota -f' with the cyrus-imapd processes running I try to find the problem but I need to know if this is safe. Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Refuse over quota mail
How can I configure cyrus-imapd to refuse over quota mail instead of having sendmail generate a bounce message. Is this possible? Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
quota -f dies with segmentation fault
Hi, I am running cyrus-imapd 2.2.5 on a server with 17,000 user accounts and a 131GB mail spool. The mail accounts were recently moved from a server running an older version. During the move quota infomration was lost. When I run quota -f it dies with segmentation fault after the last user has been processed. After quota -f dies I have two files in the /var/lib/imap/quota/ directories for each user, one like user.adilinden and another user.adilinden.NEW. Also, I am running quota -f with cyrus shut down. Is this necessary? Can I run quota with cyrus-imapd running? Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Automatically expire messages in imap folder
Is it possible to have cyrus-imap automatically expire messages in a subfolder for every user of the system? I would like to deliver messages identified as SPAM to a particular folder, INBOX.spam. Further it would be nice if the number of messages in this folder could be limited, not by a quota but by automatically deleting older messages. Is that possible? Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Convert seen database to 2.2.5
On my old cyrus-imapd server the seen database is in /var/imap/user. The format of the file is like this: [EMAIL PROTECTED] imap]# cat /var/imap/user/a/adilinden.seen 00de43903fddebc61 0 0 1083101107 1:6 0136b4953d89df311 1063223744 4 1032458249 1:4 01ae95b23baa6abf1 1069777905 34 1082046786 22:35 021dd9873d04fe461 1043710521 2 1048793948 1:3 023dc1bf3db9fe2c1 1056603412 4 1056603398 1:4 04cb20843e6ce9591 1063289438 1 1047325017 1 082a8d0e3baa6b0c1 1086033180 97 1085765121 1,10,14:23,25:87,89:97 08e5c94a3d6e3b961 0 0 1030634399 1:2 092cd1a63f7063891 0 0 1064330121 1 How can I convert this to a proper format for cyrus-imapd 2.2.5? I am using the rpm from http://www.invoca.ch/pub/packages/cyrus-imapd/cyrus-imapd-2.2.5-1.src.rpm Got it, this does it: /usr/lib/cyrus-imapd/cvt_cyrusdb \ /var/lib/imap/user/y/yvonnekake.seen.old flat \ /var/lib/imap/user/y/yvonnekake.seen skiplist Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Automatically expire messages in imap folder
You can use 'ipurge' in a cron script. I have my users put their spam in a Spam folder then have a nightly cron job run 'sa-learn' on it followed by: su cyrus -c '/usr/lib/cyrus-imapd/ipurge -f -d 10 user/dwight/Spam' This deletes anything over 10 days old. What is 'sa-learn'? Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Delivering mail to subfolders
I have cyrus-imapd setup to work with sendmail-8.12.10. These are the cyrus related things I added to the mc file: define(`confLOCAL_MAILER',`cyrusv2')dnl define(`CYRUSV2_MAILER_ARGS', `FILE /var/lib/imap/socket/lmtp')dnl FEATURE(`preserve_local_plus_detail')dnl MAILER(cyrusv2)dnl I can deliver mail into the INBOX just fine, in fact all mail goes into the users INBOX even if my to address is something like [EMAIL PROTECTED] The Trash folder exists right under the INBOX. Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Convert seen database to 2.2.5
On my old cyrus-imapd server the seen database is in /var/imap/user. The format of the file is like this: [EMAIL PROTECTED] imap]# cat /var/imap/user/a/adilinden.seen 00de43903fddebc61 0 0 1083101107 1:6 0136b4953d89df311 1063223744 4 1032458249 1:4 01ae95b23baa6abf1 1069777905 34 1082046786 22:35 021dd9873d04fe461 1043710521 2 1048793948 1:3 023dc1bf3db9fe2c1 1056603412 4 1056603398 1:4 04cb20843e6ce9591 1063289438 1 1047325017 1 082a8d0e3baa6b0c1 1086033180 97 1085765121 1,10,14:23,25:87,89:97 08e5c94a3d6e3b961 0 0 1030634399 1:2 092cd1a63f7063891 0 0 1064330121 1 How can I convert this to a proper format for cyrus-imapd 2.2.5? I am using the rpm from http://www.invoca.ch/pub/packages/cyrus-imapd/cyrus-imapd-2.2.5-1.src.rpm Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Reconstruct
Is it possible to reconstruct from just the files in /var/spool/imap/user and a text dump of the /var/lib/imap/mailboxes.db file? Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Uprading from cyrus-imapd-2.0.13 to 2.2.3, what to do?
I am upgrading a cyrus-imapd server from 2.0.13 to 2.2.3. Actually, I built a new server with cyrus-imapd-2.2.3 installed and I am now trying move users mailboxes from the old to the new server. I copied the files in /var/spool/imap/user/adilinden to the same location in the new server. I then created a new mailbox.db file using this tool: Did you create the adilinden user with cyradm first? Not on the new server. But on the old server it is an active working account. Is it not possible to simply move the /var/spool/imap/user structure to the new server and rebuild the databse from there? I have 14,000 accounts to move. I certainly need some bulk method of using the data from the old to the new box. The database structure of the new server is different than the old server. The new box doesn't understand the old mailboxes file or anything other of the .db files. Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Uprading from cyrus-imapd-2.0.13 to 2.2.3, what to do?
Hi, I am upgrading a cyrus-imapd server from 2.0.13 to 2.2.3. Actually, I built a new server with cyrus-imapd-2.2.3 installed and I am now trying move users mailboxes from the old to the new server. I copied the files in /var/spool/imap/user/adilinden to the same location in the new server. I then created a new mailbox.db file using this tool: /usr/lib/cyrus-imapd/ctl_mboxlist -u newmboxlist.txt The newmboxlist.txt file contains (with tabs instead of spaces): user.adilinden default adilinden lrswipcda Now if I try to reconstruct the mailbox I get an error. What am I doing wrong? cd /var/spool/imap/user /usr/lib/cyrus-imapd/reconstruct -rf user.adilinden user.adilinden: System I/O error No such file or directory Onelast note, I am doing all of this as user cyrus and the adilinden mail files are all owned by cyrus.mail. Thanks, Adi --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus-imapd-2.2.3 startup problems
Ah, now I see. RedHat has taken my cyrus-imapd src rpms and included it in Fedora Core 2 beta. Unfortunately they 'optimized' it in a way that breaks it on other older RedHat distributions. My originial package builds fine on every RedHat distribution from 6.2 to current. You can find it here: http://www.invoca.ch/pub/packages/cyrus-imapd/ I retrieved cyrus-imapd-2.2.3-8.src.rpm, built and installed it. I made sure the proper directory structure was ceated in /var/lib/imap/. Once I start cyrus-imapd the imap and pop3 processed don't hang around for long. I am still getting error messages in the log. Before I installed the new rpm the old was removed (rpm -e) and the /var/lib/imap/ and /var/spool/imap/ directories were cleaned out. One more comments, both /var/lib/imap/ and /var/spool/imap/ are mounted via NFS. Apr 16 14:31:12 mailstore master[32632]: about to exec /usr/lib/cyrus-imapd/imapd Apr 16 14:31:12 mailstore master[32633]: about to exec /usr/lib/cyrus-imapd/imapd Apr 16 14:31:12 mailstore master[32634]: about to exec /usr/lib/cyrus-imapd/pop3d Apr 16 14:31:12 mailstore master[32635]: about to exec /usr/lib/cyrus-imapd/pop3d Apr 16 14:31:12 mailstore master[32636]: about to exec /usr/lib/cyrus-imapd/lmtpd Apr 16 14:31:12 mailstore imap[32632]: executed Apr 16 14:31:12 mailstore imaps[32633]: executed Apr 16 14:31:12 mailstore pop3[32634]: executed Apr 16 14:31:12 mailstore pop3s[32635]: executed Apr 16 14:31:12 mailstore lmtpunix[32636]: executed Apr 16 14:31:12 mailstore imap[32632]: IOERROR: lock_shared /var/lib/imap/mailboxes.db: No locks available Apr 16 14:31:12 mailstore imaps[32633]: IOERROR: lock_shared /var/lib/imap/mailboxes.db: No locks available Apr 16 14:31:12 mailstore pop3[32634]: IOERROR: lock_shared /var/lib/imap/mailboxes.db: No locks available Apr 16 14:31:12 mailstore pop3s[32635]: IOERROR: lock_shared /var/lib/imap/mailboxes.db: No locks available Apr 16 14:31:12 mailstore lmtpunix[32636]: IOERROR: lock_shared /var/lib/imap/mailboxes.db: No locks available Apr 16 14:31:12 mailstore imap[32632]: DBERROR: opening /var/lib/imap/mailboxes.db: cyrusdb error Apr 16 14:31:12 mailstore imaps[32633]: DBERROR: opening /var/lib/imap/mailboxes.db: cyrusdb error Apr 16 14:31:12 mailstore pop3[32634]: DBERROR: opening /var/lib/imap/mailboxes.db: cyrusdb error Apr 16 14:31:12 mailstore pop3s[32635]: DBERROR: opening /var/lib/imap/mailboxes.db: cyrusdb error Apr 16 14:31:12 mailstore lmtpunix[32636]: DBERROR: opening /var/lib/imap/mailboxes.db: cyrusdb error Apr 16 14:31:12 mailstore imap[32632]: Fatal error: can't read mailboxes file Apr 16 14:31:12 mailstore imaps[32633]: Fatal error: can't read mailboxes file Apr 16 14:31:12 mailstore pop3[32634]: Fatal error: can't read mailboxes file But the mailboxes file does exist: [EMAIL PROTECTED] rpms]# ls -l /var/lib/imap total 60 drwx--2 cyrusmail 4096 Apr 16 14:23 backup drwx--2 cyrusmail 4096 Apr 16 14:26 db drwx--2 cyrusmail 4096 Apr 16 14:26 db.backup1 drwx--2 cyrusmail 4096 Apr 6 16:21 db.backup2 -rw---1 cyrusmail 8192 Apr 16 14:26 deliver.db drwx--2 cyrusmail 4096 Apr 16 14:23 log -rw---1 cyrusmail0 Apr 6 16:21 mailboxes.db drwx--2 cyrusmail 4096 Apr 16 14:23 msg drwx--2 cyrusmail 4096 Apr 16 14:23 proc drwxr-xr-x2 cyrusmail 4096 Apr 6 16:19 ptclient drwx--2 cyrusmail 4096 Apr 16 14:23 quota drwx--2 cyrusmail 4096 Apr 16 14:26 rpm drwx--2 cyrusmail 4096 Apr 16 14:23 sieve drwxr-x---2 cyrusmail 4096 Apr 16 14:26 socket drwx--2 cyrusmail 4096 Apr 16 14:23 user --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus-imapd-2.2.3 startup problems
Ok, I have my previous problem solved. But things still don't want to cooperate. I run: I commented LDFLAGS=-pie. I have no idea what that is for but with it configure found strlcpy and strlcat even though they don't appear to exist. using my rpms or derivative work of it. Then the question is what has changed because usually the rpms 'work out of the box (tm)'. Yes, this is from a source rpm I rebuilt on RedHat AS3.0. I didn't make any changes to the spec file apart from the LDFLAGS thing above. Here is the last changelog entry from the source rpm. * Thu Mar 11 2004 Dan Walsh [EMAIL PROTECTED] - fix init script I did make a few changes to cyrus-sasl. In particular I added ldap support to saslauthd and installed testsaslauthd. Here is the relevant stuff from /etc/cyrus.conf: START { recover cmd=ctl_cyrusdb -r } SERVICES { imap cmd=imapd listen=imap prefork=5 imaps cmd=imapd -s listen=imaps prefork=1 pop3 cmd=pop3d listen=pop3 prefork=3 pop3s cmd=pop3d -s listen=pop3s prefork=1 lmtpunix cmd=lmtpd listen=/var/lib/imap/socket/lmtp prefork=1 } EVENTS { checkpointcmd=ctl_cyrusdb -c period=30 delprune cmd=cyr_expire -E 3 at=0400 tlsprune cmd=tls_prune at=0400 } This is my /etc/imapd.conf: configdirectory: /var/lib/imap partition-default: /var/spool/imap admins: cyrus sievedir: /var/lib/imap/sieve sendmail: /usr/sbin/sendmail hashimapspool: true sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN I think that's about it. I never tried installing cyrus-sasl or cyrus-imapd from sources on this box. I generally try to either find suitable rpms or build my own rpms. Makes maintenacne much easier. Adi --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Migrating from cyrus-imapd-2.0.13 to cyrus-imapd-2.2.3
I have to move the cyrus-imap mailstore from RedHat 7 running cyrus-imapd-2.0.13 to RedHat AS3.0 running cyrus-imapd-2.1.18. There isn't a 2.1.18 at the moment, so you may want to be sure the sources you have are valid. Ooops, I am sorry. 2.1.18 is the cyrus-sasl version. I am going from cyrus-imapd-2.0.13 to cyrus-imapd-2.2.3. --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
cyrus-imapd-2.2.3 startup problems
Hi, I get these log messages when I startup cyrus: Apr 6 10:50:39 mailstore master[31118]: about to exec /usr/lib/cyrus-imapd/imapd Apr 6 10:50:39 mailstore master[31119]: about to exec /usr/lib/cyrus-imapd/imapd Apr 6 10:50:39 mailstore master[31120]: about to exec /usr/lib/cyrus-imapd/pop3d Apr 6 10:50:39 mailstore master[31121]: about to exec /usr/lib/cyrus-imapd/pop3d Apr 6 10:50:39 mailstore master[31122]: about to exec /usr/lib/cyrus-imapd/lmtpd Apr 6 10:50:39 mailstore master[30913]: process 31118 exited, status 127 Apr 6 10:50:39 mailstore master[30913]: service imap pid 31118 in READY state: terminated abnormally Apr 6 10:50:39 mailstore master[30913]: process 31119 exited, status 127 Apr 6 10:50:39 mailstore master[30913]: service imaps pid 31119 in READY state: terminated abnormally Apr 6 10:50:39 mailstore master[30913]: process 31120 exited, status 127 Apr 6 10:50:39 mailstore master[30913]: service pop3 pid 31120 in READY state: terminated abnormally Apr 6 10:50:39 mailstore master[30913]: process 31121 exited, status 127 Apr 6 10:50:39 mailstore master[30913]: service pop3s pid 31121 in READY state: terminated abnormally Apr 6 10:50:39 mailstore master[30913]: process 31122 exited, status 127 Apr 6 10:50:39 mailstore master[30913]: service lmtpunix pid 31122 in READY state: terminated abnormally What does status 127 mean? Is there any way to make the logging a lot more vebose to get things up and running? Thanks, Adi --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus-imapd-2.2.3 startup problems
I am following up to my own message, I figured out that I can run cyrus-master -D. When I do this I get: ctl_cyrusdb: relocation error: ctl_cyrusdb: undefined symbol: strlcpy imapd: relocation error: imapd: undefined symbol: strlcpy pop3d: relocation error: pop3d: undefined symbol: strlcpy imapd: relocation error: imapd: undefined symbol: strlcpy pop3d: relocation error: pop3d: undefined symbol: strlcpy Adi --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus-imapd-2.2.3 startup problems
Ok, I have my previous problem solved. But things still don't want to cooperate. I run: /usr/lib/cyrus-imapd/mkimap followed by: [EMAIL PROTECTED] rpms]# /usr/lib/cyrus-imapd/cyrus-master -D fatal error: can't read mailboxes file ctl_cyrusdb: unable to archive environment and my log keeps spewing: Apr 6 16:26:56 mailstore pop3s[7908]: IOERROR: lock_shared /var/lib/imap/mailboxes.db: No locks available Apr 6 16:26:56 mailstore pop3s[7908]: DBERROR: opening /var/lib/imap/mailboxes.db: cyrusdb error This is what I have in /var/lib/imap: [EMAIL PROTECTED] root]# ls -al /var/lib/imap total 52 drwxr-x--- 10 cyrusmail 4096 Apr 6 16:21 . drwxr-xr-x 12 root root 4096 Apr 2 14:57 .. -rw---1 cyrusmail 1105 Apr 6 16:20 .bash_history drwxr-xr-x2 cyrusmail 4096 Apr 6 16:21 db drwx--2 cyrusmail 4096 Apr 6 16:21 db.backup1 drwx--2 cyrusmail 4096 Apr 6 16:21 db.backup2 -rw---1 cyrusmail 8192 Apr 6 16:21 deliver.db drwxr-xr-x2 cyrusmail 4096 Apr 6 16:19 log -rw---1 cyrusmail0 Apr 6 16:21 mailboxes.db drwxr-xr-x2 cyrusmail 4096 Apr 6 16:19 msg drwxr-xr-x2 cyrusmail 4096 Apr 6 16:19 proc drwxr-xr-x2 cyrusmail 4096 Apr 6 16:19 ptclient drwxr-xr-x2 cyrusmail 4096 Apr 6 16:21 socket I have no users configured. But I cannot configure users until imapd is actually running, correct? Any suggestions? Thanks, Adi --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
saslauthd with ldap
Hi, I attempting to authenticate using saslauthd and ldap. Somehow this isn't working. How do I need to configure saslauthd.conf to have saslauthd bind to the ldap server with the username and password of the user to authenticate? Thanks, Adi --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Migrating from cyrus-imapd-2.0.13 to cyrus-imapd-2.1.18
Hi, I have to move the cyrus-imap mailstore from RedHat 7 running cyrus-imapd-2.0.13 to RedHat AS3.0 running cyrus-imapd-2.1.18. Can I simply copy the /var/spool/imap/user directory from on server to the other and then user reconstruct an quota to rebuild all the databases? Thanks, Adi --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: saslauthd with ldap
I attempting to authenticate using saslauthd and ldap. Somehow this isn't working. How do I need to configure saslauthd.conf to have saslauthd bind to the ldap server with the username and password of the user to authenticate? ldap_servers: ldapi:/// ldap_auth_method: bind ldap_bind_dn: your bind dn ldap_password: your bind pw ldap_filter: uid=%u # Modify to accomodate your env ldap_search_base: your search base I don't quite understand, this binds to the ldap server to retrieve the password. What I would like to do is bind as as the user to authenticate. Example, if I run: testsaslauthd -u someone -p example This would connect to the ldap server as uid=someone,dc-example,dc=com and authenticate with the example password. If the bind succeeds the user/password pair is valid and if it fails the user/password pair is false. This how all of our other services are setup that use ldap for authentication. Is this possible? Thanks, Adi --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: saslauthd with ldap
I guess you did not read the link I provided earlier. ;( Yes I did... actually read it before posting anything here. But I couldn't make sense out of it as far as how to accomplish my specific needs. The example above does exactly that. saslauthd will find DN for 'someone' and it will use that DN to bind to the ldap server along with the password provided to saslauthd. If all your users have DN that look like uid=someone,dc-example,dc=com, you can use the following saslauthd.conf: ldap_servers: ldapi:/// ldap_auth_method: fastbind ldap_filter: uid=%u,dc-example,dc=com I have things working now. Had one of those dh moments... The user dn is uid=%u,ou=people,dc=example,dc=com and not uid=%u,dc-example,dc=com. This works too: ldap_auth_method: bind ldap_servers: ldap://172.28.1.22 ldap_search_base: ou=people,dc=example,dc=com ldap_use_sasl: no ldap_method: simple But the first method appears much faster. Thanks, Adi --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Sendmail and Cyrus quota
By default sendmail accepts message to overquoted account, and after LMTP delivery failure, it puts into local spool. How can I configure sendmail+Cyrus, to make sendmail answer 4.2.2 Over quota in SMTP dialog with remote host, and do not garbage my local spool? in /etc/imapd.conf: lmtp_overquota_perm_failure: yes Is this supported in cyrus-imap 2.0.13? Thanks, Adi
Mail filtering using procmail are there other alternatives?
Our mail server currently uses the sendmail MTA and cyrus-imap. Sendmail passes mail for local delivery to /var/imap/socket/lmtp I need to be able to filter mail. Is there a way to patch procmail into the process to use it to filter mail? Are there any other means to use filtering with cyrus-imap? The server doesn't have user accounts. How could I facilitate filters that individual users could manage, such as a vacation message? Thanks, Adi
Multiple sendmail queues for over quota email
- How can I limit the sendmail mail queue for queued mail because of over quota email? We regulary send and receive large email attachments so limiting email size is only part of the solution. Check the mailing list for a post from Larry Greenfield on how to set up two queues to handle this situation. Any idea where I can find the information on setting up multiple sendmail queues? I need to 'expire' over quota mail much quicker than mail queued for other reasons. The recent flood of viruses is quickly consuming all the disk space on our mail server :( Adi
Re: Mail filtering using procmail are there other alternatives?
Cyrus supports server-side filtering via Sieve. This includes filing messages into folders, vacation responses, and more. Read the docs for details. There are a handful of Web interfaces (eg, Websieve) for managing scripts. Ok, but what about spam detection tools that rely on procmail recipes? I read the sample chapter from an O'Reilly book that's online and describes how to integrate sendmail, procmail and cyrus-imap: http://www.oreilly.com/catalog/mimap/chapter/ch09.html Does this work fine in cases where cyrus-imap fails to deliver the message due to over quota or non existant mailboxes? Thanks, Adi
Quotas
Hi, I am looking at enabling quotas for user accounts. I understand that if I set a quota for user.username it applies as a total for all the users mailboxes combined. If I set a quota for user, does this imply a total quota available for all users combined? Regards, Adi --
Re: Reality Check
Hi, I had the same problem as you did. I dropped the pam idea and used the mysql_ldap patch instead. Regards, Adi On Sun, 5 Aug 2001, David Wright wrote: Does ANYONE have the following configuration working? cyrus-imapd-2.0.x authenticating via LDAP using sasl_pwcheck_method: PAM and the pam_ldap module If so, please chime in to say on what system and how you got it to work. I can't imagine this configuration is obscure: LDAP is the preemininent large-scale directory server, cyrus-imapd the preemininent large-scale imap server, and PAM the preeminent authentication system. If everyone is having the problems I am, this is a disaster for cyrus-imapd. --
Re: Imap Administration via IMAP port
Hi, I telnetted into my cyrus-imap server and authenticated using the administrative account I use with the cyradm tool. When using any of the commands such as sam, setaclmailbox, etc, I get an error... Example: [adi@mail ldapUMS]$ telnet localhost imap Trying 127.0.0.1... Connected to localhost.localdomain. Escape character is '^]'. * OK mail.knet.ca Cyrus IMAP4 v2.0.13 server ready a001 login cyrus * a001 OK User logged in a002 sam user.adillinden cyrus all a002 BAD Unrecognized command a003 setaclmailbox user.adillinden cyrus all a003 BAD Unrecognized command a004 disconnect a004 BAD Unrecognized command What am I doing wrong? TTYL, Adi On Mon, 16 Jul 2001, Michael T. Bacon wrote: Cyradm is simply a tool for issuing commands to the IMAP port. As such, all of the commands in cyradm are just cleaned up IMAP commands, and could be issued by some other program or a human with a telnet connection to port 143. Michael Adi Linden wrote: Hi, What commands are available to administer cyrus-imap via connection on the imap port instead of using cyradm? TTYL, Adi --
Re: Signaled to death by 11 - Don't know what else to try
Hi, Your problem sounds familiar. Not being an experienced C programmer I didn't attempt to understand and locate the problem. Instead I dropped the pam_ldap authentication and instead applied the mysql_ldap patch. I don't have the link for the patch handy, but I have source rpms and RedHat binaries with the patch applied: Sources: http://adis.on.ca/pub/Projects/MyRPMS/cyrus-imapd-2.0.13-1.1.src.rpm http://adis.on.ca/pub/Projects/MyRPMS/cyrus-sasl-1.5.24-17.1.src.rpm Binaries: http://adis.on.ca/pub/Projects/MyRPMS/rh7-binary/cyrus-imapd-2.0.13-1.1.i386.rpm http://adis.on.ca/pub/Projects/MyRPMS/rh7-binary/cyrus-sasl-1.5.24-17.1.i386.rpm http://adis.on.ca/pub/Projects/MyRPMS/rh7-binary/cyrus-sasl-devel-1.5.24-17.1.i386.rpm http://adis.on.ca/pub/Projects/MyRPMS/rh7-binary/cyrus-sasl-gssapi-1.5.24-17.1.i386.rpm Also, there has been another patch posted to the list which has support for more flexible rules when matching ldap records. Hope this helps, Adi On Sat, 28 Jul 2001, John Riganati wrote: Hello all, I've been running myself in circles for almost two weeks now trying to figure out a 'signaled to death by 11' problem, and I'm hoping someone on this list can shed some light for me. I've been reading through the list archive and have seen numerous reference to mismatching libdb files, so I've done my best to eliminate that as a problem, but I still can't make my issue go away. Any guidance will be greatly appreciated! This is my setup. RedHat 7.1 BerkeleyDB 3.2.9 CyrusSASL 1.5.24 CyrusIMAP 2.0.15 pam_ldap 1.22 OpenLDAP 2.0.11 When I try to connect, say with imtest, if my sasl_pwcheck_method=sasldb, I get in no problem. If my sasl_pwcheck_method=pam, I get the following in my log file: Jul 27 23:52:31 vmsurfrider master[29589]: about to exec /usr/cyrus/bin/imapd Jul 27 23:52:31 vmsurfrider service-imap[29589]: executed Jul 27 23:52:31 vmsurfrider imapd[29589]: accepted connection Jul 27 23:52:36 vmsurfrider master[29579]: process 29589 exited, signaled to death by 11 What's interesting is that if I purposefully mistype the password, I get a normal authentication failure with no 'signaled to death' problem. When I put the password in properly, that's when I see the problem. May pam config file for imap is like so: [root@vmsurfrider pam.d]# more imap #%PAM-1.0 auth required /lib/security/pam_ldap.so debug account required /lib/security/pam_ldap.so debug By running OpenLDAP in debug mode (slapd -d -1) I can clearly see communication to the LDAP server, and I don't see any obvious problems there. No error messages, no permission problems that I can see, etc. I built things in the following order. - Built/installed Berkeley DB (--with-uniquename) - modified /etc/ld.so.conf to include the BerkeleyDB path and ran ldconfig - set CPPFLAGS and LDFLAGS in include BerkeleyDB path - CyrusSASL (--without-krb --without-gssapi) - modified /etc/ld.so.conf to include local SASL path and ran ldconfig - OpenLDAP (--enable-spasswd --enable-passwd --enable-shell --enable-ldap) - CyrusIMAP (--with-auth=unix --with-dbdir=/usr/local/BerkeleyDB.3.2) - pam_ldap (--with-ldap-lib=openldap) My ld.so.conf file looks like this: [root@vmsurfrider Docs]# more /etc/ld.so.conf /usr/local/BerkeleyDB.3.2/lib /usr/local/lib /usr/local/lib/sasl /usr/lib /usr/kerberos/lib /usr/X11R6/lib /usr/lib/sane /usr/lib/qt-2.3.0/lib /usr/lib/mysq Apologies for the length of this message. I'm hoping to give all the relevant info I can think of. I've included the ldd output from what I think are the key files. Thanks in advance for any help. I'm pretty frustrated at this point. - John [root@vmsurfrider bin]# ldd master libssl.so.1 = /usr/lib/libssl.so.1 (0x40024000) libcrypto.so.1 = /usr/lib/libcrypto.so.1 (0x40051000) libdb-3.1.so = /lib/libdb-3.1.so (0x4010d000) libc.so.6 = /lib/i686/libc.so.6 (0x40186000) libdl.so.2 = /lib/libdl.so.2 (0x402b6000) /lib/ld-linux.so.2 = /lib/ld-linux.so.2 (0x4000) [root@vmsurfrider bin]# ldd imapd libsasl.so.7 = /usr/local/lib/libsasl.so.7 (0x40018000) libssl.so.1 = /usr/lib/libssl.so.1 (0x400c6000) libcrypto.so.1 = /usr/lib/libcrypto.so.1 (0x400f3000) libdb-3.1.so = /lib/libdb-3.1.so (0x401af000) libnsl.so.1 = /lib/libnsl.so.1 (0x40228000) libc.so.6 = /lib/i686/libc.so.6 (0x4023f000) libdl.so.2 = /lib/libdl.so.2 (0x4036f000) libcrypt.so.1 = /lib/libcrypt.so.1 (0x40374000) libpam.so.0 = /lib/libpam.so.0 (0x403a2000) libresolv.so.2 = /lib/libresolv.so.2 (0x403aa000) /lib/ld-linux.so.2 = /lib/ld-linux.so.2 (0x4000) [root@vmsurfrider bin]# ldd pop3d libsasl.so.7 = /usr/local/lib/libsasl.so.7 (0x40018000) libssl.so.1 = /usr/lib/libssl.so.1 (0x400c6000) libcrypto.so.1 = /usr/lib/libcrypto.so.1 (0x400f3000) libdb-3.1.so = /lib/libdb-3.1.so (0x401af000)
Re: Passing a POP3 mailbox to the IMAP Server
Hi, fetchmail is a nice tool that is capable of retrieving mail from pop3 and delivery to the local machine. TTYL, Adi On Wed, 18 Jul 2001, Scott Rixon wrote: Hi all, I am fairly new to Linux so I am sorry if I am asking silly questions... I have setup my IMAP server, I have a login and can see the Inbox folder! I want to set it to download my mail from my POP3 account an pass it to the IMAP server. I have one address at the moment so it shouldn't be complicated. I haven't a clue how to get it to log into the pop box and download it to the IMAP server, can anyone help? Thanks in advance, Scott
Imap Administration via IMAP port
Hi, What commands are available to administer cyrus-imap via connection on the imap port instead of using cyradm? TTYL, Adi
Cyrus IMAP - LDAP - Webbased Administration
Hi, Has there been any work done to build a web administration frontend to Cyrus IMAP with LDAP authentication? I am working on such an animal but would prefer not to reinvent it if there's something I can adapt and contribute to. Regards, Adi Linden - Adi Linden Network Operations K-Net Services Keewaytinook Okimakanak Sioux Lookout, ON P8T 1B9 Phone. 807-737-1135 Fax... 807-737-1720 Email. [EMAIL PROTECTED] Web... http://knet.on.ca
Re: Cyrus IMAP - LDAP - Webbased Administration
Hi, I am certainly interested. Doing German/English translation is no problem. TTYL, Adi On Fri, 6 Jul 2001, Norbert Sendetzky wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Friday 06 July 2001 20:04, you wrote: Hi, Has there been any work done to build a web administration frontend to Cyrus IMAP with LDAP authentication? We have written such a thing for our mail server solution (postfix, cyrus imapd, openldap, squirrelmail, web administration) for which we provide commercial support. But the code is licenced under the GPL. The basic functionality is already there, but some things like management of shared folders/bullitin boards is still missing. Also I am not satisfied with the php code which produces the html code and the presentation of the accounts. It will change in the near future (the sooner the better) to a tree based presentation. Finally, there is no internationalization available (today only German language), but I think it is not much work to translate it. You see, there are still some things to do. If you are still interested in, I could send you the code, the rpm or both. Norbert -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjtGNBQACgkQxMLs5v5/7eDcZACdE3KHFfshJQ3ap4UD13UN6QcY o/0AoK3R7K0E37W6QH2JrtgMvw5bFiy5 =bJG2 -END PGP SIGNATURE-
Cyrus-imap and Aliases
Hi, I am configuring a Cyrus-imap mail system with sendmail and ldap for user authentication. I am running into 2 problem, I cannot get mail delivered into top level mailboxes, i.e. [EMAIL PROTECTED] and the aliases in the '/etc/aliases' file are now ignored... I am running sendmail-8.11.2, cyrus-sasl-1.5.24-17.1 and cyrus-imapd-2.0.13-1.1. Below is my sendmail configuration... TTYL, Adi --- sendmail.mc --- divert(-1) dnl This is the sendmail macro config file. If you make changes to this file, dnl you need the sendmail-cf rpm installed and then have to generate a dnl new /etc/sendmail.cf by running the following command: dnl dnlm4 /etc/mail/sendmail.mc /etc/sendmail.cf dnl include(`/usr/share/sendmail-cf/m4/cf.m4') VERSIONID(`linux setup for Red Hat Linux')dnl OSTYPE(`linux') define(`confDEF_USER_ID',``8:12'')dnl undefine(`UUCP_RELAY')dnl undefine(`BITNET_RELAY')dnl define(`confAUTO_REBUILD')dnl define(`confTO_CONNECT', `1m')dnl define(`confTRY_NULL_MX_LIST',true)dnl define(`confDONT_PROBE_INTERFACES',true)dnl define(`confLOCAL_MAILER',`cyrus')dnl define(`confLDAP_DEFAULT_SPEC', `-hlocalhost -bdc=knet, dc=ca')dnl define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl define(`ALIAS_FILE', `/etc/aliases')dnl define(`STATUS_FILE', `/var/log/sendmail.st')dnl define(`UUCP_MAILER_MAX', `200')dnl define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl define(`confAUTH_OPTIONS', `A')dnl TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl dnl define(`confTO_QUEUEWARN', `4h')dnl dnl define(`confTO_QUEUERETURN', `5d')dnl dnl define(`confQUEUE_LA', `12')dnl dnl define(`confREFUSE_LA', `18')dnl dnl FEATURE(delay_checks)dnl FEATURE(`no_default_msa',`dnl')dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl FEATURE(`mailertable',`hash -o /etc/mail/mailertable')dnl FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable')dnl FEATURE(redirect)dnl FEATURE(always_add_domain)dnl FEATURE(use_cw_file)dnl FEATURE(use_ct_file)dnl FEATURE(local_procmail)dnl FEATURE(`access_db')dnl FEATURE(`blacklist_recipients')dnl FEATURE(`ldap_routing', , , bounce)dnl LDAPROUTE_DOMAIN(`develop.knet.ca')dnl EXPOSED_USER(`root')dnl dnl This changes sendmail to only listen on the loopback device 127.0.0.1 dnl and not on any other network devices. Comment this out if you want dnl to accept email over the network. dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') dnl We strongly recommend to comment this one out if you want to protect dnl yourself from spam. However, the laptop and users on computers that do dnl not have 24x7 DNS do need this. dnl FEATURE(`accept_unresolvable_domains')dnl dnl FEATURE(`relay_based_on_MX')dnl MAILER(local)dnl MAILER(smtp)dnl MAILER_DEFINITIONS Mcyrus, P=[IPC], F=lsDFMnqA5@/:|SmXz, E=\r\n, S=EnvFromL, R=EnvToL/HdrToL, T=DNS/RFC822/X-Unix, A=FILE /var/imap/socket/lmtp LOCAL_RULE_0 Rbb + $+ @ $=w . $#cyrus $: + $1 LOCAL_RULESETS # if there's a plus part, we want to directly deliver it SLocal_localaddr R$+ + $*$#cyrus $@ $: $1 + $2