Re: segfaults with cyrus-imapd 3.0.9 on latest arch linux
Am 20.03.19 um 17:11 schrieb Patrick Goetz: Jakob has already updated the AUR package, which appears to have resolved this issue. The related upstream bug is #2629. After looking at the new PKGBUILD I knew it works because it's identical to my solution ;-) I appreciate your detailed explanation about the packaging but please let's stop here and not hijack this mailing list for arch linux or AUR topics, maybe we read again at https://aur.archlinux.org/packages/cyrus-imapd/ Best Regards, -ap smime.p7s Description: S/MIME Cryptographic Signature Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: segfaults with cyrus-imapd 3.0.9 on latest arch linux
Am 20.03.19 um 13:39 schrieb Patrick Goetz: It would appear that --disable-pcre is a configuration option you can't actually use. yes, it seems so. the defines in the header: #ifdef ENABLE_REGEX # ifdef HAVE_PCREPOSIX_H # include # include # else /* !HAVE_PCREPOSIX_H */ # ifdef HAVE_RXPOSIX_H # include # else /* !HAVE_RXPOSIX_H */ # include # endif /* HAVE_RXPOSIX_H */ # endif /* HAVE_PCREPOSIX_H */ #endif /* ENABLE_REGEX */ configure.ac: if test "$enable_pcre" != "no"; then AC_CHECK_HEADER(pcreposix.h) if test "$ac_cv_header_pcreposix_h" = "yes"; then AC_MSG_CHECKING(for utf8 enabled pcre) AC_CACHE_VAL(cyrus_cv_pcre_utf8, AC_TRY_CPP([#include #ifndef REG_UTF8 #include #endif],cyrus_cv_pcre_utf8=yes,cyrus_cv_pcre_utf8=no)) AC_MSG_RESULT($cyrus_cv_pcre_utf8) else cyrus_cv_pcre_utf8="no" fi if test "$cyrus_cv_pcre_utf8" = "yes"; then LIBS="$LIBS -lpcre -lpcreposix"; AC_DEFINE(ENABLE_REGEX, [], [Do we have a regex library?]) AC_DEFINE(HAVE_PCREPOSIX_H, [], [Do we have usable pcre library?]) else AC_CHECK_HEADERS(rxposix.h) if test "$ac_cv_header_rxposix_h" = "yes"; then LIBS="$LIBS -lrx" AC_DEFINE(ENABLE_REGEX, [], [Do we have a regex library?]) else AC_SEARCH_LIBS(regcomp, regex, AC_DEFINE(ENABLE_REGEX, [], [Do we have a regex library?]), []) fi fi fi the whole block depends on "$enable_pcre", so if I disable pcre, i disable regexp conpletely. I think, it should look like this: if test "$enable_pcre" != "no"; then AC_CHECK_HEADER(pcreposix.h) if test "$ac_cv_header_pcreposix_h" = "yes"; then AC_MSG_CHECKING(for utf8 enabled pcre) AC_CACHE_VAL(cyrus_cv_pcre_utf8, AC_TRY_CPP([#include #ifndef REG_UTF8 #include #endif],cyrus_cv_pcre_utf8=yes,cyrus_cv_pcre_utf8=no)) AC_MSG_RESULT($cyrus_cv_pcre_utf8) else cyrus_cv_pcre_utf8="no" fi if test "$cyrus_cv_pcre_utf8" = "yes"; then LIBS="$LIBS -lpcre -lpcreposix"; AC_DEFINE(ENABLE_REGEX, [], [Do we have a regex library?]) AC_DEFINE(HAVE_PCREPOSIX_H, [], [Do we have usable pcre library?]) fi else cyrus_cv_pcre_utf8="no" AC_CHECK_HEADERS(rxposix.h) if test "$ac_cv_header_rxposix_h" = "yes"; then LIBS="$LIBS -lrx" AC_DEFINE(ENABLE_REGEX, [], [Do we have a regex library?]) else AC_SEARCH_LIBS(regcomp, regex, AC_DEFINE(ENABLE_REGEX, [], [Do we have a regex libra ry?]), []) fi fi if you don't disable pcre, you must have pcre available, otherwise no regexp because there's no fallback. if you disable pcre, it checks for rposix.h and fallsback to anything providing regcomp. if nothing is found, no regexp support. As diff: --- configure.ac.org2019-03-15 01:31:20.0 +0100 +++ configure.ac2019-03-20 19:19:05.077550582 +0100 @@ -674,18 +674,16 @@ if test "$enable_pcre" != "no"; then LIBS="$LIBS -lpcre -lpcreposix"; AC_DEFINE(ENABLE_REGEX, [], [Do we have a regex library?]) AC_DEFINE(HAVE_PCREPOSIX_H, [], [Do we have usable pcre library?]) -else -AC_CHECK_HEADERS(rxposix.h) -if test "$ac_cv_header_rxposix_h" = "yes"; then -LIBS="$LIBS -lrx" -AC_DEFINE(ENABLE_REGEX, [], - [Do we have a regex library?]) -else -AC_SEARCH_LIBS(regcomp, regex, -AC_DEFINE(ENABLE_REGEX, [], -[Do we have a regex library?]), []) -fi fi +else + cyrus_cv_pcre_utf8="no" + AC_CHECK_HEADERS(rxposix.h) + if test "$ac_cv_header_rxposix_h" = "yes"; then + LIBS="$LIBS -lrx" + AC_DEFINE(ENABLE_REGEX, [], [Do we have a regex library?]) + else + AC_SEARCH_LIBS(regcomp, regex, AC_DEFINE(ENABLE_REGEX, [], [Do we have a regex library?]), []) + fi fi dnl look for an option to disable sign-comparison warnings (needed for with this change: ./configure --disable-pcre $ egrep 'REGEX|PCRE' config.h #define ENABLE_REGEX /**/ /* #undef HAVE_PCREPOSIX_H */ ./configure --disable-pcre $ egrep 'REGEX|PCRE' config.h #define ENABLE_REGEX /**/ #define HAVE_PCREPOSIX_H /**/ seems to work, but as I said, I'm not a software guy and i don't know autotools, there's probably a better solution. Regards, -ap smime.p7s Description: S/MIME Cryptographic Signature
Re: segfaults with cyrus-imapd 3.0.9 on latest arch linux
Am 19.03.19 um 22:00 schrieb Patrick Goetz: Have you tried the 3.0.9 AUR package? https://aur.archlinux.org/packages/cyrus-imapd Once you get the dependencies down, this one compiles and runs. I noticed the package, it's good to see a recent version in AUR but it has too many dependecies for my taste, I need a stripped down version. Unfortunately the AUR package doesn't work for me either, i build it in a VM with a fresh installed arch and it has the same problem: Starting program: /usr/bin/cyrdump user/test [Thread debugging using libthread_db enabled] Using host libthread_db library "/usr/lib/libthread_db.so.1". Program received signal SIGSEGV, Segmentation fault. 0x77c76205 in re_compile_internal () from /usr/lib/libc.so.6 (gdb) bt #0 0x77c76205 in re_compile_internal () from /usr/lib/libc.so.6 #1 0x77c77511 in regcomp () from /usr/lib/libc.so.6 #2 0x77e3d980 in glob_init () from /usr/lib/libcyrus.so.0 #3 0x77f38276 in ?? () from /usr/lib/libcyrus_imap.so.0 #4 0x77f3e5b7 in mboxlist_findallmulti () from /usr/lib/libcyrus_imap.so.0 #5 0x61aa in ?? () #6 0x77bbb223 in __libc_start_main () from /usr/lib/libc.so.6 #7 0x61ee in ?? () Best Regards, -ap smime.p7s Description: S/MIME Cryptographic Signature Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: segfaults with cyrus-imapd 3.0.9 on latest arch linux
Am 19.03.19 um 19:47 schrieb Jason L Tibbitts III:
"AP" == Andreas Piesk writes:
AP> Hello list, i'm trying to get cyrus-imapd 3.0.9 (testet 3.0.8 too)
AP> running on latest arch linux. Here's the configure summary:
AP> External dependencies: ldap: no openssl: yes zlib: yes pcre: yes
AP> #6 0x7fc4aa385050 re_acquire_state_context (libc.so.6)
AP> #7 0x7fc4aa3907d4 re_compile_internal (libc.so.6)
AP> #8 0x7fc4aa391511 regcomp (libc.so.6)
You have pcre enabled but you are calling glibc regex functions. You
may wish to double check that you are linking properly. Fedora went
through a similar issue a while back when --Wl,--as-needed was added to
the default set of compiler flags, which caused subtle variations in the
link order. The end result was that Fedora picked up a set of pcre
patches similar to what some other distros have to avoid duplicating the
glibc symbol names.
These are the default LDFLAGS Arch Linux uses:
LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now"
If I link without '--as-needed' crydump etc. do work without segfaulting.
"configure --disable-pcre" does not work:
lib/glob.h:57:5: error: unknown type name ‘regex_t’
I have no idea how to change the linkage order to put pcre before glibc (don't
know if and how this is possible, I'm a hardware guy), I'm just building with
autoreconf -f
./configure
so I think my only option is to drop '--as-needed' from LDFLAGS and execute
./configure LDFLAGS=${LDFLAGS/,--as-needed/}
Thanks for pointing me in the right direction, highly appreciated.
Best Regards,
-ap
smime.p7s
Description: S/MIME Cryptographic Signature
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
segfaults with cyrus-imapd 3.0.9 on latest arch linux
Hello list, i'm trying to get cyrus-imapd 3.0.9 (testet 3.0.8 too) running on latest arch linux. Here's the configure summary: Cyrus Server configured components event notification: yes gssapi: yes autocreate: no idled: yes httpd: yes kerberos V4:no murder: yes nntpd: yes replication:yes sieve: yes calalarmd: yes objectstore:no backup: yes com_err: External dependencies: ldap: no openssl:yes zlib: yes pcre: yes clamav: no --- caringo:no openio: no --- nghttp2:yes brotli: no xml2: yes ical: yes icu4c: yes shapelib: no Database support: mysql: no postgresql: no sqlite: yes lmdb: no Search engine: squat: yes sphinx: no xapian: no xapian_flavor: none Hardware support: SSE4.2: yes Installation directories: prefix: /usr sysconfdir: /etc The software builds succesful but executing commands with cyradm produces core dumps like this one: localhost.localdomain> cm user.test localhost.localdomain> lm localhost.localdomain> cyrus/master[20901]: process type:SERVICE name:imap path:/usr/lib/cyrus/imapd age:33.405s pid:20904 signaled to death by signal 6 (Aborted, core dumped) systemd-coredump[20913]: Process 20904 (imapd) of user 1001 dumped core. Stack trace of thread 20904: #0 0x7fc4aa2e8d7f raise (libc.so.6) #1 0x7fc4aa2d3672 abort (libc.so.6) #2 0x7fc4aa32b878 __libc_message (libc.so.6) #3 0x7fc4aa33218a malloc_printerr (libc.so.6) #4 0x7fc4aa3354ac _int_malloc (libc.so.6) #5 0x7fc4aa337736 __libc_calloc (libc.so.6) #6 0x7fc4aa385050 re_acquire_state_context (libc.so.6) #7 0x7fc4aa3907d4 re_compile_internal (libc.so.6) #8 0x7fc4aa391511 regcomp (libc.so.6) #9 0x7fc4aaaf09a0 glob_init (libcyrus.so.0) #10 0x7fc4aabe2c46 mboxlist_do_find (libcyrus_imap.so.0) #11 0x7fc4aabe8f87 mboxlist_findallmulti (libcyrus_imap.so.0) #12 0x5558cc431ef6 list_data (imapd) #13 0x5558cc43e37f cmdloop (imapd) #14 0x5558cc44282f service_main (imapd) #15 0x5558cc41f823 main (imapd) #16 0x7fc4aa2d5223 __libc_start_main (libc.so.6) #17 0x5558cc41fe3e _start (imapd) # cyrdump -v user.test Segmentation fault in gdb: Starting program: /usr/bin/cyrdump user.test [Thread debugging using libthread_db enabled] Using host libthread_db library "/usr/lib/libthread_db.so.1". Program received signal SIGSEGV, Segmentation fault. 0x77c90205 in re_compile_internal () from /usr/lib/libc.so.6 (gdb) bt #0 0x77c90205 in re_compile_internal () from /usr/lib/libc.so.6 #1 0x77c91511 in regcomp () from /usr/lib/libc.so.6 #2 0x77e549a0 in glob_init (str=, sep=sep@entry=47 '/') at lib/glob.c:112 #3 0x77f46c46 in mboxlist_do_find (rock=rock@entry=0x7fffeaf0, patterns=patterns@entry=0x55571680) at imap/mboxlist.c:2723 #4 0x77f4cf87 in mboxlist_findallmulti (namespace=, patterns=0x55571680, isadmin=, userid=0x0, auth_state=, proc=, rock=0x7fffebb4) at imap/mboxlist.c:2942 #5 0x61aa in main (argc=, argv=0x7fffecc8) at im
Re: Synchro for migration
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi! Am 16.04.2018 um 09:01 schrieb Albert Shih: > Le 15/04/2018 à 01:17:00+0200, Michael Menge a écrit Hi, > [...] > >> >> Cyrus allows admins to proxy authenticate for users, if the sasl mech >> support it (PLAIN does suppot it, LOGIN does not) >> https://www.cyrusimap.org/sasl/sasl/authentication_mechanisms.html >> >> It seems like the following imapsync options allow you to use proxy >> authentication >> >> --authmech1 --authmech2 --authuser1 --authuser2 --proxyauth1 --proxyauth2 > > I'm not sure to understand how proxyauth works. I google it and find lots of > doc about...proxy imap. > > Currently I need to authenticate my user against a LDAP(openldap), so I > configure saslauthd with ldap and works perfectly. > > So one of my solution is to have a getpwent (local passwd) with real login > and fake password. And after the migration switch to ldap auth. > I did several migrations with imapsync in the past and it worked quite well. Usually I use a simple script like the one I've attached. As authuser you have to use an account with cyrus admin rights (listed in /etc/imapd.conf). You have to know their passwords, of course. My script expects the admin users passwords in plain text in the files "passfile1.txt" and "passfile2.txt" The script also expects a list of IMAP accountnames as argument. You then call the script like this: ./doit.sh accounts You can use the script as an example, but you have to check the options and adapt them for your need! Use the "--dry" option first! HTH - - andreas - -- Andreas Haumer | mailto:andr...@xss.co.at *x Software + Systeme | http://www.xss.co.at/ Karmarschgasse 51/2/20 | Tel: +43-1-6060114-0 A-1100 Vienna, Austria | Fax: +43-1-6060114-71 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iD8DBQFa1FCtxJmyeGcXPhERAiMwAJ4r38w7zUZ4s5rvB6bfk2OxB7AVsQCgmoyv yZIq1qZGPNAMsgJL3EU4LEM= =PzbH -END PGP SIGNATURE- doit.sh Description: application/shellscript Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
mailbox transfer between cyrus 2.5 backends
Hi, is anybody having issues transfering mailboxes away from version 2.5 backends? We're in the process of updating our cyrus 2.3/2.4 servers to version 2.5 and when trying to transfer a mailbox from an version 2.5 backend to another backend which runs 2.5/2.4 or 2.3, we're seeing that the mailbox transfers aborts and we're ending up having the mailbox existant an the source and destination backend servers. Our mupdate server as well as the frontend servers still run version 2.3. In order to find a workarround, I've added a temporary 2.5 frontend server to test those transfers again, but "proxyd" seems to crash: Mar 25 13:46:59 frontend1 imap[17937]: proxy cyradm sessionid= remote= Mar 25 13:46:59 frontend1 master[17847]: process type:SERVICE name:imap path:/usr/local/cyrus/bin/proxyd age:29.201s pid:17937 signaled to death by signal 11 (Segmentation fault) Mar 25 13:46:59 frontend1 kernel: proxyd[17937]: segfault at 0 ip 7f89873be57f sp 7fff54936f28 error 4 in libc-2.12.so[7f898728b000+18a000] Do mailbox transfers away from 2.5 backends work for you? Do we have to upgrade mupdate to 2.5 in order to fix this? Mailbox transfers from 2.3/2.4 backends to 2.5 backends work fine BTW. Andreas Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
GUI replacement for cyradm
Using cyradm to add mailboxes and do some acl stuff isn't too convenient if you're not doing it 50 times a day and you're a command line geek. So I hacked up an IMAP plugin to the Admin4 framework as cyradm replacement. It should work on any IMAP server, but has only been tested on several cyrus imapd installations so far. Currently, browsing/creating/renaming/deleting of mailboxes is implemented, as well as setting comments and acls. Quota will be displayed, setacl isn't implemented yet. Non-ASCII mailbox names are supported as well, displaying their utf-decoded name. check it here: https://admin4.org Comments/contributions welcome! Regards, Andreas Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
segfault cyrus imapd 2.17 when upgrading to glibc >2.16
Cant get this working.
Running gentoo 64 bit. Access from some users work, some/one always
segfault. Tried to find if any dependency needed recompile with upgraded
glibc, no luck. Tried fresh install of gentoo. Same same.
When on glibc 2.16 all works fine.
Get this in dmesg when user access imap on glibc version >2.16
[15727.177959] imapd[11986]: segfault at 0 ip 7fd4b5d014e6 sp
7fffb9c794e8 error 4 in libc-2.19.so
<http://libc-2.19.so>[7fd4b5be1000+196000]
[15727.211609] imapd[11988]: segfault at 0 ip 7fe103ae94e6 sp
7fff4ac71eb8 error 4 in libc-2.19.so
<http://libc-2.19.so>[7fe1039c9000+196000]
[15809.911000] imapd[12028]: segfault at 0 ip 7fc4e160c4e6 sp
7fffc8547268 error 4 in libc-2.19.so
<http://libc-2.19.so>[7fc4e14ec000+196000]
[15809.912176] imapd[12030]: segfault at 0 ip 7fb3fd3554e6 sp
7fffa5fb9d78 error 4 in libc-2.19.so
<http://libc-2.19.so>[7fb3fd235000+196000]
[15973.430192] imapd[12108]: segfault at 0 ip 7f7f0be1c4e6 sp
7fffabe69968 error 4 in libc-2.19.so
<http://libc-2.19.so>[7f7f0bcfc000+196000]
[15973.433003] imapd[12111]: segfault at 0 ip 7f5eb917f4e6 sp
7fffaf2625a8 error 4 in libc-2.19.so
<http://libc-2.19.so>[7f5eb905f000+196000]
Any advice to give? strace of a segfaulting and a working session below.
brgds
Andreas
strace of segfault session:
4447 18:03:28.875396 sasl_server_step(0x189f300, 0x7fff1e5111a0, 26,
0x7fff1e511198
4447 18:03:28.875484 malloc(7) = 0x18a0df0
4447 18:03:28.875589 memcpy(0x18a00a1, "u...@domain.com
<mailto:andr...@nyback.com>", 18) = 0x18a00a1
4447 18:03:28.875702 strlen("u...@domain.com
<mailto:andr...@nyback.com>") = 18
4447 18:03:28.875837 strrchr("u...@domain.com
<mailto:andr...@nyback.com>", '@') = "@domain.com<http://nyback.com>"
4447 18:03:28.876048 strlen("u...@domain.com
<mailto:andr...@nyback.com>") = 18
4447 18:03:28.876187 strrchr("u...@domain.com
<mailto:andr...@nyback.com>", '@') = "@domain.com<http://nyback.com>"
4447 18:03:28.876310 strncasecmp(0x18a00a1, 0x4733c1, 7, 0x46df99) =
0xffeb
4447 18:03:28.876421 strcmp("unix", "unix")= 0
4447 18:03:28.876529 strlen("u...@domain.com
<mailto:andr...@nyback.com>") = 18
4447 18:03:28.876640 __memmove_chk(0x79b880, 0x18a00a1, 18, 81) = 0x79b880
4447 18:03:28.876765 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.876864 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.876965 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.877062 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.877182 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.877281 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.877380 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.877478 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.877592 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.877690 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.877815 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.877915 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.878017 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.878117 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.878229 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.878328 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.878426 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.878525 __ctype_b_loc() = 0x7fcfb26806a8
4447 18:03:28.878632 strlen("u...@domain.com
<mailto:andr...@nyback.com>") = 18
4447 18:03:28.878759 strcpy(0x18a00a1, "u...@domain.com
<mailto:andr...@nyback.com>") = 0x18a00a1
4447 18:03:28.878879 strlen("sasl_") = 5
4447 18:03:28.878985 __snprintf_chk(0x7fff1e510a80, 256, 1, 256) = 27
4447 18:03:28.879097 strcmp("imap_sasl_canon_user_plugin",
"sasl_sql_engine") = -10
4447 18:03:28.879266 malloc(20)= 0x18a0e10
4447 18:03:28.879374 free(0x18a0e10) =
4447 18:03:28.879475 strlen("sasl_") = 5
4447 18:03:28.879579 __snprintf_chk(0x7fff1e510a00, 256, 1, 256) = 24
4447 18:03:28.879688 strcmp("imap_sasl_auxprop_plugin",
"partition-default") = -7
4447 18:03:28.879839 strcmp("sasl_auxprop_plugin",
"partition-default") = 3
4447 18:03:28.879969 strcmp("sasl_auxprop_plugin",
"sasl_auxprop_plugin") = 0
4447 18:03:28.880109 malloc(16)= 0x18a0f20
4447 18:03:28.880215 malloc(250) = 0x18a0f40
4447 18:03:28.880422 free(0x18a0f40) =
4447 18:03:28.880530 malloc(19)= 0x18a0e10
4447 18:03:28.880659 malloc(11)=
Re: Bug or feature: (Too) Many imapd processes hanging around?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi!
I did some further investigation on this issue and could resolve it,
at least for now...
Am 04.10.2012 13:32, schrieb Andreas Haumer:
[...]
>
> But since September 26th I see the number of imapd processes continuously
> growing. As of today there are more than 2000 of them:
>
> ravel:~ # ps ax | grep imapd | wc -l 2057
>
[...]
>
> ravel:~ # ll /cluster/var/imap/user/o/office.seen -rw--- 1 cyrus mail
> 57804 27. Sep 14:11 /cluster/var/imap/user/o/office.seen
>
>
> I checked about 20 processes and all of them hang on the F_SETLKW fcntl()
> call on fileid #16 which always points to the same file
> (/cluster/var/imap/user/o/office.seen)
>
Using lsof I could identify the process which was holding the
lock on /cluster/var/imap/user/o/office.seen:
ravel:/var/log # lsof /cluster/var/imap/user/o/office.seen | grep 16uW
imapd 27522 cyrus 16uW REG 147,057804 3686853
/cluster/var/imap/user/o/office.seen
This process itself was waiting in a futex() call!
A SIGHUP did not help, but a SIGTERM made the process terminate:
ravel:~ # strace -p 27522
Process 27522 attached
futex(0x7f5c8b149620, FUTEX_WAIT_PRIVATE, 2, NULL) = ? ERESTARTSYS (To be
restarted if SA_RESTART is set)
- --- SIGHUP {si_signo=SIGHUP, si_code=SI_USER, si_pid=20435, si_uid=0} ---
rt_sigreturn() = 202
futex(0x7f5c8b149620, FUTEX_WAIT_PRIVATE, 2, NULL) = ? ERESTARTSYS (To be
restarted if SA_RESTART is set)
- --- SIGTERM {si_signo=SIGTERM, si_code=SI_USER, si_pid=20435, si_uid=0} ---
+++ killed by SIGTERM +++
I could not find out what the futex call was waiting for (since
September 26th!), but after the process terminated, all other imapd
processes waiting for the lock continued and eventually terminated,
too.
Now the number of imapd processes is back to normal:
ravel:~ # ps ax | grep imapd | wc -l
38
(with currently about 15 active users)
It seems, everything is fine now.
But the question remains: why did this happen in the first place?
Is there a known bug (race condition?) somewhere in cyrus-imapd 2.3.18?
Is there some known configuration issue which could lead to this behaviour?
I would rather not upgrade to 2.4 bypassing the official OpenSUSE
packages (well, if absolutely necessary, I could, but I would like
to avoid this path)
Thanks!
- - andreas
- --
Andreas Haumer | mailto:andr...@xss.co.at
*x Software + Systeme | http://www.xss.co.at/
Karmarschgasse 51/2/20 | Tel: +43-1-6060114-0
A-1100 Vienna, Austria | Fax: +43-1-6060114-71
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iD8DBQFQbYPvxJmyeGcXPhERAmyIAJ9OfGewykr0qy6PzpHR8FxCBOCZiwCePYAY
PefxLrqNAKCkky5j47yTkVo=
=TGCZ
-END PGP SIGNATURE-
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Bug or feature: (Too) Many imapd processes hanging around?
uration on or around Septemer 26th, which might explain this phenomenon. Users currently can still work with the system and do not see and performance degradation (yet). Email delivery to the IMAP server works, too (I'm using sendmail with LMTP) I have worked with many cyrus-imapd installations in the past (clustered and non-clustered) and have never seen such a phenomenon. Is this a bug or a feature? I don't think that this is a healty situation, I think something is wrong here and should be corrected ASAP. Has anyone seen something like this before? Any idea on how to proceed with this? Thanks! - - andreas - -- Andreas Haumer | mailto:andr...@xss.co.at *x Software + Systeme | http://www.xss.co.at/ Karmarschgasse 51/2/20 | Tel: +43-1-6060114-0 A-1100 Vienna, Austria | Fax: +43-1-6060114-71 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iD8DBQFQbXPPxJmyeGcXPhERAjnrAKCHEsZ3LaeAND678pZ4nqiL4n2EkACgsl/f R/RpbMXmi02UPZKOAGn+mws= =diYl -END PGP SIGNATURE- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: fatal error: failed to mmap new message file
On 27.11.2011 19:59, Dave McMurtrie wrote:
>
> Indeed, and I can see that an earlier mmap for a file in the same
> directory succeeded. I'm sorry, but I have no idea why mmap is failing in
> this manner.
>
open("/var/spool/imap/b/user/barnosky", O_RDONLY) = 12
fstat64(12, {st_mode=S_IFDIR|0700, st_size=282624, ...}) = 0
mmap2(NULL, 282624, PROT_READ, MAP_SHARED, 12, 0) = -1 ENODEV (No such
device)
but if i'm reading the strace correct, mmap() maps the directory
/var/spool/imap/b/user/barnosky,
not a file, right? i didn't even know that mmap() can do that or how that works.
regards,
-ap
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: cyr_expire does not delete files on disk with expunge_mode:delayed?
Bron Gondwana schrieb: > > This bug is also fixed in Cyrus 2.4.x. is it this commit?: http://git.cyrusimap.org/cyrus-imapd/commit/?h=cyrus-imapd-2.4&id=48f2fab8c42716201c1f55646110df306ae750ed maybe i can patch my 2.3.16 to fix it. regards, -ap Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: cyr_expire does not delete files on disk with expunge_mode:delayed?
Kenneth Marshall schrieb: > We hit the same issue. You will need to run cyr_expire twice to > have items be removed correctly. Once as you are currently doing > and then a second time ignoring the mailbox annotations (the "-a" > option). This will actually run the delete. > yep, that did the trick. thank you. regards, -ap Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
cyr_expire does not delete files on disk with expunge_mode:delayed?
Hello,
i just noticed a strange problem with expunge_mode:delayed which i cannot
explain. it's probably a
lack of understanding on my side since i'm no cyrus-imap expert not even an
email expert :)
OK, let me explain my problem. recently i discovered that my spam mailbox had
14.000 messages in it,
which surprised me necause i thought, cyr_expire deletes messages every day. i
checked the mailbox
with cyrdump and according to cyrdump it was empty. so i ran some tests to
understand what went wrong:
this is the mailbox for the test:
localhost.localdomain> info user.me.Junk
{user.me.Junk}:
condstore: false
duplicatedeliver: false
expire: 7
lastpop:
lastupdate: 21-Nov-2010 01:10:29 +0100
partition: default
pop3newuidl: true
sharedseen: false
size: 0
squat: false
first test with expunge_mode:delayed
$ ls -l /var/spool/imap/user/me/Junk/
total 24
-rw--- 1 cyrus mail 4 Nov 21 00:51 cyrus.cache
-rw--- 1 cyrus mail 153 Nov 21 00:51 cyrus.header
-rw--- 1 cyrus mail 96 Nov 21 00:51 cyrus.index
nothing in there. let's move a message in there:
$ ls -l /var/spool/imap/user/me/Junk/
total 32
-rw--- 2 cyrus mail 2952 Oct 25 2005 172936.
-rw--- 1 cyrus mail 836 Nov 21 00:58 cyrus.cache
-rw--- 1 cyrus mail 153 Nov 21 00:51 cyrus.header
-rw--- 1 cyrus mail 184 Nov 21 00:58 cyrus.index
and delete the message. status after deletion:
$ ls -l /var/spool/imap/user/me/Junk/
total 32
-rw--- 3 cyrus mail 2952 Oct 25 2005 172936.
-rw--- 1 cyrus mail 836 Nov 21 00:58 cyrus.cache
-rw--- 1 cyrus mail 153 Nov 21 00:51 cyrus.header
-rw--- 1 cyrus mail 184 Nov 21 01:01 cyrus.index
$ /usr/lib/cyrus-imapd/cyrdump user.me.Junk
imap://pyramid/user.me.Junk
0
172937
172936
172936
still there but flagged as deleted, which is OK, cyr_expire should take care:
$ /usr/lib/cyrus-imapd/cyr_expire -v -E 90 -X 0
Expunging deleted messages in mailboxes older than 0 days
expiring messages in user.me.Junk older than 7 days
expiring messages in user.me.VIRUS older than 7 days
but it is still there:
$ ls -l /var/spool/imap/user/me/Junk/
total 40
-rw--- 3 cyrus mail 2952 Oct 25 2005 172936.
-rw--- 1 cyrus mail 836 Nov 21 00:58 cyrus.cache
-rw--- 1 cyrus mail 184 Nov 21 01:04 cyrus.expunge
-rw--- 1 cyrus mail 153 Nov 21 00:51 cyrus.header
-rw--- 1 cyrus mail 96 Nov 21 01:04 cyrus.index
but cyrus thinks it's really gone:
$ /usr/lib/cyrus-imapd/cyrdump user.me.Junk
imap://pyramid/user.me.Junk
0
172937
no messages, not even deleted ones.
now with expunge_mode_immediate:
$ ls -l /var/spool/imap/user/me/Junk/
total 32
-rw--- 2 cyrus mail 2952 Oct 24 2005 172937.
-rw--- 1 cyrus mail 836 Nov 21 01:07 cyrus.cache
-rw--- 1 cyrus mail 153 Nov 21 01:07 cyrus.header
-rw--- 1 cyrus mail 184 Nov 21 01:07 cyrus.index
delete message and check flags:
$ ls -l /var/spool/imap/user/me/Junk/
total 32
-rw--- 3 cyrus mail 2952 Oct 24 2005 172937.
-rw--- 1 cyrus mail 836 Nov 21 01:07 cyrus.cache
-rw--- 1 cyrus mail 153 Nov 21 01:07 cyrus.header
-rw--- 1 cyrus mail 184 Nov 21 01:08 cyrus.index
$ /usr/lib/cyrus-imapd/cyrdump user.me.Junk
imap://pyramid/user.me.Junk
0
172938
172937
172937
message still on disk but correctly flagged as deleted. after running
cyr_expire:
$ ls -l /var/spool/imap/user/me/Junk/
total 24
-rw--- 1 cyrus mail 4 Nov 21 01:10 cyrus.cache
-rw--- 1 cyrus mail 153 Nov 21 01:07 cyrus.header
-rw--- 1 cyrus mail 96 Nov 21 01:10 cyrus.index
message was deleted.
it seems that with expunge_mode:delayed running cyr_expire does not delete the
message files, why
and how can i change that? for now my workaround is to set
expunge_mode:immediate.
if i miss something or my test is bogus, please let me know, i'm willing to
learn :)
Thanks.
regards,
-ap
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Migrated Murder to 2.3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Just a heads up for anybody trying to update a murder to version 2.3. I've just upgraded several servers from 2.1.16 to 2.3.14 without major problems. As many pointed out before, the backends should be upgraded first. The mupdate master followed and the frontends where upgraded in the last step. There we're only minor problems, mostly related to my specific environment: * Had compilation problems on SuSE 9 due to lacking com_et (needed to install e2fsprogs-1.38) * Selection of bdb library used to newest library. Configure switches didn't help so I edited configure by hand * Had to add entry for mupdate service in /etc/services due to: "failed: Servname not supported for ai_socktype" error * LMTP delivery problems during upgrade from old frontends to new backends (uses another username for authentication) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFKo3RYP0gnkXA27R8RAqSEAKCcvfbe6yRt7rwwgc/pwF/d1vyM2wCcD/I1 NhVt8ZEzUkOYh+wIG3mw7uM= =YWLJ -END PGP SIGNATURE- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Compress attachments
Hello, I found older (1998 ) posts about mailbox or attachment compression, but no answer to my question. Is it possible to configure cyrus the way that it compresses the attachments on the storage ( not for tranfer as in RFC 4978 ) ? I know that diskspace is cheap, but when you have to get back thousands of mailboxes from a backup, the smaller the files are the faster the restore is done. Thanks Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Detect if nntp support is enabled
Hello, is there a way to detect if nntp support is enabled in cyrus ? Thanks Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: much information from cyrus log
> I'm trying to get as much information as possible from the cyrus log. > I've tried several modification of the syslog configuration > filewithout success. > > I also create a folder at /var/log/.. per user getting as much > information I want but... it's in different files and folders, and > is per user based solution, which is difficult to administrate. > > Any clue on how to configure cyrus and syslog to retrieve all this info? Maybe you should go the other way around. Tell what information you need. Cyrus sends alot of information with LOG_DEBUG to syslog, check if you catch these Messages. The directories you mentioned are telemetry Logs, these Dirs are in $configdirectory, which is normally not in /var/log/... -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: initial slowness
>>> The other option I ran into some time ago... and it had to due to >>> defining multiple authentication schemes in the SASL configuration. >>> When you define multiple, it will try each one in order. I stripped >>> it down to just PLAIN, which is what I wanted to use, and it was >>> much quicker. The cyradm script will prompt for the password before >>> actually trying to connect, which is why it's slow AFTER the >>> password is entered. >> I'll try them and write back if success. > I recompiled Cyrus SASL leaving only PLAIN, but the slowness continues. Re-compiling does not remove already installed Mechanismsm. Mechanisms are Files which are dynamially loaded on startup and used if they are present. You can disable others than plain with "sasl_mech_list: plain" in your imapd.conf. But is this relly the reason? > I guess I should ask at the Cyrus SASL list... Use imtest to Login to your IMAP-Server and look where the time is spend. Look in the Logs for errors/warnings. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: imp webmail, cyrus imap and virus filtering
> > > You mean mail already already in your INBOXes received before you have > installed your trendmicros filter, or mail sent internally by your > user ? > > In the last case the simple solution is to ask your user to send email > directly to your trendmicro ! > If this is not possible you can configure your trendmicros as a filter > for your postfix ! > But if you want keep your trendmicro in front for your incoming email, > and have postfix in front for your local users, this is an unusual > configuration, ask the postfix mailing list for information to do that > ! > > Regards > Hello Alain, I reanalyzed our actual configuration and found that the problem is more limited,because when I send a mail via imp webmail then imp passes the mail to postfix and the antivirus. The problem that remains is about drafts. When a user saves a mail as draft, then it is not sent but simply stored by cyrus. This way the mail is not scanned. The user can use the drafts as a file storage and then recall the files from another PC. Is there a solution for this case ? Thanks Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: restore seen file
Am Mittwoch 15 April 2009 14:56:32 schrieb Mathieu Kretchner: > No answer ! > > So could I say that there is no possibility to restore an old seen file > for an user ? What means "old"? What has changed? Each Mailbox has a unique number which is in the seen-File and each Message has a unique number which is also in the seen-File. Sure you can restore an old seen-File, but the work you have to do while or after doing this depends on the changes you have made to the Mailbox and the Messages. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Weekly/Monthly record-keeping / maintenance?
Am Dienstag 31 März 2009 18:09:32 schrieb Jeff Blaine:
> Every year or so, a user of ours reports a discrepancy
> between on-disk usage for their spool compared to what
> 'FETCH' is reporting (as implemented via imapdu.pl)
What means "on-disk usage for spool" ?
Do you really compare the size of the Directory on the disk with the Size of
each Mail-Message in this Directory?
> Compact/Expunge via the client app buys nothing.
>
> Clearly we are failing to do something as admins in order
> to keep our Cyrus instance working up to snuff.
>
> Can anyone shed some light on what we're doing wrong?
>
> What are the regular maintenance tasks we should be
> performing to keep everything working as precisely as
> possible?
>
> I found nothing useful in the Wiki regarding this topic.
>
> # our imapd.conf with auth options censored
> configdirectory:/var/imap
> defaultpartition: default
> partition-default: /var/spool/imap
> unix_group_enable: 0
> sieveusehomedir:true
> autocreatequota:20
> duplicate_db: skiplist
> annotation_db: skiplist
> mboxkey_db: skiplist
> mboxlist_db: skiplist
>
> # our cyrus.conf
> START {
>recover cmd="ctl_cyrusdb -r"
> }
>
> SERVICES {
>imap cmd="imapd" listen="imap" prefork=5 proto=tcp4
>imaps cmd="imapd -s" listen="imaps" prefork=1 proto=tcp4
>lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=1
> }
>
> EVENTS {
>checkpointcmd="ctl_cyrusdb -c" period=10
>delprune cmd="cyr_expire -E 3" at=0400
>tlsprune cmd="tls_prune" at=0400
> }
>
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
--
--
Andreas
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus won't recognize new partition
Am Montag 30 März 2009 18:23:57 schrieb Jesse Ross: > I'm having trouble getting my cyrus imapd server (version 2.3.10) to load a > new partition I've created. > > I created the partition and the stores./ and user/ directories, and set > their permissions and ownership to exactly match an already working > partition, as shown below. Here imap06 is the working partition and imap07 > is the new one: > Then I added a line to the imapd.conf: > > partition-imap06: /var/spool/imap06 > partition-imap07: /var/spool/imap07 Please check for invalid characters around the second line (imap07) in your imapd.conf. Maybe show a hexdump of the config file. > and did a full stop/start on the server to ensure there weren't any > listeners lying around with the old config. > > However, when I try to create a new mailbox in that partition, or move one > to it, I get errors: > > localhost> cm --partition imap07 user.foo > createmailbox: Unknown/invalid partition > localhost> renm --partition imap07 user.sschmoss user.sschmoss > renamemailbox: Operation is not supported on mailbox > > Note that the second error message is misleading: I can move the > user.sschmoss mailbox to any partition other than the new one. > > Anyone have any ideas? What am I missing here? -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: What should be listening on tcp port 12345?
> I'm in the process of adding another front end server to our cyrus email > cluster. The new server is running RedHat ES5, and rpm shows the > version of cyrus is cyrus-imapd-2.3.7. Our front ends provide imaps, > smtp (via sendmail) and lmtp. Sendmail uses smmap to verify the > recipients addrsess, using the process outlined within the RTCyrus3 > project. lmtp then handles the delivery of the email to our backend > servers. The backend servers are running cyrus-imapd-2.2.12. > > During testing of the new server, I noticed a significant delay during > the delivery of email of up to 10 minutes. The delay seems to be caused > by the smmap process while it attempts to connect to tcp port 12345 on > the backend server. iptables on the backend server was configured to > ignore attempts to connect on tcp port 12345. Changing iptables to > reject connections to tcp port 12345 sped up the process considerably. > > What process is supposed to be listening on that port? smmapd. It needs to check for Quota infos on the Backend. At least this is noted in the Sourcecode of smmapd. Unfortunately the Port is hardcoded. > Here's output from /var/log/maillog. mailstore03 is the correct backend > server for my mailbox. > > Mar 24 14:41:25 postoffice04 smmapd[31605]: executed > Mar 24 14:42:41 postoffice04 smmapd[31605]: accepted connection > Mar 24 14:42:41 postoffice04 smmapd[31605]: verify_user(user.rspell) > proxying to host mailstore03.bates.edu > Mar 24 14:42:41 postoffice04 smmapd[31605]: verify_user(user.rspell) > failed: can't connect to mailstore03.bates.edu -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Question about CYRUS-IMAP and FETCH BODY[]
> We recently upgraded cyrus-imapd in one of our production servers > (debian btw) to 2.2.13-14+b3. After that, one of our programs stopped > working complaining about not being able to fetch the messages, so I > took a look at the traffic between our imap server and the program and I > saw this: > > http://calder0n.com/cyrus-imap-traffic.png > > As you can see, the connection is being established succesfully but our > program ( it was running OK for almost 2 years btw ) is sending a: > > IMAP FETCH BODY[1] > And the server is only responding: > IMAP Ok Completed (0.000 sec) > > But imap is not actually sending the body's content. > Now since this issue came to surface after our upgrade I suspect that it > might have something to do with our program's imap library not being > fully RFC complaint. Has anyone seen this before? > > Any hints or ideas on what might be causing this? Possible workarounds? > > Thanks for your help in advance. Hmm, I am missing the complete answer for the SELECT INBOX in your dump. IMAP003 is not completed. Check you Logs. Maybe there is something wrong with the Mailbox. Try a reconstruct. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: ctl_cyrusdb questions, looking for answers
> does anybody know, how ctl_cyrusdb works (how it should be used)? I've > seen ctl_cyrusdb's man pages, but there is just few notes and nothing > more. ctl_cyrusdb has two modes to operate. One is checkpointing and archiving the other one is recovering. There can only run one action at a time. Checkpointing and Archiving: > ctl_cyrusdb [ -C config-file ] -c ctl_cyrusdb executes checkpointing for all Databases (mboxlist, quota, annotation, duplicate, tlscache, ptscache and statuscache) but only the Berkeley DB-Engine supports checkpointing at the moment. So at the end checkpointing is done for all BDB Databases. So for BDB Databases the Memory will be flushed to disk, the checkpoint is written to the Transaction Log and the Log is flushed to the DB File(s). Archiving is basicially copying the DB Files to the $configdirectory/db.backup1 Directory. Before copying starts the existing $configdirectory/db.backup1 Dir will be moved to $configdirectory/db.backup2. There are three DBs which will be archived (mboxlist, quota and annotation). Only the SQL DB-Backend dos not support archiving. Recovering: > ctl_cyrusdb [ -C config-file ] -r [ -x ] ctl_cyrusdb starts recovering for all Databases. Only BDB and skiplist do support recovering. Unless -x is specified recovering includes deleting of Mailbox reservations. Mailbox reservations are done in the process of Mailbox creation. > I assume ctl_cyrusdb is used (in /etc/cyrus.conf) to generate > "checkpoints" of the Cyrus databases, presumably those in /var/lib/imap. > > The information that man does not provide is > > 1) Listing of database files "checkpointed" see above > 2) Description of checkpoint format > a) "ls /var/lib/imap" suggest two sets of checkpoint database are > retained. db.backup1/2 is the backup Directory for archiving. Not related to checkpointing. > b) Description of checkpoint configuration options, if any, to control > checkpoint sets Nothing in Cyrus-IMAP I am aware of. > 3) Checkpointed image backup requirements ?? > 4) Appropriate cross-references to utilities used to determine database > corrution requiring recovery procedure If Cyrus finds DB Corruption you will see it in the Logs. > 5) Appropriate recovery procedure when invocation with "-r" vs. "-r -x' > is required. ?? > It'll be really appreciated if someone could explain at least some of > these questions. Thanks -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
imp webmail, cyrus imap and virus filtering
Hello, we have a imp/postfix/cyrus system. The mail that goes out and comes in from/to our system via smtp is checked by trendmicros virus wall. The problem is mail that remains in our mailsystem and is accessed via imap from imp. Viruswall has no way to check this mail. Is it possible to write a sieve filter to start a virusscan on this mail ( by scanning the specific file in the users mail directory ? ) every time a mail is created or read via imap ? Thanks Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: setinfo squat
Am Sonntag 08 Februar 2009 20:29:52 schrieb Adam Tauno Williams: > The cyradm "setinfo squat " command documentation says: > > > Indicates that all mailboxes should have a squat indexes created for > them (unless overridden by a mailbox annotation). > > > It doesn't seem to indicate if the value of the value (???) has any > meaning. Does assigning any value to this attribute mean that squat > indexes are created by default for all mailboxes? And thus having no > value means that this is not the case? (overridden by mailbox > annotation, of course) If you want to enable it, set it to "true". -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: setinfo admin
Am Sonntag 08 Februar 2009 20:26:45 schrieb Adam Tauno Williams: > According to the man manpage the "setinfo admin " command sets > the administrator e-mail address of the server. Is this value actually > used anywhere or for any purpose? Cyrus-IMAP itself does not use this, at least that I know of. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Displaying server metadata
Am Sonntag 08 Februar 2009 20:23:32 schrieb Adam Tauno Williams: > The description of "info" in cyradm is - > info display mailbox/server metadata > > But how does one get it to display server metadata? It will display > mailbox metadata, but I can't find any information on displaying the > values set with setinfo (admin/comment/expire/motd/shutdown/squat) localhost> setinfo admin "ad...@domain.tld" localhost> setinfo comment "Comment" localhost> setinfo motd "Message Of The Day" localhost> info Server Wide: admin: ad...@domain.tld admin: comment: Comment comment: motd: Message Of The Day localhost> Maybe you want to be more verbose? -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus sub folders
Am Montag 02 Februar 2009 14:04:57 schrieb Mohamed Ali: > > > when iam trying to access my mail from pop mail client i got only > > > > messages > > > > > that in the inbox and ignores all sub folders i created by squirrel > > > mail > > > > or > > > > > even with Cyrus , how can i let cyrus to fetch messages under > > > subfolders too? > > > > a) use IMAP, it's better. > > > > b) if you're force to use POP, you can use + addressing in your login to > > select a folder, eg: > > > > USER brong+Lists.Cyrus > > PASS x > > > > NOTE - you still need a separate pop connection for each separate > > folder. POP doesn't have the concept of multiple folders. > > > > Bron ( just use IMAP already ) > > is it limitation to cyrus only ? i have account on ms exchange and gmail so > both can download messages from sub folders . As Bron already mentioned, this limitation is in the POP3 Protocol. I'm sure you will find something about that in the RFC. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Email bounces: mailbox does not exist
> I have installed Cyrus 2.3.11 and it works fine together with Postfix. > But there is something strange. I found these two things: > > 1. Cyrus doesn't seem to accept mailboxes with a dot in it, like > "edwin.boersma". It then bounces the mail with a "Message contains > invalid header" message: > > : data format error. Command output: > edwin.boersma: Message contains invalid header > > It also says: > > Diagnostic-Code: x-unix; edwin.boersma: Message contains invalid header > > I changed to user name to "edwin_boersma" and then it works. > > Is this "works as designed" or just a plain bug? Did you enable unixhierarchysep in impad.conf? Without this the "." is a special Character in Cyrus. > 2. If I send an email to 2 or more users on the same server, the message > bounces with a "Mailbox does not exist" message. > > (expanded from > ): > data format error. Command output: : Mailbox does not exist > > (expanded from > ): > data format error. Command output: : Mailbox does not exist > > Both mailboxes are there, for sure. Sending to each user seperately works! You should not use deliver from Postfix. Deliver is just a wrapper between stdin and lmtp. Postfix can speak lmtp itself. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Issue with POP accounts getting locked.
> I have been facing this issue for quite some time now. > > We have a shared hosting server and cyrus-imapd-2.3.7-4. The issue is as > below. > > 1. Most of the time some of our roaming POP service users connect to the > server via a Data card on their laptops. Due to the travel they receive > varying bandwidth through their ISP and at times their email client > disconnects the POP server without properly terminating the POP session. > Thus leaving the stale lock on the pop server. We have to manually remove > the lock every time such thing happens. (We also use a script to do this) > > 2. Issue occurs when there is access to the email POP account from > multiple > Email Client at the same time. The users face issue of POP lock. > > I assume this is protocol level issue faced by cyrus, Can anyone tell me > if > there is any updated cyrus version /patch where in we can eliminate the > issue of > > 1. Stale lock getting ever created on the server. There is an option poptimeout in imapd.conf you can modify it, but not setting lower than 10 minutes without modifying the Sourcecode. This limit is given from rfc. rfc1939: A POP3 server MAY have an inactivity autologout timer. Such a timer MUST be of at least 10 minutes' duration. The receipt of any command from the client during that interval should suffice to reset the autologout timer. When the timer expires, the session does NOT enter the UPDATE state--the server should close the TCP connection without removing any messages or sending any response to the client. Check if the ISP really closes the TCP/IP Connection or maybe it keeps it open for a faster reconnect of the roaming Users. > 2. Multiple email clients can login at the same time. This is designed by Protocol. If a Client connects via POP3, the Mailbox must be locked. Maybe IMAP is an option? > For issue 1. is concerned as far as my experience goes cyrus faces the > issue of stale locks more often than other POP servers. > > Does anyone has any remedy on this? -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: different Cert for POP/IMAP
> I'm using cyrus with IMAPs and POP3s and would like to use different > certificates > Looking at the default imap.conf file I have different parameters for a > global certificate > As well as individual params for Cert/keys for IMAP/ POPs etc. > > When configuring the individual parameter pop3_tls_cert_file and > pop3_tls_key_file it seems these params are ignord. > Looking at the manpage (man imapd.conf) are not mentioned. > Though I' not a programmer, I had a look at the source itself and did not > find any hint for the > Use of pop3_tls_cert_file and pop3_tls_key_file. > These params are useless - can anybody confirm this? > How can I use different Certificates for pop and imap ? This overrides do not work with all Options. The two you mentioned will not work this way. Your chance is to use diffrent imapd.conf-Files for each Daemon and specify it in cyrus.conf. Create one common imapd.conf for all common options and for each Daemon one with the special Options. Then you can use the include-Statement to include the common one to the specials. imapd -C imapd_imapd.conf pop3d -C pop3d_imapd.conf man imapd.conf man pop3d man imapd -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus SASL Hack: Always pass authentication for one host
Am Donnerstag 18 Dezember 2008 15:19:23 schrieb ram:
> I am trying to write a hack into pam and always pass authentication for
> a particular host
>
> So I modified pam_mysql.c , but the issue is for cyrus I am always
> getting rhost as null
>
> This is what I put in pam_mysql.c
>
>
> PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags,
> int argc, const char **argv) {
>
> pam_get_item(pamh, PAM_RHOST,(PAM_GET_ITEM_CONST void **)&rhost);
> syslog(LOG_INFO,"RHOST = %s", rhost);
>
>
> I always get rhost as null. Is there a way I can get rhost set
I don't know exactly what rhost means here. Would guess something like Remote-
Host?
>From the logical Point of View. PAM is invoked from saslauthd, the Library
sends in behalf of the Application only 4 things to saslauthd. The Username,
Realm, Servicename and the Password. Nothing else. So there is just not enough
data in saslauthd to give something about the remote Host to PAM.
You would have to change the protocol between the SASL-Library and saslauthd
to pass something about the Remote End to saslauthd and then change the PAM-
Stuff in saslauthd to set the RHOST Data.
--
Andreas
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
RE: murder configuration issue final stretch
>> I found one of your older posting which also covers this. Here is what >> I did. >> >> I added psotfixlmtp as a user to both the frontend and and then ran the >> 'runuser - postfixlmtp -c "lmtptest mds01"' and used the password and it >> authenticated just fine. So I added the entry to my lmtp_passwd file >> for postfix. I also added the additional entries into the postfix >> main.cf file as per the instructions. >> >> On the frontend I added lmtp_admins: postfixlmtp and on the backends I >> added lmtp_admins: murder postfixlmtp. >> >> I did notice that when I try connecting to the lmtp on the frontend I >> get an error. I suspect that it's because it's looking for lmtp and >> it's running the lmtpproxy >> >> # runuser - postfixlmtp -c "lmtptest" >> WARNING: no hostname supplied, assuming localhost >> connect: Connection refused >> failure: Network initialization - can not connect to >> localhost.localdomain:lmtp >> >> Anyway, postfix is kicking this out in the log: >> >> lmtp[6073]: lmtp connection preauth'd as postman <-- why I'm getting >> this, I don't know >> >> I assume that for some reason it's still allowing anonynous connections >> to lmtp. I checked my cyrus.conf files on all servers and there is no >> "-a". It's perplexing. The information you gave me makes sense but it's >> like something has cached a setting and isn't letting go even though I >> have restarted all of the services. > > Looking at the source code in lmtpengine.c: > > /* we're not connected to a internet socket! */ > func->preauth = 1; > strcpy(cd.clienthost, "[unix socket]"); > syslog(LOG_DEBUG, "lmtp connection preauth'd as postman"); > > So it appears that unix socket connections are always preauth'd. You'll > need to enable Cyrus' lmtpd to listen on the internet socket as well. If > you are running Postfix on your frontends (it looks like you are), then > you could either disable Postfix's lmtp, or run the Cyrus lmtp on an > alternate port. You are right about the pre-authentication on a unix Socket. It is always turned on. Postfix has no lmtp-Server, so he does not need to disable something. The Unix Socket in Postfix which is named lmtp is the Socket from the Postfix Internal Side to it's lmtp-Client. I don't think this is a problem with/without pre-authentification. The lmtp-Server in Cyrus-IMAP uses the given proxy_authname/*_password, regardless of the credentials used in the connection to the lmtp-Server. > Maybe other folks know of a cleaner way to do this, or have other > suggestions. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: murder configuration issue final stretch
Am Donnerstag 11 Dezember 2008 16:53:39 schrieb Gary W. Smith: > This makes sense. I won't have any time until sunday to do any more > testing but we are using pam and I didn't think to check to make sure that > /etc/pam.d/lmtp was configured the same was as imap. > > Quick question. Is there a way to test lmtp via something like telnet (as > you would do with smtp)? Cyrus-Imap contains some test-tools. Look for imtest, smtptest, pop3test, lmtptest,... Cyrus-SASL has testsaslauthd, which can be used to test saslauthd alone > > > From: [EMAIL PROTECTED] on > behalf of Andreas Winkelmann Sent: Thu 12/11/2008 7:29 AM > To: info-cyrus@lists.andrew.cmu.edu > Subject: RE: murder configuration issue final stretch > > > First off, thanks for all of the help. I've gotten pretty far I think. > > I ran into a couple problems and some notes on some list groups about > > dead options that were shown in examples. > > > > http://garysmith.pbwiki.com/Cyrus > > > > I have put all of my configs into a wiki (broken down by server/type). > > The problem that I'm running into right now is that if I log into the > > frontend box using cyradmin (as root or cyrus) I can see mailboxes but > > when I go to create one on a backend server, cyradm prompts me for the > > password for the corresponding account on the remote machine. I'm not > > sure if this is by design or an issue. > > > > The other big issue is that I have lmtp configured on the frontend to > > forward to the backend. The lmtp process is running on the backend as I > > can telnet to it (telnet ip lmtp). On the backend I seem to be getting a > > SASL2 auth error. > > > > badlogin: 10.80.72.1 PLAIN SASL(-13): authentication failure: Password > > verification failed > > Did you test LMTP-Authentication at the Backend? > > Looks like a SASL-Configuration Issue. > > How did you configure SASL/saslauthd? > > Check if proxy_authname with *_password from the Frontend Configuration is > able to login via LMTP. > > Maybe you are using pam and should configure the file for lmtp as well as > for imap. > > > I believe this is the final problem. Now there is another crazy setting > > in the mix (but it shoudln't be an impact). We use pam/nss mysql. This > > has been working for some time and is working well on stand alone > > servers. I have configured it on the frontend server as well. I can > > login to the frontend just fine (which is a mysql account). > > > > That's my outstanding issues at this time that (as I can't get past > > those). > > > > The last thing that I'm looking into is autocreatequota setting. We used > > this on the standalone boxes and it worked well for us. When we attempt > > to create an account on the frontend it fails as we don't have it enabled > > on the frontend. When we enable it on the frontend the account is > > created on the frontent and attempts to delete or move (rename) fail. Is > > there any hope for autocreate? -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
RE: murder configuration issue final stretch
> First off, thanks for all of the help. I've gotten pretty far I think. I > ran into a couple problems and some notes on some list groups about dead > options that were shown in examples. > > http://garysmith.pbwiki.com/Cyrus > > I have put all of my configs into a wiki (broken down by server/type). > The problem that I'm running into right now is that if I log into the > frontend box using cyradmin (as root or cyrus) I can see mailboxes but > when I go to create one on a backend server, cyradm prompts me for the > password for the corresponding account on the remote machine. I'm not > sure if this is by design or an issue. > > The other big issue is that I have lmtp configured on the frontend to > forward to the backend. The lmtp process is running on the backend as I > can telnet to it (telnet ip lmtp). On the backend I seem to be getting a > SASL2 auth error. > > badlogin: 10.80.72.1 PLAIN SASL(-13): authentication failure: Password > verification failed Did you test LMTP-Authentication at the Backend? Looks like a SASL-Configuration Issue. How did you configure SASL/saslauthd? Check if proxy_authname with *_password from the Frontend Configuration is able to login via LMTP. Maybe you are using pam and should configure the file for lmtp as well as for imap. > I believe this is the final problem. Now there is another crazy setting > in the mix (but it shoudln't be an impact). We use pam/nss mysql. This > has been working for some time and is working well on stand alone servers. > I have configured it on the frontend server as well. I can login to the > frontend just fine (which is a mysql account). > > That's my outstanding issues at this time that (as I can't get past > those). > > The last thing that I'm looking into is autocreatequota setting. We used > this on the standalone boxes and it worked well for us. When we attempt > to create an account on the frontend it fails as we don't have it enabled > on the frontend. When we enable it on the frontend the account is created > on the frontent and attempts to delete or move (rename) fail. Is there > any hope for autocreate? -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Easy bug: undocumented option "sasl_saslauthd_path" to imapd
> imapd.conf will accept an option: > >sasl_saslauthd_path: /var/spool/postfix/var/run/saslauthd/mux > > instructing it to connect to the saslauthd socket in a non-standard > location (usually /var/run). This is very useful if e.g. you're > running Postfix in a chroot. > > A recursive grep for ``sasl_saslauthd_path'' in the source yields no > occurances of this option anywhere! It should at least be in the > imapd.conf or imapd manpages, correct? This (saslauthd_path) is a Cyrus-SASL Option, not a Cyrus-IMAP option. If the Cyrus-SASL Library wants to resolv an Option it asks the Application first if it wants to override the Option. In Cyrus-Imap this feature is used and you can specify Cyrus-SASL Options in the Configuration File of Cyrus-IMAP. To separate these Options from the real Cyrus-IMAP Options they have to be prefixed with "sasl_". So in Cyrus-IMAP all given sasl_* Options are forwarded to Cyrus-SASL. There is no other relation for these Options in Cyrus-IMAP. I see no sense in adding documentation for each Cyrus-SASL Option to Cyrus-IMAP's Documentation. There are a lot more than mentioned in the imapd.conf Man-Page. But maybe it would be nice to have a better desciption of this handling in the man-Page. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: segfault after upgrade
Am Montag 03 November 2008 21:45:30 schrieb Steffen Vinther Sørensen:
> I recently updated a CentOS 4 installation using the CentOS package
> manager "yum". the cyrus imapd and the dbd packages was upgraded along
> with several other packages. After that there seems to be an issue
> with the Cyrus imapd "shared" mailboxes (the ones where users needs to
> subscribe in order to use)
>
> I already tried rebuilding mailboxes.db, by dumping it as text and
> restoring it, but with no luck. Any further advice would be very
> welcome:
>
> Here is all the info I can think of:
>
> cyradm version request:
> mail.somecompany.dk> version
> name : Cyrus IMAPD
> version: v2.2.12-Invoca-RPM-2.2.12-9.RHEL4 2005/02/14 16:43:51
> vendor : Project Cyrus
> support-url: http://asg.web.cmu.edu/cyrus
> os : Linux
> os-version : 2.6.9-78.0.5.ELsmp
> environment: Built w/Cyrus SASL 2.1.19
> Running w/Cyrus SASL 2.1.19
> Built w/Sleepycat Software: Berkeley DB 4.2.52: (July 14,
> 2007) Running w/Sleepycat Software: Berkeley DB 4.2.52: (July 14, 2007)
> Built w/OpenSSL 0.9.7a Feb 19 2003
> Running w/OpenSSL 0.9.7a Feb 19 2003
> CMU Sieve 2.2
> TCP Wrappers
> mmap = shared
> lock = fcntl
> nonblock = fcntl
> auth = unix
> idle = poll
>
>
> /var/log/messages gets this every time a user tries to connect:
> mail kernel: imapd[13804]: segfault at rip
> 0030d36705f2 rsp 007fbfffcc88 error 4
>
> /var/log/maillog
> Nov 3 21:34:05 mail imap[14118]: accepted connection
> Nov 3 21:34:05 mail master[14144]: about to exec
> /usr/lib64/cyrus-imapd/imapd Nov 3 21:34:05 mail imap[14144]: executed
> Nov 3 21:34:05 mail imap[14118]: login: svs.somecompany.dk
> [192.168.1.20] svs plaintext User logged in
> Nov 3 21:34:05 mail master[31849]: process 14118 exited, signaled to
> death by 11
> Nov 3 21:34:05 mail master[31849]: service imap pid 14118 in BUSY
> state: terminated abnormally
>
> strace for imapd process having the segfault, using strace -ff -p
> on the cyrus-master pid:
...
> open("/var/spool/imap/user/ecivrese-fejl/cyrus.header", O_RDWR) = 14
> fstat(14, {st_mode=S_IFREG|0600, st_size=182, ...}) = 0
> mmap(NULL, 182, PROT_READ, MAP_SHARED, 14, 0) = 0x2a97f59000
> --- SIGSEGV (Segmentation fault) @ 0 (0) ---
Did you run a reconstruct on this Mailbox (ecivrese-fejl)?
--
Andreas
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: offering limited pop access
Am Donnerstag 30 Oktober 2008 18:51:23 schrieb Wesley Craig:
> On 30 Oct 2008, at 12:54, Andreas Winkelmann wrote:
> > Service-Name itself is the given name of the Daemon from
> > cyrus.conf. It is not
> > the service Name from Cyrus-SASL. Separating Options between the
> > Daemons is
> > not a Cyrus-SASL Feature it is a Cyrus-IMAP Feature. You can use it
> > for other
> > Options than Cyrus-SASL Options in imapd.conf, too.
>
> I notice that pop3d.c doesn't seem to use the sasl_service from
> pop3_protocol. Instead, it appears to be hard coded in imap/pop3d.c
> service_main() around line 510:
>
> if (sasl_server_new("pop", config_servername, NULL, NULL, NULL,
> NULL, 0, &popd_saslconn) != SASL_OK)
This is the Cyrus-SASL Service Name. But not related to the Service Name which
prepends to the Options in imapd.conf.
The Cyrus SASL Service Name is hard-coded. In case of pop3 it is "pop".
> I believe that first argument is the one that's passed to the
> callbacks below as plugin_name. I could be wrong, I haven't tested
> this at all, I've only been looking over the code, in order to answer
> the earlier question of "how could I know about this hard to find
> option".
In case of the "plugin_name" you are looking at a Call Back which is called
every time, the Cyrus-SASL Library tries to resolve an option. For common
Cyrus-SASL Options like pwcheck_method, mech_list, saslauthd_path, ...
plugin_name is NULL.
> Again, looking at the code, I see two places when the config option
> is not constant, i.e., it's built from components. The first is in
> imap/global.c:
>
> /* this is a wrapper to call the cyrus configuration from SASL */
> int mysasl_config(void *context __attribute__((unused)),
>const char *plugin_name,
>const char *option,
>const char **result,
>unsigned *len)
> {
> ...
> if (plugin_name) {
> /* first try it with the plugin name */
> strlcpy(opt, "sasl_", sizeof(opt));
> strlcat(opt, plugin_name, sizeof(opt));
> strlcat(opt, "_", sizeof(opt));
> strlcat(opt, option, sizeof(opt));
> *result = config_getoverflowstring(opt, NULL);
> }
>
> if (*result == NULL) {
> /* try without the plugin name */
> strlcpy(opt, "sasl_", sizeof(opt));
> strlcat(opt, option, sizeof(opt));
> *result = config_getoverflowstring(opt, NULL);
> }
> ...
Because plugin_name is NULL in most cases, the interesting part here is
config_getoverflowstring()@lib/libconfig.c:
const char *config_getoverflowstring(const char *key, const char *def)
{
char buf[256];
char *ret = NULL;
/* First lookup _key, to see if we have a service-specific
* override */
if(config_ident) {
if(snprintf(buf,sizeof(buf),"%s_%s",config_ident,key) == -1)
fatal("key too long in config_getoverflowstring", EC_TEMPFAIL);
ret = hash_lookup(buf, &confighash);
}
/* No service-specific override, check the actual key */
if(!ret)
ret = hash_lookup(key, &confighash);
/* Return what we got or the default */
return ret ? ret : def;
}
config_ident is filled from master with the first column from cyrus.conf of
the assoiciated Service. So in the case of pop3 Cyrus-IMAP tries first to
lookup the Option with "pop3_sasl_..."
> The sasl_ seems to be pretty well described in the man
> page for imapd.conf. The method with the plugin_name
> (sasl__) wasn't in the documentation that I
> could find.
A few examples for plugin_name "SQL", "ldapdb", "DIGEST-MD5", "GSSAPI", "SRP",
NULL. The environment of the related option from Cyrus-SASL specifies the
plugin_name. All ldapdb_ Options have "ldapdb", "sql_*" "SQL" and so on...
> The second place is in imap/backend.c:
>
> static int backend_authenticate(struct backend *s, struct protocol_t
> *prot,
> char **mechlist, const char *userid,
> sasl_callback_t *cb, const char
> **status)
> {
> ...
> strlcpy(optstr, s->hostname, sizeof(optstr));
> p = strchr(optstr, '.');
> if (p) *p = '\0';
> strlcat(optstr, "_password", sizeof(optstr));
> pass = config_getoverflowstring(optstr, NULL);
> if(!pass) pass = config_getstring(IMAPOPT_PROXY_PASSWORD);
> ...
> /* Get SASL mechan
Re: offering limited pop access
Am Donnerstag 30 Oktober 2008 17:09:21 schrieb Wesley Craig: > I think the actual syntax would be: > > sasl_pop_pwcheck_method: auxprop > sasl_pop_auxprop_plugin: sasldb > > The documentation (which needs improvement, and since you're getting > free help on the cyrus list I hope you'll open a bugzilla with some > suggested improvements) is mostly in the imapd.conf man page. In > particular: > > sasl_option: 0 > Any SASL option can be set by preceding it with > "sasl_". This > file overrides the SASL configuration file. > > There are a couple of other examples, e.g.: > > sasl_pwcheck_method: > The mechanism used by the server to verify plaintext > passwords. > Possible values include "auxprop", "saslauthd", and > "pwcheck". > > What's mentioned in the SASL documentation (which is considerably > worse than the IMAP documentation, IMHO) is that you can put the > service name between sasl_ and _option. No, the Service-Name is prepended before the complete Option. This means servicename_sasl_option: ... For example: pop3_sasl_mech_list: PLAIN LOGIN > Also missing is what Cyrus > IMAP uses for the service names -- I looked in the code to decide > that "pop" was probably right and "pop3" is probably wrong. Service-Name itself is the given name of the Daemon from cyrus.conf. It is not the service Name from Cyrus-SASL. Separating Options between the Daemons is not a Cyrus-SASL Feature it is a Cyrus-IMAP Feature. You can use it for other Options than Cyrus-SASL Options in imapd.conf, too. ... pop3 cmd="pop3d" listen="pop3" prefork=0 ... Here it is "pop3". So Options for this Service begin with: pop3_ > On 30 Oct 2008, at 06:42, Ian Eiloart wrote: > > Can I ask how you discovered the "well hidden feature" of > > imapd.conf? Is > > there proper documentation for this anywhere? > > > > --On 29 October 2008 20:16:21 +0100 Andreas Winkelmann > > <[EMAIL PROTECTED]> > > > > wrote: > >> # SASL-COnfig only for pop3 Daemon > >> pop3_sasl_pwcheck_method: auxprop > >> pop3_sasl_auxprop_plugin: sasldb > >> pop3_sasl_mech_list: plain login cram-md5 digest-md5 At the end, I would add another (and maybe the best) way. You (OP) can add the Servicename in the LDAP-Query from saslauthd with %s. So you only need to add something in the LDAP-Entry which includes the Service-Name. Here it is the Cyrus-SASL Service Name "imap", "pop", "sieve"... -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: offering limited pop access
> I offer an IMAP service to 12000 users, but we don't offer POP3. > > However, we have a blind person who has a braille computer, with POP3 > client, but no IMAP client. > > I've configured a perdition proxy which can give him POP, but not IMAP > access. However, we're moving toward using Cyrus proxyd front end, with > LDAP authentication (through SASL). > > Is there a way I can configure my murder cluster to perform a different > IMAP lookup for POP3 authentication, compared to IMAP authentication. Or, > is there some other way that I can restrict POP3 access to certain users? > > I've got configuration files at > /local/cyrus-sasl-2.1.22/lib/sasl2/imap.conf > which just says: > pwcheck_method: saslauthd > mech_list: plain > I presume I need a pop.conf file that's similar, but can't find any > documentation. > > and > /local/cyrus-sasl-2.1.22/etc/saslauthd.conf > which specifies how to access the LDAP servers. > > I want everything the same, but with a different value for ldap_filter. > Can > I just override this in pop3.conf? Or do I set sasl_ldap_filter my cyrus > configuration, instead? If you want to use ldap for both cases, you have to use two diffrent saslauthd's running. I would think about a diffrent auxprop Backend for example sasldb with only one entry for this User. Use the well hidden feature in your imapd.conf and separate them with: # SASL-COnfig only for pop3 Daemon pop3_sasl_pwcheck_method: auxprop pop3_sasl_auxprop_plugin: sasldb pop3_sasl_mech_list: plain login cram-md5 digest-md5 and # SASL-Config for all other Daemons sasl_pwcheck_method: saslauthd sasl_mech_list: plain login or you can use just: sasl_pwcheck_method: auxprop saslauthd sasl_auxprop_plugin: sasldb This would look in both backends. If you don't want to use sasldb and insist in using saslauthd, then something like: pop3_sasl_saslauthd_path: /path/to/second/saslauthd/mux and configure a second independent instance of saslauthd with it's own Configuration for this one User. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Folders which automatically mark all messages as read/seen?
Am Donnerstag 23 Oktober 2008 21:48:44 schrieb Ralph Seichter:
> Jeff wrote:
> > Sieve scripts can mark messages as read, though I'm not an expert on
> > sieve.
>
> Thanks for your suggestion, Jeff. I tried the following:
>
> require "fileinto";
> require "imapflags";
>
> if address :contains ["To", "Cc"] "[EMAIL PROTECTED]"
> {
> addflag "\seen";
> fileinto "INBOX.foo";
> }
>
> I use Cyrus IMAP Daemon 2.3.12_p2 on Gentoo Linux, and I installed the
> Sieve script using the 'sieveshell' utility. The 'fileinto' is executed,
> but 'addflag' does not seem to have any effect. I tried both SquirrelMail
> and Mozilla Thunderbird as clients, but the messages in folder INBOX.foo
> appear as unread/unseen with both, just as in every other folder.
Did you try:
...
addflag "\\seen";
...
In the examples in draft-melnikov-sieve-imapflags-03.txt flags begin with two
backslashes.
--
Andreas
--
--
Andreas
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Migration 1.5 -> 2.2
Hi everyone, i just upgrade my virtual test system from debian sarge (cyrus 1.5) to debian etch (cyrus 2.2). Is it possible to migrate the old mailboxes in to the new system? If yes, how? Thanks in advance! Kind regards, Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Quota Problem with Cyrus 1.5
Hi all, I'm having a problem with an old cyrus 1.5 installation on a debian sarge box. Cyrus does not reject mail for users with an over_quota mailbox. So my postfix queue runs full. I know, that there is lmtp_overquota_perm_failure for cyrus 2. Is there any equivalent for cyrus 1.5, or another possibility to reject these mails? Kind Regard, Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Sieve vacation function not working..
On Friday 14 September 2007 20:51, Joseph Silverman wrote: > ALL other sieve functions work as described. Vacation simply doesn't > work - mail is delivered, but no response is sent out. This is true > in multiple versions of cyrus: > > * OK HOST Cyrus IMAP4 v2.2.13-Mandriva-RPM-2.2.13-4mdv2007.1 server > ready > * OK HOST Cyrus IMAP4 v2.2.12-Mandriva-RPM-2.2.12-15mdk server ready > > The one "caveat" is that we are using sendmail as our MTA. I have > tested many sieve functions, they all seem to work except vacation. > And, yes, I always use a different from address to avoid the send- > once-every-n-days function. > > Is there something I am missing? Obviously vacation works for some > folks out there. But just as obviously, from googling for failures, > there are a substantial number of folks who can't or couldn't at the > time the messages were posted, get it to work. Show your config (imapd.conf) and the (Part of the) Sieve-Script. Maybe even too, the way you deliver Mails to Cyrus. > Thank you for your time! - Yossie > > Here are a few googled links reporting issues with sieve/vacation in > cyrus: > > http://archives.devshed.com/forums/networking-100/cyrus-sieve-with- > vacation-does-not-go-1673174.html > http://www.usenet.com/newsgroups/comp.mail.imap/msg00608.html > http://www.webservertalk.com/archive202-2006-6-1548266.html > http://www.irbs.net/internet/info-cyrus/0412/0031.html > http://forums.fedoraforum.org/archive/index.php/t-20225.html -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus admin access to user mailboxes
On Friday 14 September 2007 10:39, [EMAIL PROTECTED] wrote: > Just a quick question regarding accessing mailboxes via admin accounts. I > have Cyrus configured with 4 admins named in the imapd.conf file but I > can't find how to access users accounts which we have to do under certain > circumstances. On exchange you'd log in with domain/user/mailboxowner to > gain access. What's the best method of doing with Cyrus? Please explain what you mean with "access user accounts". -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Delivery to submailboxes
On Friday 14 September 2007 08:42, Philipp Leusmann wrote: > thanks for your help. it now works like a charm, though I still cannot > find that topic on the FAQ. > By the way, is there any further information on setting/using acls in > the docs? Especially what the anonymous user is for. Don't know if this is available Online, but there is a fine Documentation in the Tarball. .../cyrus-imapd-2.3.9/doc/index.html The overview is a nice start. Including something about acls, anonymous and so on. .../cyrus-imapd-2.3.9/doc/overview.html -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Delivery to submailboxes
On Thursday 13 September 2007 17:59, Philipp Leusmann wrote: > I am trying to get a postfix+cyrus+dspam setup working. Everything is > set up so far except, that mails classified as spam by dspam are not > delivered to the username.quarantine mailbox as desired. > I already traced the lmtp conversation and dspam is trying to deliver > the mail to the correct mailbox using "RCPT.TO:". > But in the end the mail always is in the normal inbox. > Is there parameter I have to switch in the cyrus config to enable the > desired behaviour? Hmm, this seems to be a FAQ. You have to give anonymous the "p"-Right on the Sub-Mailbox to get it working. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: LMTP AUTH with sendmail?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Andrzej!
Thanks for your reply!
Andrzej Adam Filip schrieb:
> You use older MAILER(`cyrus'). Take a look at newer MAILER(`cyrusv2').
I *am* using cyrusv2 mailer already (as I wrote in my first mail)
> Cyrusv2 supports direct LMTP over unix socket.
>
I don't want to use LMTP over unix domain socket (which
of course works and of course gives me access control
using unix file permissions) but over INET sockets
(i.e. LMTP over TCP), as machines running sendmail and cyrus
imapd are distinct and connected through a TCP/IP network.
As I wrote, I already have LMTP over TCP running, but only with
pre-authorization ("lmtpd -a") and I want to configure "real"
authentication now if possible...
> For AUTH over LMTP ask at news:comp.mail.sendmail
>
Ok, I'll try that.
Just makes me wonder if anybody here has ever used this
setup...
- - andreas
- --
Andreas Haumer | mailto:[EMAIL PROTECTED]
*x Software + Systeme | http://www.xss.co.at/
Karmarschgasse 51/2/20 | Tel: +43-1-6060114-0
A-1100 Vienna, Austria | Fax: +43-1-6060114-71
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGFkACxJmyeGcXPhERAtk6AJ9C85QWr1HjqQU3WCt3N+eGAy8VrwCgwewj
dubcnXeOFJeY5g5Rn9jGVSo=
=nocR
-END PGP SIGNATURE-
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: LMTP AUTH with sendmail?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi! Casper schrieb: > i have a murder with different servers like imap smtp, configure cyrus > with murder enabled and add the things i wrote before + many other things > like authentication and so on... then it work. > ok, I see... I was rather looking for a solution without cyrus-murder. It seems to be possible with postfix or exim which seem to have integrated the mail delivery functionality using LMTP (using UNIX or INET socket family) directly into the MTA (can anyone confirm that?), but sendmail seems to rely on the external cyrus "deliver" program and I don't know how to configure this combination to use LMTP AUTH (without cyrus murder) - if it is possible at all! Has anyone been there before? - - andreas - -- Andreas Haumer | mailto:[EMAIL PROTECTED] *x Software + Systeme | http://www.xss.co.at/ Karmarschgasse 51/2/20 | Tel: +43-1-6060114-0 A-1100 Vienna, Austria | Fax: +43-1-6060114-71 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGFgc+xJmyeGcXPhERApSNAJ4tDNdkmH+hEfMwNJLVNU/ybuCd0ACfXxsq eaT0VLPZxymLb/wgNGdzJZs= =CbPX -END PGP SIGNATURE- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: LMTP AUTH with sendmail?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi! Many thanks for your reply! Casper schrieb: > on the sendmail lmtp server in imapd.conf look for > > lmtpproxy_authname: user > lmtpproxy_password: pwd > I guess this configuration settings are used by the cyrus "deliver" program, correct? > lmtpsocket: /spool/lmtp.socket > I want to use LMTP over TCP (sendmail and cyrus imap server run on different machines, connected by TCP/IP network), how does the configuration of a Unix domain socket fit into scenario? > > and on the imap add proxyusers. > > > imapserver_password: pwd > > proxy_authname: user > > > All in the manual. > Hm, which cyrus imapd version are you talking about? I'm using 2.2.13 and "lmtpproxy_authname", "lmtpproxy_password" and "imapserver_password" are neither mentioned in the manual page nor in the HTML docs (or in any of the cyrus-imapd-2.2.13 distribution source files...). Is this a new feature? - - andreas - -- Andreas Haumer | mailto:[EMAIL PROTECTED] *x Software + Systeme | http://www.xss.co.at/ Karmarschgasse 51/2/20 | Tel: +43-1-6060114-0 A-1100 Vienna, Austria | Fax: +43-1-6060114-71 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGFU44xJmyeGcXPhERAirIAJ9TOh/Ye/zqZjnT/NrpnxsuSFUq5gCfRwCG RMrQ54q3nhbI95BxGl3UBd8= =cFTZ -END PGP SIGNATURE- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
LMTP AUTH with sendmail?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi!
I'm about to set up a Cyrus IMAP server machine and want to
have several other machines running sendmail to deliver mail
to the IMAP server using LMTP over TCP (btw: all machines are
running Linux)
This raises the question of authenticating the mail delivery
machines to the IMAP server.
I already have a setup running with "pre-authorization"
(lmtpd option "-a") using the following configuration settings:
In /etc/cyrus.conf on the IMAP server machine:
SERVICES {
[...]
lmtp cmd="lmtpd -a" listen="lmtp" prefork=1
[...]
}
In /etc/hosts.allow on the IMAP server machine:
[...]
lmtp: a.b.c.72, a.b.c.80, a.b.c.91
[...]
In /etc/hosts.deny on the IMAP server machine:
[...]
lmtp: ALL
[...]
In /etc/mail/sendmail.mc on the mail delivery machines:
[...]
define(`confLOCAL_MAILER', `cyrusv2')dnl
define(`CYRUSV2_MAILER_ARGS', `TCP my.cyrus.server.tld lmtp')dnl
[...]
In order to improve security I'd rather use "real" authentication
for the LMTP client against the LMTP server, but I have not found
a single piece of documentation or example of how to do this with
sendmail (I have found examples for postfix or exim, though)
I know how to set up SMTP AUTH with sendmail (both as client
and as server), but not LMTP AUTH (as client)
Is real LMTP AUTH with sendmail possible at all?
Has anyone already set up such a beast?
I'd appreciate any hints or configuration examples!
Thanks!
- - andreas
- --
Andreas Haumer | mailto:[EMAIL PROTECTED]
*x Software + Systeme | http://www.xss.co.at/
Karmarschgasse 51/2/20 | Tel: +43-1-6060114-0
A-1100 Vienna, Austria | Fax: +43-1-6060114-71
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGFN2rxJmyeGcXPhERAuiXAKCVQms7Nc3x7ghZlanbKhYFha+aHQCgu530
mcW+T3kbwyMGzg6G2EKYbhc=
=gRCt
-END PGP SIGNATURE-
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: experience report / upgrading to cyrus-imapd 2.3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 JFYI, replying to my own mail: I've just upgraded the below mentioned backend to 2.3.8. The acl compatibilty issues have been fixed just fine. The new 2.3 backend within the existing 2.1 murder works great now. Since I have some uppercase mailboxes though, I had to set "username_tolower: 0" to make things working. On Thu, Sep 14, 2006 at 05:45:53PM +0200, Andreas S. Kerber wrote: > Hi, > > currently we have a murder with 2 frontends, 3 backends and mupdate > running on one of the backends (all running cyrus-imapd 2.1.x). > > Today I've added a new backend which is running 2.3.7 and it went suprisingly > well. Moving mailboxes between the old and the new backends, lmtp delivery, > imap > and pop3 access worked immediatly and without any problems. > > The only problems I've found so far are these: > > - "kick_mupdate: can't connect to target: No such file or directory" messages > in the > logfile whenever one enteres a mailbox with imap (not when using pop3). > > - the transfered sieve script did not work reliable (sieve runtime error for > .*: Not a bytecode file). uploading it again fixed this. > > - deletion of messages via imap does not work through the old frontends, > possibly due to the > new ACL code in 2.3 which offers separate rights for message delete, mailbox > delete, and expunge. > The only way to fix this seems upgrading the frontends as well. Can anyone > confirm this > or has another idea how to fix this? > -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQFFyvHkP0gnkXA27R8RAl3SAJ9xFaFnVE5YNFOKbR8w/ilKzASVLwCgi5Bv r3kRMA4HyTIFp88I5mbJIMM= =qDRj -END PGP SIGNATURE- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Certificate selection by IP
On Friday 12 January 2007 10:35, Janne Peltonen wrote: > Is it possible to configure Cyrus so that the server certificate it > provides would depend on the IP used to connect to it? > > Our current system has users differentiated by faculty so that a user > configures her imaps server according to her faculty. Each faculty has > its own imaps server fqdn each of which corresponds to a different IP. > Each real physical server serves multiple faculties. Each server has > multiple IPs and a separate stunnel instance for each IP/fqdn/faculty. > Thus, we can have a separate certificate for each IP/fqdn/faculty, even > if there are many faculties served by one Cyrus server. > > We are upgrading our system, and want to get rid of the stunnels. > Moreover, we want to give our users a unified system image. So in theory > we could get by with only one fqdn for each user. But we'd like to avoid > having all our approx 50 000 users reconfigure their imaps clients. So > we'd like to have our unified server (or a cluster of servers) continue > providing imaps service on the faculty-based fqdns/IPs. Problem is, some > widely-used clients (notably Thunderbird/Icedove) are picky about the CN > of the certificate matching the fqdn they are using to connect. But if > Cyrus will give the same certificate no matter the IP it is connected > via, that's what'll happen. > > So. Can Cyrus be configured to give different certificates based on the > server IP? /etc/cyrus.conf imap1 cmd="imapd" listen="ip.add.ress.1:imap" prefork=1 imap2 cmd="imapd" listen="ip.add.ress.2:imap" prefork=1 ... /etc/imapd.conf imap1_tls_cert_file: xxx1 imap2_tls_cert_file: xxx2 ... should work. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: A script for fixing bare newlines in mailbox files?
On Thursday 11 January 2007 23:35, Zachariah Mully wrote: > We've been bitten by migrating some of our people from Outlook to > Thunderbird, and then using Tbird to move their mail off their local > machines onto the IMAP server where it belongs. Unfortunately we've not > patched Cyrus to accept bare newlines, nor intend to... Since I have > access to the local mailboxes does anybody have a perl script or > something of the like that would remove the bare newlines from the raw > mailbox files? My perl-fu sucks this days, and I've not been able to > figure where and how to remove them... What do you mean with "bare newlines" in mailboxes.db? What does an Export as Textfile show? (as cyrus) $ ctl_mboxlist -d -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: [ Re: why does salspasswd2 always append a realm?]
On Friday 05 January 2007 09:51, Alex Prinsier wrote: > I think I have the _exactly_ same problem as Mr. Gruber. This is my setup: > > (important part of) imapd.conf: > virtdomains: userid > defaultdomain: mail.internal.ejibe.net > servername: mail.internal.ejibe.net > admins: cyrus > sasl_pwcheck_method: auxprop > sasl_auxprop_plugin: sasldb > > # sasldblistusers2 > [EMAIL PROTECTED]: userPassword > > cyradm --user [EMAIL PROTECTED] localhost > > Login failed: authentication failure at > /usr/lib/perl5/Cyrus/IMAP/Admin.pm line 118 > > Hope anyone can see a big mistake in this setup? Please try:. $ cyradm --user cyrus localhost If this does not work, show the related Loglines. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: ldap lookup with different search_base's?
On Wednesday 03 January 2007 22:43, Marten Lehmann wrote: > for common email users, I have a path like this: > > [EMAIL PROTECTED],ou=users,dc=mailservices > > so the search base is ou=users,dc=mailservices. > > Using this, authentication works fine. But I would like to include the > admin user into the ldap lookup as well. How can I manage this? > > I planned to have the admin user at cn=admin,dc=mailservices. How do I > manage that saslauthd checks in both paths? What do I have to enter at > "admins" in /etc/imapd.conf? Does anyone have a similar setup and can > provide some config files or examples? Hmm, you can use ldapdb. Then you can specify multiple authz-regexp In slapd.conf. Seperate them somehow in the Matching-Pattern. I havn't tested this, but I think it's a try worth. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: why does salspasswd2 always append a realm?
On Wednesday 03 January 2007 22:38, Marten Lehmann wrote: > I would like to insert an admin-user without a domain/realm into an > sasldb2. But saslpasswd2 always appends the hostname to the userid I > provide. > > Example: > > echo "test" | saslpasswd2 -c admin > sasldblistusers2 > [EMAIL PROTECTED]: userPassword > > How can I avoid this? I have "virtdomains: userid" in my > /etc/imapd.conf, but I need an admin-user without realm so that I manage > all accounts with it, not just accounts within the same realm. Use a defaultdomain (man imapd.conf). imapd.conf: admins: admin [EMAIL PROTECTED] ... defaultdomain: domain.tld # saslpasswd2 -cu domain.tld admin And authenticate as "admin". -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Problem starting cyrus imap in FC6 Was:[Re: Newbie needs help]
On Tuesday 02 January 2007 22:34, Uwe Kiewel wrote:
> > > I ran into a problem with an postfix-mysql-cyrus installation and i
> > > don't know what to do.
> > >
> > > I used the postfix-cyrus howto to set up the server. The postfix, the
> > > saslauthd and mysql server started without any problem, but when i
> > > tried to start cyrus i got the following error message:
> > >
> > > cyrus-imapd Datenbanken importieren:
> > > [FEHLGESCHLAGEN]
> > >
> > > It is a german error message and it means:
> > >
> > > import of cyrus imapd databases: terminated
> >
> > Hmm, this is a Script from FC/RH. I don't know what it does, when it
> > tries to "import Databases".
>
> The FC Start/Stop scripts do as follow (only importent parts of the
> script):
>
> Start:
>
> $RUNUSER - cyrus -c "umask 166 ; /usr/lib/cyrus-imapd/cvt_cyrusdb_all
> > ${CONFIGDIRECTORY}/rpm/db_import.log 2>&1" < /dev/null
> RETVAL=$?
> if [ $RETVAL -eq 0 ]; then
> success $"$BASENAME importing databases"
> else
> failure $"$BASENAME error importing databases, check
> ${CONFIGDIRECTORY}/rpm/db_import.log"
> fi
Hmm, this is english and the "check ${CONFIGDIRECTORY}/rpm/db_import.log" is
missing in the German output. I hope this is the same Version.
cvt_cyrusdb_all is not a Cyrus-Imapd Command. I would guess, this is a RH/FC
Extension. Check what it does. It seems to fail.
And of course check the Logfile ${CONFIGDIRECTORY}/rpm/db_import.log
> Please check the log files located in /var/lib/imap/rpm
Yes.
--
Andreas
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Coping mail
On Tuesday 02 January 2007 15:12, Przemyslaw Gawronski wrote:
> Hi, how can I copy a mail received and send by a user to another users
> folder automatically in cyrus-imapd-2.2.12 ?
Cyrus-Imapd is not involved in sending a Mail from an User. This is the Job of
an MTA. Configure your MTA to do this job.
--
Andreas
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Newbie needs help
On Tuesday 02 January 2007 02:46, Carsten Laun-De Lellis wrote: > I ran into a problem with an postfix-mysql-cyrus installation and i don't > know what to do. > > I used the postfix-cyrus howto to set up the server. The postfix, the > saslauthd and mysql server started without any problem, but when i tried to > start cyrus i got the following error message: > > cyrus-imapd Datenbanken importieren: [FEHLGESCHLAGEN] > > It is a german error message and it means: > > import of cyrus imapd databases: terminated Hmm, this is a Script from FC/RH. I don't know what it does, when it tries to "import Databases". Check your Log, when Cyrus-Imapd or the Script tries to start. > I have a FC6 installation and installed all modules with yum. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: mailboxes.db problem
On Sunday 31 December 2006 00:07, RJ45 wrote: > OS is FreeBSD 5.5-STABLE > > cyrus-imapd 2.2.12 installed > > this problem started accouring after a RAID5 reconstruction. What means RAID5 reconstruction? A Rebuild of a failed Disk or did you reinitialize/reformat the Raid 5? Is the rebuild running at the moment? Did you check the Filesystem? > cyrus was installed using ports collection > >> Dec 29 13:11:59 postino ctl_cyrusdb[2922]: DBERROR: dbenv->open > >> '/var/imap/db' failed: Invalid argument Does this Directory '/var/imap/db' exist? At the first sight, this looks for me like a Berkeley-DB Version mismatch. Cyrus is build with Version x but you have installed/it is running with version y. Check this. Stop Cyrus and Start it again. Show the Logs from the Start-Moment. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: mailboxes.db problem
On Friday 29 December 2006 15:21, RJ45 wrote: > Dec 29 13:11:59 postino ctl_cyrusdb[2922]: DBERROR db3: log_flush: LSN > past current end-of-log > Dec 29 13:11:59 postino ctl_cyrusdb[2922]: DBERROR db3: log_flush: LSN > past current end-of-log > Dec 29 13:11:59 postino ctl_cyrusdb[2922]: DBERROR db3: Recovery function > for LSN 1507 215027 failed > Dec 29 13:11:59 postino ctl_cyrusdb[2922]: DBERROR: dbenv->open > '/var/imap/db' failed: Invalid argument Which OS is that? Which Versions of Cyrus-Imapd and Berkeley DB are installed and how did you install them? Is this a Distribution and you have installed Packages or did you install from source? Was this an Upgrade or what happened before this? > Dec 29 13:11:59 postino ctl_cyrusdb[2922]: DBERROR: init() on berkeley > Dec 29 13:11:59 postino ctl_cyrusdb[2922]: DBERROR db3: environment not > yet opened > Dec 29 13:11:59 postino ctl_cyrusdb[2922]: DBERROR: opening > /var/imap/mailboxes.db: Invalid argument > Dec 29 13:11:59 postino ctl_cyrusdb[2922]: DBERROR: opening > /var/imap/mailboxes.db: cyrusdb error > > how can I solve this problem ? > > cyrus continue to work but I have these errors on master startup and then > after I have errors like these: > > Dec 29 14:59:05 postino lmtpunix[7401]: DBERROR db3: log_flush: LSN past > current end-of-log > Dec 29 15:02:40 postino lmtpunix[22339]: DBERROR db3: log_flush: LSN past > current end-of-log > Dec 29 15:11:46 postino lmtpunix[23164]: DBERROR db3: log_flush: LSN past > current end-of-log > Dec 29 15:13:42 postino imap[23486]: DBERROR db3: log_flush: LSN past > current end-of-log > Dec 29 15:17:43 postino lmtpunix[24502]: DBERROR db3: log_flush: LSN past > current end-of-log -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus DB Problem
Hello Again, now after some more reading of the logfiles i found this: lmtpunix[2882]: duplicate_check: <[EMAIL PROTECTED]>[EMAIL PROTECTED] .bluemaex.sieve. 0 lmtpunix[3774]: FATAL: couldn't exec() sendmail lmtpunix[2882]: sieve runtime error for bluemaex id <[EMAIL PROTECTED]>: Redirect: Sendmail process terminated normally, exit status 75 lmtpunix[2882]: DBERROR ^CÏ^H^H: db4 lmtpunix[2882]: DBERROR: error fetching <[EMAIL PROTECTED]>: Invalid argument I talked to the user and we discovered that this is an sieve rule that forwards an incoming mail to another user outside my mail system. This is followed up by more errors like this one: lmtpunix[2882]: IOERROR: fstating sieve script /mail/imap/sieve/f/fhele/defaultbc: No such file or directory lmtpunix[2882]: DBERROR ^CÏ^H^H: db4 lmtpunix[2882]: DBERROR: error fetching <[EMAIL PROTECTED]>: Invalid argument lmtpunix[2882]: duplicate_check: error looking up <[EMAIL PROTECTED]>/user.fhele: cyrusdb error It ends up with an lmtpd process running at 100% CPU and the cyrus does not answer on any port (pop3/imaps). As the only solution i restarted cyrus and everything works again. For now the user deactivated this rule and it seems to work until now. But he told me that this rule worked for a long time. So what has this rule to do with cyrus database and why is it getting corrupt? Thanks Greetings Andreas Kimpfler Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Cyrus DB Problem
Hello,
i've got a serious problem with Cyrus Database. Since yesterday mails
will just sporadically be delivered and at some time Cyrus stops work
so no IMAP/POP3 access is possible. Also mails are hanging out in
queue of sendmail.
In the logfile i get a lots of errors which are:
pop3[14196]: DBERROR db4: PANIC: fatal region error detected; run recovery
lmtpunix[14197]: DBERROR db4: PANIC: fatal region error detected; run recovery
pop3[14196]: DBERROR: critical database situation
lmtpunix[14197]: DBERROR: critical database situation
or
lmtpunix[16651]: FATAL: couldn't exec() sendmail
lmtpunix[16606]: sieve runtime error for bluemaex id <[EMAIL PROTECTED]>:
Redirect: Sendmail process terminated normally, exit status 75
lmtpunix[16606]: DBERROR db4: Locker does not exist
lmtpunix[16606]: DBERROR: error fetching <[EMAIL PROTECTED]>: Invalid argument
or
lmtpunix[16606]: IOERROR: opening /mail/spool/imap/stage./16606-1165496137-0:
No such file or directory
lmtpunix[16606]: IOERROR: error unlinking file
/mail/spool/imap/stage./16606-1165496137-0: No such file or directory
or
lmtpunix[13061]: DBERROR: error closing: Invalid argument
lmtpunix[13061]: DBERROR: error closing deliverdb: cyrusdb error
or
lmtpunix[15602]: lmtp connection preauth'd as postman
lmtpunix[15602]: DBERROR ^CÏ^H^H: db4
lmtpunix[15602]: DBERROR: error fetching <[EMAIL PROTECTED]>: Invalid argument
lmtpunix[15602]: duplicate_check: error looking up <[EMAIL
PROTECTED]>/user.bluemaex: cyrusdb error
lmtpunix[15602]: duplicate_check: <[EMAIL PROTECTED]> user.bluemaex
0
and some more...
I know these errors are database related but i don't find the failure.
After a restart of cyrus imap the errors are gone for about 20
Minutes, then they'll return.
I already googled about this problem and found instructions howto
recreate database. There was told to delete everythin in db/
db.backup1/ and db.backup2/. Also delete deliver.db and
tls_sessions.db. Then check out mailboxes with ctl_mboxlist and return
them in mailboxes.db-format.
But this didn't fix my problem...
I don't know what to do further to get this handled.
I use cyrus-imapd 2.2.12 with autocreate patch on a gentoo box.
Mails are handled by sendmail with amavisd-new and sendmail to deliver
them to cyrus.
my imapd.conf:
configdirectory:/mail/imap
partition-default: /mail/spool/imap
defaultpartition: default
sievedir: /mail/imap/sieve
tls_ca_path:/etc/ssl/certs
tls_cert_file: /etc/ssl/cyrus/mail.tibdefender.com.crt
tls_key_file: /etc/ssl/cyrus/mail.tibdefender.com.key
admins: cyrus
hashimapspool: yes
allowanonymouslogin:no
allowplaintext: yes
sasl_pwcheck_method:saslauthd
my cyrus.conf:
START {
# Do not delete this entry!
recover cmd="ctl_cyrusdb -r"
}
SERVICES {
# Add or remove based on preferences.
imap cmd="imapd" listen="imap2" prefork=0
pop3 cmd="pop3d" listen="pop-3" prefork=0
# Don't forget to generate the needed keys for SSL or TLS
# (see doc/html/install-configure.html).
imaps cmd="imapd -s" listen="imaps" prefork=0
pop3s cmd="pop3d -s" listen="pop3s" prefork=0
sieve cmd="timsieved" listen="sieve" prefork=0
# at least one LMTP is required for delivery
#lmtp cmd="lmtpd" listen="lmtp" prefork=0
lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0
}
EVENTS {
# This is required.
checkpointcmd="ctl_cyrusdb -c" period=30
# This is only necessary if using duplicate delivery suppression.
delprune cmd="ctl_deliver -E 3" period=1440
# This is only necessary if caching TLS sessions.
tlsprune cmd="tls_prune" period=1440
# SQUAT failed, helps
squatter cmd="squatter -r user" period=1440
}
I hope you can help me.
Thx
Greetings
Andreas Kimpfler
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: STARTTLS available?
Am Saturday 21 October 2006 19:08 schrieb Marten Lehmann: > I have some users that are used to use POP3 and IMAP with STARTTLS. It > was available in dovecot but it doesn't seem to be available in Cyrus by > default. Can it be enabled somehow? Or isn't it implemented for certain > reasons? Configure TLS. "man imapd.conf", ./doc/(text/)install-configure(.html), ... -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: "user." in mailbox names
Am Monday 09 October 2006 19:04 schrieb Marten Lehmann: > we are currently using dovecot for IMAP and POP3 and we would like to > migrate to Cyrus. The email-address is the login, e.g. > [EMAIL PROTECTED] When I'm creating accounts in cyrus, I have to > prepend "user." to the mailbox names (thus [EMAIL PROTECTED]). But > when a user logs in with [EMAIL PROTECTED] as before, he doesn't see > his folders. Doesn't do cyrus the mapping to [EMAIL PROTECTED] Depends on your Configuration. If you want to use "." in Mailboxnames, you should use "unixhierarchysep: yes". Otherwise [EMAIL PROTECTED] will be user ... [EMAIL PROTECTED] ... ... de With unixhierarchysep enabled, the Path is user/[EMAIL PROTECTED] Then you should have virtdomains turned off. > If not, why do I have to create mailboxes with "user." then? -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: lmtp through tcp doesn't find the mailbox
Am Monday 09 October 2006 20:20 schrieb Marten Lehmann:
> My shortened cyrus.conf:
>
> SERVICES {
>imap cmd="imapd" listen="imap" prefork=5
>lmtp cmd="lmtpd -a" listen="x.x.x.x:lmtp" prefork=0
> }
Is x.x.x.x an external IP? If yes, you should not use "-a".
--
Andreas
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: tls_ca_path and tls_ca_file
Hello Goetz, Goetz Babin-Ebell wrote: Andreas Benzing schrieb: Hello once more, Hello Andreas, Goetz Babin-Ebell wrote: Andreas Benzing schrieb: the tls_ca_path directory is used in certificate verification: of the issuer dn of the cert to verify is a checksum calculated, this 32 bit value is used as an file name in tls_ca_path to load the CA certificate. Now this and the hint with c_rehash makes things clearer. I didn't know that cyrus is only looking for specific filenames. So it works now =) the 32 Bit hash is the only way to determine the file name from the subject / issuer DN... Which takes me to the next question that may be in the wrong place here: I only came to this problem because when connecting with thunderbird there was an error establishing an encrypted connection. After investigating the logfiles I found that the server could not verify a cert I wanted to use with thunderbird to sign messages. Now the question is: Why did thunderbird try to authenticate with the cert when my server (with the old config) did not have any CA certs at all? Accepting client authentication without providing the list of acceptable CA certificates is a misconfiguration that is not common but happens. My knowledge of the TLS specification is not that deep to know how the client and sever SHOULD act in this situation, but some clients pick a client certificate and send it to the server. OpenSSL allows this misconfiguration but requires that the client certificate is verified by callbacks provided by the user of the library. To make it clear: Server: "I accept client certificate but won't tell you which CAs I trust" Client: "OK, let's try this one..." Server: "Sorry, I don't know your issuer." After some more research I finally found out that Thunderbird should not yet try to authenticate with certs anyway. The whole thing is not completely implemented but cannot be switched off, except for having TBird ask for which cert to use every time and then "cancel". THX for your help Andreas smime.p7s Description: S/MIME Cryptographic Signature Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: tls_ca_path and tls_ca_file
Hello once more, Goetz Babin-Ebell wrote: Andreas Benzing schrieb: Hello, Hello Andreas, could please somebody tell me what tls_ca_path is good for if it is somehow ignored in the config file? For other servers putting the different CA-certs in one directory is enough but cyrus needs an extra file with all of them in a single file. Shouldn't this be the sense of tls_ca_path? Without looking in the cyrus and the openssl code: the tls_ca_path directory is used in certificate verification: of the issuer dn of the cert to verify is a checksum calculated, this 32 bit value is used as an file name in tls_ca_path to load the CA certificate. Now this and the hint with c_rehash makes things clearer. I didn't know that cyrus is only looking for specific filenames. So it works now =) Now the tls_ca_path it is primary useful in client configurations, because you may have a big number of trusted CA certificates. On server side the tls_ca_path is less useful, because for you must have the complete list of CA certifcates you accept before you start a handshake because you send this list (only the subject names) to the client saying him which CA certificates you accept for client authentication. Which takes me to the next question that may be in the wrong place here: I only came to this problem because when connecting with thunderbird there was an error establishing an encrypted connection. After investigating the logfiles I found that the server could not verify a cert I wanted to use with thunderbird to sign messages. Now the question is: Why did thunderbird try to authenticate with the cert when my server (with the old config) did not have any CA certs at all? Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
tls_ca_path and tls_ca_file
Hello, could please somebody tell me what tls_ca_path is good for if it is somehow ignored in the config file? For other servers putting the different CA-certs in one directory is enough but cyrus needs an extra file with all of them in a single file. Shouldn't this be the sense of tls_ca_path? Best regards, Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: lmtpproxyd problem?
Am Saturday 07 October 2006 23:02 schrieb Sebastian Schäfer: > today i found a problem with the lmtpproxyd on my system... > > on my FE postfix delivers mails with lmtp to the frontend lmtp proxy... and > the proxy delivers them to the backends... this works normally... but i > have found one email which cannot be delivered over the frontend server... > > the mail is about 25MB big... but i have set maxmessagesize: 0 > in all imapd.conf files... > > the erroroutput on the frontend is: > > Oct 7 22:46:46 mail4 master[7745]: process 8215 exited, signaled to death > by 11 Hmm, if this happens only with big Messages, maybe it's an Hardware Problem. Did you do some Hardware-Tests (At least Memory)? Or compile Cyrus-Imap with debug-Symbols and get a Backtrace. > Oct 7 22:46:46 mail4 master[7745]: service lmtpunix pid 8215 in BUSY > state: terminated abnormally > Oct 7 22:46:46 mail4 postfix/lmtp[8214]: EA3E6F20AAB: to=<>, > relay=/var/lib/imap/socket/lmtp[/v > ar/lib/imap/socket/lmtp], delay=105768, status=deferred (lost connection > with /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp > ] while sending end of data -- message may be sent more than once) > > and there is no output on the backend... > > i'm using cyrus imap 2.2.12 > > any idea? -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Sieve DBERROR with avelsieve
t/notify"
> proto="udp" prefork=1
> }
>
> EVENTS {
> # this is required
> checkpointcmd="ctl_cyrusdb -c" period=15
>
> # this is only necessary if using duplicate delivery suppression
> delprune cmd="ctl_deliver -E 3" at=0400
>
> # this is only necessary if caching TLS sessions
> tlsprune cmd="tls_prune" at=0400
>
> Thanks in advance,
>
> Mike
>
>
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
--
Andreas
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: recursive reconstruct does not work?
Am Wednesday 04 October 2006 00:15 schrieb Jo Rhett: > > Maybe you should give us some more information about your setup? > > Nothing special. Virtdomains with unixhiersep, altnamespace and > authentication via sasl auxprop-sql (mysql) out of the box FreeBSD > ports. > > > And show a list of these Mailboxnames with cyradm. > > Sure. Here's the mailboxes and the ktrace of a reconstruct of this > mailbox (me) > > localhost> lm user/[EMAIL PROTECTED] > user/jrhett/AT&[EMAIL PROTECTED] (\HasNoChildren) > user/jrhett/American [EMAIL PROTECTED] (\HasNoChildren) > user/jrhett/[EMAIL PROTECTED] (\HasNoChildren) > user/jrhett/[EMAIL PROTECTED] (\HasNoChildren) > user/jrhett/[EMAIL PROTECTED] (\HasNoChildren) > user/jrhett/[EMAIL PROTECTED] (\HasNoChildren) > user/jrhett/[EMAIL PROTECTED] (\HasNoChildren) > user/jrhett/[EMAIL PROTECTED] (\HasNoChildren) > user/jrhett/[EMAIL PROTECTED] (\HasNoChildren) > user/jrhett/[EMAIL PROTECTED] (\HasNoChildren) > user/jrhett/lists/[EMAIL PROTECTED] (\HasNoChildren) > user/jrhett/lists/[EMAIL PROTECTED] (\HasNoChildren) > user/jrhett/lists/[EMAIL PROTECTED] (\HasNoChildren) > user/jrhett/[EMAIL PROTECTED] (\HasChildren) > user/[EMAIL PROTECTED] (\HasChildren) Yes, seems to be a Problem with virtdomains enabled. Maybe Ken can say something more. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus authentication failed
Am Tuesday 03 October 2006 12:23 schrieb [EMAIL PROTECTED]: > > sasl_mech_list: plain login > > > > is missing. Then test again with cyrus and "other" users. Do "other" > > users work anymore? > > > > Then show how you start saslauthd. > > Sorry I've forgotten > I start saslauth as following: > rcsaslauthd start Not that, the Options: saslauthd -a . -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus authentication failed
Am Tuesday 03 October 2006 11:40 schrieb [EMAIL PROTECTED]: > After inserting: > sasl_mech_list: plain login > > this is my telnet session: > 0a010 login cyrus cyrus > 0a010 NO Login failed: authentication failure > 0a011 logout > * BYE LOGOUT received > 0a011 OK Completed > Connection closed by foreign host. > > I can correctly login as other users that worked before the line you > suggested me. You didn't answer how do you start saslauthd. # ps aux|grep saslauthd for example. > Another problem: I would make a backup of mails. I've made a copy of: > /var/spool/imap > /var/lib/imap > /var/lib/sieve > according to my /etc/inid.conf and also made a ctl_cyrusdb -d mb.txt as > cyrus user. > When I try to recover mailboxes.db with: > cvt_cyrusdb mb.txt flat mailboxes.db.stefano berkeley "cvt_" = Convert. To restore mailboxes.db use "ctl_mboxlist". $ man ctl_mboxlist ... -u Load the contents of the database from standard input. The input MUST be in the format output using the -d option. NOTE: Both the old and new formats can be loaded, but the old format will break remote mailboxes. ... > I receive: > Sorry, you cannot use this tool with relative path names. > This is because some database backends (mainly berkeley) do not > always do what you would expect with them. > > Please use absolute pathnames instead. > > > Where I'm going wrong? > > Thanks a lot in advance > > Stefano C. > > > Am Tuesday 03 October 2006 00:06 schrieb [EMAIL PROTECTED]: > >> My imapd.conf is: > >> > >> configdirectory: /var/lib/imap > >> partition-default: /var/spool/imap > >> sievedir: /var/lib/sieve > >> admins: cyrus > >> allowanonymouslogin: no > >> autocreatequota: 1 > >> reject8bit: no > >> quotawarn: 90 > >> timeout: 30 > >> poptimeout: 10 > >> dracinterval: 0 > >> drachost: localhost > >> sasl_pwcheck_method: saslauthd > >> lmtp_overquota_perm_failure: no > >> lmtp_downcase_rcpt: yes > > > > sasl_mech_list: plain login > > > > is missing. Then test again with cyrus and "other" users. Do "other" > > users work anymore? > > > > Then show how you start saslauthd. > > > >> I think I understand what you mean, but I've always used saspasswd2 -c > >> username, where username is an existing linux user, to create account > >> for > >> Cyrus and it has always worked. > >> > >> Stefano C. > >> > >> > Am Monday 02 October 2006 18:36 schrieb [EMAIL PROTECTED]: > >> >> I was trying to make some test over backing up and recovery a simple > >> >> IMAP > >> >> server inside a LAN. > >> >> First I have uninstalled cyrus-imapd and cyrus-sasl-saslathd RPMs > >> > >> from > >> > >> >> my > >> >> SuSE 10.1. > >> >> > >> >> Second I've deleted cyrus user from my system. > >> >> > >> >> I overrided the folowing directories: > >> >> /var/spool/imap > >> >> /var/lib/imap > >> >> /var/lib/sieve > >> >> with the ones of te system I would recover. > >> >> > >> >> Then I've created a plaintext backup of mailboxes.db using (as root): > >> >> su -cyrus -c "ctl_mailboxlist -d" > mailboxlist.txt > >> >> > >> >> I've build a database from the plaintext using: > >> >> cvt_cyrusdb mailboxlist.txt > >> >> > >> >> Now I can connect to Cyrus with: > >> >> telnet localhost 143 > >> >> as every user listed with: > >> >> sasldblistusers > >> >> except as cyrus. > >> >> > >> >> My server IMAP can receive mails from inside and outside the LAN. > >> >> Anyway, it's unconfortable I receive: > >> >> 0: NO "authentication failed" > >> >> > >> >> for the command: > >> >> testsaslauthd -u cyrus -p cyrus > >> > > >> > Above you tell something about sasldb, here you test with saslauthd. > >> > >> How > >> > >> > did > >> > you configure saslauthd? Is it really configured to use sasldb? > >> > > >> > Show your imapd.conf. > > > > -- > > Andreas > > > > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: recursive reconstruct does not work?
Am Tuesday 03 October 2006 02:29 schrieb Jo Rhett:
> I know it's been a few years since I've been active here, but I think I
> remember this being an issue before. Sadly, there's no serious mention
> of reconstruct in the Wiki.
>
> This syntax is not working to recover a folder where I had to restore
> messages:
>
> su - cyrus -c "reconstruct -r user/[EMAIL PROTECTED]"
>
> I watched it with ktrace/kdump and its not even looking for subfolders.
# su - cyrus -c "strace -eopen reconstruct -r user.test"
open("/var/spool/imap/user/test/cyrus.header", O_RDWR) = 4
open("/var/spool/imap/user/test/cyrus.index", O_RDWR) = 5
...
open("/var/spool/imap/user/test/subfolder1/cyrus.header", O_RDWR) = 4
open("/var/spool/imap/user/test/subfolder1/cyrus.index", O_RDWR) = 5
...
open("/var/spool/imap/user/test/subfolder2/cyrus.header", O_RDWR) = 4
open("/var/spool/imap/user/test/subfolder2/cyrus.index", O_RDWR) = 5
Seems to work here.
Maybe you should give us some more information about your setup?
> This doesn't work either
> su - cyrus -c "reconstruct -xrf user/[EMAIL PROTECTED]"
>
> It seems the only thing that works is
>
> su - cyrus -c "reconstruct user/username/[EMAIL PROTECTED]"
> su - cyrus -c "reconstruct user/username/*/[EMAIL PROTECTED]"
> su - cyrus -c "reconstruct user/username/*/*/[EMAIL PROTECTED]"
> ...etc
And show a list of these Mailboxnames with cyradm.
--
Andreas
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: default domain reverts to hostname?
Am Tuesday 03 October 2006 02:09 schrieb Jo Rhett: > It may appear that the answer is > servername: name I want to use for local realm > > Any reason I shouldn't do it this way? Any better way? The value of servername is presented after Connecting to your server. If you move the Configuration to another Server, the real Servername and the presented can differ. If you can live with that, this is the easiest way. You didn't tell us what you mean with Database. If you mean sasldb, there are some ways to change the Realm in it. Dump it, change it and reload it. > > Okay, I know this was hashed out a while ago so I'm sure there's a good > > answer for it, but I can't seem to find this in the archives. > > > > With virtdomains: yes, if you specify defaultdomain: mydomain.com, then > > what happens is that authentication against the database always sets the > > realm to $hostname. > > > > This isn't a good behavior. What if the hostname changes? What if the > > tools used to edit the database don't know (or need to) the current > > system hostname? > > > > Isn't there a way so that 'jrhett' or '[EMAIL PROTECTED]' > > authenticate with sasl with a realm set to the default domain? -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus authentication failed
Am Tuesday 03 October 2006 00:06 schrieb [EMAIL PROTECTED]: > My imapd.conf is: > > configdirectory: /var/lib/imap > partition-default: /var/spool/imap > sievedir: /var/lib/sieve > admins: cyrus > allowanonymouslogin: no > autocreatequota: 1 > reject8bit: no > quotawarn: 90 > timeout: 30 > poptimeout: 10 > dracinterval: 0 > drachost: localhost > sasl_pwcheck_method: saslauthd > lmtp_overquota_perm_failure: no > lmtp_downcase_rcpt: yes sasl_mech_list: plain login is missing. Then test again with cyrus and "other" users. Do "other" users work anymore? Then show how you start saslauthd. > I think I understand what you mean, but I've always used saspasswd2 -c > username, where username is an existing linux user, to create account for > Cyrus and it has always worked. > > Stefano C. > > > Am Monday 02 October 2006 18:36 schrieb [EMAIL PROTECTED]: > >> I was trying to make some test over backing up and recovery a simple > >> IMAP > >> server inside a LAN. > >> First I have uninstalled cyrus-imapd and cyrus-sasl-saslathd RPMs from > >> my > >> SuSE 10.1. > >> > >> Second I've deleted cyrus user from my system. > >> > >> I overrided the folowing directories: > >> /var/spool/imap > >> /var/lib/imap > >> /var/lib/sieve > >> with the ones of te system I would recover. > >> > >> Then I've created a plaintext backup of mailboxes.db using (as root): > >> su -cyrus -c "ctl_mailboxlist -d" > mailboxlist.txt > >> > >> I've build a database from the plaintext using: > >> cvt_cyrusdb mailboxlist.txt > >> > >> Now I can connect to Cyrus with: > >> telnet localhost 143 > >> as every user listed with: > >> sasldblistusers > >> except as cyrus. > >> My server IMAP can receive mails from inside and outside the LAN. > >> Anyway, it's unconfortable I receive: > >> 0: NO "authentication failed" > >> > >> for the command: > >> testsaslauthd -u cyrus -p cyrus > > > > Above you tell something about sasldb, here you test with saslauthd. How > > did > > you configure saslauthd? Is it really configured to use sasldb? > > > > Show your imapd.conf. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus authentication failed
Am Monday 02 October 2006 18:36 schrieb [EMAIL PROTECTED]: > I was trying to make some test over backing up and recovery a simple IMAP > server inside a LAN. > First I have uninstalled cyrus-imapd and cyrus-sasl-saslathd RPMs from my > SuSE 10.1. > > Second I've deleted cyrus user from my system. > > I overrided the folowing directories: > /var/spool/imap > /var/lib/imap > /var/lib/sieve > with the ones of te system I would recover. > > Then I've created a plaintext backup of mailboxes.db using (as root): > su -cyrus -c "ctl_mailboxlist -d" > mailboxlist.txt > > I've build a database from the plaintext using: > cvt_cyrusdb mailboxlist.txt > > Now I can connect to Cyrus with: > telnet localhost 143 > as every user listed with: > sasldblistusers > except as cyrus. > > I think this is the source for strange messages I find in > /valr/log/messages like: > lmtpunix[21679]: IOERROR: fstating sieve script > /var/lib/sieve/u/utente/defaultbc: No such file or directory The User has no Sieve-Script. Either ignore these Errors or don't log DEBUG-Messages in Syslog. > My server IMAP can receive mails from inside and outside the LAN. > Anyway, it's unconfortable I receive: > 0: NO "authentication failed" > > for the command: > testsaslauthd -u cyrus -p cyrus Above you tell something about sasldb, here you test with saslauthd. How did you configure saslauthd? Is it really configured to use sasldb? Show your imapd.conf. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: UTF-8 in Subject field?
Am Monday 02 October 2006 17:54 schrieb Georgy Goshin:
> My Cyrus server removes any UTF-8 characters and exchanges them with XX
> letters... Is there a way to allow unicode in headers?
Yes, encoding it. Headers are 7 Bit Ascii.
http://www.faqs.org/rfcs/rfc2822.html
http://www.faqs.org/rfcs/rfc2047.html
If you want to change Defaults, look at munge8bit or reject8bit (man
imapd.conf).
--
Andreas
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: confusing authentication
Am Friday 29 September 2006 00:02 schrieb Marten Lehmann: > I'm using getpwent for admin authentication and salsdb for commoon > mailbox users. I noticed a strange behaviour: > > I'm not using salsauthd. But when I'm just writing > > sasl_pwcheck_method: getpwent auxprop "getpwent" isn't a valid "pwcheck_method". Hmm, I would guess there are some errors in your Log about it. Do you ignore them? > I always get > > NO Login failed: user not found > (only admin users not found) > > When I have > > sasl_pwcheck_method: getpwent auxprop saslauthd > > and salsauthd isn't running I get > > NO Login failed: generic failure > > Why do I have to include salsauthd and even need to have it running, > while it is not being used? Because saslauthd is the only thing in cyrus-sasl which is able to handle getpwent or Unix-Users? -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: setacl mailbox for virtual domain ids not working
Am Thursday 28 September 2006 12:27 schrieb Ramprasad: > I have a cyrus 2.3.7 server running on linux ( centos) with virtual > domains > > If I have try to setacls to a virtual domain-id it is not working > > >From cyradm this is the error I am getting > > - > cyradm --user=cyrus localhost > IMAP Password: > localhost> sam user/alm1 [EMAIL PROTECTED] all > setaclmailbox: [EMAIL PROTECTED]: lrswipkxtea: Invalid identifier > > --- > > Do I need to escape the '@' in some special way in the id I would guess "pragatee.com" and the Default-DOmain are Diffrent? From doc/text/install-virtdomains: * Domains are mutually exclusive - Users only have access to mailboxes within their own domain (intra-domain). The following example will not work: setacl [EMAIL PROTECTED] [EMAIL PROTECTED] read. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Can not login to Cyrus server
Am Wednesday 27 September 2006 08:14 schrieb Neelu Dhiman: > I am not able to login to Cyrus server. I had created some users on Cyrus > server, but I am not able to login. I am getting following output: > > [EMAIL PROTECTED] imtest]# telnet adlinux imap > > Trying 10.88.45.33... > > Connected to adlinux (10.88.45.33). > > Escape character is '^]'. > > OK adlinux Cyrus IMAP4 v2.2.3-Red Hat 2.2.3-8.1 server ready If you are here, show the Capabilities of the Server. a1 CAPABILITY > a1 login cyrus cyrus > > a1 NO Login failed: generic failure > > a2 logout > > * BYE LOGOUT received > > a2 OK Completed > > Connection closed by foreign host. > > Cyrus-master is listening on imap port. Following is the result: > > [EMAIL PROTECTED] imtest]# netstat -lnp --inet --inet6|grep 143 > > tcp0 0 0.0.0.0:143 0.0.0.0:* LISTEN > 10135/cyrus-master Show your Configuration, at least imapd.conf. > Services are running properly: > > [EMAIL PROTECTED] imtest]# /sbin/service saslauthd status > > saslauthd (pid 10045 10044 10043 10041 10040) is running... > > [EMAIL PROTECTED] imtest]# /sbin/service cyrus-imapd status > > cyrus-master (pid 10135) is running... > > I am also not able to user cyradm. Getting following error: > > [EMAIL PROTECTED] imtest]# cyradm -u cyrus adlinux > > IMAP Password: > > > > Login failed: generic failure at > /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/Cyrus/IMAP/Admin.pm > line 118 > > cyradm: cannot authenticate to server with as cyrus > > What can be the problem. Please guide. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Bounced email although LMTP returns an ok
Am Wednesday 27 September 2006 14:40 schrieb Hardi Gunawan: > It seems I've many problems with Cyrus on SuSE SLES10. > > My current problem is that there are many bounces on > the server, but the LMTP returns an "ok". Here's the > log on the server: > > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: > > /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp]: > RSET > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: < > /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp]: > 250 2.1.5 Ok > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: > deliver_message: reusing (count 4) session with: > /var/lib/imap/socket/lmtp > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: > > /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp]: > MAIL FROM: SIZE=130532 > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: > > /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp]: > RCPT TO: > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: > > /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp]: > DATA > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: < > /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp]: Pipelining is used. Cyrus Presents it and Postfix uses it. Pipelining is, sending Commands without waiting for a Response from the Server on each Command. The Server gives the Responses after the DATA. > 250 2.0.0 ok This is the OK for MAIL FROM: > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: < > /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp]: > 250 2.1.0 ok This is the OK for RCPT TO: > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: < > /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp]: > 250 2.1.5 ok This is a "250 2.1.5..." after the DATA. This is wrong. The Server Response after DATA should be "354 ..." Something seems to be out of sync. For a fast Fix, you can disable PIPELINIG in the Postfix lmtp-Client. Is there a Router between Postfix and Cyrus? Maybe capturing the Network-Traffic between Postfix and Cyrus would be a way to debug this. Best to do it on Both sides. > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: connect to > subsystem private/bounce > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: send attr > nrequest = 0 > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: send attr > flags = 0 > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: send attr > queue_id = D3EC7A709 > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: send attr > original_recipient = x > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: send attr > recipient = > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: send attr > offset = 18446744073709551615 > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: send attr > status = 5.0.0 > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: send attr > action = failed > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: send attr > reason = host > /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp] > said: > 250 2.1.5 ok (in reply to DATA command) > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: > private/bounce socket: wanted attribute: status > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: input > attribute name: status > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: input > attribute value: 0 > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: > private/bounce socket: wanted attribute: (list > terminator) > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: input > attribute name: (end) > Sep 26 20:12:29 mail2 postfix/lmtp[14840]: D3EC7A709: > to=, > relay=/var/lib/imap/socket/lmtp[/var/ > lib/imap/socket/lmtp], delay=0, status=bounced (host > /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp] > said: 250 2.1.5 ok ( > in reply to DATA command)) > > I'm not sure the problem is on the postfix or cyrus > side, though. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Is loginrealms: * supposed to work?
Am Thursday 28 September 2006 17:28 schrieb Torsten Schlabach: > Quick question: > > I have seen a setup of > > loginrealms: * > > in /etc/imapd.conf mentioned several times, but from what I can see, it > does not work. > > Is there a wildcard to allow logins from any realm? What, if you omit the setting of loginrealms in imapd.conf? -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Space in folder names
Am Sunday 24 September 2006 19:14 schrieb devel - Fashion Content: > Is there any way to handle folders with names containing spaces in cyradm, > or do I need to create my own tools for that? localhost> cm user."Mailbox with Space" localhost> sam user."Mailbox with Space" userxy read For example. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: root mailbox/partition permission problem
Am Sunday 24 September 2006 07:56 schrieb Josh M. Hurd: > I found a total of 3 imapd.conf files: > /private/etc/imapd.conf > /private/etc/imapd.conf.default > /private/etc/imapd.conf.personal > none of which have my user as an admin > > and here is the mailbox dump: > > sudo -u cyrusimap ./ctl_mboxlist -d > Shared default anyone lrs jhurd lrswipcda > christenlrswipcda > Shared.Christen Archivesdefault christenlrswipcda > Shared.Josh Archivesdefault jhurd lrswipcda > Shared.Josh Archives.Inbox default jhurd lrswipcda > Shared.Josh Archives.Inbox.Freelancedefault jhurd lrswipcda > Shared.Josh Archives.Inbox.Jobs default jhurd lrswipcda > Shared.Josh Archives.Inbox.Orca default jhurd lrswipcda > Shared.Josh Archives.Inbox.eBay default jhurd lrswipcda > Shared.Josh Archives.Sent Messages default jhurd lrswipcda > user.christen default christenlrswipcda > user.christen.Deleted Messages default christenlrswipcda > user.christen.Draftsdefault christenlrswipcda > user.christen.Junk default christenlrswipcda > user.christen.Sent Messages default christenlrswipcda > user.christen.Trash default christenlrswipcda > user.christen.dad phone listdefault christenlrswipcda > user.emailadmin default emailadmin lrswipcda > user.emailadmin.Deleted Messagesdefault emailadmin > lrswipcda > user.emailadmin.Drafts default emailadmin lrswipcda > user.emailadmin.Sent Messages default emailadmin lrswipcda > user.jhurd default jhurd lrswipcda > user.jhurd.Appledefault jhurd lrswipcda > user.jhurd.Chessdefault jhurd lrswipcda > user.jhurd.Craigslist default jhurd lrswipcda > user.jhurd.Darwin default jhurd lrswipcda > user.jhurd.Drafts default jhurd lrswipcda > user.jhurd.Freelancedefault jhurd lrswipcda > user.jhurd.Jobs default jhurd lrswipcda > user.jhurd.Retrospect default jhurd lrswipcda > user.jhurd.Sent Messagesdefault jhurd lrswipcda > user.jhurd.Spam default jhurd lrswipcda > user.jhurd.Trashdefault jhurd lrswipcda > user.jhurd.eBay default jhurd lrswipcda > user.junkmail default junkmaillrswipcda jhurd > lrswipcda > user.junkmail.Learned default junkmaillrswipcda > jhurd lrswipcda > user.notjunkmaildefault notjunkmail lrswipcda > jhurd lrswipcda > user.stef default steflrswipcda > user.stef.Deleted Messages default steflrswipcda > user.stef.Draftsdefault steflrswipcda > user.stef.Sent Messages default steflrswipcda Looks ok. Maybe someone with more MacOS-X/Darwin Experience can help here. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Shared folders wild west
Am Sunday 24 September 2006 17:55 schrieb devel - Fashion Content: > I'm trying to figure out how to manage mail folders by testing out a fresh > install and replicating the existing accounts over. > > It may be the fault of the replication script, but it does seem like the > server allows creating folders such as: > > user.info.shared.Promotion and user.info.shared.sales.Sent > > How do I make sure that such folders cannot be created. As it is it has > completely broken folder namespaces. AFAIK these are valid Foldernames. So, where is the Problem? -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: root mailbox/partition permission problem
Am Saturday 23 September 2006 00:42 schrieb Josh M. Hurd: > >>>> this is what I get from lam now: > >>>> > >>>> localhost> lam user/% > >>>> user/christen: > >>>>christen lrswipcda > >>>> user/jhurd: > >>>>jhurd lrswipcda > >>>> user/junkmail: > >>>>jhurd lrswipcda > >>>>junkmail lrswipcda > >>>> user/notjunkmail: > >>>>jhurd lrswipcda > >>>>notjunkmail lrswipcda > >>>> user/stef: > >>>>stef lrswipcda > >>>> > >>>> it looks to me like I should not have permission to see these > >>>> mailboxes? > >>> > >>> Show your imapd.conf and tell us "Who" you are. > >> > >> I login as emailadmin as both cyrus and cyrusimap don't allow logins > >> with the following error: > >> Mail is not enabled for this user at /System/Library/Perl/5.8.6/ > >> darwin-thread-multi-2level/Cyrus/IMAP/Admin.pm line 118 > >> cyradm: cannot authenticate to server with as cyrusimap > >> > >> > >> /etc/impad.cond > >> > >> admins: cyrus cyrusimap emailadmin > > > > "emailadmin" is admin and of course able to see all Mailboxes, > > regardless if > > it is specified with "sam". > > sorry, I must have mislead you. I login to cryadm with the account > emailadmin but my own mail account is jhurd which is not an admin. > I can see user/* in my mail client logged in as jhurd (non-admin) and > in cryadm for that matter. and or course the same with emailadmin > since it is an admin account. > > This is the problem. my account is not an admin account but it acts > like one. I have in the past added this account to the admins, could > there be something cached or similar? i have of course restarted > imap after making this change. Maybe some Mac-OS/Darwin Special? Hmm, is there another imapd.conf? Maybe a special imap-Listener n your cyrus.conf with another imapd.conf. Or try to dump the Mailboxlist "ctl_mboxlist -d" and look for the Permissions. > >> configdirectory: /var/imap > >> partition-default: /var/spool/imap > >> unixhierarchysep: yes > >> servername: X > >> sievedir: /usr/sieve > >> sendmail: /usr/sbin/sendmail > >> tls_cert_file: /etc/certificates/X.crt > >> tls_key_file: /etc/certificates/X.key > >> mboxlist_db: skiplist > >> seenstate_db: skiplist > >> log_rolling_days: 15 > >> log_rolling_days_enabled: false > >> imap_auth_login: yes > >> imap_auth_plain: yes > >> tls_server_options: use > >> tls_common_name: X > >> pop_auth_apop: yes > >> imap_auth_cram_md5: yes -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: root mailbox/partition permission problem
Am Friday 22 September 2006 22:48 schrieb Josh M. Hurd: > >> this is what I get from lam now: > >> > >> localhost> lam user/% > >> user/christen: > >>christen lrswipcda > >> user/jhurd: > >>jhurd lrswipcda > >> user/junkmail: > >>jhurd lrswipcda > >>junkmail lrswipcda > >> user/notjunkmail: > >>jhurd lrswipcda > >>notjunkmail lrswipcda > >> user/stef: > >>stef lrswipcda > >> > >> it looks to me like I should not have permission to see these > >> mailboxes? > > > > Show your imapd.conf and tell us "Who" you are. > > I login as emailadmin as both cyrus and cyrusimap don't allow logins > with the following error: > Mail is not enabled for this user at /System/Library/Perl/5.8.6/ > darwin-thread-multi-2level/Cyrus/IMAP/Admin.pm line 118 > cyradm: cannot authenticate to server with as cyrusimap > > > /etc/impad.cond > > admins: cyrus cyrusimap emailadmin "emailadmin" is admin and of course able to see all Mailboxes, regardless if it is specified with "sam". > configdirectory: /var/imap > partition-default: /var/spool/imap > unixhierarchysep: yes > servername: X > sievedir: /usr/sieve > sendmail: /usr/sbin/sendmail > tls_cert_file: /etc/certificates/X.crt > tls_key_file: /etc/certificates/X.key > mboxlist_db: skiplist > seenstate_db: skiplist > log_rolling_days: 15 > log_rolling_days_enabled: false > imap_auth_login: yes > imap_auth_plain: yes > tls_server_options: use > tls_common_name: X > pop_auth_apop: yes > imap_auth_cram_md5: yes -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Sieve Filter is not used
Am Friday 22 September 2006 22:06 schrieb Jean-Gabriel Duquesnoy:
> I have setup a small filter for testing that Sieve is working:
> require "fileinto";
>
> if address :is :all "From" "[EMAIL PROTECTED]"
> {
> fileinto "INBOX.Fun";
> stop;
> }
> else {
> keep;
> stop;
> }
Is the Script activated?
Is the Mail really new, or is it skipped because of Duplicate-Suppression?
> but obviously the filter is not used at all, and when checking the log
> I do not see any hint, that sieve is used at all:
Most amavis-Stuff.
> Sep 22 21:55:12 mail postfix/qmgr[3515]: 89D9B8DFBC:
> from=<[EMAIL PROTECTED]>, size=1744, nrcpt=1 (queue active)
I don't see the place, where the Mail is handed to Cyrus-Imap.
> Here is my imapd.conf:
> postmaster: postmaster
> configdirectory: /var/lib/imap
> partition-default: /var/spool/imap
> sievedir: /var/lib/sieve
> admins: cyrus
> allowanonymouslogin: no
> allowplaintext: yes
> sasl_mech_list: PLAIN
> servername: mail.jgduke.dnsalias.com
> autocreatequota: 1
> reject8bit: no
> quotawarn: 90
> timeout: 30
> poptimeout: 10
> dracinterval: 0
> drachost: 127.0.0.1
> sasl_pwcheck_method: saslauthd
> #sasl_pwcheck_method: auxprop
> lmtp_overquota_perm_failure: no
> lmtp_downcase_rcpt: yes
> sendmail: /usr/sbin/sendmail
> sieve_maxscriptsize: 32
> sieve_maxscripts: 5
> sieve_sasl_minimum_layer: 0
> sasl_minimum_layer: 0
> autocreateinboxfolders: INBOX | INBOX.Trash | INBOX.Sent |
> INBOX.Drafts
> autosubscribeinboxfolders: INBOX | INBOX.Trash | INBOX.Sent |
> INBOX.Drafts
>
> This is my cyrus.conf:
> # standard standalone server implementation
>
> START {
> # do not delete this entry!
> recover cmd="ctl_cyrusdb -r"
>
> # this is only necessary if using idled for IMAP IDLE
> idled cmd="idled"
> }
>
> # UNIX sockets start with a slash and are put
> into /var/lib/imap/socket
> SERVICES {
> # add or remove based on preferences
> imap cmd="imapd" listen="192.168.0.5:imap" prefork=0
> # imapscmd="imapd -s" listen="192.168.0.5:imaps"
> prefork=0
> pop3 cmd="pop3d" listen="pop3" prefork=0
> # pop3scmd="pop3d -s" listen="pop3s" prefork=0
> sieve cmd="timsieved" listen="192.168.0.5:sieve" prefork=0
>
> # at least one LMTP is required for delivery
> # lmtp cmd="lmtpd" listen="lmtp" prefork=0
> lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp"
> prefork=0
>
> # this is only necessary if using notifications
> # notify cmd="notifyd" listen="/var/lib/imap/socket/notify"
> proto="udp" prefork=1
> }
>
> EVENTS {
> # this is required
> checkpointcmd="ctl_cyrusdb -c" period=30
>
> # this is only necessary if using duplicate delivery suppression
> delprune cmd="cyr_expire -E 3" at=0400
>
> # this is only necessary if caching TLS sessions
> tlsprune cmd="tls_prune" at=0400
>
> }
>
> Is there any setting missing which would cause sieve to not being
> used?
>
> Thanks for any help.
> Best regards,
--
Andreas
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: root mailbox/partition permission problem
Am Friday 22 September 2006 21:39 schrieb Josh M. Hurd: > >>>> user/christen (\HasChildren) > >>>> user/christen/Deleted Messages (\HasNoChildren) > >>>> user/christen/Drafts (\HasNoChildren) > >>>> user/christen/Junk (\HasNoChildren) > >>>> user/christen/Sent Messages (\HasNoChildren) > >>>> user/christen/Trash (\HasNoChildren) > >>>> user/christen/dad phone list (\HasNoChildren) > >>>> user/emailadmin (\HasChildren) > >>>> user/emailadmin/Deleted Messages (\HasNoChildren) > >>>> user/emailadmin/Drafts (\HasNoChildren) > >>>> user/emailadmin/Sent Messages (\HasNoChildren) > >>>> user/junkmail (\HasChildren) > >>>> user/junkmail/Learned (\HasNoChildren) > >>>> user/notjunkmail (\HasNoChildren) > >>>> user/stef (\HasChildren) > >>>> user/stef/Deleted Messages (\HasNoChildren) > >>>> user/stef/Drafts (\HasNoChildren) > >>>> user/stef/Sent Messages (\HasNoChildren) > >>>> > >>>> I can't sam the user (root) mailbox as "Mailbox does not exist" I > >>>> was successful in setting up the Shared mailboxes which work just > >>>> fine but I want to get rid of this read access I have on user/ > >>> > >>> What is the Mailbox "user (root)"? > >> > >> well I don't know what else to call it. > >> user/josh > >> user/stef > >> etc... > >> user seems to be the or a root of the mailbox hierarchy for users. I > >> guess Shared is also at this level. > > > > "user" does not relly exists. To work below user use "user/ > > *" (recursive) or > > "user/%" (only one level below user). > > thanks, didn't know about %. > > this is what I get from lam now: > > localhost> lam user/% > user/christen: >christen lrswipcda > user/jhurd: >jhurd lrswipcda > user/junkmail: >jhurd lrswipcda >junkmail lrswipcda > user/notjunkmail: >jhurd lrswipcda >notjunkmail lrswipcda > user/stef: >stef lrswipcda > > it looks to me like I should not have permission to see these mailboxes? Show your imapd.conf and tell us "Who" you are. -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: root mailbox/partition permission problem
Am Friday 22 September 2006 20:49 schrieb Josh M. Hurd: > >> user/christen (\HasChildren) > >> user/christen/Deleted Messages (\HasNoChildren) > >> user/christen/Drafts (\HasNoChildren) > >> user/christen/Junk (\HasNoChildren) > >> user/christen/Sent Messages (\HasNoChildren) > >> user/christen/Trash (\HasNoChildren) > >> user/christen/dad phone list (\HasNoChildren) > >> user/emailadmin (\HasChildren) > >> user/emailadmin/Deleted Messages (\HasNoChildren) > >> user/emailadmin/Drafts (\HasNoChildren) > >> user/emailadmin/Sent Messages (\HasNoChildren) > >> user/junkmail (\HasChildren) > >> user/junkmail/Learned (\HasNoChildren) > >> user/notjunkmail (\HasNoChildren) > >> user/stef (\HasChildren) > >> user/stef/Deleted Messages (\HasNoChildren) > >> user/stef/Drafts (\HasNoChildren) > >> user/stef/Sent Messages (\HasNoChildren) > >> > >> I can't sam the user (root) mailbox as "Mailbox does not exist" I > >> was successful in setting up the Shared mailboxes which work just > >> fine but I want to get rid of this read access I have on user/ > > > > What is the Mailbox "user (root)"? > > well I don't know what else to call it. > user/josh > user/stef > etc... > user seems to be the or a root of the mailbox hierarchy for users. I > guess Shared is also at this level. "user" does not relly exists. To work below user use "user/*" (recursive) or "user/%" (only one level below user). -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: ...murder...USERNAME
Am Friday 22 September 2006 20:29 schrieb Casper:
> find the lmtpengine.h or .c i do not remeber...
> edit and build...
>
> you are then done... the headers are gone...
Maybe it's better to just change this "murder" to something else. The Header
is not senseless.
./imap/protocol.c
...
{ "lmtp", "lmtp",
{ 0, "220 " },
Here: { "LHLO murder", "250 ", NULL,
{ { "AUTH ", CAPA_AUTH },
{ "STARTTLS", CAPA_STARTTLS },
{ "PIPELINING", CAPA_PIPELINING },
{ "IGNOREQUOTA", CAPA_IGNOREQUOTA },
{ NULL, 0 } } },
{ "STARTTLS", "220", "454" },
{ "AUTH", 512, 0, "235", "5", "334 ", "*", NULL },
{ "NOOP", NULL, "250" },
{ "QUIT", NULL, "221" } },
...
> >> One of our user does not the term murder in the message header. He
> >> questioned us that "Why does it contains the term "murder" in the email
> >> header? I don't think "murder...MYNAME" is the appropriate
> >> terms appears in my email header." Is there a way to remove this?
> >>
> >> Received: from murder ([unix socket])
> >
> > Hmm, this will require Patching and Rebuilding Cyrus-Imapd. This String
> > ("murder") is hardcoded (whyever).
> >
> >> (authenticated user=USERNAME bits=0)
> >> by cms6.ucalgary.ca (Cyrus v2.2.12-Invoca-RPM-2.2.12-3.RHEL4.1) with
> >> LMTPA;
> >> Tue, 19 Sep 2006 10:34:47 -0600
> >> X-Sieve: CMU Sieve 2.2
--
Andreas
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: root mailbox/partition permission problem
Am Friday 22 September 2006 04:50 schrieb Josh M.Hurd: > In the effort to set up some Shared public mailboxes I somehow > managed to give myself read permission on the root of my mail partition. > i have no idea how this happened but would really like to fix it. > Currently I see all my mailboxes in my client as well as the root, in > this case 'user/' which lists all the other users on the system. I > have no permissions to see in the other mailboxes but I can see the > list of users. > > this is what it looks like from cyradm: > > INBOX (\HasChildren) > INBOX/Apple (\HasNoChildren) > INBOX/Chess (\HasNoChildren) > INBOX/Craigslist (\HasNoChildren) > INBOX/Darwin (\HasNoChildren) > INBOX/Drafts (\HasNoChildren) > INBOX/Freelance (\HasNoChildren) > INBOX/Jobs (\HasNoChildren) > INBOX/Retrospect (\HasNoChildren) > INBOX/Sent Messages (\HasNoChildren) > INBOX/Spam (\HasNoChildren) > INBOX/Trash (\HasNoChildren) > INBOX/eBay (\HasNoChildren) > Sent Messages (\HasNoChildren) Is this an Admin-Account? > Shared (\HasChildren) > Shared/Christen Archives (\HasNoChildren) > Shared/Josh Archives (\HasChildren) > Shared/Josh Archives/Inbox (\HasChildren) > Shared/Josh Archives/Inbox/Freelance (\HasNoChildren) > Shared/Josh Archives/Inbox/Jobs (\HasNoChildren) > Shared/Josh Archives/Inbox/Orca (\HasNoChildren) > Shared/Josh Archives/Inbox/eBay (\HasNoChildren) > Shared/Josh Archives/Sent Messages (\HasNoChildren) > user/christen (\HasChildren) > user/christen/Deleted Messages (\HasNoChildren) > user/christen/Drafts (\HasNoChildren) > user/christen/Junk (\HasNoChildren) > user/christen/Sent Messages (\HasNoChildren) > user/christen/Trash (\HasNoChildren) > user/christen/dad phone list (\HasNoChildren) > user/emailadmin (\HasChildren) > user/emailadmin/Deleted Messages (\HasNoChildren) > user/emailadmin/Drafts (\HasNoChildren) > user/emailadmin/Sent Messages (\HasNoChildren) > user/junkmail (\HasChildren) > user/junkmail/Learned (\HasNoChildren) > user/notjunkmail (\HasNoChildren) > user/stef (\HasChildren) > user/stef/Deleted Messages (\HasNoChildren) > user/stef/Drafts (\HasNoChildren) > user/stef/Sent Messages (\HasNoChildren) > > I can't sam the user (root) mailbox as "Mailbox does not exist" I > was successful in setting up the Shared mailboxes which work just > fine but I want to get rid of this read access I have on user/ What is the Mailbox "user (root)"? -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: LMTP from remote Postfix, user mismatch -> Mailbox does not exist
Am Friday 22 September 2006 18:17 schrieb Tomasz Chmielewski: > Currently, I'm using Cyrus and Postfix on the same box, everything works > fine. > Due to the high load of the server, I'm going to split the server into > several machines. > > Users are kept in MySQL database, each email has its own login and > password: > > [EMAIL PROTECTED], user-001, password > [EMAIL PROTECTED], user-002, password2 > > Right now, when Postfix receives email to [EMAIL PROTECTED], it delivers it to > Cyrus using local sockets (lmtp) to user-001. > > With separate machines, it doesn't work. > > First, Postfix machine receives email to [EMAIL PROTECTED] > Then, it sends it via lmtp (tcp) to Cyrus machine, with the address > [EMAIL PROTECTED] > Cyrus wants to deliver the mail to "joe" mailbox, which doesn't exist - > cyrus should deliver the mail to "user-001": > > connection from postfix1.domain [10.1.1.5] > about to exec /usr/lib/cyrus-imapd/lmtpd > login: postfix1.syneticon.net [10.1.1.4] cyruslmtp PLAIN User logged in > verify_user(user.joe) failed: Mailbox does not exist > > Unfortunately, I'm not even sure where to fix the problem, as when > Postfix attempts to deliver mail via lmtp/tcp, Cyrus/lmtp doesn't even > do any lookups in MySQL database. Cyrus-Imapd has no ability to do lookups in mysql for Recipients. Use Postfix to deliver the Mail to the right Recipient/Mailbox. > I started lmtpd with "-a" parameter, as hosts are in a trusted network: > >lmtp cmd="lmtpd -a" listen="lmtp" prefork=1 > > Anyone knows how to fix this issue? > > In other words, lmtpd, when receives an email to [EMAIL PROTECTED], should > perform a lookup in MySQL database: > > SELECT dest FROM virtual WHERE alias='[EMAIL PROTECTED]' -- Andreas Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
