Re: sa-learn using event notifications
El 12/03/18 a les 18:43, Arnaldo Viegas de Lima ha escrit: I see a 2 ways to handle it: - Enqueue for later processing - Make notifyd pass the job to another process (like a daemon) Yes, I thought about those two options (well, only the first one actually, since notifyd can only spawn an external program) and I asked about it in my original message. The question is, is it really necessary (with ~100 sessions and not everybody constantly moving messages in/out of the spam folder)? Bye -- Luca Olivetti Wetron Automation Technology http://www.wetron.es/ Tel. +34 93 5883004 (Ext.3010) Fax +34 93 5883007 Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: sa-learn using event notifications
El 12/03/18 a les 18:07, Arnaldo Viegas de Lima ha escrit: I run a separate daemon that periodically checks the spam folder, perform the necessary “training” actions and then remove the message. That's what I've been doing for many years (using a couple of shared folder where users have to move messages that have been wrongly classified) but I wanted to make it simpler, like the dovecot antispam plugin, where it is enough to move a message in/out of the personal spam folder to trigger a retrain. Bye -- Luca Olivetti Wetron Automation Technology http://www.wetron.es/ Tel. +34 93 5883004 (Ext.3010) Fax +34 93 5883007 Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
sa-learn using event notifications
I wrote a simple program that manages the vnd.cmu.MessageMove event to run sa-learn when a message is moved into or out of the spam folder. I'm processing it synchronously (i.e., the program starts spawned by notifyd and doesn't terminate until sa-learn exits). Given that sa-learn takes a few seconds to run, could it lead to problems? Should I devise a different strategy (i.e. queue sa-learn to run later/asynchronously)? I don't have many users (around 100 active sessions). Bye -- Luca Olivetti Wetron Automation Technology http://www.wetron.es/ Tel. +34 93 5883004 (Ext.3010) Fax +34 93 5883007 Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: how to configure dhparms in cyrus-imapd 2.4.x
El 21/05/15 a les 09:28, Michael Menge ha escrit: > > Hi, > > to prevent the logjam Attack https://weakdh.org/ I want to configure my > own set of dh parameters. > I didn't find an option to configure the dh parameter length, or a dh > parameter file generated by > openssl dhparam Append the content of the dh parameters file (pem encoded) to the file holding the private key (i.e. the file pointed by tls_key_file). It should also work in the tls_cert_file but it didn't work here. Look in the logs for the message "imapd:Loading DH parameters from file" instead of "imapd:Loading hard-coded DH parameters" Bye -- Luca Olivetti Wetron Automation Technology http://www.wetron.es Tel. +34 935883004 Fax +34 935883007 Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: group acl with winbind
El 08/04/15 a les 10:11, Sven Schwedas ha escrit: >> Winbind uses a socket in /tmp/.winbindd but in the systemd unit file >> there's a >> >> PrivateTmp=true >> >> which effectively hides the socket from cyrus. >> Changing it to false solves the problem. > > I think it would be better to change the "winbindd socket directory" # testparm Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Unknown parameter encountered: "winbindd socket directory" Ignoring unknown parameter "winbindd socket directory" Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions > setting in the smb.conf, as your changes to the unit file will probably > be overwritten at some point (and PrivateTmp is useful for *actual* temp > files, which the socket isn't…). I used a unit file in /etc/systemd/system which includes the original one then overrides PrivateTmp Bye -- Luca Olivetti Wetron Automation Technology http://www.wetron.es Tel. +34 935883004 Fax +34 935883007 Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: group acl with winbind
El 07/04/15 a les 18:10, Dan White ha escrit: > On 04/07/15 17:50 +0200, Luca Olivetti wrote: >> El 07/04/15 a les 17:31, Dan White ha escrit: >> >>>> localhost> sam m_sist group:m_sist lrw >>>> setaclmailbox: group:m_sist: lrw: Invalid identifier >>>> localhost> >>> >>> Could this be a permissions problem? Can the cyrus user successfully >>> execute the getent command? >> >> Yes, it can >> >> $ sudo su -s /bin/bash cyrus >> $ whoami >> cyrus >> $ getent group | grep m_sist >> m_sist:x:674:ojeda,luca,calmet,rafa,oscar > > I'm at a loss to explain that behavior. You may need to trace/debug > to get to the bottom of it: > > http://members.sange.fi/~atehwa/vc/packaging/cyrus-imapd/debian/README.Debian.debug Thank you, that was useful (duh, why didn't I think of it?). It turns out that the culprit was.systemd (or better, the systemd unit file provided by my distro). Winbind uses a socket in /tmp/.winbindd but in the systemd unit file there's a PrivateTmp=true which effectively hides the socket from cyrus. Changing it to false solves the problem. Bye -- Luca Olivetti Wetron Automation Technology http://www.wetron.es Tel. +34 935883004 Fax +34 935883007 Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: group acl with winbind
El 07/04/15 a les 17:31, Dan White ha escrit: >> localhost> sam m_sist group:m_sist lrw >> setaclmailbox: group:m_sist: lrw: Invalid identifier >> localhost> > > Could this be a permissions problem? Can the cyrus user successfully > execute the getent command? Yes, it can $ sudo su -s /bin/bash cyrus $ whoami cyrus $ getent group | grep m_sist m_sist:x:674:ojeda,luca,calmet,rafa,oscar > Presumably your auth_mech is set to the default (unix), which is not > scalable, and has caused serious performance issues for me in the past. > See: > > http://cyrusimap.org/docs/cyrus-imapd/2.4.17/overview.php#aclauth > > If your group information is exposed over an LDAP backend, consider using > pts. I'm aware of that, but I have not that many active users and it's not been a problem until now. Besides, that would force me to change the group acls (auth_unix is the only one using the group: prefix AFAIK). Bye -- Luca Olivetti Wetron Automation Technology http://www.wetron.es Tel. +34 935883004 Fax +34 935883007 Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: group acl with winbind
El 07/04/15 a les 16:58, Sven Schwedas ha escrit: > > 1. Are you running cyrus on a Domain Controller, or on a normal member > server? member server > > 2. Which winbind/samba version(s) do you use? 3.6.25 > > 3. smb.conf for the cyrus server? [global] security = ads realm = SAMBA.WETRON.ES workgroup = WETRON kerberos method = secrets and keytab client signing = yes client use spnego = yes dedicated keytab file = /etc/krb5.keytab idmap config *:backend = tdb idmap config *:range = 60001-6 idmap config WETRON:backend = ad idmap config WETRON:schema_mode = rfc2307 idmap config WETRON:range = 490-6 idmap config WETRON:default = yes winbind nss info = rfc2307 winbind trusted domains only = no winbind use default domain = yes winbind enum users = yes winbind enum groups = yes winbind refresh tickets = yes username map = /etc/samba/smbusers additional data: I assigned unix attributes to all groups in AD (otherwise winbind cannot enumerate groups). However I'm looking at the cyrus source and I see that to canonicalize a group name it is using getgrnam, and a simple program using getgrnam returns the group just fine. Bye -- Luca Olivetti Wetron Automation Technology http://www.wetron.es Tel. +34 935883004 Fax +34 935883007 Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
group acl with winbind
I'm currently using cyrus-imapd 2.4.17 and sssd to obtain nss groups from an openldap server. I have some group acl which are currently working fine. I'm testing the migration to samba4 as an active directory domain controller and I'm trying to use winbind instead of sssd (which works perfectly btw). The problem is that with winbind group acls don't work. Group enumeration (a pain to configure) works: $ getent group | grep m_sist m_sist:x:674:ojeda,luca,calmet,rafa,oscar But I cannot set acl on that group: $ cyradm -u cyrus localhost Password: localhost> sam m_sist group:m_sist lrw setaclmailbox: group:m_sist: lrw: Invalid identifier localhost> Meanwhile I have winbindd running in the foregroung and the above sam command will cause no messages at all (i.e. it seems it isn't querying winbindd for group information) If I change nsswitch back to sssd (which is pulling data from the same samba4 server) and restart cyrus, it works: $ cyradm -u cyrus localhost Password: localhost> sam m_sist group:m_sist lrw localhost> The simple solution is to use sssd and forget about winbind, but I'm curious: why one works and the other doesn't giving that group enumeration works with both? Bye -- Luca Olivetti Wetron Automation Technology http://www.wetron.es Tel. +34 935883004 Fax +34 935883007 Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: login doesn't fully work, authenticate does
En/na Luca Olivetti ha escrit: > Hello, > > I just upgraded my cyrus-imapd server from 2.2.12 to 2.3.15. > Squirrelmail stopped working with the error 'SELECT "INBOX" - mailbox > does not exist". > I found out that neither SELECT nor STATUS work if authenticating with > login, while they work with AUTHENTICATE (which I cannot use with > squirrelmail and my setup) It turns out that the comment in cmd_login (imap/imapd.c) that says /* authstate already created by mysasl_proxy_policy() */ doesn't apply here (maybe my sasl libraries are too old and don't work as intended?). Anyway, I applied this workaround --- cyrus-imapd-2.3.15.orig/imap/imapd.c2009-10-06 11:31:51.456950883 +0200 +++ cyrus-imapd-2.3.15/imap/imapd.c 2009-10-06 11:33:22.107293040 +0200 @@ -2199,6 +2199,8 @@ } /* authstate already created by mysasl_proxy_policy() */ +if (!imapd_authstate) + imapd_authstate = auth_newstate(imapd_userid); imapd_userisadmin = global_authisa(imapd_authstate, IMAPOPT_ADMINS); prot_printf(imapd_out, "%s OK [CAPABILITY ", tag); Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 (Ext.133) Fax +34 93 5883007 Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
login doesn't fully work, authenticate does
Hello, I just upgraded my cyrus-imapd server from 2.2.12 to 2.3.15. Squirrelmail stopped working with the error 'SELECT "INBOX" - mailbox does not exist". I found out that neither SELECT nor STATUS work if authenticating with login, while they work with AUTHENTICATE (which I cannot use with squirrelmail and my setup) $ imtest -m login localhost S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS AUTH=PLAIN AUTH=CRAM-MD5 SASL-IR COMPRESS=DEFLATE] mail.wetron.es Cyrus IMAP v2.3.15-Mandriva-RPM-2.3.15-1.1.100mdk server ready Please enter your password: C: L01 LOGIN luca {8} S: + go ahead C: S: L01 OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS AUTH=PLAIN AUTH=CRAM-MD5 SASL-IR COMPRESS=DEFLATE ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE SCAN IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH] User logged in Authenticated. Security strength factor: 0 x SELECT INBOX x NO Mailbox does not exist x LOGOUT * BYE LOGOUT received x OK Completed Connection closed. $ imtest -m plain localhost S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS AUTH=PLAIN AUTH=CRAM-MD5 SASL-IR COMPRESS=DEFLATE] mail.wetron.es Cyrus IMAP v2.3.15-Mandriva-RPM-2.3.15-1.1.100mdk server ready Please enter your password: C: A01 AUTHENTICATE PLAIN x S: A01 OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID LOGINDISABLED COMPRESS=DEFLATE ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE SCAN IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH] Success (no protection) Authenticated. Security strength factor: 0 x SELECT INBOX * FLAGS (\Answered \Flagged \Draft \Deleted \Seen $Forwarded $MDNSent NonJunk Junk $Label1 $Label2 $Label3 $Label4 $Label5) * OK [PERMANENTFLAGS (\Answered \Flagged \Draft \Deleted \Seen $Forwarded $MDNSent NonJunk Junk $Label1 $Label2 $Label3 $Label4 $Label5 \*)] * 3060 EXISTS * 0 RECENT * OK [UIDVALIDITY 904828784] * OK [UIDNEXT 45691] * OK [NOMODSEQ] Sorry, modsequences have not been enabled on this mailbox * OK [URLMECH INTERNAL] x OK [READ-WRITE] Completed x LOGOUT * BYE LOGOUT received x OK Completed Connection closed. It worked either way with 2.2.12 and I couldn't find a configuration option controlling this behavior. Is there one? Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 (Ext.133) Fax +34 93 5883007 Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: groups, members, LDAP and ptloader
En/na Warren Turkal ha escrit: On Wednesday 30 May 2007 14:30, Milen Dimov wrote: We successfully run cyrus 2.2.12 and 2.3.8 both with LDAP users authentication and authorization utilizing respectively saslauthd and ptloader with LDAP support. I was under the impression that you could avoid saslauthd for authentication. Is this impression true? Yes you can, but then you need to store passwords in plain-text, and be prepared for a rough series of trial & error sessions, trying do decypher obsolete and/or incomplete ldap documentation and its esoteric interactions with sasl and cyrus ;-) : sasl_pwcheck_method: auxprop sasl_auxprop_plugin: ldapdb sasl_ldapdb_uri: ldapi://%2Fvar%2Frun%2Fslapd%2Fldapi sasl_ldapdb_mech: EXTERNAL (accessing ldap through a unix socket avoids the need to store a password in imapd.conf, that's what the sasl_ldapdb_mech: EXTERNAL does). For this to work I have this in my slapd.conf (uid 106 is cyrus): sasl-regexp "gidNumber=(.*)\\+uidNumber=106,cn=peercred,cn=external,cn=auth" "uid=cyrus,ou=System,dc=ventoso,dc=org" sasl-regexp "gidNumber=0\\+uidNumber=0,cn=peercred,cn=external,cn=auth" "cn=admin,dc=ventoso,dc=org" sasl-regexp "uid=(.*),cn=external,cn=auth" "ldap:///dc=ventoso,dc=org??sub?(uid=$1)" sasl-authz-policy to then I have one record in ldap for cyrus (under a different ou, so that it won't mix with normal users for authentication) dn: uid=cyrus,ou=System,dc=ventoso,dc=org uid: cyrus objectClass: person objectClass: posixAccount objectClass: top objectClass: shadowAccount [] authzTo: ldap://ou=People,dc=ventoso,dc=org??sub?(objectclass=person) Don't ask me what all of this means, I don't remember (and I doubt that the folks that designed the system do ;-) And remember: passwords have to be stored in plain text for this to work. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: how to enable digestmd5 and crammd5 ?
En/na Goetz Babin-Ebell ha escrit: cram-md5 and digest-md5 require the pass phrase stored unencrypted. This opens another can of worms... (And AFAIK LDAP doesnt support them...) it does. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Global Sieve Script
En/na Federico Sevilla III ha escrit: Hi, I would like to create a "global" sieve script that will be active for all users, regardless of the presence of a per-user sieve script or not. This is so that all spam marked by amavis with the X-Spam-Status header can be segregated into spam folders. I just configure amavis (actually amavisd-new) to add the spam extension ($addr_extension_spam = 'spam'), and then give anonymous the p permission to the users' spam subfolders (the worst that can happen is if someone discovers the trick he can send mail directly to the spam folder). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: saving attachemnts from a quarantined mail
En/na rajeev ha escrit: I have a cyrus+postfix+amavis installation and all spam and viruses are moved on to /var/virusmail folder. Now I have a mail which is in this folder I need to recover it. Can you guide me how do I move this file back to a mail folder (/var/spool/imap/xyx) and get mail back to user? If your setup is like mine, using sendmail will bypass amavisd: sendmail your-recipient-address < /var/virusmail/file-to-recover Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: changing the log file?
En/na Matt Singerman ha escrit: Hi all, I am running Cyrus with Sendmail as the MTA on a FreeBSD 6.0 system. Currently, IMAP messages are being written to /var/log/messages. I'd prefer to have them be written to /var/log/maillog. Is there an option to change in Cyrus' configuration file to do this, or any other way? there's a configure option you can use: --with-syslogfacility=MAIL (look at the output of ./configure --help) Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: parse_address() and restricting SIEVE vacation replies
James Ralston wrote: * http://www.spamcop.net/fom-serve/cache/329.html Wow, how much hypocrisy in a single page. This sums it up pretty well: "Does not scale: If everyone used this method, nobody would ever get any mail." If everyone used the services offered by these assorted self-appointed spam vigilante nobody would ever get any mail. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: [Mail Scanned!] Re: [Mail Scanned!] Re: Sieve
Damian Chia wrote: Hi Bryan, I ca do a telnet localhost sieve, this is the result: Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. "IMPLEMENTATION" "Cyrus timsieved v2.2.8-Invoca-RPM-2.2.8-1" "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational regex" "STARTTLS" OK See?, there's no "SASL" line there. That means that sieveshell isn't finding any suitable sasl plugin. Check that you have at least the plain sasl plugin installed. If you were using mandrake I'd tell you to "urpmi libasasl2-plug-plain" but since you're using redhat/fedora I don't know which rpm you have to install. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: setrlimit: Unable to set file descriptors limit to -1: Operation not permitted
ML mail wrote: Hello, I am trying out Cyrus 2.2.8 on Slackware Linux with a 2.4.21 kernel and Cyrus SASL 2.1.19, DB 4.2.52 and OpenLDAP 2.2.17. The problem that I have is when I want to start the master I get the following problem: Oct 18 11:32:16 srv master[30609]: setrlimit: Unable to set file descriptors limit to -1: Operation not permitted Oct 18 11:32:16 srv master[30609]: retrying with 1024 (current max) Oct 18 11:32:16 srv master[30609]: process started Oct 18 11:32:16 srv master[30610]: about to exec /opt/cyrus/bin/ctl_cyrusdb Oct 18 11:32:16 srv ctl_cyrusdb[30610]: recovering cyrus databases Oct 18 11:32:16 srv ctl_cyrusdb[30610]: skiplist: recovered /var/cyrus/mailboxes.db (0 records, 144 bytes) in 0 seconds Oct 18 11:32:16 srv ctl_cyrusdb[30610]: skiplist: recovered /var/cyrus/annotations.db (0 records, 144 bytes) in 0 seconds Oct 18 11:32:16 srv ctl_cyrusdb[30610]: done recovering cyrus databases Oct 18 11:32:16 srv master[30611]: about to exec /opt/cyrus/bin/ctl_mboxlist Oct 18 11:32:16 srv master[30609]: process 30611 exited, signaled to death by 11 And the master quits with "Segmentation fault". Does anyone know what's this setrlimit problem ? That's not actually a problem (under linux it's not possible to use -1 and so it retries with the maximum value) and it's not the cause of the "signaled to death by 11". Among other causes it's possible that cyrus is using one version of berkeley db while openldap is using another. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus/postfix/spamassasin: moving junk to junk
Eric Björkvall wrote: Hi! I successfully set up cyrus/postfix/spamassasin/clamav/amavisd to handle mail for 2 domains. Now I want this setup to automatically transfer spam to a mailbox called junk. Pop-users will not get spam messages but they can use webmail or imap to check the junk mail if they wish. I checked /etc/amavisd.conf for options to transfer spam to a special mailbox (each user have their own junk-mailbox) but no go... How can I do this? I use $addr_extension_spam = 'spam'; $recipient_delimiter = '+'; (in your case that would be $addr_extension_spam = 'junk';) Then you have to grant anonymous the post acl to the junk folder, but since that's junk I don't see it as a problem ;-) Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: LMTP and qualified domains?
Scott Call wrote: This is with the Mandrake 10- RPM " v2.1.16-Mandrake-RPM-2.1.16-5mdk " You can find the source rpm for cyrus 2.2.8 at http://club.telepolis.com/l.o/cyrus/beta/ It's just a matter of executing 'rpm --rebuild' to get the binaries. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus crashed on redundant platform - need better availability?
Paul Dekkers wrote: I'm not sure why the box crashed; there was nothing in the logs, there was nothing on the screen when we came there, it just booted up again. Of course I'm interested if anyone has any thoughts on this. Maybe it has nothing to do with your problem, but there is a timing issue with some intel xeon and p4 processors. Look at this HP advisory: http://tinyurl.com/63dxe even if it says that no field issues have been identified, I've experienced real random lock ups before updating the bios. Look if is there a bios update available from dell. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: subscribing to folders
Alexander Brill wrote: On Fri, 2004-07-23 at 15:46, Rob Siemborski wrote: On Thu, 22 Jul 2004, Alexander Brill wrote: Is it possible to force subscribtion of a folder to another user by using the admin-user? I couldn't find any info about it in the docs and RFCs. If you use proxy authentication, then you can authenticate as the admin but authorize as the user, and then subscribe them to the folder. Could you reference me to some rfc's or other docs on the subject? I tried the PROXYAUTH-command (comes with python imaplib), but it wasn't recognized as a command on my server. PROXYAUTH is a non standard command: http://www.washington.edu/imap/listarch/2000/msg00215.html (follow the thread). The right thing to do is use the authenticate method, unfortunately it's not implemented in python imaplib. I don't understand why the imaplib developer(s) implemented the nonstandard command instead of the standard one. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Imap mailbox aliases (two names for the same box)
Ghislain ADNET wrote: Don't know which version of thunderbird/mozilla you are using, but in the current one (and in any previous one starting from Netscape communicator 4.x) I have a lowercase sent folder and I do have the special icon (btw, mozilla shows it with an uppercase name) and everything works fine. In fact I use 'sent' for historical reasons: you can use *any* name (e.g. I use localized names for templates and drafts). Only you have to remember to configure mozilla/thunderbird to use your folders (with thunderbird: tools->account settings->copies & folders, select "other" and select the imap folder you want to use for sent, drafts and templates, with mozilla is the same but "account settings" is under the "edit" menu) i use thunderbird 0.7.2 and other people here use mozilla 1.7.1 . For my part my folder "junk" has not the special icon , if i put Junk then i have it. Also a user cannot change the name of the folder you must do it on the server and resubscribe to use it again (the rename menu icon do not show on those folders). On a large userbase you see why i wish to change this on the server side and not on the client :) So i don't know why we have different behaviors but this is my experience here :) First you were talking about the "sent" folder and the settings I showed you will allow you to select *any* folder with *any* name for sent, drafts and templates. I usually disable junk mail filtering in mozilla (I have amavis-new+spamassassin taking care of spam on the server), but I enabled it just to test what you are saying and in "Junk mail control" you can select *any* folder for junk mail (I selected "spam" and it showed the junk mail icon, you have to collapse and expand the folders tree to see the new icons). The key is to select *other* and not sent/drafts/templates/junk in those preferences. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Imap mailbox aliases (two names for the same box)
Ghislain ADNET wrote: Hello, I know some of you had the problem of the mailbox with an upper case that are not recognized when goign through sendmail. For exemple writing to [EMAIL PROTECTED] is translated [EMAIL PROTECTED] My problem is Thunderbird use Junk, Trash Sent name boxes etc... and have special icons to show those folders that permit easy identification of the folder by mundane users. But i cannot forward to uppercase adress folders so i have to choose between : 1/ use sent instead of Sent and forget about the special icon in thunderbird and mozilla Don't know which version of thunderbird/mozilla you are using, but in the current one (and in any previous one starting from Netscape communicator 4.x) I have a lowercase sent folder and I do have the special icon (btw, mozilla shows it with an uppercase name) and everything works fine. In fact I use 'sent' for historical reasons: you can use *any* name (e.g. I use localized names for templates and drafts). Only you have to remember to configure mozilla/thunderbird to use your folders (with thunderbird: tools->account settings->copies & folders, select "other" and select the imap folder you want to use for sent, drafts and templates, with mozilla is the same but "account settings" is under the "edit" menu) Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Upgrade from cyrus-imapd2.1.x to cyrus-imapd2.2.3
Wang Penghui wrote: 2. How to backup and restore all the messages and users info store at the mailsystem? Search the mailing list, this issue comes up often I have searched for many times, but i could not got some useful issues because my ability of STW. Could you pick me a hand? A better suggestion would be to look at the cyrus-wiki http://acs-wiki.andrew.cmu.edu/twiki/bin/view/Cyrus/WebHome Follow the link CyrusAdministration->Backup 3. Is there any other things i have to do? Look at the install-upgrade.html document (it's in the doc subdirectory of the extracted tarball). I have read the document, but there isn't a entire process of the operation of upgrade. These are only things you should take care of when you're upgrading. Follow the instructions backwards, i.e. first read the section "Upgrading from 2.1.x or earlier", then "Upgrading from 2.2.0 or earlier" and so on. Of course you don't have to repeat the same steps (i.e. you just have to run masssievec once). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Upgrade from cyrus-imapd2.1.x to cyrus-imapd2.2.3
Wang Penghui wrote: Hello, everyone! My mail server which built with Cyrus-imapd2.1.15 postfix2.0.19 OpenLDAP 2.1.26 has to upgrade form cyrus-imapd2.1.15 to 2.2.x. What's the important things i have to pay more attention to when i do that. And what's the ditails of howto? Could someone who has experience of it pick me up a way to do it? There are some questions about it: 1. Do the other softwares need to upgrade, such as cyrus-sasl? AFAIK cyrus-imapd 2.2.x needs at least cyrus-sasl 2.1.15 2. How to backup and restore all the messages and users info store at the mailsystem? Search the mailing list, this issue comes up often 3. Is there any other things i have to do? Look at the install-upgrade.html document (it's in the doc subdirectory of the extracted tarball). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: System-wide sieve filter
Tore Anderson wrote: Hi. I need to make SpamAssassin-tagged messages to be by default filtered into a spam-folder. I figured I could do this either by a global sieve script, or some default script that was copied in place whenever a new user mailbox was created. in /etc/amavisd.conf $addr_extension_spam = 'spam'; then when I create an user, I create a "spam" folder and give it an "anonymous p" acl. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Unread / new message indicators not displayed automatically?
Ralph Seichter wrote: Cyrus IMAP files e-mail into the folders I specified, but the IMAP clients do not show an indicator for new/unread messages in the folders until the user manually selects the folder. I've tried this using Mozilla Thunderbird 0.6 and Mulberry 3.x, the results are the same. If no Sieve rule matches and the message is thus, by an implicit "keep" action, filed in the INBOX (user.john), unread indicators are displayed without prior user interaction. Is this behaviour caused by Cyrus IMAP / Sieve or by the clients? What can I do to have the "there are {n} new messages in this folder" indicators be displayed automatically? For mozilla (and thunderbird): right click on the folder, select properties, check "Check this folder for new messages". Or, if you want all of your folders to be checked, put this in your prefs.js user_pref("mail.check_all_imap_folders_for_new", true); Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Basic HOWTO
Robin Lynn Frank wrote: Apologies for such a basic question, but we will be installing cyrus-imap (Mandrake 10.0 RPM). Since I am going to have a short window to do the BTW, Mandrake 10.0 still comes with 2.1.16 , if you need/want 2.2(.3 at the moment) check my packages at http://club.telepolis.com/l.o/cyrus/beta/ (only SRPM, you *won't* need the cyrus-sasl package with 10.0). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Basic HOWTO
Robin Lynn Frank wrote: Apologies for such a basic question, but we will be installing cyrus-imap (Mandrake 10.0 RPM). Since I am going to have a short window to do the install and configuration, I'm getting this all in advance. I already have the necessary information to get postfix to hand off to cyrus-imap. What I need is the information necessary for the simplest configuration and whatever steps are needed (in the order they are needed) to enable our users to get their mail (pop). See the README.RPM in the doc directory. Basically if you're using the system database for authentication (/etc/shadow or whatever method you've configured with pam) it should work out of the box (provided you are running saslauthd). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Authentication problem
Jim Sabatke wrote: I need to do this because different accounts have different user email addresses for sending. If an email client could have different send-from addresses based on folder, then this wouldn't be an issue, however Mozilla doesn't do this, and I don't know of a client that does. Do you mean this? http://www.mozilla.org/projects/thunderbird/identities.html Kmail also does what you want. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Skel for imap and sieve?
Etienne Goyer wrote: Robin M. wrote: On Wed, 14 Apr 2004, Denny Schierz wrote: You can try some of these settings in your /etc/imapd.conf createonpost: yes autocreatequota: 2 autocreateinboxfolders: Sent | Drafts | Trash | Spam autosubscribeinboxfolders: Sent | Drafts | Trash | Spam Except for autocreatequota, these settings are specific to 2.2.x, right? No, they come from an additional patch: http://email.uoa.gr/projects/cyrus/autocreate/ Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: [cyr]deliver -m, Create Folder
[EMAIL PROTECTED] wrote: I use a script and "[cyr]deliver -m" to automatically sort messages. When it delivers a message to a nonexistent folder, I would like the folder to be created, instead of delivering the message to "INBOX". Can "[cyr]deliver" create the folders to which it delivers? What techniques have others used? http://email.uoa.gr/projects/cyrus/autocreate/ http://email.uoa.gr/projects/cyrus/autosievefolder/ Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus Bulletin Board
Dmitry Terentyev wrote: Good time of the day, All. I've created 2 users, dummy1 & dummy2, and I made user mailboxes for them. Then I did "sam user.dummy1 dummy2 read". Now, when I'm trying to enter the mailbox [EMAIL PROTECTED] from the dummy2 user's account (using dummy2's login & password in the MUA), i see the user.dummy2 mailbox. Could you please suggest how can I view [EMAIL PROTECTED] using dummy2 account? Subscribe to the mailbox (with thunderbird right click on the inbox, subscribe). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Read flags not being updated?
Ian Beyer wrote: This was an issue with older versions of Mozilla, but has been fixed in 1.5 or 1.6. Odd, since I'm using 1.6 - seems to be rearing its ugly head again. You got a bugzilla ID on that perchance, so I can see if it's the same issue? http://bugzilla.mozilla.org/show_bug.cgi?id=195787 http://bugzilla.mozilla.org/show_bug.cgi?id=199433 But I don't see it anymore with thunderbird 0.8. Which version of cyrus are you using and what's the database backend for the seen.db? There was a problem with seen state caching in some version of cyrus, but I don't have this problem neither with 2.1.15 (skiplist for seen.db) nor 2.2.3 (skiplist). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus imap, LDAP userdb, GSSAPI
John Morris wrote: What I'm trying to avoid is using a cyradm-like program to set up new user mailboxes in the mailboxes.db file; doing so breaks my scheme of administering users from a central database. Maybe this patch is what you're looking for: http://email.uoa.gr/projects/cyrus/autocreate/ Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus and Mozilla (and other multi-threaded clients)
Mike Brodbelt wrote: This issue also appears to cause problems with the junk-mail controls in Mozilla, which use a Bayesian technique to identify likely spam in incoming mail, and (usually) move it to a specified folder. Messages that get moved to my junk-mail folder often get duplicated, sometimes several times. I'm guessing this is because the move operation causes one thread to set \Deleted, but parallel threads don't always see this, and as such the message can be moved multiple times, before the deleted status "takes". see http://bugzilla.mozilla.org/show_bug.cgi?id=195787 Is there a work around for these problems? Is it anything Cyrus can fix, or is it inherent in the design of the client? I'd appreciate anyone who can improve my understanding of exactly what goes on, and tell me if theres anything I can do about it. I can live with it if not, but a workaround/fix would be nice. Sure, upgrade to mozilla 1.6 or thunderbird 0.5. They use "status" to check for new mail instead of downloading all the headers, and perform bayesian filtering only when you select a mailfolder. As a result I didn't see the problem with moz1.6/thunderbird 0.5. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: ptloader/ldap
Igor Brezac wrote: Well, you will need to recompile cyrus (it'd be nice if authorization mech. is a runtime option) Yes, that would make life simpler for packagers. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: SIEVE weirdness
Brian wrote: Any idea on what's going wrong? Maybe the plain sasl plugin isn't installed. Try a "telnet localhost sieve" and check that in the output there's a line advertising "SASL" "PLAIN" Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus IMAPd 2.2.2-BETA Released
Igor Brezac escribió: Many of the command line utilities now link libcyrus, where they didn't before, which can cause this difference (it is a static link). Is there any way to make it into a shared library? Yes, but why? Just to reduce the size of the binary rpm. Not a very compelling reason, I know, but it doesn't feel good to ship a 6 MiB binary rpm instead of a less than 3 MiB one. Well, disk space is cheap nowadays. Bye -- Luca
Re: Cyrus IMAPd 2.2.2-BETA Released
Rob Siemborski escribió: On Mon, 1 Dec 2003, Luca Olivetti wrote: Rob Siemborski escribi?: I'm pleased to announce the release of Cyrus IMAPd 2.2.2-BETA. Is it normal that 2.2.2 binaries are 3..5 times the size of the binaries in 2.1.X (not all of them)? e.g. arbitron is 701208 bytes in 2.2.2-BETA, 115832 bytes in 2.1.16 (and the same difference, more or less, applies to chk_cyrus, ctl_cyrusdb, ctl_deliver, etc.), while imapd is more or less the same size. It's a problem of my configuration or it is because there are things compiled with -g? Many of the command line utilities now link libcyrus, where they didn't before, which can cause this difference (it is a static link). Is there any way to make it into a shared library? Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Cyrus IMAPd 2.2.2-BETA Released
Rob Siemborski escribió: I'm pleased to announce the release of Cyrus IMAPd 2.2.2-BETA. Is it normal that 2.2.2 binaries are 3..5 times the size of the binaries in 2.1.X (not all of them)? e.g. arbitron is 701208 bytes in 2.2.2-BETA, 115832 bytes in 2.1.16 (and the same difference, more or less, applies to chk_cyrus, ctl_cyrusdb, ctl_deliver, etc.), while imapd is more or less the same size. It's a problem of my configuration or it is because there are things compiled with -g? Bye -- Luca Olivetti
Re: Postfix, SASL/SASL2 and LDAP
Diego Rivera wrote: My question is: am I totally screwed? Will I be forced to go to OpenLDAP 2.1.X and recompile EVERYTHING that touches LDAP (especially hoping that 2.1.X is backward-compatible with 2.0.X)? Or just use cooker/9.2 that uses sasl v2 for everything (and also the same version of the sleepycat db library, another source of potential problems). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: cyrus-imap and fetchmail's "keep"
Michi Müller wrote: fetchmail gets mail from a POP3 freemail server. it passes the mail to procmail, which than uses cyrus' deliver program to sort mail into my imap folders. Not related to you problem, but note that this contortion isn't necessary since fetchmail speaks lmtp, so it can deliver mail directly to cyrus (caveat: I personally didn't use that option). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: cvt_cyrusdb_all
Norman Zhang wrote: Aug 6 13:42:11 mail cyrus-master[1987]: unable to bind socket for service lmtpunix: Address already in use Aug 6 13:42:11 mail cyrus-master[1987]: unable to create lmtpunix listener socket: Address already in use Someone else is already using the socket? Perhaps you have more than one lmtpunix line in /etc/cyrus.conf? My cyrus.conf only has one lmtpunix. After editing cyrus.conf, I did /etc/rc.d/init.d/cyrus-imapd restart. Is that enough? Am I missing something? Yes, that should be enough. In fact I'm using the same configuration (and the same rpm). Stop cyrus (service cyrus-imapd stop) and see with fuser who is using /var/spool/postfix/cyrus_socket/lmtp. Check also that all directories leading to /var/spool/postfix/cyrus_socket are accessible by cyrus (but I think that should give a different error message), IIRC they're not affected by the msec level, but I could be wrong. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: cvt_cyrusdb_all
Norman Zhang wrote: Luca Olivetti wrote: Norman Zhang wrote: Aug 6 13:42:11 mail cyrus-master[1987]: unable to bind socket for service lmtpunix: Address already in use Aug 6 13:42:11 mail cyrus-master[1987]: unable to create lmtpunix listener socket: Address already in use My cyrus.conf only has one lmtpunix. After editing cyrus.conf, I did /etc/rc.d/init.d/cyrus-imapd restart. Is that enough? Am I missing something? Yes, that should be enough. In fact I'm using the same configuration (and the same rpm). Stop cyrus (service cyrus-imapd stop) and see with fuser who is using /var/spool/postfix/cyrus_socket/lmtp. Sorry I only have /var/spool/postfix/cyrus_socket/ but not /var/spool/postfix/cyrus_socket/lmtp. Do I need to create that with touch? No! Or is it created by cyrus-imapd automatically? Yes, when it starts Check also that all directories leading to /var/spool/postfix/cyrus_socket are accessible by cyrus (but I think cyrus user can access /var/spool/postfix/cyrus_socket no problem. BTW, is cyradm compiled with cyrus-imapd or I need to download it from www.web-cyradm.org? Thank you for your patience. install cyrus-imapd-utils (and perl-Cyrus) Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: cvt_cyrusdb_all
Norman Zhang wrote: I followed the step 2 in README.RPM and reboot the box, but I received the following errors in /var/log/mail/errors. May I ask how do I fix this? I'm using LM 9.1, so postfix runs chroot by default. Regards, Norman Aug 6 13:42:10 mail cyrus-master[1987]: setrlimit: Unable to set file descriptors limit to -1: Operation not permitted Aug 6 13:42:10 mail cyrus-master[1987]: retrying with 1024 (current max) This is cosmetic and harmless. There's a patch for it in the debian package but I didn't apply it. Aug 6 13:42:11 mail cyrus-master[1987]: unable to bind socket for service lmtpunix: Address already in use Aug 6 13:42:11 mail cyrus-master[1987]: unable to create lmtpunix listener socket: Address already in use Someone else is already using the socket? Perhaps you have more than one lmtpunix line in /etc/cyrus.conf? I'm using this configuration myself, so I'm pretty sure it works. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: cvt_cyrusdb_all
Norman Zhang wrote: Since I only have root on this box, I did exactly want you suggested above. I'm using the latest RPM for 9.1 from your site. The install seems to be smooth. Thanks. May I ask how can I recreate a root mailbox so mail can be delivered for root? root should not have a mailbox. I suppose you are using postfix. Create a mailbox for a regular user and edit /etc/aliases to point root mail to that user (don't forget to run newaliases afterwards). Follow the instructions in README.RPM on how to configure postfix to deliver mail to cyrus. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: cvt_cyrusdb_all
Norman Zhang wrote: Hi, After installing cyrus-imapd, I was prompted to convert the /var/lib/imap/mailboxes.db. But I get the following error not being able convert db3 to flat. Would someone please tell me how can I fix this? Mmm, I replied to this message on the mandrake mailing list where it was originally posted, but for some reason (probably sympa) it didn't show up. I'm pasting my reply here: Why was /var/lib/imap/mailboxes.db there? Did you have a previous version of cyrus-imapd manually installed (i.e not via rpm)? If there's no useful data there, I suggest you remove the rpm, rm -rf /var/lib/imap, rm -rf /var/spool/imap and reinstall the rpm. Otherwise, if you have previuosly compiled cyrus-imapd yourself *and* the data there is useful, it's possible that the database format for mailboxes.db is incompatible with the one used by the rpm. Use your previous binary install to dump it to a flat file (ctl_mboxlist -d), install the rpm and then recover it (ctl_mboxlist -u). You'll probably have to use the previous binary install to convert other files (cvt_cyrusdb) away from berkeley db. It's also possible that simply running a db_upgrade (from the package db4-utils) on the affected file will solve the problem. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: cvt_cyrusdb_all
Simon Matter wrote: Check for current cyrus-imapd packages on Luca's webpage. They're at http://perso.wanadoo.es/olivetti/cyrus/ (use mozilla if you want to avoid the pop-ups that *they*, not me, add to the page). The SRPM builds under 8.2/9.0/9.1, there are also binaries (8.2 is a couple of revisions behind). If you need cooker you should check a mirror. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: cvt_cyrusdb_all
Norman Zhang wrote: Why was /var/lib/imap/mailboxes.db there? Did you have a previous version of cyrus-imapd manually installed (i.e not via rpm)? I have found out that mailboxes.db are created by postfix after I issued /etc/rc.d/init.d/postfix restart. It will recreate that even if I remove it. You have a strange setup. There's *nothing* in the posftix rc script that comes with mandrake that references mailboxes.db, and nothing in any of the postfix binaries references mailboxes.db Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: cvt_cyrusdb_all
Simon Matter wrote: I agree for normal systems. However, in certain situations it may be useful to have a 'root' mailbox. If you have local_transport = lmtp:unix:/var/lib/imap/socket/lmtp in /etc/postfix/main.cf to make single instance store work as expected, the aliases file has no effect and postfix will deliver syslog messages to root. One can then grant access to this box for other users via Cyrus. It's possible to use single instance store *and* use aliases, but the configuration is more convoluted: - remove your domain from "mydestination" - add it to "relay_domains" - activate transport_map, e.g, "transport_map = hash:/etc/postfix/transport" - activate virtual_map, e.g., "virtual_maps = hash:/etc/postfix/virtual" - in /etc/postfix/transport: your.domainlmtp:unix:/your/lmtp/socket -put your aliases in /etc/postfix/virtual: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] (note that the third line will deliver mail to a top level shared folder, the last line will map to an address in localhost which in turn will use /etc/postfix/aliases) - postmap /etc/postfix/virtual - postmap /etc/postfix/transport Aliases for "your.domain" will be managed through the virtual map, while all other aliases will follow the mapping in aliases. I hope I did not forget any step Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: subscribing for a user
Phil Chambers wrote: I am still new to cyrus and trying to find my way. I have tries searching this list archive but could not find this issue. If I create a folder for a user using the Cyrus::IMAP::Admin perl module, is it possible to mark that folder as being one of the user's subscribed folders? Hi, I use a simple python script for that, the only problem is it needs to know the user password. This is no problem for me, since I use it while creating the user and I just assigned him/her a random password. The script creates the mailboxes and subscribes the user to them. Since it also creates the user's INBOX you'll have to set to true the autocreatequota option in /etc/imapd.conf. The script accepts the username and the password as arguments and runs in the same host as the server. Hope it helps. # Crea el buzon de usuario y suscribe a sent, plantillas, borradores # # Para que el usuario pueda crear su propio INBOX hace falta # que autocreatequota en /etc/imapd.conf tenga valor distinto # que 0 # import imaplib import sys def createmb(user,password): mailboxes=('sent','plantillas','borradores') cyrus=imaplib.IMAP4() cyrus.login(user,password) cyrus.create('INBOX') for mb in mailboxes: cyrus.create('INBOX.'+mb) cyrus.subscribe('INBOX.'+mb) cyrus.logout if __name__ == "__main__": createmb(sys.argv[1],sys.argv[2]) -- Luca
Re: Sharing Folders in Mozilla Mail
Tarjei Huse wrote: Wouldn't the correct thing to do here be to vote for a Mozilla bug? http://bugzilla.mozilla.org/show_bug.cgi?id=207628 I actually think that 207628 should die as a duplicate of 135977 ;-) (opened a whole year before) http://bugzilla.mozilla.org/show_bug.cgi?id=135977 Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Sharing Folders in Mozilla Mail
Ken Murchison wrote: Its a shame that the Mozilla code has left this cruft floating around. FWIW I opened a bug for ACL management in mozilla: http://bugzilla.mozilla.org/show_bug.cgi?id=135977 It's still in state unconfirmed, maybe with some more votes... Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Planning a cyrus upgrade
Paul Boven wrote: Secondly, most of my mail-users use Mozilla or Outlook. Both open multiple connections, and because of this, mail you've already read tends to become unread again. I've heard about a patch to make cyrus write these changes to disk right away to keep them synchronized between connections. Where to find such a patch? Is it already part of the cyrus tree? Don't know if the fix is in current (2.1.13) cyrus, but if you use skiplist for the seen.db you'll almost not notice the problem. And if you're using a recent version of mozilla (>=1.3) take a look at bug 195787 http://bugzilla.mozilla.org/show_bug.cgi?id=195787 (hint: disable junk mail controls). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Mail to user.main.sub issue
En/na Dave Carrera ha escrit: [please keep this on the list] Hi Luca Thank you for your help in this matter, worked wonderfully :-) Shame it dose not seem to be documented openly... Yes it is. Look for postfix documentation, the parametere is recipient_delimiter "sam user.main.sub anonymous p" Whyy is this instruction important? This too is documented in cyrus. Look for Access control lists in overview.html Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Mail to user.main.sub issue
En/na Dave Carrera ha escrit: [EMAIL PROTECTED] main.sub Done postmap and postfix reload but do not recieve email sent to [EMAIL PROTECTED] into main.sub or main. Try main+sub (note that "+" is the default separator in postfix but only for the first level, e.g. to file in the folder user.main.sub1.sub2 you should use main+sub1.sub2). Don't forget to set the acl in the folder to allow anonymous posting e.g (in cyradm): sam user.main.sub anonymous p Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: how to proxy for a user [was Re: Geographically Redundant mailstores]
Marco Colombo wrote: There's no AUTH=xxx entry, so there are *no* available mechs at this point. AFAIK, unsafe mechs (the ones that send passwords in cleartext over the net) are disabled by default. There're enabled if the client requests a TLS connection via STARTTLS. Thanks, you're right, if I use -s or -t it works. What's strange that now I RTFM and put an "allowplaintext: yes" (also tried "allowplaintext: true") in imapd.conf (not a security problem since it accepts plaintext connections only from localhost) and still it doesn't advertise AUTH=PLAIN: $ telnet localhost imap Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. * OK saturn.wetron.local Cyrus IMAP4 v2.1.12-Mandrake-RPM-2.1.12-1mdk server ready 1 capability * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS LISTEXT LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE 1 OK Completed 2 logout * BYE LOGOUT received 2 OK Completed Connection closed by foreign host. Of course I restarted master after editing imapd.conf I also tried adding "sasl_miminum_layer: 0" but that changed nothing (and it should be the default). [] $ cyradm --authz marco --user cyrus localhost Password: devel.ESI> lm INBOX (\HasChildren) INBOX.test2 (\HasNoChildren) INBOX.test (\HasNoChildren) devel.ESI> quit Again, the password I typed was the one of 'cyrus', yet: Mar 19 10:36:07 devel imapd[31845]: login: devel.ESI[127.0.0.1] marco SRP User logged in I wasn't able to test PLAIN, because I don't know how to tell cyradm to use TLS. It seems there isn't a documented way. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
how to proxy for a user [was Re: Geographically Redundant mail stores]
Ken Murchison wrote: When you authenticate, you need to use a SASL mech which supports proxying. Look at doc/mechanisms.html in the SASL distro for a complete list. In your case, you should be able to use at least PLAIN (you can use others if using OpenLDAP 2.2's auxprop plugin). Here's how you'd authenticate as 'cyrus' and login as 'test' using imtest and cyradm: I'm using saslauthd (readme.html says that PLAIN uses saslauthd), mechanisms.html says that PLAIN can proxy, I have in my imapd.conf sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN but imtest -a cyrus -u test -m plain localhost tells me that plain is not available: $ imtest -a cyrus -u luca -m plain localhost S: * OK saturn.wetron.local Cyrus IMAP4 v2.1.12-Mandrake-RPM-2.1.12-1mdk server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS LISTEXT LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE S: C01 OK Completed C: A01 AUTHENTICATE PLAIN S: A01 NO no mechanism available Authentication failed. generic failure Security strength factor: 0 While I see this message in the logs: PLAIN [SASL(-4): no mechanism available: security flags do not match required] The plain pluging *is* installed (in fact I couldn't login to sieve without it): $ telnet localhost sieve Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. "IMPLEMENTATION" "Cyrus timsieved v2.1.12-Mandrake-RPM-2.1.12-1mdk" "SASL" "PLAIN" "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational regex" "STARTTLS" OK Note that if I omit the "-m plain" it will logs me in as user cyrus (so no proxy): $ imtest -a cyrus -u luca localhost S: * OK saturn.wetron.local Cyrus IMAP4 v2.1.12-Mandrake-RPM-2.1.12-1mdk server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS LISTEXT LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE S: C01 OK Completed Please enter your password: C: L01 LOGIN cyrus {7} S: + go ahead C: S: L01 OK User logged in Authenticated. Security strength factor: 0 cyradm --user cyrus --authz test --auth plain localhost Will log me in as user cyrus (no proxy) (I gave the same password for user cyrus to both prompts): $ cyradm --user cyrus --authz luca --auth plain localhost Password: IMAP Password: localhost.localdomain> lm INBOX localhost.localdomain> lm user.luca user.luca (\HasChildren) localhost.localdomain> Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Fw: PATCH: have lmtpd report sieve script file errors
Jay Levitt wrote: By the way.. just noticed a bug in the RPM's version of imapd.conf. It sets "sieveuserhomedir" to no. The actual imapd.conf variable is "sieveusehomedir" (use, not user). It doesn't matter, because the default is no, but should probably be fixed anyway, lest someone get confused when they try to set it to yes! Thanks. The next release of the rpm will have it fixed (I don't plan to release a new rpm just for this though). Bye -- Luca Olivetti
Re: "seen" flag for multiple users // cyrus and procmail
Kristian Rink wrote: (a) in this network, IMAP is used because the vast majority of mail traffic needs to be seen not only by a single user but by a group of persons. For what I have experienced and also read in the archive of this list, it is not possible in cyrus (in IMAP?) to have a general "seen" flag for mails or mailboxes so this way it is impossible for any user who is able to read mail in the shared mailboxes to find out whether or not anyone else already has read and possibly answered new mail. Is there a way to work around this condition? Reading the cyrus man pages I hoped that the "s" ACL setting would be doing right what I need here but obviously it didn't work. This is a desired functionality for me too. While it is implemented (if it is) I'm using this method: for each shared folder I create a subfolder named (say) "managed" and instruct my users to move any answered/managed message to this subfolder. Bye -- Luca Olivetti
Re: Fw: PATCH: have lmtpd report sieve script file errors
Jay Levitt wrote: I forgot to CC you on this question... Strange, I didn't see this message on info-cyrus, anyway: Also, the reason I discovered this is that Mandrake's "msec" security-auditing process automatically chowns /usr/sieve to root.root several times a day. Luca, do you think this is something that the RPMs should override in /etc/security/perm.local to cyrus.mail, either automatically or (if such a thing is possible) after prompting? I'm of The RPM uses /var/lib/imap/sieve by default, and that isn't affected by msec, at least it isn't on my two systems, one 8.2 and the other 9.0, both with security level 3 (implying CHECK_PERMS=yes). I've checked the perm configuration files for all levels and none of them touches anything under /var/lib. Bye -- Luca Olivetti
Re: ACLs and such
Hans Wilmer escribió:: BTW, which IMAP clients or other programs are out there that allow users to easily edit their ACLs? A webclient to just set ACLs would also be ok. It would be *very* nice if I could tell our users to set the permissions they want on their mailfolders all on their own :) websieve can manage ACLs as well as sieve scripts. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: clients that notify upon new mail in folders other than INBOX?
Piet Ruyssinck escribió:: It seems that one can convince most imap clients to periodically check for new mail in one's inbox. For people who need to monitor not just their inbox, but also a few other (shared) folders, it would be neat if they were notified when new messages arrive in these other folders as well. Any idea which clients support this kind of functionality or how I can implement this ? Mozilla does this (so Netscape 7 should do the same) don't remember if it's there in 1.01 or surfaced in a later version (I'm currently using 1.2.1). Just right click on the folder you want to monitor, select properties and mark "check this folder for new mail". There's also a preference to check all folders for new mail, but there's no GUI interface for it. Just put this line in your user.js user_pref("mail.check_all_imap_folders_for_new", true); Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
presubscribing mailboxes
[sent this yesterday but didn't appear on the list. something wrong with the list server?] When I create a new user, I create some extra mailboxes: user.name.sent user.name.drafts user.name.templates While we were using netscape 4, during the first login it would subscribe to all existing mailboxes, now that we've switched to mozilla it doesn't, so I have to presubscribe these mailboxes while creating the user. The only way I found is a hack I'm not really happy with: SUBFILE=/var/lib/imap/user/$initial/$LOGIN.sub echo -e "user.$LOGIN.sent\011" > $SUBFILE echo -e "user.$LOGIN.plantillas\011" >> $SUBFILE echo -e "user.$LOGIN.borradores\011" >> $SUBFILE chown cyrus.mail $SUBFILE chmod 600 $SUBFILE Is there a better way? TIA -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Thoughts on the age-old cyradm thingie
Jay Levitt wrote: Interesting. That patch just installs Shell.pm into vendor_perl instead of site_perl. But when I ran the stock Cyrus configure on MDK 9.0, I had no problem with it running in site_perl; the problem I had was just that site_perl is not actually under PREFIX, and Makefile.PL passes PREFIX explicitly. What problems did you have under 9.0? site_perl isn't used by default in mdk 9.0 (or perl 5.8.0, look at the changelog for perl-base, search vendor_perl), so it would generate bogus dependencies when creating the rpm (files under site_perl would depend on perl-base >= 5.800 --which doesn't exist, rendering the resulting rpm impossible to install-- while files under vendor_perl depend on perl-base >= 2:5.8.0). Conversely, it doesn't seem like your RPM changes PREFIX, so do you know in the build part the %configure macro will automatically call configure --prefix=/usr (and other standard parameters) while in the install part make install is called with PREFIX=/current/build/root BTW: my message won't reach you directly since your ISP, in a misguided attempt to block spam, will bounce my messages. Please tell your ISP not to use methods that, while ineffective against spam, are blocking legitimate email, i.e. by making internet communication not functional they're worse than the problem they're trying to solve. See http://slashdot.org/article.pl?sid=01/05/21/1944247 or even http://www.dotcomeon.com (if you filter through the bullshit there are many good points and links there). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: cyrus compilation problem
Fernando Garcia wrote: I'm using cyrus-imap-2.1.10, cyrus-sasl-2.1.9 and db-4.1.24 on a clean mandrake 9 installation. I have rpms for mandrake at http://perso.wanadoo.es/olivetti/cyrus/ I compiled my rpms against db3, which is supplied with mandrake 9 (where did you get db-4.1.24?, there's a 4.0.14 in contribs, but no 4.1.24). Anyway, if you don't want to use the rpms, here are the dependencies I have in the spec file (just feed these to urpmi): libsasl2-devel e2fsprogs-devel perl tcp_wrappers-devel libdb3.3-devel libopenssl0-devel flex bison groff >= 1.15-8 krb5-devel XFree86-devel (this last one only if you don't want to compile the included makedepend). Of course libsasl2-devel won't be available in standard mandrake, since it's provided by another set of rpms, also available at the same page. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Thoughts on the age-old cyradm thingie
Simon Matter wrote: part of their distributions in the past. I looked at so many Perl source RPMs from RedHat but was unable to do the same with Cyrus. So, if there is really something broken in the perl part of Cyrus and could be fixed, I'd be happy to see it. I've been luckier: I just had to look at a single source rpm (but that's because I asked and someone told me which one was the right one ;-) Attached is the patch that I had to apply to build under mandrake 9.0 but *not* under 8.2 (the former comes with perl 5.8.0 while the latter uses 5.6.1). OTOH on 8.2 I have to manually install the perl manpages in the spec file. I'm not sure the patch should go upstream since it's distribution policy (or is it perl policy since 5.8.0? I don't know) If you look at the spec file, posted at http://perso.wanadoo.es/olivetti/cyrus/cyrus-imapd.spec, you'll see that there are other hacks to build with gcc 3.2 (mainly to remove /usr/local/include in order to avoide configure failures). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 cyrus-imapd-mdk9.0perl-patch.bz2 Description: Binary data
Re: Thoughts on the age-old cyradm thingie
Jay Levitt wrote: I'm new to Cyrus imapd - and, for that matter, to autoconf, perl, Linux, younameit. Building cyrus-imapd-2.1.10 on Mandrake 9.0, I ran into a http://perso.wanadoo.es/olivetti/cyrus/ -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Updating /seen from concurrent sessions
Andrew McNamara wrote: With skiplist, this problem no longer occurs (the skiplist database makes changes made by other processes visible immediately). However, another problem remains: updates are defered for performance reasons. So one session will update the seen list, and the other processes will not see the change (unless they and the updating process execute certain commands, such as NOOP). This is why I told that the problem isn't really solved, just masked. With mozilla it's good enough, give it a try, maybe it works with OE too (maybe not...). -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Updating /seen from concurrent sessions
Lawrence Greenfield wrote: Try using skiplist for the seen.db It doesn't really solve the problem but it masks it well enough. From my understanding, changing to skiplist really shouldn't change the visible behavior at all. But I've been wrong before. It would be possible to flush the seen state more often; it's just a question of how often and when should other imapds look for it. I've never actually seen this problem happen whenever I've fooled around with OE so I've never looked at the code to figure out what to do. I don't use OE but I experienced the same (or similar) problem with mozilla: since it uses many concurrent connections to the server, seen messages came back as unseen various times, and it was very annoying. Switching to skiplist almost solves the problem (at least it did for me): since I switched to skiplist I had seen messages come back as unseen only 2 or 3 times. At the times I tried various things (see http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=14304) but the definitive solution was to use skiplist. Maybe it's linux specific. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Updating /seen from concurrent sessions
Andrew McNamara wrote: I realise this is an old known problem, but I've spent some time searching list archives, and other sources looking for an answer. Any help anyone can provide will be gratefully received. Try using skiplist for the seen.db It doesn't really solve the problem but it masks it well enough. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Cyrus & Outlook
Russell Packer wrote: > This gave me the idea that perhaps sieve could be used in some way, but at the >moment thats a little over my head - thoughts anyone? http://www.kroupware.org -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Cyrus IMAP Presentation
Simon Matter wrote: > Most postfix RPM packages I have seen, including my own, let postfix > have it's own uid and gid (89) and group postdrop (90). In addition to > the own group they make postfix also a member of group mail. But redhat doesn't include postfix (last I checked it was available only in contribs), while in mandrake is the default MTA, and in mandrake's standard package there's user postfix, group postfix, with no additional groups. It's simply a matter to add postfix to group mail or, if you're more paranoid about security, put the lmpt socket in a separate directory owned by cyrus and group postfix. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Cyrus IMAP Presentation
Rob Siemborski wrote: >>Yes, but what happens if openldap is compiled againts sasl v1? > > > This shouldn't matter. saslauthd is a separate process from the > application that is authenticating. what about http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=15004 > Note that your ldd output only indicates a dependency on libsasl and not > libsasl2. Yes, that's pulled in from openldap (note that this saslauthd is from cyrus-sasl v2). >>What are my options if I want to provide an useful package right out of >>the box? > > > I don't see any problems. Me neither, but I don't use ldap. Ok, I'll leave the packages as they are now. -- Luca Olivetti
Re: Cyrus IMAP Presentation
Rob Siemborski wrote: >>saslauthd won't care what OpenLDAP is linked against. saslauthd talks to some >>mechanism like PAM. > > > Saslauthd can also use LDAP directly, in which case it needs to link > libldap and liblber. Yes, but what happens if openldap is compiled againts sasl v1? $ ldd /usr/sbin/saslauthd libgssapi_krb5.so.2 => /usr/lib/libgssapi_krb5.so.2 (0x4002e000) libkrb5.so.3 => /usr/lib/libkrb5.so.3 (0x40041000) libk5crypto.so.3 => /usr/lib/libk5crypto.so.3 (0x4009d000) libcom_err.so.3 => /usr/lib/libcom_err.so.3 (0x400b) libresolv.so.2 => /lib/libresolv.so.2 (0x400b3000) libcrypt.so.1 => /lib/libcrypt.so.1 (0x400c5000) libpam.so.0 => /lib/libpam.so.0 (0x400f2000) libldap.so.2 => /usr/lib/libldap.so.2 (0x400fa000) liblber.so.2 => /usr/lib/liblber.so.2 (0x4012a000) libc.so.6 => /lib/libc.so.6 (0x40136000) libdl.so.2 => /lib/libdl.so.2 (0x40272000) libnsl.so.1 => /lib/libnsl.so.1 (0x40275000) >>>>> libsasl.so.7 => /usr/lib/libsasl.so.7 (0x4028b000) libssl.so.0 => /usr/lib/libssl.so.0 (0x40299000) libcrypto.so.0 => /usr/lib/libcrypto.so.0 (0x402c7000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x4000) libdb-3.3.so => /lib/libdb-3.3.so (0x4038a000) What are my options if I want to provide an useful package right out of the box? 1) wait until the rest of the distribution catches up to sasl v2 2) tell the users to recompile openldap without sasl support 3) compile saslauthd without ldap support 1) is not really an option, 2) don't know the side effects and 3) maybe is the only good solution, provided that it works through pam_ldap without bombing. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Cyrus IMAP Presentation
[EMAIL PROTECTED] wrote: > See ftp://kalamazoolinux.org/pub/pdf/Cyrus.pdf BTW, page 28, postfix. The proposed configuration won't work if postfix isn't in group mail (it isn't by default under mandrake linux). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Cyrus IMAP Presentation
[EMAIL PROTECTED] wrote: >>I'm not using ldap, but a user of my packages has complained that he had >>problems with a similar setup. By searching the list it seems that the >>problem is that openldap is compiled aganinst sasl v1, at least under >>mandrake. I looked at the redhat packages for openldap and they too use >>sasl v1, at least according to rpmfind.net. > > > saslauthd won't care what OpenLDAP is linked against. saslauthd talks to some > mechanism like PAM. That's what I thought too, but then, as I said, I'm not using ldap myself so I cannot check it. See this message: http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=15004 Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Cyrus IMAP Presentation
Mr. Simix wrote: > Right, I'm using Cyrus-IMAPd->saslauthd->pam->[ldap|shadow|...]. Does it work? How? I'm not using ldap, but a user of my packages has complained that he had problems with a similar setup. By searching the list it seems that the problem is that openldap is compiled aganinst sasl v1, at least under mandrake. I looked at the redhat packages for openldap and they too use sasl v1, at least according to rpmfind.net. I also downloaded your package for cyrus-sasl and the difference between yours and mine is that you didn't compile saslauthd with internal ldap support (--with-ldap), and maybe that's the real problem? Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Need Cyrus IMAP User Demographics
[EMAIL PROTECTED] wrote: > For the suit wearing portion of the audience these kinds of statistics are very > important. Particularly if they are for any place they might recongnize, but > any moderate to large size information would be good. Perhaps it may be useful to report that the upcoming kroupware project, commissioned by the german federal agency for IT security, will be based on cyrus (server side). http://mail.kde.org/pipermail/kroupware/2002-September/03.html http://kroupware.kde.org If it's good for the german goverment it should also be good for the suits ;-) -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Cyrus+postfix [was Re: Cyrus IMAP Presentation]
Luca Olivetti wrote: > Amos Gouaux wrote: > >> To quote <[EMAIL PROTECTED]>: >> >> The "lmtp" delivery agent should be listening on "private/lmtp", so it >> will work, but... > > > But since this directory is writable only by user 'postfix' cyrus > (running as user cyrus) wouldn't be able to create the socket there Duh, I was wrong. Probably lmtpd starts as root, opens the socket and then switches to cyrus, yes? But then postfix cannot deliver, I get this in the posftix log: Sep 18 10:09:50 pippo postfix/lmtp[30420]: 7A1181011A2A: to=<[EMAIL PROTECTED]>, relay=private/lmtp[private/lmtp], delay=300, status=deferred (conversation with private/lmtp[private/lmtp] timed out while sending LHLO) Nothing in cyrus log. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Cyrus IMAP Presentation
Amos Gouaux wrote: > To quote <[EMAIL PROTECTED]>: > > The "lmtp" delivery agent should be listening on "private/lmtp", so it > will work, but... But since this directory is writable only by user 'postfix' cyrus (running as user cyrus) wouldn't be able to create the socket there > > This said, the public and private directories are for internal Postfix > IPC. The LMTP server should be using a different subdirectory of > /var/spool/postfix. or a different directory altogether (since actually the socket is owned by cyrus). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Cyrus IMAP Presentation
Amos Gouaux wrote: > lo> edit /etc/cyrus.conf and replace the existing lmtpunix line with > > lo> lmtpunix cmd="lmtpd" listen="/var/spool/postfix/public/lmtp" prefork=1 > > While this will work, as has been discussed on postfix-users, those > sockets really are not for third party software such as Cyrus. I'm > not sure it is wise to instruct folks to go down that path. I don't understand: this is a socket opened *by* cyrus, and postfix is instructed to talk lmtp to that unix socket. A local user could use the socket to inject mail to cyrus, but (s)he could also use port 25. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Cyrus IMAP Presentation - Postfix/Procmail/Cyrus
cassandre wrote: > I quoteWerner Reisberger <[EMAIL PROTECTED]> > > > > There is more than one way to run cyrus with procmail. I am using it since > years with postfix. That's my entry in master.cf Sure, and there's more than one way use cyrus+postfix, with or without procmail, I just reported the simplest way to get cyrus+postfix working under mandrake, not the best configuration. For example, with my proposed configuration you won't benefit from single instance store, but once the system is working you can investigate by yourself which method is best for you. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Cyrus IMAP Presentation
[EMAIL PROTECTED] wrote: >>I beleive there are Debian Packages, put together by Henrique de Moraes >>Holschuh <[EMAIL PROTECTED]>. > > > Now mentioned. I also have rpm packages for mandrake (8.2 at the moment) at http://perso.wanadoo.es/olivetti/cyrus/ In that package (in the README.RPM) there's a simple explanation on how to configure postfix (the default mandrake MTA): If you want to configure postfix to deliver mail to cyrus you have to do the following: edit /etc/postfix/main.cf and add the following line mailbox_transport = lmtp:unix:public/lmtp edit /etc/cyrus.conf and replace the existing lmtpunix line with lmtpunix cmd="lmtpd" listen="/var/spool/postfix/public/lmtp" prefork=1 Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Per User Spam Filtering w/ postfix+cyrus+spamassassin ...
Marc G. Fournier wrote: > foreach valid recipient > process with spamassassin and send results to lmtp for final delivery I don't use Spamassassin so I could be wrong, but it seems to me that a better solution would be to configure spamassassin so that it adds a separate header for each of the tests instead of a cumulative score, so that each user could configure sieve to give more or less importance to each particular test (but that'll need the sieve relation extension). If it's not possible to configure spamassassin this way, it should be possible to patch it/ask the developers to patch it, to include this functionality. This way you wouldn't need spamassassin per user configuration, since each user can tweak her sieve rules, there's no need to process the message for each user, and you don't even need to know who the recipient is. -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Mail status
Luca Olivetti wrote: > Now I switched to using skiplist instead of flat for the seen database > and so far it works, but who knows, maybe in a couple of days it'll > break again. Didn't have to wait that long :-( Just saw a couple of seen messages reappear as unseen. -- Luca Olivetti
Re: imapd timeout
Lawrence Greenfield wrote: > Cyrus does recycle processes. Even if you set prefork 0 in cyrus.conf? -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Compiling (was secure imap)
Phil Dibowitz wrote: > Phil Dibowitz wrote: > >> ./configure ran fine >> make depend ran fine >> make all CFLAGS=-O however, gives: > > > I was able to get around this by replacing /usr/local/share/bison.simple > with /usr/lib/bison.simple in the sieve/Makefile. You could take a look at the cyrus packages for redhat maintained by Simon Matter. http://home.teleport.ch/simix/ Since he is using his packages, the probability that these packages work is much higher that some unmaintained packages from redhat. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: Mail status
Scott M Likens wrote: > Attached you'll find what i did, i implemented a FULL hash and found > that the directory's created by the scripts were in-adequite for my > needs, and cyrus couldnt handle it. I'm using the "traditional" hash here, so I don't think that it's the problem. I revised my logs and there's no error like yours (only "DBERROR x lockers"). Bye -- Luca Olivetti
Re: Secure Imap Problems
Phil Dibowitz wrote: > Hey all, > > I just installed Cyrus, and I can get imap to work, but I can't get > secure imap to work. Did you specify the certificates in imapd.conf? tls_cert_file tls_key_file Bye -- Luca Olivetti
Re: Mail status
Russell Packer wrote: > Hi, > > I get strange behaviour using Microsoft Outlook - the status for various > e-mail messages seems to change rather randomly. I will mark messages as > being read, then 5/10 minutes later they will suddenly be marked as 'unread' > (IMAP). Others in the company have remarked upon it as well. > > Has anyone else experienced this behaviour? What can I look at to tell what > cyrus is doing? I have experienced the same problem with mozilla, see http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=13859 Alec H. Peterson suggested a solution here http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=13890 so I made a patch with a new runtime option to implement what he said. At first it seemed to work but then the problem resurfaced after a week of use. Now I switched to using skiplist instead of flat for the seen database and so far it works, but who knows, maybe in a couple of days it'll break again. -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: does cvt_cyrusdb work? is it normal to have "DBERRORS db3: xlockers" messages?
Luca Olivetti wrote: > Anyway, before using the new imapd, I converted the seen db for myself > (/var/lib/imap/user/l/luca.seen) with cvt_cyrusdb, but *all* messages > appeared as unseen. > Is cvt_cyrusdb supposed to work for the seen.db? I just tried the same but with skiplist and it did work. So flat --> db3 didn't work, but flat --> skiplist does. No DBERRORS so far, but it has been working for just a couple of hours. I'll see if this also solves the mozilla unseen problem. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: does cvt_cyrusdb work? is it normal to have "DBERRORS db3: xlockers" messages?
Jeff Bert wrote: >>Luca Olivetti wrote: >>Is that example configuration not good? >> > > > Dunno for sure. I tend to change something and test... change and test... > change and test... but I didn't write everything down so I have to admit I'm > not sure how I got rid of those db3 errors... I had them too but don't > now... it might be how I compiled postfix that solved it: > > # make -f Makefile.init makefiles \ > CCARGS="-DHAS_MYSQL -I/usr/local/mysql/include \ > -DHAS_DB -I/usr/include/db3" \ > AUXLIBS="-L/usr/local/mysql/lib -lmysqlclient -lz -lm \ > -L/usr/lib -ldb-3.3" > > And then installed cyrus-sasl and cyrus-imapd. > > When I first installed the cyrus rpms I got those db errors also and then > starting messing with stuff and finally got rid of them. Maybe > it was the postfix compile. Don't see how that relates to it, the errors I see are from the various cyrus programs. Anyway, even with these errors everything is working fine, but then this is my home system with just two users. I'm a little nervious with these errors because next week I'll install the same configuration at work (replacing the previous mandrake7.0+cyrus 1.6.24). Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: does cvt_cyrusdb work? is it normal to have "DBERRORS db3: xlockers" messages?
Jeff Bert wrote: > Luca, > > When I built the cyrus-sasl-2.1.2 rpm from your source files I noticed that > the "make" output never had a "-I/usr/include/db3" which is where the > include files for BerkeleyDB3.3 are stored from the Mandrake RPM's. It's there in my Makefiles, so that this is not the problem. (OTOH I don't understand why it's not there in yours, after all the configure script is the same. Note that it's not there in the top directory Makefile but only in the various subdirectories where's it's needed) > > I added a "CPPFLAGS=-I/usr/include/db3" in the cyrus-sasl.spec file before > compiling... but not sure if it made a differece because: > > Also, I modified the cyrus.conf file to be more like the older version > instead of the newer ones... here's mine... not sure which solved the > problem, the .spec file mod or the .conf file mod: The cyrus.conf included in the spec file is the example one shipped with cyrus-2.1.4 (check in the "conf" subdirectory). Is that example configuration not good? > > # standard standalone server implementation > > START { > # do not delete this entry! >recover cmd="ctl_cyrusdb -r" >mboxlist cmd="ctl_mboxlist -r" >deliver cmd="ctl_deliver -r" according to the manpage ctl_mboxlist and ctl_deliver don't have an -r option now, this functionality is included in ctl_cyrusdb. [] > EVENTS { > # this is required > # checkpoint cmd="ctl_cyrusdb -c" period=30 >checkpoint cmd="ctl_mboxlist -c" period=30 ctl_mboxlist doesn't have a -c option now. Its functionality is in ctl_cyrusdb. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
does cvt_cyrusdb work? is it normal to have "DBERRORS db3: x lockers"messages?
Hi, in an attempt to see if it solved the mozilla unseen problem (see http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=13859) I compiled cyrus with db3 as the seen db. I quickly went back to flat because I saw much more "DBERRORS db3: x lockers" than normal (btw, is it normal to see these messages?). Anyway, before using the new imapd, I converted the seen db for myself (/var/lib/imap/user/l/luca.seen) with cvt_cyrusdb, but *all* messages appeared as unseen. Is cvt_cyrusdb supposed to work for the seen.db? TIA -- Luca Olivetti
Re: cyradm problem?... cyrus-imapd-2.1.4
jeff bert wrote: > Do you get the same or similar results? I don't usually use the cram-md5 plugin, but since you have it I installed it just for this test. Did you assign a password to user cyrus? [luca@pippo luca]$ imtest -m login -u cyrus -a cyrus -r localhost localhost C: C01 CAPABILITY S: * OK pippo.olivetti.local Cyrus IMAP4 v2.1.4 server ready S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS AUTH=CRAM-MD5 X-NETSCAPE S: C01 OK Completed Password: C: L01 LOGIN cyrus {7} + go ahead C: L01 OK User logged in Authenticated. Security strength factor: 0 1 logout * BYE LOGOUT received 1 OK Completed Connection closed. > > What does your /etc/pam.d/imap file look like? #%PAM-1.0 auth required /lib/security/pam_stack.so service=system-auth accountrequired /lib/security/pam_stack.so service=system-auth (straight from the rpm) Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007
Re: cyradm problem?... cyrus-imapd-2.1.4
Luca Olivetti wrote: > BTW, I'm preparing new rpms for cyrus-sasl, since the current one > doesn't install the manpages (or rather cyrus-sasl's make install > doesn't, is that normal?) and doesn't include the sasldb conversion > utility. I've just uploaded updated packages. Now they include the manpages and dbconverter-2 -- Luca Olivetti