Re: Patch for adding tls_honor_cipher_order
> On 17 Oct 2014, at 11:34, Jeroen van Meeuwen (Kolab Systems) > wrote: > > On 2014-10-16 19:32, Kristian Kræmmer Nielsen wrote: >> Hi, >> >> Patch attached. >> > > Something similar is already in cyrus-imapd-2.4: > > > http://git.cyrusimap.org/cyrus-imapd/commit/?h=cyrus-imapd-2.4&id=4b26d2d7244eeaa481871c337e57cd393fd76dfe Is this commit considered part of the stable 2.4 version yet? or only with some upcoming 2.4.18 tag? Regards, Mark Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: Protecting message files acess even from root
On 31 Jan 2014, at 16:10, Fabio S. Schmidt wrote: > Hello! > Considering that Cyrus stores messages in files, does anyone have any > experience on the protection of access to these files, even for the root > user? > > I researched about SELINUX and found no conclusive documentation. > http://en.wikipedia.org/wiki/Public-key_cryptography - Mark Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: Failover for business continuity
On Wed, 30 May 2012, Ram wrote: > So if not DNS based fail over , what is the other alternative. > I cant move the IP , or re-announce BGP > I cant have both servers in active-active mode DNS failover is your best overall option for this case unless you an exceptionally large budget to spend on this. You would need to do some research on how many of your end-user clients suffer from non-conforming DNS resolution behaviours and just send them instructions on how to manually refresh the DNS records when they complain they can't reach the email server. Depending on which failure modes you regard as most likely or damaging, you could announce via DNS a proxy IP which redirects to a working back-end. You would need to be confident that proxy IP would provide higher availability than your mail server though. - Mark Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: Cyrus imap server and filesystem type.
On 4 Oct 2011, at 09:13, Bron Gondwana wrote: > On Monday, October 03, 2011 2:09 PM, "Vincent Fox" wrote: > >> I have btrfs on my desktop and hope it will mature. > > It did a lot early, but seems to have stagnated getting the last bit > finished. Now... btrfs is sponsored by Oracle. And the owner of ZFS is... > > ... which raises the real question of just how committed they are to actually > shipping a stable GPL competitor to ZFS now. So I'm not holding my breath. Well, you've got ZFS v28 on FreeBSD if you want to steer clear of Oracle's influence. http://lists.freebsd.org/pipermail/freebsd-stable/2011-June/062900.html - Mark Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: hardware sizing for a large mail installation?
On 30 Sep 2004, at 16:26, John Madden wrote: he seemed willing to offload that to another box, so I chose not to cover that point and his box does seem more than adequate (if properly utilized) for most content scanning. True, there is that. I'm mostly concerned with cyrus keeping up with the load -- probably a couple thousand simultaneous connections via a web mail client. That should be no problem. Cyrus is relatively lightweight on CPU, so its probably just a question of having enough network buffers to keep the connections live. I'd recommend the skiplist backend instead of db4 as well. John -- John Madden UNIX Systems Engineer Ivy Tech State College [EMAIL PROTECTED] --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: hardware sizing for a large mail installation?
On 30 Sep 2004, at 15:55, Oliver Falk wrote: Someone on the linuxmanagers list suggested I post my question here, so here goes: I'm looking for pointers (past experience in particular) for sizing a mail server for a large-ish mail install based on postfix, cyrus, amavisd-new, clamav, spamassassin, and web mail (most likely imp) serving around 100k mailboxes. I estimate I'll need to be able to pass through the whole chain around 40msgs/sec continuously to be on the safe side. If possible, I'd like to do this on a single server. Cyrus murder probably isn't an option, but I think I could swing a separate box to do the content filtering. Would, say, a 4-cpu Xeon with ~8GB RAM suffice for the MTA/IMAP combination? I/O, I/O, I/O -- it's off to work we go!! mail systems need primarily disk bandwidth. Get a killer disk array (fibre-channel or SCSI) and that will keep you happy. The Xeon is nice, but it's disk bandwidth you *need*. I can recommend the StorageTek D-series disk systems, but a bit expensive. That's not fully correct. Yes, it's true that mail systems need primarily disk bandwith. But if you run - as he pointed out he will - spamassassin, amavisd, clamav and so on, you will also need a lot of CPU power and Memory, especially if you have many users who get a lot of mail. he seemed willing to offload that to another box, so I chose not to cover that point and his box does seem more than adequate (if properly utilized) for most content scanning. I should have made that point explicitly of course. Regards, Mark My setup for about 1200 users (~ 6 - 7 mails/day): * Some IBM machine * 2 GB RAM * Dual-Xeon (2.66 GHz) * 100 GB Harddisk (SCSI 5 with IBM ServeRAID Controller) That setup is OK, but there's allready more memory and larger hardisks on our wishlist. :-) Best, Oliver --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html