Re: Syntax for mailbox_default_options
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2018/05/22 12:04 PM, Nels Lindquist wrote: > > On 2018/04/12 10:09 PM, ellie timoney wrote: > >>> On Fri, Apr 13, 2018, at 1:21 AM, Nels Lindquist wrote: The >>> man page for imapd.conf has this to say regarding >>> "mailbox_default_options": >>> >>>>> Default “options” field for the mailbox on create. You’ll >>>>> want to know what you’re doing before setting this, but it >>>>> can apply some default annotations like duplicate >>>>> supression >>> Well, I don't know what I'm doing and I'm not finding anything >>> in the documentation (or Google) to help. >>> >>> What's the syntax for this directive? > >> I believe it's an integer bitmask of the OPT_* values that are >> defined in imap/mailbox.h in the source. > >> The sparse documentation suggests it's for developer, rather than >> normal administrator use, maybe for rigging up tests? It's >> included in the imapd.conf man page because that man page is >> autogenerated from the code that processes the options. > >> Unless you've got something in particular you're trying to do, >> I'd probably just leave it alone. :) > > Okay, I do need it. I have a legacy server with Cyrus IMAPD 2.3.x > installed, and I need to enable the CONDSTORE flag by default on > all newly created mailboxes/subfolders. > > - From imap/mailbox.h: > > #define OPT_POP3_NEW_UIDL (1<<0) #define OPT_IMAP_CONDSTORE (1<<1) > #define OPT_IMAP_SHAREDSEEN (1<<2) #define OPT_IMAP_DUPDELIVER > (1<<3) > > And also: > > #define OFFSET_MAILBOX_OPTIONS 60 > > So given that POP3_NEW_UIDL appears to be on by default and the > others are all off, would the syntax be: > > (Offset int 60 + (1 << 1 = int 2) + (1 << 0 = int 1) = int 63) > > mailbox_default_options: 63 > > Am I on the right track? Okay, I figured it out in a test environment. The offset is a red herring and shouldn't be included, so the following does what I need: mailbox_default_options: 3 - Nels Lindquist -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEARECAAYFAlsIPH0ACgkQh6z5POoOLgQetQCdH35APGYoK9BtIB455amFfg/3 hUEAn2APWYfUif6EF3uSH0tYFr9yGUzn =R1dx -END PGP SIGNATURE- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: Syntax for mailbox_default_options
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2018/04/12 10:09 PM, ellie timoney wrote: >> On Fri, Apr 13, 2018, at 1:21 AM, Nels Lindquist wrote: The man >> page for imapd.conf has this to say regarding >> "mailbox_default_options": >> >>>> Default “options” field for the mailbox on create. You’ll >>>> want to know what you’re doing before setting this, but it >>>> can apply some default annotations like duplicate supression >> Well, I don't know what I'm doing and I'm not finding anything in >> the documentation (or Google) to help. >> >> What's the syntax for this directive? > I believe it's an integer bitmask of the OPT_* values that are > defined in imap/mailbox.h in the source. > > The sparse documentation suggests it's for developer, rather than > normal administrator use, maybe for rigging up tests? It's included > in the imapd.conf man page because that man page is autogenerated > from the code that processes the options. > > Unless you've got something in particular you're trying to do, I'd > probably just leave it alone. :) Okay, I do need it. I have a legacy server with Cyrus IMAPD 2.3.x installed, and I need to enable the CONDSTORE flag by default on all newly created mailboxes/subfolders. - From imap/mailbox.h: #define OPT_POP3_NEW_UIDL (1<<0) #define OPT_IMAP_CONDSTORE (1<<1) #define OPT_IMAP_SHAREDSEEN (1<<2) #define OPT_IMAP_DUPDELIVER (1<<3) And also: #define OFFSET_MAILBOX_OPTIONS 60 So given that POP3_NEW_UIDL appears to be on by default and the others are all off, would the syntax be: (Offset int 60 + (1 << 1 = int 2) + (1 << 0 = int 1) = int 63) mailbox_default_options: 63 Am I on the right track? Nels Lindquist -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEARECAAYFAlsEW7IACgkQh6z5POoOLgQPvQCeOqvesjl/sPGPbSs/xQJp9FsT cMsAni5oI3/7f43JE31k1wJCShc9cQyD =pGRz -END PGP SIGNATURE- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: Virtual domain admin login behaviour
On 2018/04/30 12:22 PM, Dan White wrote: > On 04/30/18 12:00 -0600, Nels Lindquist wrote: >> I have a mail server still running an older version of Cyrus IMAPD >> (version 2.3.16) on CentOS 6 with virtual domains, using OpenLDAP as >> an authentication backend with saslauthd for LOGIN/PLAIN when SSL/TLS >> is used. >> >> I recently set up a domain admin account for one of the virtual >> domains in order to facilitate transfer of mail from that domain to a >> different mail host, and while I was testing the setup I noticed some >> inconsistent behaviour. >> >> Using "imtest -m PLAIN -u u...@example.ca -a ad...@example.ca >> mail.example.ca", I'm successfully able to login. >> >> Executing ". list *.*" produces the expected list of u...@example.ca's >> INBOX and subfolders. >> >> Using "imtest -u u...@example.ca -a ad...@example.ca" (Note: no >> mechanism override) it defaults to using the LOGIN method rather than >> PLAIN, and I'm successfully able to log in. >> >> However, the ". list *.*" command now produces a list of every folder >> in the example.ca subdomain, not just the specified user's mailbox. >> >> Anyone know what's going on here? > > The LOGIN mech does not support proxy authentication: > > https://www.sendmail.org/~ca/email/cyrus2/mechanisms.html Ah, that makes perfect sense. Thanks! Nels Lindquist Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Virtual domain admin login behaviour
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I have a mail server still running an older version of Cyrus IMAPD (version 2.3.16) on CentOS 6 with virtual domains, using OpenLDAP as an authentication backend with saslauthd for LOGIN/PLAIN when SSL/TLS is used. I recently set up a domain admin account for one of the virtual domains in order to facilitate transfer of mail from that domain to a different mail host, and while I was testing the setup I noticed some inconsistent behaviour. Using "imtest -m PLAIN -u u...@example.ca -a ad...@example.ca mail.example.ca", I'm successfully able to login. Executing ". list *.*" produces the expected list of u...@example.ca's INBOX and subfolders. Using "imtest -u u...@example.ca -a ad...@example.ca" (Note: no mechanism override) it defaults to using the LOGIN method rather than PLAIN, and I'm successfully able to log in. However, the ". list *.*" command now produces a list of every folder in the example.ca subdomain, not just the specified user's mailbox. Anyone know what's going on here? Nels Lindquist | -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEARECAAYFAlrnWdMACgkQh6z5POoOLgQ0xwCfXrbgyjuw2Vcm7Dl1bhh67OqL qakAmgLaK/b5nIKucNFfSlDAD25yoVBf =E1iK -END PGP SIGNATURE- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Syntax for mailbox_default_options
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The man page for imapd.conf has this to say regarding "mailbox_default_options": > Default “options” field for the mailbox on create. You’ll want to > know what you’re doing before setting this, but it can apply some > default annotations like duplicate supression Well, I don't know what I'm doing and I'm not finding anything in the documentation (or Google) to help. What's the syntax for this directive? Thanks, Nels Lindquist -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEARECAAYFAlrPeXUACgkQh6z5POoOLgSseQCeMf84dZYsch4TEgyh1yp/nFxK jNkAnjkmipQpX840srzkAUhxOd0vYW2z =q9eN -END PGP SIGNATURE- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
SOLVED (was: Re: 2.5.10 autocreate on login not working?)
Okay I figured it out. I was working with the Kolab packages, and went back and checked their distributed .spec file again, and the --enable-autocreate option was not present in the configuration section. I added it, rebuilt the packages and now it's working as expected. My apologies for the wild goose chase! Nels Lindquist On 2016/12/12 1:04 PM, Nels Lindquist via Info-cyrus wrote: On 2016/12/12 4:06 AM, ellie timoney wrote: Any ideas? No, unfortunately. We have some basic syslog instructions (aimed at developers setting up a Cyrus development environment), but it sounds like you've probably got this stuff covered already. This was enough to get my dev setup running (Debian): http://cyrusimap.org/dev/imap/developer/installguide.html#setting-up-syslog Hopefully someone who's familiar with syslog as an admin rather than as a dev can chime in with some help here? That syslog setup for devs is pretty much identical to what I have set up, so I'm not sure why I'm not seeing anything related to autocreate in the logs. Are there any options for debug in imapd.conf, eg. a numeric parameter for different levels or sections of logging, or is it an all-or-nothing option? Nels Lindquist Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: 2.5.10 autocreate on login not working?
On 2016/12/12 4:06 AM, ellie timoney wrote: Any ideas? No, unfortunately. We have some basic syslog instructions (aimed at developers setting up a Cyrus development environment), but it sounds like you've probably got this stuff covered already. This was enough to get my dev setup running (Debian): http://cyrusimap.org/dev/imap/developer/installguide.html#setting-up-syslog Hopefully someone who's familiar with syslog as an admin rather than as a dev can chime in with some help here? That syslog setup for devs is pretty much identical to what I have set up, so I'm not sure why I'm not seeing anything related to autocreate in the logs. Are there any options for debug in imapd.conf, eg. a numeric parameter for different levels or sections of logging, or is it an all-or-nothing option? Nels Lindquist Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: 2.5.10 autocreate on login not working?
Hi, Ellie. On 2016/12/06 4:03 PM, ellie timoney via Info-cyrus wrote: The autocreate code in 2.5 is full of LOG_DEBUG syslogs -- I guess you don't have this turned on, or you're logging that log level to a different file. It would be helpful to see this output. I think you can turn this logging on in Cyrus by adding "debug: yes" to your imapd.conf. You might need to do something with your syslog configuration too -- it's been a while since I set this up myself and I don't remember the details offhand. Okay, I enabled debug in imapd.conf; I now see lots more detail in maillog regarding the construction of the SASL mech, but that's it. Has the syslog facility changed for 2.5.x? The documentation I could find references local6.debug, but I'm not getting any extra detail in the logfile I defined. Nels Lindquist Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: 2.5.10 autocreate on login not working?
Hi, Bron. On 2016/12/05 3:21 PM, Bron Gondwana via Info-cyrus wrote: Is there anything in syslog? Just the record of the login: Dec 6 17:44:10 rapier imap[13351]: login: rapier [198.50.220.242] nels DIGEST-MD5 User logged in SESSIONID= Or an encrypted session: Dec 6 17:47:57 rapier imap[13176]: login: rapier [198.50.220.242] nels DIGEST-MD5+TLS User logged in SESSIONID= Nels Lindquist On Tue, 6 Dec 2016, at 05:40, Nels Lindquist via Info-cyrus wrote: I'm experimenting with a build of 2.5.10 on CentOS 7 in preparation for upgrading from our installed 2.3.16 (built from Simon Mattar's RPMs). We rely on mailbox auto-creation functionality tied to LDAP authentication with virtual domain support; as long as the LDAP account exists the mailbox may be autocreated. As the autocreate patch has now been incorporated in 2.5, I was hoping it would work fairly seamlessly, but even after updating all the deprecated imapd.conf directives, I'm having trouble. I'm able to log in to IMAP successfully with an existing LDAP account, but a LIST command produces no output, and if I log in with cyradm the expected mailboxes are not present. I'm able to create mailboxes manually with cyradm and everything works as expected, but I really need autocreate to work. Here's the relevant section of my imapd.conf: virtdomains: yes defaultdomain: example.com username_tolower: yes lmtp_downcase_rcpt: yes autocreate_quota: 0 autocreate_quota_messages: 0 autocreate_inbox_folders: Drafts|Sent|Trash autocreate_subscribe_folders: Drafts|Sent|Trash autocreate_post: yes Anything I've done obviously wrong? Nels Lindquist Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
2.5.10 autocreate on login not working?
I'm experimenting with a build of 2.5.10 on CentOS 7 in preparation for upgrading from our installed 2.3.16 (built from Simon Mattar's RPMs). We rely on mailbox auto-creation functionality tied to LDAP authentication with virtual domain support; as long as the LDAP account exists the mailbox may be autocreated. As the autocreate patch has now been incorporated in 2.5, I was hoping it would work fairly seamlessly, but even after updating all the deprecated imapd.conf directives, I'm having trouble. I'm able to log in to IMAP successfully with an existing LDAP account, but a LIST command produces no output, and if I log in with cyradm the expected mailboxes are not present. I'm able to create mailboxes manually with cyradm and everything works as expected, but I really need autocreate to work. Here's the relevant section of my imapd.conf: virtdomains: yes defaultdomain: example.com username_tolower: yes lmtp_downcase_rcpt: yes autocreate_quota: 0 autocreate_quota_messages: 0 autocreate_inbox_folders: Drafts|Sent|Trash autocreate_subscribe_folders: Drafts|Sent|Trash autocreate_post: yes Anything I've done obviously wrong? Nels Lindquist Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: CentOS 6 repo dissappeared?
Hi, Merlin. On 2016/12/05 4:21 AM, Merlin Hartley via Info-cyrus wrote: Anyone? Am I the only person using this repo or something? This documentation needs updating if this is no longer supported! https://cyrusimap.org/imap/installation/obs.html#imap-installation-obs Perhaps I need to update my server to CentOS 7 - but I don’t really like forcing downtime on my users, so would need some planning :) Looks like the repository is completely empty, so I doubt upgrading to CentOS 7 would be much help to you. I've had some success with grabbing .spec files and other associated files directly from the Kolab Open Build System and rolling my own SRPM to build packages locally, but a repository would sure be nice! Nels Lindquist Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: 2.5.x RPMs from KolabSys?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Larry. On 8/3/2015 2:20 PM, Rosenbaum, Larry M. wrote: > If I go to this page: > > https://docs.cyrus.foundation/imap/installation/obs.html > > it seems to tell me I can follow one of the links to > obs.kolabsys.com and get a package to install the latest Cyrus > release. But if I follow the link, I can see all sorts of > information about cyrus-imapd packages except for how to download > one. Could somebody please point me in the right direction, or am I > misunderstanding the purpose of those links? Did you ever get any response to this, or figure it out on your own? I'm hunting for 2.5.x RPMs to play with as well. - Nels Lindquist -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.20 (MingW32) iEYEARECAAYFAla8yGMACgkQh6z5POoOLgQKqgCgwqIlc4Qw3/Hw8aHEb3OQuH2Y NBsAniy7qfErRRyYRwMEZTLs4f6Avjx6 =gZT2 -END PGP SIGNATURE- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: Using Roundcube with cyrus?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2/3/2015 6:20 AM, Patrick Goetz wrote: > Related question: what are people using for webmail these days? I > was shocked to see that php-horde isn't even packaged for Arch > linux. Using Horde (Groupware Webmail Edition 5.2.x) here. The Horde folks are recommending pear-based installation these days, so many distros (at least the ones I've looked at) seem to not bother packaging it. - -- Nels Lindquist -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.20 (MingW32) iEYEARECAAYFAlTTqVUACgkQh6z5POoOLgQZlQCggGpaqlDaWgH2pcSnzCvVGmy0 iKcAoJj3f4nYVG8wuvQe7kxY5S3DKkEq =PrmQ -END PGP SIGNATURE- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Syntax for reconstruct with virtual domains?
Hi there. I'm trying to figure out the syntax for recovering a single mailbox in a virtual domain using reconstruct with Cyrus 2.3.8 Ultimately, I'd like to move an entire mail spool from one server without virtual domains into a virtual domain on a new server, but I thought I should start small. reconstruct -rf [EMAIL PROTECTED] doesn't work unless the mailbox already exists, by which I mean that no output is produced and connecting with cyradm shows that the directory structure hasn't been integrated into the mailbox list. What am I missing? Thanks! Nels Lindquist Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Change in allowplaintext behaviour in 2.3.9?
Hi there. I understand that the default for "allowplaintext" is now off in 2.3.9, which seems like a perfectly fine change. However, I'm also noticing a behavioural change when allowplaintext is enabled. With 2.3.8 and "allowplaintext" on, PLAIN and LOGIN methods were only explicitly offered when a secure connection was present. I've upgraded to 2.3.9 (via Simon's RPM) and now "AUTH=PLAIN AUTH=LOGIN" are immediately offered even when no TLS/SSL encryption is enabled. Was this an intentional change? Nels Lindquist Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: SSL/TLS certificates with virtual domains
Hello again!
Goetz Babin-Ebell wrote:
> This question pops up occasionally in most list concerning SSL.
>
> You can only use one certificate for one IP address / port pair.
>
> If you have several IP addresses on your host,
> you can run several insances of cyrus to listen on
> the different IP addresses and every one of them having it's own
> certificate.
>
> If all of your servers share the same IP address it is not possible.
> If you have different IP addresses, use something like:
>
> cyrus.conf:
> SERVICES {
> imap cmd="imapd" listen="imap" prefork=1
> imaps cmd="imapd -s -C /etc/imapd1.conf" listen="192.168.0.1:imaps"
> prefork=0
> imaps cmd="imapd -s -C /etc/imapd2.conf" listen="192.168.0.2:imaps"
> prefork=0
Okay, I tried this, but something isn't working quite right.
When I use openssl s_client to test the connection I get:
CONNECTED(0003)
And then nothing. This happens intermittently on either or both addresses.
In my maillog, I see the following:
Aug 24 11:25:20 mail2 imaps[1919]: imaps TLS negotiation failed:
ip-66-51-100-217.tera-byte.com [66.51.100.217]
Aug 24 11:25:20 mail2 imaps[1919]: Fatal error: tls_start_servertls() failed
Aug 24 11:25:20 mail2 master[1793]: process 1919 exited, status 75
Aug 24 11:25:20 mail2 master[1793]: service imaps pid 1919 in BUSY
state: terminated abnormally
Any way I can turn up the logging and see what's wrong?
Nels Lindquist
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: SSL/TLS certificates with virtual domains
Goetz Babin-Ebell wrote:
> This question pops up occasionally in most list concerning SSL.
>
> You can only use one certificate for one IP address / port pair.
>
> If you have several IP addresses on your host,
> you can run several insances of cyrus to listen on
> the different IP addresses and every one of them having it's own
> certificate.
I do indeed have an IP address for each virtual host, so that should be
okay.
> If all of your servers share the same IP address it is not possible.
> If you have different IP addresses, use something like:
>
> cyrus.conf:
> SERVICES {
> imap cmd="imapd" listen="imap" prefork=1
> imaps cmd="imapd -s -C /etc/imapd1.conf" listen="192.168.0.1:imaps"
> prefork=0
> imaps cmd="imapd -s -C /etc/imapd2.conf" listen="192.168.0.2:imaps"
> prefork=0
How much configuration similarity does there have to be between the
different config files? Can I change anything except for the
tls_[*]_file directives?
Thanks very much for the information! I think this could work for us.
Nels Lindquist
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
SSL/TLS certificates with virtual domains
Hi, all. I'm configuring a Cyrus IMAPD server for a number of virtual domains, and I'm concerned about a potential issue with SSL/TLS for the virtual hosts, which is that I can't find a way of specifying different certificates for each virtual host. We strongly encourage users to use encryption, but I don't want mail clients throwing a certificate name mismatch error every time they connect to anything other than the default domain. I checked the docs/man pages/FAQ but haven't found a per-domain way of configuring different cert/key files. I'm hoping this functionality exists, but is as yet undocumented... I'm using version 2.3.8, if that makes any difference. Thanks! Nels Lindquist Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Replication question - cross replication?
Hi, folks. I'm setting up a high-availability mail server setup with two boxes that will essentially be mirrors of each other. If both are configured for local delivery, can I have them replicate each other if I utilize UUIDs? The idea would be to have identical copies of each mailbox on each machine, regardless of which one accepted the mail initially. Nels Lindquist Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Database errors
On 15 Dec 2005 at 11:27, Nels Lindquist wrote: > We're seeing the following errors in the logs: > > > Dec 15 11:25:06 aerodrome imap[17853]: DBERROR: skiplist recovery > > /var/lib/imap/user/n/nlindq.seen: ADD at BFCC exists > > Dec 15 11:25:06 aerodrome imap[17853]: DBERROR: opening > > /var/lib/imap/user/n/nlindq.seen: cyrusdb error > > The "read" flag for messages in all folders keeps getting reset as > well. Using the skiplist.py utility from this website: http://oss.netfarm.it/python-cyrus.php I was able to recover the *.seen skiplist files for the affected users. Nels Lindquist <*> Information Systems Manager Morningstar Air Express Inc. Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Database errors
We're seeing the following errors in the logs: > Dec 15 11:25:06 aerodrome imap[17853]: DBERROR: skiplist recovery > /var/lib/imap/user/n/nlindq.seen: ADD at BFCC exists > Dec 15 11:25:06 aerodrome imap[17853]: DBERROR: opening > /var/lib/imap/user/n/nlindq.seen: cyrusdb error The "read" flag for messages in all folders keeps getting reset as well. Nels Lindquist <*> Information Systems Manager Morningstar Air Express Inc. Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Using Procmail, Sendmail with Cyrus
On 16 Nov 2005 at 14:41, gui wrote: > I'm trying to use Procmail on my Sendmail/Cyrus server. > I'm using cyrus-imapd-2.2.12 and Sendmail 8.13.3on Freebsd 5.4, and want > to use procmail-3.22_6. > > I couldn't find much information on the web on how to use procmail. > My main objective is to get bsd vacation working - and this requires > procmail. > I need vacation because my webmail Horde needs it (cannot use sieve). I know this doesn't directly answer your question and you've figured out how to use procmail, but what version of Horde are you running? If you're using Horde V3, then the latest versions of Ingo most definitely support sieve directly, including vacation functionality. Nels Lindquist <*> Information Systems Manager Morningstar Air Express Inc. Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Inconsistent expunge performance
Sorry for the long delay in replying; things have been a wee bit hectic. On 18 Aug 2004 at 19:42, Ken Murchison wrote: > Nels Lindquist wrote: > > > Since upgrading to Cyrus IMAP 2.2.x, I've noticed some fairly extreme > > performance degradation when it comes to expunging deleted mail. > > Which 2.2.x version? It was version 2.2.3. I've now upgraded to 2.2.8, but it didn't seem to make much difference. > > This behaviour is inconsistent from folder to folder, but quite > > consistent WRT an individual folder. > > > > I haven't been able to find much of a pattern involving numbers of > > messages, ages of folders, etc. Some folders complete an expunge > > almost immediately, some take nearly five minutes while generating > > quite a high load on the server. > > Sounds like the folder may be corrupt, you are deleting a *lot* of > messages, or you may be running 2.2.4-2.2.7. How would I check for/recover from folder corruption? Some of the folders have lots of messages in them, though that doesn't seem to be a predictor for whether the expunge is slow or not (the same behaviour has been observed in folders with few messages). As for the number of messages I'm deleting, in the affected folders it's slow even if I'm trying to expunge only a single message. > > Is there some explanation for this? I've gone through the Wiki > > regarding DB backends and I seem to have everything set up according > > to the recommendations. Which database is most directly impacted by > > an "expunge" operation? > > None. The only files involved in an expunge are cyrus.index, > cyrus.cache, the message files, and the quota file (which in 2.2.4+ uses > the cyrusdb interface). I don't believe there are even quotas defined for the affected folders. > > Is there anything I can do to alleviate this > > problem? I tried putting imap/proc on tmpfs as discussed in the > > performance documentation, but it didn't make any difference for the > > expunge behaviour (though it would seem opening a folder is slightly > > faster). > > > > The server isn't very heavily loaded; there are less than 200 > > mailboxes and usually less than 20 concurrent users. IO shouldn't be > > a problem; the disk is 10,000 RPM SCSI. > > > > Any advice would be greatly appreciated! Nels Lindquist <*> Information Systems Manager Morningstar Air Express Inc. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Inconsistent expunge performance
Hi there. Since upgrading to Cyrus IMAP 2.2.x, I've noticed some fairly extreme performance degradation when it comes to expunging deleted mail. This behaviour is inconsistent from folder to folder, but quite consistent WRT an individual folder. I haven't been able to find much of a pattern involving numbers of messages, ages of folders, etc. Some folders complete an expunge almost immediately, some take nearly five minutes while generating quite a high load on the server. Is there some explanation for this? I've gone through the Wiki regarding DB backends and I seem to have everything set up according to the recommendations. Which database is most directly impacted by an "expunge" operation? Is there anything I can do to alleviate this problem? I tried putting imap/proc on tmpfs as discussed in the performance documentation, but it didn't make any difference for the expunge behaviour (though it would seem opening a folder is slightly faster). The server isn't very heavily loaded; there are less than 200 mailboxes and usually less than 20 concurrent users. IO shouldn't be a problem; the disk is 10,000 RPM SCSI. Any advice would be greatly appreciated! Nels Lindquist <*> Information Systems Manager Morningstar Air Express Inc. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: DB4 hosed on production server: Please help!!
Sorry, I failed to mention any relevant version information. o Running on Redhat 6.2 (I know, I know) with ext2 fs. Should I have done a "chattr +S" on the db files? The docs only mention user quota, etc. o Berkely DB 4.1.25, compiled from source o Cyrus SASL 2.1.17 o Cyrus IMAPD 2.2.3 Again, please CC replies to "[EMAIL PROTECTED]" Thank you! Nels Lindquist <*> Information Systems Manager Morningstar Air Express Inc. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
DB4 hosed on production server: Please help!!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Our production Cyrus server is down; please CC replies directly to me at "[EMAIL PROTECTED]" -- I can still get that mail, while my subscribed address mailstore is on the affected server. I tried a routine restart of our IMAP server this morning, but it would appear that db4 is toast, and ctl_cyrusdb isn't helping. I looked back in the logs and noticed these messages which first appeared yesterday morning: > Apr 21 03:34:13 aerodrome ctl_cyrusdb[23220]: DBERROR db4: > DB_LOGC->get: invalid log record header And here's what happened when I tried to restart the server: > Apr 22 10:06:55 aerodrome ctl_cyrusdb[28465]: DBERROR db4: > DB_ENV->log_flush: LSN past current end-of-log > Apr 22 10:06:55 aerodrome ctl_cyrusdb[28465]: DBERROR db4: > /usr/lib/imap/deliver.db: unable to flush page: 0 > Apr 22 10:06:55 aerodrome ctl_cyrusdb[28465]: DBERROR db4: > txn_checkpoint: failed to flush the buffer cache Invalid argument > Apr 22 10:06:55 aerodrome ctl_cyrusdb[28465]: DBERROR: couldn't > checkpoint: Invalid argument > Apr 22 10:06:55 aerodrome ctl_cyrusdb[28465]: DBERROR: sync > /usr/lib/imap/db: cyrusdb error > Apr 22 10:07:36 aerodrome master[28548]: setrlimit: Unable to set file > descriptors limit to 2147483647: Operation not permitted > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28550]: DBERROR db4: > DB_ENV->log_flush: LSN past current end-of-log > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28550]: DBERROR db4: > /usr/lib/imap/deliver.db: unable to flush page: 0 > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28550]: DBERROR db4: > txn_checkpoint: failed to flush the buffer cache Invalid argument > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28550]: DBERROR db4: PANIC: > Invalid argument > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28550]: DBERROR: critical > database situation > Apr 22 10:07:36 aerodrome master[28548]: process 28550 exited, status > 75 > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28556]: DBERROR db4: fatal > region error detected; run recovery > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28556]: DBERROR: dbenv->open > '/usr/lib/imap/db' failed: DB_RUNRECOVERY: Fatal error, run database > recovery > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28556]: DBERROR: init() on > berkeley > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28556]: DBERROR db4: > txn_checkpoint interface requires an environment configured for the > transaction subsystem > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28556]: DBERROR: couldn't > checkpoint: Invalid argument > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28556]: DBERROR: sync > /usr/lib/imap/db: cyrusdb error > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28556]: DBERROR db4: > DB_ENV->log_archive interface requires an environment configured for > the logging subsystem > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28556]: DBERROR: error listing > log files: Invalid argument > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28556]: DBERROR: archive > /usr/lib/imap/db: cyrusdb error > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28556]: DBERROR db4: > txn_checkpoint interface requires an environment configured for the > transaction subsystem > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28556]: DBERROR: couldn't > checkpoint: Invalid argument > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28556]: DBERROR: sync > /usr/lib/imap/db: cyrusdb error > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28556]: DBERROR db4: > DB_ENV->log_archive interface requires an environment configured for > the logging subsystem > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28556]: DBERROR: error listing > log files: Invalid argument > Apr 22 10:07:36 aerodrome ctl_cyrusdb[28556]: DBERROR: archive > /usr/lib/imap/db: cyrusdb error Running "ctl_cyrusdb -r" manually as the cyrus user does the same thing. How can I fix this and get my server back up? How can I prevent this from happening again? Please help! - Nels Lindquist <*> Information Systems Manager Morningstar Air Express Inc. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (MingW32) iD8DBQFAh/q+bxRqvNchgLQRApzxAJ9hvbGOhd95b6kDy4vF94B+zl3JVACgofJo gSjCHoz0a5kbpfiCB3ocJ5U= =YdhC -END PGP SIGNATURE- --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Is smmapd required for local recipient verification?
Hi there. I'm trying to enable recipient verification at the MTA (Sendmail 8.12.11) level so I can reject mail (mostly viruses) addressed to nonexistent recipients. I'm using Cyrus IMAP v2.0.17 on my primary mail store, which is on the same box as the MTA. Currently, sendmail accepts the message even if there is no cyrus mailbox defined for the recipient, and then attempts delivery via LMTP. Since the recipient doesn't exist, the delivery fails and Sendmail generates a bounce message which is queued and a copy generated for the postmaster. Is there some way to configure the MTA/LMTP interaction to check for local recipients during the SMTP conversation instead? My Google searching produced the possibility of adding 'w' to CYRUSV2_MAILER_FLAGS before building sendmail.cf, and when I tried it on my test installation (Cyrus IMAPD v2.1.16) it seemed to work just fine. However, when I enabled this flag for v2.0.17, *all* local mail was rejected whether the cyrus account existed or not. Am I on the right track? Can I even do what I want to do with v2.0.17, or is it necessary to upgrade to v2.1 or even 2.2 for smmapd support? Thanks for any assistance! Nels Lindquist <*> Information Systems Manager Morningstar Air Express Inc. --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Fwd: pre-login buffer overflow in Cyrus IMAP server
On 3 Dec 2002 at 9:57, Steve Wright wrote: > The message below is forwarded from bugtraq. > I've not seen any discussion of this, is an official fix available ? > The "semi-exploit" shown does indeed segfault imapd processes on my Debian > (sid) boxes. I'd imagine there should be patches for 1.6.24 and 2.0.16, as well as 2.1.10. Nels Lindquist <*> Information Systems Manager Morningstar Air Express Inc.
