Re: Courier-imap on 4.2 stable
On Nov 30, 2007 8:40 AM, Steve Shockley <[EMAIL PROTECTED]> wrote: > Please try the following: > > http://shockley.net/OpenBSD/courier-imap-4.3.0.diff > http://shockley.net/OpenBSD/courier-authlib-0.60.2.diff > > It's been lightly tested on amd64. > > Looks good on i386 to me, and so far things seem to be quite a bit snappier than the 4.1.x and .58 combo. Haven't investigated precisely why just yet, but some of the mega large folders I have that used to cause much teeth gnashing whilst they loaded seem to be loading *much* faster... at least so far. :-) Thanks, Steve, for putting together these patches. Kevin -- http://www.ebiinc.com - Background Screening from EBI Leaders in corporate background checks, worldwide.
Re: Courier-imap on 4.2 stable
Steve Shockley wrote:
http://shockley.net/OpenBSD/courier-imap-4.3.0.diff
http://shockley.net/OpenBSD/courier-authlib-0.60.2.diff
It's been lightly tested on amd64.
Both apply cleanly and both run properly here when restarted.
In your diff,
mkdir -p /var/run/courier{,-auth}/
if [ -x /usr/local/sbin/authdaemond ]; then
echo -n ' authdaemon'; /usr/local/sbin/authdaemond start
if [ -x /usr/local/libexec/imapd.rc ]; then
echo -n ' imap';
/usr/local/libexec/imapd-ssl.rc start
fi
if [ -x /usr/local/libexec/imapd-ssl.rc ]; then
echo -n ' imap-ssl';
/usr/local/libexec/imapd-ssl.rc start
fi
fi
I fully agree at removing my silly comments. But you might still comment
on the difference imap / imap-over-ssl; and not necessarily start both.
Plus, there is a copy error: of course for imapd.rc the command needs to
be '/usr/local/libexec/imapd.rc start' (without the -ssl).
Uwe
Re: Courier-imap on 4.2 stable
Steve Shockley wrote: Why would you want to delete imapd.pem? Then your users have to install a new cert. I think current (3.x) versions of Thunderbird will refuse to connect. Want ? probably not needed, but gets us going at following the instructions. New cert is very much in order, since by default it lasts 12 months only. If I do it now, fine. If I don't, I have to dig up the whole lot over a short period. Here the version is still at 2.x (2.0.0.4), and it flawlessly took over even without shutting down. The users only had to (once again) accept the new cert. Uwe
Re: Courier-imap on 4.2 stable
Uwe Dippel wrote: New cert is very much in order, since by default it lasts 12 months only. If I do it now, fine. If I don't, I have to dig up the whole lot over a short period. Well, a correcter way of doing it if you're doing self-signed certs is to create a longer-lasting root cert and use that to sign other certs, and install the root cert on the clients once. I don't want to encourage my users to get used to clicking "Yes" on the cert warning, that partially negates the point of using SSL.
Re: Courier-imap on 4.2 stable
Please try the following: http://shockley.net/OpenBSD/courier-imap-4.3.0.diff http://shockley.net/OpenBSD/courier-authlib-0.60.2.diff It's been lightly tested on amd64.
Re: Courier-imap on 4.2 stable
Uwe Dippel wrote: > pkg_add -ui -F update -F updatedepends > failed me with the following: I sent an update to the maintainer, but it's timed out. I'll try to fix these and send it to [EMAIL PROTECTED] The latter alas is already wrong. There is no /etc/courier/courier/. It is simply /etc/courier. I had fixed this in my update. It still fails, though, because /etc/ssl/private/imapd.pem exists. Delete it. Why would you want to delete imapd.pem? Then your users have to install a new cert. I think current (3.x) versions of Thunderbird will refuse to connect. To control the daemon use /usr/local/libexec/imapd.rc and /usr/local/libexec/imapd-ssl.rc, and to run the authdaemon, place the following in /etc/rc.local: Thanks, I've updated this in my local version and I'll post a diff later today.
Courier-imap on 4.2 stable
I permit myself to post this here, in case someone else has a need to know.
pkg_add -ui -F update -F updatedepends
failed me with the following:
Collision: the following files already exist
/usr/local/sbin/courierlogger (courier-imap-3.0.5p4)
/usr/sbin/pkg_add: fatal issues in installing courier-authlib-0.58p3
Same result with pkg_add courier-authlib-0.58p3.
Only chance out:
# pkg_delete courier-imap
Warning: obsolete construct: @ignore
/usr/sbin/pkg_delete: Can't read /usr/local/man/man1/courierlogger.1
courier-imap-3.0.5p4: complete
# pkg_add courier-authlib-0.58p3
courier-authlib-0.58p3:
complete
--- courier-authlib-0.58p3 ---
Sample configuration files are installed in /etc/courier/.
# pkg_add courier-imap
courier-imap-4.1.1p2:
complete
--- courier-imap-4.1.1p2 ---
You now need to edit appropriately the Courier-IMAP configuration files
installed in /etc/courier/courier/.
The latter alas is already wrong. There is no /etc/courier/courier/. It
is simply /etc/courier.
(It is true, you need to set CN, though)
When this
is done, you can use the 'mkimapdcert' script to automatically generate
a server certificate, which is installed into /etc/ssl/private/imapd.pem
this better reads /usr/local/sbin/mkimapdcert because the directory is
not in the path.
It still fails, though, because /etc/ssl/private/imapd.pem exists.
Delete it.
The following
To control the daemon use /usr/local/libexec/imapd.rc and
/usr/local/libexec/imapd-ssl.rc, and to run the authdaemon, place the
following in /etc/rc.local:
mkdir -p /var/run/courier{,-auth}/
/usr/local/sbin/authdaemond start
is not quite complete. /usr/local/libexec/imapd.rc also needs to be
'start'ed,
and it could be helpful to point this out.
Here the whole lot looks like
# we need subdirectories for the PIDs
mkdir -p /var/run/courier{,-auth}
# we start the authentication daemon
if [ -x /usr/local/sbin/authdaemond ]; then
echo -n ' authdaemon'; /usr/local/sbin/authdaemond start
# no authentication - no SSL
if [ -x /usr/local/libexec/imapd-ssl.rc ]; then
echo -n ' imap-ssl';
/usr/local/libexec/imapd-ssl.rc start
fi
fi
If you do an upgrade on a production box, like here, this might be helpful
and saves you from some inconveniences, like when your imapd doesn't
start. ;)
Uwe
