Advice on transition
I currently have an olde version of cyrus working: name : Cyrus version: v2.0.16 vendor : Project Cyrus support-url: http://asg.web.cmu.edu/cyrus os : Linux os-version : 2.4.18-4GB environment: Cyrus SASL 1.5.27 Sleepycat Software: Berkeley DB 4.0.14: (November 18, 2001) OpenSSL 0.9.6c [engine] 21 dec 2001 name : Cyrus IMAPD version: v2.1.9 2002/08/30 18:40:23 vendor : Project Cyrus support-url: http://asg.web.cmu.edu/cyrus os : Linux os-version : 2.4.19-4GB environment: Cyrus SASL 2.1.7 Sleepycat Software: Berkeley DB 4.0.14: (September 9, 2002) OpenSSL 0.9.6g [engine] 9 Aug 2002 CMU Sieve 2.2 DRAC mmap = shared lock = fcntl nonblock = fcntl auth = unix idle = poll mboxlist.db = skiplist subs.db = flat seen.db = flat duplicate.db = db3-nosync tls.db = db3-nosync There are about 150 users and 4 Gbytes of mail on the server. I have built a newer version on a different box: name : Cyrus IMAPD version: v2.1.9 2002/08/30 18:40:23 vendor : Project Cyrus support-url: http://asg.web.cmu.edu/cyrus os : Linux os-version : 2.4.19-4GB environment: Cyrus SASL 2.1.7 Sleepycat Software: Berkeley DB 4.0.14: (September 9, 2002) OpenSSL 0.9.6g [engine] 9 Aug 2002 CMU Sieve 2.2 DRAC mmap = shared lock = fcntl nonblock = fcntl auth = unix idle = poll mboxlist.db = skiplist subs.db = flat seen.db = flat duplicate.db = db3-nosync tls.db = db3-nosync I am using PAM ldap on both boxes. I need to: 1. Move one test users existing email over from the old box to the new box for testing purposes 2. Move everyone's email over from the old box to the new box I don't think I understand the best way to do this. Could someone either outline the procedure or point me to documentation. What I saw in the cyrus docs didn't seem to help a lot for this, but perhaps I was looking in the wrong place. Many thanks for any advice. John Lederer
Re: Advice on transition
There are actual multiple ways to do this. From what I understand you have 2 boxes, one the original server, and a new one. You may want to do this in two stages. Cyrus provides a lot of tools to upgrade between versions. That being said, you may want to replicate Cyrus-2.0.16 on the new box, and then synch everything over, test, and then upgrade. I typically upgrade by specifying the prefix to be /usr/cyrus-version, then soft link /usr/cyrus - /usr/cyrus-version. This allows you to back out on most changes without wipeing out your current install. Hope this helps, B John Lederer wrote: I currently have an olde version of cyrus working: name : Cyrus version: v2.0.16 vendor : Project Cyrus support-url: http://asg.web.cmu.edu/cyrus os : Linux os-version : 2.4.18-4GB environment: Cyrus SASL 1.5.27 Sleepycat Software: Berkeley DB 4.0.14: (November 18, 2001) OpenSSL 0.9.6c [engine] 21 dec 2001 name : Cyrus IMAPD version: v2.1.9 2002/08/30 18:40:23 vendor : Project Cyrus support-url: http://asg.web.cmu.edu/cyrus os : Linux os-version : 2.4.19-4GB environment: Cyrus SASL 2.1.7 Sleepycat Software: Berkeley DB 4.0.14: (September 9, 2002) OpenSSL 0.9.6g [engine] 9 Aug 2002 CMU Sieve 2.2 DRAC mmap = shared lock = fcntl nonblock = fcntl auth = unix idle = poll mboxlist.db = skiplist subs.db = flat seen.db = flat duplicate.db = db3-nosync tls.db = db3-nosync There are about 150 users and 4 Gbytes of mail on the server. I have built a newer version on a different box: name : Cyrus IMAPD version: v2.1.9 2002/08/30 18:40:23 vendor : Project Cyrus support-url: http://asg.web.cmu.edu/cyrus os : Linux os-version : 2.4.19-4GB environment: Cyrus SASL 2.1.7 Sleepycat Software: Berkeley DB 4.0.14: (September 9, 2002) OpenSSL 0.9.6g [engine] 9 Aug 2002 CMU Sieve 2.2 DRAC mmap = shared lock = fcntl nonblock = fcntl auth = unix idle = poll mboxlist.db = skiplist subs.db = flat seen.db = flat duplicate.db = db3-nosync tls.db = db3-nosync I am using PAM ldap on both boxes. I need to: 1. Move one test users existing email over from the old box to the new box for testing purposes 2. Move everyone's email over from the old box to the new box I don't think I understand the best way to do this. Could someone either outline the procedure or point me to documentation. What I saw in the cyrus docs didn't seem to help a lot for this, but perhaps I was looking in the wrong place. Many thanks for any advice. John Lederer -- Robert Scussel 1024D/BAF70959/0036 B19E 86CE 181D 0912 5FCC 92D8 1EA1 BAF7 0959
Two questions on MUPDATE
Greeting, We are presently considering the use of a Cyrus imapd Murder for a somewhat large installtion (12K mbox now, expected to grow to 100K somewhen in the future). I would have two questions. First, the installation we are planning must support both POP (legacy) and IMAP. Since the mailboxes will be spread on at least two imapd backend, we will have a problem presenting a unified POP access. The obvious solution would be to have different user use different POP server, depending where their mailbox are located. This is quite inelegant and would complicate user support. Is there any other way ? One solution I could envision would be to have a MUPDATE-aware POP proxy. People connect to the proxy, the proxy resolve the user mailbox location via MUPDATE and serve the client request from that server. Does such a thing exist ? Pointer to alternate solution are welcome. Second, for this project, we have been called to make the OSS proposition. Our proposition (using Cyrus imapd and the Murder technologie) will be competing with solution from other vendor. Considering that the burden of proof always weight more on the OSS and Free Software shoulder and that Cyrus imapd Murder is a relatively recent technologie, it would be good for us to point to other successful deplyement of that technologie. If you know of or are responsible for large scale installation (a few 10K mailboxes or more) of Cyrus imapd Murder, I would like to hear about you. If you prefer not to discuss your experiences on the list, you are welcome to contact me out-of-band. I already know about the CMU installation; a second or third exemple would be very nice. Thank you very much for your answer; all input are appreciated. Regards, -- Etienne GoyerLinux Québec Technologies Inc. http://www.LinuxQuebec.com [EMAIL PROTECTED] PGP Pub Key: http://www.LinuxQuebec.com/pubkeys/eg.key Fingerprint: F569 0394 098A FC70 B572 5D20 3129 3D86 8FD5 C853
Another question about MUPDATE server
Greeting again, I would have another question concerning MUPDATE. The white-paper on Cyrus imapd Murder hinted about the possibility(1) of having your MUPDATE server replicating. If it is available, I would like to replicate the MUPDATE server for both scalability and automatic failover, somewhat like what is possible with OpenLDAP using slurpd. Is this part of Cyrus imapd current distribution or planned for future developpement ? (1) As seen on http://asg.web.cmu.edu/cyrus/ag.html, section 3.1 : The MUPDATE master server will be able to handle the load from the front end and back end servers. Scaling the MUPDATE master server to a large collection of clients is yet not considered, but as the MUPDATE protocol allows for slave server to act as replicas, it is theoretically possible to reduce the load of read operatons against the master to a very low level. Regards, -- Etienne GoyerLinux Québec Technologies Inc. http://www.LinuxQuebec.com [EMAIL PROTECTED] PGP Pub Key: http://www.LinuxQuebec.com/pubkeys/eg.key Fingerprint: F569 0394 098A FC70 B572 5D20 3129 3D86 8FD5 C853
Re: Advice on transition
The biggest thing when upgrading this way is if you change the type of layout that you want (ie. fullhashdir, etc.) however, since the distribution has tools to change things around (tools/rehash), I have found that converting the mailboxes a few times will not break anything too severely :) That being said, we usually transfer directories and such using rsync over ssh. Depending on what downtime you can incur for the change out, you may want to set up rsync server, or find another way to transfer over the 4GB (with rsync you are looking at about 1-2 hours over the network (with ssh, possibly faster with just an rsync daemon). However, once the initial transfer is done (which can be done without taking the first server down) you can take down server 1, do an rsync to make sure everything is good in ~5-10 min, and then bring up server2. The important thing is to make sure that you turn off the MTA, this will force incoming mail to get a hard bounce, and either go to the backup mx's or try again for 24-72 hours, which means that people's mail won't be lost while you mess with things. I really think that trying to move and convert in one step may cause more difficulties than it is worth, but many of the steps I mention above will work either way. If all else fails, you can always fail back to server1. Hope this helps, B John Lederer wrote: Robert Scussel wrote: There are actual multiple ways to do this. From what I understand you have 2 boxes, one the original server, and a new one. You may want to do this in two stages. Cyrus provides a lot of tools to upgrade between versions. That being said, you may want to replicate Cyrus-2.0.16 on the new box, and then synch everything over, test, and then upgrade. I typically upgrade by specifying the prefix to be /usr/cyrus-version, then soft link /usr/cyrus - /usr/cyrus-version. This allows you to back out on most changes without wipeing out your current install. That multiple ways may be what I need! I am ignorant and slow and almost always hit complications in my ignorance. I do not trust the speed at which I could upgrade 2.0 to 2.1. Since I would have to shut down email while I did the upgrade So what I would really prefer would be some way to copy the mailboxes then insert here magical way to convert mailboxes from 2.0 setup to 2.1 setup. John John -- Robert Scussel 1024D/BAF70959/0036 B19E 86CE 181D 0912 5FCC 92D8 1EA1 BAF7 0959
Re: Two questions on MUPDATE
On Fri, 21 Feb 2003, Etienne Goyer wrote: First, the installation we are planning must support both POP (legacy) and IMAP. Since the mailboxes will be spread on at least two imapd backend, we will have a problem presenting a unified POP access. The obvious solution would be to have different user use different POP server, depending where their mailbox are located. This is quite inelegant and would complicate user support. Is there any other way ? One solution I could envision would be to have a MUPDATE-aware POP proxy. People connect to the proxy, the proxy resolve the user mailbox location via MUPDATE and serve the client request from that server. Does such a thing exist ? Pointer to alternate solution are welcome. You mean pop3proxyd? That said, be sure you're using the murder for the right reasons. If you don't need a uniform mailbox namespace, you might want to consider perdition (and a similar POP proxy) instead of the Aggregator. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: Advice on transition
Robert Scussel wrote: There are actual multiple ways to do this. From what I understand you have 2 boxes, one the original server, and a new one. You may want to do this in two stages. Cyrus provides a lot of tools to upgrade between versions. That being said, you may want to replicate Cyrus-2.0.16 on the new box, and then synch everything over, test, and then upgrade. I typically upgrade by specifying the prefix to be /usr/cyrus-version, then soft link /usr/cyrus - /usr/cyrus-version. This allows you to back out on most changes without wipeing out your current install. That multiple ways may be what I need! I am ignorant and slow and almost always hit complications in my ignorance. I do not trust the speed at which I could upgrade 2.0 to 2.1. Since I would have to shut down email while I did the upgrade So what I would really prefer would be some way to copy the mailboxes then insert here magical way to convert mailboxes from 2.0 setup to 2.1 setup. John John
Re: Another question about MUPDATE server
On Fri, 21 Feb 2003, Etienne Goyer wrote: I would have another question concerning MUPDATE. The white-paper on Cyrus imapd Murder hinted about the possibility(1) of having your MUPDATE server replicating. If it is available, I would like to replicate the MUPDATE server for both scalability and automatic failover, somewhat like what is possible with OpenLDAP using slurpd. Is this part of Cyrus imapd current distribution or planned for future developpement ? The whole point of mupdate is the replication, so this is definately present in the current code. It won't give you any automatic failover though since there is only one mupdate master. There are some consistancy issues with using the slaves as authoritative sources, however. Presumably, work could be done to make the database more of a traditional replicated database (akin to ubik), but we didn't have an immediate need for that, so simplicity was prefered. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
slow mailbox creation
Salutations, We are seeing slow mailbox creation times and are wondering how unusual this might be for our configuration. Presently it takes about 4 wall-clock seconds to create a mailbox. The machine running cyrus is a Sun V880 with 6 CPU's, around 8gigs free RAM, and has 120k mailboxes (mailboxes.db is skiplist). It sees 2,000 concurrent imap connections, about 10 sustained imap logins per second, and about 200,000 lmtp delivery operations per day. The metadata (/var/cyrus/imap) is mounted with UFS logging on a Sun Enterprise T3 that presently does nothing but serve out the metadata. This is where mailboxes.db lives. This computer seems happy and fast in all respects, except for mailbox creations (4 seconds) and deletions (about 2 seconds) and ACL updates (2 seconds). A truss of an imapd that creates a mailbox and then deletes it reveals 75 iterations of this: stat(/var/cyrus/imap/mailboxes.db, 0xFFBED3D0) = 0 fcntl(5, F_SETLKW, 0xFFBED448) = 0 fcntl(5, F_SETLKW, 0xFFBEE870) = 0 fstat(5, 0xFFBEE998)= 0 Any ideas? -- David PowickiNetwork Analyst OIT Network Services Voice: 413.545.1605 Fax: 413.545.3203University of Massachusetts email: [EMAIL PROTECTED] Amherst, MA 01003-4640
LMTPD problems
Would the LOGFILE statement go into the .procmailrc recipe? Also, I have MIMEDefang (calling SpamAssassin and ClamAV virus scanner). Here are some of the headers that get added to all of our mail. X-Scanned-By: MIMEDefang 2.28 (www . roaringpenguin . com / mimedefang) X-Spam-Status: No, hits=-1.6 required=6.0 tests=EMAIL_ATTRIBUTION,IN_REP_TO,KNOWN_MAILING_LIST,MONTH_TRIAL, NO_REAL_NAME,QUOTED_EMAIL_TEXT,SPAM_PHRASE_00_01, USER_AGENT_PINE version=2.43 X-Spam-Level: X-UIDL: Ao~!!'Y~!!c2M!'7^! It seems to me LMTPD is rejecting the messages because of header problems. Though I can not find any logging lmtpd does. I next tried disabling MIMEDefang, took it out of my sendmail.mc remade sendmail.cf, and I still can not get LMTPD to deliver a message into the message store. Are there any know issues between cyrus and mimedefang? I really don't want Cyrus doing any validation for me. I simply want it to deliver the [EMAIL PROTECTED]@#$_ messages into the mailstores.. is there a way to turn off all of the message/header validation checks? I'm really pulling my hair out over this. This _should_ be that difficult. I'm must have done something fundamentally wrong in my installation. Any help would be greatly appreciated. Thanks, Jim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Dave O Sent: Thursday, February 20, 2003 6:59 PM To: James Miller Cc: [EMAIL PROTECTED] Subject: RE: deliver problems One thing you can try is to log what procmail does with a directive like this: LOGFILE=/var/log/mail/procmail.log which might give you some useful information. You could also try delivering the mail to a standard mbox file and examining it to see if theres any other bogus headers that might be causing cyrus to choke. Good luck. Dave On Thu, 20 Feb 2003, James Miller wrote: Thank you for the suggestion. I added the formail line to the .procmailrc, but I still am not getting an of the messages delivered to the mailbox. I'm not even seeing procmail even calling /usr/cyrus/deliver in my mail logs (we use procmail for alot of other things -- mainly spam checking). I'm sure I'm missing something stupid. Is there anything else that I could be missing? Thanks again =) Jim -Original Message- From: Dave O [mailto:[EMAIL PROTECTED] Sent: Thursday, February 20, 2003 4:22 PM To: James Miller Subject: Re: deliver problems Hi, I just answered another guy a few days ago with the same exact problem. Put this at the top of your procmailrc: :0hfw | /usr/bin/formail -I 'From ' the problem is the From ... header added by your MTA. Dave On Thu, 20 Feb 2003, James Miller wrote: Hi all, I'm having trouble using /usr/cyrus/deliver for delivering mail to mailstore.And am hoping someone else has run into this problem before. I'm sure it's something stupid on my part. While testing, I'm using procmail to deliver new messages. Here's the .procmailrc receipt I'm using: -- LOGNAME = $1 EXTENSION = $2 :0 w * EXTENSION ?? . | /usr/cyrus/bin/deliver -a $LOGNAME -e -q -m $EXTENSTION -- $LOGNAME # If no Extension we try this :0 wE | /usr/cyrus/bin/deliver -a $LOGNAME -e -q -- $LOGNAME # Whichever one we tried, failed EXITCODE = $? HOST --- When I send a message it gets bounced back with the following errors: The original message was received at Thu, 20 Feb 2003 11:44:13 -0600 from NTAdmin.simutronics.com [198.83.204.82] - The following addresses had permanent fatal errors - |/usr/cyrus/bin/deliver -m user.admin admin (reason: Data format error) (expanded from: [EMAIL PROTECTED]) - Transcript of session follows - admin+user.admin: Message contains invalid header 501 5.6.0 Data format error The original message was received at Thu, 20 Feb 2003 11:40:21 -0600 from NTAdmin.simutronics.com [198.83.204.82] - The following addresses had permanent fatal errors - |/usr/cyrus/bin/deliver -m user.admin admin (reason: Data format error) (expanded from: [EMAIL PROTECTED]) - Transcript of session follows - 553 5.0.0 |/usr/cyrus/bin/deliver -m user.admin admin... Unbalanced '' admin+user.admin: Message contains invalid header 501 5.6.0 Data format error
Re: LMTPD problems
On Fri, 21 Feb 2003, James Miller wrote: Are there any know issues between cyrus and mimedefang? I run cyrus, sendmail, and MIMEDefang. I use the cyrusv2 mailer though, I don't use procmail. I've used it with procmail too, but it's been a while... ( and yes, the LOGFILE= part would go in the rc file. ) Jason -- Jason Englander [EMAIL PROTECTED] 394F 7E02 C105 7268 777A 3F5A 0AC0 C618 0675 80CA
Re: LMTPD problems
James Miller wrote: Would the LOGFILE statement go into the .procmailrc recipe? Also, I have MIMEDefang (calling SpamAssassin and ClamAV virus scanner). Here are some of the headers that get added to all of our mail. X-Scanned-By: MIMEDefang 2.28 (www . roaringpenguin . com / mimedefang) X-Spam-Status: No, hits=-1.6 required=6.0 tests=EMAIL_ATTRIBUTION,IN_REP_TO,KNOWN_MAILING_LIST,MONTH_TRIAL, NO_REAL_NAME,QUOTED_EMAIL_TEXT,SPAM_PHRASE_00_01, USER_AGENT_PINE version=2.43 X-Spam-Level: X-UIDL: Ao~!!'Y~!!c2M!'7^! It seems to me LMTPD is rejecting the messages because of header problems. Though I can not find any logging lmtpd does. I next tried disabling MIMEDefang, took it out of my sendmail.mc remade sendmail.cf, and I still can not get LMTPD to deliver a message into the message store. Are there any know issues between cyrus and mimedefang? I really don't want Cyrus doing any validation for me. I simply want it to deliver the [EMAIL PROTECTED]@#$_ messages into the mailstores.. is there a way to turn off all of the message/header validation checks? The only validation that Cyrus does is make sure that the message is RFC 2822 compliant. You can't turn it off, and you shouldn't have to. I'm really pulling my hair out over this. This _should_ be that difficult. I'm must have done something fundamentally wrong in my installation. Any help would be greatly appreciated. You're trying to bite off too much at one time. The first thing that I would do is make sure that lmtpd will accept and deliver a message. If lmtpd is listening on a TCP port, telnet to it. If its listening on a UNIX domain socket, login as the cyrus user and run 'deliver -l' (lowercase 'L'). Then: mail from:foo rcpt to:bar data from:foo to:bar subject: lmtpd test body text . quit This should put a message into bar's INBOX (assuming that you don't have a sieve script which changes the disposition). If this works, then your problem is outside of lmtpd. -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp
Re: slow mailbox creation
Date: Fri, 21 Feb 2003 12:30:21 -0500 (EST) From: David A Powicki [EMAIL PROTECTED] [...] This computer seems happy and fast in all respects, except for mailbox creations (4 seconds) and deletions (about 2 seconds) and ACL updates (2 seconds). A truss of an imapd that creates a mailbox and then deletes it reveals 75 iterations of this: Are these the only system calls that are getting iterated? ** If you were seeing: fcntl(5, F_SETLKW, 0xFFBEE870) = 0 fstat(5, 0xFFBEE998) = 0 stat(/var/cyrus/imap/mailboxes.db, 0xFFBED3D0) = 0 fcntl(5, F_SETLKW, 0xFFBED448) = 0 open(...) dup(...) I'd diagnose as following: This iteration is unusual. What is happening is that the process is getting an exclusive lock on mailboxes.db and then making sure it has the latest copy of the file. (It compares the inode of the file descriptor is has locked with the inode of the mailboxes.db file.) If it is iterating these system calls, it's discovering that some other process has replaced mailboxes.db ** The next question is: what's actually taking the time? Use truss -D instead of just truss. This will get you times on the fsync()s, which may be taking substantial fractions of a second. We've noticed a bug with some Solaris setups where fsync() times gradually climb until they're untolerable. Remounting the filesystem without logging and then with logging again seems to clear this bogus behavior. In fact, on our frontend systems (which are the ones that are suspectible to this) we have a cronjob that runs the following once a day: --- #!/bin/sh /usr/sbin/mount -o remount,noatime / /usr/sbin/mount -o remount,noatime,logging / --- Our backend systems use vxfs and don't seem to suffer from this problem. fsyncs should take fractions of a second, not multiple seconds. Another possibility (we haven't tested this in production) is to change use_osync from 0 to 1 in cyrusdb_skiplist.c. Some benchmarks I've done show this to yield better performance on Solaris (but not Linux). Larry
Re: LMTPD problems
On 21 Feb 2003, James Miller writes: Would the LOGFILE statement go into the .procmailrc recipe? Yes. Running the command man procmailrc will provide more details, if you need them. It seems to me LMTPD is rejecting the messages because of header problems. Only because what you are sending to lmtpd is not a valid message. lmtpd won't care about the *content* of headers (other than if they contain illegal 8bit chars), only the syntax of the message. Are there any know issues between cyrus and mimedefang? That combination works fine here. But I'm not adding procmail to the mix. I really don't want Cyrus doing any validation for me. Then you'd end up with a mailstore containing invalid messages, and later on clients would choke on them... better by far to reject invalid mail before it gets into the mailstore, surely! There are good reasons why RFCs for mail exist. I simply want it to deliver the [EMAIL PROTECTED]@#$_ messages into the mailstores.. is there a way to turn off all of the message/header validation checks? AFAIK, there aren't any checks per se other than for 8 bit chars. It's just that you need to give lmtpd a valid mail message to work with. IMO it is 100% reasonable for an LMTP daemon to insist that you feed it only correctly formatted messages, and to reject those which are bad. I suggest doing this one step at a time. 1) Can you deliver hand-created correctly formatted messages to cyrus via lmtpd (via deliver -l)? For example: 11:29:14 [EMAIL PROTECTED]:/home/jonathan# /usr/libexec/cyrus/deliver -l 220 testing.net LMTP Cyrus v2.2.prealpha-GRC-RPM-2.2-cvs.20030115 ready lhlo junk 250-testing.net 250-8BITMIME 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-SIZE 250-AUTH EXTERNAL 250 IGNOREQUOTA MAIL FROM: [EMAIL PROTECTED] 501 5.5.4 Syntax error in parameters mail from:[EMAIL PROTECTED] 250 2.1.0 ok rcpt to:[EMAIL PROTECTED] 250 2.1.5 ok data 354 go ahead Subject: test a test . 250 2.1.5 Ok quit 221 2.0.0 bye 11:34:46 [EMAIL PROTECTED]:/home/jonathan# If that works, then lmtpd is doing its job. If not, then forget procmail and MIMEdefang and all that other stuff, and get lmtpd working first. If you wish, at this stage you can try providing more and more complex messages with various headers (after the data command) and see which ones are valid and which ones are not. 2) Configure your MTA to just deliver mail to cyrus via LMTP. No procmail, no antivirus stuff, just deliver the [EMAIL PROTECTED]@#$_ messages as you put it! Does *that* work? 3) Add MIMEdefang as a sendmail milter or whatever other way you call it at your site. Does *that* work? 4) Add procmail. Does *that* work? If you proceed stepwise like this, it will be a lot easier to determine where the problem lies. The chances are high that some of your mail processing is resulting in invalid messages, which lmtpd then (correctly) rejects. Jonathan -- Jonathan Marsden| Internet: [EMAIL PROTECTED] | Making electronic 1252 Judson Street | Phone: +1 (909) 795-3877 | communications work Redlands, CA 92374 | Fax: +1 (909) 795-0327 | reliably for Christian USA | http://www.xc.org/jonathan| missions worldwide
beginner's question
hi there, I've installed Suse 8.1 professional and decided to go from uw imap with shadow authentication to the cyrus server that ship with suse. Well, the thing is: I can't log me in. Although Cyrus is up and running (telnet localhost imap: cyrus imap4 2.1.9 server ready), when I try e.g. LOGIN cyrus, it will say LOGIN BAD please login first. I checked that sasl is running (rcsaslauthd start) and ps -aux will report me 5 saslauthd -a pam. Also, i gave cyrus a sasl1 as well as sasl2-entry in the db, using saslpasswd -c cyrus and saslpasswd2 -c cyrus. Anyway, NO LOGIN IS ACCEPTED. imtest -u cyrus localhost also prompts me for a password, but when i enter the pwd, it will say S: A01 NO Error authenticating Authentication failes. generic failure Security strength factor: 128 Two more things to mention: in /etc/imapd.conf, the pwcheck is stated to be sasl_pwcheck_method:saslauthd and my Suse-Cyrus seems to be compiled as if it would not accept shadow-auth, so please don't ask me to trigger that on. Is this thing trying to authenticate me on sasl or what? is my entry in the sasldb sufficient or do i have to type that somekind of pam frontend? Is there maybe even a default password for the first configuration? Where is the logfile that tells me why those login-attempts have failed? thanks in advance, Jochen
Re: beginner's question
To be clear about this, you did create an account within Cyrus's db using cyradm, not just a system account correct? - Original Message - From: Jochen Stärk [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, February 21, 2003 3:44 PM Subject: beginner's question hi there, I've installed Suse 8.1 professional and decided to go from uw imap with shadow authentication to the cyrus server that ship with suse. Well, the thing is: I can't log me in. Although Cyrus is up and running (telnet localhost imap: cyrus imap4 2.1.9 server ready), when I try e.g. LOGIN cyrus, it will say LOGIN BAD please login first. I checked that sasl is running (rcsaslauthd start) and ps -aux will report me 5 saslauthd -a pam. Also, i gave cyrus a sasl1 as well as sasl2-entry in the db, using saslpasswd -c cyrus and saslpasswd2 -c cyrus. Anyway, NO LOGIN IS ACCEPTED. imtest -u cyrus localhost also prompts me for a password, but when i enter the pwd, it will say S: A01 NO Error authenticating Authentication failes. generic failure Security strength factor: 128 Two more things to mention: in /etc/imapd.conf, the pwcheck is stated to be sasl_pwcheck_method:saslauthd and my Suse-Cyrus seems to be compiled as if it would not accept shadow-auth, so please don't ask me to trigger that on. Is this thing trying to authenticate me on sasl or what? is my entry in the sasldb sufficient or do i have to type that somekind of pam frontend? Is there maybe even a default password for the first configuration? Where is the logfile that tells me why those login-attempts have failed? thanks in advance, Jochen
Re: beginner's question
thing is: I can't log me in. Although Cyrus is up and running (telnet localhost imap: cyrus imap4 2.1.9 server ready), when I try e.g. LOGIN cyrus, it will say LOGIN BAD please login first. Just to be very clear, you can't just send LOGIN user pass and hope it works, you have to follow the IMAP protocol. Include a command tag at the beginning. For more detail, see RFC2060. If you're already doing this, er, then ignore this message ;) a01 LOGIN youruser yourpass success or failure a02 LOGOUT -- Chris Hilts [EMAIL PROTECTED]
user unable to create sub-folders
Hello, i've just set up v2.1.12 on a RedHat 8.0 system using sasl2. I've created a single user (urban) using cyradm, and now I'm using Mozilla 1.0.1 (the client) as MUA to test. The client is connecting to the IMAP server using TLS sucessfully. When the client tries to create the Drafts or Sent folders however, the operation fails. It seems to me that the client should be able to do this. cyradm says: = localhost lm user.urban (\HasNoChildren) localhost lam user.urban urban lrswipcda in imapd.log I see: == Feb 22 04:16:29 bingo imapd[27855]: open: user urban opened INBOX Feb 22 04:17:18 bingo imapd[27855]: myfetch: starting txn 2147483657 Feb 22 04:17:18 bingo imapd[27855]: abort_txn: aborting txn 2147483657 Feb 22 04:18:47 bingo master[27843]: process 27847 exited, status 0 and in configdirectory/log/urban/PID I see === -- urban Sat Feb 22 04:16:29 2003 10458837894 select INBOX 1045883789* FLAGS (\Answered \Flagged \Draft \Deleted \Seen) * OK [PERMANENTFLAGS (\Answered \Flagged \Draft \Deleted \Seen \*)] * 0 EXISTS * 0 RECENT * OK [UIDVALIDITY 1045842775] * OK [UIDNEXT 1] 4 OK [READ-WRITE] Completed 10458838385 list Sent 10458838385 OK Completed (0.000 secs 1 calls) 10458838386 create Sent 10458838386 NO Permission denied 10458842257 noop 10458842257 OK Completed 10458848258 noop 10458848258 OK Completed anyone have an idea? thanks, Rob Urban
Re: user unable to create sub-folders
Hi Robert, I believe that the CREATE is actually being tried at the top level, and not under INBOX. Cyrus stores all of its users' email under INBOX. Try setting your inbox root to INBOX in your client... Cove On Friday, February 21, 2003, at 07:44 PM, Robert Urban wrote: Hello, i've just set up v2.1.12 on a RedHat 8.0 system using sasl2. I've created a single user (urban) using cyradm, and now I'm using Mozilla 1.0.1 (the client) as MUA to test. The client is connecting to the IMAP server using TLS sucessfully. When the client tries to create the Drafts or Sent folders however, the operation fails. It seems to me that the client should be able to do this. cyradm says: = localhost lm user.urban (\HasNoChildren) localhost lam user.urban urban lrswipcda in imapd.log I see: == Feb 22 04:16:29 bingo imapd[27855]: open: user urban opened INBOX Feb 22 04:17:18 bingo imapd[27855]: myfetch: starting txn 2147483657 Feb 22 04:17:18 bingo imapd[27855]: abort_txn: aborting txn 2147483657 Feb 22 04:18:47 bingo master[27843]: process 27847 exited, status 0 and in configdirectory/log/urban/PID I see === -- urban Sat Feb 22 04:16:29 2003 10458837894 select INBOX 1045883789* FLAGS (\Answered \Flagged \Draft \Deleted \Seen) * OK [PERMANENTFLAGS (\Answered \Flagged \Draft \Deleted \Seen \*)] * 0 EXISTS * 0 RECENT * OK [UIDVALIDITY 1045842775] * OK [UIDNEXT 1] 4 OK [READ-WRITE] Completed 10458838385 list Sent 10458838385 OK Completed (0.000 secs 1 calls) 10458838386 create Sent 10458838386 NO Permission denied 10458842257 noop 10458842257 OK Completed 10458848258 noop 10458848258 OK Completed anyone have an idea? thanks, Rob Urban