How to get last logged in time
How do I come to know when a user last logged on to the server using either a pop/Imap client Thanks Ram NETCORE SOLUTIONS *** Ph: +91 22 5662 8000 Fax: +91 22 5662 8134 MailServ and FlexiMail: Messaging Solutions: http://netcore.co.in Pragatee: Integrated Server-Software Suite: http://www.pragatee.com Emergic Freedom: Server-centric Computing: http://www.emergic.com BlogStreet: Blog Profiles and RSS Ecosystem: http://blogstreet.com Deeshaa: Rural Development: http://www.deeshaa.com Rajesh Jain's Weblog on Technology: http://www.emergic.org
Re: hardware for cyrus murder
On Mon, 2003-11-10 at 18:19, Giridhar Raichur wrote:
We are in the process of converting UW Imap to Cyrus Imap. We have about
10K users using about 100K mailboxes. We anticipate the number of users
to increase to 15K.
I looked at http://asg.web.cmu.edu/cyrus/ocnfig.html that describes
Cyrus Configuration for murder hardware. What is not clear to me is the
basis for determining the number of frontend servers and backend
servers. I would appreciate any help or pointers to additional
documentation.
well, the number of mailboxes should not be of any concern, the expected
load is the key.
on one site i had a cyrus imapd running with 700k users on a single
server without any stability problems. well, i had no load on that
machine at all.
on another site i'm running a cyrus murder with 2 frontends and 2
backends handling about 30k users. we have ldap daemons on the backend
used for user authentication/mail routing and mtas on the frontends
handling smtp.
this system handles an average of 8 pop3/imap4 logins per second and
4000 lmtp deliveries per hour.
but it reaches its limits in very busy hours. usually the cyrus internal
authentication begins to fail. backends and mupdate slaves can no longer
authenticate to the mupdate master and frontend services fail to
authenticate to the locally running mupdate slaves.
we are scaling now by moving the mtas to dedicated servers and by
removing the mail routing load from the backend ldap daemons.
hth,
tom.
--
Thomas Duke Hager {duke,[EMAIL PROTECTED]
GPG: 1024D/D27F858Chttp://www.sigsegv.at/gpg/duke.gpg
=
Never Underestimate the Power of Stupid People in Large Groups.
signature.asc
Description: This is a digitally signed message part
Re: GURU advise seeked, 'permission denied' while creating mailbox
- Original Message - From: jokke heikkila [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, November 11, 2003 2:42 PM Subject: GURU advise seeked, 'permission denied' while creating mailbox I keep hitting my head to the wall with this one. I've installed cyrus-postfix-mysql setup under debian box and everything else seems to work as shoud except the mailbox creation. I keep getting 'permission denied' whatever I try and now I'm out of ideas. Below are snippets of two ways I've tried to create the mailboxes. Couple of things came in my mind: Do you have file and directory permissions set so that they are writable by the user cyrus? Is user cyrus set up in the cyrus config as the one with administrative privileges? -Reko
Re: GURU advise seeked, 'permission denied' while creating mailbox
Lainaus Reko Turja [EMAIL PROTECTED]: Couple of things came in my mind: Do you have file and directory permissions set so that they are writable by the user cyrus? Yep, the directory structure is created with mkimap while logged in as user cyrus and looking thru the dirs shows that all are owned by cyrus:mail and permissions set to 755 Is user cyrus set up in the cyrus config as the one with administrative privileges? yes it is. -Reko
Re: GURU advise seeked, 'permission denied' while creating mailbox
May seem trivial, but does:
admins: cyrus
exist in your have your imapd.conf ?
B
jokke heikkila wrote:
I keep hitting my head to the wall with this one. I've installed
cyrus-postfix-mysql setup under debian box and everything else seems to work as
shoud except the mailbox creation. I keep getting 'permission denied' whatever I
try and now I'm out of ideas. Below are snippets of two ways I've tried to
create the mailboxes.
--with cyradm--
tahko:/root$ cyradm --user cyrus localhost
IMAP Password:
tahko lm
tahko cm magnusborg0001/mailbox
createmailbox: Permission denied
tahko quit
--with imtest--
tahko:/root$ imtest -u cyrus -a cyrus localhost
S: * OK tahko.magnusborg.fi Cyrus IMAP4 v2.1.11 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE
UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT
THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS
S: C01 OK Completed
Please enter your password:
C: L01 LOGIN cyrus {6}
S: + go ahead
C: omitted
S: L01 OK User logged in
Authenticated.
Security strength factor: 0
. create magnusborg0001.cyrus
. NO Permission denied
SASL works beatifully, so does web-cyradm except for creating the mailbox. Any
ideas what could be the cause.
Debian woody
Postfix 2.0.16
cyrus-imapd-2.1.11
cyrus-sasl-2.1.10
jokke h.
--
Robert Scussel
1024D/BAF70959/0036 B19E 86CE 181D 0912 5FCC 92D8 1EA1 BAF7 0959
Re: GURU advise seeked, 'permission denied' while creating mailbox
Please let me take my foot out of my mouth and say 'Do'h!! I *THOUGHT* I had cyrus as admin user in imapd.conf but well, someone :~) had added few extra letters to that line and it was something else. Anyway, now things are ok, and thanks for pointing out the too obvious thing. jokke h.
Re: hardware for cyrus murder
On Tue, Nov 11, 2003 at 11:02:09AM +0100, Thomas Hager wrote: on another site i'm running a cyrus murder with 2 frontends and 2 backends handling about 30k users. we have ldap daemons on the backend used for user authentication/mail routing and mtas on the frontends handling smtp. this system handles an average of 8 pop3/imap4 logins per second and 4000 lmtp deliveries per hour. but it reaches its limits in very busy hours. usually the cyrus internal authentication begins to fail. backends and mupdate slaves can no longer authenticate to the mupdate master and frontend services fail to authenticate to the locally running mupdate slaves. we are scaling now by moving the mtas to dedicated servers and by removing the mail routing load from the backend ldap daemons. Very interesting ... I am building a Murder whee we expect a similar load. Could you expand a bit on the hardware used ? Are these machine mostly IO, memory or CPU bound ? Do you have a dedicated MUPDATE master, or the master run on a frontend ? What exactly is failing in the authentication process ? Are you authenticating users via saslauthd ? Have you traced the reason why authentication to the mupdate master fail ? Your experiences could be very valuable to me; I would be very glad if you could share some of them. Thanks ! -- Etienne GoyerLinux Québec Technologies Inc. http://www.LinuxQuebec.com [EMAIL PROTECTED]
Re: hardware for cyrus murder
On Tue, 11 Nov 2003, Etienne Goyer wrote: but it reaches its limits in very busy hours. usually the cyrus internal authentication begins to fail. backends and mupdate slaves can no longer Looks like an overloaded LDAP backend to me... I've seen this enough on our systems that I use sasldb+ldap, with all internal users (cyrus admins, etc) in sasldb, and the real users in ldap Your experiences could be very valuable to me; I would be very glad if you could share some of them. MTAs on other hosts (to free up IO) were a big help here. We just ship the messages thorugh TCP/IP lmtp from the MTA hubs to the mail store... -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh
Re: hardware for cyrus murder
On Tue, Nov 11, 2003 at 01:26:58PM -0200, Henrique de Moraes Holschuh wrote: On Tue, 11 Nov 2003, Etienne Goyer wrote: but it reaches its limits in very busy hours. usually the cyrus internal authentication begins to fail. backends and mupdate slaves can no longer Looks like an overloaded LDAP backend to me... I've seen this enough on our systems that I use sasldb+ldap, with all internal users (cyrus admins, etc) in sasldb, and the real users in ldap Exactly what we planned on doing too. Did it made a big difference to you to have internal (i guess admin, proxy and mupdate) users in sasldb? MTAs on other hosts (to free up IO) were a big help here. We just ship the messages thorugh TCP/IP lmtp from the MTA hubs to the mail store... We planned on running multiple MTA, one by frontend (2), to get some redundancy. I'll keep the idea in mind, in case the frontend choke up. -- Etienne GoyerLinux Québec Technologies Inc. http://www.LinuxQuebec.com [EMAIL PROTECTED]
no partition found
Hi, i tried to export a users mailbox onto a new Machine. I copied the directory user/name to the new machine and dumped the ACL to a textfile using ctl_mboxlist -d. Importing the ACLs with ctl_mboxlist -u didn't work. It complains about no partition found The partition-default: in imapd.conf is set to /var/imap Any Ideas? TIA Michael Siebenborn
Re: hardware for cyrus murder
On Tue, 2003-11-11 at 16:26, Henrique de Moraes Holschuh wrote:
Looks like an overloaded LDAP backend to me...
I've seen this enough on our systems that I use sasldb+ldap, with all
internal users (cyrus admins, etc) in sasldb, and the real users in ldap
that's exactly our current setup.
MTAs on other hosts (to free up IO) were a big help here. We just ship the
messages thorugh TCP/IP lmtp from the MTA hubs to the mail store...
and that's what we plan to do :)
tom.
--
Thomas Duke Hager {duke,[EMAIL PROTECTED]
GPG: 1024D/D27F858Chttp://www.sigsegv.at/gpg/duke.gpg
=
Never Underestimate the Power of Stupid People in Large Groups.
signature.asc
Description: This is a digitally signed message part
Re: hardware for cyrus murder
On Tue, 2003-11-11 at 15:23, Etienne Goyer wrote:
Very interesting ... I am building a Murder whee we expect a similar
load. Could you expand a bit on the hardware used ?
we use compaq dl360g3 on all machines. they are equipped with 2x Intel
Xeon 2.8GHz and 2GB RAM. 4 70GB hdds are configured as 2 raid0 devices.
one holds the message store, the other holds the system partitions.
Are these machine
mostly IO, memory or CPU bound ?
IO bound. both cpus are 80%-90% idle. memory usage is moderate.
Do you have a dedicated MUPDATE
master, or the master run on a frontend ?
no, the mupdate master is running on a frontend.
What exactly is failing in
the authentication process ?
i'm using the digest-md5 mechanism for cyrus internal authentication.
under high load, the mupdate daemon rejects logins and logs:
mupdate[18306]: badlogin: host[ip] DIGEST-MD5 SASL(-13): authentication
failure: nonce changed: authentication aborted
Are you authenticating users via
saslauthd ?
mailbox users are authenticated via saslauthd against the ldap servers,
no problems here.
murder authentication is done with DIGEST-MD5 and sasldb.
Have you traced the reason why authentication to the
mupdate master fail ?
no, not yet.
Your experiences could be very valuable to me; I would be very glad if
you could share some of them.
anytime!
hth,
tom!
--
Thomas Duke Hager {duke,[EMAIL PROTECTED]
GPG: 1024D/D27F858Chttp://www.sigsegv.at/gpg/duke.gpg
=
Never Underestimate the Power of Stupid People in Large Groups.
signature.asc
Description: This is a digitally signed message part
Re: no partition found
Michael Siebenborn wrote: Hi, i tried to export a users mailbox onto a new Machine. I copied the directory user/name to the new machine and dumped the ACL to a textfile using ctl_mboxlist -d. Importing the ACLs with ctl_mboxlist -u didn't work. It complains about no partition found The partition-default: in imapd.conf is set to /var/imap Did the old machine have multiple partitions? If so, the mailboxes.db entries contain this partition. You'll either have to add this partition to your new box, or edit the textfile and replace the partition names with 'default'. -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp
Re: hardware for cyrus murder
On Tue, 2003-11-11 at 16:54, Etienne Goyer wrote:
Exactly what we planned on doing too. Did it made a big difference to
you to have internal (i guess admin, proxy and mupdate) users in sasldb?
as i said previously, we have no problems at all with external users
authenticated via saslauthd.
our internal users in sasldb are not authenticated correctly.
We planned on running multiple MTA, one by frontend (2), to get some
redundancy. I'll keep the idea in mind, in case the frontend choke up.
we plan to run 4 mtas, 2 handling incoming traffic, 2 for outgoing
traffic, with ldap slaves on each mta.
the mtas will use these ldap slaves for mail routing, which leaves the
cyrus backend ldaps for user authentication.
tom.
--
Thomas Duke Hager {duke,[EMAIL PROTECTED]
GPG: 1024D/D27F858Chttp://www.sigsegv.at/gpg/duke.gpg
=
Never Underestimate the Power of Stupid People in Large Groups.
signature.asc
Description: This is a digitally signed message part
hey
56B4yU 40 3H0cd BG7N7Qp4 gi 8u0 0f6bS Xt058i48Y 00 287x25 cl4fCOW 1rq8452m pMP44 31Hf1TciN D1O65 r2 210 s222qx11V 3YQK2 4SR D2A0P10 84RHP3Nca t0Y 1644 6210 8n 0DNx wU8IL44c2 5e7M Bony6py 444q68Us 16PT0 6iH40K 6MG04s003 IY p31U1 6rqTLw p5 v5f03a 4q3 0P0A 8l582tT24 s1U3 032 ck55 JXi88j8U4 7x60 I)BEcLqEjTKE 145tcX83 834ObR b22664J3 R3I2 riH0 0yef8 Dl2o2PmQ 2gw j8G00 Llk 0OPwuL47S H4Y 122Mu44g V7m O2NP 6L05 852ObS5 2p2Q61 fFF B36 j4 O2PV qUn4 61 2W7Xg34p 34nPTHU f2JLt67 dG F6 628
Re: no partition found
i tried to export a users mailbox onto a new Machine. I copied the directory user/name to the new machine and dumped the ACL to a textfile using ctl_mboxlist -d. Importing the ACLs with ctl_mboxlist -u didn't work. It complains about no partition found The partition-default: in imapd.conf is set to /var/imap Did the old machine have multiple partitions? No, it has only 1 partition and it is set to partition-default: /raid/imapd I created /raid/imap on the new machine but this didn't work. If so, the mailboxes.db entries contain this partition. I haven't exported this file. I only have a copy of the Mailbox Directory and the Dump from ctl_mboxlist -d You'll either have to add this partition to your new box, or edit the textfile and replace the partition names with 'default'. Which textfile? The ctl_mboxlist Dump? It doesn't contain the partitions Name. Thanx, Michael Siebenborn
Re: hardware for cyrus murder
We planned on running multiple MTA, one by frontend (2), to get some redundancy. I'll keep the idea in mind, in case the frontend choke up. we plan to run 4 mtas, 2 handling incoming traffic, 2 for outgoing traffic, with ldap slaves on each mta. the mtas will use these ldap slaves for mail routing, which leaves the cyrus backend ldaps for user authentication. That's exactly what I'm doing here. Almost every MTA and the cyrus servers have their own LDAP replica. I had some problems years ago when the central and only LDAP Master hung from time to time. Now, every service is configured to use it's local replica and another one as fallback. Enlarging the cachesizes in OpenLDAP has also helped alot. Simon
Re: hardware for cyrus murder
On Tue, 2003-11-11 at 16:54, Etienne Goyer wrote:
Exactly what we planned on doing too. Did it made a big difference to
you to have internal (i guess admin, proxy and mupdate) users in sasldb?
as i said previously, we have no problems at all with external users
authenticated via saslauthd.
our internal users in sasldb are not authenticated correctly.
We planned on running multiple MTA, one by frontend (2), to get some
redundancy. I'll keep the idea in mind, in case the frontend choke up.
we plan to run 4 mtas, 2 handling incoming traffic, 2 for outgoing
traffic, with ldap slaves on each mta.
the mtas will use these ldap slaves for mail routing, which leaves the
cyrus backend ldaps for user authentication.
tom.
--
Thomas Duke Hager {duke,[EMAIL PROTECTED]
GPG: 1024D/D27F858Chttp://www.sigsegv.at/gpg/duke.gpg
Never
Underestimate the Power of Stupid People in Large Groups.
Re: How to get last logged in time
Ramprasad A Padmanabhan said: How do I come to know when a user last logged on to the server using either a pop/Imap client man fud fud (finger user daemon ?) is what you probably are looking for. there is a sample client in the contrib directory too. cu romeo
deletemailbox: System I/O error
Hi! I try to delete not existed mailbox from mail system, and read: --- localhost sam user.vvs cyrus +c localhost lam user.vvs vvs lrswipcda cyrus lrswipcda localhost dm user.vvs deletemailbox: System I/O error --- As my fault, I remove some mail messages from user mailbox (/var/spool/imap/user/vvs) manually. Where I can manually delete this user? -- Best Regards, Denis I. Morozov --- TSAACE Network Administrator Key fingerprint = 365D 04F2 A90A 764C DE4F F7ED B2A2 CF78 D38C D5C8 mailto: [EMAIL PROTECTED]
