Re: Bug with rename INBOX -> INBOX.blah and replication
Bron Gondwana wrote: On Mon, 04 Dec 2006 19:42:52 -0500, "Ken Murchison" <[EMAIL PROTECTED]> said: Hi Rob, This is already a known problem (bug #2727?). I haven't come up with a "clean" fix yet, although I haven't thought about it much. My reading of this is that it affects SEEN state generally, not just replication. Would that be correct? I'm thinking SEEN is the only thing actually likely to be affected. Yes, \Seen state can eventually get screwed . -- Kenneth Murchison Systems Programmer Project Cyrus Developer/Maintainer Carnegie Mellon University Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Bug with rename INBOX -> INBOX.blah and replication
On Mon, 04 Dec 2006 19:42:52 -0500, "Ken Murchison" <[EMAIL PROTECTED]> said: > Hi Rob, > > This is already a known problem (bug #2727?). I haven't come up with a > "clean" fix yet, although I haven't thought about it much. My reading of this is that it affects SEEN state generally, not just replication. Would that be correct? I'm thinking SEEN is the only thing actually likely to be affected. It's a bit of a pain to find all copies referring to it as well, unfortunately. I can see the logic in making the uniqueid go with the rename, so that seen information is retained for all other users. Hmm... Bron. -- Bron Gondwana [EMAIL PROTECTED] Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Bug with rename INBOX -> INBOX.blah and replication
Robert Mueller wrote: Hi Ken There's a bug with replication and renaming INBOX -> INBOX.blah. From http://www.ietf.org/rfc/rfc3501.txt: Renaming INBOX is permitted, and has special behavior. It moves all messages in INBOX to a new mailbox with the given name, leaving INBOX empty. If the server implementation supports inferior hierarchical names of INBOX, these are unaffected by a rename of INBOX. Doing this in cyrus succeeds: . rename INBOX INBOX.blah . OK Completed But causes replication to bail out: Dec 4 19:33:26 imap3 slot309/sync_client[32088]: RENAME received NO response: Rename failed user.pinguser254 -> user.pinguser254.blah: Operation is not supported on mailbox Dec 4 19:33:26 imap3 slot309/sync_client[32088]: do_folders(): failed to rename: user.pinguser254 -> user.pinguser254.blah Dec 4 19:33:26 imap3 slot309/sync_client[32088]: Error in do_sync(): bailing out! Neither does a sync_client -u fix it: $ sudo -u cyrus ~cyrus/bin/sync_client -C /etc/imapd-slot309.conf -v -u pinguser254 USER pinguser254 Error from do_user(-C): bailing out! Looks like this is because the new mailbox has the same internal unique id as INBOX, which causes the other end to get confused on the renaming of it. It seems to me the solution is to give the new mailbox a new unique id? Hi Rob, This is already a known problem (bug #2727?). I haven't come up with a "clean" fix yet, although I haven't thought about it much. -- Kenneth Murchison Systems Programmer Project Cyrus Developer/Maintainer Carnegie Mellon University Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Bounces on local delivery
This usually happens because the lmtp connection got out of sync somehow. There was a bug in older postfix's about this: http://archives.neohapsis.com/archives/postfix/2004-04/1731.html I haven't seen the problem since then since Wietse fixed it, but I'd try setting lmtp_cache_connect=no in your config and see if that helps. Rob - Original Message - From: "Andrés Tarallo" <[EMAIL PROTECTED]> To: Sent: Tuesday, December 05, 2006 12:07 AM Subject: Bounces on local delivery In one of our serveres we found bouces in local delivery, cyrus 2.2.12 and Postfix2.2.9. The problem happends randomly: sometimes a mail is not delivered to a mailbox. Then we get this error: Dec 4 10:41:15 mail-server postfix/lmtp[24330]: E9BEA3B04EC: to=<[EMAIL PROTECTED]>, orig_to=<[EMAIL PROTECTED]>, relay=/var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp], delay=1, status=bounced (host /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp] said: 250 2.1.5 ok (in reply to DATA command)) We retry and we success delivering to that mailbox. A/P Andres Tarallo WD&B Consultores Montevideo - Uruguay Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Bug with rename INBOX -> INBOX.blah and replication
Hi Ken There's a bug with replication and renaming INBOX -> INBOX.blah. From http://www.ietf.org/rfc/rfc3501.txt: Renaming INBOX is permitted, and has special behavior. It moves all messages in INBOX to a new mailbox with the given name, leaving INBOX empty. If the server implementation supports inferior hierarchical names of INBOX, these are unaffected by a rename of INBOX. Doing this in cyrus succeeds: . rename INBOX INBOX.blah . OK Completed But causes replication to bail out: Dec 4 19:33:26 imap3 slot309/sync_client[32088]: RENAME received NO response: Rename failed user.pinguser254 -> user.pinguser254.blah: Operation is not supported on mailbox Dec 4 19:33:26 imap3 slot309/sync_client[32088]: do_folders(): failed to rename: user.pinguser254 -> user.pinguser254.blah Dec 4 19:33:26 imap3 slot309/sync_client[32088]: Error in do_sync(): bailing out! Neither does a sync_client -u fix it: $ sudo -u cyrus ~cyrus/bin/sync_client -C /etc/imapd-slot309.conf -v -u pinguser254 USER pinguser254 Error from do_user(-C): bailing out! Looks like this is because the new mailbox has the same internal unique id as INBOX, which causes the other end to get confused on the renaming of it. It seems to me the solution is to give the new mailbox a new unique id? Rob Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
RE: how to backup a cyrus server?
I have found a link to a process that might be helpful: http://cyrusimap.web.cmu.edu/twiki/bin/view/Cyrus/Backup Aside from this, we have done it the old fashion way: tar & zip on a live system late at night. We just had a major server failure on 10/25/2006 which we were able to recover from. Since this worked we most likely will go with this (Knock on wood), but the above is a bit more streamlined (rsync). -Bob From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rafael Mahecha Sent: Monday, December 04, 2006 4:50 PM To: info-cyrus@lists.andrew.cmu.edu Subject: how to backup a cyrus server? I recently moved all my users from proprietary wemail (using local sendmail) to latest cyrus and sendmail using lmtp. I used to use tivoli to backup the old server (which was ok since no data bases were involved)... but since cyrus has databases and such, I am concern about file-locking and database corruption. What is the best way to back up the server? shutdown cyrus for a while, then snap shot it, and then back up to tivoli or should I just be able to back up the running server directly to tivoli? what other software can I use to backup? Thanks : Rafael Mahecha Email / Systems Administrator JSU OIM - Web Services [EMAIL PROTECTED] http://www.jsums.edu : Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: how to backup a cyrus server?
On Mon, 4 Dec 2006, Rafael Mahecha wrote: I recently moved all my users from proprietary wemail (using local sendmail) to latest cyrus and sendmail using lmtp. I used to use tivoli to backup the old server (which was ok since no data bases were involved)... but since cyrus has databases and such, I am concern about file-locking and database corruption. What is the best way to back up the server? shutdown cyrus for a while, then snap shot it, and then back up to tivoli or should I just be able to back up the running server directly to tivoli? what other software can I use to backup? Check out the Cyrus Wiki page at: http://cyrusimap.web.cmu.edu/twiki/bin/view/Cyrus/Backup Most people just make a regular backup of the filesystem using whatever tools they normally use. The only "trick" is to export your mailboxes.db to a flat text file in order to back it up (which you should be doing periodically anyways). It is probably not worth the downtime to actually shutdown Cyrus in order to get a consistent backup of the entire mail spool. So what if a few files change while the backup is happening? Unless you have really unreliable hardware, you'll create more downtime doing the backups than you'll ever prevent by having a consistent backup. :) Andy Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
how to backup a cyrus server?
I recently moved all my users from proprietary wemail (using local sendmail) to latest cyrus and sendmail using lmtp. I used to use tivoli to backup the old server (which was ok since no data bases were involved)... but since cyrus has databases and such, I am concern about file-locking and database corruption. What is the best way to back up the server? shutdown cyrus for a while, then snap shot it, and then back up to tivoli or should I just be able to back up the running server directly to tivoli? what other software can I use to backup? Thanks : Rafael Mahecha Email / Systems Administrator JSU OIM - Web Services [EMAIL PROTECTED] http://www.jsums.edu : Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Beyond rtcyrus2 (sendmail integration)
On Dec 4, 2006, at 1:05 PM, Gary Mills wrote: Really? Sendmail queries the SQL for each delivery recipient? Potentially, but nscd caches the results. Sendmail also does authenticated SMTP via SASL, just like Cyrus IMAP does it. They are nicely integrated. Clearly, there is an export mechanism. Nothing periodic, if that's what you mean. There's a replication feed from the SQL master to an instance on the e-mail server. So what you are describing is clearly a coordinated project with components that you've welded together for your environment. Kindof like what they are doing, but with a different glue. So why are you complaining that the project doesn't need to exist? Clearly your installation isn't out of the box (comments coming from someone who has developed their own project and uses his own glue and knows that it's not trivial and appreciates documentation work done by others) -- Jo Rhett Net Consonance : consonant endings by net philanthropy, open source and other randomness Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Listen to subnet?
On Mon, 4 Dec 2006, Anders Norrbring wrote: Is it possible to set any option(s) in cyrus.conf to have the imap listen only to calls from within the subnet? I want to enable admin logins from another machine in the subnet, but not from external calls. Or is it simply easier to add another address to the NIC and have it listen to that one? Have you looked at using tcpwrappers (/etc/hosts.allow, /etc/hosts.deny) to do this? Andy Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Sieve rule: move to folder and forward
On Mon, 4 Dec 2006, Muenz, Michael wrote: Dear list, I'm using Horde/Ingo for creating sieve rules and have activated a rule for Spamassassin moving mails with "X-Spam-Status: Yes" to spamfolder. Also, there's a rule to forward every mail to another address. Looks like this: require ["imapflags", "fileinto"]; # Spam if header :comparator "i;octet" :contains "X-Spam-Status" "Yes" { addflag "\\Seen"; fileinto "INBOX/Spam"; removeflag "\\Seen"; } # Forward if true { redirect "[EMAIL PROTECTED]"; keep; } My problem is, when "keep" is called, also the spam, which should be moved to "Spam" goes to my inbox again. But when setting "stop" in Spam rule, mails detected as spam which aren't, wont be delivered to [EMAIL PROTECTED] Any ideas how to solve this? Put a line "stop;" after you file the email into the Spam folder. Otherwise, Sieve will continue processing later rules. Andy Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Beyond rtcyrus2 (sendmail integration)
On Mon, Dec 04, 2006 at 12:35:23PM -0800, Jo Rhett wrote: > On Dec 4, 2006, at 6:09 AM, Gary Mills wrote: > >In our case there's no export involved. All of the information comes > >from the same SQL database. Somebody reinventing this scheme today > >would probably use LDAP instead. > > Really? Sendmail queries the SQL for each delivery recipient? Potentially, but nscd caches the results. Sendmail also does authenticated SMTP via SASL, just like Cyrus IMAP does it. They are nicely integrated. > Clearly, there is an export mechanism. Nothing periodic, if that's what you mean. There's a replication feed from the SQL master to an instance on the e-mail server. -- -Gary Mills--Unix Support--U of M Academic Computing and Networking- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Beyond rtcyrus2 (sendmail integration)
Joseph Brennan <[EMAIL PROTECTED]> writes: > Andrzej Adam Filip <[EMAIL PROTECTED]> wrote: > >> 2) Methods you suggest do not give a chance to reject messages to over >> quota mailboxes *in SMTP session*. > > ...which can be a good thing if you want to give users a chance to > clean up or request more space. > > The trouble with smmapd is that it gives only a binary yes/no response, > not distinguishing even 'user unknown' from 'user over quota'. Reject > 'user unknown' in the smtp session-- absolutely-- but temp fail situations > are handled more nicely by accepting and queueing locally. IMHO it is simply a matter of making smmapd.c sending replies in different format. smapd.c gets in every query: * map name (currently ignored) * query string (currently mailbox name) smapd.c can send replies in format based on "map name" e.g. for map_name="cyrus" it can preserve the current behavior for map_name="cyrus2" it can send back * FOUND OK:mailbox_name * FOUND QUOTA:mailbox_name * NO_MATCH -- [pl2en: Andrew] Andrzej Adam Filip : [EMAIL PROTECTED] : [EMAIL PROTECTED] Home site: http://anfi.homesite.net/ Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Possible sendmail misconfiguration to deliver to cyrus
On Dec 4, 2006, at 8:31 AM, Todd Lyons wrote: On Sun, Dec 03, 2006 at 09:23:47PM -0800, Jo Rhett wrote: Can you create a list of all of your users from some other information? If so, 1. Put a list of all of your domains in /etc/mail/virtual-domains 2. put each and every user in virtusertable with the same e-mail address on the left and right [EMAIL PROTECTED][EMAIL PROTECTED] I'm not complaining, but wow that looks unintuitive. (rant mode on) :-) You know, it amazes me how many times I get comments from sysadmins that a given solution doesn't work for them because they don't like how it *looks* ... It's a system config file. It's supposed to provide information in a machine-readable format. Not a human-readable format. Does /etc/ passwd look intuitive to you? /rant -- Jo Rhett Net Consonance : consonant endings by net philanthropy, open source and other randomness Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Beyond rtcyrus2 (sendmail integration)
On Dec 4, 2006, at 7:22 AM, Joseph Brennan wrote: Andrzej Adam Filip <[EMAIL PROTECTED]> wrote: 2) Methods you suggest do not give a chance to reject messages to over quota mailboxes *in SMTP session*. ...which can be a good thing if you want to give users a chance to clean up or request more space. The trouble with smmapd is that it gives only a binary yes/no response, not distinguishing even 'user unknown' from 'user over quota'. Reject 'user unknown' in the smtp session-- absolutely-- but temp fail situations are handled more nicely by accepting and queueing locally. I believe the topic was "sendmail integration". Look, it even says it in the subject line. -- Jo Rhett Net Consonance : consonant endings by net philanthropy, open source and other randomness Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Beyond rtcyrus2 (sendmail integration)
On Dec 4, 2006, at 6:09 AM, Gary Mills wrote: In our case there's no export involved. All of the information comes from the same SQL database. Somebody reinventing this scheme today would probably use LDAP instead. Really? Sendmail queries the SQL for each delivery recipient? Clearly, there is an export mechanism. -- Jo Rhett Net Consonance : consonant endings by net philanthropy, open source and other randomness Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
SOLVED! Re: Possible sendmail misconfiguration to deliver to cyrus
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, Dec 03, 2006 at 07:58:02PM -0800, Todd Lyons wrote: >I'm looking at a cyrus limitation right now. I'm really thinking this >is not cyrus' problem. I'm trying to figure out if it's actually a >sendmail limitation or a sendmail config error on my part. It seems to have just been a sendmail misconfiguration on my part. >Here's what's in my sendmail.mc: >[EMAIL PROTECTED] root]# tail -n 7 /etc/mail/sendmail.mc >MAILER(cyrus)dnl >define(`confLOCAL_MAILER',`cyrus')dnl >LOCAL_RULE_0 >R$=N$: $#local $: $1 >R$=N < @ $=w . >$: $#local $: $1 >Rbb + $+ < @ $=w . >$#cyrusbb $: $1 So far, this modified version works as expected, both for real users and virtusers. I'm still testing, but I'll post what I have here and if anybody has any comments, I'd love to hear them: define(`CYRUSV2_MAILER_FLAGS',`Ah5@/:|w')dnl define(`CYRUSV2_MAILER_ARGS',`FILE /var/lib/imap/socket/lmtp')dnl define(`confLOCAL_MAILER',`cyrusv2')dnl MAILER(smtp)dnl MAILER(procmail)dnl MAILER(cyrusv2)dnl LOCAL_RULE_0 R$=N$: $#local $: $1 R$=N < @ $=w . >$: $#local $: $1 Rbb + $+ < @ $=w . >$#cyrusbb $: $1 If you'll notice, one of the things I did was update sendmail to use the cyrusv2 mailer instead of the cyrus one. I did that because adding the w to the FLAGS macro with mailer cyrus did nothing. But when I converted it to use cyrusv2, the w made it do the checks as you said. To be honest with you, I do not know exactly what the LOCAL_RULE_0 rules do for me. I do not know if it is still needed after converting to cyrusv2. I do not know if it is causing undesirable effects. I do not know if it is even being used. But I know that it works and I'm not going to "fix" it unless someone here mentions that I should. I can say however, that this from my logs is like music to my ears: Dec 4 11:53:43 mta1 sendmail[9689]: kB4Jqwvq009689: <[EMAIL PROTECTED]>... User unknown Dec 4 11:53:46 mta1 sendmail[9689]: kB4Jqwvq009689: <[EMAIL PROTECTED]>... User unknown Dec 4 11:53:47 mta1 sendmail[9689]: kB4Jqwvq009689: <[EMAIL PROTECTED]>... User unknown Dec 4 11:53:49 mta1 sendmail[9689]: kB4Jqwvq009689: <[EMAIL PROTECTED]>... User unknown Dec 4 11:53:53 mta1 sendmail[10215]: kB4Jrpvn010215: <[EMAIL PROTECTED]>... User unknown It used to accept all of those, scan for spam and virus, then pass off to cyrus. Now it rejects before the spam scan, resulting in much lower load. Thanks to all! - -- Regards... Todd Well, it's Karch... --frequently heard after every amazing move he does Linux kernel 2.6.17-5mdv 1 user, load average: 0.17, 0.18, 0.21 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFdIG1Y2VBGxIDMLwRAoMqAJwJ+t1ya0L+EdzRxY5QXlKsL58t3gCcD6jk pm9Eu6CUoLyQGkY6f24muw0= =CJsX -END PGP SIGNATURE- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: recursive reconstruct does not work?
On Dec 3, 2006, at 12:48 PM, Jo Rhett wrote: Ken, it's been another month. How can I help move this along? Just popping up here to say that I run another site affected by this bug and would love to see it resolved. If I had more than rudimentary C skills, I would take a stab at a patch. I know of another division of my company with a similar Cyrus setup who are also affected. Regards, -dan -- To see what is in front of one's nose needs a constant struggle. -George Orwell Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Possible sendmail misconfiguration to deliver to cyrus
On Mon, 2006-12-04 at 10:24 -0800, Todd Lyons wrote: > >This solved my problem but it requires that I have a local machine account > >for > >each cyrus user. As a small domain that's not a problem for me, but others > >might find it too restrictive. > > I'll test it. As long as by "local user" you mean "users visible to PAM > and virtusers", then I'm golden. I'm beginning testing now. Fake passwd entries with logins, all hanging on the same uid will do. M. -- Miroslaw "Psyborg" Jaworski GCS/IT d- s+:+ a C++$ UBI$ P+++$ L- E--- W++(+++)$ N++ o+ K- w-- O- M- V- PS+ PE++ Y+ PGP t 5? X+ R++ !tv b++(+++) DI++ D+ G e* h++ r+++ y? Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Listen to subnet?
Is it possible to set any option(s) in cyrus.conf to have the imap listen only to calls from within the subnet? I want to enable admin logins from another machine in the subnet, but not from external calls. Or is it simply easier to add another address to the NIC and have it listen to that one? -- Anders Norrbring Norrbring Consulting smime.p7s Description: S/MIME Cryptographic Signature Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Possible sendmail misconfiguration to deliver to cyrus
On Mon, Dec 04, 2006 at 11:22:10AM -0600, Dave McCracken wrote: >> As I see it, a more sendmailish solution would be to use a little >> sendmail-fu and make it so that sendmail checks for local user at smtp >> time, but delivers to cyrus at deliver time. I don't have such fu, but >> I see now as a good enough time to start studying up on it as well as >> exploring the above option. >I also had that problem since most of the spam I was getting to my domain was >to nonexistent users. I discovered sendmail has a local mailer flag that >indicates whether sendmail should check the recipient against local users at >smtp time. The flag is 'w'. My sendmail.mc has the following line: >define(`CYRUSV2_MAILER_FLAGS', `A@/:|mw')dnl >where cyrusv2.m4 has the line: >_DEFIFNOT(`CYRUSV2_MAILER_FLAGS', `A@/:|m') >This solved my problem but it requires that I have a local machine account for >each cyrus user. As a small domain that's not a problem for me, but others >might find it too restrictive. I'll test it. As long as by "local user" you mean "users visible to PAM and virtusers", then I'm golden. I'm beginning testing now. -- Regards... Todd A friend of mine was at the military and had to check new recruits for color-blindness. Only after the 20th color-blind man in a row he realized for the first time in hist life that it was _him_, being the color-blind. --Johannes Schindelin Linux kernel 2.6.17-5mdv 1 user, load average: 0.53, 0.42, 0.30 Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Move selected mailmessages
On 04.12.2006, at 17:11, Mirosław Jaworski wrote: On Mon, 2006-12-04 at 16:33 +0100, Wolfgang Hennerbichler wrote: I guess I can't do this in courier, as I would mess up the internal db-structure. Is there a way to (easily) do this in cyrus, without calling cyrreconstruct? Why this strange limitation? You can reconstruct specific mailbox - just in case you don't know it. I know, but don't I "mess" with cyrus by doing it this way? what if a message gets delivered within that mailbox after I move it, I guess I would get some inconsistencies... thanks for your answer, M. wogri -- [EMAIL PROTECTED] http://www.wogri.com http://www.einradfilm.at Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Possible sendmail misconfiguration to deliver to cyrus
On Monday 04 December 2006 10:31 am, Todd Lyons wrote: > As I see it, a more sendmailish solution would be to use a little > sendmail-fu and make it so that sendmail checks for local user at smtp > time, but delivers to cyrus at deliver time. I don't have such fu, but > I see now as a good enough time to start studying up on it as well as > exploring the above option. I also had that problem since most of the spam I was getting to my domain was to nonexistent users. I discovered sendmail has a local mailer flag that indicates whether sendmail should check the recipient against local users at smtp time. The flag is 'w'. My sendmail.mc has the following line: define(`CYRUSV2_MAILER_FLAGS', `A@/:|mw')dnl where cyrusv2.m4 has the line: _DEFIFNOT(`CYRUSV2_MAILER_FLAGS', `A@/:|m') This solved my problem but it requires that I have a local machine account for each cyrus user. As a small domain that's not a problem for me, but others might find it too restrictive. Dave McCracken Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Possible sendmail misconfiguration to deliver to cyrus
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, Dec 03, 2006 at 09:23:47PM -0800, Jo Rhett wrote: >>Error" because the user doesn't exist. I have been googling and looking >>at m4 code and trying to figure out what I can do to make sendmail check >>the user at SMTP connect time the way it does if I configure sendmail to >>deliver to a regular mbox mail spool. > >Can you create a list of all of your users from some other information? > If so, >1. Put a list of all of your domains in /etc/mail/virtual-domains >2. put each and every user in virtusertable with the same e-mail address >on the left and right > [EMAIL PROTECTED][EMAIL PROTECTED] I'm not complaining, but wow that looks unintuitive. >3. Make sure that every domain has a wildcard deny, like > @netconsonance.com error:nouser No such user >4. add these options to the MC file >LOCAL_CONFIG >F{VirtHost}/etc/mail/virtual-domains >FEATURE(`virtuser_entire_domain')dnl >define(`_VIRTUSER_STOP_ONE_LEVEL_RECURSION_')dnl I'll look into it. I'll have to figure out if this will impact the other 100 or so domains on this box. Thanks for the pointer. On Mon, Dec 04, 2006 at 09:50:13AM +0200, Janne Peltonen wrote: >> at m4 code and trying to figure out what I can do to make sendmail check >> the user at SMTP connect time the way it does if I configure sendmail to >> deliver to a regular mbox mail spool. > >Here's what a quick Google found: > http://comments.gmane.org/gmane.mail.imap.cyrus/15641 I was going to reply in the middle of the rt thread above, but in reading about it I didn't think it fit my problem. But I also hadn't found that particular thread. I can see now that it's intended to exactly solve the problem I'm having. As I see it, a more sendmailish solution would be to use a little sendmail-fu and make it so that sendmail checks for local user at smtp time, but delivers to cyrus at deliver time. I don't have such fu, but I see now as a good enough time to start studying up on it as well as exploring the above option. - -- Regards... Todd I've visited conferences where the wireless LAN was deemed "secure" by the organisation because they had outlawed sniffers.--Neils Bakker Linux kernel 2.6.17-5mdv 1 user, load average: 0.00, 0.19, 0.35 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFdE1WY2VBGxIDMLwRAlI4AJ0YcFIpFzFhWBhqAtBqCIFwz96bSgCeO+n5 jxz0yq2dlzjLk/IgrSECAVs= =d9hB -END PGP SIGNATURE- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: listusers failed
On Fri, 01 Dec 2006 12:28:56 -0500 Kevin Kruzich wrote: Hi, > I recently had to "migrate" a sasl auth db from GNU DBM to Berkeley > DB. I used this: > > http://dcs.nac.uci.edu/~strombrg/convert-database Mmmm why do I need to migrate? I just wondered how to recover my broken db file. > Also, there's a very clear and simple toolkit with python that can be > used to break open these dbs. That is, if you're a programmer with a > little python experience. It is not my case :-( Just a little of Perl ... Thanks for links, I learned something new. [...] Craig White wrote: > > I don't use sasldb but I would presume that it uses berkeley db4 > > and if that was the case, with their utilities, something like > > cd /whatever/directory/sasldb is stored and then something like > > db_recover should suffice. Yep, something like that, but did not work... > > More importantly, why not back it up once in a while? Yes, that's true, but I have no backup policy in my home server... > > > > Craig Thansk for both replies, -- Arnau Bria http://blog.emergetux.net Wiggum: Dispara a las ruedas Lou. Lou: eee, es un tanque jefe. Wiggum: Me tienes hartito con todas tus excusas. Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Move selected mailmessages
On Mon, 2006-12-04 at 16:33 +0100, Wolfgang Hennerbichler wrote: > I guess I can't do this in courier, as I would mess up the internal > db-structure. > Is there a way to (easily) do this in cyrus, without calling > cyrreconstruct? Why this strange limitation? You can reconstruct specific mailbox - just in case you don't know it. M. -- Miroslaw "Psyborg" Jaworski GCS/IT d- s+:+ a C++$ UBI$ P+++$ L- E--- W++(+++)$ N++ o+ K- w-- O- M- V- PS+ PE++ Y+ PGP t 5? X+ R++ !tv b++(+++) DI++ D+ G e* h++ r+++ y? Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Move selected mailmessages
Hi cyrus-people, I'm curious about the follwoing behaviour (this has not happened on cyrus, but with courier): A customer is sending a specific (bad) e-mail to 1000 mailboxes. In courier I would write a little script, that greps in the usermailboxes for something uniqe, move the file to /dev/null, and that's it. I guess I can't do this in courier, as I would mess up the internal db-structure. Is there a way to (easily) do this in cyrus, without calling cyrreconstruct? thanks, wogri -- [EMAIL PROTECTED] http://www.wogri.com http://www.einradfilm.at Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Sieve rule: move to folder and forward
Dear list, I'm using Horde/Ingo for creating sieve rules and have activated a rule for Spamassassin moving mails with "X-Spam-Status: Yes" to spamfolder. Also, there's a rule to forward every mail to another address. Looks like this: require ["imapflags", "fileinto"]; # Spam if header :comparator "i;octet" :contains "X-Spam-Status" "Yes" { addflag "\\Seen"; fileinto "INBOX/Spam"; removeflag "\\Seen"; } # Forward if true { redirect "[EMAIL PROTECTED]"; keep; } My problem is, when "keep" is called, also the spam, which should be moved to "Spam" goes to my inbox again. But when setting "stop" in Spam rule, mails detected as spam which aren't, wont be delivered to [EMAIL PROTECTED] Any ideas how to solve this? Thanks, Michael Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Beyond rtcyrus2 (sendmail integration)
Andrzej Adam Filip <[EMAIL PROTECTED]> wrote: 2) Methods you suggest do not give a chance to reject messages to over quota mailboxes *in SMTP session*. ...which can be a good thing if you want to give users a chance to clean up or request more space. The trouble with smmapd is that it gives only a binary yes/no response, not distinguishing even 'user unknown' from 'user over quota'. Reject 'user unknown' in the smtp session-- absolutely-- but temp fail situations are handled more nicely by accepting and queueing locally. Joe Brennan Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Beyond rtcyrus2 (sendmail integration)
Jo Rhett <[EMAIL PROTECTED]> writes: > Gary Mills wrote: >> On Sun, Dec 03, 2006 at 05:33:15PM -0800, Jo Rhett wrote: >>> Gary Mills wrote: We've had excellent sendmail/cyrus integration for years, with 35,000 users. It's done by having all users in the NIS map on the mail server. No modification to sendmail is necessary because getpwnam() returns the passwd entry for the user. Users can't log in to the mail server, of course, because PAM rules prevent that. The same thing could be done with other user databases, such as LDAP. Why would you ever need a different form of integration? >>> We've done the same by putting all user accounts into virtusertable >>> with the no-recursion option. >>> >>> That said, it does require something to take user accounts and >>> export them into virtusertable/nis maps/etc. So this approach is >>> technically superior to what you and I are doing. >> >> Well, unless you are offering only e-mail service, you have to do that >> anyway. We offer many services to all, or subsets, of our users. >> Having them all in one database is very convenient. For example, we >> have a web portal that authenticates users from the same database as >> the e-mail server. > > Yes, but again you're not making a good argument for why they should > be forced to create a centralized database if they don't have one > already. > > Yes, if you already have all this information in another form you > don't have this problem today. So you don't need this project. > > This project would help people without that centralized database, or > who want updates to the good user list to happen in realtime rather > than after an export of data. "LDAP master" configuration of cyrus IMAP and sendmail does make sense especially with "mailbox auto create patch *BUT* 1) socket map daemon provides also "mailbox over quota" hint to MTA (sendmail) for use in "RCPT TO:" replies 2) cyrus virtual domains can be integrated in "nicer" with LDAP way even without quota check at MTA level 3) I insist on supporting *mixed* mailbox types e.g. with *most* mailboxes in cyrus but *some* mailboxes serviced by "classic local mailer". IMHO it makes sense to deliver messages to postmaster/abuse to cyrus and to local "mailbox agent" (procmail) and classic mailbox file. -- [pl2en: Andrew] Andrzej Adam Filip : [EMAIL PROTECTED] : [EMAIL PROTECTED] Home site: http://anfi.homesite.net/ Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Beyond rtcyrus2 (sendmail integration)
On Sun, Dec 03, 2006 at 06:57:18PM -0800, Jo Rhett wrote: > Gary Mills wrote: > >On Sun, Dec 03, 2006 at 05:33:15PM -0800, Jo Rhett wrote: > >>Gary Mills wrote: > >>>We've had excellent sendmail/cyrus integration for years, with > >>>35,000 users. It's done by having all users in the NIS map on > >>>the mail server. No modification to sendmail is necessary because > >>>getpwnam() returns the passwd entry for the user. Users can't log > >>>in to the mail server, of course, because PAM rules prevent that. > >>>The same thing could be done with other user databases, such as > >>>LDAP. Why would you ever need a different form of integration? > >>We've done the same by putting all user accounts into virtusertable with > >>the no-recursion option. > >> > >>That said, it does require something to take user accounts and export > >>them into virtusertable/nis maps/etc. So this approach is technically > >>superior to what you and I are doing. > > > >Well, unless you are offering only e-mail service, you have to do that > >anyway. We offer many services to all, or subsets, of our users. > >Having them all in one database is very convenient. For example, we > >have a web portal that authenticates users from the same database as > >the e-mail server. > > Yes, but again you're not making a good argument for why they should be > forced to create a centralized database if they don't have one already. > > Yes, if you already have all this information in another form you don't > have this problem today. So you don't need this project. Okay, that's fine. Perhaps this project could state that there are alternatives that may be better in some environments. > This project would help people without that centralized database, or who > want updates to the good user list to happen in realtime rather than > after an export of data. In our case there's no export involved. All of the information comes from the same SQL database. Somebody reinventing this scheme today would probably use LDAP instead. -- -Gary Mills--Unix Support--U of M Academic Computing and Networking- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Bounces on local delivery
In one of our serveres we found bouces in local delivery, cyrus 2.2.12 and Postfix2.2.9. The problem happends randomly: sometimes a mail is not delivered to a mailbox. Then we get this error: Dec 4 10:41:15 mail-server postfix/lmtp[24330]: E9BEA3B04EC: to=<[EMAIL PROTECTED]>, orig_to=<[EMAIL PROTECTED]>, relay=/var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp], delay=1, status=bounced (host /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp] said: 250 2.1.5 ok (in reply to DATA command)) We retry and we success delivering to that mailbox. A/P Andres Tarallo WD&B Consultores Montevideo - Uruguay Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Migrating Mailboxes to a new server
Hi !!! We have a big email server with about 2000 mailboxes, over SuSE 10.1 with SuSE 2.2.12. In order to enhace reliability and performance (over slow 64 kbps internet links) we are moving to a distributed server schema. So we set up a new server, and then tried to move some mailboxes to the new one. We made a full backup of /var/lib/imap and /var/spool/imap/users. Then we tried to restore some of the mailboxes in the new server. The server started succesfully, but webmain couldn't access to the mailboxes. What we need to backup the mailboxes succesfully to a new server? Is there a detailed guide for this task?. Thanks in advance. A/P Andres Tarallo WD&B Consultores Montevideo - Uruguay Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Possible sendmail misconfiguration to deliver to cyrus
Todd Lyons <[EMAIL PROTECTED]> writes: > [...] > My rudimentary understanding of sendmail macros makes me think that > instead of checking for users locally, it's checking for user cyrus > locally (which always succeeds), so the email is accepted for any user. > If it's a problem with the older version of sendmail that I'm using, > then I apologize in advance, but a pointer in that direction would be > most appreciated. Take a look at http://anfi.homeunix.net/sendmail/#cyrus You can * use "cyrus aliases" and list all valid cyrus mailboxes in aliases or virtusertable *OR* * use rtcyrus2 solution -- [pl2en: Andrew] Andrzej Adam Filip : [EMAIL PROTECTED] : [EMAIL PROTECTED] Home site: http://anfi.homesite.net/ Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Beyond rtcyrus2 (sendmail integration)
Jo Rhett wrote: > Gary Mills wrote: >> We've had excellent sendmail/cyrus integration for years, with >> 35,000 users. It's done by having all users in the NIS map on >> the mail server. No modification to sendmail is necessary because >> getpwnam() returns the passwd entry for the user. Users can't log >> in to the mail server, of course, because PAM rules prevent that. >> The same thing could be done with other user databases, such as >> LDAP. Why would you ever need a different form of integration? > > We've done the same by putting all user accounts into virtusertable with > the no-recursion option. > > That said, it does require something to take user accounts and export > them into virtusertable/nis maps/etc. So this approach is technically > superior to what you and I are doing. RTCyrus2 and RTCyrus3 send socket map queries to smmapd.c cyrus daemon to get information about mailbox existence and mailbox quota status in *real time* without any need for periodic exports. Methods based on periodic export are better if you expect longer cyrus imap outages and the mailbox list is "pretty stable". I have suggested such methods as superior for *MS Exchange* (on other forums). Virtusertable based solutions are not capable to check mailbox quota status *in SMTP session*. It is possible with socket map based solutions. -- [pl2en: Andrew] Andrzej Adam Filip : [EMAIL PROTECTED] : [EMAIL PROTECTED] Home site: http://anfi.homesite.net/ Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Beyond rtcyrus2 (sendmail integration)
Gary Mills wrote: > On Sun, Dec 03, 2006 at 11:29:08PM +0100, Andrzej Adam Filip wrote: >> Andrzej Adam Filip <[EMAIL PROTECTED]> writes: >> >>> I would like to know who is interested in helping to develop next >>> versions of advanced Sendmail and Cyrus IMAP integration methods. >>> I would like to further improve methods available at links below: >>> http://anfi.homeunix.net/sendmail/rtcyrus2.html >>> http://anfi.homeunix.net/sendmail/#cyrus > > We've had excellent sendmail/cyrus integration for years, with > 35,000 users. It's done by having all users in the NIS map on > the mail server. No modification to sendmail is necessary because > getpwnam() returns the passwd entry for the user. Users can't log > in to the mail server, of course, because PAM rules prevent that. > The same thing could be done with other user databases, such as > LDAP. Why would you ever need a different form of integration? 1) As I understand you describe integration *without* support for cyrus virtual domains ([EMAIL PROTECTED], [EMAIL PROTECTED]). 2) Methods you suggest do not give a chance to reject messages to over quota mailboxes *in SMTP session*. RTCyrus3 will use information received via socket map query to deliver it. -- [pl2en: Andrew] Andrzej Adam Filip : [EMAIL PROTECTED] : [EMAIL PROTECTED] Home site: http://anfi.homesite.net/ Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Possible sendmail misconfiguration to deliver to cyrus
On Sun, Dec 03, 2006 at 07:58:02PM -0800, Todd Lyons wrote: > at m4 code and trying to figure out what I can do to make sendmail check > the user at SMTP connect time the way it does if I configure sendmail to > deliver to a regular mbox mail spool. Here's what a quick Google found: http://comments.gmane.org/gmane.mail.imap.cyrus/15641 --Janne Peltonen Email, Univ. of Helsinki Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html