Re: Did calculating the quota change from 2.3 to 2.5?
Bron, Am 29.11.2016 um 22:18 Uhr schrieb Bron Gondwana: Quota is a sum of byte sizes of raw unexpunged messages. It doesn't deduplicate. Likely issue is incorrect quota_mailbox_used in the cyrus.index header on 2.3. a reconstruct will fix those, then quota -f again. Does not change anything. It's not related to du. The problem with imapsync is that it doesn't handle single instance store. If you have copied messages or delivered then into multiple mailboxes with sieve, they will have hard links on disk. If you use imapsync, it doesn't know about that, and will upload the same message twice. 2.5 doesn't have the smarts to recognise that it's the same message. imapsync can only sync mail the old server knows about. And in the end there is more quota used on the new server!? The only explanation is the quota on the old server is broken, isn't it? Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: Did calculating the quota change from 2.3 to 2.5?
Bron, Am 29.11.2016 um 13:26 Uhr schrieb Bron Gondwana via Info-cyrus: No, the quota calculations are identical. It's possible that your quota was incorrectly calculated on the source server though. A quota -f there should correct the calculations. unluckily it does not. quota -f on seems not to be related to the du counter on the old server in any way for some mailboxes. First we create the mailbox on the new server and sync the quota. Then imapsync syncs the messages. Till the quota is exceeded … oldserver> lq user.xxx STORAGE 658949/125 (52.71592%) # du -sh /var/lib/imap/meta/user/xxx/ 105M/var/lib/imap/meta/user/xxx/ # du -sh /var/spool/imap/user/xxx/ 1,2G/var/spool/imap/user/xxx/ newserver> lq user.xxx STORAGE 1098788/125 (87.90304%) # du -sh /var/spool/imap/user/xxx/ 1,7G/var/spool/imap/user/xxx/ There is no separate meta partition on the new server. Meta data is about 500 MB now on the new server, this is about 5x the space. I think quota is just plain wrong on the old server. squatter file are huge in comparison now. Is this right? Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Did calculating the quota change from 2.3 to 2.5?
Hi, while migrating from 2.3 to 2.5 (see my last post here), mailboxes can not be synced, because the quota is exceeded on the new server. A mailbox which has a du of about 800 MB in a 900 MB quota mailbox fills the new mailbox by over 100%. Are meta files now calculated into the quota? Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Volume of metadata - squatter - in 2.5
Hi, we are in the process of migrating from old cyrus imapd 2.3.16 servers to new with cyrus 2.5.10. We copy whith imapsync - i.e. to benefit from single instance strore. Now the volume of the metadata is increasing to a factor of like 7-15! It seems squatter is taking a lot more space now. Is this right? one server: new: 2,3G/var/lib/imap/meta old: 153M/var/lib/imap/meta another server: new: 3,6G/var/lib/imap/meta old: 563M/var/lib/imap/meta Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: Announcing the Cyrus Foundation and development plans for 2015
Bron Gondwana schrieb (19.02.2015 10:32 Uhr): And we won't stop there, but that's as far as I'm planning today. I think, that is great news! Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: High avaliabilty for IMAP/PROXY
Ken, k...@rice.edu schrieb (22.09.2014 15:43 Uhr): On Mon, Sep 22, 2014 at 03:09:13PM +0200, Marc Patermann wrote: k...@rice.edu schrieb (18.09.2014 21:43 Uhr): These are all located behind our Citrix Netscaler boxes. You should be able to replicate their function with either haproxy or nginx. What does the Netscaler do in this scenario? The Netscaler provides redundant and load-balanced access to the IMAP/POP3 backends with automated fail-over. I was not aware the Netscaler can do that, thank you for the hint! Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: High avaliabilty for IMAP/PROXY
k...@rice.edu schrieb (18.09.2014 21:43 Uhr): On Thu, Sep 18, 2014 at 12:07:57PM -0700, Vincent Fox wrote: On 9/18/2014 11:58 AM, Fabio S. Schmidt wrote: Does anyone have any better ideas to improve the high availability? I was wondering about using HAPROXY vs NGINX but I do not know their behaviours in cases like I mentioned above. We have for about 8 years used Perdition for POP/IMAP proxy. 3 simple Linux boxes in a load balanced pool. Friends don't let friends do Round Robin DNS. You can't count on removing DNS entries, since propagation can be very slow and some clients don't even respect TTL. We also used Perdition here for our POP3/IMAP proxy. Unfortunately, its process per connection resulted in an enormous resource footprint when everyone was connected to the server. In addition, the startup stampede of processes completely swamped the frontends crippling the performance until a steady state was reached. As a result, we moved to using NGINX as our POP3/IMAP proxy. Now a single-box can carry the connection load that 4 or more boxes struggled with along with better responsiveness and performance to boot. These are all located behind our Citrix Netscaler boxes. You should be able to replicate their function with either haproxy or nginx. What does the Netscaler do in this scenario? Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: Outdated documentation for configuration flags
Jens Erat schrieb (07.08.2014 11:41 Uhr): in the imapd compilation documentation of the current 2.4.17 release [1], there seems to be an updated `configure` option: --disable-cyradm Do not compile the cyradm administrative client. two dashes -- Running `./configure —disable-cyradm` gives a warning configure: WARNING: unrecognized options: —disable-cyradm one dash -? Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: saslauthd with openldap
Paul, Paul van der Vlis schrieb (19.04.2013 11:58 Uhr): I am trying to get saslauthd working While this is not IMAPd related, why don't your try a SASL list? to authenticate on openLDAP with passwords stored with a MD5 hash (base64 encoded) in the field UserPassword. The passwords are created with smb-ldap so I think it's normal that they are base64 encoded. Is SASL auxprop ldapdb not an option for you? testsaslauthd -u mailtest -p secret gives always authentication failed. In auth.log I see always: Bind failed. I've tried many options in saslauthd.conf, at the moment it's this: ldap_servers: ldap://192.168.28.240/ ldap_auth_method: custom ldap_bind_dn: uid=admin,dc=domain,dc=local ldap_bind_pw: secret ldap_search_base: ou=Users,dc=domain,dc=local ldap_filter: cn=%u what does # ldapsearch -H ldap://192.168.28.240/ -x -D uid=admin,dc=domain,dc=local -w secret -B ou=Users,dc=domain,dc=local cn=oneOfYourUsernames for you? I am using cyrus-sasl2 version 2.1.25.dfsg1-6 from Debian Wheezy. LDAP is on an old machine (Ubuntu 8.04, slapd version 2.4.7). FYI: For a production use LDAP server it is best advice from the openldap developers to use the lastest version, which is 2.4.35. Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: Virtual Domains or not
Valentin, Valentin Bud schrieb (16.04.2013 08:19 Uhr): I am trying to figure out what would be a best practice when one has a couple of domains on which it receives mail to and from which it sends mail from. For example I have the following domains: example.com example.net I have a user 'valentin' which has the following E-Mail addresses: valen...@example.com valen...@example.net The users are authenticated from OpenLDAP and the mail attribute is set to valen...@example.com. The mailAlternateAddress is set to valen...@example.net. Do you know mail is a multi valued attribute and - if there are no external circumstances - you do not need an extra attribute for a second mail address? I plan to use the Lachman LDAP Mail Routing Draft [1] and schema. Should I create in Cyrus IMAP two virtual domains and a 'valentin' user for each of this domains or would it be better to create a user 'valentin' where to post the E-Mail messages I receive on both domains? This truly depends on what YOU want or need. If YOU only need one inbox then go that way. Then the MUAs could be configured with multiple identities and have only one mailbox. For my private mail I do so. I have different domains, but want it in my only inbox. So my domains are virtual _in Postfix_ not in IMAPd. If you have an object with something like mail: valen...@example.com mail: valen...@example.net mail: f...@bar.net maildrop: valentin Postfix can send mail for all addresses (mail) included in the object to the user valentin (maildrop) in IMAPd. Simple as that. What are the gotchas if I choose to go one way or the other? And do you think that [1] is 'stable' enough to be used? [1]: http://tools.ietf.org/html/draft-lachman-ldap-mail-routing-03 Dunno. Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: How Do i get last lgin date for all my users
Dale J Chatham schrieb (10.04.2013 21:49 Uhr): Assuming Linux?UNIX, log onto the machine, run the command: last This does only work, if IMAP users are system users - which most of the time is not the case. Perl is your friend. Pass your imap log for User logged in. Extract username and timestamp. Update the users entry in your data store with the timestamp. Maybe your syslog daemon can do something like that for you. Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: ACLs and cross-namespace move problem
Thomas, Thomas Cataldo schrieb (11.03.2013 10:21 Uhr): I have a problem with shared user mailboxes and permissions on cyrus 2.4.16. User A has read/write access on user B (lrswipkxte) Folders looks like this for user A: INBOX Archive 2012 Other Users/ == the user's namespace B (user B inbox) Sent Drafts Trash User A wants to move the Archive folder to User B. He does a simple dragdrop in thunderbird for his box to Other Users/B. With its knowledge of permissions, thunderbird issues a RENAME : RENAME Archive OtherUsers/B/Archive Cyrus does not detect completely that the rename crosses a namespace boundary. The Archive folder is at the right place on the filesystem : /var/spool/cyrus/willow_vmw/domain/w/willow.vmw/b/user/b/Archive But only A has permissions on it whereas the documentation states that: Note that some rights are available implicitly, for example 'anonymous' always has 'p' on user INBOXes, and users always have rights on mailboxes within their INBOX hierarchy. Do you have a link? I think Archive should qualify as user B always has rights on mailboxes within the INBOX hierarchy, like the Archive folder. When I look at the permissions with cyradm, I have : localhost lam user/b...@willow.vmw b...@willow.vmw lrswipkxtecda admin0 lrswipkxtecda a...@willow.vmw lrswipkxtecd localhost lam user/b/arch...@willow.vmw admin0 lrswipkxtecda a...@willow.vmw lrswipkxtecda Do I mis-understand something or should I file a bug ? (I am using unix hierarchy sep + altnamespace) I think this has always been this way. If you create a subfolder it inherits the rights from the upper level and so you have the same right for INBOX and subfolders, as long as you do not change the rights. You can always revoke your own rights, I think. Moving/renaming a folder has always (as far I remember for 2.2. und 2.3) been keeping the rights with the folder. Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: symbolic links for spool directory
m, mayak-cq schrieb (27.02.2013 14:43 Uhr): will cyrus behave properly if i create a symbolic link in the following case: before: /var/spool/imap/domain/abc.com where abc is a real directory after: /var/spool/imap/domain/abc.com where abc.com is a symbolic to a directory on another mounted filesystem # man mount mount --bind olddir newdir might do as well. Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: alternative login names
Wolfgang, Wolfgang Rosenauer schrieb (03.02.2013 20:29 Uhr): I'm running Cyrus imapd 2.3.x since quite some time for a group of users. My setup is LDAP based using saslauthd to pam_ldap currently and works just fine. But now I want to allow access to the mailboxes using the email address as an alternative to the system username. I have no real idea where to start how I could achieve that w/o changing the whole architecture of the system. Someone got a hint for me what to look at? I don't know much about pam_ldap, but as you have all the data in LDAP, why not switch to auxprop ldapdb and configure your LDAP to map the existing logins and mail address to the same object? Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: alternative login names
Wolfgang, Wolfgang Rosenauer schrieb (04.02.2013 14:25 Uhr): On Mon, Feb 4, 2013 at 10:07 AM, Marc Patermann hans.mo...@ofd-z.niedersachsen.de mailto:hans.mo...@ofd-z.niedersachsen.de wrote: Wolfgang Rosenauer schrieb (03.02.2013 20 tel:%2803.02.2013%2020:29 Uhr): I'm running Cyrus imapd 2.3.x since quite some time for a group of users. My setup is LDAP based using saslauthd to pam_ldap currently and works just fine. But now I want to allow access to the mailboxes using the email address as an alternative to the system username. I have no real idea where to start how I could achieve that w/o changing the whole architecture of the system. Someone got a hint for me what to look at? I don't know much about pam_ldap, but as you have all the data in LDAP, why not switch to auxprop ldapdb and configure your LDAP to map the existing logins and mail address to the same object? I actually needed a pointer into the right direction and I guess that is one. I've never used sasl ldapdb though and I have a hard time figuring out how and what to do. There are not too much options specific to ldapdb in SASL: http://cyrusimap.org/docs/cyrus-sasl/2.1.25/options.php Mine is somewhat like that: sasl_mech_list: PLAIN DIGEST-MD5 CRAM-MD5 LOGIN sasl_log_level: 5 sasl_pwcheck_method: auxprop sasl_auxprop_plugin: ldapdb sasl_ldapdb_uri: ldap://server.name sasl_ldapdb_id: adminuser sasl_ldapdb_pw: adminusersPW sasl_ldapdb_mech: PLAIN DIGEST-MD5 CRAM-MD5 LOGIN sasl_minimum_layer: 0 sasl_ldapdb_starttls: demand There are a few threads in the archive here. http://asg.andrew.cmu.edu/archive/index.php?mailbox=archive.info-cyrus From the documentation I found it's also not clear to me if a crypted userPassword as I use in my LDAP can be used in that setup. Look at this thread: http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.info-cyrussearchterm=auxprop%20ldapmsg=54167 If I understand correctly all the hard work to match usernames in done via some regexp which should be powerful enough to let me search the login name in uid and mail attributes? You have openLDAP, right? Mostly yes. You need regex for Mapping Authentication Identities http://www.openldap.org/doc/admin24/sasl.html#Mapping%20Authentication%20Identities You may need SASL Proxy Authorization to switch from your ldapdb_id to the authenticating user. Or did you actually refer to a different mapping in LDAP? Is there some sort of HOWTO somewhere or is all the information really spread in openldap, sasl and imapd documentation only? These are the tools involved. :) But the least is IMAPd, SASL is few and most is openLDAP mapping. Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: alternative login names
Wolfgang Wolfgang Rosenauer schrieb (04.02.2013 18:03 Uhr): I played around some more with openldap's SASL and ran exactly into the issue that SASL seems to explicitely _not_ support CRYPT userPasswords. So yes, keeping saslauthd using PAM would help with that. What did you test? (I did not do it myself.) Like an ldapsearch with -Y cram-md5 or -Y plain both do not work against an object where userPassword is encrypted with CRYPT? And both do work while it is encrypted with like SHA or unencrypted? Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: Restrict access to a single client device
Ram schrieb (01.02.2013 10:01 Uhr): On 02/01/2013 01:20 AM, Dale J Chatham wrote: You use SMTP authentication through postfix or sendmail. Google [ mail authentication relay ] and you should find lots of howtos. I'm setting it up to use a sasldb to authenticate external users in order to keep them apart from UNIX users. Be very certain that you use STARTTLS or some form of authentication for email. Also, if you're allowing internet access to e-mail, you'll want to use imaps or https. The idea is that end users configure their email on Desktop, Laptop , Phone , tablet, Ipad ... ( The list is getting longer every day ) So copies of the mail are floating everywhere. This raises a security concern I cant block access totally from outside. Employees should be allowed access from outside office , but only from the designated Laptop. One way would be to ask everyone to VPN to the office for mails , Is there anyway else. TLS client authentication with certificates? Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: Injecting a mail folder into a users inbox/restore from backup
Lars, Lars Schimmer schrieb (05.12.2012 11:47 Uhr): Aas I never needed to do it yet, I want to ask for the best way to restore users email which got lost... best is to try before you need it! ;) Situation: running cyrus on debian with users and mailboxes. User deleted on accident a folder in his INBOX (and cyrus did unlinked the files and removed the folder from disk already). I do backup from the INBOX structures on disk every night (in a basic simple way, see it as a snapshot of the mail disks of cyrus). Now I need a good way to inject the old folder user.xyz.INBOX.Folder into the live cyrus system. Is it easier to create a new user and copy with imap client? Or just copy the folder content into a new created folder on users inbox? Just copy back the file to the uses mailspool. Since mails are numbered in ascending order no file may be overwriten. Check for ownership and rights! Reconstruct the mailbox with -rf. reconstruct should discover the now new mailboxes (if you restore whole folders), if not you may create them with cyradm. Sometime we create a new mailbox - like user.foo.restore - where we restore the file, so the user see what was restored and can move it to the place he wants it himself. Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: Convert from basic to virtual
Dominique, Dominique schrieb (15.10.2012 13:06 Uhr): Hi list(s), people tend to love cross posting anyway. A few years ago we setup a simple postfix+Cyrus Mail server in the office (running on Ubuntu server). Across the years, we configured it to send and access our mails from various sources (in the office with tb, on the road though webgui, and recently through smartphones). All is well in the best of worlds. It is really basic configuration with its own certificate with a single domain name. Recently, we purchased two new domain names for a new project and wanted to include them to our mail server. I went on reading the postfix doc for virtual domains and got lost. Our mail users are independant from the linux users (virtual users) and I found a configuration description that looked like what I wanted. It seems the way to go, especially if we want to continue to add more domains in the future. However, I am not sure how to convert from our basic setup to a virtual domain setup, especially since I cannot find where and how to configure certificates per domain on a server with a single public IP. Does anyone have experience in converting from one to the other, and willing to give me pointers in my conversion process. Downtime is not a problem, but not losing the mailboxes is. I am cross posting on both Postfix and Cyrus list, since I am not sure where to get the answer from. My current configuration is as follow: Postconf -n to set up postfix for virtual users is one thing and off topic here. You do not need to use virtual users in cyrus as well. This is totally independent. If your IMAP user names have their own naming schema and that is independent from your SMTP mail addresses, which is totally OK, you can stick with that. Mapping between virtual SMTP mail addresses and IMAP users does postfix for you. Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: auxprop ldapdb
zorg, zorg schrieb (28.08.2012 12:46 Uhr): the documentation is not very clear to me If I want to use auxprop with ldapdb Do i have to store my user password in clear in ldap or is the another solution You don't have to store the password in cleartext. But you cannot use shared secret mechanisms with hashed passwords IMHO, but this is not special to ldapdb. Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: HowTo import Cyrus Mail-Dir into Thunderbird, without Cyrus?
Alexandros, Alexandros Gougousoudis schrieb (03.08.2012 12:33 Uhr): one friend got a copy of his maildirectory in Cyrus from the admins of his university when he left. They told him, he can import it into Thunderbird and use the old mails. How can this be done? Is there a converter? We're using also Cyrus, all emails are single files in /var/spool/cyrus/mail/user, I don't know any way how to use these files with a mailreader without the serversoftware. Any hint is welcome You may be better of at a Thunderbird mailing list. I would experiment with the ImportExportTools extension. https://addons.mozilla.org/de/thunderbird/addon/importexporttools/ Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: CC destinations dropped
Brian, brian schrieb (20.07.2012 01:22 Uhr): I believe the problem does not involve postfix, as pipe appears to be sending both. It looks to me as if lmtpunix is looking at just the one address and thinks there's a duplicate. You have postfix and spamassassin and procmail and last lmtp involed here. postfix/pipe[26602]: E401F7A25EF: to=ju...@domain.org, relay=spamassassin, delay=1.5, delays=0.23/0/0/1.3, dsn=2.0.0, status=sent (delivered via spamassassin service) Mail is relayed to spamassassin. What happened there, have you checked? postfix/pipe[26606]: 66E757A25FC: to=ju...@domain.org, relay=procmail, delay=0.2, delays=0.16/0/0/0.04, dsn=2.0.0, status=sent (delivered via procmail service) Mail is relayed to procmail. What happened there, have you checked? Did your grep in the mailboxes for the message-id? Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
loginrealm
Hi, my servers are configured to use mailboxes without realm or domain, like user.jdoe for user jdoe, where his mail address is like john@example.com. Authentication is against LDAP, where the mail adress is in the attribute mail and an attribute maildrop stores j...@imapserver.example.com which points to the IMAPd server used and his mail user name/mailbox. This works fine. Now we try to integrate SOGo. SOGo uses LDAP too and gets the IMAP user name from LDAP, where is only the attribute maildrop with the domain part appended to the username. May 27 11:16:22 mailserver imap[8581]: badlogin: client [10.49.9.74] plaintext j...@imapserver.example.com SASL(-13): authentication failure: cross-realm login j...@imapserver.example.com denied The hint on the SOGo list was to use loginrealm with imapserver.example.com. With this jdoe can authenticate against my IMAPd server, but it does not find a maildox, because it looks for j...@imapserver.example.com / user.j...@imapserver.example.com and not for jdoe / user.jdoe. Is there any way to get around this with IMAPd? Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: (important) cyrus-imapd 2.4.16 released
Hi, Jeroen van Meeuwen schrieb (19.04.2012 12:00 Uhr): I'm forwarding this message posted to the announcement mailing list originally, to let you know any upgrades should target 2.4.16 as opposed to 2.4.15. We are pleased to announce the release of Cyrus IMAPd 2.4.16. This is a stable release in the 2.4.x series. http://www.cyrusimap.org/mediawiki/index.php/Downloads#IMAP_Server claims 2.4.14 is the latest release: The latest stable/current release of the IMAP server is 2.4.14 The release process should include updating the wiki. There is not CHANGES page in the wiki, is there? Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: Cannot xfer or rename mailbox in murder
Nic, Nic Bernstein schrieb (04.05.2012 14:32 Uhr): In trying to bring up a murder with 2.4.10 just out of curiosity: Why do you start testing with 2.4.10, which is 3/4 of a year old, and not 2.4.16? Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: what does cyrus support through ldap?
Martin, Martin Kraus schrieb (24.04.2012 11:00 Uhr): Hi. I hoped that cyrus would be managable through ldap but that doesn't seem to be the case. Is the cyrus ldap support strictly for authentication? It's just that sasl can do that as well. I'd like to know if there are other options to managing mailboxes besides calling perl scripts. I need to come up with some kind of a graphical interface to manage mailboxes and I'm looking for the available options to interface with cyrus. I never used GOsa, but the documentation says it's for managing LDAP and has a plugin for managing cyrus IMAPd: https://oss.gonicus.de/labs/gosa/wiki/PluginInstallationMailCyrus Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: Imapsync alternative?
Hi, Paul van der Vlis schrieb (23.01.2012 13:07 Uhr): I've used in the past imapsync for mailbox migrations, but sometimes I found problems. For the latest version I have to pay. I can understand it from the view of the developer, maybe I will pay him for the latest version. But I will look for alternatives first, preferable those who are in Debian. Someone used the DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE and put version 1.476 it into github: https://github.com/imapsync/imapsync The latest version however is 1.480. http://imapsync.lamiral.info/ Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: OT: Syncing from Windows Live Office
Ram, Ram schrieb (20.01.2012 10:40 Uhr): I am tring to migrate users mails from Windows Live Office to my cyrus server They dont seem to support standard Imap commands I usually use ImapSync for migration but ImapSync is not able to authenticate I am using the standard options in imapsync --host1 exchange.liveoffice.com --ssl1 Getting an error like Error login: [exchange.liveoffice.com] with user [..] auth [CRAM-MD5]: 2 BAD Command Argument Error. 11 If you do not find any information on the web about it, you can still try to simulate the IMAP connection with imtest (or telnet) to find out what Windows Live offers to authenticate. If it's supporting IMAP at all... Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: anysievefolder and autosievefolders gone in 2.4?
Marten, Marten Lehmann schrieb (05.01.2012 02:21 Uhr): in my 2.3 setup I'm using anysievefolder: yes Since I control the sieve filters, I simply set anysievefolder to yes, but I could also have set autosievefolders to Junk. But now in the man page of 2.4 both options don't exist any longer. Are they actually removed? Or just replaced? Or is anysievefolder now true by default (was no before)? In my 2.3.16 install there is none of these option in man imapd.conf. Are you sure, they were not from a patch? Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: Compiling and libdb
Stephan, steff...@gmx.de schrieb (21.12.2011 10:07 Uhr): I have a problem that someone might have a solution for. I have two servers running cyrus imap 2.3.14 which is built against libdb-4.2. I would like to upgrade them to 2.4.12. As the indexes need to be upgraded I would like to test this beforehand so I restored the mail to a test machine and ran cyrus-imap 2.4.12. Unfortunately I got IOERROR: opening index user.xxx: System I/O error for each and every mailbox. I was hoping that this might be to the fact that on this machine the imapd was built against libdb-4.7 which is the version installed on the system but the index files where created by an imapd using libdb-4.2. Permissions on the files and directories are correct. Are your sure this is about the index files? Can you access the mailboxes.db? The other problem might be the seenstate and subscription dbs. I think are is information in the archive of this list about migrating away from bdb to e.g. skiplist (with cvt_cyrusdb), that might help you. Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: Virus Scanning moved imap files
Shelley, Shelley Waltz schrieb (30.11.2011 19:16 Uhr): Yes, I looked into this on-access scanner. What I was thinking was more like the postfix amavisd model, where the incoming goes through a filter before arriving at inbox. Is there a way to do this with sieve - send mail to a filter? IMHO Sieve neither works if you manipulate the mailbox by IMAP, but when the message is injected by LMTP e.a. /from the outside/. [To compare with postfix: amavis normally does not interact with inner-posfix actions like moving a mail from one queue to another, but when the mail arrives from outside.] But have a look at what Dave just suggested. Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: Virus Scanning moved imap files
Shelley, Shelley Waltz schrieb (30.11.2011 16:47 Uhr): I have two imap servers, one which has smtp(postfix) and virus scanning before delivery to imap. I have another imap archive server which has no smtp, but users simply move messages from their imap account(s) to the archive server. It appears that some messages have infections. My question is, other than wholesale scanning the entire imap directory, moving infected messages to a virus folder, and reconstructing the mailbox, is there a more elegant way? One which scans on arrival before depositing into inbox? I think you mean an on access scanner. There are a few IMHO i.e. http://www.clamav.net/lang/en/download/third-party-tools/3rdparty-fs/ But I am not sure what happens, if the just created/copied infected cyrus message file is (somehow) /handled/ by the scanner. Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: I can't create top-level folders
Francesc, Francesc Guasch schrieb (13.10.2011 12:20 Uhr): Hi. I just migrated to cyrus-2.2. from where, ancient Greece? SCNR ;) I wan't to add a shared folder so I need to create a top-level folder. I login as an admin user to cyradm but I can't create it. I checked the permissions, and they look fine. All the partitions are owned by the cyrus user. I see nothing in cyrus.log nor syslog or auth.log. Any help would be appreciated. Thank you very much. Tell exactly what you do. Do you have mailboxes yet? cyradm lm * Can you change or create them? cyradm cm user.bla.bla cyradm lam user.bla.bla How did you try? cyradm cm MySharedFolder What is your configuration? Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Telemetry logging doc?
Hi, to point someone on another mailing list to the right direction I searched the cyrus website for an entry about telemetry logging. But the search does not find any, is there any? If not, we could at least link to http://wiki.kolab.org/index.php/Cyrus_imap_telemetry_logging Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: cpu and cyrus
Hi, Craig White schrieb am 01.09.2011 15:44 Uhr: On Wed, 2011-08-31 at 16:34 -0400, John Madden wrote: So annoying that the stable release of debian isn't supported anymore. It seems like if you wait so long to release the stable version that it isn't supported anymore, it sort of defeats the purpose. Debian have been staying at 2.2 rather than moving up to 2.3 through two stable releases now. There is a limit to how long you can hold on to the past. Cyrus 2.3.0 was released in December 2005. There's a lesson here that I learned from the OpenLDAP folks that is re-enforced with Cyrus (and many other packages): You can't rely on your OS distributor beyond a certain scale. RHEL's OpenLDAP packages are fine a thousand objects, no good at all for a million. Some of the problems are too complex: imagine Debian delivering a functioning Murder out of the box or Red Hat combining the right version of BerkeleyDB with the right version of OpenLDAP. No thanks. It's well worth your time to maintain your own compiles and even packages of Cyrus because the package maintainers can't keep up. indeed though interestingly enough, OpenLDAP on Ubuntu is current. Once I saw that ubuntu was still featuring cyrus 2.2.13, I didn't even bother. For Ubuntu LTS, grab source for cyrus and compile - worked great. Only had to get a reasonably suitable sysv script to start/stop. Wouldn't it be great, if someone could offer a PPA for Cyrus IMAPd for Ubuntu and or Debian? I think it would really help. (I have never built a deb package myself, sorry.) Oh, at least here is a PPA with 2.4.8: https://launchpad.net/~cz.nic-labs/+archive/cyrus-imapd Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: Input on patch for ptclient/ldap requested
Jeroen, Jeroen van Meeuwen (Kolab Systems) schrieb am 09.08.2011 02:08 Uhr: Long story short, I would like to know of other people who use ptclient/ldap, yes, we do (around 60 servers). or have attempted to do so but failed, and the various use-case / deployment scenarios. I did not check on groups recently, but it would be nice, if - cyrus would work with hierarchical groups (groups in groups in groups, where the user is only in the latest group and the ACL would contain the first one; (we have groupOfNames groups with member=dn and inetOrgperson users, where rdn has nothing to do with the cyrus username) - memberOf etc. could be used Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: cannot retrieve mail in desktop client
Hi, Andrew Morgan schrieb am 30.06.2011 18:48 Uhr: On Thu, 30 Jun 2011, JonL wrote: after adding the required command in main.cf mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp I'm now getting the following error Jun 30 23:05:24 mmtlnx postfix/qmgr[13978]: 05C4A19B8A: from=839556+2D3-jlmiller=mmtnetworks.com...@lists.techtarget.com, size=4281, nrcpt=1 (queue active) Jun 30 23:05:24 mmtlnx postfix/lmtp[14146]: 05C4A19B8A: to=jlmil...@mmtnetworks.com.au, relay=none, delay=3, status=deferred (connect to /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp]: Permission denied) Make sure that your Postfix user has permissions to open that socket file. You might need to relax the permissions on the parent directories. Also, Postfix is frequently run in a chroot environment, so you may need to relocate your lmtp socket somewhere inside the chroot or disable chroot. On my SLES11 box I set: # grep lmtp /etc/cyrus.conf lmtpunix cmd=lmtpd listen=/var/spool/postfix/public/lmtp prefork=0 The socket is created like this by restarting cyrus IMAPd: # l /var/spool/postfix/public/lmtp srwxrwxrwx 1 root root 0 Apr 6 09:42 /var/spool/postfix/public/lmtp= Postfix is set to deliver there: # postconf mailbox_transport mailbox_transport = lmtp:unix:public/lmtp Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: Vacation Not Working...
Hi,
Nathanael D. Noblet schrieb am 12.05.2011 18:05 Uhr:
I have yet to get it working. I figured I'd give a recap of what has
changed since I started asking for help here.
I've added sieve_extensions: vacations to imap.conf and a
'telnet localhost sieve' shows that vacation is supported.
Good so far.
Your sendmail path sendmail: /usr/sbin/sendmail is working, I hope!?
Even for user cyrus?
Here is the simple standard script we use as default:
require vacation;
require fileinto;
if header :contains X-Spam-Flag YES {
fileinto INBOX.Junk;
stop;
}
vacation
:addresses [ possible@recipient.address1, possible@recipient.address2 ]
:subject subject text
Message text;
Pretty straight forward.
Marc
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: Trouble when upgraded to cyrus IMAP 2.3.16
Hi, Andres Tarallo schrieb am 11.05.2011 14:30 Uhr: We have a OpenSuSE 11.0 box with cyrus 2.3.11 (OpenSuSE RPMs). To upgrade hardware we installed a new box with OpenSuSE 11.4 and cyrus 2.3.16. This box task is to work as a dedicated IMAP/POP server for a few thousand mail accounts. It receives mail via LMTP from a postfix server. The new box doesn't receive mail from postfix and it's filling the log with this messages: cyruslogs/lmtp[24651]: DBERROR: dbenv-open '/var/lib/imap/db' failed: Resource temporarily unavailable cyruslogs/lmtp[24651]: DBERROR: init() on berkeley cyruslogs/lmtp[24651]: executed cyruslogs/lmtp[24648]: DBERROR db4: DB_AUTO_COMMIT may not be specified in non-transactional environment Did BDB version change between the opensuse releases? Do # ldd /usr/lib/cyrus/bin/lmtpd | grep bdb on both servers. The database format may be invalid with the installed bdb version. If it just deliver.db you may not lose too much information (vacation etc.) if you just delete it. Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: Mailbox quota after reconstruct
Erro, Eero Hänninen schrieb am 18.04.2011 12:35 Uhr: Whatever reason I have move mailboxes between mailbox hosts without murder setup, so I do: What Version of Cyrus is this? * create destination mailbox over imap port * set destination acl over imap port * set destination mailbox quota over imap port * copy from source host to destination host mailbox content (with cyrus.* files) with scp Why don't you copy over the mail via IMAP too? (imapsync etc.) * do reconstruct -rf on destination host for mailbox After that everything fine but quota. Quota shows 0% usage and new mails only will increase use of mailbox quota. So I run quota -f and everything went ok. So my question is this normal and I must run quota -f such kind messages move or should reconstruct/cyr_expire take care about it ? I think the quota reflects only IMAP changes on the mailbox and not those low level actions. As you need recontruct to tell cyrus there have been low level changes of the mailbox structure, you need to tell cyrus by quota -f that mail volume changes have happend on the mailbox. Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: Mailbox quota after reconstruct
Eero, Eero Hänninen schrieb am 18.04.2011 14:21 Uhr: On Mon, April 18, 2011 2:44 pm, Marc Patermann wrote: Eero Hänninen schrieb am 18.04.2011 12:35 Uhr: * create destination mailbox over imap port * set destination acl over imap port * set destination mailbox quota over imap port * copy from source host to destination host mailbox content (with cyrus.* files) with scp Why don't you copy over the mail via IMAP too? (imapsync etc.) scp seems be bit faster and I don't want know users passwords (talking about 100k users) Proxy authentication works quite good, so you do not need to know users' passwords. (Just migrated from 2.2.12 to 2.3.16 with imapsync.) Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: [OT] Outhouse not showing sent messages
Mike, Mike Eggleston schrieb am 27.01.2011 19:18 Uhr: I have a user at my small site that says, and I've seen it, that when a message is sent from Outhouse the message appears very briefly in the sent-items folder then is removed. I've verified the message is on the cyrus server, so no server issues there. I've looked for filters, making sure Outhouse is sending a copy of the message to the sent-items folder, had the user start Outhouse using the /clearviews switch to remove any custom settings (that the user does not remember making). I'm seeking suggestions on what I can try next. I don't know, what Outhouse is, but you should try telemetry logging on the cyrus server to see what happens in detail. Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: user_deny.db, very high load and Apple-Spotlight
Hi, Mark Heisterkamp schrieb am 12.04.2010 09:03 Uhr: we graded up to cyrus 2.3.16 a few weeks ago and since then the load average showed values from 200 to 300 a few times per day. The server has 16 cores, 64GB RAM an is attached to a SAN. This machine is quite powerfull. It serves about 5000 mailboxes. First we touched user_deny.db to get rid of these annoying IOERROR-messages. These messages where replaced by (annoying) 'fetching user_deny.db'-entries. A normal IMAP-user causes about 500 to 1500 of such messages in eight hours. But we found two users who 'generated' 500 (!) and 25 of such messages in this period. After phoning them we found out, that they where using Mac OS X and Thunderbird 3 (the one with 5 Mio messages) and Mail.app (the other one). Turning off the spotlight-search on IMAP-folders immediately turned the load average down to a normal value (about 0.2). I think we shouldn't advise 5000 users not to use Spotlight, we should deactivate user_deny.db. By the way, what is this database really good for? If we want someone not to use cyrus-service we deny this person by ldap for example. Kenneth Murchison stated in some mail on this list that user_deny.db is used once per login, that's definitely not true, it is used every time the client 'uses' an IMAP-folder and that can be pretty often! Maybe we can change this behaviour by some config? Is it possible to deactivate fetching user_deny.db-entries by some config-option or do we have to patch the sources? I have this issue, too. But there is no Mac involved. It is just Thunderbird on the client (Win*/Linux) side. I created user_deny.db with touch to make the one error message go away. Now I have lots of fetching ... messages in the log (2.3.16). Is there anything to do about this? Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: competition
Hi, André Schild schrieb am 21.09.2010 10:40 Uhr: Am 21.09.2010 09:31, schrieb Pascal Gienger: I begin to be tired from this dovecot is much more besser, you HAVE TO USE IT, why don't you migrate, ... ...? Yes, I'm too. But this is what you see in forums and mailing list. And my post is intended to see what the Cyrus community can do to /explain/ the product any better. 2. Newbies, which do not know cyrus, they just ask for advice and a simple starter experience with the imap server. In the last month there has been much posts of type Dovecot is the greates/simples/best/etc. So the new users are very likely to go to dovecot instead of cyrus, because of advices from other internet users. This is my experience, too. One important thing is the documentation of the imap server, and there cyrus could offer more (Just my opinion) The new web site is a good start. We should start a best practice section in the wiki. - How do I install Cyrus on Debian/Ubuntu/...? - From single server to multi server? - How to start with partitions and why? - Where to get latest releases (rpm/deb) when is not in my distriburtion (simon matter etc.)? - Everyone is talking about Push-Mail - how to do it with Cyrus? - What if I want Groupware later, can I still use Cyrus? (link to projects supporting Cyrus, OX etc) - I want to have virtual users in LDAP/RDBMS - how to do it? There may be much more basic task which may be well know to us but would be interesting to newbies to know. IMHO the What is Cyrus? page should be worked over. Why do we not talk about who is using Cyrus IMAPd and how - Success Stories (fastmail.fm?)? Just my 2 Cent Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: competition
Hi, Adam Tauno Williams schrieb am 21.09.2010 12:04 Uhr: On Tue, 2010-09-21 at 11:44 +0200, Marc Patermann wrote: André Schild schrieb am 21.09.2010 10:40 Uhr: Am 21.09.2010 09:31, schrieb Pascal Gienger: I begin to be tired from this dovecot is much more besser, you HAVE TO USE IT, why don't you migrate, ... ...? Yes, I'm too. But this is what you see in forums and mailing list. And my post is intended to see what the Cyrus community can do to /explain/ the product any better. Be there is the only thing I can think of. The only way to counter advocates is to be one. Yes, Be there - but Be prepared and have something to point to: See it is easy and all there, dude! One important thing is the documentation of the imap server, and there cyrus could offer more (Just my opinion) The new web site is a good start. We should start a best practice section in the wiki. - How do I install Cyrus on Debian/Ubuntu/...? Ugh, please no. Distro specific directions are lame, pointless, and unmaintainable [beyond possibly packages-are-here]. Yes, you're right. But in many cases it just point to somewhere else, which might be better than having nothing. For Ubuntu there is a howto: http://wiki.ubuntuusers.de/Cyrus_IMAPD and what do you get? 2.2.13 - uargh: http://packages.ubuntu.com/lucid/cyrus-imapd-2.2 That may not be, what we want. Once the packages are installed setting up is essentially the same everywhere. Yes. But install is always first. If you do not get the user to get it installed, everything else is useless. If you were a newbie and most people were trying to talk you away from Cyrus and there is no deb or rpm, would you try to compile the software yourself? - From single server to multi server? - How to start with partitions and why? - Where to get latest releases (rpm/deb) when is not in my distriburtion (simon matter etc.)? - Everyone is talking about Push-Mail - how to do it with Cyrus? It just happens if you your client supports IMAP idle. _I_ know that. :) It is just one example what I think user could search for. And Push mail IMHO was one of the email buzz words of the last few years. K9 on the Android seems to work very well with Cyrus in the 'push' mode. Although I've noticed users usually turn it off within a couple of weeks - really, nobody wants push-mail once they have it. I disagree. - What if I want Groupware later, can I still use Cyrus? (link to projects supporting Cyrus, OX etc) Shameless self promotion -I have a chapter on Cyrus in WMOGAG (OpenGroupware Administrator's Guide) http://docs.opengroupware.org/Members/whitemice/wmogag/file_view I've gotten quite a few compliments on it. You could put your Shameless self promotion in the wiki then. :) Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
competition
Hi, where does Cyrus IMAPd stand today? When I was starting to think about moving to a open source mail system (migrating away from Lotus Domino btw.), there ware Cyrus IMAPd, Courier and UW-IMAP I think. Cyrus was the only full flavored IMAP server with active development. We were going the 2.2. path, while 2.3 seemed to fresh. So there was development. On the other side there were still many people complaining about Cyrus being too complex and too unstable with all the BDB fiddlings. Then dovecot emerged and quickly evolved. I don't know why, but I seemed to become everyone's darling the the favorite IMAP server to many people. It came up with SIEVE and ACLs, which before were more or less a domain of Cyrus. And yet it is still evolving fast, with easy replication mechanisms, SIS etc. And still, if someone asks a mailing list (not here certainly) how to start with IMAPd, many people shout, to go with dovecot and not using Cyrus. I don't know, where this bad karma is coming from - I'm still happy with Cyrus. One point may have been from the documentation, that's why I really appreciate the new web site. I hope it will help. But where does Cyrus IMAPd stand today? It may be Murder/Aggregator - but how to get the people, when on first contact, where they just need a simple IMAP server, they are pointed to other product, which they then stay with? Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: De-duping attachments
Hi, Shuvam Misra schrieb am 15.09.2010 03:40 Uhr: How difficult or easy would it be to modify Cyrus to strip all attachments from emails and store them separately in files? In the message file, replace the attachment with a special tag which will point to the attachment file. Whenever the message is fetched for any reason, the original MIME-encoded message will be re-constructed and delivered. mh, OK, I'm not sure if I should post this here, but the is another IMAP server (some say: the new kid on the block) and as I came above it a few day ago, they are working on the same thing: http://blog.dovecot.org/2010/07/single-instance-attachment-storage.html I did not follow the discussion, but at least there is a discussion about this feature elsewhere. Marc Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
setquota in Python
Hi,
for my migration purposes (2.2.12 - 2.3.16) I'm experimenting with
python (2.4.2) to transfer the quota information from the old to the new
server.
When I try to set the quota (on the old testserver, 2.2.12), I get the
following error:
from imaplib import *
quellserver = bar
s_server = IMAP4(quellserver)
s_server.login(cyrus,pw)
('OK', ['User logged in'])
r = s_server.getquota(user.foo)
('OK', ['user.foo (STORAGE 0 2)'])
r = s_server.setquota(user.foo,5000)
Traceback (most recent call last):
File stdin, line 1, in ?
File /usr/lib64/python2.4/imaplib.py, line 651, in setquota
typ, dat = self._simple_command('SETQUOTA', root, limits)
File /usr/lib64/python2.4/imaplib.py, line 1028, in _simple_command
return self._command_complete(name, self._command(name, *args))
File /usr/lib64/python2.4/imaplib.py, line 865, in _command_complete
raise self.error('%s command error: %s %s' % (name, typ, data))
imaplib.error: SETQUOTA command error: BAD ['Invalid quota list in
Setquota']
What am I doing wrong?
Marc
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: setquota in Python
Hi, Reinaldo de Carvalho schrieb am 14.07.2010 13:09 Uhr: On Wed, Jul 14, 2010 at 7:57 AM, Marc Patermann hans.mo...@ofd-z.niedersachsen.de wrote: for my migration purposes (2.2.12 - 2.3.16) I'm experimenting with python (2.4.2) to transfer the quota information from the old to the new server. ... What am I doing wrong? Look http://python-cyrus.sf.net Thanks. So the simple answer is: r = s_server.setquota(user.ystaats,(STORAGE 5)) :) Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: migrating sieve scripts
Hi, Marc Patermann schrieb am 06.07.2010 14:42 Uhr: while everyone is talking about migration mail data (I think, I'm going the imapsync way), no one is talking about migrating sieve scripts!? By hand this could be done by sieveshell and - list; old server - get; old server - put; new server commands. So scripting around the Cyrus::SIEVE module in perl might be the best way. Does anyone have any script to build on? For the record: While searching for any documentation on Cyrus::SIEVE module beyond the blah blah blah man page, I found this: http://heim.ifi.uio.no/kjetilho/hacks/managesieve_sync-1.0 Thanks Kjetil Torgrim Homme! :) Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
migrating sieve scripts
Hi, while everyone is talking about migration mail data (I think, I'm going the imapsync way), no one is talking about migrating sieve scripts!? By hand this could be done by sieveshell and - list; old server - get; old server - put; new server commands. So scripting around the Cyrus::SIEVE module in perl might be the best way. Does anyone have any script to build on? BTW: I'm going to migrate from 2.2.12 and AIX to SLES and 2.3.16. Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: /var/spool/cyrus/mail/x/share in the filesystem
Jakob Lenfers schrieb am 14.06.2010 11:10 Uhr: Am 09.06.2010 15:55, schrieb Dan White: On 09/06/10 09:13 +0200, Jakob Lenfers wrote: localhost listacl share.mail-test anyone p Seems like it shouldn't be shared. Anyone can send mail - p = post - to this shared folder. Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus-Imap and auxprop ldap
Julien,
Julien Vehent schrieb:
However, I can't make this work with imapd. I tried to reuse information
from the man page, but it brought me nowhere...
My imapd.conf contain the following (regarding sasl and ldap only):
-
# grep -E sasl|ldap /etc/imapd.conf |grep -v #
sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: ldapdb
sasl_auto_transition: no
ldap_uri: ldap://localhost
ldap_realm: example.net
ldap_id: cyrus
ldap_password: cyrusadmin
-
I have it like this:
sasl_log_level: 5
sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: ldapdb
sasl_ldapdb_uri: ldap://server
sasl_ldapdb_id: user
sasl_ldapdb_pw: password
sasl_ldapdb_mech: PLAIN DIGEST-MD5 CRAM-MD5 LOGIN
allowplaintext: no
sasl_minimum_layer: 0
sasl_ldapdb_starttls: try
sasl_ldap_search_base: ou=foo
sasl_ldap_search_filter: attribute=%U
do you have ptloader configured and running?
# ptloader ldap:
ldap_id: user
ldap_sasl: 1
ldap_password: password
ldap_uri: ldap://server
ldap_start_tls: 0
ldap_mech: PLAIN DIGEST-MD5 CRAM-MD5 LOGIN
ldap_tls_cacert_file: file.pem
ldap_tls_cert: file.pem
ldap_tls_key: file.pem
ldap_base: ou=foo
ldap_group_base: ou=gruppen,ou=foo
ldap_group_filter: ou=%U
ldap_member_attribute: member
ldap_group_scope: sub
ldap_member_method: attribute
cyrus.conf:
SERVICES {
...
ptloader cmd=ptloader listen=/mail/imap/ptclient/ptsock prefork=1
Marc
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus vacation notice
Joseph, Andrew Nash schrieb: Thanks very much for your reply. From my testing, I think all vacation messages to external senders are failing. You did not provide the previously ask for log files. What do the postfix and imapd log file say on a failing attempt? I had a look through various configuration files, and saw that the MTA (postfix) was sending errors to a postmaster address. What errors? I couldn’t find any trace of a postmaster mailbox, so I changed the error logging address to ‘root’. If postfix may not have been able to deliver to the postmaster mailbox there must be information in the log file about this. If error message go to an non existing mailbox this is an configuration problem. Fix this! The outgoing vacation notices ended up in the root user’s mailbox, so it looks like there is something wrong with the way Cyrus/Sieve is replying to the sender. I’ve copied out an example message which is ending up in the root mailbox (I’ve changed server and domain name etc): Again: Please provide log files! Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Metapartitions
Diego, Diego Ventrice schrieb: Andrew, Could you just exlplain to me the metapartition ? Don't you want answers from anyone else? ;) What info is kept there and which is there regular location ? metapartition-p1: /var/spool/cyrus/mail/meta1 metapartition_files: index cache expunge squat So, you found the metapartition_files directive and still want to know what it does? metapartition_files: empty string Space-separated list of metadata files to be stored on a metapartition rather than in the mailbox directory on a spool partition. Allowed values: header, index, cache, expunge, squat metapartition-name: none The pathname of the metadata partition name, corresponding to spool partition partition-name. For any mailbox residing in a directory on partition-name, the metadata files listed in metapartition_files will be stored in a corresponding directory on metapartition-name. Note that not every partition-name option is required to have a corresponding metapartition-name option, so that you can selectively choose which spool partitions will have separate metadata partitions. [man imapd.conf] What do you think files named header, index, cache, expunge and squat in this context contain? ;) Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Redirect on overquota
Hi, ram schrieb: Can I set up lmtp such a way that the overquota messages are redirected to a postmaster account What do you mean by that? If the mailbox is over quota LMTP rejects the mail with a temporary error 4xx. So the MTA can not deliver it (this time). In this case the MTA has to deal with it. If you want to do something else with this message when, I would check there. [IMAPd does not a have a mailqueue to store mail to go to somewhere else and forward it there - excluding the sieve redirect mechanism, but in this case the message is successfully delivered to the user anyway.] Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Security with TLS
Hi, Nybbles2Byte schrieb: Two quick questions: Is there a setting in the Cyrus server to force the use of security like STARTTLS in the email clients? I may be wrong, but with allowplaintext: 0 in imapd.conf you deny unencrypted connections with plain/login. You then must use TLS/SSL+plain/login or CRAM-MD5/Digest-MD5. If you don't have CRAM-MD5/Digest-MD5 enabled, there ist only encrypted plain/login left. It didn't work when I specified SSL/TLS in Thuderbird it does work with STARTTLS. What does/does not work? I don't understand. My understanding is that SSL/TLS would be better because you start off secured right from the start instead of starting in clear text and then negotiating a secured connection. If this is not correct, please enlighten me, if it is correct, is there a way to make cyrus accommodate SSL/TLS? Take a look at the TLS fails on imaps port thread. Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyradm doesn't show any mailboxes
Kővári, Kővári János schrieb: Ok, I found the following, if that helps to find the problem: If I use cyradm and log in with any user, the lm command lists the user's own mailbox only. That is to be expected. When logging in with the cyrus user, it doesn't list anything, since cyrus has no mailbox. The admin user must not have a mailbox itself, so this is right to. But the admin user's lm should show all the mailboxes existing. With the cyrus user, I can list all user mailboxes, but not shared folders, with the command: lm user/* Shared mailboxes normally are not suited under the user tree (you are using the / separator, are you using unixhierarchysep?), so it is to be expected that there are no shared mailboxes visible with lm user.* Can you dump mailboxes.db to a file and look for the mailboxes you are searching for? su - cyrus -c ctl_mboxlist -d $CONFIGDIRECTORY/mailboxlist.txt - http://cyrusimap.web.cmu.edu/twiki/bin/view/Cyrus/Backup Did you post your config files here before? Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Recovering shared folder contents from tar.gz backup?
Hi, Kővári János schrieb: Andrew Morgan írta: On Fri, 22 Jan 2010, Kővári János wrote: 6. Run 'recover', the Legato backup client. 7. 'changetime' to change the time to recover data from. 8. 'add filename' to add the files to restore. To restore all the messages in the folder, use 'add *.'. 9. 'relocate RESTORE' to recover files into the RESTORE directory instead of the current directory. 10. 'recover' to recover the files. 11. 'quit' to quit out of the recover program. I don't have 'recover', the Legato backup client. I was googling for it and found a couple similar (non-free?) stuff, and became confused which one you mean. And I was too lazy to try and install any of these and fiddle with them. IMHO this was just what Andrew does - for example!. 'recover', the Legato backup client is _his_ backup solution (These are the steps I follow ...). If you haven't backed up your stuff with Legato, there is no need to try 'recover', the Legato backup client at all ... So I was looking for another solution. It is _always_ a clever idea to try backup/restore _before_ you have to use it! ;) Luckily, I found a very simple and convenient method, Well convenient - in a way. :) Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Auto Create Account
Hi Shelley, Shelley Waltz schrieb: I currently use the following to automatically create a new account if the user is defined in the LDAP database. autocreatequota: 50 autocreateinboxfolders: Sent|Trash|Spam|Virus autosubscribeinboxfolders: Sent|Trash|Spam|Virus I wish to disable this feature, but easily do the same manually. If the user is in my LDAP database, is there an equivalent command which will create the user with a certain set of defaults such as the above? Or must I do this manually using cyradm? There is groupware (IMHO Kolab 2.0 or OX), which replicates to a perl/shell backend, which performs mailbox actions on LDAP changes. You may have a look at it, it may help you to automate your actions. [This is plain from my brain memory.] Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: move mailboxes and mark email as read
Hi, Thomas Vogt schrieb: I'll move several thousand cyrus mailboxes to a new server. Old Server was running cyrus imapd 2.2, new server runs cyrus imapd 2.3. The task seems pretty trivial. I tar all users starting with A (later b,c,d..), create all mailboxes on the new server with cyradm (script), extract the tar file, reconstruct all mailboxes. The only problemI have, is seen.db. On my new server, every email is marked as new, unread email. Is there a way to fix this? # man cvt_cyrusdb # /usr/lib/cyrus/bin/cvt_cyrusdb Usage: /usr/lib/cyrus/bin/cvt_cyrusdb [-C altconfig] old db old db backend new db new db backend Usable Backends: berkeley, berkeley-nosync, flat, skiplist, quotalegacy Dump to flat file, copy to new server, convert back to desired bd format. [Should work, untested here. Inspired by http://wiki.linuxwall.info/doku.php/en:ressources:dossiers:cyrus:repair_skiplist] Or you copy by imapsync. Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: configuration option for db-files in a different path than mailboxes?
Hi, Ingo Steuwer schrieb: I'm in building a test-environment where I'd like to setup my cyrus mail spoll (/var/spool/cyrus/mail) on a NFS filesystem. I know that locking issues in NFSv3 prevent a clean mail delivery with cyrus and want to give NFSv4 a try. My suspect from older tests was, that the handling of cyrus.index and other database-files (cyrus.cache, cyrus.header, cyrus.squat) isn't possible on NFSv3. Beside changing the NFS version, I thougt of an option where those files are stored on a different (non-NFS) partition. Does anybody know about a way to configure the path of those files? Or are there ways to move them after creation? check for metapartion in your imapd.conf man page: metapartition_files: empty string Space-separated list of metadata files to be stored on a metapartition rather than in the mailbox directory on a spool partition. Allowed values: header, index, cache, expunge, squat metapartition-name: none The pathname of the metadata partition name, corresponding to spool partition partition-name. For any mailbox residing in a directory on partition-name, the metadata files listed in metapartition_files will be stored in a corresponding directory on metapartition-name. Note that not every partition-name option is required to have a corresponding metapartition-name option, so that you can selectively choose which spool partitions will have separate metadata partitions. Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Folder rights problem
Hi, list...@gmx.de schrieb: one of our employees complies that in his thunderbird changed two normal folders to greyed-out folders, e.g. it´s not possible to put messages inside. If I access this account with my own thunderbird, I see the same. But we have no acl´s set set for this account, and my cyradm says for this folder: cyrus lrswipcda So your employee has no rights on this folder? But on underlaying folders he has? Otherwise the folder may not be grey/shown. I have seen cases where users with enough rights moved shared folders into their own account, which made their INBOX show up in other users folder list (grey) because the shared folder was now beyond this INBOX. :) Probably there is something wrong with one of cyrus´ databases? But with which one, and how to fix it? And we have no error messages in our logfiles. Maybe it's PEBKAC. :) Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: INBOX Prefix problem with sasldb authentication
Hi, Frédéric MERCIER schrieb: Whith the defaultdomain option set to mydomain.net, the authentication don't work anymore because it try to authenticate with test instead of t...@mydomain.net You may have to check of that before. Otherwise all users have to change their authentication credentials (from user to u...@domain). What does your sasldb entries look like? You have to check the realm. Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Logging region out of memory
Pascal Gienger schrieb: Sep 2 11:28:39 rzhs199 local6:warn|warning lmtpunix[1171642]: DBERROR db4: Logging region out of memory; you may need to increase its size Increase logging region size. That's what I did (tried). But then I got this strange ptloader errors. Sep 2 13:42:28 rzhs199 local6:debug ptloader[2212060]: accepted connection Sep 2 13:42:28 rzhs199 local6:err|error ptloader[2212060]: Unable to set LDAP_OPT_X_SASL_SECPROPS. Sep 2 13:42:28 rzhs199 local6:err|error imap[3440844]: ptload(): bad response from ptloader server: ptsmodule_connect() failed Does the DB_CONFIG interfere with the /mail/imap/ptclient/ptscache.db here? Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Logging region out of memory
Hi, I have IMAPd 2.2.12 and BDB 4.2.52: When I got: Sep 2 11:28:39 rzhs199 local6:warn|warning lmtpunix[1171642]: DBERROR db4: Logging region out of memory; you may need to increase its size Sep 2 11:28:39 rzhs199 local6:err|error lmtpunix[1171642]: DBERROR: opening /mail/imap/ptclient/ptscache.db: Not enough space Sep 2 11:28:39 rzhs199 local6:err|error lmtpunix[1171642]: DBERROR: opening /mail/imap/ptclient/ptscache.db: cyrusdb error Sep 2 11:28:39 rzhs199 local6:warn|warning lmtpunix[4227234]: DBERROR db4: Logging region out of memory; you may need to increase its size Sep 2 11:28:39 rzhs199 local6:err|error lmtpunix[4227234]: DBERROR: opening /mail/imap/deliver.db: Not enough space Sep 2 11:28:39 rzhs199 local6:err|error lmtpunix[4227234]: DBERROR: opening /mail/imap/deliver.db: cyrusdb error Sep 2 11:28:39 rzhs199 local6:err|error lmtpunix[4227234]: FATAL: lmtpd: unable to init duplicate delivery database Mass mail could not be delivered in time because LMTP had errors. I found DB_CONFIG in /mail/imap/ :/mail/imap # cat DB_CONFIG set_cachesize 0 8388608 8 set_lg_regionmax 524288 set_lg_bsize 2097152 and these files :/mail/imap # l 45888 insgesamt drwxr-xr-x 12 cyruscyrus 4096 02 Sep 12:00 . drwxr-xr-x 6 cyruscyrus 256 28 Jun 2007 .. -rw--- 1 cyruscyrus 144 02 Sep 12:03 annotations.db drwxrws--- 2 cyruscyrus 4096 02 Sep 04:14 db drwx-- 2 cyruscyrus 256 02 Sep 11:44 db.backup1 drwx-- 2 cyruscyrus 256 02 Sep 11:14 db.backup2 -rw-r--r-- 1 cyruscyrus72 08 Jan 2009 DB_CONFIG -rw--- 1 cyruscyrus 21336064 02 Sep 12:03 deliver.db drwxr-xr-x 2 root system 256 29 Nov 2007 lost+found -rw--- 1 cyruscyrus 1106000 02 Sep 12:03 mailboxes.db -rw-rw 1 cyruscyrus689810 02 Sep 11:37 mailboxes.tsm -rw-r- 1 root system8 20 Apr 10:45 master.pid drwxrws--- 2 cyruscyrus 256 29 Nov 2007 msg drwxrws--- 2 cyruscyrus102400 02 Sep 12:04 proc drwxrws--- 2 cyruscyrus 256 20 Apr 10:45 ptclient drwxrws--- 26 cyruscyrus 4096 29 Nov 2007 quota drwxrws--- 2 cyruscyrus 256 20 Apr 10:45 socket -rw--- 1 cyruscyrus139264 02 Sep 12:03 tls_sessions.db drwx-- 26 cyruscyrus 4096 30 Nov 2007 user But the DB_CONFIG setting seemed not to be active. :/mail/imap # db_stat -m -h db 641KB 604B Total cache size. 1 Number of caches. 648KB Pool individual cache size. 0 Requested pages mapped into the process' address space. 53M Requested pages found in the cache (96%). 2318503 Requested pages not found in the cache. 23 Pages created in the cache. 2318494 Pages read into the cache. 1311629 Pages written from the cache to the backing file. 1479063 Clean pages forced from the cache. 839315 Dirty pages forced from the cache. 0 Dirty pages written by trickle-sync thread. 158 Current total page count. 89 Current clean page count. 69 Current dirty page count. 67 Number of hash buckets used for page location. 57M Total number of times hash chains searched for a page. 15 The longest hash chain searched for a page. 177MTotal number of hash buckets examined for page location. 128MThe number of hash bucket locks granted without waiting. 1030The number of hash bucket locks granted after waiting. 297 The maximum number of times any hash bucket lock was waited for. 12M The number of region locks granted without waiting. 1747The number of region locks granted after waiting. 2318893 The number of page allocations. 4713896 The number of hash buckets examined during allocations 5 The max number of hash buckets examined for an allocation 2318377 The number of pages examined during allocations 2 The max number of pages examined for an allocation =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Pool File: /mail/imap/ptclient/ptscache.db 4096Page size. 0 Requested pages mapped into the process' address space. 9465518 Requested pages found in the cache (92%). 809878 Requested pages not found in the cache. 23 Pages created in the cache. 809878 Pages read into the cache. 279900 Pages written from the cache to the backing file. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Pool File: /mail/imap/deliver.db 4096Page size. 0 Requested pages mapped into the process' address space. 41M Requested pages found in the cache (97%). 1443266 Requested pages not found in the cache. 0 Pages created in the cache. 1443257 Pages read into the cache. 957015 Pages written from the cache to the backing file. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Pool File: /mail/imap/tls_sessions.db 4096Page size. 0 Requested pages mapped into the process' address space. 1780221 Requested pages found in the cache
Re: Ptloader configuration in Cyrus IMAP
Hi, Evgeniy Arbatov schrieb: Thank you for your suggestions! They helped me a great deal. The situation is better now, in a sense that ptloader connects to LDAP and finds something. OK. :) After corrections my imapd.conf: This ist what I have. auth_mech: pts pts_module: ldap ptloader_sock: /var/lib/imap/socket/ptclient sasl_mech_list: PLAIN DIGEST-MD5 CRAM-MD5 LOGIN sasl_log_level: 5 sasl_pwcheck_method: auxprop sasl_auxprop_plugin: ldapdb sasl_ldapdb_uri: ldap://tfas099.foo sasl_ldapdb_id: xxx sasl_ldapdb_pw: sasl_ldapdb_mech: PLAIN DIGEST-MD5 CRAM-MD5 LOGIN allowplaintext: yes sasl_minimum_layer: 0 sasl_ldapdb_starttls: Demand sasl_ldap_search_base: ou=humans,ou=foo sasl_ldap_search_filter: maildrop=%U lmtp_overquota_perm_failure: no maxmessagesize: 2500 ldap_id: ldap_sasl: 1 ldap_password: ldap_uri: ldap://tfas099.foo ldap_mech: PLAIN DIGEST-MD5 CRAM-MD5 LOGIN ldap_tls_cacert_file: /opt/mail/etc/openldap/ssl/ca2006.pem ldap_tls_cert: /opt/mail/etc/openldap/ssl/cert2006.pem ldap_tls_key: /opt/mail/etc/openldap/ssl/key2006.pem ldap_base: ou=humans,ou=foo ldap_group_base: ou=gruppen,ou=humans,ou=foo ldap_group_filter: ou=%U ldap_member_attribute: member ldap_group_scope: sub ldap_member_method: attribute The LDAP now looks as following: I use group like you did before. Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Ptloader configuration in Cyrus IMAP
Evgeniy, Evgeniy Arbatov schrieb: Dear list, I want to ask your advice on the use of ptloader for LDAP-based authorization in Cyrus IMAP. I configured my Cyrus IMAP to use ptloader: [...] Can you tell where I am wrong? auth_mech: pts was mentioned before. Did you set ptloader_sock in imapd.conf? What does the log say about ptloader? Does it start? Does it get any data? Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Ptloader configuration in Cyrus IMAP
Duncan, Duncan Gibb schrieb: EA pts_module: ldap This module is currently very difficult to configure, IMHO. That's true. :) But it's doable. EA ldap_member_method: attribute This method doesn't work they way you might expect. It finds the user object and wants to see the names of the groups of which the user is a member in the named attribute of the user. For example: dn: cn=Evgeniy Arbatov,ou=users,ou=people,dc=example,dc=com cn: Evgeniy Arbatov ou: admins ou: othergroup ou: thirdgroup If you want to put the names of the members into the group objects, you probably need to use the filter method. dn: cn=admins,ou=groups,ou=people,dc=example,dc=com uid: admins member: cn=Evgeniy Arbatov,ou=users,ou=people,dc=example,dc=com I don't believe the current implementation supports this style of group membership (groupOfUniqueNames and similar). It's much more orientated towards posixGroup-style groups. It does IMHO. Here it ist my config: ldap_id: xxx ldap_sasl: 1 ldap_password: ldap_uri: ldap://tfas099.foo ldap_mech: PLAIN DIGEST-MD5 CRAM-MD5 LOGIN ldap_tls_cacert_file: /opt/mail/etc/openldap/ssl/ca2006.pem ldap_tls_cert: /opt/mail/etc/openldap/ssl/cert2006.pem ldap_tls_key: /opt/mail/etc/openldap/ssl/key2006.pem ldap_base: ou=humans,ou=foo ldap_group_base: ou=gruppen,ou=humans,ou=foo ldap_group_filter: ou=%U ldap_member_attribute: member ldap_group_scope: sub ldap_member_method: attribute Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus Imap final setup problems
Hi, Nybbles2Byte schrieb: I have a setup with the following: OpenSuSE 11.0 (x86_64) Postfix 2.5.1-28.5 (x86_64) Cyrus SASL 2.1.22-140.1 (x86_64) Cyrus Imap 2.3.11-31.1 (x86_64) MySQL 5.1.35-34.1 All of these are on the same computer. Yuo can have newer version, if you look at http://software.opensuse.org/search I.e. cyrus-imapd-2.3.14-12.1 http://download.opensuse.org/repositories/home:/Marcus_H/openSUSE_11.0/x86_64/cyrus-imapd-2.3.14-12.1.x86_64.rpm I also have an LDAP enabled version for SuSE here. Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Migrate from 2.2. to 2.3 with ldap
Hi, Michael Menge schrieb: Marc Patermann schrieb: I'm a bit stuck. I want to migrate from 2.2.12 to a recent 2.3.x server. Does no one use 2.3 with ldap and can point in the right direction? We use Cyrus 2.3 with pam mand pam_ldap, if you don't need support for group permissions, this works fine without ptloader. I'm not sure, is this the sasl part with saslauthd I supose or for auth_mech: unix? I don't want to use PAM anyway. I tried auth_mech: pts pts_module: ldap So I think I need ptloader with ldap. Without the ptloader service configured in cyrus.conf, cyrus nevertheless creates a ptcache.db. ptload() tries to ping ptloader, what fails. can't connect to ptloader server: no such file or directory No data available at all from ptload() With the service cyrus complains about not being able to start is (because the is no such binary). Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Migrate from 2.2. to 2.3 with ldap
Hi, Marc Patermann schrieb: I tried a walk with CenOS 5.3 now, which provides ldapdb and cyrus with ldap and ptloader (that is what ldd ptloader says). I configured imapd.conf and cyrus.conf. ps shows ptloader is running. The defined socket is created. srwxrwxrwx 1 root root 0 10. Jun 17:00 /var/lib/imap/socket/ptclient Nevertheless cyrus complains: can't connect to ptloader server: no such file or directory No data available at all from ptload() Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Migrate from 2.2. to 2.3 with ldap
Hi, Marc Patermann schrieb: I'm a bit stuck. I want to migrate from 2.2.12 to a recent 2.3.x server. Does no one use 2.3 with ldap and can point in the right direction? Do I not need any ptloader for ldap anymore? If I not wrong, cyrus 2.3 complains about not being able to connect to ptloader, so it seems to be necessary ... Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Migrate from 2.2. to 2.3 with ldap
Hi, I'm a bit stuck. I want to migrate from 2.2.12 to a recent 2.3.x server. cyrus.conf includes ptloader cmd=ptloader listen=/mail/imap/ptclient/ptsock prefork=1 imapd.conf includes ldap_* parameters sasl_ldap* parameters (with auxprop ldapdb) Current install is with ldap enabled, build with --with-ldap=/opt/freeware --with-pts=ldap \ --with-auth=pts In 2.3. there is only with-ldap left. Is this enough to build with the intended ldap support? The available rpms from openSuSE Build Service (openSuSE 11.1 or SLES 11) form SLES 11 all do not have the with-ldap option set. I cannot find any ptloader binary after install. Do I not need any ptloader for ldap anymore? Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus + Sieve
Hi, Gottschalk, David schrieb: That must be my issue then. Every message in my inbox has a Return-path of: dgot...@servername (No domain extension just the server hostname) This might be the issue then. If your MTA is not too open, relaying with this sender might not be allowed and your vacation mail is never ever sent to to intended recipient which is the original sender. Even though the message did not come from myself, but a external recipient. Don't you mess up vacation mail sender and sender of the mail on which to send a vacation message? The sender obove is the cyrus generated sender for the cyrus generated vacation mail. I think you are referencing here to the original mail instead, are you? Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
rpms for SLES 10
Hi, does anyone have a useful repository with latest IMAPd packages for SuSE Linux Enterprise Server 10 (SLES10)? The official packages are still 2.2.x. http://www.novell.com/products/linuxpackages/server10/i386/cyrus-imapd.html On the SuSE build service I found nothing which is directly compiled on/with SLES, only OpenSUSE or factory. Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
ldap groups in acl
Hi, IMAPd 2.2.12 is connected with sasl ldapdb (ptloader) to an OpenLDAP (2.3.x) server. I can set acls with existing groups. I cannot set acls with non existing groups. So far: IMAPd is checking for groups in LDAP just right. localhost.ofd-h.de sam user.foo.Junk group:bar read localhost.ofd-h.de sam user.foo.Junk group:no-bar read setaclmailbox: group:no-bar: lrs: Invalid identifier localhost.ofd-h.de lam user.foo.Junk foo lrswipcda group:bar lrs But is does not work any further. Users don't see the folder in their folder list (with Thunderbird). The LDAP-Groups are objectClass: groupOfNames with the DNs in the member attributes. Users' username is in maildrop attribute. This is set in imapd.conf ldap_group_base: ou=gruppen,ou=humans,ou=foo ldap_group_filter: ou=%U ldap_member_attribute: member ldap_group_scope: sub ldap_member_method: attribute Should this work? Where to look at? Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Duplicate delivery
Test schrieb: I am running in a stupid thing and am probably overlooking something: I'm running web-cyradm, postfix, cyrus-imapd... I have multiple domains with an info@ adres ([EMAIL PROTECTED], [EMAIL PROTECTED]) When i send an email to [EMAIL PROTECTED] it also gets delivered to [EMAIL PROTECTED] which obviously is not the way it should be... The 2 info accounts have different accountuser names (infodom1 and infodom2) so as far as i know that should do the trick. But as stated before mail gets delivered to both accounts... You should check your Postfix config. this seems to a MTA/MDA issue. If you map mail address ([EMAIL PROTECTED]) to mailboxname (infodom1) there must be something wrong. Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: troubles with cyradm
Hi! # cat /etc/imapd.conf Without encryption plain text mechanisms are not allowed until allowplaintext: yes is set. # cyradm --user=cyrus --server=localhost --auth=plain Try # cyradm -u cyrus -a cram-md5 localhost for a non plain text (shared secret) mechanism. Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Logging IP numbers for POP3 and IMAP
Paul van der Vlis schrieb: Is it possible to log the IP-numbers from people who access a server using POP3 or IMAP? Isn't that what IMAPd does anyway? Sep 26 10:08:26 local6:notice imap[2551820]: login: hostname.domain [inter.net.add.ress] username plain+TLS User logged in Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
