Re: What happened to normalizeuid?

2017-01-20 Thread Sebastian Hagedorn via Info-cyrus 
--On 20. Januar 2017 um 07:34:20 -0600 Nic Bernstein  
wrote:



The "normalize" patch included by Debian isn't that far off from what the
option "usercase_tolower" already offers:

username_tolower (*on*|off)
Convert usernames to all lowercase before login/authentication.  This
is useful with authentication backends which ignore case during
username lookups (such as LDAP).

Here's what the Debian patch (0013-Normalize-the-authentication-ID.patch)
says:

By normalize, it is intended that;

 1) Authentication IDs all can be lowercased for more accurate
comparison without being volatile to, say, user error, and
 2) Any leading or trailing blank space can be stripped

And then they go on to patch, mostly, lib/auth_unix.c (as well as
global.c, imapoptions, etc.).

Other than trimming white space, I can't see what the big deal is with
this patch.


You are right. Thanks, I wasn't aware of that option. I can only guess that 
the normalizeuid patch pre-dates the username_tolower option, but the 
latter should be good enough.


Cheers
Sebastian
--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpTMS62CKzuK.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: What happened to normalizeuid?

2017-01-20 Thread Sebastian Hagedorn via Info-cyrus 


--On 20. Januar 2017 um 08:04:25 +1100 Bron Gondwana via Info-cyrus 
<info-cyrus@lists.andrew.cmu.edu> wrote:



On Fri, 20 Jan 2017, at 03:31, Sebastian Hagedorn via Info-cyrus wrote:

--On 19. Januar 2017 um 17:18:06 +0100 Simon Matter
<simon.mat...@invoca.ch> wrote:

> We and others had this as a patch in our RPMs but I think it has never
> been part of vanilla cyrus-imapd.

Oops. Should I open an issue for a feature request? I'm surprised that's
not something many sites want ...


OK, I've never heard of this thing. What is it?

.. lmgtfy ..

Right, so it's something to normalise the userid when you log in.

It will definitely have to be rewritten for Cyrus 3+, because all that
stuff got moved into mbname_t and friends.


Perhaps my assumption that the option is necessary is wrong? But I know for 
certain that our webmail users use varied case-spellings of their user 
names, because in earlier versions of our webmail system they would get 
different user profiles depending on how they had entered their user names 
;-)


Bron, how does Fastmail deal with that? Do you simply force users to use 
the canonic spelling? I guess we could do that, but I'd rather not.


Cheers
Sebastian
--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpKpYwiKggnZ.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: What happened to normalizeuid?

2017-01-19 Thread Sebastian Hagedorn via Info-cyrus 
--On 19. Januar 2017 um 17:18:06 +0100 Simon Matter 
 wrote:



We and others had this as a patch in our RPMs but I think it has never
been part of vanilla cyrus-imapd.


Oops. Should I open an issue for a feature request? I'm surprised that's 
not something many sites want ...

--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpo3y2etspDP.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

What happened to normalizeuid?

2017-01-19 Thread Sebastian Hagedorn via Info-cyrus 

Hi,

I considered opening a Github issue, but the question seems too trivial for 
that.


I'm playing around with cyrus-imapd-3.0.0-rc1. When I ran "cyr_info 
conf-lint" on the conf files from our 2.4.x production server, I got a few 
items I knew how to deal with, but also this:


normalizeuid: 1
tls_require_cert: off

tls_require_cert was off by default anyway, and all the tls options were 
reworked a lot, so I figured that one could just be dropped.


But in 2.4 normalizeuid 1 was off by default. I couldn't find the string 
normalizeuid anywhere in the source or the release notes. I'd say that's 
bad. If you get rid of an option, that should be documented. What is the 
new default?


Cheers
Sebastian
--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpSwyfG2CYaU.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Cyrus and scale-out

2016-06-10 Thread Sebastian Hagedorn via Info-cyrus 

Hi,

our systems guys keep telling us that we are doing things in an 
old-fashioned way and should get with the program.


We are currently using a single Cyrus server with roughly 13 TB of storage 
provided by a SAN. We used to have a Red Hat High Availability cluster, but 
we traded that in for a VMWare HA setup earlier this year. So far we have 
scaled up. We have added processors, RAM and storage to that single 
(virtual) machine whenever necessary.


According to our systems people, we should scale out instead, the way 
Exchange 2013 and Dovecot Pro apparently do. The idea, as I understand it, 
is to have multiple backends that all provide access to the same mailboxes. 
It should be possible to add and remove backends completely transparently. 
Dovecot Pro seems to realize that by storing all mails in local caches 
backed by shared object storage (e.g. Ceph), in conjunction with Dovecot 
Director.


Now I'm trying to understand if anything like that is on the roadmap for 
Cyrus. I see that Cyrus 3.0 (experimentally) supports object storage, but 
only for archive partitions. Are there plans for Cyrus 3.1 or later to add 
support for regular mail partitions as well?


Personally I'm stil happy with our setup, but I'm told that future storage 
hardware won't easily support what we're doing anymore. I'm aware that both 
clustering and replication are already possible with Cyrus, but my 
understanding is that you can't trivially and automatically switch to a 
replicated backend if one goes down. You also need to replicate all 
messages to each new backend you introduce, which isn't quite what our 
systems people would like to have.


Thanks
Sebastian
--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgp0oxLPbDM5n.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: imapd in race condition?

2016-04-15 Thread Sebastian Hagedorn via Info-cyrus 
--On 15. April 2016 um 12:19:17 +0200 Marco via Info-cyrus 
 wrote:



I see these two processes that own all cpu resources:

28875 cyrus 20   0  278m  30m 9.8m R 98.1  0.2  73:20.74 imapd:
ucxx1.xxi.it [10.10.10.53] xx^x...@xx.it xx.it!user.hd_xx.EVASE_C
24535 cyrus 20   0  369m  49m  25m R 99.3  0.4  75:40.36 imapd:
ucxx1.xxi.it [10.10.10.53] xx^x...@xx.it xx.it!user.hd_xx.EVASE_C

The client is no more connected, but the processes continue to run.
I don't know how the MUA (Thunderbird) starts this sort of race condition
on the same folder.

Do you have any hint how to deal with this problem?
How could I safely free the cpu load without restart cyrus-imapd at all?


You can safely kill the processes.
--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpyegwsVId05.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: IPv6

2016-04-11 Thread Sebastian Hagedorn via Info-cyrus 

Thanks, I'm fine with that wording.

--On 6. April 2016 um 12:33:08 +1000 ellie timoney  
wrote:



Oh yeah, of course.  I've added the following to man/master.8 for future
releases:


Services added or modified to listen on a privileged port may not
be able to bind the port, depending on your system configuration.
In this case a full restart is needed.


I'm not entirely sold on the wording, but it's better than the nothing
we had.

"depending on your system configuration", because looking at the code,
if you are running Cyrus on Linux, and if you have compiled it with
--with-libcap=yes, then master will actually drop its privileges
*before* spawning any services at all, but in such a way that it
preserves the capability to bind privileged ports.  Assuming that this
actually works, then it should also be able to start up new/modified
services on privileged ports upon receipt of a SIGHUP.  So that's pretty
cool.  But it's not default: you must be on Linux, have libcap, and
explicitly request it at compile time.


--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgplWkd6mA9xW.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: IPv6

2016-04-05 Thread Sebastian Hagedorn via Info-cyrus 

Hi Ellie,

--On 5. April 2016 um 14:33:46 +1000 ellie timoney  
wrote:



> Sebastian, is there anything you tried that *didn't* work, and if so,
> what happened?

The only thing I tried that didn't work was to add a IPv6 listener and
to  HUP the master process. The manpage for master reads (in my version):

   Cyrus-master rereads its configuration file when it receives a
hangup signal, SIGHUP.   Services  and
   events  may be added, deleted or modified when the configuration
file is reread.  Any active services
   removed from the configuration file will be allowed to run until
completion.

From that it isn't obvious that some class of changes to cyrus.conf
apparently require a restart of the service.


I've been looking through master/master.c to see what it actually does,
and it looks like it matches this documentation.

It does have some commentary in reread_conf() about recycling services
that have not been removed nor were newly added, which almost sounds as
if it might have this sort of effect... except that, digging into
add_service(), it will only reuse entries if their name, listen and
proto all match (which if you've changed one to IPv6, it won't), and
otherwise it will be added as a new service (and so reread_conf() will
treat it as a newly added service, not an existing one to recycle).

I'm pretty tired, and so probably not reading it as closely as I could
otherwise -- maybe there's a bug or subtlety I've missed -- but: it at
least /looks like it intends to/ do what the documentation says.  So
it's interesting that it didn't.


after thinking about it, I think it's like this: I added a service that was 
configured to listen on a privileged port. But master has dropped 
privileges by that point, so it can't add such a listener. I just 
double-checked that I *can* add a listener at run-time if it's set up to 
listen to a non-privileged port. Obvious in hindsight, but perhaps worth a 
note anyway.


Cheers
Sebastian
--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpRxGxAmv9hJ.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: Request: Please sign this list's messages via DKIM or SPF

2016-04-04 Thread Sebastian Hagedorn via Info-cyrus 
Personally, I think that's a phenomenally stupid approach. As long as you 
can't show me an RFC that says you MUST or even SHOULD use SPF or DKIM, 
you're breaking SMTP.



Due to the exponential increase of spam, we generally have to reject all
messages which are not secured by SPF or DKIM, and we know a lot of other
people who do the same (by the way, this has proven to be extremely
effective in our case). When our MTA encounters such a message, it
rejects it and returns a bounce message to the pretended sender,
notifying him about the problem.

--
Sebastian Hagedorn - Weyertal 121, Zimmer 2.02
Regionales Rechenzentrum (RRZK)
Universität zu Köln / Cologne University - Tel. +49-221-470-89578

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: IPv6

2016-03-29 Thread Sebastian Hagedorn via Info-cyrus 

Hi Ellie,

--On 29. März 2016 um 12:30:34 +1100 ellie timoney  
wrote:



Ellie, can you please fix the listen statement to accept correctly
bracketed ipv6 and backport to at least 2.5 and 2.4, shouldn't be many
changes in that code.


I don't think there's anything to fix here.  The code looks fine as is,
just docs missing.  Unless we want to explicitly *not* accepted
un-bracketed "ip6-address ':' port"?  But forbidding that seems silly,
considering it requires adding code to remove functionality.


I agree.


This code hasn't changed since 2012, when it was refactored by 306099b.
It's in the same state (modulo tabs/spaces change) on 2.5 and master
branches.  The 2.4 version is significantly different, as it didn't get
the refactor (but that doesn't appear to be a problem here).

I'm scouring the thread trying to figure out if there's even a problem
being reported (other than lack of docs) and I can't see it.  It seems
to have gone like:

Sebastian: How do I do this?
Various: It's not in docs, but try this...
Sebastian: I tried this and it worked

Sebastian, is there anything you tried that *didn't* work, and if so,
what happened?


The only thing I tried that didn't work was to add a IPv6 listener and to 
HUP the master process. The manpage for master reads (in my version):


  Cyrus-master rereads its configuration file when it receives a 
hangup signal, SIGHUP.   Services  and
  events  may be added, deleted or modified when the configuration 
file is reread.  Any active services
  removed from the configuration file will be allowed to run until 
completion.


From that it isn't obvious that some class of changes to cyrus.conf 
apparently require a restart of the service. So I'm mainly asking for 
documentation fixes:


• clarify the allowed IPv6 address formats
• clarify that SIGHUP isn't enough for all (which?) config changes

Thanks, Sebastian´
--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpsgWv3PKZYS.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: IPv6

2016-03-23 Thread Sebastian Hagedorn via Info-cyrus 


--On 24. März 2016 um 01:32:57 +0900 Hajimu UMEMOTO  
wrote:



Though it is not mentioned in the manpage, the address:port notation
without bracket is also accepted.
You can find the following comment for parse_inet_listen() in
master/master.c:

 * Parse the "listen" parameter as one of the forms:
 *
 * hostname
 * hostname ':' port
 * ipv4-address
 * ipv4-address ':' port
 * '[' ipv4-address ']'
 * '[' ipv4-address ']' ':' port
 * '[' ipv6-address ']'
 * '[' ipv6-address ']' ':' port

info-cyrus> I will now try a host name with bot A and  records, but I
assume info-cyrus> that will work as well.

Yes, it should work.


Thank you! Perhaps that should go into the manpage of cyrus.conf?
--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpdz9rAqdF4t.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: IPv6

2016-03-23 Thread Sebastian Hagedorn via Info-cyrus 


--On 23. März 2016 um 15:41:25 +0100 lst_hoe02--- via Info-cyrus 
 wrote:



we've been using IPv6 for a few years now, but so far we haven't
used it with Cyrus. Now we want to, and I have a few questions:

Is it correct that if we use host names in the listen statement and
add a  record to the DNS that Cyrus will automatically listen to
both the IPv4 and the IPv6 address?

I have manually added listen statements with literal IPv6 addresses
to cyrus.conf and HUP'ed the master, but that didn't seem to work.
What format do I have to use? Plain addresses (e.g.
2001:DB8::6f0:484c:df5:e8b1:28cd), in brackets like in a browser
(e.g. [2001:DB8::6f0:484c:df5:e8b1:28cd]), sendmail-style (e.g.
IPv6:2001:DB8::6f0:484c:df5:e8b1:28cd) or ...? Or is the problem
that for changes like that I have to restart the service?

Cheers
Sebastian


Hm, the man page say "bracket-enclosed IP address" but until now we have
only used the port as service name "imap" e.g. listen="imap" which works
fine for both IPv4 and IPv6 on a dual stack host. Do you have any special
need to use the hostname/IP address and not bind to all local addresses?


Yes, I do (multi-homed system), and I have just tried it on a test system. 
Using literal IPv6 adresses without brackets works fine, even though it 
looks strange:


 imapv6cmd="imapd" listen="2001:DB8:0:6f0:21c:42ff:fe5e:202e:imap"

I will now try a host name with bot A and  records, but I assume that 
will work as well.

--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpgFDC_Ancj7.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

IPv6

2016-03-23 Thread Sebastian Hagedorn via Info-cyrus 

Hi,

we've been using IPv6 for a few years now, but so far we haven't used it 
with Cyrus. Now we want to, and I have a few questions:


Is it correct that if we use host names in the listen statement and add a 
 record to the DNS that Cyrus will automatically listen to both the 
IPv4 and the IPv6 address?


I have manually added listen statements with literal IPv6 addresses to 
cyrus.conf and HUP'ed the master, but that didn't seem to work. What format 
do I have to use? Plain addresses (e.g. 2001:DB8::6f0:484c:df5:e8b1:28cd), 
in brackets like in a browser (e.g. [2001:DB8::6f0:484c:df5:e8b1:28cd]), 
sendmail-style (e.g. IPv6:2001:DB8::6f0:484c:df5:e8b1:28cd) or ...? Or is 
the problem that for changes like that I have to restart the service?


Cheers
Sebastian
--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: Sendmail + Virtual Domains + aliases

2016-02-25 Thread Sebastian Hagedorn via Info-cyrus 
--On 25. Februar 2016 um 11:04:59 +0100 Andrea Venturoli  
wrote:



If I add that, then cyrusv2 from mailertable will not be used for
oneofmydomains.com.


Why use mailertable? We use this:


I've followed the instructions on this page:
 > https://cyrusimap.org/docs/cyrus-imapd/2.5.4/install-virtdomains.php

AFAICT this is needed for virtual domains or sendmail will strip the
domain part from destination addresses and cyrusv2 can't tell where to
deliver.


define(`confLOCAL_MAILER', `cyrusv2')

That way all local mail is delivered to Cyrus. Or isn't that what you
want?


I'm using this on servers where I don't have virtual domains.


OK, I get it. We only use virtual domains on the outside, but Cyrus doesn't 
know about them. I'm afraid I can't help you with your scenario, because 
I've never used virtual domains with Cyrus.

--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpQHtLHu95r_.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: Sendmail + Virtual Domains + aliases

2016-02-25 Thread Sebastian Hagedorn via Info-cyrus 
I was a bit brief yesterday. I have to say that I configured our sendmail 
more than 10 years ago and have only made minor changes since than. I don't 
remember the settings as well as I did back then ...


--On 24. Februar 2016 um 18:15:26 +0100 Andrea Venturoli  
wrote:



On 02/24/16 15:24, Sebastian Hagedorn wrote:

Use virtusertable instead of aliases, e.g.

postmas...@oneofmydomains.comroot



Thanks, but it doesn't seem to work either.

I put that line in virtusertable and issued "make".
I even restarted sendmail, even if IIRC it's not needed.
I confirm I have the following in my .mc file:
 > FEATURE(virtusertable, `hash -o /etc/mail/virtusertable')

I still get "User unknown".

There's a comment in virtusertable.sample which says: "Remember to add
the source hostname to /etc/mail/local-host-names".
Maybe that's really needed for virtusertable to work?


I suppose that's one way. We have this line in our .mc file:

VIRTUSER_DOMAIN_FILE(`/etc/smtp-in/virtualdomains')dnl

So in our case we would add oneofmydomains.com to that file.


If I add that, then cyrusv2 from mailertable will not be used for
oneofmydomains.com.


Why use mailertable? We use this:

define(`confLOCAL_MAILER', `cyrusv2')

That way all local mail is delivered to Cyrus. Or isn't that what you want?
--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpUDpM5zFImj.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: determine whan the mailbox was last accessed

2016-01-12 Thread Sebastian Hagedorn via Info-cyrus 


--On 12. Januar 2016 um 13:31:58 +0500 "Eugene M. Zheganin via Info-cyrus" 
 wrote:



So, main question is - what permission does the fud need on the mailbox
to be able to provide info about it ?


The right you need is 0 (zero) for user anonymous.
--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpL0150f8Cx9.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: unable to delete corrupted mail box on cyrus v2.3.16

2016-01-11 Thread Sebastian Hagedorn via Info-cyrus 


--On 11. Januar 2016 um 15:51:39 +0100 Sophie Loewenthal via Info-cyrus 
 wrote:



I have a broken mailbox that I would like to delete.

This is Cyrus v2.3.16 on CentOS 6.

 I tried reconstructing the mailbox from scratch ( Because I suspect this
was manually deleted from disc ).


mkdir imap-store/spool/imap/domain/example.com/user/kat^long
cd imap-store/spool/imap/domain/example.com/user/kat^long
chmod 755 .
chown cyrus:mail .
touch cyrus.header
chown cyrus:mail cyrus.header

log into cyradm:
localhost> lam user/kat.long
kat.l...@example.com lrswipkxtecda
localhost> reconstruct -r user/kae.long
reconstruct: Mailbox has an invalid format
localhost> dm user/kat.long
deletemailbox: Permission denied

Names and domain names replaced with false entries.

How could I remove this?


If everything else fails, you can always stop Cyrus, export the 
mailboxes.db file using "ctl_mboxlist -d", delete the mailbox from the 
export, and import it using "ctl_mboxlist -u". After that you can just 
delete the folder from the file system and start Cyrus again.


Sebastian
--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpAUW7oG8dYt.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: Sieve vacation script?

2015-12-26 Thread Sebastian Hagedorn via Info-cyrus 

Hi,


I've been struggling with figuring out how to set up a sieve vacation
reply script.  The documentation on this is pretty sparse, and the stuff
I do find doesn't work.  For example,

[cyrus@www ~]$ sieveshell --user=resea...@episcopalarchives.org
--authname=cyrus localhost
connecting to localhost
unable to connect to server at /usr/bin/sieveshell line 191.
[cyrus@www ~]$ sieveshell --user=resea...@episcopalarchives.org
--authname=cyrus episcopalarchives.org
connecting to episcopalarchives.org
unable to connect to server at /usr/bin/sieveshell line 191.


first of all you have to add lines to /etc/cyrus.conf to make the server 
listen to the right ports:


At least in our /etc/services file, "sieve" is still port 2000 even though 
that's been superseded by RFC 5804. We listen on both ports:


 sieve cmd="timsieved" listen="cyrus.rrz.uni-koeln.de:sieve" 
prefork=0
 managesieve   cmd="timsieved" listen="cyrus.rrz.uni-koeln.de:4190" 
prefork=0



I'm also not sure what the point is of sieveshell is if I'm running it on
the mail server and not remotely; similarly for timsieved.


You can run sieveshell on any computer you like. Just make sure the port 
mentioned above are reachable.



First question:  is there step by step explanation for manually creating
and invoking a cyrus sieve script for a particular user?


Not really. I prefer to use a GUI. We offer Smartsieve to our clients:



There's also an Add-On for Thunderbird:


--
Sebastian Hagedorn - Weyertal 121, Zimmer 2.02
Regionales Rechenzentrum (RRZK)
Universität zu Köln / Cologne University - Tel. +49-221-470-89578

pgpcMwNkJNLSS.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: Trouble with Outlook 2013, especially with the upgrade from 12/8

2015-12-16 Thread Sebastian Hagedorn via Info-cyrus 
--On 11. Dezember 2015 um 16:52:07 +0200 Leena Heino via Info-cyrus 
 wrote:



We might have had similar problems with Outlook 2013:
- Outlook would sometimes fail to create folders or recognize folders it
   had created earlier
- Messages would get deleted or simply lost when they were copied between
   folders

Attached is a patch that we used locally with Cyrus IMAPD 2.4.17 to
improve compatibility with Outlook 2013.


I can now confirm that this patch resolves many of the problems with 
Outlook 2013. I notice it has been incorporated into Cyrus 2.5:




I wonder why it hasn't been included in 2.4?
--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpfs5YzHIL1x.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: Trouble with Outlook 2013, especially with the upgrade from 12/8

2015-12-14 Thread Sebastian Hagedorn via Info-cyrus 
--On 11. Dezember 2015 um 16:52:07 +0200 Leena Heino via Info-cyrus 
 wrote:



On Fri, 11 Dec 2015, André Schild via Info-cyrus wrote:


Outlook and IMAP is just pain, it's not intended to work, otherwise who
would  buy the exchange server?

1) We see this rather seldom, but sometimes mails come in after 2-10
hours,  not even a "Fetch mail" helps

2) Definitively a major problem of Outlook 2013, working with IMAP
folders in  copy/rename operations is random at best


We might have had similar problems with Outlook 2013:
- Outlook would sometimes fail to create folders or recognize folders it
   had created earlier
- Messages would get deleted or simply lost when they were copied between
   folders

Attached is a patch that we used locally with Cyrus IMAPD 2.4.17 to
improve compatibility with Outlook 2013.


Thanks, I'll give that a try. I was wondering if specifying

suppress_capabilities: XLIST

in /etc/imapd.conf would perhaps also help. Has anybody tred that?
--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpqBsmR9Ooto.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Trouble with Outlook 2013, especially with the upgrade from 12/8

2015-12-11 Thread Sebastian Hagedorn via Info-cyrus 

Hi,

we've always had more problems with users of Outlook than other clients, 
but in recent days they have become much graver. A number of users have 
lost mail in a way that we couldn't recover, even though we are using 
expunge_mode: delayed. There seems to be some correlation to this upgrade 
from Microsoft:




However, details are vague. There seem to be two types of problems:

1. Folders aren't synched with the IMAP server. There seems to be no 
indication of that in the UI, but has the consequence that mail for that 
folder is stored locally on the PC only. When the upgrade above is 
installed, something resets, which has the result that the local copies are 
purged. Since there are no copies on the server, the mails are lost.


2. Folders are moved unexpectedly when you move or rename a folder. This is 
mentioned in the release notes above as a supposedly fixed bug. It 
certainly has happened prior to the upgrade, but it's less clear if the bug 
is really fixed. This is especially harmful if the folders are moved to the 
Trash.


We were able to undelete some such folders, but according to at least one 
user (some) mail or folders inside those folders were lost. We can find no 
evidence of that in our logs.


Has anybody else observed issues like these? We are running 2.4.18, FWIW.
--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpfjSFgyxXRk.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: Trouble with Outlook 2013, especially with the upgrade from 12/8

2015-12-11 Thread Sebastian Hagedorn via Info-cyrus 
Please disregard my second mail. I forgot that we have backups of the 
mailbox list. With those backups we were able to see that the user wasn't 
telling the truth after all. The folders didn't exist on the server prior 
to Wednesday, so it's exactly the same problem as with other Outlook 2013 
users: locally stored folders that are created on the server, but deleted 
locally after the upgrade from 12/8.


--On 11. Dezember 2015 um 17:04:49 +0100 Sebastian Hagedorn via Info-cyrus 
<info-cyrus@lists.andrew.cmu.edu> wrote:



I have a follow-up question after talking to a user on the phone. Here's
her current directory layout (partially redacted):

--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.

pgpz5uFfYt84I.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: Trouble with Outlook 2013, especially with the upgrade from 12/8

2015-12-11 Thread Sebastian Hagedorn via Info-cyrus 
--On 11. Dezember 2015 um 14:18:32 +0100 Sebastian Hagedorn via Info-cyrus 
<info-cyrus@lists.andrew.cmu.edu> wrote:



we've always had more problems with users of Outlook than other clients,
but in recent days they have become much graver. A number of users have
lost mail in a way that we couldn't recover, even though we are using
expunge_mode: delayed. There seems to be some correlation to this upgrade
from Microsoft:

<https://support.microsoft.com/en-us/kb/3114349>

However, details are vague. There seem to be two types of problems:

1. Folders aren't synched with the IMAP server. There seems to be no
indication of that in the UI, but has the consequence that mail for that
folder is stored locally on the PC only. When the upgrade above is
installed, something resets, which has the result that the local copies
are purged. Since there are no copies on the server, the mails are lost.

2. Folders are moved unexpectedly when you move or rename a folder. This
is mentioned in the release notes above as a supposedly fixed bug. It
certainly has happened prior to the upgrade, but it's less clear if the
bug is really fixed. This is especially harmful if the folders are moved
to the Trash.

We were able to undelete some such folders, but according to at least one
user (some) mail or folders inside those folders were lost. We can find
no evidence of that in our logs.

Has anybody else observed issues like these? We are running 2.4.18, FWIW.


Sorry, it's 2.4.17. I have a follow-up question after talking to a user on 
the phone. Here's her current directory layout (partially redacted):


$ tree -d
.
|-- 01_ArbeitDiversity Trouble
|-- 01_ArbeitFuturologie
|-- 01_ArbeitGermanistentag 2016
|-- 01_ArbeitHB Literatur und Recht
|-- 01_ArbeitKosmologien
|-- 02_K_CO_Poststrukturalismus
|-- 02_K_HS_Atlantis
|-- 02_K_HS_Pikaro
|-- 02_K_HS_Science Fiction 1900
|-- 02_K_VL_Literatur und Medien 1600 - 1900
|-- 02_K WS 2014_15
|-- 02_K
|-- 02_K
|-- 02_K Pr
|-- 03_Uni
|-- 03_UniPromotion xxx
|-- 03_UniPromotion yyy
|-- 04_Stellenmarkt
|-- 04_Stellenmarktxxx
|-- 04_Stellenmarktyyy
|-- Deleted Messages
|-- Drafts
|-- ESET Antispam
|-- Gel Elemente
|-- Gesendete Elemente
|   `-- Notes
|-- Infected Items
|-- Junk-E-Mail
|-- Notes
|-- Sent
|-- Trash
`-- sent-mail

32 directories

She claims that prior to Wednesday afternoon those folders were 
hierarchically ordered. There was a folder "01_Arbeit" that contained a 
folder named "Futurologie" and so on. I believe her, because she says she 
worked with a webmailer, her iPhone and Outlook 2013, and was able to see 
that hierarchy and all her mails on all clients. What baffles me is that 
all I find in our imapd.log files is this:


/var/log/imapd.log.2.gz:Dec  9 17:18:40 clotho imap[9137]: Rename: 
user.xxx.Gesendete Elemente.Notes -> DELETED.user.xxx.Gesendete 
Elemente.Notes.56685460
/var/log/imapd.log.2.gz:Dec  9 17:18:41 clotho imap[9137]: Rename: 
user.xxx.Gel Elemente.xxx -> DELETED.user.xxx.Gel 
Elemente.xxx.56685461
/var/log/imapd.log.1.gz:Dec 10 13:13:33 clotho imap[30707]: Rename: 
user.xxx.01_Arbeit -> user.xxx.Gel Elemente.01_Arbeit
/var/log/imapd.log.1.gz:Dec 10 13:13:40 clotho imap[30707]: Rename: 
user.xxx.02_K -> user.xxx.Gel Elemente.02_K
/var/log/imapd.log.1.gz:Dec 10 13:13:50 clotho imap[507]: Rename: 
user.xxx.03_Uni -> user.xxx.Gel Elemente.03_Uni


Our logs go back 7 days, and there are no other Renames previous to those.

Is it at all possible that some operation changed the folder layout without 
corresponding Rename entries in imapd.log? I'm a little scared that an 
Outlook bug triggered another bug in Cyrus IMAP.

--
   .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
.:.Regionales Rechenzentrum (RRZK).:.
  .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.


pgpiBlI3yIKlX.pgp
Description: PGP signature

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus