Re: limit connections

2016-12-23 Thread Shawn Bakhtiar via Info-cyrus 
Well... you really should take this to the Ubuntu iptables; Start there and 
they may be able to give you a better mail list that deals specifically with 
iptables:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

Having said that you don't necessarily need to use the iptables-extensions 
--rsource option, you can just use --limit which is in the standard iptables. 
This is a debian example but works for any iptables based system:
https://debian-administration.org/article/187/Using_iptables_to_rate-limit_incoming_connections

However, I digress, back to the topic at hand, doing this, is going to send the 
users client (based on the client) into a tif. It's going to assume the server 
has gone down and warn the user about a lost connection, I imaging a user who 
is unwilling to change his pop interval is going to be even more pissed at 
having his client pop up with connection lost messages.

IMHO it would be far more professional to first implement a rule change (update 
their agreement, or make a corporate policy change) than inform users not 
following those policies/agreements that if they don't comply their accounts 
will be disabled. This is not only good corporate governance but it is also 
non-discriminatory, which means the offending user is far less likely to be 
mad, and far more embarrassed that it had to come to this.

Doing what your trying to do, is going to make it look like your servers are 
not working. The user may not understand why every so often the client 
complains that the connection to the server is not working, and in fact may 
result in breach of contract/policy if no previous policy/agreement has been 
put into place regarding the issue.




On Dec 23, 2016, at 5:06 AM, Marcus Schopen via Info-cyrus 
> wrote:

Hi Bron,

I have a user, who logs in every 3 seconds(!) to pop3s with 20 accounts,
completely resistent to change his pop interval. I'd like to limit him
in the way to allow 20 new connections within 5 minutes, then block his
IP for 5 minutes (he is using a static IP) and open the port after five
minutes again. I tried the following rule, but that opens the port only
if the client keeps quiet and doesn't connect while the block is set.

Example:

iptables -A INPUT -p tcp -m tcp --dport 995 -m state --state NEW -m
recent --set --name pop3s --rsource

iptables -A INPUT -p tcp -m tcp --dport 995 -m state --state NEW -m
recent --rcheck --seconds 300 --hitcount 20 --name pop3s --rsource -j
REJECT --reject-with icmp-port-unreachable

I know this is off topic and not cyrus specific, but any help would be
great.

cyrus: 2.4.17 on Ubuntu 14.04 LTS.

Ciao
Marcus




Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: mailboxes.db locking problem after updating from 2.4 to 2.5.9

2016-11-17 Thread Shawn Bakhtiar via Info-cyrus 
Did you run reconstruct like the upgrade documentation recommends?

When I did my upgrade, from 2.4.x to 2.5 that's about all I had to do. I don't 
recall having to run ctl_mboxlist -du

https://www.cyrusimap.org/docs/cyrus-imapd/2.5.0/install-upgrade.php

http://www.cyrusimap.org/~vanmeeuwen/imap/release-notes/2.5.0.html


On Nov 17, 2016, at 5:00 AM, Deniss via Info-cyrus 
> wrote:

Hello,

I trying to migrate one big cyrus imap server from 2.4 to 2.5.9.

I updated binaries, fix db backend in imapd.conf and converted
mailboxes.db with ctl_mboxlist -d & -u to twoskip.

cyrus ran fine until morning when a count of simultanious sessions
started to rise.

then imapd processes become locked on mailboxes.db when logs show
something like
Nov 17 08:04:21 srv1 imap[11019]: cmdtimer: 
'y...@mail.xxx' 'list'
'' '46.741322' '0.00' '46.741322'
Nov 17 08:04:21 srv1 imap[11019]: buf: A1 LIST "" "*"

I converted mailboxes.db back to skiplist and got a bunch (10-20 per
sec) of following logs:

Nov 17 09:59:09 srv1 imap[5352]: skiplist: longlock
/var/imap/mailboxes.db for 177.7 seconds
Nov 17 09:59:09 srv1 imap[6760]: skiplist: longlock
/var/imap/mailboxes.db for 169.7 seconds
Nov 17 09:59:09 srv1 imap[6764]: skiplist: longlock
/var/imap/mailboxes.db for 171.7 seconds
Nov 17 09:59:09 srv1 imap[5230]: skiplist: longlock
/var/imap/mailboxes.db for 171.8 seconds
Nov 17 09:59:09 srv1 imap[5251]: skiplist: longlock
/var/imap/mailboxes.db for 203.2 seconds
Nov 17 09:59:09 srv1 imap[5221]: skiplist: longlock
/var/imap/mailboxes.db for 168.9 seconds


then I rolled back to cyrus 2.4 (converting mailboxes.db back to old
format) and the server started to work just fine again.

I run 8core 16gb box with mailboxes.db on SSD disk, noswap,
Linux 4.4.8-hardened glibc-2.20 x86_64-pc-linux-gnu-4.8.4 on Gentoo

mailboxes.db is ~200Mb depending of format
135M /var/imap/mailboxes.plain
180M /var/imap/mailboxes.db.skiplist.24
215M /var/imap/mailboxes.db.skiplist.25
262M /var/imap/mailboxes.db.twoskip.25

Any ideas or suggestion for investigation ?

Best,
Deniss

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: Restore backup of a mailbox

2016-11-10 Thread Shawn Bakhtiar via Info-cyrus 

> On Nov 10, 2016, at 5:02 AM, Vladislav Kurz via Info-cyrus 
>  wrote:
> 
> On 11/10/16 12:17, Paul van der Vlis via Info-cyrus wrote:
>> Hello,
>> 
>> A user has removed an important mailbox with all the sent-messages.
>> 

Not necessarily do all clients (by default) store sent messages on the server. 
Some have to be configured to do so. I've run into this problem with Mail.app 
(OS X) and IOS, were we've had to explicitly change the the folder used for 
sent message to one that points to a server folder. 

I would check the client side device to see how it was set up.

Other than that, I have done plenty of recoveries including Sent and Sent 
Messages folders using the technique you describe with no issues, again as long 
as the client was setup to move sent messages into a server side folder.

>> I've tried to restore the data from a backup, but then I don't see the
>> mailbox with sent-messages.  And I don't find the programm
>> "cyrreconstruct" anymore (the Debian version of "reconstruct").
> 
> cyrreconstruct is the right way to do it. It is in the package
> cyrus-common-2.4 (or similar).
> 
> ~# which cyrreconstruct
> /usr/sbin/cyrreconstruct
> 
> As you have to run it as user cyrus, you have to specify the full path.
> 
> -- 
> Best Regards
>Vladislav Kurz
> 
> 
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
> To Unsubscribe:
> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: cyrus master fails with status 71

2016-10-25 Thread Shawn Bakhtiar via Info-cyrus 
H.. if that’s the case could you be hitting the the maximum number of 
accepts??

Check the 11.11.1.2. kern.ipc.soacceptqueue section of the FreeBSD handbook

https://www.freebsd.org/doc/handbook/configtuning-kernel-limits.html

Given the load you described perhaps 128 is just not enough?



On Oct 24, 2016, at 1:22 PM, Eric Cunningham via Info-cyrus 
> wrote:



=
 Eric Cunningham
 Information Services - http://whoi-it.whoi.edu
 Woods Hole Oceanographic Institution - http://www.whoi.edu
 Woods Hole, MA  02543-1541 phone: (508) 289-2224
 fax: (508) 457-2174   e-mail: 
ecunning...@whoi.edu
=

On 10/24/2016 03:45 PM, Bron Gondwana via Info-cyrus wrote:
On Tue, 25 Oct 2016, at 02:45, Eric Cunningham via Info-cyrus wrote:
Hi list, we're running cyrus imap 2.5.9 built from the FreeBSD 10-2
(release-p7) ports tree.

The cyrus master process is failing periodically (every 1-2 weeks) as
follows:

Oct 22 07:38:48 imap1 master[7767]: process type:SERVICE name:imaps
path:/usr/local/cyrus/bin/imapd age:305.215s pid:32760 exited, status 71
Oct 22 07:38:48 imap1 master[7767]: service imaps/ipv4 pid 32760 in
READY state: terminated abnormally
Oct 22 07:38:48 imap1 master[7767]: too many failures for service
imaps/ipv4, disabling until next SIGHUP

This prevents new connections by clients until cyrus is restarted.  I've
looked around the web but have not seen this issue reported.

A little background:

Our initial thought on this was that we were running out of listen
queues so have upped that incrementally from the default of 32 to a
current setting of 32768 via /usr/local/etc/rc.d/imapd using the -l
option, with increased kern.ipc.soacceptqueue set to 32768, but that
hasn't helped.  Sometimes the "status 71" occurs during periods of light
use during off hours, like on Saturday mornings.

We have ~1400 imap accounts, though the number of impad processes hovers
around 3,000-4,000.  There have been spikes observed as high as 12,000
imapd processes.  In that particular case, 1 user had 2 imap clients
accounting for near 6,000 of those connections.  We've attempted to
limit these high numbers using the following imapd.conf values:

maxlogins_per_host: 50
maxlogins_per_user: 30
tcp_keepalive: 1
tcp_keepalive_cnt: 1
tcp_keepalive_idle: 30
tcp_keepalive_intvl: 900

However, it seems that once these were reached, no new connections were
permitted and resulted in all manner of user complaints about not being
able to get at their email.

Any ideas on this "status 71" issue?  Could an upgrade to 2.5.10
possibly address this?  Thanks!

https://www.freebsd.org/cgi/man.cgi?query=sysexits

EX_OSERR (71) An operating system error has been detected.  This
  is intended to be used for such things as ``cannot
  fork'', ``cannot create pipe'', or the like.  It
  includes things like getuid returning a user that
  does not exist in the passwd file.

So the question is: what failed?  Is there anything earlier in the log to 
suggest
what the imapd was doing when it died?

Bron.


Using the example I posted, I traced back imaps process id 32760 and found only 
this:

Oct 22 07:38:48 imap1 imaps[32760]: accept failed: Software caused connection 
abort

-Eric


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: Cyrus mail spool entirely on SSD

2016-10-20 Thread Shawn Bakhtiar via Info-cyrus 
I actually just migrated our Cyrus (IMAP) server and was looking into this same 
questions.

I think SSD's are great! Especially in laptops where the drive is susceptible 
to sudden changes in inertia (in spinners this can lead to physical mechanical 
damage, but SSD's are immune), not to mention the lower power consumption and 
heat. However the one thing everyone seems to agree on is that SSDs do have 
less read/write cycles than their spinner counter parts (especially enterprise 
grade). The NAND gates that store and retrieve the bits wear out more quickly, 
than the plater in spinners. Some seem to suggest much more quickly, but I 
don't think anyone really agrees/knows how much more quickly truth be told. It 
depends on who's report/article you read, and the way the drive is used.

Given that an IMAP server (or any data store for that matter) can have heavy 
disk utilization, you may still be best severed by using the spinners (which in 
a server does not suffer sudden changes in inertia). You could have the OS 
reside on an SSD for faster boot, etc... but store the data on spinners.

We have about ~150 mailboxes with no quotas. Our old server ran for 8 years 
using spinners in a RAID 1, with the occasional swapping out of a bad drive 
(perhaps a handful of times, do to SMART indicating possible failure). The only 
reason we upgraded to a new server was because we ran out of space, and I 
wanted to move away from Linux to FreeBSD (insert shameless plug for FreeBSD 
here).

Our users use the IMAP server more like a file share storing PO, Orders, RMA, 
Quotes, and all manor of PDFs regarding our industry. Our new server uses 
spinners in a RAID 5 like our file server (which is still going strong after 8 
years with no issues).

We will eventually move our Web, DNS, LDAP, etc.. servers to SSD, but for now I 
think keeping data stores on spinners is a better option, at least until the 
technology has time to prove it self at least as reliable under heavy loads.


On Oct 19, 2016, at 11:28 AM, Michael Ulitskiy via Info-cyrus 
> wrote:

Hello,



I have a task to build a mail server with the following requirements:
1. ~ hundred mailboxes with up to 10G of data each
2. several mailboxes that may grow up to 100G each
3. client insists that splitting data into folders is inconvenient to them and 
so
all/most of that data will likely live inside INBOX
4. it must be as fast as possible, searchable etc.



My question is: assuming cost is not an issue, would it be advisable to put an 
entire cyrus mail spool on SSD?
I'm thinking about combinining multiple SSDs into RAID10 to further increase 
performance.



I've googled around and I see people put metadata and caches on SSD, but I 
haven't found a mention
of using SSD for entire mail spool. Is it a good idea? Bad idea? Terrible idea?
What do you think?



Thanks,
Michael

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

command line deletion of files

2016-09-29 Thread Shawn Bakhtiar via Info-cyrus 
Good morning,

trying to get rid of some emails that have large attachments (i.e. videos sent 
over email, or cd images, etc...)

Would it be proper to 

rm -rf /var/spool/imap/u/username/mailbox/4321.

then

reconstruct -rf user.username

Or is there a more "proper" way using cyrus?

Thanks,
Shawn


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: Upgrade from 2.4 to 2.5

2016-09-25 Thread Shawn Bakhtiar via Info-cyrus 

> On Sep 24, 2016, at 7:05 PM, Patrick Boutilier via Info-cyrus 
> <info-cyrus@lists.andrew.cmu.edu> wrote:
> 
> On 09/24/2016 08:42 PM, Shawn Bakhtiar via Info-cyrus wrote:
>> Today I moved our mail accounts from a Cyrus 2.4 running on some older 
>> hardware with dwindling space to a new server with much more space (and 
>> faster processors) running Cyrus 2.5.
>> 
>> I've muddled through most of the migration. Simply shutting down the 
>> services, using rsync to duplicate the stores (var/spool/imap) to the new 
>> server, copying the content of /var/imap (minus server cert and 
>> tls_sessions.db), and everything is working. However I see log outputs like 
>> the following:
>> 
>> Sep 24 16:37:18 correo imaps[1627]: twoskip: invalid magic header: 
>> /var/imap/user/t/techcentermn.seen
>> Sep 24 16:37:18 correo imaps[1627]: skiplist: recovered 
>> /var/imap/user/t/techcentermn.seen (10 records, 904 bytes) in 0 seconds
>> Sep 24 16:37:18 correo imaps[1627]: cyrusdb: converted 
>> /var/imap/user/t/techcentermn.seen from skiplist to twoskip
>> 
>> I have not run reconstruct.
>> 
>> Do I need to worry about this or is this eventually going to work itself 
>> out. As I understand it the server will handle the conversion for the 
>> header/db files on its own. Is this correct?
>> 
> 
> Looks like the conversion has occurred:
> 
> Sep 24 16:37:18 correo imaps[1627]: cyrusdb: converted 
> /var/imap/user/t/techcentermn.seen from skiplist to twoskip
> 
> Or are you seeing the same message continually for the same user?
> 
> 
No. It looks like it’s just one per user. Thanks :)

> 
>> Shawn
>> 
>> 
>> 
>> Cyrus Home Page: http://www.cyrusimap.org/
>> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
>> To Unsubscribe:
>> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
>> 
> 
> 
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
> To Unsubscribe:
> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Upgrade from 2.4 to 2.5

2016-09-24 Thread Shawn Bakhtiar via Info-cyrus 
Today I moved our mail accounts from a Cyrus 2.4 running on some older hardware 
with dwindling space to a new server with much more space (and faster 
processors) running Cyrus 2.5.

I've muddled through most of the migration. Simply shutting down the services, 
using rsync to duplicate the stores (var/spool/imap) to the new server, copying 
the content of /var/imap (minus server cert and tls_sessions.db), and 
everything is working. However I see log outputs like the following:

Sep 24 16:37:18 correo imaps[1627]: twoskip: invalid magic header: 
/var/imap/user/t/techcentermn.seen
Sep 24 16:37:18 correo imaps[1627]: skiplist: recovered 
/var/imap/user/t/techcentermn.seen (10 records, 904 bytes) in 0 seconds
Sep 24 16:37:18 correo imaps[1627]: cyrusdb: converted 
/var/imap/user/t/techcentermn.seen from skiplist to twoskip

I have not run reconstruct.

Do I need to worry about this or is this eventually going to work itself out. 
As I understand it the server will handle the conversion for the header/db 
files on its own. Is this correct?

Shawn



Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: how to deal with mail retention/archival.

2016-08-26 Thread Shawn Bakhtiar via Info-cyrus 

On Aug 26, 2016, at 8:35 AM, Giuseppe Ravasio (LU) via Info-cyrus 
> wrote:

I saw that someone proposed to make a sort of abuse of delayed expunge,
but I think that in order to comply with regulatory retention should be
better considering some specific software.


I don't see how using delayed expunge would really be consider abuse, the 
documentation makes mention of its use for this very reason.

"In any case, the time between a message arriving and being deleted may not be 
sufficient to ensure the message is replicated, included in the next backup 
cycle, and generally available for recovery or compliance with the regulatory 
environment."
--src https://cyrusimap.org/imap/features/delayed-expunge.html

We use rsync to make a duplicate of the email spool to a file server at regular 
intervals, which eventually makes its way to tape. Although we don't have 
regulatory requirements I've had to do a few recoveries and have done so 
without problem.

in our case we have cyr_expire set to 3 days (I believe the default config), 
which provides more than enough time to in case a backup fails for some reason 
or another.


For example:
http://www.mailpiler.org (Fully Free Software)
https://www.mailarchiva.com (the old version is opensource but the
latest is closed)

The specific software will be much better for searching the archive.
Finding something in the delayed_expunge folders after many years of
archive will absolutely be a nightmare!



Of course these tools offer features but that all comes at a price.




Giuseppe


On 08/26/2016 03:09 PM, Alvin Starr via Info-cyrus wrote:
A company I am working with is facing issues of regulatorymail retention.

Some searching has yielded little useful results other than putting a
system in front to store all incoming messages.

What are others doing for mail archival?

An ideal solution would let the users carry on using current use
patterns and not impose extra restrictions.

--
Alvin Starr   ||   voice: (905)513-7688
Netvel Inc.   ||   Cell:  (416)806-0133
al...@netvel.net  ||




Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: Server Backup

2016-02-08 Thread Shawn Bakhtiar via Info-cyrus 

> On Feb 8, 2016, at 6:19 AM, Giuseppe Ravasio (LU) via Info-cyrus 
>  wrote:
> 
> Hi,
> I'm rewriting my backup script and I cannot find any hint about how to
> backup the cyrus server in a good way.
> 
> Actually I'm using this method:
> 
> - Stop Postfix and Cyrus
Although prudent, given that we have a lot of mobile devices constantly hitting 
our server, I don't do this step.

> - making tar of /var/lib/sieve
> - making tar of /var/lib/imap

Making tar balls of the stores can be time consuming so if I shut down the 
server, I would be increasing the time my servers are not responding. running 
an rsync to a NAS (in my case a simple network share) works much faster. Since 
the jobs are at night, traffic is low (running the same rsync multiple times 
could decrease the delta, if data integrity is important).

> - dumping mailboxes.db in plain text (ctl_mboxlist -d)
> - taking snapshots of all the mailstores
> - Restarting the Services
> - taking mailstore backups from the snapshots
> 
> The last night the imaps was not restarted because the socket for IMAPS
> was busy and so I was wondering if today it's really needed to stop the
> service before taking the snapshots.

Again this is a question of data integrity and how important the information 
is. In my case, given we can always re-contruct it's not an important step, I 
don't care (too much) if files change during the rsync process.

> Avoiding the service stop could also be useful in order to stop having a
> 1/2min downtime (I also take vmware snapshots of the machine)
> 
Correct. For us, the downtime has people calling the NOC if their devices 
happen to try to connect and error out. But the store can always be 
reconstructed if differences exists between store and db.

> I was thinking to move in this direction:
> 
> - Checkpoint and archive the databases (with ctl_cyrusdb -r)
> - making tar of /var/lib/imap
> - making tar of /var/lib/sieve
> - dumping mailboxes.db in plain text (ctl_mboxlist -d)
> - taking snapshots of all the mailstores
> - taking mailstore backups from the snapshots
> 

Sounds good to me. I would only substitute tar with rsync (your only "syncing" 
deltas).

> What kind of backup strategy are you using?
> Thanks
> Giuseppe
> 
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
> To Unsubscribe:
> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: Sieve vacation script?

2015-12-27 Thread Shawn Bakhtiar via Info-cyrus 

> On Dec 26, 2015, at 1:14 PM, Sebastian Hagedorn via Info-cyrus 
>  wrote:
> 
> Hi,
> 
>> I've been struggling with figuring out how to set up a sieve vacation
>> reply script.  The documentation on this is pretty sparse, and the stuff
>> I do find doesn't work.  For example,
>> 
>> [cyrus@www ~]$ sieveshell --user=resea...@episcopalarchives.org
>> --authname=cyrus localhost
>> connecting to localhost
>> unable to connect to server at /usr/bin/sieveshell line 191.
>> [cyrus@www ~]$ sieveshell --user=resea...@episcopalarchives.org
>> --authname=cyrus episcopalarchives.org
>> connecting to episcopalarchives.org
>> unable to connect to server at /usr/bin/sieveshell line 191.
> 
> first of all you have to add lines to /etc/cyrus.conf to make the server 
> listen to the right ports:
> 
> At least in our /etc/services file, "sieve" is still port 2000 even though 
> that's been superseded by RFC 5804. We listen on both ports:
> 
> sieve cmd="timsieved" listen="cyrus.rrz.uni-koeln.de:sieve" prefork=0
> managesieve   cmd="timsieved" listen="cyrus.rrz.uni-koeln.de:4190" prefork=0
> 
>> I'm also not sure what the point is of sieveshell is if I'm running it on
>> the mail server and not remotely; similarly for timsieved.
> 
> You can run sieveshell on any computer you like. Just make sure the port 
> mentioned above are reachable.
> 
>> First question:  is there step by step explanation for manually creating
>> and invoking a cyrus sieve script for a particular user?
> 
> Not really. I prefer to use a GUI. We offer Smartsieve to our clients:
> 
I would agree… most users will not be tech savvy enough to create sieve 
scripts. We provide RoundCube webmail, with a manage sieve plugging where users 
can manage their filters (including vacation).

If you install it on the IMAP server itself, you simply need to have the 
service running as mentioned above. If you have it running on a separate 
server, make sure to check your firewall rules to allow the remote RoundCube 
(as a client) to connect to the local timseived service.

> 
> 
> There's also an Add-On for Thunderbird:
> 
> 
> --
> Sebastian Hagedorn - Weyertal 121, Zimmer 2.02
> Regionales Rechenzentrum (RRZK)
> Universität zu Köln / Cologne University - Tel. +49-221-470-89578
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
> To Unsubscribe:
> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

RE: Sieve based a day of week

2013-09-19 Thread Shawn Bakhtiar 
The first idea that pops into my mind would be to write a cron job and install 
it into /etc/cron.daily that would simply log into the sieveshell client and 
activiate/deactivate the appropriate sieve scripts. 


Something like:

#!/bin/sh

FLOP_DATE=`date | cut -f 1 -d ' '`

echo Switching User 1 User 2 rules on/off

case $FLOP_DATE in
Fri)
sieveshell -user=User1 EOF
password
activate script_that_contains_user1_rule
EOF
sieveshell -user=User2 EOF
password
deactivate script_that_contains_user2_rule
EOF
  ;;
Mon)
sieveshell -user=User1 EOF
password
deactivate script_that_contains_user1_rule
EOF
sieveshell -user=User2 EOF
password
activate script_that_contains_user2_rule
EOF
  ;;
*)
sieveshell -user=User1 EOF
password
deactivate script_that_contains_user1_rule
EOF
sieveshell -user=User2 EOF
password
deactivate script_that_contains_user2_rule
EOF
  ;;
esac


of course this is just off the top of my head, and the script has a major 
gaping hole of exposing the password. I don't think sieveshell supports any 
other auth mechanisms so you may need to make a special user and su before 
running the script.

However, the more important question is if they are going to be regularly off 
those days, why even bother? In general I discourage our users from even 
putting OOO messages as most users  have emails on their mobile devices, and 
can easily direct a co-worker to address any important issues that arise in 
their absence. 




 Date: Wed, 18 Sep 2013 20:20:07 +0200
 From: li...@xunil.at
 To: info-cyrus@lists.andrew.cmu.edu
 Subject: Re: Sieve based a day of week
 
 Am 13.03.2013 15:04, schrieb André Schild:
  Hello,
  
  we have a customer where they have two persons working each 4 days a week.
  
  On friday in the email of User1 there should be a auto answer for friday
  On Monday in the mail of User2, there should be a auto answer for monday
  
  I think this should be possible when RFC 5260 is implemented,
  but according to this, we don't have it yet.
  
  Is there another way I could activate/deactivate the auto answers
  on day-per-week automatically ?
  
 
 I also need that ... any answer found yet?
 
 AFAI googled the date extension would be able to do that ... but I
 don't have that in my gentoo installation.
 
 Stefan
 
 
 
 
 Cyrus Home Page: http://www.cyrusimap.org/
 List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
 To Unsubscribe:
 https://lists.andrew.cmu.edu/mailman/listinfo/info-

  
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

RE: mysql problem

2013-09-11 Thread Shawn Bakhtiar 

You can check the following link for more details:
http://dev.mysql.com/doc/refman/5.0/en/gone-away.html

But I have to agree, most likely your hitting a bug. I normally get this in 
code I've written where I make a request to the server after I have closed the 
connection.

I would suggest enabling logging on the mysql server and look to see what the 
last myql queries cyrus makes before this happens, this may give you some clues 
as to where it's happening.


 Date: Wed, 11 Sep 2013 08:53:09 -0500
 From: bl...@ispn.net
 To: info-cyrus@lists.andrew.cmu.edu
 Subject: Re: mysql problem
 
 Rudolf Gabler wrote the following on 9/11/2013 2:46 AM:
  the system is running as expected. After approximately the 10 imaps contact 
  suddenly the following occurs:
 
  Sep 11 09:43:29 xmailer imaps[8168]: DBERROR: SQL query failed: MySQL 
  server has gone away
  Sep 11 09:43:29 xmailer imaps[8168]: DBERROR: SQL failed SELECT * FROM 
  mailboxes_db WHERE dbkey = 'user…..
 
  But the local mysql server is o.k. and running. After a restart of cyrus 
  (/etc/init.d/cyrus-imapd restart) everything is working until the next 
  appr. 10 connection times by the user.
 
  If I use sqlite instead everything is stable for at least a month.
 
  Any hint what may occur?
 
 
 I'm not familiar with using MySQL for anything more than authentication 
 so I'm not sure how Cyrus makes it's db connections, but is there a 
 limit on the number of allowed client connections in my.cnf - or per 
 user on the MySQL account you're using for Cyrus?
 
 When Cyrus is broke, can you login to MySQL, use the Cyrus databases, 
 and run the queries that Cyrus would?
 
 --Blake
 
 Cyrus Home Page: http://www.cyrusimap.org/
 List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
 To Unsubscribe:
 https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
  
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

FW: Global Sieve script

2013-04-19 Thread Shawn Bakhtiar 
Good morning,


So..

in trying to figure this out this morning I did the following and was able to 
get mail filtered into techsupports SPAM folder, but I don't understand why the 
global sieve script does not do the same things

Created the following sieve script file (sorry I just realized i have two 
requires with the same info at top :S):

require [fileinto];
require fileinto;
  if exists X-Spam-Flag {
  if header :contains X-Spam-Flag NO {
  } else {
  fileinto user.techsupport.SPAM;
  stop;
  }
  }
if header :contains From MAILER-DAEMON
{
fileinto  INBOX.MAILER-DAEMON;
}
if header :contains From logwatch
{
fileinto  INBOX.Server Logs;
}
if header :contains From root
{
fileinto  INBOX.Server Logs;
}


then:

prompt sieveshell -u techsupport localhost
connecting to localhost
Please enter your password: 
 put techsupport.txt phpscript
 quit

Now... the test emails are going into the right folder. 

Questions, should I not be able to add global sieve rules like such?


prompt  sieveshell localhost
connecting to localhost
Please enter your password: 
 put techsupport.txt phpscript
 quit

In my global sieve directory: /var/lib/imap/sieve/global
I have the following three files

lrwxrwxrwx 1 cyrus mail  12 2013-04-19 08:27 defaultbc - phpscript.bc
-rw--- 1 cyrus mail 184 2013-04-19 08:26 phpscript.bc
-rw--- 1 cyrus mail 194 2013-04-19 08:26 phpscript.script

and the content of phpscript.script is:

require fileinto;
  if exists X-Spam-Flag {
  if header :contains X-Spam-Flag NO {
  } else {
  fileinto user.techsupport.SPAM;
  stop;
  }
  }


which is the one I created yesterday, and loaded using sieveshell.

any help would be greatly appreciated. 

















From: shashan...@hotmail.com
To: info-cyrus@lists.andrew.cmu.edu
Subject: Global Sieve script
Date: Wed, 17 Apr 2013 16:56:07 -0400




Good afternoon all,

I am trying to configure a global sieve script to move all incoming emails to a 
particular folder. According to the following link this should be a slam dunk:

http://cyrusimap.web.cmu.edu/mediawiki/index.php/Cyrus_Sieve

http://oregonstate.edu/helpdocs/e-mail/onid-e-mail/modifying-your-email-filters-using-sieveshell

So here is what I did:

[shawn@postoffice ~]$ sieveshell -u shawn localhost
connecting to localhost
Please enter your password: 
 list
phpscript  - active script
 get phpscript phpscript.txt
 exit

[shawn@postoffice ~]$ more phpscript.txt 
# This script has been automatically generated by avelsieve
# (Sieve Mail Filters Plugin for Squirrelmail)
# Warning: If you edit this manually, then the changes will not 
# be reflected in the users' front-end!
#AVELSIEVE_VERSIONYTo0OntzOjU6Im1ham9yIjtpOjE7czo1OiJtaW5vciI7aTo5O3M6NzoicmVsZWFzZSI7aTo5O3M6Njoic3
RyaW5nIjtzOjU6IjEuOS45Ijt9
#AVELSIEVE_CREATED1342104019
#AVELSIEVE_MODIFIED1351180357
require 
[fileinto,envelope,reject,vacation,imapflags,relational,comparator-i;ascii-nume
ric,regex,notify];
#START_SIEVE_RULEYTo1OntzOjQ6ImNvbmQiO2E6MTp7aTowO2E6NTp7czo0OiJraW5kIjtzOjc6Im1lc3NhZ2UiO3M6NDoidHl
wZSI7czo2OiJoZWFkZXIiO3M6NjoiaGVhZGVyIjtzOjExOiJYLVNwYW0tRmxhZyI7czo5OiJtYXRjaHR5cGUiO3M6MjoiaXMiO3M
6MTE6ImhlYWRlcm1hdGNoIjtzOjM6IllFUyI7fX1zOjQ6InR5cGUiO3M6MToiMSI7czo5OiJjb25kaXRpb24iO3M6MzoiYW5kIjt
zOjY6ImFjdGlvbiI7czoxOiI1IjtzOjY6ImZvbGRlciI7czoxMDoiSU5CT1guU1BBTSI7fQ%3D%3DEND_SIEVE_RULE
if header :is X-Spam-Flag YES
{
fileinto  INBOX.SPAM;
}


At this point I am a little baffled, since this should be moving all 
X-Spam-Flag that are YES into a folder INBOX.SPAM which does not exists at the 
top level (although I assume this means it should be filtered into each users 
individual SPAM folder). I am using Squirrelmail as a web based from end for my 
remote users and imagine the package manager must have installed this at some 
point. To simplify my life I re-wrote the script as:

require 
[fileinto,envelope,reject,vacation,imapflags,relational,comparator-i;ascii-nume
ric,regex,notify];
if exists X-Spam-Flag {
if header :contains X-Spam-Flag YES
{
fileinto  user.techsupport.SPAM;
stop;
}
}

then

[shawn@postoffice ~]$ sieveshell -u shawn localhost
connecting to localhost
Please enter your password: 
 put phpscript.txt phpscript
 list
phpscript  - active script
 quit


However, users are still receiving emails marked as SPAM in their inbox. What I 
am trying to do is make it so that any and all emails marked as SPAM are 
redirected to a single folder called SPAM in the techsupport users mail store. 

Any help is greatly appreciated,  
Shawn












require fileinto;
  if exists X-Spam-Flag {
  if header :contains X-Spam-Flag NO {
  } else {
  fileinto user.techsupport.SPAM;
  stop;
  }
  }


  
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To

Global Sieve script

2013-04-17 Thread Shawn Bakhtiar 
Good afternoon all,

I am trying to configure a global sieve script to move all incoming emails to a 
particular folder. According to the following link this should be a slam dunk:

http://cyrusimap.web.cmu.edu/mediawiki/index.php/Cyrus_Sieve

http://oregonstate.edu/helpdocs/e-mail/onid-e-mail/modifying-your-email-filters-using-sieveshell

So here is what I did:

[shawn@postoffice ~]$ sieveshell -u shawn localhost
connecting to localhost
Please enter your password: 
 list
phpscript  - active script
 get phpscript phpscript.txt
 exit

[shawn@postoffice ~]$ more phpscript.txt 
# This script has been automatically generated by avelsieve
# (Sieve Mail Filters Plugin for Squirrelmail)
# Warning: If you edit this manually, then the changes will not 
# be reflected in the users' front-end!
#AVELSIEVE_VERSIONYTo0OntzOjU6Im1ham9yIjtpOjE7czo1OiJtaW5vciI7aTo5O3M6NzoicmVsZWFzZSI7aTo5O3M6Njoic3
RyaW5nIjtzOjU6IjEuOS45Ijt9
#AVELSIEVE_CREATED1342104019
#AVELSIEVE_MODIFIED1351180357
require 
[fileinto,envelope,reject,vacation,imapflags,relational,comparator-i;ascii-nume
ric,regex,notify];
#START_SIEVE_RULEYTo1OntzOjQ6ImNvbmQiO2E6MTp7aTowO2E6NTp7czo0OiJraW5kIjtzOjc6Im1lc3NhZ2UiO3M6NDoidHl
wZSI7czo2OiJoZWFkZXIiO3M6NjoiaGVhZGVyIjtzOjExOiJYLVNwYW0tRmxhZyI7czo5OiJtYXRjaHR5cGUiO3M6MjoiaXMiO3M
6MTE6ImhlYWRlcm1hdGNoIjtzOjM6IllFUyI7fX1zOjQ6InR5cGUiO3M6MToiMSI7czo5OiJjb25kaXRpb24iO3M6MzoiYW5kIjt
zOjY6ImFjdGlvbiI7czoxOiI1IjtzOjY6ImZvbGRlciI7czoxMDoiSU5CT1guU1BBTSI7fQ%3D%3DEND_SIEVE_RULE
if header :is X-Spam-Flag YES
{
fileinto  INBOX.SPAM;
}


At this point I am a little baffled, since this should be moving all 
X-Spam-Flag that are YES into a folder INBOX.SPAM which does not exists at the 
top level (although I assume this means it should be filtered into each users 
individual SPAM folder). I am using Squirrelmail as a web based from end for my 
remote users and imagine the package manager must have installed this at some 
point. To simplify my life I re-wrote the script as:

require 
[fileinto,envelope,reject,vacation,imapflags,relational,comparator-i;ascii-nume
ric,regex,notify];
if exists X-Spam-Flag {
if header :contains X-Spam-Flag YES
{
fileinto  user.techsupport.SPAM;
stop;
}
}

then

[shawn@postoffice ~]$ sieveshell -u shawn localhost
connecting to localhost
Please enter your password: 
 put phpscript.txt phpscript
 list
phpscript  - active script
 quit


However, users are still receiving emails marked as SPAM in their inbox. What I 
am trying to do is make it so that any and all emails marked as SPAM are 
redirected to a single folder called SPAM in the techsupport users mail store. 

Any help is greatly appreciated,  
Shawn













  
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus