hed', but it
is undocumented. I believe it's based on a previously circulated patch that
you google for.
Using such a configuration will require you to use the PLAIN or LOGIN
mechanisms (or pre-sasl login/pass IMAP authentication).
--
Dan White
Cyrus Home Page: http://www.c
gt;But when I try to logon via imap, i see in the logs:
>... saslauthd[24118]: do_auth : auth failure:
>[user=testcapital.] [service=imap] [realm=] [mech=pam]
>[reason=PAM auth error]
>
>What is the best solution to work around this?
Do you get the same result with imtest?
-
l.org/docs/cyrus-sasl/2.1.25/options.php (search
for 'canon').
The best source of documentation is the cyrus-sasl mailing list archives.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://list
>On 102/2/26 下午 10:30, Dan White wrote:
>>On 02/26/13 13:26 +0800, Lingfeng Xiong wrote:
>>>>sasl_pwcheck_method: auxprop
>>>>sasl_auxprop_plugin: ldapdb
>>>>sasl_ldapdb_uri: ldap://MY-LDAP-SERVER
>>>>sasl_ldapdb_id: CYRUS-PROX
to make cyrus-imapd query the username with it's
>realm to OpenLDAP? Or my methodology is completely incorrect?
Do you have virtdomains enabled (or set to userid)?
Does this only happen with one domain (@example.net)? If so, then do you
have a defaultdomain option set?
--
Dan White
C
ages into cyrus, or back
into outlook after IMAP has been configured.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
thz-regexp rules in your slapd config to map
sasl identities (searcher, and u...@dom2.com) into DNs. Getting all the
ACLs correct can take a little trial and error.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
the
mailbox, use a canonicalization plugin, such as ldapdb.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
different mapping in LDAP?
>> Is there some sort of HOWTO somewhere or is all the information really
>> spread in openldap, sasl and imapd documentation only?
>
>Maybe the above PDF will help?
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
all files underneath it, should be owned by cyrus:mail.
If permissions look correct, please provide the contents of your
/etc/imapd.conf file, and a directory listing of the 'configdirectory'
directory.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
ACLs
only provides access to the first user's mailbox (via his own login).
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
kend's mailboxes.db:
>user.xyz.bla 2 j xyzlrswipkxtecda
>
>mupdate master:
>user.xyz.bla 1 mailback4.hrz.tu-chemnitz.de!j xyz lrswipkxtecda
>
>How to get rid of this user.xyz.bla?
>I tried ctl_cyrusdb -r - no success
You can delete the mailbox on the backend (and
date_authname: murder
>lmtpsocket: /var/run/cyrus/socket/lmtp
>idlesocket: /var/run/cyrus/socket/idle
>notifysocket: /var/run/cyrus/socket/notify
>syslog_prefix: cyrus
proxy_authname and proxy_password should not be necessary on the mupdate
master, unless it's also a frontend.
Also compare your /etc/cyrus.conf entries with:
http://cyrusimap.org/docs/cyrus-imapd/2.4.17/install-murder.php
and with the configs listed in master/conf/ within the source.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
3 11:12:00.231163 10.20.20.93:3905 -> 10.20.20.48:37428 [AP]
>U01 MAILBOX {25+}.
>user.mailteam.Kerstin.log {14+}.
>regina!default {23+}.
>mailteam.lrswipkxtecda..
>U01 MAILBOX {25+}.
>user.mailteam.Kerstin.log {14+}.
>regina!default {23+}.
>mailteam.lrswipkxtecda..
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
ssing the
cyrus.* files within its directory.
You might wish to backup the contents of the directories in question before
proceeding, in case you end up with missing flags or other data.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
everytime was stopping and starting properly. So,
>released it to the users.
>
>But, in between segfaults are worrying me.
>
>As there is a version difference, it looks like I need to rebuild the
>databases/mailboxes once.
--
Dan White
Cyrus Home Page: http://www.cyrus
your apple imap client, are you connecting as an admin user? The
anyoneuseracl option only applies to non admin users.
Use telemetry logging to verify if it's your client adding the 'anyone lrs'
acl.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/
fix this ?
You've hit this bug:
https://bugzilla.cyrusimap.org/show_bug.cgi?id=2434
One solution is mentioned in the bug report.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
On 11/30/12 16:53 +0100, Tobias Blass wrote:
>On Fri, Nov 30, 2012 at 09:46:33AM -0600, Dan White wrote:
>> On 11/30/12 10:45 +0100, Tobias Blass wrote:
>> >Hi all,
>> >I'm administrating an IMAP server for about 25 people running cyrus version
>> >2.2.1
checkpoint cmd="/usr/sbin/ctl_cyrusdb -c" period=30
>delprunecmd="/usr/sbin/cyr_expire -E 3" at=0401
>tlsprunecmd="/usr/sbin/tls_prune" at=0401
>
>}
Sound like:
https://bugzilla.cyrusimap.org/show_bug.cgi?id=3207
There have been a few TLS fixes since 2.2.x, discussed in the 2.4.16
changes file.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
5 6c 74 20 64 6d 69 74 72 79 09 6c 72 73 |fault
>>> dmitry.lrs|
>>> 0150 77 69 70 63 64 61 09 00 00 00 01 70 00 00 01 70
>>> |wipcda.p...p|
>>> 0160 00 00 02 98 00 00 06 6c 00 00 06 6c ff ff ff ff
>>> |...l...l.
prior to
>migration. However, there should be a better way than this, except
>that I don't know it.
>
>I hope someone can give me some advices to deal with this problem.
You could use an imap synchronization program (like imapsync) to transfer
your emails, which will transfer your
On 11/04/12 17:24 -0600, Dan White wrote:
>Cyrus can use saslauthd to authenticate both incoming lmtp and imap
>connections. By
>default both daemons should use the same authentication service, whether
>that's sasldb or saslauthd, or another source.
>
>Such a configuration
ve roaming users with email clients. As Andy pointed
out, you may need to sync your authentication database between the two
servers, unless your authentication database is network enabled, i.e. SQL
or LDAP.
Postfix can be configured to use cyrus sasl for smtp authentication (see
saslfing
it a duplicate message. You could
temporarily disable duplicatesuppression to see if that's the issue.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
'.
You will also possibly need to reconstruct a corrupt mailbox, if you know
which one is causing your ctl_mboxlist to spin.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
neous quota report ...
>
>this is a pretty small setup -- about 16G of mail with everyone gone at
>night -- is there something that i can run to really rebuild the entire
>mail store?
Use cyrus's quota utility to fix quota usage. reconstruct does not do so.
--
Dan White
---
e.g.:
192.0.2.1:smtp inet n - n - - smtpd
-o smtpd_tls_cert_file=/etc/ssl/orig.crt
-o smtpd_tls_key_file=/etc/ssl/orig.key
192.0.2.1:2025 inet n - n - - smtpd
-o smtpd_tls_cert_file=/etc/ssl/dom1.crt
-o smtpd_tls_key_fi
bad attempts
I am not aware of a sasl specific way to lock out accounts automatically.
If your ldap server is OpenLDAP, see slapo-ppolicy(5). Other approaches
include logcheck, pam_tally, and (linux specific):
http://www.debian-administration.org/articles/187
--
Dan White
Cyr
: alwaystrue' (if your
libsasl2 was compiled with --enable-alwaystrue).
In /etc/cyrus.conf:
gammeimap cmd="imapd" listen="10.0.0.5:imap" prefork=0 maxchild=100
and in /etc/imapd.conf:
gammeimap_sasl_pwcheck_method: alwaystrue
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
SEQ THREAD=ORDEREDSUBJECT
>THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE SCAN LISTEXT LIST-SUBSCRIBED
>URLAUTH] Success (tls protection)
You performed tls in this scenario, which makes me wonder if it's a network
protection issue.
--
Dan White
Cyrus Home Page:
uucp unix - n n - - pipe
> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
>($recipient)
>ifmailunix - n n - - pipe
> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
>bsmt
quot;nntp" prefork=3
># nntpscmd="nntpd -s" listen="nntps" prefork=1
>
> # at least one LMTP is required for delivery
># lmtpcmd="lmtpd" listen="lmtp" prefork=0
> lmtpunixcmd="lmtpd" listen="/var/lib/imap/sock
thostbyname() system call.
On my Linux system, the manpage for 'hostname' claims to provide the value
returned by the gethostname system. I think that 'hostname -f' should give
you the same value that sasl should use for the realm.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
:
cyrus/lmtpunix[26609]: duplicate_check: ... DOMAIN.ORG!user.julia 0
cyrus/lmtpunix[26609]: duplicate_check: ... DOMAIN.ORG!user.julia 0
cyrus/lmtpunix[26609]: Delivered: ... to mailbox: DOMAIN.ORG!user.julia
I'm guessing that you have a postfix content filter in place which passes t
outside of writing a script to do it).
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
only a
>frontend proxy?
Verify that the service name listed in /etc/cyrus.conf is 'lmtp'. If not,
you'll need to adjust 'lmtp_admins' to match.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
userisproxyadmin)
*(ctx->userisproxyadmin) =
global_authisa(authstate, IMAPOPT_ADMINS);
} else {
sasl_seterror(conn, 0, "user %s is not allowed to proxy",
auth_identity);
auth_freestate(authst
ngs for it in /etc/imapd.conf, such as:
pop3_sasl_pwcheck_method: auxprop
#pop3_sasl_mech_list: (defaults to all mechanisms)
allowapop: 1
Where 'pop3' matches the name you provided to the service in cyrus.conf.
apop is a pseudo-authentication mechanism that is not specified in the
mech_list.
-
here more fundamental changes
>(mailbox structure or other?) that need to be addressed specifically ?
Upgrade instructions can be found here:
http://cyrusimap.org/docs/cyrus-imapd/2.4.16/install-upgrade.php
I have not performed such a large upgrade jump myself, but I assume that it
is possible.
ntication to work, you will need to enable sasl
authentication, and offer a mechanism which supports it:
http://www.cyrussasl.org/docs/cyrus-sasl/2.1.25/mechanisms.php
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Un
or 12 hours, I'm guessing the shorter life
>is for security or some other reason?
I update once per hour. Since my kinit's are done from cron, if the ticket
refresh doesn't work, I get an email containing the error. It gives me up
to 9 hours to fix whatever issue is causing the
imap1'. It might work just as well to just
place 'imap/imap1.example.com' or 'imap/imap1.example@example.com' into
your proxyservers/*_admins entries.
I know that this format works, because it's what I currently have in my
config:
cyrus-mail1.example@example.ne
/ user.jdoe.
>
>Is there any way to get around this with IMAPd?
Try setting:
defaultdomain: imapserver.example.com
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
ption in /etc/imapd.conf to
>>> no avail.
>>
>> So when you run testsaslauthd it works?
>
>
>Yes, it certainly does.
Your saslauthd_path configuration should include the trailing '/mux'. I
believe it should be identical to the '-f' optio
On 06/17/12 18:04 -0700, Stephen Ingram wrote:
>On Thu, Jun 14, 2012 at 9:14 PM, Dan White wrote:
>
>...snip...
>
>> Another way to keep your principals straight is that you'll need a user
>> principal where you will run the *test utilities, and a service principal
&g
On 06/14/12 17:20 -0700, Stephen Ingram wrote:
>On Thu, Jun 14, 2012 at 7:05 AM, Dan White wrote:
>> Every service listed within your SERVICES section in cyrus.conf will
>> potentially need it's own service principal, particularly on your backends
>> and mupdate mast
On 06/13/12 21:02 -0700, Stephen Ingram wrote:
>On Wed, Jun 13, 2012 at 1:23 PM, Dan White wrote:
>> The other issue is that where your systems are acting as clients (such as
>> when a frontend server is connecting to an mupdate server), your client
>> will need to initial
er
words, your frontends might have an imap/mail.example.net service ticket
for accepting client imap connections, but then may need a separate ticket,
such as cyrus/mail.example.net, for backend/mupdate connections. I use
cronjobs, running as the cyrus user, to initialize those crendential
caches.
>I cant have both servers in active-active mode
You could configure Cyrus frontends (proxies) located at both locations. If
there is a backend failure, then you wouldn't need to depend on DNS
propagation for restoration of service.
That would gain you a higher level of availability in
d other than for top level user mailboxes? If so, then you may
need to manually remove them:
http://cyrusimap.org/docs/cyrus-imapd/2.4.16/overview.php#recoveryquotasrm
Which quota database format are you using (imapd.conf option quota_db)?
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
og and not to client side.
>Is that correct?
>
>Thanks again!
>
>
>On 04/05/2012 5:56 μμ, Dan White wrote:
>>'2' is the database version number, and should always be 2 (for now).
>>
>>To remove the entry, from my example:
>>
>>cyr_dbtool /v
e pop."?
>and what if i have to remove one of the deny users?
>
>thank you
>
>On 04/05/2012 5:03 μμ, Dan White wrote:
>>On 05/04/12 14:45 +0300, Nikos Gatsis - Qbit wrote:
>>>Hello list
>>>How can I disable a user from getting emails?
>>>I dont
te
>mail from centralized location to remote sites).
>
>Any assistance would be greatly appreciated.
Which version are you running on these 4 systems? Are they all
the same?
The doc at:
http://cyrusimap.org/docs/cyrus-imapd/2.4.16/install-murder.php
claims that the proxy_authenticating user will need to be a full admin
(section: Additional backend configuration):
admins: cyrus cyradmin murder
and you may not need 'murder' in your proxyservers.
Check your syslog for any additional output. Focus on the case where you're
connecting directly to the original backend when performing the transfer,
rather than the frontend. I don't know if transfers are allowed from a
frontend.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=50826
also see:
http://cyrusimap.org/docs/cyrus-imapd/2.4.16/internal/database-formats.php
imapd.conf(5) (options userdeny_db and userdeny_db_path)
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://l
lbox
* who can act *as* another user, via the 'proxyservers' and 'loginuseacl'
config options.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
instance
that does not use -a). If your lmtp service name in /etc/cyrus.conf is
'lmtp', then add this in /etc/imapd.conf:
proxyservers:
lmtp_sasl_pwcheck_method: alwaystrue
lmtp_sasl_mech_list: plain
lmtp_sasl_minimum_layer: 0
And on your frontend, configure 'proxy_authname: '
On 02/27/12 10:32 -0600, Dan White wrote:
>Another option would be to utilize SASL EXTERNAL authentication to
>authenticate your users, locally, based on peercred. Cyrus IMAP does not
>currently have support for external auth, but I'm attaching a Linux
>specific patch, against cy
be given
access (i.e. using cyrus' ACLs) to every users' Junk, Not Junk and INBOX
folders in order to read the messages, learn them and in the case of
ham, move them back to their INBOX.
But before I go down this road I just want to make sure it's really the
right road or if there is so
;, then you may have a mailbox named
'user.cyrus' that appears as INBOX from within cyradm.
Try 'ctl_mboxlist -d' to get a second opinion on what the mailbox name is.
If you can't delete the mailbox by referencing it as 'INBOX' or as
'user.cyrus', then ta
ing problems with a particular IMAP client expects all users
>to have the same namespace.
>
>I do have "altnamespace: yes" configured in /etc/imapd.conf but this
>really is an issue of consistency not an issue with either particular
>namespace.
Is one of your users an admin? See:
http://cyrusimap.org/docs/cyrus-imapd/2.4.13/altnamespace.php
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
-m login -a
test-adm ', and then compare the two with '-m plain'.
'encryption needed to use mechanism: security flags do not match required'
seems to indicate that you need to specify:
sasl_minimum_layer: 0
but you said you already tried that. A hack to get this to wor
ons to access the saslauthd mux.
One way to verify that is with:
sudo -u cyrus testsaslauthd -u test-adm -p password
You may need to set:
sasl_saslauthd_path: /mux
Within imapd.conf. But your logs will provide an appropriate error if that
option is needed.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
wildcard behavior:
>
>>>With `lm`, once I am logged in this is the behavior I am seeing with
>>>wildcards:
>
>>>Works:
>>>lm
>>>lm *
>>>lm *@fulldomain
>
>>>Doesn't work:
>>>lm *@*
>>>lm *@partialdomain*
ike fred@* if you wanted to find all the fred's (not that I
>can see any reason to do that).
>
>I'm just wondering if this is by design or perhaps could be improved or
>maybe my distr. has a bug?
I don't know. Cyrus stores mailboxes internally like:
example.org!user.jsmith.Trash
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
ithin /etc/cyrus.conf (see the
imapd.conf, and pop3d manpages).
It would be usual to see long term pop3 connections. If that's what
you're seeing, what version of cyrus are you running, and do you have any
front ends (murder/proxies) or an unusual setup?
--
Dan White
Cyrus
gt;>>
>>> The authentication bit work fine when I use 'login@realm' (in imap) but
>>> no mailbox is opened...
>>> Well my question is: is it possible to map 'login' and 'login@realm' to
>>> the same mailbox? and if so how can I do
>annotation_db: skiplist
>seenstate_db: flat
>notifysocket: /var/imap/socket/notify
>
>I have backups of the old packages, but I'man not shure if this will
>work anymore.
>
>Any ideas please ? My bloodpressure can't stand this...
When performing an upgrade from earlier than 2.4.3, all messages are
reparsed, and your cache files are re-generated, when a mailbox is first
opened. You may be able to increase you syslogging levels to get a better
view into what's going on:
http://www.cyrusimap.org/docs/cyrus-imapd/2.4.12/install-configure.php
For other possible upgrade issues, see
http://www.cyrusimap.org/docs/cyrus-imapd/2.4.12/install-upgrade.php
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
>make human intervention.
The answer to that will depend on your sasl configuration.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
ould see 'AUTH=PLAIN' listed. You should not expect to see
'LOGINDISABLED'.
Also, check your syslog (auth facility) for any errors.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
remove a quotaroot for a mailbox, when using
quotalegacy:
http://www.cyrusimap.org/docs/cyrus-imapd/2.4.12/overview.php#recoveryquotasrm
Since that user's mailbox hierarchy no longer exists, I assume quota -f can
be safely skipped.
--
Dan White
Cyrus Home Page: http://www.c
is cyrus/master[17882]: service imaps pid 32406 in BUSY state:
>terminated abnormally
>
>Yikes! So it seems that I may have several different problems on my
>hands. But does anyone recognise anything here that would cause all or
>any of this to occur suddenly?
A way to attack this piecemeal wise would be to create an email message and
feed it to cyrdeliver directly, to rule out any problems with procmail.
You can also dump your mailbox list with ctl_mboxlist, to see if you have
any corruption corruption or unexpected output.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
On 27/10/11 00:11 +0200, Paolo Cravero wrote:
>Citazione Dan White :
>
>> On 26/10/11 23:20 +0200, Paolo Cravero wrote:
>
>> >The situation is:
>> >- user A shares a mailbox with user B
>> >- user B at some point is deleted
>> >
>> >ho
reation of
>an account called B would automatically(?) grant access to that folder,
>wouldn't it?
What error are you getting when attempting to remove B's ACLs with cyradm
(deleteacl)?
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
p imap localhost
>Authentication failed:gebneric error
>
>test2>>>>
>
>cyradm --user cyrus --server localhost --auth plain
>
>Password:
>IMAP Password:
>Login failed: authentication failure at
>/usr/lib/perl5/site_perl/5.8.6/x86_64-linux/Cyrus/IMAP/Admin.pm
>lin
the server has initialized from a
keytab, you'll also need to have a credentials cache when acting as a
client, for the move to the second backend, initialized with kinit.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
stlog.so silent
>
>This is the only entry I have for session.
>Then login by imap and try last command - nothing new showing.
>
>Am I doing this wrong or is it not supported?
saslauthd does not call pam_open_session or pam_sm_open_session, which is
probably required for pam_lastlog to
able idled
Is idled running as a process? Is it listening on
/var/lib/imap/socket/idle? Try:
netstat -l -p | grep
Do your imapd processes have permissions (write?) to access the idled
socket?
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
upport proxy authentication:
http://www.cyrussasl.org/docs/cyrus-sasl/2.1.25/mechanisms.php
Given a timesieved entry of
sieve cmd="timsieved" listen="sieve" prefork=0
in /etc/cyrus.conf, you can restrict the list of server mechanisms offered
for sieve with
sieve_sasl_m
PLAIN does.
>*allowplaintext: 1*
>*mupdate_server: 172.16.68.18*
>*mupdate_authname: murder*
>*mupdate_username: murder*
>*mupdate_password: murdercyrus*
>*proxy_authname: murder*
>*murderBack1_password: murdercyrus*
>*murderBack2_password: murdercyrus*
>*murderFrontend_password: murdercyrus*
>*allowanonymouslogin: 0*
>*allowusermoves: yes*
>*altnamespace: yes*
>*unixhierarchysep: yes*
>*lmtp_downcase_rcpt: yes*
>*anysievefolder: 1*
>*sieveusehomedir: 0*
>*hashimapspool: true*
>*virtdomains: userid*
>*fulldirhash: 0*
>*tls_cert_file: /etc/ssl/certs/CS_memolinux.crt*
>*tls_key_file: /etc/ssl/private/memolinux.key*
>*tls_ca_file: /etc/ssl/certs/CA_memolinux.crt*
You're missing the proxyservers entry on the backend.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
On 07/09/11 20:49 +0100, Jeroen van Meeuwen (Kolab Systems) wrote:
>Dan White wrote:
>> On 27/08/11 09:47 -0300, Lucas Zinato Carraro wrote:
>> >Hi,
>> >
>> >I have several users that will change your login(LDAP uid).
>> >How to map
On 01/09/11 15:25 -0700, Maria McKinley wrote:
>On 9/1/11 11:49 AM, Dan White wrote:
>>Do you use any group ACLs? It looks like your imapd process may be waiting
>>for a group list enumeration to complete, via an nss ldap plugin.
>>
>>If so, and you are using the defa
you use any group ACLs? It looks like your imapd process may be waiting
for a group list enumeration to complete, via an nss ldap plugin.
If so, and you are using the default 'auth_mech: unix' group authorization
config, this is not a recommended configuration per:
http://www.cyrusimap.org/docs/cyrus-imapd/2.4.10/overview.php#aclauth
Doing so can cause performance issues.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
tely some infinite loops in there, and the bugs in skiplist db
>locking in 2.2 mean you could have any old rubbish show up over time.
>
>So I'm guessing it's a particular folder access that triggers the
>runaway process each time.
Maria,
If the problem is caused by one or a few p
be used when opening the user's
mailbox.
There is an ldapdb canon_user plugin available in sasl CVS, and a sql
plugin available in bugzilla. Documentation can be found in
doc/options.html in the sasl source.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Ar
be the error in compilation or install that prevents correct mapping
>to the human-readable text?
Most likely something went wrong during configure/compile time. compile_et
should have generated imap/imap_err.c and imap/imap_err.h, from
imap/imap_err.et, which contains the response messages.
Yo
On 06/08/11 11:44 +0100, John wrote:
>On 05/08/11 22:32, Dan White wrote:
>>Does your cyrus user have permissions to access the saslauthd mux?
>>
>>Try running your testsaslauthd command as your cyrus user... I'm assuming
>>that during testing you were using r
or another account.
># imtest -a cyrus -m PLAIN 10.0.200.6
>S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE AUTH=PLAIN AUTH=OTP
>AUTH=CRAM-MD5 AUTH=GSSAPI AUTH=LOGIN AUTH=DIGEST-MD5 SASL-IR] carbon
>Cyrus IMAP v2.4.7 server ready
>Please enter your password:
>C: A01 AUTHENTICATE PL
On 03/08/11 13:45 +0200, Frank Elsner wrote:
>On Tue, 2 Aug 2011 09:56:19 -0500 Dan White wrote:
>> It appears that mailcluster1 believes a mailbox transfer was initiated, but
>> has not yet completed (or failed).
>
>This happened.
>
>> You can use cyr_dbtool to m
fine MBTYPE_DELETED (1<<4) /* Mailbox has been deleted, but not yet
cleaned up */
It appears that mailcluster1 believes a mailbox transfer was initiated, but
has not yet completed (or failed).
You can use cyr_dbtool to manually edit the entry in your mailboxes.db, or
remove it. See:
http:
/docs/cyrus-imapd/2.4.9/internal/database-formats.php
The default format for the file is 'flat'. If you have not specified an
alternate value for userdeny_db (in imapd.conf), then creating an empty
/var/lib/imap/user_deny.db file (readable by cyrus) should stop the errors.
--
Dan White
-
On 22/07/11 15:52 -0700, Maria McKinley wrote:
>On 7/22/11 2:53 PM, Dan White wrote:
>> On 22/07/11 12:49 -0700, Maria McKinley wrote:
>>> This appears to be a username/password problem, rather than an
>>> installation problem, since things work fine for postmast
authentication database as your normal users, which could be
PAM, for instance, if you're configured to use saslauthd.
Also, be aware that the 'A01 AUTHENTICATE PLAIN ...' strings you included
in your original email contain the uuencoded form of your password, and can
be trivially reversed. If your server is publicly accessible, you may want
to change your admin passwords.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
r.
It should have proper permissions to allow sync_client to remove it on
exit, or it might fail to start again until it's manually removed.
The manpage for imapd.conf says:
... Prefix with a channel name to only apply for that channel
But it's not clear to me what that means.
--
D
>adr;dom:;;110 Russell Street;Lewiston;Maine;04240
>email;internet:rsp...@bates.edu
>title:Assistant Directory, Network Services
>tel;work:207-786-6422
>note;quoted-printable:01000111011000100101001001100101011001000101001101100=
> 011=0D=0A=
>
>url:http://www.bates.edu/
>version:2.1
>end:vcard
>
>
>Cyrus Home Page: http://www.cyrusimap.org/
>List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
t test1234
lrswipkxtecda
cyrus@mail:/var/spool/imap$ cyr_dbtool /var/lib/imap/mailboxes.db skiplist get
'user.test1234.trash'
(uniqueid 638c3a464dad9368) 0 default test1234 lrswipkxtecda
cyrus@mail:/var/spool/imap$ cyr_dbtool /var/lib/imap/mailboxes.db skiplist
delete 'user.
u're passing to it and, if it exists, your
/etc/saslauthd.conf configuration.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Maildir/new
Your emails are not being delivered to Cyrus, which uses it's own internal
mailbox format. Cyrus will be unable to read mail stored in Maildir
format.
For documentation on configuring Postfix to deliver to Cyrus instead,
see:
http://www.cyrusimap.org/docs/cyrus-imapd/2.4.9/insta
cmd="pop3d" listen=110 prefork=3
What error are you seeing in syslog with this configuration?
Try running master with '-D'.
Do you see port 26 open in the output of:
netstat -an | grep LISTEN
Do you experience the same problem if you use:
lmtp cmd="
whether the
client initiates a new connection when polling.
--
Dan White
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
101 - 200 of 429 matches
Mail list logo
