From juergen.wolf at idmt.fraunhofer.de Mon Dec 1 10:11:47 2008 From: juergen.wolf at idmt.fraunhofer.de (Juergen Wolf) Date: Mon, 1 Dec 2008 16:11:47 +0100 Subject: Murder + Sieve + multiple backends problem Message-ID: <20081201161147.1fc4c3d2@il007.idmt.fraunhofer.de> Hi currently, I test a Cyrus IMAP Murder v2.3.13-openpkg on a solaris sparc host. While the murder setup went all fine and mail comes in and can be read by users, there is one thing left I could not fix. If a user has a sieve script like #Mail filter rules for wolf #Generated by wolf using SmartSieve 1.0.0-RC2 2008/11/25 09:02:43 require ["fileinto"]; if allof (header :contains "X-Spam-Status" "Yes,") { fileinto "INBOX.Spam-Tagged"; } and the Folder INBOX.Spam-Tagged is located on a different backend server as the INBOX folder, the sieve script does not work. I get the following errors on the backend server where the INBOX is located: lmtp[27859]: sieve runtime error for wolf id <200812011437.mB1EbPK3023434 at mailgw1.fraunhofer.de>: Fileinto: Mailbox does not exist Is there any way to tell sieve to move mails to the correct backend server ? Regards, J?rgen Wolf -- email: Juergen.Wolf at idmt.fraunhofer.de gilb: Fraunhofer-Institut fuer Digitale Medientechnologie IDMT 98693 Ilmenau, Ehrenbergstr. 31 Tel.: +49 3677 467-234 Fax: +49 3677 467-467 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 1965 bytes Desc: not available Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081201/41e1b17a/attachment-0001.bin From nic at onlight.com Mon Dec 1 10:17:56 2008 From: nic at onlight.com (Nic Bernstein) Date: Mon, 01 Dec 2008 09:17:56 -0600 Subject: Murder + Sieve + multiple backends problem In-Reply-To: <20081201161147.1fc4c3d2@il007.idmt.fraunhofer.de> References: <20081201161147.1fc4c3d2@il007.idmt.fraunhofer.de> Message-ID: <49340024.7010108@onlight.com> Juergen Wolf wrote: > Hi > > currently, I test a Cyrus IMAP Murder v2.3.13-openpkg on a solaris > sparc host. While the murder setup went all fine and mail comes in and > can be read by users, there is one thing left I could not fix. > If a user has a sieve script like > > #Mail filter rules for wolf > #Generated by wolf using SmartSieve 1.0.0-RC2 2008/11/25 09:02:43 > require ["fileinto"]; > > if allof (header :contains "X-Spam-Status" "Yes,") { > fileinto "INBOX.Spam-Tagged"; > } > > and the Folder INBOX.Spam-Tagged is located on a different backend > server as the INBOX folder, the sieve script does not work. I get the > following errors on the backend server where the INBOX is located: > > lmtp[27859]: sieve runtime error for wolf id > <200812011437.mB1EbPK3023434 at mailgw1.fraunhofer.de>: Fileinto: Mailbox > does not exist > > Is there any way to tell sieve to move mails to the correct backend > server ? > > From the web site [http://cyrusimap.web.cmu.edu/ag.html section 2.3]: If a SIEVE script is present, the lmtp proxy server must do the processing as the end result of the processing may result in the mail message going to a different back end server than where the user's INBOX is. /Note that the current implementation runs SIEVE on the backend servers, and holds the requirement that all of a user's mailboxes live on the same backend./ So, you should heed this warning. -nic -- Nic Bernstein nic at onlight.com Onlight llc. www.onlight.com 2266 North Prospect Avenue #610 v. 414.272.4477 Milwaukee, Wisconsin 53202-6306 f. 414.290.0335 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081201/7fee6635/attachment.html From wes at umich.edu Mon Dec 1 12:08:21 2008 From: wes at umich.edu (Wesley Craig) Date: Mon, 1 Dec 2008 12:08:21 -0500 Subject: Murder + Sieve + multiple backends problem In-Reply-To: <49340024.7010108@onlight.com> References: <20081201161147.1fc4c3d2@il007.idmt.fraunhofer.de> <49340024.7010108@onlight.com> Message-ID: <23EFC1C1-068D-4C3F-BA55-721687F5D1FC@umich.edu> On 01 Dec 2008, at 10:17, Nic Bernstein wrote: > From the web site [http://cyrusimap.web.cmu.edu/ag.html section 2.3]: > If a SIEVE script is present, the lmtp proxy server must do the > processing as the end result of the processing may result in the > mail message going to a different back end server than where the > user's INBOX is. Note that the current implementation runs SIEVE on > the backend servers, and holds the requirement that all of a user's > mailboxes live on the same backend. So, you should heed this warning. While the code is written this way, in an environment where the backends are able to talk to each other, it wouldn't take a ton of work to remove this restriction. :wes From Duncan.Gibb at SiriusIT.co.uk Mon Dec 1 12:18:10 2008 From: Duncan.Gibb at SiriusIT.co.uk (Duncan Gibb) Date: Mon, 01 Dec 2008 17:18:10 +0000 Subject: Murder + Sieve + multiple backends problem In-Reply-To: <23EFC1C1-068D-4C3F-BA55-721687F5D1FC@umich.edu> References: <20081201161147.1fc4c3d2@il007.idmt.fraunhofer.de> <49340024.7010108@onlight.com> <23EFC1C1-068D-4C3F-BA55-721687F5D1FC@umich.edu> Message-ID: <49341C52.5080107@SiriusIT.co.uk> Wesley Craig wrote: >> Note that the current implementation runs SIEVE on >> the backend servers, and holds the requirement that all of a user's >> mailboxes live on the same backend. WC> While the code is written this way, in an environment where the WC> backends are able to talk to each other, it wouldn't take a ton of WC> work to remove this restriction. Cross-store SIEVE is theoretically the sort of thing that ought to favour the unified murder design over a conventional layered one... [light the blue touchpaper and retreat to a safe distance] But the answer to the original question is that this is known not to work - and yes, that is both counter-intuitive for users and inconvenient for administrators. /* FIXME */ Duncan -- Duncan Gibb, Technical Director Sirius Corporation plc - The Open Source Experts http://www.siriusit.co.uk/ Tel: +44 870 608 0063 From wes at umich.edu Mon Dec 1 14:22:54 2008 From: wes at umich.edu (Wesley Craig) Date: Mon, 1 Dec 2008 14:22:54 -0500 Subject: Murder + Sieve + multiple backends problem In-Reply-To: <49341C52.5080107@SiriusIT.co.uk> References: <20081201161147.1fc4c3d2@il007.idmt.fraunhofer.de> <49340024.7010108@onlight.com> <23EFC1C1-068D-4C3F-BA55-721687F5D1FC@umich.edu> <49341C52.5080107@SiriusIT.co.uk> Message-ID: On 01 Dec 2008, at 12:18, Duncan Gibb wrote: > Cross-store SIEVE is theoretically the sort of thing that ought to > favour the unified murder design over a conventional layered one... Absolutely, the backend with the INBOX and SIEVE scripts would need to know have to have a listing in mailboxes.db for the remote mailbox. As far as the code goes, sieve_fileinto() would probably work as-is. deliver_mailbox() on the other hand would have to do an mlookup() and behave more like cmd_append() does if the mailbox was remote. Not a large undertaking, tho. :wes From guus.leeuw at itpassion.com Mon Dec 1 15:04:14 2008 From: guus.leeuw at itpassion.com (Guus Leeuw jr) Date: Mon, 1 Dec 2008 21:04:14 +0100 Subject: Combination of postfix + cyrus (virtdomains) problems Message-ID: Hello, I want to be able to run all of these IMAP mailboxes on one machine: * webmaster at tenantvet.net * webmaster at option-d.co.uk At a later stage, I want to run mailboxes like first.last at domain.com. All with their distinct login ID through ptloader/LDAP. So I'm testing with webmaster at option-d.co.uk as this account is not normally receiving emails so far. I've got a general postfix SMTP server that is capable of redirecting emails for webmaster at option-d.co.uk to the correct server (imap4). On imap4 I have been playing around with virtdomains (as I am supposed to) and am currently giving up, because I don't see anymore why it doesn't work :D Here's my (imap4) postconf -n: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_list = option-d.co.uk html_directory = no inet_interfaces = 192.168.123.17 local_recipient_maps = ldap:ldaplocal mail_owner = postfix mailbox_transport = cyrus mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man mydestination = option-d.co.uk, tenantvet.net mydomain = chiswick.itpassion.com myhostname = imap4.chiswick.itpassion.com mynetworks_style = subnet newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.4.5/README_FILES relayhost = smtp.chiswick.itpassion.com sample_directory = /usr/share/doc/postfix-2.4.5/samples sender_canonical_maps = ldap:ldapsender sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_helo_required = yes smtpd_recipient_restrictions = reject_invalid_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client zombie.dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, reject_rbl_client sbl.spamhaus.org, permit smtpd_sasl_auth_enable = yes virtual_alias_maps = ldap:ldapvirtual and here's my master.cf # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd smtps inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o fallback_relay= showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache cyrus unix - n n - - pipe flags= user=cyrus argv=/usr/lib/cyrus-imapd/deliver -r ${sender} -m ${extension} ${recipient} This all pretty standard, as I use that across 3 other mailservers (where I serve one domain each). Here's my cyrus.conf: # standard standalone server implementation START { # do not delete this entry! recover cmd="ctl_cyrusdb -r" # this is only necessary if using idled for IMAP IDLE idled cmd="idled" } # UNIX sockets start with a slash and are put into /var/lib/imap/sockets SERVICES { # add or remove based on preferences imap cmd="imapd" listen="imap" prefork=5 imaps cmd="imapd -s" listen="imaps" prefork=1 pop3 cmd="pop3d" listen="pop3" prefork=3 pop3s cmd="pop3d -s" listen="pop3s" prefork=1 sieve cmd="timsieved" listen="sieve" prefork=0 ptloader cmd="ptloader" listen="/imap/ptclient/ptsock" prefork=1 # these are only necessary if receiving/exporting usenet via NNTP # nntp cmd="nntpd" listen="nntp" prefork=3 # nntps cmd="nntpd -s" listen="nntps" prefork=1 # at least one LMTP is required for delivery # lmtp cmd="lmtpd" listen="lmtp" prefork=0 lmtpunix cmd="lmtpd" listen="/imap/socket/lmtp" prefork=1 # this is only necessary if using notifications # notify cmd="notifyd" listen="/var/lib/imap/socket/notify" proto="udp" prefork=1 } EVENTS { # this is required checkpoint cmd="ctl_cyrusdb -c" period=30 # this is only necessary if using duplicate delivery suppression, # Sieve or NNTP delprune cmd="cyr_expire -E 3" at=0400 # this is only necessary if caching TLS sessions tlsprune cmd="tls_prune" at=0400 } Again, pretty standard, I would say. Now the imapd.conf: admins: cyrus allowanonymouslogin: no allowplaintext: yes allowplainwithouttls: 1 annotation_db: skiplist autocreatequota: 0 configdirectory: /imap duplicate_db: skiplist expunge_mode: delayed hashimapspool: true partition-default: /imap/spool poptimeout: 10 postmaster: postmaster quotawarn: 90 reject8bit: no sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN servername: imap4.chiswick.itpassion.com sievedir: /imap/sieve sieve_maxscriptsize: 96 sieve_maxscripts: 15 timeout: 30 tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt virtdomain: on defaultdomain: chiswick.itpassion.com loginrealms: option-d.co.uk ldap_uri: ldap://security.chiswick.itpassion.com ldap_version: 3 ldap_size_limit: 20 ldap_sasl: 0 ldap_base: dc=itpassion,dc=com ldap_filter: (&(uid=%u)(accountStatus=active)) auth_mech: pts ldap_mech: plain pts_module: ldap ptscache_timeout: 10 ptloader_sock: /imap/ptclient/ptsock When I create webmaster at option-d.co.uk with this setup I get, more often than not: localhost> cm user.webmaster at option-d.co.uk createmailbox: Permission denied So I stick a unixhierarchysep: 1 in the imapd.conf and localhost> cm user/webmaster at option-d.co.uk localhost> So I think, I have success. Looking in the spool directory, this mailbox doesn't show up under /imap/spool/domain, instead it shows up under /imap/spool/w/user/webmaster\@option-d^co^uk Sending an email to webmaster at option-d.co.uk then gets the following report from lmtpunix: Nov 30 15:32:32 imap4 postfix/smtpd[11957]: connect from smtp.chiswick.itpassion.com[192.168.123.5] Nov 30 15:32:32 imap4 postfix/smtpd[11957]: DA25318ED88: client=smtp.chiswick.itpassion.com[192.168.123.5] Nov 30 15:32:32 imap4 postfix/cleanup[11959]: warning: DA25318ED88: multi-valued sender_canonical_maps entry for guus.leeuw at itpassion.com Nov 30 15:32:32 imap4 postfix/cleanup[11959]: DA25318ED88: message-id= Nov 30 15:32:32 imap4 postfix/smtpd[11957]: disconnect from smtp.chiswick.itpassion.com[192.168.123.5] Nov 30 15:32:32 imap4 postfix/qmgr[9793]: DA25318ED88: from=, size=27336, nrcpt=1 (queue active) Nov 30 15:32:33 imap4 lmtpunix[11922]: accepted connection Nov 30 15:32:33 imap4 lmtpunix[11922]: lmtp connection preauth'd as postman Nov 30 15:32:33 imap4 lmtpunix[11922]: verify_user(user.webmaster) failed: Mailbox does not exist Nov 30 15:32:33 imap4 postfix/pipe[11961]: DA25318ED88: to=, relay=cyrus, delay=0.53, delays=0.18/0.11/0/0.24, dsn=5.6.0, status=bounced (data format error. Command output: webmaster at option-d.co.uk: Mailbox does not exist ) I have to specify loginrealms because otherwise I cannot login as webmaster at option-d.co.uk: Nov 30 15:40:47 imap4 imap[11937]: ptload(): fetched cache record (webmaster at option-d.co.uk)(mark 1228059072, current 1228059647, limit 1228059637) Nov 30 15:40:47 imap4 imap[11937]: ptload(): pinging ptloader Nov 30 15:40:47 imap4 imap[11937]: connected with no delay Nov 30 15:40:47 imap4 imap[11937]: ptload(): connected Nov 30 15:40:47 imap4 imap[11937]: timeout_select: sock = 16, rp = 0x0, wp = 0xbf8e85a0, sec = 30 Nov 30 15:40:47 imap4 imap[11937]: timeout_select exiting. r = 1; errno = 0 Nov 30 15:40:47 imap4 imap[11937]: ptload sent data Nov 30 15:40:47 imap4 imap[11937]: timeout_select: sock = 16, rp = 0xbf8e8620, wp = 0x0, sec = 30 Nov 30 15:40:47 imap4 ptloader[11921]: accepted connection Nov 30 15:40:47 imap4 ptloader[11921]: mystore: starting txn 2147483659 Nov 30 15:40:47 imap4 ptloader[11921]: mystore: committing txn 2147483659 Nov 30 15:40:47 imap4 imap[11937]: timeout_select exiting. r = 1; errno = 0 Nov 30 15:40:47 imap4 imap[11937]: timeout_select: sock = 16, rp = 0xbf8e8620, wp = 0x0, sec = 30 Nov 30 15:40:47 imap4 imap[11937]: timeout_select exiting. r = 1; errno = 0 Nov 30 15:40:47 imap4 imap[11937]: ptload read data back Nov 30 15:40:47 imap4 imap[11937]: ptload returning data Nov 30 15:40:47 imap4 imap[11937]: canonified webmaster at option-d.co.uk -> webmaster at option-d.co.uk Nov 30 15:40:47 imap4 imap[11937]: badlogin: localhost [127.0.0.1] plaintext webmaster at option-d.co.uk SASL(-13): authentication failure: cross-realm login webmaster at option-d.co.uk denied option-d.co.uk is not a hosted network, and having seen remarks that a reverse lookup is being executed by imap, I do not understand completely as to what imap would be looking for in the reverse lookup (option-d.co.uk is not a hostname..., so that throws me off a little as well.) Now, I have seen a setup where ctl_mboxlist -d would give: option-d.co.uk!user.webmaster 0 default webmaster at option-d.co.uk lrswipkxtecda option-d.co.uk.Drafts!user.webmaster 0 default webmaster at option-d.co.uk.drafts lrswipkxtecda option-d.co.uk.Ham!user.webmaster 0 default webmaster at option-d.co.uk.ham lrswipkxtecda option-d.co.uk.Sent!user.webmaster 0 default webmaster at option-d.co.uk.sent lrswipkxtecda option-d.co.uk.Spam!user.webmaster 0 default webmaster at option-d.co.uk.spam lrswipkxtecda option-d.co.uk.Trash!user.webmaster 0 default webmaster at option-d.co.uk.trash lrswipkxtecda But for the life of me, I cannot get that situation back on my newly installed server. Comparing notes isn't possible (it was a long time ago, and I trashed that FC7 server for an FC10), although I suspect the whole problem has something to do with the loginrealms and defaultdomain settings. Not sure though. Can somebody check these things, as I really cannot see it anymore (tried too many things that weren't working)... Thanks, Guus From aspineux at gmail.com Tue Dec 2 02:10:25 2008 From: aspineux at gmail.com (Alain Spineux) Date: Tue, 2 Dec 2008 08:10:25 +0100 Subject: plus addressing over lmtp not working / sam [box] anyone p set In-Reply-To: References: Message-ID: <71fe4e760812012310x531d3b4as95b47f319a64c136@mail.gmail.com> On Thu, Nov 27, 2008 at 10:14 AM, Stefan Pampel wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello, > > it seems that plus addressing not work in my case: > > postfix configured correctly: > main.cf: > recipient_delimiter = + > > master.cf: > lmtp unix - - n - - lmtp > > Mails basically reach the INBOX, but not the folder itself > > cyrus config: > > altnamespace: yes # even with no does not work > virtdomains: userid > defaultdomain: foo.bar.org > unixhierarchysep: no > > > The folder > lam user.user1.spam > > user1 lrswipcda > anyone p > > The mail header contains > To: user1 > > Any hints? Does the email goes in the user INBOX at least ? Did you look into the lmtpd.log and postfix.log to check if the delivery looks ok .? Regards > > Thanks in advance. > > Stefan Pampel > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > > iEYEARECAAYFAkkuZQgACgkQXXT1nfS2Z+HQZACePaK8zDCOamVl91z+hIhnK8b6 > XkMAn2iwps/ZU1Oet+Vg1g+uXWi/uAqM > =6YOr > -----END PGP SIGNATURE----- > > -- > / polyformal / > | http://www.polyformal.de / > |_________________________/ > GPG KEY: 11678845 > > ---- > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > -- Alain Spineux aspineux gmail com May the sources be with you From juergen.wolf at idmt.fraunhofer.de Tue Dec 2 10:54:43 2008 From: juergen.wolf at idmt.fraunhofer.de (Juergen Wolf) Date: Tue, 2 Dec 2008 16:54:43 +0100 Subject: Murder + Sieve + multiple backends problem In-Reply-To: References: <20081201161147.1fc4c3d2@il007.idmt.fraunhofer.de> <49340024.7010108@onlight.com> <23EFC1C1-068D-4C3F-BA55-721687F5D1FC@umich.edu> <49341C52.5080107@SiriusIT.co.uk> Message-ID: <20081202165443.31ec5f86@il007.idmt.fraunhofer.de> On Mon, 1 Dec 2008 14:22:54 -0500 Wesley Craig wrote: > On 01 Dec 2008, at 12:18, Duncan Gibb wrote: > > Cross-store SIEVE is theoretically the sort of thing that ought to > > favour the unified murder design over a conventional layered one... > > Absolutely, the backend with the INBOX and SIEVE scripts would need > to know have to have a listing in mailboxes.db for the remote > mailbox. As far as the code goes, sieve_fileinto() would probably > work as-is. deliver_mailbox() on the other hand would have to do an > mlookup() and behave more like cmd_append() does if the mailbox was > remote. Not a large undertaking, tho. Thanks for the replies. I have taken a look into the code. The mlookup thing is indeed very simple and already working. The cmd_append() part is a bit tricky tho, as the LMTPD does not have any imap connection to the backend as far as I see. I guess LMTP will be the wrong way to transport the mail to the right backend server. As I am completly new to the cyrus code, does anybody has any hints what would be a good start to get this done ? --- imap/lmtpd.c.orig Tue Apr 22 15:11:18 2008 +++ imap/lmtpd.c Tue Dec 2 16:52:00 2008 @@ -487,12 +487,39 @@ int quotaoverride, int acloverride) { - int r; + int r, type; struct appendstate as; time_t now = time(NULL); unsigned long uid; const char *notifier; + + struct mupdate_mailboxdata *mailboxdata; + char *server; + r = mboxlist_detail(mailboxname, &type, NULL, NULL, &server, NULL, NULL); + + /* Mailbox not existent, and murder setup ? */ + if (r == IMAP_MAILBOX_NONEXISTENT && config_mupdate_server) { + /* check the mupdate master */ + if (!mhandle) { + r = mupdate_connect(config_mupdate_server, NULL, &mhandle, NULL); + if (r) { + syslog(LOG_ERR, "couldn't connect to MUPDATE server %s: %s", + config_mupdate_server, error_message(r)); + fatal("error connecting with MUPDATE server", EC_TEMPFAIL); + } + /* find what server we're sending this to */ + r = mupdate_find(mhandle, mailboxname, &mailboxdata); + mupdate_disconnect(&mhandle); + } else { + /* find what server we're sending this to */ + r = mupdate_find(mhandle, mailboxname, &mailboxdata); + } + + /* do something to get the mail to the remote mailbox */ + syslog(LOG_INFO, "sieve moving message %s to server: %s",id, (char *) mailboxdata->server); + } + r = append_setup(&as, mailboxname, MAILBOX_FORMAT_NORMAL, authuser, authstate, acloverride ? 0 : ACL_POST, quotaoverride ? (long) -1 : Regards, J?rgen Wolf -- email: Juergen.Wolf at idmt.fraunhofer.de gilb: Fraunhofer-Institut fuer Digitale Medientechnologie IDMT 98693 Ilmenau, Ehrenbergstr. 31 Tel.: +49 3677 467-234 Fax: +49 3677 467-467 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 1965 bytes Desc: not available Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081202/17006eb1/attachment-0001.bin From spamtest-eir1beucei at asp4.polyformal.de Tue Dec 2 14:59:28 2008 From: spamtest-eir1beucei at asp4.polyformal.de (Stefan Pampel) Date: Tue, 2 Dec 2008 20:59:28 +0100 Subject: plus addressing over lmtp not working / sam [box] anyone p set References: <71fe4e760812012310x531d3b4as95b47f319a64c136@mail.gmail.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Alain Spineux schrieb: > On Thu, Nov 27, 2008 at 10:14 AM, Stefan Pampel > wrote: >> it seems that plus addressing not work in my case: >> >> postfix configured correctly: >> main.cf: >> recipient_delimiter = + >> >> master.cf: >> lmtp unix - - n - - lmtp >> >> Mails basically reach the INBOX, but not the folder itself >> >> cyrus config: >> >> altnamespace: yes # even with no does not work >> virtdomains: userid >> defaultdomain: foo.bar.org >> unixhierarchysep: no >> >> >> The folder >> lam user.user1.spam >> >> user1 lrswipcda >> anyone p >> >> The mail header contains >> To: user1 >> >> Any hints? > > Does the email goes in the user INBOX at least ? Yes, it goes to the INBOX, the header of the recieived mail looks like this Return-Path: Received: from foo.org ([unix socket]) by foo.org (Cyrus v2.2.13-Debian-2.2.13-14+b3) with LMTPA; Tue, 02 Dec 2008 20:44:21 +0100 X-Sieve: CMU Sieve 2.2 Received: from localhost (unknown [127.0.0.1]) by foo.org (Postfix) with ESMTP id D0B24EF4D11 for ; Tue, 2 Dec 2008 20:44:21 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at X-Spam-Flag: NO X-Spam-Score: -0.001 X-Spam-Level: X-Spam-Status: No, score=-0.001 tagged_above=-999 required=6.31 tests=[SPF_PASS=-0.001] Received: from foo.org ([127.0.0.1]) by localhost (foo.org [127.0.0.1]) (amavisd-new, port 10024) with LMTP id ggSVa5nIr8Oq for ; Tue, 2 Dec 2008 20:44:20 +0100 (CET) Received: from mail-qy0-f21.google.com (mail-qy0-f21.google.com [209.85.221.21]) by foo.org (Postfix) with ESMTP id 53DEDE01D5A for ; Tue, 2 Dec 2008 20:44:20 +0100 (CET) Received: by qyk14 with SMTP id 14so3861085qyk.11 for ; Tue, 02 Dec 2008 11:44:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type:content-transfer-encoding :content-disposition; bh=OsY01wpTsRs9wg12b8CJsXpNhhRKn9VYCZ0l9cxhl5Q=; b=h9NS27DnBzXhMGBpPICUp2U5tEwgbn+ouAhGLuYteBJnMWw5hIQ4vj+d8bNn8TzV4E DNtPqxGU0QXa55JsPSjYZU4yZyCk5kA1oCNacatnsWRY2LvrVtdUS7spqAYZWNpxsXas z78A3NBawCutspEj0pOlUbfwNLDDrnjK20Ce8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type :content-transfer-encoding:content-disposition; b=dvgd4c6c5TbTVmP0TibQyKDSpojbNRDZTIbmWt5DV9TMvTfdHmBtxL+564/pci7phD 4knxRl2MUb483WxZJcKazltQuT5+WtoxN0Ljg2xtqGEc+EijyG9NMCno/CtQSIA82Mg+ FWG33nCiGc/cAxhGSQo+oe0LMtap+BZVHYNIM= Received: by 10.214.183.9 with SMTP id g9mr12118283qaf.35.1228247059060; Tue, 02 Dec 2008 11:44:19 -0800 (PST) Received: by 10.214.182.8 with HTTP; Tue, 2 Dec 2008 11:44:19 -0800 (PST) Message-ID: Date: Tue, 2 Dec 2008 20:44:19 +0100 From: "Stefan Pampel" To: user Subject: 123 > Did you look into the lmtpd.log and postfix.log to check if the > delivery looks ok .? too me it looks ok. Dec 2 20:44:19 asp4 postfix/smtpd[6073]: connect from mail-qy0-f21.google.com[209.85.221.21] Dec 2 20:44:20 asp4 postfix/smtpd[6073]: 53DEDE01D5A: client=mail-qy0-f21.google.com[209.85.221.21] Dec 2 20:44:20 asp4 postfix/cleanup[6076]: 53DEDE01D5A: message-id= Dec 2 20:44:20 asp4 postfix/qmgr[2392]: 53DEDE01D5A: from=, size=2214, nrcpt=1 (queue active) Dec 2 20:44:21 asp4 postfix/smtpd[6081]: connect from unknown[127.0.0.1] Dec 2 20:44:21 asp4 postfix/smtpd[6081]: D0B24EF4D11: client=unknown[127.0.0.1] Dec 2 20:44:21 asp4 postfix/cleanup[6076]: D0B24EF4D11: message-id= Dec 2 20:44:21 asp4 postfix/smtpd[6081]: disconnect from unknown[127.0.0.1] Dec 2 20:44:21 asp4 postfix/qmgr[2392]: D0B24EF4D11: from=, size=2816, nrcpt=1 (queue active) Dec 2 20:44:21 asp4 cyrus/lmtpunix[6070]: accepted connection Dec 2 20:44:21 asp4 cyrus/lmtpunix[6070]: lmtp connection preauth'd as postman Dec 2 20:44:21 asp4 cyrus/master[6083]: about to exec /usr/lib/cyrus/bin/lmtpd Dec 2 20:44:21 asp4 cyrus/lmtpunix[6083]: executed Dec 2 20:44:21 asp4 amavis[17280]: (17280-18) Passed CLEAN, [209.85.221.21] [209.85.221.21] -> , Message-ID: , mail_id: ggSVa5nIr8Oq, Hits: -0.001, size: 2214, queued_as: D0B24EF4D11, 1298 m s Dec 2 20:44:21 asp4 postfix/lmtp[6077]: 53DEDE01D5A: to=, orig_to=, relay=127.0.0.1 [127.0.0.1]:10024, delay=1.7, delays=0.39/0/0/1.3, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=17280-18, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued a s D0B24EF4D11) Dec 2 20:44:21 asp4 postfix/qmgr[2392]: 53DEDE01D5A: removed best regards Stefan Pampel -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkk1k6AACgkQXXT1nfS2Z+GcFwCgr0iakn99Six0GbcxHnwYeVBQ 4OYAnidQaOIP+PPfxxtV7/jmiDnYunrd =jp7p -----END PGP SIGNATURE----- -- / polyformal / | http://www.polyformal.de / |_________________________/ GPG KEY: 11678845 From duncan.gibb at siriusit.co.uk Tue Dec 2 18:05:41 2008 From: duncan.gibb at siriusit.co.uk (Duncan Gibb) Date: Tue, 02 Dec 2008 23:05:41 +0000 Subject: plus addressing over lmtp not working / sam [box] anyone p set In-Reply-To: References: <71fe4e760812012310x531d3b4as95b47f319a64c136@mail.gmail.com> Message-ID: <4935BF45.6060108@siriusit.co.uk> Stefan Pampel wrote: >>> Mails basically reach the INBOX, but not the folder itself I think this is an MTA problem, rather than a Cyrus problem. > Received: from foo.org ([127.0.0.1]) > by localhost (foo.org [127.0.0.1]) (amavisd-new, port 10024) > with LMTP id ggSVa5nIr8Oq for ; > Tue, 2 Dec 2008 20:44:20 +0100 (CET) > Received: from mail-qy0-f21.google.com (mail-qy0-f21.google.com [209.85.221.21]) > by foo.org (Postfix) with ESMTP id 53DEDE01D5A > for ; Tue, 2 Dec 2008 20:44:20 +0100 (CET) The "+spam" was removed between delivery by the outside world to Postfix and delivery by Postfix to amavisd-new. The logs back this up: > Dec 2 20:44:21 asp4 amavis[17280]: (17280-18) Passed CLEAN, [209.85.221.21] [209.85.221.21] -> , > Dec 2 20:44:21 asp4 postfix/lmtp[6077]: 53DEDE01D5A: to=, orig_to=, relay=127.0.0.1 Looks like Postfix, or maybe Postfix's LMTP interface to amavisd-new, is wrongly configured. Try doing a manual LMTP delivery to Cyrus, and to amavisd-new for comparison. ie: foo$ telnet localhost 2003 mail from: rcpt to: data [etc] and the same with "telnet localhost 10024". Compare the headers and the logs and it should be obvious what's happening. Cheers Duncan -- Duncan Gibb, Technical Director Sirius Corporation plc - The Open Source Experts http://www.siriusit.co.uk/ Tel: +44 870 608 0063 From aspineux at gmail.com Wed Dec 3 02:03:39 2008 From: aspineux at gmail.com (Alain Spineux) Date: Wed, 3 Dec 2008 08:03:39 +0100 Subject: plus addressing over lmtp not working / sam [box] anyone p set In-Reply-To: References: <71fe4e760812012310x531d3b4as95b47f319a64c136@mail.gmail.com> Message-ID: <71fe4e760812022303n10a309acu98b3f6c44f702fe8@mail.gmail.com> I made multiple comments , look carefully On Tue, Dec 2, 2008 at 8:59 PM, Stefan Pampel wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Alain Spineux schrieb: >> On Thu, Nov 27, 2008 at 10:14 AM, Stefan Pampel >> wrote: >>> it seems that plus addressing not work in my case: >>> >>> postfix configured correctly: >>> main.cf: >>> recipient_delimiter = + >>> >>> master.cf: >>> lmtp unix - - n - - lmtp >>> >>> Mails basically reach the INBOX, but not the folder itself >>> >>> cyrus config: >>> >>> altnamespace: yes # even with no does not work >>> virtdomains: userid >>> defaultdomain: foo.bar.org >>> unixhierarchysep: no >>> >>> >>> The folder >>> lam user.user1.spam >>> >>> user1 lrswipcda >>> anyone p >>> >>> The mail header contains >>> To: user1 >>> >>> Any hints? >> >> Does the email goes in the user INBOX at least ? > > Yes, it goes to the INBOX, the header of the recieived mail looks like this > > > > Return-Path: > Received: from foo.org ([unix socket]) > by foo.org (Cyrus v2.2.13-Debian-2.2.13-14+b3) with LMTPA; > Tue, 02 Dec 2008 20:44:21 +0100 > X-Sieve: CMU Sieve 2.2 > Received: from localhost (unknown [127.0.0.1]) > by foo.org (Postfix) with ESMTP id D0B24EF4D11 > for ; Tue, 2 Dec 2008 20:44:21 +0100 (CET) > X-Virus-Scanned: Debian amavisd-new at > X-Spam-Flag: NO > X-Spam-Score: -0.001 > X-Spam-Level: > X-Spam-Status: No, score=-0.001 tagged_above=-999 required=6.31 > tests=[SPF_PASS=-0.001] > Received: from foo.org ([127.0.0.1]) > by localhost (foo.org [127.0.0.1]) (amavisd-new, port 10024) > with LMTP id ggSVa5nIr8Oq for ; The problem is just here, above > Tue, 2 Dec 2008 20:44:20 +0100 (CET) > Received: from mail-qy0-f21.google.com (mail-qy0-f21.google.com [209.85.221.21]) > by foo.org (Postfix) with ESMTP id 53DEDE01D5A > for ; Tue, 2 Dec 2008 20:44:20 +0100 (CET) Because it was still "user+spam" here ! > Received: by qyk14 with SMTP id 14so3861085qyk.11 > for ; Tue, 02 Dec 2008 11:44:19 -0800 (PST) > DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; > d=gmail.com; s=gamma; > h=domainkey-signature:received:received:message-id:date:from:to > :subject:mime-version:content-type:content-transfer-encoding > :content-disposition; > bh=OsY01wpTsRs9wg12b8CJsXpNhhRKn9VYCZ0l9cxhl5Q=; > b=h9NS27DnBzXhMGBpPICUp2U5tEwgbn+ouAhGLuYteBJnMWw5hIQ4vj+d8bNn8TzV4E > DNtPqxGU0QXa55JsPSjYZU4yZyCk5kA1oCNacatnsWRY2LvrVtdUS7spqAYZWNpxsXas > z78A3NBawCutspEj0pOlUbfwNLDDrnjK20Ce8= > DomainKey-Signature: a=rsa-sha1; c=nofws; > d=gmail.com; s=gamma; > h=message-id:date:from:to:subject:mime-version:content-type > :content-transfer-encoding:content-disposition; > b=dvgd4c6c5TbTVmP0TibQyKDSpojbNRDZTIbmWt5DV9TMvTfdHmBtxL+564/pci7phD > 4knxRl2MUb483WxZJcKazltQuT5+WtoxN0Ljg2xtqGEc+EijyG9NMCno/CtQSIA82Mg+ > FWG33nCiGc/cAxhGSQo+oe0LMtap+BZVHYNIM= > Received: by 10.214.183.9 with SMTP id g9mr12118283qaf.35.1228247059060; > Tue, 02 Dec 2008 11:44:19 -0800 (PST) > Received: by 10.214.182.8 with HTTP; Tue, 2 Dec 2008 11:44:19 -0800 (PST) > Message-ID: > Date: Tue, 2 Dec 2008 20:44:19 +0100 > From: "Stefan Pampel" > To: user > Subject: 123 > > > >> Did you look into the lmtpd.log and postfix.log to check if the >> delivery looks ok .? > > too me it looks ok. > > > Dec 2 20:44:19 asp4 postfix/smtpd[6073]: connect from mail-qy0-f21.google.com[209.85.221.21] > Dec 2 20:44:20 asp4 postfix/smtpd[6073]: 53DEDE01D5A: client=mail-qy0-f21.google.com[209.85.221.21] > Dec 2 20:44:20 asp4 postfix/cleanup[6076]: 53DEDE01D5A: message-id= > Dec 2 20:44:20 asp4 postfix/qmgr[2392]: 53DEDE01D5A: from=, size=2214, nrcpt=1 (queue active) > Dec 2 20:44:21 asp4 postfix/smtpd[6081]: connect from unknown[127.0.0.1] > Dec 2 20:44:21 asp4 postfix/smtpd[6081]: D0B24EF4D11: client=unknown[127.0.0.1] > Dec 2 20:44:21 asp4 postfix/cleanup[6076]: D0B24EF4D11: message-id= > Dec 2 20:44:21 asp4 postfix/smtpd[6081]: disconnect from unknown[127.0.0.1] > Dec 2 20:44:21 asp4 postfix/qmgr[2392]: D0B24EF4D11: from=, size=2816, nrcpt=1 (queue active) > Dec 2 20:44:21 asp4 cyrus/lmtpunix[6070]: accepted connection > Dec 2 20:44:21 asp4 cyrus/lmtpunix[6070]: lmtp connection preauth'd as postman > Dec 2 20:44:21 asp4 cyrus/master[6083]: about to exec /usr/lib/cyrus/bin/lmtpd > Dec 2 20:44:21 asp4 cyrus/lmtpunix[6083]: executed > Dec 2 20:44:21 asp4 amavis[17280]: (17280-18) Passed CLEAN, [209.85.221.21] [209.85.221.21] -> , > Message-ID: , mail_id: ggSVa5nIr8Oq, Hits: -0.001, size: 2214, queued_as: D0B24EF4D11, 1298 m > s > Dec 2 20:44:21 asp4 postfix/lmtp[6077]: 53DEDE01D5A: to=, orig_to=, relay=127.0.0.1 > [127.0.0.1]:10024, delay=1.7, delays=0.39/0/0/1.3, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=17280-18, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued a HERE is the "culprit" ! postfix tell us, it got "user+spam" and give back "user" to [127.0.0.1]:10024 ! Does it mean amavis and postfix use LMTP protocol ? This is unusual ! (but this is not the probleme) > s D0B24EF4D11) > Dec 2 20:44:21 asp4 postfix/qmgr[2392]: 53DEDE01D5A: removed > > > > best regards > > Stefan Pampel > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > > iEYEARECAAYFAkk1k6AACgkQXXT1nfS2Z+GcFwCgr0iakn99Six0GbcxHnwYeVBQ > 4OYAnidQaOIP+PPfxxtV7/jmiDnYunrd > =jp7p > -----END PGP SIGNATURE----- > > -- > / polyformal / > | http://www.polyformal.de / > |_________________________/ > GPG KEY: 11678845 > > ---- > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > -- Alain Spineux aspineux gmail com May the sources be with you From ml at bortal.de Wed Dec 3 05:40:41 2008 From: ml at bortal.de (ml at bortal.de) Date: Wed, 03 Dec 2008 11:40:41 +0100 Subject: Reconstruct Syntax Help Message-ID: <49366229.9070508@bortal.de> Hello List, i am getting: IOERROR: opening /opt/foo/imap/spool/domain/foo/user/archive/2008/12/cyrus.header: No such file or directory What is the syntax for reconstruct to fix this? I tried: reconstruct -r user at foo but i get "Mailbox does not exist". Whats the syntax? Thanks, Mario From nic at onlight.com Wed Dec 3 07:56:36 2008 From: nic at onlight.com (Nic Bernstein) Date: Wed, 03 Dec 2008 06:56:36 -0600 Subject: Reconstruct Syntax Help In-Reply-To: <49366229.9070508@bortal.de> References: <49366229.9070508@bortal.de> Message-ID: <49368204.5080301@onlight.com> Try reconstruct -r user.foo, not user at foo. You may need to use other switches, depending upon the problem. Check the man page for further details ("man reconstruct"). -nic On 12/03/2008 04:40 AM, ml at bortal.de wrote: > Hello List, > > i am getting: > IOERROR: opening > /opt/foo/imap/spool/domain/foo/user/archive/2008/12/cyrus.header: No > such file or directory > > What is the syntax for reconstruct to fix this? > > I tried: > reconstruct -r user at foo > but i get "Mailbox does not exist". > > Whats the syntax? > > Thanks, > Mario > > > ---- > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > -- Nic Bernstein nic at onlight.com Onlight llc. www.onlight.com 2266 North Prospect Avenue #610 v. 414.272.4477 Milwaukee, Wisconsin 53202-6306 f. 414.290.0335 From dembek at alcatel-lucent.com Wed Dec 3 08:00:49 2008 From: dembek at alcatel-lucent.com (DEMBEK, Adam (Adam)) Date: Wed, 3 Dec 2008 14:00:49 +0100 Subject: Cyrus replication performance improvement Message-ID: <79F10B7259440E468DB6875CC2AF6A7701EC2252@DEEXC1U02.de.lucent.com> Welcome We are working on improving performance of our Cyrus server replication. We are using Cyrus 2.3.7. When installed our software on server with slower 10 RPM disks we notice that one sync_client is not able to synchronize all data in real time. On servers with 15 RPM disk performance was better. We prepared few modifications that allow to run 3 sync_client that will replicate different mailboxes at the same time. We would like to get opinion of other Cyrus developers about these modifications to identify if they can introduce any additional risks (Details below). Our tests show 30 - 50 % improvement of Cyrus replication speed on server with 10 RPM disks. We tested that no data is lost during synchronization for CREATE, APPEND, STORE, RENAME and SETANNOTATION commands. Our changes: sync_log.c Write log to one of 3 files depending on mailbox name. The same mailbox is always sent to the same log file. sync_client.c Read from different sync/log file. Path to correct log file is configured in imapd.conf Each sync_client is run with different imapd.conf. cyrus.conf Start 3 syncservers on different ports syncserver cmd="/apsw/ms/cyrus/imapd/bin/sync_server -C /etc/imapd_s.conf" listen="50055" maxchild=1 syncserver1 cmd="/apsw/ms/cyrus/imapd/bin/sync_server -C /etc/imapd_s1conf" listen="50056" maxchild=1 syncserver2 cmd="/apsw/ms/cyrus/imapd/bin/sync_server -C /etc/imapd_s2.conf" listen="50057" maxchild=1 Code changes in sync_log.c void sync_log_mailbox(char *name) { int sync_file_id = getFileId(name + 5); sync_log(sync_file_id, "MAILBOX %s\n", name); } int getFileId(const char *name) { if (multi_sync_log > 1) { unsigned int result = 0; int pos = 0; for (; name[pos] != 0; ++pos) { result += name[pos]; } return (result % multi_sync_log); } return 0; } static void sync_log_base(int sync_file_id, const char *string, int len) { int fd, rc; struct stat sbuffile, sbuffd; int retries = 0; char *file_name; if (!sync_log_enabled) return; if (sync_file_id == 0) { file_name = sync_log_file; } else if (sync_file_id == 1) { file_name = sync_log_file1; } else if (sync_file_id == 2) { file_name = sync_log_file2; } while (retries++ < SYNC_LOG_RETRIES) { fd = open(file_name, O_WRONLY|O_APPEND|O_CREAT, 0640); if (fd < 0 && errno == ENOENT) { if (!cyrus_mkdir(file_name, 0755)) { fd = open(file_name, O_WRONLY|O_APPEND|O_CREAT, 0640); } } if (fd < 0) { syslog(LOG_ERR, "sync_log(): Unable to write to log file %s: %s", file_name, strerror(errno)); return; } if (lock_blocking(fd) == -1) { syslog(LOG_ERR, "sync_log(): Failed to lock %s for %s: %m", file_name, string); close(fd); return; } ... } Regards, Adam Dembek Messaging Applications Poland phone: +48 52 349 1908 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081203/834f15f5/attachment-0001.html From davidk at cs.umass.edu Wed Dec 3 09:39:30 2008 From: davidk at cs.umass.edu (David Korpiewski) Date: Wed, 03 Dec 2008 09:39:30 -0500 Subject: Reconstruct Syntax Help In-Reply-To: <49368204.5080301@onlight.com> References: <49366229.9070508@bortal.de> <49368204.5080301@onlight.com> Message-ID: <49369A22.3000807@cs.umass.edu> Depending if you have "unixhierarchysep: yes" in your imapd.conf, you may have a "/" rather than a period. The -f flag is useful too for searching down file systems and finding subfolders. This is the way I do it on my own system: /usr/bin/cyrus/bin/reconstruct -r -f user/davidk Good luck David Nic Bernstein wrote: > Try reconstruct -r user.foo, not user at foo. You may need to use other > switches, depending upon the problem. Check the man page for further > details ("man reconstruct"). > -nic > > On 12/03/2008 04:40 AM, ml at bortal.de wrote: >> Hello List, >> >> i am getting: >> IOERROR: opening >> /opt/foo/imap/spool/domain/foo/user/archive/2008/12/cyrus.header: No >> such file or directory >> >> What is the syntax for reconstruct to fix this? >> >> I tried: >> reconstruct -r user at foo >> but i get "Mailbox does not exist". >> >> Whats the syntax? >> >> Thanks, >> Mario >> >> >> ---- >> Cyrus Home Page: http://cyrusimap.web.cmu.edu/ >> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki >> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html >> > > -- =========================================== David Korpiewski Software Specialist I CSCF - Computer Science Computing Facility Department of Computer Science Phone: 413-545-4319 Fax: 413-577-2285 =========================================== From llt at recol.com Wed Dec 3 10:15:03 2008 From: llt at recol.com (Lan Tran) Date: Wed, 3 Dec 2008 10:15:03 -0500 Subject: plus addressing over lmtp not working / sam [box] anyone p set References: <71fe4e760812012310x531d3b4as95b47f319a64c136@mail.gmail.com> <71fe4e760812022303n10a309acu98b3f6c44f702fe8@mail.gmail.com> Message-ID: <5EAC17905F4B4C8F8E09D3954DD6B5BA@recol.us> ----- Original Message ----- From: "Alain Spineux" To: Cc: Sent: Wednesday, December 03, 2008 2:03 AM Subject: Re: plus addressing over lmtp not working / sam [box] anyone p set >I made multiple comments , look carefully > > On Tue, Dec 2, 2008 at 8:59 PM, Stefan Pampel > wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Alain Spineux schrieb: >>> On Thu, Nov 27, 2008 at 10:14 AM, Stefan Pampel >>> wrote: >>>> it seems that plus addressing not work in my case: >>>> >>>> postfix configured correctly: >>>> main.cf: >>>> recipient_delimiter = + >>>> >>>> master.cf: >>>> lmtp unix - - n - - lmtp >>>> >>>> Mails basically reach the INBOX, but not the folder itself >>>> >>>> cyrus config: >>>> >>>> altnamespace: yes # even with no does not work >>>> virtdomains: userid >>>> defaultdomain: foo.bar.org >>>> unixhierarchysep: no >>>> >>>> >>>> The folder >>>> lam user.user1.spam >>>> >>>> user1 lrswipcda >>>> anyone p >>>> >>>> The mail header contains >>>> To: user1 >>>> >>>> Any hints? >>> >>> Does the email goes in the user INBOX at least ? >> >> Yes, it goes to the INBOX, the header of the recieived mail looks like >> this >> >> >> >> Return-Path: >> Received: from foo.org ([unix socket]) >> by foo.org (Cyrus v2.2.13-Debian-2.2.13-14+b3) with LMTPA; >> Tue, 02 Dec 2008 20:44:21 +0100 >> X-Sieve: CMU Sieve 2.2 >> Received: from localhost (unknown [127.0.0.1]) >> by foo.org (Postfix) with ESMTP id D0B24EF4D11 >> for ; Tue, 2 Dec 2008 20:44:21 +0100 (CET) >> X-Virus-Scanned: Debian amavisd-new at >> X-Spam-Flag: NO >> X-Spam-Score: -0.001 >> X-Spam-Level: >> X-Spam-Status: No, score=-0.001 tagged_above=-999 required=6.31 >> tests=[SPF_PASS=-0.001] >> Received: from foo.org ([127.0.0.1]) >> by localhost (foo.org [127.0.0.1]) (amavisd-new, port 10024) >> with LMTP id ggSVa5nIr8Oq for ; > > The problem is just here, above > >> Tue, 2 Dec 2008 20:44:20 +0100 (CET) >> Received: from mail-qy0-f21.google.com (mail-qy0-f21.google.com >> [209.85.221.21]) >> by foo.org (Postfix) with ESMTP id 53DEDE01D5A >> for ; Tue, 2 Dec 2008 20:44:20 +0100 (CET) > > Because it was still "user+spam" here ! > >> Received: by qyk14 with SMTP id 14so3861085qyk.11 >> for ; Tue, 02 Dec 2008 11:44:19 -0800 (PST) >> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; >> d=gmail.com; s=gamma; >> h=domainkey-signature:received:received:message-id:date:from:to >> :subject:mime-version:content-type:content-transfer-encoding >> :content-disposition; >> bh=OsY01wpTsRs9wg12b8CJsXpNhhRKn9VYCZ0l9cxhl5Q=; >> >> b=h9NS27DnBzXhMGBpPICUp2U5tEwgbn+ouAhGLuYteBJnMWw5hIQ4vj+d8bNn8TzV4E >> >> DNtPqxGU0QXa55JsPSjYZU4yZyCk5kA1oCNacatnsWRY2LvrVtdUS7spqAYZWNpxsXas >> z78A3NBawCutspEj0pOlUbfwNLDDrnjK20Ce8= >> DomainKey-Signature: a=rsa-sha1; c=nofws; >> d=gmail.com; s=gamma; >> h=message-id:date:from:to:subject:mime-version:content-type >> :content-transfer-encoding:content-disposition; >> >> b=dvgd4c6c5TbTVmP0TibQyKDSpojbNRDZTIbmWt5DV9TMvTfdHmBtxL+564/pci7phD >> >> 4knxRl2MUb483WxZJcKazltQuT5+WtoxN0Ljg2xtqGEc+EijyG9NMCno/CtQSIA82Mg+ >> FWG33nCiGc/cAxhGSQo+oe0LMtap+BZVHYNIM= >> Received: by 10.214.183.9 with SMTP id g9mr12118283qaf.35.1228247059060; >> Tue, 02 Dec 2008 11:44:19 -0800 (PST) >> Received: by 10.214.182.8 with HTTP; Tue, 2 Dec 2008 11:44:19 -0800 (PST) >> Message-ID: >> Date: Tue, 2 Dec 2008 20:44:19 +0100 >> From: "Stefan Pampel" >> To: user >> Subject: 123 >> >> >> >>> Did you look into the lmtpd.log and postfix.log to check if the >>> delivery looks ok .? >> >> too me it looks ok. >> >> >> Dec 2 20:44:19 asp4 postfix/smtpd[6073]: connect from >> mail-qy0-f21.google.com[209.85.221.21] >> Dec 2 20:44:20 asp4 postfix/smtpd[6073]: 53DEDE01D5A: >> client=mail-qy0-f21.google.com[209.85.221.21] >> Dec 2 20:44:20 asp4 postfix/cleanup[6076]: 53DEDE01D5A: >> message-id= >> Dec 2 20:44:20 asp4 postfix/qmgr[2392]: 53DEDE01D5A: >> from=, size=2214, nrcpt=1 (queue active) >> Dec 2 20:44:21 asp4 postfix/smtpd[6081]: connect from unknown[127.0.0.1] >> Dec 2 20:44:21 asp4 postfix/smtpd[6081]: D0B24EF4D11: >> client=unknown[127.0.0.1] >> Dec 2 20:44:21 asp4 postfix/cleanup[6076]: D0B24EF4D11: >> message-id= >> Dec 2 20:44:21 asp4 postfix/smtpd[6081]: disconnect from >> unknown[127.0.0.1] >> Dec 2 20:44:21 asp4 postfix/qmgr[2392]: D0B24EF4D11: >> from=, size=2816, nrcpt=1 (queue active) >> Dec 2 20:44:21 asp4 cyrus/lmtpunix[6070]: accepted connection >> Dec 2 20:44:21 asp4 cyrus/lmtpunix[6070]: lmtp connection preauth'd as >> postman >> Dec 2 20:44:21 asp4 cyrus/master[6083]: about to exec >> /usr/lib/cyrus/bin/lmtpd >> Dec 2 20:44:21 asp4 cyrus/lmtpunix[6083]: executed >> Dec 2 20:44:21 asp4 amavis[17280]: (17280-18) Passed CLEAN, >> [209.85.221.21] [209.85.221.21] -> , >> Message-ID: , >> mail_id: ggSVa5nIr8Oq, Hits: -0.001, size: 2214, queued_as: D0B24EF4D11, >> 1298 m >> s >> Dec 2 20:44:21 asp4 postfix/lmtp[6077]: 53DEDE01D5A: to=, >> orig_to=, relay=127.0.0.1 >> [127.0.0.1]:10024, delay=1.7, delays=0.39/0/0/1.3, dsn=2.0.0, status=sent >> (250 2.0.0 Ok, id=17280-18, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: >> queued a > > HERE is the "culprit" ! postfix tell us, it got "user+spam" and give > back "user" to [127.0.0.1]:10024 ! > > Does it mean amavis and postfix use LMTP protocol ? This is unusual ! > (but this is not the probleme) > >> s D0B24EF4D11) >> Dec 2 20:44:21 asp4 postfix/qmgr[2392]: 53DEDE01D5A: removed >> >> >> >> best regards >> >> Stefan Pampel >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.9 (GNU/Linux) >> >> iEYEARECAAYFAkk1k6AACgkQXXT1nfS2Z+GcFwCgr0iakn99Six0GbcxHnwYeVBQ >> 4OYAnidQaOIP+PPfxxtV7/jmiDnYunrd >> =jp7p >> -----END PGP SIGNATURE----- >> >> -- >> / polyformal / >> | http://www.polyformal.de / >> |_________________________/ >> GPG KEY: 11678845 >> amavisd-new by default does not have plus addressing enabled. Add or uncomment this line to amavisd.conf and reload it: $recipient_delimiter = '+'; LT From mickoum at gmail.com Wed Dec 3 12:28:05 2008 From: mickoum at gmail.com (Michael JOLY) Date: Wed, 3 Dec 2008 18:28:05 +0100 Subject: Problem upgrading cyrus on debian etch Message-ID: <124c13f40812030928i74a4353bocadacbcab1e6e23d@mail.gmail.com> Hello, I have a problem when I try to upgrade cyrus 21 to cyrus 22. I had this error : Database backends mismatch! You must manually verify and update the Cyrus databases to the new backends Could you help me please ? Sincerely yours, Mick -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081203/2bddf7af/attachment.html From dangaudette at knet.ca Wed Dec 3 12:42:53 2008 From: dangaudette at knet.ca (Dan Gaudette) Date: Wed, 03 Dec 2008 11:42:53 -0600 Subject: Problem upgrading cyrus on debian etch In-Reply-To: <124c13f40812030928i74a4353bocadacbcab1e6e23d@mail.gmail.com> References: <124c13f40812030928i74a4353bocadacbcab1e6e23d@mail.gmail.com> Message-ID: <4936C51D.5050606@knet.ca> Hi Mick, The default database formats for the mailbox list and the seen state databases has been changed to the skiplist backend. Check out the install-upgrade.html file in the doc directory - it will have some more information that should help you out. Dan Michael JOLY wrote: > Hello, > > I have a problem when I try to upgrade cyrus 21 to cyrus 22. > I had this error : > > Database backends mismatch! You must manually verify and update the Cyrus > databases to the new backends > > Could you help me please ? > > Sincerely yours, > > Mick > > > ------------------------------------------------------------------------ > > ---- > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html -- Dan Gaudette Keewaytinook Okimakanak / K-Net Services Box 1439, 115 King Street Sioux Lookout, ON, P8T 1B9 Phone: 807-737-1135 ext 1270 Fax: 807-737-1720 Email: dangaudette at knet.ca From brong at fastmail.fm Wed Dec 3 17:58:54 2008 From: brong at fastmail.fm (Bron Gondwana) Date: Thu, 04 Dec 2008 09:58:54 +1100 Subject: Reconstruct Syntax Help In-Reply-To: <49366229.9070508@bortal.de> References: <49366229.9070508@bortal.de> Message-ID: <1228345134.20251.1288134341@webmail.messagingengine.com> On Wed, 03 Dec 2008 11:40:41 +0100, "ml at bortal.de" wrote: > Hello List, > > i am getting: > IOERROR: opening > /opt/foo/imap/spool/domain/foo/user/archive/2008/12/cyrus.header: No > such file or directory > > What is the syntax for reconstruct to fix this? > > I tried: > reconstruct -r user at foo > but i get "Mailbox does not exist". > > Whats the syntax? Looks to me like you're domain split with no directory hashing: For a start you don't want "user at foo", you want "archive at foo", because that's the user you're trying to reconstruct, assuming that path has actually had item substitution and isn't invented out of whole cloth. I believe reconstruct was patched a couple of versions back to support user at domain paths, but it still works reliably with internal format addresses. Try this: reconstruct -r foo\!user.archive Bron ( you can use single quotes or whatever instead of the backslash - just avoid the shell expanding the ! ) -- Bron Gondwana brong at fastmail.fm From aspineux at gmail.com Thu Dec 4 02:07:05 2008 From: aspineux at gmail.com (Alain Spineux) Date: Thu, 4 Dec 2008 08:07:05 +0100 Subject: Reconstruct Syntax Help In-Reply-To: <49366229.9070508@bortal.de> References: <49366229.9070508@bortal.de> Message-ID: <71fe4e760812032307w1044778dn880bd3863977376e@mail.gmail.com> On Wed, Dec 3, 2008 at 11:40 AM, ml at bortal.de wrote: > Hello List, > > i am getting: > IOERROR: opening > /opt/foo/imap/spool/domain/foo/user/archive/2008/12/cyrus.header: No > such file or directory > > What is the syntax for reconstruct to fix this? > > I tried: > reconstruct -r user at foo > but i get "Mailbox does not exist". > > Whats the syntax? here is how a use it, this work with unpatched version /kolab/bin/cyrreconstruct -r -f' user/h.b at alpha.com user/h.b/*@alpha.com Regards > > Thanks, > Mario > > > ---- > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > -- Alain Spineux aspineux gmail com May the sources be with you From brong at fastmail.fm Thu Dec 4 22:14:27 2008 From: brong at fastmail.fm (Bron Gondwana) Date: Fri, 05 Dec 2008 14:14:27 +1100 Subject: Cache truncation bug on aborted appends Message-ID: <1228446867.20912.1288375755@webmail.messagingengine.com> Hi all, Cyrus stores the end of the cache file before starting an append operation so that it can truncate back to that point if the append is aborted. Unfortunately, it actually stores cache_len rather than cache_size. That sort of sucks, because cache_len is rounded up by quite a bit to allow "slop". As the cache file gets bigger, the slop gets bigger too, and you wind up with a whole pile of zero blocks in your cache file, making it (even if sparse) somewhat massive. Oh, and the bogus record(s) that you wrote are going to still be (possibly only partially) in the file, because the truncate will either be past them, or in the middle of them. This is exacerbated by the fact that duplicate suppression seems to need to write to the cache file _before_ it decides not to accept the message! The attached patch fixes the issue, adds a comment, and renames the temporary variable to reflect the value it's actually storing. Wes/Ken, please apply to CVS for the next stable release. Everyone else, I recommend you apply this patch. We have had to reconstruct the occasional mailbox as their cache file size spirals out of control and the process hits memory limits trying to map it. Bron. -- Bron Gondwana brong at fastmail.fm -------------- next part -------------- A non-text attachment was scrubbed... Name: cyrus-truncate-length-2.3.13.diff Type: text/x-patch Size: 1353 bytes Desc: not available Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081205/c17666ab/attachment.bin From simon.matter at invoca.ch Fri Dec 5 02:25:38 2008 From: simon.matter at invoca.ch (Simon Matter) Date: Fri, 5 Dec 2008 08:25:38 +0100 (CET) Subject: Cache truncation bug on aborted appends In-Reply-To: <1228446867.20912.1288375755@webmail.messagingengine.com> References: <1228446867.20912.1288375755@webmail.messagingengine.com> Message-ID: <54a13dbc47935c472fe50efb9678ed7f.squirrel@webmail.bi.corp.invoca.ch> > Hi all, > > Cyrus stores the end of the cache file before starting an > append operation so that it can truncate back to that point > if the append is aborted. > > Unfortunately, it actually stores cache_len rather than > cache_size. That sort of sucks, because cache_len is > rounded up by quite a bit to allow "slop". As the cache > file gets bigger, the slop gets bigger too, and you wind > up with a whole pile of zero blocks in your cache file, > making it (even if sparse) somewhat massive. > > Oh, and the bogus record(s) that you wrote are going to > still be (possibly only partially) in the file, because > the truncate will either be past them, or in the middle > of them. > > This is exacerbated by the fact that duplicate suppression > seems to need to write to the cache file _before_ it decides > not to accept the message! > > The attached patch fixes the issue, adds a comment, and Hi Bron, is there something missing in the patch, because I can't see the "adds a comment" part? Thanks, Simon From brong at fastmail.fm Fri Dec 5 04:44:22 2008 From: brong at fastmail.fm (Bron Gondwana) Date: Fri, 05 Dec 2008 20:44:22 +1100 Subject: Cache truncation bug on aborted appends In-Reply-To: <54a13dbc47935c472fe50efb9678ed7f.squirrel@webmail.bi.corp.invoca.ch> References: <1228446867.20912.1288375755@webmail.messagingengine.com> <54a13dbc47935c472fe50efb9678ed7f.squirrel@webmail.bi.corp.invoca.ch> Message-ID: <1228470262.3091.1288413187@webmail.messagingengine.com> On Fri, 5 Dec 2008 08:25:38 +0100 (CET), "Simon Matter" wrote: > > Hi all, > > > > Cyrus stores the end of the cache file before starting an > > append operation so that it can truncate back to that point > > if the append is aborted. > > > > Unfortunately, it actually stores cache_len rather than > > cache_size. That sort of sucks, because cache_len is > > rounded up by quite a bit to allow "slop". As the cache > > file gets bigger, the slop gets bigger too, and you wind > > up with a whole pile of zero blocks in your cache file, > > making it (even if sparse) somewhat massive. > > > > Oh, and the bogus record(s) that you wrote are going to > > still be (possibly only partially) in the file, because > > the truncate will either be past them, or in the middle > > of them. > > > > This is exacerbated by the fact that duplicate suppression > > seems to need to write to the cache file _before_ it decides > > not to accept the message! > > > > The attached patch fixes the issue, adds a comment, and > > Hi Bron, > > is there something missing in the patch, because I can't see the "adds a > comment" part? Hmm... could be. Damn. I'll just go back and have a look. I did the comment after the rest of it - it's pretty meaningless anyway. The code in the patch is certainly fine... Ok - here's the copy with the comment! Bron. -- Bron Gondwana brong at fastmail.fm -------------- next part -------------- A non-text attachment was scrubbed... Name: cyrus-truncate-length-2.3.13.diff Type: text/x-patch Size: 1444 bytes Desc: not available Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081205/fe3d7a16/attachment.bin From gary at primeexalia.com Tue Dec 9 09:58:57 2008 From: gary at primeexalia.com (Gary W. Smith) Date: Tue, 9 Dec 2008 06:58:57 -0800 Subject: murder configuration issue Message-ID: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> Hello, I'm trying to configure murder in an existing environment. I have configured the one backend server, the master server and I'm trying to confogure the frontend server. On the frontend is where I'm running into a problem. The backends can do a ctl_mboxlist just fine. I put tcpdump on the master server and I can see them making a connection without any problem. For some reason, the frontend server kicks out an error message saing that it can't connect to the master server, yet I don't even see any traffic leaving the server or hitting the master server on port 3905. Error message: # runuser - cyrus -c ' /usr/lib/cyrus-imapd/ctl_mboxlist -m' couldn't connect to mupdate server and when the cyrus-imapd process is running these are all over the log files: Dec 9 09:56:55 mdsfe mupdate[12282]: connect(10.80.72.201) failed: Invalid argument Dec 9 09:56:55 mdsfe mupdate[12282]: couldn't connect to mupdate server Dec 9 09:56:55 mdsfe mupdate[12282]: retrying connection to mupdate server in 20 seconds In the imapd.conf file I have: configdirectory: /var/lib/imap partition-default: /var/spool/imap admins: cyrus root mupdate_authname: murder #mupdate_username: murder mupdate_password: mypass mupdate_server: 10.80.72.201 mupdate_port: 3905 mds01_mechs: PLAIN mds01_password: mypass proxy_authname: murder sasl_pwcheck_method: saslauthd allowplaintext: yes sasl_mech_list: PLAIN sasl_minimum_layer: 0 tls_ca_file: /etc/imap/rapidssl_01.cer tls_cert_file: /etc/imap/imap.crt tls_key_file: /etc/imap/imap.pem In the cyrus.conf I have: mupdate cmd="mupdate" listen=3905 prefork=1 imap cmd="proxyd" listen="imap" prefork=0 imaps cmd="proxyd -s" listen="imaps" prefork=0 pop3 cmd="pop3d" listen="pop3" prefork=0 pop3s cmd="pop3d -s" listen="pop3s" prefork=0 sieve cmd="timsieved" listen="sieve" prefork=0 lmtp cmd="lmtpproxyd" listen="lmtp" prefork=0 maxchild=20 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081209/29920b7b/attachment.html From gary at primeexalia.com Tue Dec 9 11:32:16 2008 From: gary at primeexalia.com (Gary W. Smith) Date: Tue, 9 Dec 2008 08:32:16 -0800 Subject: murder configuration issue References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> Message-ID: <417DD550405AF84F95040DA44520C8E505191D@pxtbenexd02.pxt.primeexalia.com> CentOS 5.2 default package 2.3.7 doesn't seem to work as a front end. Downloaded FC10 (2.3.12p) and recompiled and frontend seems to be getting farther. ________________________________ From: info-cyrus-bounces+gary=primeexalia.com at lists.andrew.cmu.edu on behalf of Gary W. Smith Sent: Tue 12/9/2008 6:58 AM To: info-cyrus at lists.andrew.cmu.edu Subject: murder configuration issue Hello, I'm trying to configure murder in an existing environment. I have configured the one backend server, the master server and I'm trying to confogure the frontend server. On the frontend is where I'm running into a problem. The backends can do a ctl_mboxlist just fine. I put tcpdump on the master server and I can see them making a connection without any problem. For some reason, the frontend server kicks out an error message saing that it can't connect to the master server, yet I don't even see any traffic leaving the server or hitting the master server on port 3905. Error message: # runuser - cyrus -c ' /usr/lib/cyrus-imapd/ctl_mboxlist -m' couldn't connect to mupdate server and when the cyrus-imapd process is running these are all over the log files: Dec 9 09:56:55 mdsfe mupdate[12282]: connect(10.80.72.201) failed: Invalid argument Dec 9 09:56:55 mdsfe mupdate[12282]: couldn't connect to mupdate server Dec 9 09:56:55 mdsfe mupdate[12282]: retrying connection to mupdate server in 20 seconds In the imapd.conf file I have: configdirectory: /var/lib/imap partition-default: /var/spool/imap admins: cyrus root mupdate_authname: murder #mupdate_username: murder mupdate_password: mypass mupdate_server: 10.80.72.201 mupdate_port: 3905 mds01_mechs: PLAIN mds01_password: mypass proxy_authname: murder sasl_pwcheck_method: saslauthd allowplaintext: yes sasl_mech_list: PLAIN sasl_minimum_layer: 0 tls_ca_file: /etc/imap/rapidssl_01.cer tls_cert_file: /etc/imap/imap.crt tls_key_file: /etc/imap/imap.pem In the cyrus.conf I have: mupdate cmd="mupdate" listen=3905 prefork=1 imap cmd="proxyd" listen="imap" prefork=0 imaps cmd="proxyd -s" listen="imaps" prefork=0 pop3 cmd="pop3d" listen="pop3" prefork=0 pop3s cmd="pop3d -s" listen="pop3s" prefork=0 sieve cmd="timsieved" listen="sieve" prefork=0 lmtp cmd="lmtpproxyd" listen="lmtp" prefork=0 maxchild=20 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081209/8ed2bf61/attachment.html From wes at umich.edu Tue Dec 9 14:00:36 2008 From: wes at umich.edu (Wesley Craig) Date: Tue, 9 Dec 2008 14:00:36 -0500 Subject: murder configuration issue In-Reply-To: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> Message-ID: <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> On 09 Dec 2008, at 09:58, Gary W. Smith wrote: > Dec 9 09:56:55 mdsfe mupdate[12282]: connect(10.80.72.201) failed: > Invalid argument Perhaps an IPv4 vs IPv6 problem? :wes From wes at umich.edu Tue Dec 9 14:26:56 2008 From: wes at umich.edu (Wesley Craig) Date: Tue, 9 Dec 2008 14:26:56 -0500 Subject: Murder + Sieve + multiple backends problem In-Reply-To: <20081202165443.31ec5f86@il007.idmt.fraunhofer.de> References: <20081201161147.1fc4c3d2@il007.idmt.fraunhofer.de> <49340024.7010108@onlight.com> <23EFC1C1-068D-4C3F-BA55-721687F5D1FC@umich.edu> <49341C52.5080107@SiriusIT.co.uk> <20081202165443.31ec5f86@il007.idmt.fraunhofer.de> Message-ID: On 02 Dec 2008, at 10:54, Juergen Wolf wrote: > The mlookup > thing is indeed very simple and already working. The cmd_append() part > is a bit tricky tho, as the LMTPD does not have any imap connection to > the backend as far as I see. I guess LMTP will be the wrong way to > transport the mail to the right backend server. Right, you'd want an IMAP connection, I would think. > + /* Mailbox not existent, and murder setup ? */ > + if (r == IMAP_MAILBOX_NONEXISTENT && config_mupdate_server) { > + /* check the mupdate master */ You don't really want to talk to the mupdate master. You want to look in the local mailboxes.db (this only works in a unified murder, obviously). If you look at cmd_append() in imapd.c, you see mlookup() used to obtain mailbox information. sieve_fileinto() in lmtp_sieve.c is structurally similar: it internalizes the mailbox, and then delivers it. The deliver_mailbox() in lmtpd.c is just an append, just like cmd_append() is! At least the part after: /* local mailbox */ in cmd_append() is analogous to the append code in deliver_mailbox (). The portion of cmd_append() that's missing from deliver_mailbox () is the first bit: if (!r && (mbtype & MBTYPE_REMOTE)) { /* remote mailbox */ struct backend *s = NULL; ... s = proxy_findserver(newserver, &imap_protocol, proxy_userid, &backend_cached, &backend_current, &backend_inbox, imapd_in); if (!s) r = IMAP_SERVER_UNAVAILABLE; if (!r) { int is_active = 1; s->context = (void*) &is_active; if (imapd_mailbox) { prot_printf(s->out, "%s Localappend {" SIZE_T_FMT "+}\r\n%s" " {" SIZE_T_FMT "+}\r\n%s ", tag, strlen(name), name, strlen(imapd_mailbox->name), imapd_mailbox->name); } else { prot_printf(s->out, "%s Localappend {" SIZE_T_FMT "+}\r\n%s" " {" SIZE_T_FMT "+}\r\n%s ", tag, strlen(name), name, 0, ""); } if (!(r = pipe_command(s, 16384))) { pipe_including_tag(s, tag, 0); } s->context = NULL; } else { eatline(imapd_in, prot_getc(imapd_in)); } if (r) { prot_printf(imapd_out, "%s NO %s\r\n", tag, prot_error(imapd_in) ? prot_error(imapd_in) : error_message(r)); } return; } Obviously, it would need a little work to merge this in, but I think it's pretty trivial. :wes From gary at primeexalia.com Tue Dec 9 15:04:55 2008 From: gary at primeexalia.com (Gary W. Smith) Date: Tue, 9 Dec 2008 12:04:55 -0800 Subject: murder configuration issue References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> Message-ID: <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> I updated to the FC10 package and now it seems to be working better. On the backend I can see the mailboxes that are synching with the master, but the front end doesn't seem to be pulling the information. That is, it connects, I can see that in the log on the master, and says it pulls the mailbox data but when I connect via pop3 it says that it can't find the mailbox. I'm probably just missing something minor at this point. I'm going to down everything and resync a little later to see if that cures my wows. Gary ________________________________ From: Wesley Craig [mailto:wes at umich.edu] Sent: Tue 12/9/2008 11:00 AM To: Gary W. Smith Cc: info-cyrus at lists.andrew.cmu.edu Subject: Re: murder configuration issue On 09 Dec 2008, at 09:58, Gary W. Smith wrote: > Dec 9 09:56:55 mdsfe mupdate[12282]: connect(10.80.72.201) failed: > Invalid argument Perhaps an IPv4 vs IPv6 problem? :wes -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081209/a4382863/attachment.html From wes at umich.edu Tue Dec 9 15:36:01 2008 From: wes at umich.edu (Wesley Craig) Date: Tue, 9 Dec 2008 15:36:01 -0500 Subject: murder configuration issue In-Reply-To: <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> Message-ID: On 09 Dec 2008, at 15:04, Gary W. Smith wrote: > I updated to the FC10 package and now it seems to be working > better. On the backend I can see the mailboxes that are synching > with the master, but the front end doesn't seem to be pulling the > information. That is, it connects, I can see that in the log on > the master, and says it pulls the mailbox data but when I connect > via pop3 it says that it can't find the mailbox. I'm probably just > missing something minor at this point. I'm going to down > everything and resync a little later to see if that cures my wows. Does ctl_mboxlist -d on the frontend show mailboxes? :wes From gary at primeexalia.com Tue Dec 9 15:37:46 2008 From: gary at primeexalia.com (Gary W. Smith) Date: Tue, 9 Dec 2008 12:37:46 -0800 Subject: murder configuration issue References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> Message-ID: <417DD550405AF84F95040DA44520C8E505191F@pxtbenexd02.pxt.primeexalia.com> No it does not. This is what shows in the master server log: Dec 9 15:37:17 mdr01 mupdate[14222]: accepted connection Dec 9 15:37:18 mdr01 mupdate[14222]: login: mdsfe [10.80.72.205] murder PLAIN User logged in On the Front End I get nothing in the log file. doing a tcpdump on port 3905, I can see then communicating (which I didn't see under 2.3.7 -- CentOS default version). I think I'm almost there. I've blown away the /var/lib/imap/mailboxes.db file and ran "runuser - cyrus -c ' /usr/lib/cyrus-imapd/ctl_mboxlist -m' " but that only created a 144 byte db file (still no mailboxes when I do a dump). Gary ________________________________ From: Wesley Craig [mailto:wes at umich.edu] Sent: Tue 12/9/2008 12:36 PM To: Gary W. Smith Cc: info-cyrus at lists.andrew.cmu.edu Subject: Re: murder configuration issue On 09 Dec 2008, at 15:04, Gary W. Smith wrote: > I updated to the FC10 package and now it seems to be working > better. On the backend I can see the mailboxes that are synching > with the master, but the front end doesn't seem to be pulling the > information. That is, it connects, I can see that in the log on > the master, and says it pulls the mailbox data but when I connect > via pop3 it says that it can't find the mailbox. I'm probably just > missing something minor at this point. I'm going to down > everything and resync a little later to see if that cures my wows. Does ctl_mboxlist -d on the frontend show mailboxes? :wes -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081209/7e106262/attachment.html From demarco at maya.com Tue Dec 9 16:08:09 2008 From: demarco at maya.com (Christopher DeMarco) Date: Tue, 9 Dec 2008 16:08:09 -0500 Subject: Easy bug: undocumented option "sasl_saslauthd_path" to imapd Message-ID: <20081209210809.GA20765@owl.prv.maya.com> imapd.conf will accept an option: sasl_saslauthd_path: /var/spool/postfix/var/run/saslauthd/mux instructing it to connect to the saslauthd socket in a non-standard location (usually /var/run). This is very useful if e.g. you're running Postfix in a chroot. A recursive grep for ``sasl_saslauthd_path'' in the source yields no occurances of this option anywhere! It should at least be in the imapd.conf or imapd manpages, correct? -- Christopher DeMarco IT Director MAYA Group +1-412-708-9660 From gary at primeexalia.com Tue Dec 9 16:28:06 2008 From: gary at primeexalia.com (Gary W. Smith) Date: Tue, 9 Dec 2008 13:28:06 -0800 Subject: murder configuration issue References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com><3B5E8BFE-5E46-452C-936A-569822312718@umich.edu><417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E505191F@pxtbenexd02.pxt.primeexalia.com> Message-ID: <417DD550405AF84F95040DA44520C8E5051920@pxtbenexd02.pxt.primeexalia.com> Added cyrus and root, now frontend is pulling mailboxes. mupdate_admins: murder cyrus root ________________________________ From: info-cyrus-bounces+gary=primeexalia.com at lists.andrew.cmu.edu on behalf of Gary W. Smith Sent: Tue 12/9/2008 12:37 PM To: Wesley Craig Cc: info-cyrus at lists.andrew.cmu.edu Subject: RE: murder configuration issue No it does not. This is what shows in the master server log: Dec 9 15:37:17 mdr01 mupdate[14222]: accepted connection Dec 9 15:37:18 mdr01 mupdate[14222]: login: mdsfe [10.80.72.205] murder PLAIN User logged in On the Front End I get nothing in the log file. doing a tcpdump on port 3905, I can see then communicating (which I didn't see under 2.3.7 -- CentOS default version). I think I'm almost there. I've blown away the /var/lib/imap/mailboxes.db file and ran "runuser - cyrus -c ' /usr/lib/cyrus-imapd/ctl_mboxlist -m' " but that only created a 144 byte db file (still no mailboxes when I do a dump). Gary ________________________________ From: Wesley Craig [mailto:wes at umich.edu] Sent: Tue 12/9/2008 12:36 PM To: Gary W. Smith Cc: info-cyrus at lists.andrew.cmu.edu Subject: Re: murder configuration issue On 09 Dec 2008, at 15:04, Gary W. Smith wrote: > I updated to the FC10 package and now it seems to be working > better. On the backend I can see the mailboxes that are synching > with the master, but the front end doesn't seem to be pulling the > information. That is, it connects, I can see that in the log on > the master, and says it pulls the mailbox data but when I connect > via pop3 it says that it can't find the mailbox. I'm probably just > missing something minor at this point. I'm going to down > everything and resync a little later to see if that cures my wows. Does ctl_mboxlist -d on the frontend show mailboxes? :wes -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081209/91e0506a/attachment-0001.html From brong at fastmail.fm Tue Dec 9 18:36:56 2008 From: brong at fastmail.fm (Bron Gondwana) Date: Wed, 10 Dec 2008 10:36:56 +1100 Subject: Another cache bug! Message-ID: <1228865816.22867.1289197119@webmail.messagingengine.com> Wow, this is the thanks I get for doing sanity checks on files, find more bugs! This one is due to delayed expunge, plain and simple. Cyrus decides what cache records to copy during an IMAP COPY command by reading the cache offsets for msgno and msgno+1 (or the end of the cache file if it's the last msgno). Obviously if some intervening messages have already been deleted from the cyrus.index then it will be copying all those cache records as well to the destination folder. Oops. The attached patch reworks mailbox_cache_size into two functions, the second being mailbox_cache_size_detail that takes memory locations for the cache mmap rather than a mailbox object (because imapd doesn't update the locations in the object correctly according to my testing, *sigh*. Gotta love global variables) It then uses mailbox_cache_size_detail to calculate the ACTUAL record length for this single cache item rather than blindly copying everything up to the next index record's pointer. Also note: in the event of cache corruption, mailbox_cache_size_detail returns zero bytes, which correctly makes append_copy re-parse the message file. It's all shiny :) Wes/Ken - please apply to CVS :) Thanks, Bron. -- Bron Gondwana brong at fastmail.fm -------------- next part -------------- A non-text attachment was scrubbed... Name: cyrus-copy-cachelen-2.3.13.diff Type: text/x-patch Size: 3530 bytes Desc: not available Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081210/7e67bc3c/attachment.bin From gary at primeexalia.com Tue Dec 9 19:50:57 2008 From: gary at primeexalia.com (Gary W. Smith) Date: Tue, 9 Dec 2008 16:50:57 -0800 Subject: murder configuration issue final stretch References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> Message-ID: <417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com> Wesley, I'm on the final stretch. I have mailboxes seen at all angles. If I telnet to the frontend I can see the backend mailboxes on both servers. Yay. The problem now is delivery. I tried setting up lmtpproxyd but I get some errors and the email gets queued up on the frontend server. This is fine for now while we have the mail going to the proper places on the backend but going forward we will need to be able to deliver via the frontend (or murder server). on the frontend: /etc/cyrus.conf lmtp cmd="lmtpproxyd" listen="/var/lib/imap/socket/lmtp" prefork=0 /var/lib/imap/socket srwxrwxrwx 1 root root 0 Dec 9 19:38 lmtp mailq contains: (host mdsfe[/var/lib/imap/socket/lmtp] said: 451 4.4.3 Remote server unavailable (in reply to end of DATA command)) Please correct me if I'm wrong but my understanding is that lmtp will be used to deliver the message from the frontend to the backend (thus bypassing postfix in this case). When I do a netstat -atunep on the backend server, I don't see the lmtp port open. I would assume that this could be part of the problem. On the backend servers, we have this line in the /etc/cyrus.conf lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1 I've also tried lmtp cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1 (with prefork 0 and 1 -- example show zero). Any ideas on how to resolve this part? Or better question, what am I missing (besides a few screws). Gary ________________________________ From: Wesley Craig [mailto:wes at umich.edu] Sent: Tue 12/9/2008 12:36 PM To: Gary W. Smith Cc: info-cyrus at lists.andrew.cmu.edu Subject: Re: murder configuration issue On 09 Dec 2008, at 15:04, Gary W. Smith wrote: > I updated to the FC10 package and now it seems to be working > better. On the backend I can see the mailboxes that are synching > with the master, but the front end doesn't seem to be pulling the > information. That is, it connects, I can see that in the log on > the master, and says it pulls the mailbox data but when I connect > via pop3 it says that it can't find the mailbox. I'm probably just > missing something minor at this point. I'm going to down > everything and resync a little later to see if that cures my wows. Does ctl_mboxlist -d on the frontend show mailboxes? :wes -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081209/0c981bd5/attachment.html From morgan at orst.edu Tue Dec 9 20:32:29 2008 From: morgan at orst.edu (Andrew Morgan) Date: Tue, 9 Dec 2008 17:32:29 -0800 (PST) Subject: murder configuration issue final stretch In-Reply-To: <417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com> References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com> Message-ID: On Tue, 9 Dec 2008, Gary W. Smith wrote: > Wesley, > > I'm on the final stretch. I have mailboxes seen at all angles. If I telnet to the frontend I can see the backend mailboxes on both servers. Yay. The problem now is delivery. I tried setting up lmtpproxyd but I get some errors and the email gets queued up on the frontend server. This is fine for now while we have the mail going to the proper places on the backend but going forward we will need to be able to deliver via the frontend (or murder server). > > on the frontend: > /etc/cyrus.conf > lmtp cmd="lmtpproxyd" listen="/var/lib/imap/socket/lmtp" prefork=0 > > /var/lib/imap/socket > srwxrwxrwx 1 root root 0 Dec 9 19:38 lmtp > > mailq contains: > (host mdsfe[/var/lib/imap/socket/lmtp] said: 451 4.4.3 Remote server unavailable (in reply to end of DATA command)) > > Please correct me if I'm wrong but my understanding is that lmtp will be used to deliver the message from the frontend to the backend (thus bypassing postfix in this case). When I do a netstat -atunep on the backend server, I don't see the lmtp port open. I would assume that this could be part of the problem. > > On the backend servers, we have this line in the /etc/cyrus.conf > > lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1 > I've also tried > lmtp cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1 (with prefork 0 and 1 -- example show zero). That should probably be: lmtp cmd="lmtpd" listen="lmtp" prefork=1 maxchild=100 You want one of them to listen on the lmtp network socket, rather than both listening on the lmtp unix socket. Andy From gary at primeexalia.com Tue Dec 9 21:22:33 2008 From: gary at primeexalia.com (Gary W. Smith) Date: Tue, 9 Dec 2008 18:22:33 -0800 Subject: murder configuration issue final stretch References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com> Message-ID: <417DD550405AF84F95040DA44520C8E5051923@pxtbenexd02.pxt.primeexalia.com> Andrew, Made the change on the backend server. Now is complains that remote server is unavailable and the corresponding log on the backend is saying "badlogin: 10.80.72.205 PLAIN SASL(-13): authentication failure: Password verification failed". At least they are talking now. I tried it with _mechs: PLAIN but when I do that I can't connect to the backend boxes from the frontend using telnet #mds01_mechs: PLAIN mds01_password: mypassword On the backend I have: proxyservers: murder and I set the password with both saslpasswd -c murder and passwd as well. Gary ________________________________ From: Andrew Morgan [mailto:morgan at orst.edu] Sent: Tue 12/9/2008 5:32 PM To: Gary W. Smith Cc: Wesley Craig; info-cyrus at lists.andrew.cmu.edu Subject: RE: murder configuration issue final stretch On Tue, 9 Dec 2008, Gary W. Smith wrote: > Wesley, > > I'm on the final stretch. I have mailboxes seen at all angles. If I telnet to the frontend I can see the backend mailboxes on both servers. Yay. The problem now is delivery. I tried setting up lmtpproxyd but I get some errors and the email gets queued up on the frontend server. This is fine for now while we have the mail going to the proper places on the backend but going forward we will need to be able to deliver via the frontend (or murder server). > > on the frontend: > /etc/cyrus.conf > lmtp cmd="lmtpproxyd" listen="/var/lib/imap/socket/lmtp" prefork=0 > > /var/lib/imap/socket > srwxrwxrwx 1 root root 0 Dec 9 19:38 lmtp > > mailq contains: > (host mdsfe[/var/lib/imap/socket/lmtp] said: 451 4.4.3 Remote server unavailable (in reply to end of DATA command)) > > Please correct me if I'm wrong but my understanding is that lmtp will be used to deliver the message from the frontend to the backend (thus bypassing postfix in this case). When I do a netstat -atunep on the backend server, I don't see the lmtp port open. I would assume that this could be part of the problem. > > On the backend servers, we have this line in the /etc/cyrus.conf > > lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1 > I've also tried > lmtp cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1 (with prefork 0 and 1 -- example show zero). That should probably be: lmtp cmd="lmtpd" listen="lmtp" prefork=1 maxchild=100 You want one of them to listen on the lmtp network socket, rather than both listening on the lmtp unix socket. Andy -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081209/42754c38/attachment-0001.html From Rudy.Gevaert at UGent.be Wed Dec 10 02:11:45 2008 From: Rudy.Gevaert at UGent.be (Rudy Gevaert) Date: Wed, 10 Dec 2008 08:11:45 +0100 Subject: Easy bug: undocumented option "sasl_saslauthd_path" to imapd In-Reply-To: <20081209210809.GA20765@owl.prv.maya.com> References: <20081209210809.GA20765@owl.prv.maya.com> Message-ID: <493F6BB1.6000603@UGent.be> Christopher DeMarco wrote: > imapd.conf will accept an option: > > sasl_saslauthd_path: /var/spool/postfix/var/run/saslauthd/mux > > instructing it to connect to the saslauthd socket in a non-standard > location (usually /var/run). This is very useful if e.g. you're > running Postfix in a chroot. > > A recursive grep for ``sasl_saslauthd_path'' in the source yields no > occurances of this option anywhere! It should at least be in the > imapd.conf or imapd manpages, correct? Hi please file a bug in the bugtracker, then your remark will not be lost and will be looked at asap. Rudy -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Rudy Gevaert Rudy.Gevaert at UGent.be tel:+32 9 264 4734 Directie ICT, afd. Infrastructuur Direction ICT, Infrastructure dept. Groep Systemen Systems group Universiteit Gent Ghent University Krijgslaan 281, gebouw S9, 9000 Gent, Belgie www.UGent.be -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- From gary at primeexalia.com Wed Dec 10 02:17:35 2008 From: gary at primeexalia.com (Gary W. Smith) Date: Tue, 9 Dec 2008 23:17:35 -0800 Subject: murder configuration issue final stretch References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com> Message-ID: <417DD550405AF84F95040DA44520C8E5051925@pxtbenexd02.pxt.primeexalia.com> Andy/Wesley, First off, thanks for all of the help. I've gotten pretty far I think. I ran into a couple problems and some notes on some list groups about dead options that were shown in examples. http://garysmith.pbwiki.com/Cyrus I have put all of my configs into a wiki (broken down by server/type). The problem that I'm running into right now is that if I log into the frontend box using cyradmin (as root or cyrus) I can see mailboxes but when I go to create one on a backend server, cyradm prompts me for the password for the corresponding account on the remote machine. I'm not sure if this is by design or an issue. The other big issue is that I have lmtp configured on the frontend to forward to the backend. The lmtp process is running on the backend as I can telnet to it (telnet ip lmtp). On the backend I seem to be getting a SASL2 auth error. badlogin: 10.80.72.1 PLAIN SASL(-13): authentication failure: Password verification failed I believe this is the final problem. Now there is another crazy setting in the mix (but it shoudln't be an impact). We use pam/nss mysql. This has been working for some time and is working well on stand alone servers. I have configured it on the frontend server as well. I can login to the frontend just fine (which is a mysql account). That's my outstanding issues at this time that (as I can't get past those). The last thing that I'm looking into is autocreatequota setting. We used this on the standalone boxes and it worked well for us. When we attempt to create an account on the frontend it fails as we don't have it enabled on the frontend. When we enable it on the frontend the account is created on the frontent and attempts to delete or move (rename) fail. Is there any hope for autocreate? ________________________________ From: Andrew Morgan [mailto:morgan at orst.edu] Sent: Tue 12/9/2008 5:32 PM To: Gary W. Smith Cc: Wesley Craig; info-cyrus at lists.andrew.cmu.edu Subject: RE: murder configuration issue final stretch On Tue, 9 Dec 2008, Gary W. Smith wrote: > Wesley, > > I'm on the final stretch. I have mailboxes seen at all angles. If I telnet to the frontend I can see the backend mailboxes on both servers. Yay. The problem now is delivery. I tried setting up lmtpproxyd but I get some errors and the email gets queued up on the frontend server. This is fine for now while we have the mail going to the proper places on the backend but going forward we will need to be able to deliver via the frontend (or murder server). > > on the frontend: > /etc/cyrus.conf > lmtp cmd="lmtpproxyd" listen="/var/lib/imap/socket/lmtp" prefork=0 > > /var/lib/imap/socket > srwxrwxrwx 1 root root 0 Dec 9 19:38 lmtp > > mailq contains: > (host mdsfe[/var/lib/imap/socket/lmtp] said: 451 4.4.3 Remote server unavailable (in reply to end of DATA command)) > > Please correct me if I'm wrong but my understanding is that lmtp will be used to deliver the message from the frontend to the backend (thus bypassing postfix in this case). When I do a netstat -atunep on the backend server, I don't see the lmtp port open. I would assume that this could be part of the problem. > > On the backend servers, we have this line in the /etc/cyrus.conf > > lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1 > I've also tried > lmtp cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1 (with prefork 0 and 1 -- example show zero). That should probably be: lmtp cmd="lmtpd" listen="lmtp" prefork=1 maxchild=100 You want one of them to listen on the lmtp network socket, rather than both listening on the lmtp unix socket. Andy -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081209/69eefeb1/attachment.html From ml at awinkelmann.de Wed Dec 10 04:52:54 2008 From: ml at awinkelmann.de (Andreas Winkelmann) Date: Wed, 10 Dec 2008 10:52:54 +0100 (CET) Subject: Easy bug: undocumented option "sasl_saslauthd_path" to imapd In-Reply-To: <20081209210809.GA20765@owl.prv.maya.com> References: <20081209210809.GA20765@owl.prv.maya.com> Message-ID: > imapd.conf will accept an option: > > sasl_saslauthd_path: /var/spool/postfix/var/run/saslauthd/mux > > instructing it to connect to the saslauthd socket in a non-standard > location (usually /var/run). This is very useful if e.g. you're > running Postfix in a chroot. > > A recursive grep for ``sasl_saslauthd_path'' in the source yields no > occurances of this option anywhere! It should at least be in the > imapd.conf or imapd manpages, correct? This (saslauthd_path) is a Cyrus-SASL Option, not a Cyrus-IMAP option. If the Cyrus-SASL Library wants to resolv an Option it asks the Application first if it wants to override the Option. In Cyrus-Imap this feature is used and you can specify Cyrus-SASL Options in the Configuration File of Cyrus-IMAP. To separate these Options from the real Cyrus-IMAP Options they have to be prefixed with "sasl_". So in Cyrus-IMAP all given sasl_* Options are forwarded to Cyrus-SASL. There is no other relation for these Options in Cyrus-IMAP. I see no sense in adding documentation for each Cyrus-SASL Option to Cyrus-IMAP's Documentation. There are a lot more than mentioned in the imapd.conf Man-Page. But maybe it would be nice to have a better desciption of this handling in the man-Page. -- Andreas From gbulfon at sonicle.com Wed Dec 10 05:50:04 2008 From: gbulfon at sonicle.com (Gabriele Bulfon) Date: Wed, 10 Dec 2008 11:50:04 +0100 (CET) Subject: migrating mapi Message-ID: <24602529.44.1228906204400.JavaMail.root@www> Hi, I'm on the run to install a new cyrus imap server with 50 clients. All of them have mapi clients with their old pop account on Outlook or Express, containing all their history emails in folders. I was going to develop a mini tool to transfer mapi account folders and emails onto the imap server in Java, but it seems there is few chances to read mapi folders from Java...am I wrong? In any case, I don't need this tool do be Java at all, it's just that I write only Java for years, and I'm skilled with JavaMail. I also searched for existing tools to do this, but found none. Can you help? Thanx a lot Gabriele. Gabriele Bulfon - Sonicle S.r.l. Tel +39 028246016 Int. 30 - Fax +39 028243880 Via Felice Cavallotti 16 - 20089, Rozzano - Milano - ITALY http://www.sonicle.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081210/44d76429/attachment.html From spamtest-eir1beucei at asp4.polyformal.de Wed Dec 10 10:04:35 2008 From: spamtest-eir1beucei at asp4.polyformal.de (Stefan Pampel antispam) Date: Wed, 10 Dec 2008 16:04:35 +0100 Subject: plus addressing over lmtp not working / sam [box] anyone p set In-Reply-To: <5EAC17905F4B4C8F8E09D3954DD6B5BA@recol.us> References: <71fe4e760812012310x531d3b4as95b47f319a64c136@mail.gmail.com> <71fe4e760812022303n10a309acu98b3f6c44f702fe8@mail.gmail.com> <5EAC17905F4B4C8F8E09D3954DD6B5BA@recol.us> Message-ID: <493FDA83.4010508@asp4.polyformal.de> Hello all, thanks for you replies. ["Followup-To:" nach gmane.mail.imap.cyrus gesetzt.] Lan Tran schrieb: > From: "Alain Spineux" >> On Tue, Dec 2, 2008 at 8:59 PM, Stefan Pampel >> wrote: >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> Alain Spineux schrieb: >>> >>> Dec 2 20:44:19 asp4 postfix/smtpd[6073]: connect from >>> mail-qy0-f21.google.com[209.85.221.21] >>> Dec 2 20:44:20 asp4 postfix/smtpd[6073]: 53DEDE01D5A: >>> client=mail-qy0-f21.google.com[209.85.221.21] >>> Dec 2 20:44:20 asp4 postfix/cleanup[6076]: 53DEDE01D5A: >>> message-id= >>> Dec 2 20:44:20 asp4 postfix/qmgr[2392]: 53DEDE01D5A: >>> from=, size=2214, nrcpt=1 (queue active) >>> Dec 2 20:44:21 asp4 postfix/smtpd[6081]: connect from unknown[127.0.0.1] >>> Dec 2 20:44:21 asp4 postfix/smtpd[6081]: D0B24EF4D11: >>> client=unknown[127.0.0.1] >>> Dec 2 20:44:21 asp4 postfix/cleanup[6076]: D0B24EF4D11: >>> message-id= >>> Dec 2 20:44:21 asp4 postfix/smtpd[6081]: disconnect from >>> unknown[127.0.0.1] >>> Dec 2 20:44:21 asp4 postfix/qmgr[2392]: D0B24EF4D11: >>> from=, size=2816, nrcpt=1 (queue active) >>> Dec 2 20:44:21 asp4 cyrus/lmtpunix[6070]: accepted connection >>> Dec 2 20:44:21 asp4 cyrus/lmtpunix[6070]: lmtp connection preauth'd as >>> postman >>> Dec 2 20:44:21 asp4 cyrus/master[6083]: about to exec >>> /usr/lib/cyrus/bin/lmtpd >>> Dec 2 20:44:21 asp4 cyrus/lmtpunix[6083]: executed >>> Dec 2 20:44:21 asp4 amavis[17280]: (17280-18) Passed CLEAN, >>> [209.85.221.21] [209.85.221.21] -> , >>> Message-ID: , >>> mail_id: ggSVa5nIr8Oq, Hits: -0.001, size: 2214, queued_as: D0B24EF4D11, >>> 1298 m >>> s >>> Dec 2 20:44:21 asp4 postfix/lmtp[6077]: 53DEDE01D5A: to=, >>> orig_to=, relay=127.0.0.1 >>> [127.0.0.1]:10024, delay=1.7, delays=0.39/0/0/1.3, dsn=2.0.0, status=sent >>> (250 2.0.0 Ok, id=17280-18, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: >>> queued a >> >> HERE is the "culprit" ! postfix tell us, it got "user+spam" and give >> back "user" to [127.0.0.1]:10024 ! ok, the problem is that postfix remove the +whatever . I've done some researches on this, but actually i didn't found a solution. In case of being OT just ignore my reply, but maybe someone can give a hint on this issue. My tests: sending fom command line to port 10025 (means bypassing amavis) Return-Path: Received: from foo.org ([unix socket]) by foo.org (Cyrus v2.2.13-Debian-2.2.13-14+b3) with LMTPA; Thu, 04 Dec 2008 19:39:50 +0100 X-Sieve: CMU Sieve 2.2 Received: from unknown (unknown [127.0.0.1]) by foo.org (Postfix) with SMTP id 2EE4DEEFB3A for ; Thu, 4 Dec 2008 19:38:54 +0100 (CET) Message-Id: <20081204183941.2EE4DEEFB3A at foo.org> Date: Thu, 4 Dec 2008 19:38:54 +0100 (CET) From: to_port10025 at postfix.de To: undisclosed-recipients:; blah testing with sendmail -bv user+spam at foo.org as mentioned in http://www.postfix.org/ADDRESS_REWRITING_README.html gives, the following. Return-Path: <> Received: from foo.org ([unix socket]) by foo.org (Cyrus v2.2.13-Debian-2.2.13-14+b3) with LMTPA; Thu, 04 Dec 2008 22:56:08 +0100 X-Sieve: CMU Sieve 2.2 Received: by foo.org (Postfix) id 49719EF4D11; Thu, 4 Dec 2008 22:56:08 +0100 (CET) Date: Thu, 4 Dec 2008 22:56:08 +0100 (CET) From: MAILER-DAEMON at foo.org (Mail Delivery System) Subject: Mail Delivery Status Report To: polyformal at foo.org Auto-Submitted: auto-replied MIME-Version: 1.0 Content-Type: multipart/report; report-type=delivery-status; boundary="3B1BDEF4D13.1228427768/foo.org" Message-Id: <20081204215608.49719EF4D11 at foo.org> This is a MIME-encapsulated message. - --3B1BDEF4D13.1228427768/foo.org Content-Description: Notification Content-Type: text/plain; charset=us-ascii This is the mail system at host foo.org. Enclosed is the mail delivery report that you requested. The mail system (expanded from ): delivery via foo.org[/var/run/cyrus/socket/lmtp]: 250 2.1.5 ok - --3B1BDEF4D13.1228427768/foo.org Content-Description: Delivery report Content-Type: message/delivery-status Reporting-MTA: dns; foo.org X-Postfix-Queue-ID: 3B1BDEF4D13 X-Postfix-Sender: rfc822; polyformal at foo.org Arrival-Date: Thu, 4 Dec 2008 22:56:08 +0100 (CET) Final-Recipient: rfc822; user at foo.org Original-Recipient: rfc822; user+spam at foo.org Action: deliverable Status: 2.1.5 Remote-MTA: dns; foo.org Diagnostic-Code: smtp; 250 2.1.5 ok - --3B1BDEF4D13.1228427768/foo.org Content-Description: Message Headers Content-Type: text/rfc822-headers Received: by foo.org (Postfix, from userid 1999) id 3B1BDEF4D13; Thu, 4 Dec 2008 22:56:08 +0100 (CET) From: polyformal at foo.org Subject: probe To: user+spam at foo.org Message-Id: <20081204215608.3B1BDEF4D13 at foo.org> Date: Thu, 4 Dec 2008 22:56:08 +0100 (CET) - --3B1BDEF4D13.1228427768/foo.org-- some relevant info of my main.cf myhostname = foo.org mydomain = foo.org mydestination = localdomain, localhost, localhost.localdomain, localhost myorigin = foo.org alias_maps = hash:/etc/aliases recipient_delimiter = + parent_domain_matches_subdomains= #disable_dns_lookups = yes virtual_transport=lmtp:unix:/var/run/cyrus/socket/lmtp virtual_alias_domains = virtual_mailbox_domains = ldap:/etc/postfix/ldap-virtual_mailbox_domains.cf virtual_mailbox_maps = ldap:/etc/postfix/ldap-virtual_mailbox_maps.cf virtual_alias_maps = ldap:/etc/postfix/ldap-virtual_alias_maps.cf alias_database = hash:/etc/aliases relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 inet_interfaces = all inet_protocols = ipv4 relay_domains = smtpd_sasl_auth_enable=yes smtpd_sasl_local_domain= smtpd_sasl_security_options=noanonymous smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,permit_auth_destination,reject_unauth_destination content_filter = amavisfeed:127.0.0.1:10024 >> Does it mean amavis and postfix use LMTP protocol ? This is unusual ! >> (but this is not the probleme) just for info: even to me the lmtp transport to amavis was a new feature i read in the /usr/share/doc/amavisd-new/README.posfix.gz (Debian Lenny amavis 1:2.6.1.dfsg-1) so i tried this setup instead of tcp. Time doesn't stand still ;) But as you said, it is not the problem. > amavisd-new by default does not have plus addressing enabled. Add or > uncomment this line to amavisd.conf and reload it: > $recipient_delimiter = '+'; This is enbled in amavis. Thank you and best regards Stefan Pampel -- / polyformal / | http://www.polyformal.de / |_________________________/ From morgan at orst.edu Wed Dec 10 12:35:53 2008 From: morgan at orst.edu (Andrew Morgan) Date: Wed, 10 Dec 2008 09:35:53 -0800 (PST) Subject: murder configuration issue final stretch In-Reply-To: <417DD550405AF84F95040DA44520C8E5051925@pxtbenexd02.pxt.primeexalia.com> References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051925@pxtbenexd02.pxt.primeexalia.com> Message-ID: On Tue, 9 Dec 2008, Gary W. Smith wrote: > Andy/Wesley, > > First off, thanks for all of the help. I've gotten pretty far I think. > I ran into a couple problems and some notes on some list groups about > dead options that were shown in examples. > > http://garysmith.pbwiki.com/Cyrus > > I have put all of my configs into a wiki (broken down by server/type). > The problem that I'm running into right now is that if I log into the > frontend box using cyradmin (as root or cyrus) I can see mailboxes but > when I go to create one on a backend server, cyradm prompts me for the > password for the corresponding account on the remote machine. I'm not > sure if this is by design or an issue. > > The other big issue is that I have lmtp configured on the frontend to > forward to the backend. The lmtp process is running on the backend as I > can telnet to it (telnet ip lmtp). On the backend I seem to be getting > a SASL2 auth error. > > badlogin: 10.80.72.1 PLAIN SASL(-13): authentication failure: Password > verification failed The documentation doesn't state this, but in a murder environment all LMTP connections must be authenticated. Using the "-a" option doesn't work because then the frontend doesn't have a set of credentials for proxying. At least, that's what my testing showed. Try creating a "cyr_lmtp" (or whatever you want to call it) user on both your backends and frontends. Then add the following: On backends: lmtp_admins: cyr_lmtp murder On frontends: lmtp_admins: cyr_lmtp Then make sure your MTA is authenticating as cyr_lmtp when it connects to the Cyrus lmtpd. Andy From wes at umich.edu Wed Dec 10 14:16:07 2008 From: wes at umich.edu (Wesley Craig) Date: Wed, 10 Dec 2008 14:16:07 -0500 Subject: Easy bug: undocumented option "sasl_saslauthd_path" to imapd In-Reply-To: References: <20081209210809.GA20765@owl.prv.maya.com> Message-ID: <82DE9A4B-E8CC-4F3D-AC66-E991150AE56C@umich.edu> Please add your comments and concerns to this entry: https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=3115 :wes From davidk at cs.umass.edu Wed Dec 10 14:31:36 2008 From: davidk at cs.umass.edu (David Korpiewski) Date: Wed, 10 Dec 2008 14:31:36 -0500 Subject: Trying to get Sieve working Message-ID: <49401918.5050009@cs.umass.edu> This is a very odd problem that I can't seem to dig up much information on. I think the problem itself is very simple, I just don't know how to rectify it: I am trying to set of Sieve filtering on a 10.5.4 OSX mail Server. However, when I turn on the mail server, timsieved is never running! In the logs I get: "nodename nor servname provided, or not known, disabling sieve" At startup when I bring up the mail server (serveradmin start mail). I don't understand what is missing to get sieve running. Does anyone know? The error "nodename nor servname provided" is a very common error having to do with the "getaddrinfo". Any help would be wonderful and very much appreciated. Thank you David -- =========================================== David Korpiewski Software Specialist I CSCF - Computer Science Computing Facility Department of Computer Science Phone: 413-545-4319 Fax: 413-577-2285 =========================================== From nic at onlight.com Wed Dec 10 14:43:02 2008 From: nic at onlight.com (Nic Bernstein) Date: Wed, 10 Dec 2008 13:43:02 -0600 Subject: Trying to get Sieve working In-Reply-To: <49401918.5050009@cs.umass.edu> References: <49401918.5050009@cs.umass.edu> Message-ID: <49401BC6.4020803@onlight.com> Does your /etc/services file have an entry for sieve? Mine (FreeBSD 7) is : sieve 2000/tcp Of course yours should refer to whichever port you are using (typically 2000). Cheers, -nic David Korpiewski wrote: > This is a very odd problem that I can't seem to dig up much information > on. I think the problem itself is very simple, I just don't know how to > rectify it: > > I am trying to set of Sieve filtering on a 10.5.4 OSX mail Server. > However, when I turn on the mail server, timsieved is never running! In > the logs I get: > > "nodename nor servname provided, or not known, disabling sieve" > > At startup when I bring up the mail server (serveradmin start mail). > > > I don't understand what is missing to get sieve running. Does anyone know? > > The error "nodename nor servname provided" is a very common error having > to do with the "getaddrinfo". > > Any help would be wonderful and very much appreciated. > Thank you > David > -- Nic Bernstein nic at onlight.com Onlight llc. www.onlight.com 2266 North Prospect Avenue #610 v. 414.272.4477 Milwaukee, Wisconsin 53202-6306 f. 414.290.0335 From davidk at cs.umass.edu Wed Dec 10 14:51:00 2008 From: davidk at cs.umass.edu (David Korpiewski) Date: Wed, 10 Dec 2008 14:51:00 -0500 Subject: Trying to get Sieve working In-Reply-To: <49401BC6.4020803@onlight.com> References: <49401918.5050009@cs.umass.edu> <49401BC6.4020803@onlight.com> Message-ID: <49401DA4.90303@cs.umass.edu> That was my problem. I had "timsieved 2000/tcp" instead of just "sieve 2000/tcp". I fixed that and now it runs properly. Thank you for your help! David Nic Bernstein wrote: > Does your /etc/services file have an entry for sieve? Mine (FreeBSD 7) is : > sieve 2000/tcp > > Of course yours should refer to whichever port you are using (typically > 2000). > > Cheers, > -nic > > David Korpiewski wrote: >> This is a very odd problem that I can't seem to dig up much information >> on. I think the problem itself is very simple, I just don't know how to >> rectify it: >> >> I am trying to set of Sieve filtering on a 10.5.4 OSX mail Server. >> However, when I turn on the mail server, timsieved is never running! In >> the logs I get: >> >> "nodename nor servname provided, or not known, disabling sieve" >> >> At startup when I bring up the mail server (serveradmin start mail). >> >> >> I don't understand what is missing to get sieve running. Does anyone know? >> >> The error "nodename nor servname provided" is a very common error having >> to do with the "getaddrinfo". >> >> Any help would be wonderful and very much appreciated. >> Thank you >> David >> > > -- =========================================== David Korpiewski Software Specialist I CSCF - Computer Science Computing Facility Department of Computer Science Phone: 413-545-4319 Fax: 413-577-2285 =========================================== From aspineux at gmail.com Thu Dec 11 02:15:02 2008 From: aspineux at gmail.com (Alain Spineux) Date: Thu, 11 Dec 2008 08:15:02 +0100 Subject: plus addressing over lmtp not working / sam [box] anyone p set In-Reply-To: <493FDA83.4010508@asp4.polyformal.de> References: <71fe4e760812012310x531d3b4as95b47f319a64c136@mail.gmail.com> <71fe4e760812022303n10a309acu98b3f6c44f702fe8@mail.gmail.com> <5EAC17905F4B4C8F8E09D3954DD6B5BA@recol.us> <493FDA83.4010508@asp4.polyformal.de> Message-ID: <71fe4e760812102315h384fef52v2bae96d63efca0d4@mail.gmail.com> On Wed, Dec 10, 2008 at 4:04 PM, Stefan Pampel antispam wrote: > Hello all, > > thanks for you replies. > > ["Followup-To:" nach gmane.mail.imap.cyrus gesetzt.] > Lan Tran schrieb: >> From: "Alain Spineux" >>> On Tue, Dec 2, 2008 at 8:59 PM, Stefan Pampel >>> wrote: >>>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: SHA1 >>>> >>>> Alain Spineux schrieb: >>>> >>>> Dec 2 20:44:19 asp4 postfix/smtpd[6073]: connect from >>>> mail-qy0-f21.google.com[209.85.221.21] >>>> Dec 2 20:44:20 asp4 postfix/smtpd[6073]: 53DEDE01D5A: >>>> client=mail-qy0-f21.google.com[209.85.221.21] >>>> Dec 2 20:44:20 asp4 postfix/cleanup[6076]: 53DEDE01D5A: >>>> message-id= >>>> Dec 2 20:44:20 asp4 postfix/qmgr[2392]: 53DEDE01D5A: >>>> from=, size=2214, nrcpt=1 (queue active) >>>> Dec 2 20:44:21 asp4 postfix/smtpd[6081]: connect from > unknown[127.0.0.1] >>>> Dec 2 20:44:21 asp4 postfix/smtpd[6081]: D0B24EF4D11: >>>> client=unknown[127.0.0.1] >>>> Dec 2 20:44:21 asp4 postfix/cleanup[6076]: D0B24EF4D11: >>>> message-id= >>>> Dec 2 20:44:21 asp4 postfix/smtpd[6081]: disconnect from >>>> unknown[127.0.0.1] >>>> Dec 2 20:44:21 asp4 postfix/qmgr[2392]: D0B24EF4D11: >>>> from=, size=2816, nrcpt=1 (queue active) >>>> Dec 2 20:44:21 asp4 cyrus/lmtpunix[6070]: accepted connection >>>> Dec 2 20:44:21 asp4 cyrus/lmtpunix[6070]: lmtp connection preauth'd as >>>> postman >>>> Dec 2 20:44:21 asp4 cyrus/master[6083]: about to exec >>>> /usr/lib/cyrus/bin/lmtpd >>>> Dec 2 20:44:21 asp4 cyrus/lmtpunix[6083]: executed >>>> Dec 2 20:44:21 asp4 amavis[17280]: (17280-18) Passed CLEAN, >>>> [209.85.221.21] [209.85.221.21] -> , >>>> Message-ID: > , >>>> mail_id: ggSVa5nIr8Oq, Hits: -0.001, size: 2214, queued_as: > D0B24EF4D11, >>>> 1298 m >>>> s >>>> Dec 2 20:44:21 asp4 postfix/lmtp[6077]: 53DEDE01D5A: > to=, >>>> orig_to=, relay=127.0.0.1 >>>> [127.0.0.1]:10024, delay=1.7, delays=0.39/0/0/1.3, dsn=2.0.0, > status=sent >>>> (250 2.0.0 Ok, id=17280-18, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: >>>> queued a >>> >>> HERE is the "culprit" ! postfix tell us, it got "user+spam" and give >>> back "user" to [127.0.0.1]:10024 ! > > ok, the problem is that postfix remove the +whatever . I've done some > researches on this, but actually i didn't found a solution. In case of > being OT just ignore my reply, but maybe someone can give a hint on this > issue. I dont see nothing wrong in your main.cf Can you post your master.cf ? You will get a better answer on the postfix mailing list :-) > > My tests: > sending fom command line to port 10025 (means bypassing amavis) > > > Return-Path: > Received: from foo.org ([unix socket]) > by foo.org (Cyrus v2.2.13-Debian-2.2.13-14+b3) with LMTPA; > Thu, 04 Dec 2008 19:39:50 +0100 > X-Sieve: CMU Sieve 2.2 > Received: from unknown (unknown [127.0.0.1]) > by foo.org (Postfix) with SMTP id 2EE4DEEFB3A > for ; Thu, 4 Dec 2008 19:38:54 +0100 (CET) > Message-Id: <20081204183941.2EE4DEEFB3A at foo.org> > Date: Thu, 4 Dec 2008 19:38:54 +0100 (CET) > From: to_port10025 at postfix.de > To: undisclosed-recipients:; > > blah > > > testing with > > sendmail -bv user+spam at foo.org > > as mentioned in http://www.postfix.org/ADDRESS_REWRITING_README.html > gives, the following. > > Return-Path: <> > Received: from foo.org ([unix socket]) > by foo.org (Cyrus v2.2.13-Debian-2.2.13-14+b3) with LMTPA; > Thu, 04 Dec 2008 22:56:08 +0100 > X-Sieve: CMU Sieve 2.2 > Received: by foo.org (Postfix) > id 49719EF4D11; Thu, 4 Dec 2008 22:56:08 +0100 (CET) > Date: Thu, 4 Dec 2008 22:56:08 +0100 (CET) > From: MAILER-DAEMON at foo.org (Mail Delivery System) > Subject: Mail Delivery Status Report > To: polyformal at foo.org > Auto-Submitted: auto-replied > MIME-Version: 1.0 > Content-Type: multipart/report; report-type=delivery-status; > boundary="3B1BDEF4D13.1228427768/foo.org" > Message-Id: <20081204215608.49719EF4D11 at foo.org> > > This is a MIME-encapsulated message. > > - --3B1BDEF4D13.1228427768/foo.org > Content-Description: Notification > Content-Type: text/plain; charset=us-ascii > > This is the mail system at host foo.org. > > Enclosed is the mail delivery report that you requested. > > The mail system > > (expanded from > ): delivery via > foo.org[/var/run/cyrus/socket/lmtp]: 250 2.1.5 ok > > - --3B1BDEF4D13.1228427768/foo.org > Content-Description: Delivery report > Content-Type: message/delivery-status > > Reporting-MTA: dns; foo.org > X-Postfix-Queue-ID: 3B1BDEF4D13 > X-Postfix-Sender: rfc822; polyformal at foo.org > Arrival-Date: Thu, 4 Dec 2008 22:56:08 +0100 (CET) > > Final-Recipient: rfc822; user at foo.org > Original-Recipient: rfc822; user+spam at foo.org > Action: deliverable > Status: 2.1.5 > Remote-MTA: dns; foo.org > Diagnostic-Code: smtp; 250 2.1.5 ok > > - --3B1BDEF4D13.1228427768/foo.org > Content-Description: Message Headers > Content-Type: text/rfc822-headers > > Received: by foo.org (Postfix, from userid 1999) > id 3B1BDEF4D13; Thu, 4 Dec 2008 22:56:08 +0100 (CET) > From: polyformal at foo.org > Subject: probe > To: > user+spam at foo.org > Message-Id: <20081204215608.3B1BDEF4D13 at foo.org> > Date: Thu, 4 Dec 2008 22:56:08 +0100 (CET) > > - --3B1BDEF4D13.1228427768/foo.org-- > > > > some relevant info of my main.cf > > > myhostname = foo.org > mydomain = foo.org > mydestination = localdomain, localhost, localhost.localdomain, localhost > myorigin = foo.org > alias_maps = hash:/etc/aliases > > recipient_delimiter = + > > parent_domain_matches_subdomains= > > #disable_dns_lookups = yes > > virtual_transport=lmtp:unix:/var/run/cyrus/socket/lmtp > virtual_alias_domains = > virtual_mailbox_domains = ldap:/etc/postfix/ldap-virtual_mailbox_domains.cf > virtual_mailbox_maps = ldap:/etc/postfix/ldap-virtual_mailbox_maps.cf > virtual_alias_maps = ldap:/etc/postfix/ldap-virtual_alias_maps.cf > > alias_database = hash:/etc/aliases > relayhost = > mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 > mailbox_size_limit = 0 > inet_interfaces = all > inet_protocols = ipv4 > > relay_domains = > smtpd_sasl_auth_enable=yes > smtpd_sasl_local_domain= > smtpd_sasl_security_options=noanonymous > smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated > smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,permit_auth_destination,reject_unauth_destination > > content_filter = amavisfeed:127.0.0.1:10024 > > > > >>> Does it mean amavis and postfix use LMTP protocol ? This is unusual ! >>> (but this is not the probleme) > > just for info: even to me the lmtp transport to amavis was a new feature > i read in the /usr/share/doc/amavisd-new/README.posfix.gz (Debian Lenny > amavis > 1:2.6.1.dfsg-1) so i tried this setup instead of tcp. Time doesn't stand > still ;) > But as you said, it is not the problem. > >> amavisd-new by default does not have plus addressing enabled. Add or >> uncomment this line to amavisd.conf and reload it: >> $recipient_delimiter = '+'; > > This is enbled in amavis. > > Thank you and best regards > > Stefan Pampel > > -- > / polyformal / > | http://www.polyformal.de / > |_________________________/ > ---- > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > -- Alain Spineux aspineux gmail com May the sources be with you From ml at awinkelmann.de Thu Dec 11 10:29:04 2008 From: ml at awinkelmann.de (Andreas Winkelmann) Date: Thu, 11 Dec 2008 16:29:04 +0100 (CET) Subject: murder configuration issue final stretch In-Reply-To: <417DD550405AF84F95040DA44520C8E5051925@pxtbenexd02.pxt.primeexalia.co m> References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051925@pxtbenexd02.pxt.primeexalia.com> Message-ID: <66e3d4af0efea7166e1f8946743c4bcd.squirrel@a-angels.ath.cx> > First off, thanks for all of the help. I've gotten pretty far I think. I > ran into a couple problems and some notes on some list groups about dead > options that were shown in examples. > > http://garysmith.pbwiki.com/Cyrus > > I have put all of my configs into a wiki (broken down by server/type). > The problem that I'm running into right now is that if I log into the > frontend box using cyradmin (as root or cyrus) I can see mailboxes but > when I go to create one on a backend server, cyradm prompts me for the > password for the corresponding account on the remote machine. I'm not > sure if this is by design or an issue. > > The other big issue is that I have lmtp configured on the frontend to > forward to the backend. The lmtp process is running on the backend as I > can telnet to it (telnet ip lmtp). On the backend I seem to be getting a > SASL2 auth error. > > badlogin: 10.80.72.1 PLAIN SASL(-13): authentication failure: Password > verification failed Did you test LMTP-Authentication at the Backend? Looks like a SASL-Configuration Issue. How did you configure SASL/saslauthd? Check if proxy_authname with *_password from the Frontend Configuration is able to login via LMTP. Maybe you are using pam and should configure the file for lmtp as well as for imap. > I believe this is the final problem. Now there is another crazy setting > in the mix (but it shoudln't be an impact). We use pam/nss mysql. This > has been working for some time and is working well on stand alone servers. > I have configured it on the frontend server as well. I can login to the > frontend just fine (which is a mysql account). > > That's my outstanding issues at this time that (as I can't get past > those). > > The last thing that I'm looking into is autocreatequota setting. We used > this on the standalone boxes and it worked well for us. When we attempt > to create an account on the frontend it fails as we don't have it enabled > on the frontend. When we enable it on the frontend the account is created > on the frontent and attempts to delete or move (rename) fail. Is there > any hope for autocreate? -- Andreas From gary at primeexalia.com Thu Dec 11 10:53:39 2008 From: gary at primeexalia.com (Gary W. Smith) Date: Thu, 11 Dec 2008 07:53:39 -0800 Subject: murder configuration issue final stretch References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com><3B5E8BFE-5E46-452C-936A-569822312718@umich.edu><417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com><417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com><417DD550405AF84F95040DA44520C8E5051925@pxtbenexd02.pxt.primeexalia.com> <66e3d4af0efea7166e1f8946743c4bcd.squirrel@a-angels.ath.cx> Message-ID: <417DD550405AF84F95040DA44520C8E505192A@pxtbenexd02.pxt.primeexalia.com> This makes sense. I won't have any time until sunday to do any more testing but we are using pam and I didn't think to check to make sure that /etc/pam.d/lmtp was configured the same was as imap. Quick question. Is there a way to test lmtp via something like telnet (as you would do with smtp)? ________________________________ From: info-cyrus-bounces+gary=primeexalia.com at lists.andrew.cmu.edu on behalf of Andreas Winkelmann Sent: Thu 12/11/2008 7:29 AM To: info-cyrus at lists.andrew.cmu.edu Subject: RE: murder configuration issue final stretch > First off, thanks for all of the help. I've gotten pretty far I think. I > ran into a couple problems and some notes on some list groups about dead > options that were shown in examples. > > http://garysmith.pbwiki.com/Cyrus > > I have put all of my configs into a wiki (broken down by server/type). > The problem that I'm running into right now is that if I log into the > frontend box using cyradmin (as root or cyrus) I can see mailboxes but > when I go to create one on a backend server, cyradm prompts me for the > password for the corresponding account on the remote machine. I'm not > sure if this is by design or an issue. > > The other big issue is that I have lmtp configured on the frontend to > forward to the backend. The lmtp process is running on the backend as I > can telnet to it (telnet ip lmtp). On the backend I seem to be getting a > SASL2 auth error. > > badlogin: 10.80.72.1 PLAIN SASL(-13): authentication failure: Password > verification failed Did you test LMTP-Authentication at the Backend? Looks like a SASL-Configuration Issue. How did you configure SASL/saslauthd? Check if proxy_authname with *_password from the Frontend Configuration is able to login via LMTP. Maybe you are using pam and should configure the file for lmtp as well as for imap. > I believe this is the final problem. Now there is another crazy setting > in the mix (but it shoudln't be an impact). We use pam/nss mysql. This > has been working for some time and is working well on stand alone servers. > I have configured it on the frontend server as well. I can login to the > frontend just fine (which is a mysql account). > > That's my outstanding issues at this time that (as I can't get past > those). > > The last thing that I'm looking into is autocreatequota setting. We used > this on the standalone boxes and it worked well for us. When we attempt > to create an account on the frontend it fails as we don't have it enabled > on the frontend. When we enable it on the frontend the account is created > on the frontent and attempts to delete or move (rename) fail. Is there > any hope for autocreate? -- Andreas ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081211/0f40c694/attachment.html From ml at awinkelmann.de Thu Dec 11 11:22:31 2008 From: ml at awinkelmann.de (Andreas Winkelmann) Date: Thu, 11 Dec 2008 17:22:31 +0100 Subject: murder configuration issue final stretch In-Reply-To: <417DD550405AF84F95040DA44520C8E505192A@pxtbenexd02.pxt.primeexalia.com> References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <66e3d4af0efea7166e1f8946743c4bcd.squirrel@a-angels.ath.cx> <417DD550405AF84F95040DA44520C8E505192A@pxtbenexd02.pxt.primeexalia.com> Message-ID: <200812111722.31689.ml@awinkelmann.de> Am Donnerstag 11 Dezember 2008 16:53:39 schrieb Gary W. Smith: > This makes sense. I won't have any time until sunday to do any more > testing but we are using pam and I didn't think to check to make sure that > /etc/pam.d/lmtp was configured the same was as imap. > > Quick question. Is there a way to test lmtp via something like telnet (as > you would do with smtp)? Cyrus-Imap contains some test-tools. Look for imtest, smtptest, pop3test, lmtptest,... Cyrus-SASL has testsaslauthd, which can be used to test saslauthd alone > ________________________________ > > From: info-cyrus-bounces+gary=primeexalia.com at lists.andrew.cmu.edu on > behalf of Andreas Winkelmann Sent: Thu 12/11/2008 7:29 AM > To: info-cyrus at lists.andrew.cmu.edu > Subject: RE: murder configuration issue final stretch > > > First off, thanks for all of the help. I've gotten pretty far I think. > > I ran into a couple problems and some notes on some list groups about > > dead options that were shown in examples. > > > > http://garysmith.pbwiki.com/Cyrus > > > > I have put all of my configs into a wiki (broken down by server/type). > > The problem that I'm running into right now is that if I log into the > > frontend box using cyradmin (as root or cyrus) I can see mailboxes but > > when I go to create one on a backend server, cyradm prompts me for the > > password for the corresponding account on the remote machine. I'm not > > sure if this is by design or an issue. > > > > The other big issue is that I have lmtp configured on the frontend to > > forward to the backend. The lmtp process is running on the backend as I > > can telnet to it (telnet ip lmtp). On the backend I seem to be getting a > > SASL2 auth error. > > > > badlogin: 10.80.72.1 PLAIN SASL(-13): authentication failure: Password > > verification failed > > Did you test LMTP-Authentication at the Backend? > > Looks like a SASL-Configuration Issue. > > How did you configure SASL/saslauthd? > > Check if proxy_authname with *_password from the Frontend Configuration is > able to login via LMTP. > > Maybe you are using pam and should configure the file for lmtp as well as > for imap. > > > I believe this is the final problem. Now there is another crazy setting > > in the mix (but it shoudln't be an impact). We use pam/nss mysql. This > > has been working for some time and is working well on stand alone > > servers. I have configured it on the frontend server as well. I can > > login to the frontend just fine (which is a mysql account). > > > > That's my outstanding issues at this time that (as I can't get past > > those). > > > > The last thing that I'm looking into is autocreatequota setting. We used > > this on the standalone boxes and it worked well for us. When we attempt > > to create an account on the frontend it fails as we don't have it enabled > > on the frontend. When we enable it on the frontend the account is > > created on the frontent and attempts to delete or move (rename) fail. Is > > there any hope for autocreate? -- Andreas From gary at primeexalia.com Thu Dec 11 19:22:27 2008 From: gary at primeexalia.com (Gary W. Smith) Date: Thu, 11 Dec 2008 16:22:27 -0800 Subject: murder configuration issue final stretch References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051925@pxtbenexd02.pxt.primeexalia.com> Message-ID: <417DD550405AF84F95040DA44520C8E505192D@pxtbenexd02.pxt.primeexalia.com> Andrew, I found one of your older posting which also covers this. Here is what I did. I added psotfixlmtp as a user to both the frontend and and then ran the 'runuser - postfixlmtp -c "lmtptest mds01"' and used the password and it authenticated just fine. So I added the entry to my lmtp_passwd file for postfix. I also added the additional entries into the postfix main.cf file as per the instructions. On the frontend I added lmtp_admins: postfixlmtp and on the backends I added lmtp_admins: murder postfixlmtp. I did notice that when I try connecting to the lmtp on the frontend I get an error. I suspect that it's because it's looking for lmtp and it's running the lmtpproxy # runuser - postfixlmtp -c "lmtptest" WARNING: no hostname supplied, assuming localhost connect: Connection refused failure: Network initialization - can not connect to localhost.localdomain:lmtp Anyway, postfix is kicking this out in the log: lmtp[6073]: lmtp connection preauth'd as postman <-- why I'm getting this, I don't know I assume that for some reason it's still allowing anonynous connections to lmtp. I checked my cyrus.conf files on all servers and there is no "-a". It's perplexing. The information you gave me makes sense but it's like something has cached a setting and isn't letting go even though I have restarted all of the services. I'm still working the issue but if this rings a bell I'd love any feedback. ________________________________ From: Andrew Morgan [mailto:morgan at orst.edu] Sent: Wed 12/10/2008 9:35 AM To: Gary W. Smith Cc: Wesley Craig; info-cyrus at lists.andrew.cmu.edu Subject: RE: murder configuration issue final stretch On Tue, 9 Dec 2008, Gary W. Smith wrote: > Andy/Wesley, > > First off, thanks for all of the help. I've gotten pretty far I think. > I ran into a couple problems and some notes on some list groups about > dead options that were shown in examples. > > http://garysmith.pbwiki.com/Cyrus > > I have put all of my configs into a wiki (broken down by server/type). > The problem that I'm running into right now is that if I log into the > frontend box using cyradmin (as root or cyrus) I can see mailboxes but > when I go to create one on a backend server, cyradm prompts me for the > password for the corresponding account on the remote machine. I'm not > sure if this is by design or an issue. > > The other big issue is that I have lmtp configured on the frontend to > forward to the backend. The lmtp process is running on the backend as I > can telnet to it (telnet ip lmtp). On the backend I seem to be getting > a SASL2 auth error. > > badlogin: 10.80.72.1 PLAIN SASL(-13): authentication failure: Password > verification failed The documentation doesn't state this, but in a murder environment all LMTP connections must be authenticated. Using the "-a" option doesn't work because then the frontend doesn't have a set of credentials for proxying. At least, that's what my testing showed. Try creating a "cyr_lmtp" (or whatever you want to call it) user on both your backends and frontends. Then add the following: On backends: lmtp_admins: cyr_lmtp murder On frontends: lmtp_admins: cyr_lmtp Then make sure your MTA is authenticating as cyr_lmtp when it connects to the Cyrus lmtpd. Andy -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081211/68821ed8/attachment.html From spamtest-eir1beucei at asp4.polyformal.de Fri Dec 12 11:35:21 2008 From: spamtest-eir1beucei at asp4.polyformal.de (Stefan Pampel antispam) Date: Fri, 12 Dec 2008 17:35:21 +0100 Subject: plus addressing over lmtp not working / sam [box] anyone p set In-Reply-To: <71fe4e760812102315h384fef52v2bae96d63efca0d4@mail.gmail.com> References: <71fe4e760812012310x531d3b4as95b47f319a64c136@mail.gmail.com> <71fe4e760812022303n10a309acu98b3f6c44f702fe8@mail.gmail.com> <5EAC17905F4B4C8F8E09D3954DD6B5BA@recol.us> <493FDA83.4010508@asp4.polyformal.de> <71fe4e760812102315h384fef52v2bae96d63efca0d4@mail.gmail.com> Message-ID: <494292C9.8020803@asp4.polyformal.de> Alain Spineux schrieb am 11.12.2008 08:15: > I dont see nothing wrong in your main.cf > Can you post your master.cf ? ok, here is the master.cf thx, and bye Stefan # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd -o no_address_mappings #submission inet n - - - - smtpd # -o smtpd_tls_security_level=encrypt # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #smtps inet n - - - - smtpd # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #628 inet n - - - - qmqpd pickup fifo n - - 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - - 300 1 oqmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - - - - smtp -o smtp_fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} # # See the Postfix UUCP_README file for configuration details. # uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # Other external delivery methods. # ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} amavisfeed unix - - n - 2 lmtp -o lmtp_data_done_timeout=1200 -o lmtp_send_xforward_command=yes -o lmtp_tls_note_starttls_offer=no 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o smtpd_restriction_classes= -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings -o local_header_rewrite_clients= -o smtpd_milters= -o local_recipient_maps= -o relay_recipient_maps= From morgan at orst.edu Fri Dec 12 12:00:13 2008 From: morgan at orst.edu (Andrew Morgan) Date: Fri, 12 Dec 2008 09:00:13 -0800 (PST) Subject: murder configuration issue final stretch In-Reply-To: <417DD550405AF84F95040DA44520C8E505192D@pxtbenexd02.pxt.primeexalia.com> References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051925@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E505192D@pxtbenexd02.pxt.primeexalia.com> Message-ID: On Thu, 11 Dec 2008, Gary W. Smith wrote: > Andrew, > > I found one of your older posting which also covers this. Here is what > I did. > > I added psotfixlmtp as a user to both the frontend and and then ran the > 'runuser - postfixlmtp -c "lmtptest mds01"' and used the password and it > authenticated just fine. So I added the entry to my lmtp_passwd file > for postfix. I also added the additional entries into the postfix > main.cf file as per the instructions. > > On the frontend I added lmtp_admins: postfixlmtp and on the backends I > added lmtp_admins: murder postfixlmtp. > > I did notice that when I try connecting to the lmtp on the frontend I > get an error. I suspect that it's because it's looking for lmtp and > it's running the lmtpproxy > > # runuser - postfixlmtp -c "lmtptest" > WARNING: no hostname supplied, assuming localhost > connect: Connection refused > failure: Network initialization - can not connect to localhost.localdomain:lmtp > > Anyway, postfix is kicking this out in the log: > > lmtp[6073]: lmtp connection preauth'd as postman <-- why I'm getting > this, I don't know > > I assume that for some reason it's still allowing anonynous connections > to lmtp. I checked my cyrus.conf files on all servers and there is no > "-a". It's perplexing. The information you gave me makes sense but it's > like something has cached a setting and isn't letting go even though I > have restarted all of the services. Looking at the source code in lmtpengine.c: /* we're not connected to a internet socket! */ func->preauth = 1; strcpy(cd.clienthost, "[unix socket]"); syslog(LOG_DEBUG, "lmtp connection preauth'd as postman"); So it appears that unix socket connections are always preauth'd. You'll need to enable Cyrus' lmtpd to listen on the internet socket as well. If you are running Postfix on your frontends (it looks like you are), then you could either disable Postfix's lmtp, or run the Cyrus lmtp on an alternate port. Maybe other folks know of a cleaner way to do this, or have other suggestions. Andy From gary at primeexalia.com Fri Dec 12 12:31:31 2008 From: gary at primeexalia.com (Gary W. Smith) Date: Fri, 12 Dec 2008 09:31:31 -0800 Subject: murder configuration issue final stretch References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051925@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E505192D@pxtbenexd02.pxt.primeexalia.com> Message-ID: <417DD550405AF84F95040DA44520C8E5051930@pxtbenexd02.pxt.primeexalia.com> Andrew, Any idea how this works with the lmtpproxy? Also, I've tried to setup the lmtp using the local port but for some reason when I restart cyrus-imapd it doesn't who up in netstat. Tried lmtp cmd="lmtpd" listen="lmtp" prefork=1 Tried lmtp cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1 maxchild=20 Current: lmtp cmd="lmtpproxyd" listen="/var/lib/imap/socket/lmtpunix" prefork=1 Do you have any examples of setting it up on a different port and forwarding it onwards to the backend (or I assume that we would forward it to the proxy) using postfix?. Gary ________________________________ From: Andrew Morgan [mailto:morgan at orst.edu] Sent: Fri 12/12/2008 9:00 AM To: Gary W. Smith Cc: Wesley Craig; info-cyrus at lists.andrew.cmu.edu Subject: RE: murder configuration issue final stretch On Thu, 11 Dec 2008, Gary W. Smith wrote: > Andrew, > > I found one of your older posting which also covers this. Here is what > I did. > > I added psotfixlmtp as a user to both the frontend and and then ran the > 'runuser - postfixlmtp -c "lmtptest mds01"' and used the password and it > authenticated just fine. So I added the entry to my lmtp_passwd file > for postfix. I also added the additional entries into the postfix > main.cf file as per the instructions. > > On the frontend I added lmtp_admins: postfixlmtp and on the backends I > added lmtp_admins: murder postfixlmtp. > > I did notice that when I try connecting to the lmtp on the frontend I > get an error. I suspect that it's because it's looking for lmtp and > it's running the lmtpproxy > > # runuser - postfixlmtp -c "lmtptest" > WARNING: no hostname supplied, assuming localhost > connect: Connection refused > failure: Network initialization - can not connect to localhost.localdomain:lmtp > > Anyway, postfix is kicking this out in the log: > > lmtp[6073]: lmtp connection preauth'd as postman <-- why I'm getting > this, I don't know > > I assume that for some reason it's still allowing anonynous connections > to lmtp. I checked my cyrus.conf files on all servers and there is no > "-a". It's perplexing. The information you gave me makes sense but it's > like something has cached a setting and isn't letting go even though I > have restarted all of the services. Looking at the source code in lmtpengine.c: /* we're not connected to a internet socket! */ func->preauth = 1; strcpy(cd.clienthost, "[unix socket]"); syslog(LOG_DEBUG, "lmtp connection preauth'd as postman"); So it appears that unix socket connections are always preauth'd. You'll need to enable Cyrus' lmtpd to listen on the internet socket as well. If you are running Postfix on your frontends (it looks like you are), then you could either disable Postfix's lmtp, or run the Cyrus lmtp on an alternate port. Maybe other folks know of a cleaner way to do this, or have other suggestions. Andy -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081212/e2e63e85/attachment.html From morgan at orst.edu Fri Dec 12 12:46:05 2008 From: morgan at orst.edu (Andrew Morgan) Date: Fri, 12 Dec 2008 09:46:05 -0800 (PST) Subject: murder configuration issue final stretch In-Reply-To: <417DD550405AF84F95040DA44520C8E5051930@pxtbenexd02.pxt.primeexalia.com> References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051925@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E505192D@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051930@pxtbenexd02.pxt.primeexalia.com> Message-ID: On Fri, 12 Dec 2008, Gary W. Smith wrote: > Andrew, > > Any idea how this works with the lmtpproxy? Also, I've tried to setup > the lmtp using the local port but for some reason when I restart > cyrus-imapd it doesn't who up in netstat. > > Tried > lmtp cmd="lmtpd" listen="lmtp" prefork=1 > Tried > lmtp cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1 maxchild=20 > Current: > lmtp cmd="lmtpproxyd" listen="/var/lib/imap/socket/lmtpunix" prefork=1 > > Do you have any examples of setting it up on a different port and > forwarding it onwards to the backend (or I assume that we would forward > it to the proxy) using postfix?. I believe you want: lmtp cmd="lmtpproxyd" listen="2004" prefork=1 maxchild=50 lmtpunix cmd="lmtpproxyd" listen="/var/lib/imap/socket/lmtpunix" prefork=1 This should listen on port 2004 (instead of the usual 2003) on all interfaces, plus listen on the unix socket you had defined earlier. Andy From gary at primeexalia.com Fri Dec 12 12:48:19 2008 From: gary at primeexalia.com (Gary W. Smith) Date: Fri, 12 Dec 2008 09:48:19 -0800 Subject: murder configuration issue final stretch References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051925@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E505192D@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051930@pxtbenexd02.pxt.primeexalia.com> Message-ID: <417DD550405AF84F95040DA44520C8E5051931@pxtbenexd02.pxt.primeexalia.com> Gothca. I was thinking when you said lmtp you meant lmtp, not lmtpproxy. I will try that later today (as I don't have access to that environment where I'm at). Thanks, Gary ________________________________ From: Andrew Morgan [mailto:morgan at orst.edu] Sent: Fri 12/12/2008 9:46 AM To: Gary W. Smith Cc: Wesley Craig; info-cyrus at lists.andrew.cmu.edu Subject: RE: murder configuration issue final stretch On Fri, 12 Dec 2008, Gary W. Smith wrote: > Andrew, > > Any idea how this works with the lmtpproxy? Also, I've tried to setup > the lmtp using the local port but for some reason when I restart > cyrus-imapd it doesn't who up in netstat. > > Tried > lmtp cmd="lmtpd" listen="lmtp" prefork=1 > Tried > lmtp cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1 maxchild=20 > Current: > lmtp cmd="lmtpproxyd" listen="/var/lib/imap/socket/lmtpunix" prefork=1 > > Do you have any examples of setting it up on a different port and > forwarding it onwards to the backend (or I assume that we would forward > it to the proxy) using postfix?. I believe you want: lmtp cmd="lmtpproxyd" listen="2004" prefork=1 maxchild=50 lmtpunix cmd="lmtpproxyd" listen="/var/lib/imap/socket/lmtpunix" prefork=1 This should listen on port 2004 (instead of the usual 2003) on all interfaces, plus listen on the unix socket you had defined earlier. Andy -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081212/f35bafac/attachment.html From ml at awinkelmann.de Fri Dec 12 12:51:58 2008 From: ml at awinkelmann.de (Andreas Winkelmann) Date: Fri, 12 Dec 2008 18:51:58 +0100 (CET) Subject: murder configuration issue final stretch In-Reply-To: References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051925@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E505192D@pxtbenexd02.pxt.primeexalia.com> Message-ID: <55c82e3152bfb4dc22a1f24adf2694bb.squirrel@a-angels.ath.cx> >> I found one of your older posting which also covers this. Here is what >> I did. >> >> I added psotfixlmtp as a user to both the frontend and and then ran the >> 'runuser - postfixlmtp -c "lmtptest mds01"' and used the password and it >> authenticated just fine. So I added the entry to my lmtp_passwd file >> for postfix. I also added the additional entries into the postfix >> main.cf file as per the instructions. >> >> On the frontend I added lmtp_admins: postfixlmtp and on the backends I >> added lmtp_admins: murder postfixlmtp. >> >> I did notice that when I try connecting to the lmtp on the frontend I >> get an error. I suspect that it's because it's looking for lmtp and >> it's running the lmtpproxy >> >> # runuser - postfixlmtp -c "lmtptest" >> WARNING: no hostname supplied, assuming localhost >> connect: Connection refused >> failure: Network initialization - can not connect to >> localhost.localdomain:lmtp >> >> Anyway, postfix is kicking this out in the log: >> >> lmtp[6073]: lmtp connection preauth'd as postman <-- why I'm getting >> this, I don't know >> >> I assume that for some reason it's still allowing anonynous connections >> to lmtp. I checked my cyrus.conf files on all servers and there is no >> "-a". It's perplexing. The information you gave me makes sense but it's >> like something has cached a setting and isn't letting go even though I >> have restarted all of the services. > > Looking at the source code in lmtpengine.c: > > /* we're not connected to a internet socket! */ > func->preauth = 1; > strcpy(cd.clienthost, "[unix socket]"); > syslog(LOG_DEBUG, "lmtp connection preauth'd as postman"); > > So it appears that unix socket connections are always preauth'd. You'll > need to enable Cyrus' lmtpd to listen on the internet socket as well. If > you are running Postfix on your frontends (it looks like you are), then > you could either disable Postfix's lmtp, or run the Cyrus lmtp on an > alternate port. You are right about the pre-authentication on a unix Socket. It is always turned on. Postfix has no lmtp-Server, so he does not need to disable something. The Unix Socket in Postfix which is named lmtp is the Socket from the Postfix Internal Side to it's lmtp-Client. I don't think this is a problem with/without pre-authentification. The lmtp-Server in Cyrus-IMAP uses the given proxy_authname/*_password, regardless of the credentials used in the connection to the lmtp-Server. > Maybe other folks know of a cleaner way to do this, or have other > suggestions. -- Andreas From gary at primeexalia.com Fri Dec 12 16:50:07 2008 From: gary at primeexalia.com (Gary W. Smith) Date: Fri, 12 Dec 2008 13:50:07 -0800 Subject: murder configuration issue final stretch References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051925@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E505192D@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051930@pxtbenexd02.pxt.primeexalia.com> Message-ID: <417DD550405AF84F95040DA44520C8E5051932@pxtbenexd02.pxt.primeexalia.com> Andy, Mail is finally being delivered now. I made the change to tcp lmtp and that solved 1/2 of the problem. I had to tweak some things on the backend as well. I will document my changes and put them up on my wiki. This is a test environment under xen so I will spin up an identical environment and apply the changes to see if it works. For me, this brings me to 90% completetion. The final part is autocreate. I know that autocreate is not supported in this configuration. I have accepted that. What I was wondering is do you have any simple scripts for creating new user accounts that I can just call from a shell script? I have a automated process in the background that creates user accounts in the background. I already have to SSH out from this setup script to a different server. There's no reason I can't call into a second server for email creation/deletion but right now this part is beyond me. Any working samples would be great. To recap the environment that will be put into place 4 backend servers (existing) 1 master server. 2+n frontend servers. 2+n side servers. The side servers will be dedicated for postfix. All email comes into relays and then forwarded onto the final postfix. Instead of putting this load on the frontend I will be running a couple load balanced frontend servers dedicated to postfix only. The master will be a cluster with drbd replication (on my todo). I suspect that the automation scripts will be run against one of my side servers. The frontend and side servers will also have xen instances virtualized so we can spin up more if we need to. Overall it looks good for what we want. We just need to get the automation in place now... Gary ________________________________ From: Andrew Morgan [mailto:morgan at orst.edu] Sent: Fri 12/12/2008 9:46 AM To: Gary W. Smith Cc: Wesley Craig; info-cyrus at lists.andrew.cmu.edu Subject: RE: murder configuration issue final stretch On Fri, 12 Dec 2008, Gary W. Smith wrote: > Andrew, > > Any idea how this works with the lmtpproxy? Also, I've tried to setup > the lmtp using the local port but for some reason when I restart > cyrus-imapd it doesn't who up in netstat. > > Tried > lmtp cmd="lmtpd" listen="lmtp" prefork=1 > Tried > lmtp cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1 maxchild=20 > Current: > lmtp cmd="lmtpproxyd" listen="/var/lib/imap/socket/lmtpunix" prefork=1 > > Do you have any examples of setting it up on a different port and > forwarding it onwards to the backend (or I assume that we would forward > it to the proxy) using postfix?. I believe you want: lmtp cmd="lmtpproxyd" listen="2004" prefork=1 maxchild=50 lmtpunix cmd="lmtpproxyd" listen="/var/lib/imap/socket/lmtpunix" prefork=1 This should listen on port 2004 (instead of the usual 2003) on all interfaces, plus listen on the unix socket you had defined earlier. Andy -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081212/2b09d11f/attachment.html From morgan at orst.edu Fri Dec 12 16:54:38 2008 From: morgan at orst.edu (Andrew Morgan) Date: Fri, 12 Dec 2008 13:54:38 -0800 (PST) Subject: murder configuration issue final stretch In-Reply-To: <417DD550405AF84F95040DA44520C8E5051932@pxtbenexd02.pxt.primeexalia.com> References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051925@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E505192D@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051930@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051932@pxtbenexd02.pxt.primeexalia.com> Message-ID: On Fri, 12 Dec 2008, Gary W. Smith wrote: > For me, this brings me to 90% completetion. The final part is > autocreate. I know that autocreate is not supported in this > configuration. I have accepted that. What I was wondering is do you > have any simple scripts for creating new user accounts that I can just > call from a shell script? I have a automated process in the background > that creates user accounts in the background. I already have to SSH out > from this setup script to a different server. There's no reason I can't > call into a second server for email creation/deletion but right now this > part is beyond me. Any working samples would be great. We have various automated scripts for creating users in our environment. Mainly, they create an entry in our LDAP server, a matching account in Windows Active Directory, and then the mailbox on Cyrus. Almost all of the various Cyrus scripts we use are available at: http://oregonstate.edu/~morgan/cyrus/public/ Feel free to use them however you want. Andy From gary at primeexalia.com Fri Dec 12 16:57:15 2008 From: gary at primeexalia.com (Gary W. Smith) Date: Fri, 12 Dec 2008 13:57:15 -0800 Subject: murder configuration issue final stretch References: <417DD550405AF84F95040DA44520C8E505191C@pxtbenexd02.pxt.primeexalia.com> <3B5E8BFE-5E46-452C-936A-569822312718@umich.edu> <417DD550405AF84F95040DA44520C8E505191E@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051922@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051925@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E505192D@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051930@pxtbenexd02.pxt.primeexalia.com> <417DD550405AF84F95040DA44520C8E5051932@pxtbenexd02.pxt.primeexalia.com> Message-ID: <417DD550405AF84F95040DA44520C8E5051933@pxtbenexd02.pxt.primeexalia.com> Andy, This is exactly what I'm looking for. For all of your help, if you're ever in the SF, CA area, email me and I'll buy your dinner... Gary ________________________________ From: Andrew Morgan [mailto:morgan at orst.edu] Sent: Fri 12/12/2008 1:54 PM To: Gary W. Smith Cc: info-cyrus at lists.andrew.cmu.edu Subject: RE: murder configuration issue final stretch On Fri, 12 Dec 2008, Gary W. Smith wrote: > For me, this brings me to 90% completetion. The final part is > autocreate. I know that autocreate is not supported in this > configuration. I have accepted that. What I was wondering is do you > have any simple scripts for creating new user accounts that I can just > call from a shell script? I have a automated process in the background > that creates user accounts in the background. I already have to SSH out > from this setup script to a different server. There's no reason I can't > call into a second server for email creation/deletion but right now this > part is beyond me. Any working samples would be great. We have various automated scripts for creating users in our environment. Mainly, they create an entry in our LDAP server, a matching account in Windows Active Directory, and then the mailbox on Cyrus. Almost all of the various Cyrus scripts we use are available at: http://oregonstate.edu/~morgan/cyrus/public/ Feel free to use them however you want. Andy -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081212/8bdb7ee0/attachment.html From gary at primeexalia.com Fri Dec 12 19:46:48 2008 From: gary at primeexalia.com (Gary W. Smith) Date: Fri, 12 Dec 2008 16:46:48 -0800 Subject: Permissions question Message-ID: <417DD550405AF84F95040DA44520C8E5051934@pxtbenexd02.pxt.primeexalia.com> autocreatequota: (off top of head, forgive me if this is wrong) lrswipcda cm user/mailbox at whatever lrswipkxtecda Why does autocreatequota enabled boxes have a different security than boxes created with cm? Also, where do I find more information on the flags? which should I be using for normal user email accounts (for imap/pop3 -- no shared boxes). Gary -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081212/e857267e/attachment.html From alessandro.oliveira at me.com Sat Dec 13 10:16:08 2008 From: alessandro.oliveira at me.com (Alessandro Oliveira) Date: Sat, 13 Dec 2008 13:16:08 -0200 Subject: Problems with Sieve in Debian Etch Message-ID: <3388AB3E-6ADB-4369-A878-61FBA22CC48C@me.com> Hi, I've been using cyrus-imap for the last 6 years in a Fedora Core 3 Box, since cyrus compile gives me headache I used Simon Matter's package. But some time ago we had to replace our serves with Debian Etch, a wonderful experience, apt-get is by far the most reliable update software, but the problem lies with the cyrus-2.2 default package. All the Imap and everyting else is working perfect except sieve. When I try to create a script using sieveshell -u username -a username localhost, them use put vacation-username.sieve and after that activate vacation-username.sieve, it feels to be correct, but when trying to deliver any message I get: WARNING: sieve script /var/lib/cyrus/sieve/u/username/defaultbc doesn't exist: No such file or directory and checking the sieve dir on /var/lib/cyrus/sieve the directory above actually doesn't exist, but it created a global/defaultbc do you happen to know if this is a bug or maybe a misconfiguration ? Thanks for any help. Alessandro Oliveira -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081213/432257df/attachment-0001.html From teresa_ii at myeburg.net Mon Dec 15 04:50:24 2008 From: teresa_ii at myeburg.net (Teresa) Date: Mon, 15 Dec 2008 10:50:24 +0100 Subject: Cyrus Deadblocking Message-ID: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> Hi all, since yesterday i have strange behavier of my productive mail server, and i cannt find the reason for 2 days allready. I didnt changed anything lately, but yesterday my cyrus starts rise cpu load up to 100% and after some time it stop responding. Mostly its a lmtp process, but it happends to pop3 also, or to imapd process self. What helps - restart. There is nothing in the log what would show the problem. All sendmail processes, as they use smmapd for local delivery are blocked also. Ca. 2 weeks ago i updated glibc to 2.9 version. But it worked this two weeks fine. I am on gentoo box. [ebuild R ] sys-libs/db-4.6.21_p3-r1 USE="-bootstrap -doc -java -nocxx -tcl -test" 0 kB [ebuild R ] sys-libs/glibc-2.9_p20081201 USE="gd (multilib) nls -debug -glibc-compat20 -glibc-omitfp (-hardened) -profile (-selinux) -vanilla" 0 kB [ebuild R ] net-mail/cyrus-imapd-2.3.13 USE="idled pam ssl tcpd (-drac) -kerberos -kolab -nntp -replication -snmp" 0 kB I use squater, sieve, imap and pop3. Ipurge starts from cron time to time. If cyrus goes in to the blocking state, and i manualy start ipurge i get message about how much messages will be deleted, how much scanned and etc. but process self never get to promt back. I understand that this description doesnt provide any usefull information, that will help identify problem. If i could identify it, i would already fix it probably. But its my last hope, maybe someone can point me whats wrong ? -- Teresa From hmh at debian.org Mon Dec 15 07:42:08 2008 From: hmh at debian.org (Henrique de Moraes Holschuh) Date: Mon, 15 Dec 2008 10:42:08 -0200 Subject: Cyrus Deadblocking In-Reply-To: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> Message-ID: <20081215124208.GE17648@khazad-dum.debian.net> On Mon, 15 Dec 2008, Teresa wrote: > since yesterday i have strange behavier of my productive mail server, and i > cannt find the reason for 2 days allready. Which kernel? If it is Linux 2.6.27.8 or 2.6.27.9, try downgrading... -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh From boutilpj at ednet.ns.ca Mon Dec 15 08:18:02 2008 From: boutilpj at ednet.ns.ca (Patrick Boutilier) Date: Mon, 15 Dec 2008 09:18:02 -0400 Subject: Cyrus Deadblocking In-Reply-To: <20081215124208.GE17648@khazad-dum.debian.net> References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> <20081215124208.GE17648@khazad-dum.debian.net> Message-ID: Henrique de Moraes Holschuh wrote: > On Mon, 15 Dec 2008, Teresa wrote: >> since yesterday i have strange behavier of my productive mail server, and i >> cannt find the reason for 2 days allready. > > Which kernel? If it is Linux 2.6.27.8 or 2.6.27.9, try downgrading... > What is wrong with those kernels? From awilliam at whitemice.org Mon Dec 15 08:40:31 2008 From: awilliam at whitemice.org (Adam Tauno Williams) Date: Mon, 15 Dec 2008 08:40:31 -0500 Subject: Cyrus Deadblocking In-Reply-To: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> Message-ID: <1229348431.5152.8.camel@linux-nnci.site> > since yesterday i have strange behavier of my productive mail server, and i > cannt find the reason for 2 days allready. Does "dmesg" show anything odd? > I didnt changed anything lately, but yesterday my cyrus starts rise cpu > load up to 100% and after some time it stop responding. Mostly its a lmtp > process, but it happends to pop3 also, or to imapd process self. > What helps - restart. There is nothing in the log what would show the > problem. If you attach to a hung process with "strace -p {pid}" what does it look like? > All sendmail processes, as they use smmapd for local delivery are blocked > also. > Ca. 2 weeks ago i updated glibc to 2.9 version. But it worked this two > weeks fine. Did you restart the services after the update? > I am on gentoo box. Oh..... > [ebuild R ] sys-libs/db-4.6.21_p3-r1 USE="-bootstrap -doc -java -nocxx > -tcl -test" 0 kB > [ebuild R ] sys-libs/glibc-2.9_p20081201 USE="gd (multilib) nls -debug > -glibc-compat20 -glibc-omitfp (-hardened) -profile (-selinux) -vanilla" 0 > kB > [ebuild R ] net-mail/cyrus-imapd-2.3.13 USE="idled pam ssl tcpd > (-drac) -kerberos -kolab -nntp -replication -snmp" 0 kB I assume the above is some Gentoo thing. > I use squater, sieve, imap and pop3. Ipurge starts from cron time to time. > If cyrus goes in to the blocking state, Sounds to be like Cyrus is not the only thing getting hung, which indicates the problem probably lies elsewhere. > and i manualy start ipurge i get > message about how much messages will be deleted, how much scanned and etc. > but process self never get to promt back. > I understand that this description doesnt provide any usefull information, > that will help identify problem. If i could identify it, i would already > fix it probably. But its my last hope, maybe someone can point me whats > wrong ? From teresa_ii at myeburg.net Mon Dec 15 08:49:16 2008 From: teresa_ii at myeburg.net (Teresa) Date: Mon, 15 Dec 2008 14:49:16 +0100 Subject: Cyrus Deadblocking In-Reply-To: <20081215124208.GE17648@khazad-dum.debian.net> References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> <20081215124208.GE17648@khazad-dum.debian.net> Message-ID: <8145434745dddf02a36e209d94edc45a@mail.compulypse.net> On Mon, 15 Dec 2008 10:42:08 -0200, Henrique de Moraes Holschuh wrote: On Mon, 15 Dec 2008, Teresa wrote: Which kernel? If it is Linux 2.6.27.8 or 2.6.27.9, try downgrading... Thanks for response. I use 2.6.27.7 vanila kernel (not gentoo-source). Didnt rebooted for about near a mounth. Yesterday i rebooted also in one of last hope that would fix something (i know that doesnt work, and it didnt, it never does :) if something isnt working). Actualy system is raning stable now again. I didnt changed anything, didnt compiled or rebooted. I just restarted cyrus and sendmail few times. And after one of this restarts it run stable. I have no idea why. There is nothing different. No system log messages about broken DB or something else. Once thing i saw strange in this 2 days was : lmtpd[3467] general protection ip:7f2e45ffdb2e sp:7fff4ee81968 error:0 in libdb-4.6.so[7f2e45f2d000+136000] in dmesg. I think this comes from new glibc. But it doesnt breake functionality by now. I have stable working for 4 hours already, system load goes down to 0.0 again. No deadlocking... I saw there is new ebuilds for berkley db 4.7.25 are in portage. Is anybody used this version already ? Maybe compiling cyrus agains this lib will perform better ? Or that looks more like kernel problem ? How i check that ? In htop the process that get 100%cpu load isnt in "D" state, so its not real deadlock, it just goest in some loop somewhere i suppouse under some condition that doesnt happend allways. Yesterday i also tried to downgrade to 2.3.12_p2 cyrus-imapd. But got same behavier, so i updated to 2.3.13 back again. I will report if i find something more. -- Teresa From teresa_ii at myeburg.net Mon Dec 15 09:02:24 2008 From: teresa_ii at myeburg.net (Teresa) Date: Mon, 15 Dec 2008 15:02:24 +0100 Subject: Cyrus Deadblocking In-Reply-To: <1229348431.5152.8.camel@linux-nnci.site> References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> <1229348431.5152.8.camel@linux-nnci.site> Message-ID: <83ec42d04d817c8c22ae2c6630168966@mail.compulypse.net> On Mon, 15 Dec 2008 08:40:31 -0500, Adam Tauno Williams wrote: since yesterday i have strange behavier of my productive mail server, and i cannt find the reason for 2 days allready. Does "dmesg" show anything odd? Not realy. Its quiet, only this strange messages comes in this 2 days also in, thay allways look like that: lmtpd[3467] general protection ip:7f2e45ffdb2e sp:7fff4ee81968 error:0 in libdb-4.6.so[7f2e45f2d000+136000]>> I didnt changed anything lately, but yesterday my cyrus starts rise cpu But it still work already for 4 hours here, even if this message is once in my dmesg now. If you attach to a hung process with "strace -p {pid}" what does it look like? Now its run, and as its produktion server, i will leave it running as long it will self :) But next time and i am mostly sure it will come again, i will do that strace. I am running this mailbox already since 2003. Cyrus had some nasty problems with berkleydb few times in the past (2.2.x versions). But for last 2 years i never had realy a problem with it. Did you restart the services after the update? I am on gentoo box. Gentoo is ok, i am self in trouble because i run unstable ~x86_64 keyword. I know that, so i have to manage my problems self. Gentoo has nothing to do with that. But you've right, something with system is not right at the moment. If cyrus goes in to the blocking state, Sounds to be like Cyrus is not the only thing getting hung, which indicates the problem probably lies elsewhere. Actualy only cyrus processes are in trouble. iprune do it job, as example, but never get out to promt. I got my kernel now updated to 2.6.27.9. It runs now 2.6.29.7. If it crash again, i reboot to new kernel and will see if something is changed. -- Teresa From hmh at debian.org Mon Dec 15 09:07:33 2008 From: hmh at debian.org (Henrique de Moraes Holschuh) Date: Mon, 15 Dec 2008 12:07:33 -0200 Subject: Cyrus Deadblocking In-Reply-To: <200812151318.mBFDIAYZ017498@lists2.andrew.cmu.edu> References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> <20081215124208.GE17648@khazad-dum.debian.net> <200812151318.mBFDIAYZ017498@lists2.andrew.cmu.edu> Message-ID: <20081215140733.GH17648@khazad-dum.debian.net> On Mon, 15 Dec 2008, Patrick Boutilier wrote: > Henrique de Moraes Holschuh wrote: > > On Mon, 15 Dec 2008, Teresa wrote: > >> since yesterday i have strange behavier of my productive mail server, and i > >> cannt find the reason for 2 days allready. > > > > Which kernel? If it is Linux 2.6.27.8 or 2.6.27.9, try downgrading... > > What is wrong with those kernels? The lack of this: http://lkml.indiana.edu/hypermail/linux/kernel/0812.1/00998.html Thread here: http://lkml.indiana.edu/hypermail/linux/kernel/0812.1/index.html#00006 2.6.27.10 will be much better. I am not touching 2.6.27 at all until it is out (still running 2.6.26.y here), but probably I won't consider it until it reaches 2.6.27.12 or thereabouts. No, I am not sure it would break Cyrus IMAP. But one doesn't let Cyrus IMAP anywhere near a kernel that is suspect of less than pristine shared memory or mmap behaviour, it would be the same as walking around with dead fish in a basket, near a bunch of starved cats. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh From aspineux at gmail.com Mon Dec 15 09:58:43 2008 From: aspineux at gmail.com (Alain Spineux) Date: Mon, 15 Dec 2008 15:58:43 +0100 Subject: plus addressing over lmtp not working / sam [box] anyone p set In-Reply-To: <494292C9.8020803@asp4.polyformal.de> References: <71fe4e760812012310x531d3b4as95b47f319a64c136@mail.gmail.com> <71fe4e760812022303n10a309acu98b3f6c44f702fe8@mail.gmail.com> <5EAC17905F4B4C8F8E09D3954DD6B5BA@recol.us> <493FDA83.4010508@asp4.polyformal.de> <71fe4e760812102315h384fef52v2bae96d63efca0d4@mail.gmail.com> <494292C9.8020803@asp4.polyformal.de> Message-ID: <71fe4e760812150658p7e0a3576g7d6a070cda4032eb@mail.gmail.com> On Fri, Dec 12, 2008 at 5:35 PM, Stefan Pampel antispam wrote: > Alain Spineux schrieb am 11.12.2008 08:15: > >> I dont see nothing wrong in your main.cf >> Can you post your master.cf ? > > ok, here is the master.cf I dont see anything vrong, ask your question to the postfix mailing list ! > > thx, and bye > > Stefan > > # > # Postfix master process configuration file. For details on the format > # of the file, see the master(5) manual page (command: "man 5 master"). > # > # Do not forget to execute "postfix reload" after editing this file. > # > # ========================================================================== > # service type private unpriv chroot wakeup maxproc command + args > # (yes) (yes) (yes) (never) (100) > # ========================================================================== > smtp inet n - n - - smtpd > -o no_address_mappings > #submission inet n - - - - smtpd > # -o smtpd_tls_security_level=encrypt > # -o smtpd_sasl_auth_enable=yes > # -o smtpd_client_restrictions=permit_sasl_authenticated,reject > # -o milter_macro_daemon_name=ORIGINATING > #smtps inet n - - - - smtpd > # -o smtpd_tls_wrappermode=yes > # -o smtpd_sasl_auth_enable=yes > # -o smtpd_client_restrictions=permit_sasl_authenticated,reject > # -o milter_macro_daemon_name=ORIGINATING > #628 inet n - - - - qmqpd > pickup fifo n - - 60 1 pickup > cleanup unix n - n - 0 cleanup > qmgr fifo n - n 300 1 qmgr > #qmgr fifo n - - 300 1 oqmgr > tlsmgr unix - - - 1000? 1 tlsmgr > rewrite unix - - n - - trivial-rewrite > bounce unix - - - - 0 bounce > defer unix - - - - 0 bounce > trace unix - - - - 0 bounce > verify unix - - - - 1 verify > flush unix n - - 1000? 0 flush > proxymap unix - - n - - proxymap > proxywrite unix - - n - 1 proxymap > smtp unix - - n - - smtp > # When relaying mail as backup MX, disable fallback_relay to avoid MX loops > relay unix - - - - - smtp > -o smtp_fallback_relay= > # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 > showq unix n - - - - showq > error unix - - - - - error > retry unix - - - - - error > discard unix - - - - - discard > local unix - n n - - local > virtual unix - n n - - virtual > lmtp unix - - n - - lmtp > anvil unix - - - - 1 anvil > scache unix - - - - 1 scache > # > # ==================================================================== > # Interfaces to non-Postfix software. Be sure to examine the manual > # pages of the non-Postfix software to find out what options it wants. > # > # Many of the following services use the Postfix pipe(8) delivery > # agent. See the pipe(8) man page for information about ${recipient} > # and other message envelope options. > # ==================================================================== > # > # maildrop. See the Postfix MAILDROP_README file for details. > # Also specify in main.cf: maildrop_destination_recipient_limit=1 > # > maildrop unix - n n - - pipe > flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} > # > # See the Postfix UUCP_README file for configuration details. > # > uucp unix - n n - - pipe > flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail > ($recipient) > # > # Other external delivery methods. > # > ifmail unix - n n - - pipe > flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) > bsmtp unix - n n - - pipe > flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender > $recipient > scalemail-backend unix - n n - 2 pipe > flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store > ${nexthop} ${user} ${extension} > mailman unix - n n - - pipe > flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py > ${nexthop} ${user} > amavisfeed unix - - n - 2 lmtp > -o lmtp_data_done_timeout=1200 > -o lmtp_send_xforward_command=yes > -o lmtp_tls_note_starttls_offer=no > 127.0.0.1:10025 inet n - n - - smtpd > -o content_filter= > -o smtpd_delay_reject=no > -o smtpd_client_restrictions=permit_mynetworks,reject > -o smtpd_helo_restrictions= > -o smtpd_sender_restrictions= > -o smtpd_recipient_restrictions=permit_mynetworks,reject > -o smtpd_data_restrictions=reject_unauth_pipelining > -o smtpd_end_of_data_restrictions= > -o smtpd_restriction_classes= > -o mynetworks=127.0.0.0/8 > -o smtpd_error_sleep_time=0 > -o smtpd_soft_error_limit=1001 > -o smtpd_hard_error_limit=1000 > -o smtpd_client_connection_count_limit=0 > -o smtpd_client_connection_rate_limit=0 > -o > receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings > -o local_header_rewrite_clients= > -o smtpd_milters= > -o local_recipient_maps= > -o relay_recipient_maps= > > > > > ---- > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > -- Alain Spineux aspineux gmail com May the sources be with you From alessandro.oliveira at me.com Sat Dec 13 10:16:08 2008 From: alessandro.oliveira at me.com (Alessandro Oliveira) Date: Sat, 13 Dec 2008 13:16:08 -0200 Subject: Problems with Sieve in Debian Etch Message-ID: <3388AB3E-6ADB-4369-A878-61FBA22CC48C@me.com> Hi, I've been using cyrus-imap for the last 6 years in a Fedora Core 3 Box, since cyrus compile gives me headache I used Simon Matter's package. But some time ago we had to replace our serves with Debian Etch, a wonderful experience, apt-get is by far the most reliable update software, but the problem lies with the cyrus-2.2 default package. All the Imap and everyting else is working perfect except sieve. When I try to create a script using sieveshell -u username -a username localhost, them use put vacation-username.sieve and after that activate vacation-username.sieve, it feels to be correct, but when trying to deliver any message I get: WARNING: sieve script /var/lib/cyrus/sieve/u/username/defaultbc doesn't exist: No such file or directory and checking the sieve dir on /var/lib/cyrus/sieve the directory above actually doesn't exist, but it created a global/defaultbc do you happen to know if this is a bug or maybe a misconfiguration ? Thanks for any help. Alessandro Oliveira -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081213/432257df/attachment-0002.html From paul at vandervlis.nl Mon Dec 15 11:30:21 2008 From: paul at vandervlis.nl (Paul van der Vlis) Date: Mon, 15 Dec 2008 17:30:21 +0100 Subject: Rights question Message-ID: <4946861D.4030600@vandervlis.nl> Hello, I gave "anyone" the right to list and post to the mailbox user.jan.Sent. But when I give that as the folder for sent-messages in Thunderbird, I get an error "refused". What do I wrong? localhost> lam user.jan.Sent jan lrswipcda anyone lp I don't want that anyone can read all the messages, only post messages. Met vriendelijke groet, Paul van der Vlis. -- http://www.vandervlis.nl/ From brennan at columbia.edu Mon Dec 15 11:53:03 2008 From: brennan at columbia.edu (Joseph Brennan) Date: Mon, 15 Dec 2008 11:53:03 -0500 Subject: Rights question In-Reply-To: <4946861D.4030600@vandervlis.nl> References: <4946861D.4030600@vandervlis.nl> Message-ID: --On Monday, December 15, 2008 17:30 +0100 Paul van der Vlis wrote: > Hello, > > I gave "anyone" the right to list and post to the mailbox user.jan.Sent. > But when I give that as the folder for sent-messages in Thunderbird, I > get an error "refused". What do I wrong? > > localhost> lam user.jan.Sent > jan lrswipcda > anyone lp > > I don't want that anyone can read all the messages, only post messages. > > Met vriendelijke groet, > Paul van der Vlis. > I assume you are not the user 'jan'. Sent messages are not mailed, but written with imap, so you need the 'i' right to save sent mail there. Joseph Brennan Columbia University Information Technology From jblaine at kickflop.net Mon Dec 15 14:05:38 2008 From: jblaine at kickflop.net (Jeff Blaine) Date: Mon, 15 Dec 2008 14:05:38 -0500 Subject: imapd.conf option for setting SASL_PATH ? Message-ID: <4946AA82.9020308@kickflop.net> I need to explicitly override what our Cyrus IMAPd/SASL build is using for SASL_PATH, as it appears to be misusing what has already been explicitly configured: http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=9025 That is, it would appear that SASL does not take '--with-plugindir=/wherever' to mean "Find plugins here and ONLY here." Instead, it seems to mean, "APPEND (not even PREPEND!) /wherever to my compile-time generated list of places to try to find plugins." Is there a sasl_* option for imapd.conf to specify where (and ONLY where) to look for SASL plugins? As you can see, I've already posted to the cyrus-sasl list. From paul at vandervlis.nl Mon Dec 15 14:06:25 2008 From: paul at vandervlis.nl (Paul van der Vlis) Date: Mon, 15 Dec 2008 20:06:25 +0100 Subject: Rights question In-Reply-To: References: <4946861D.4030600@vandervlis.nl> Message-ID: <4946AAB1.6050609@vandervlis.nl> Joseph Brennan schreef: > > --On Monday, December 15, 2008 17:30 +0100 Paul van der Vlis > wrote: > >> Hello, >> >> I gave "anyone" the right to list and post to the mailbox user.jan.Sent. >> But when I give that as the folder for sent-messages in Thunderbird, I >> get an error "refused". What do I wrong? >> >> localhost> lam user.jan.Sent >> jan lrswipcda >> anyone lp >> >> I don't want that anyone can read all the messages, only post messages. > I assume you are not the user 'jan'. No, the sysadmin. > Sent messages are not mailed, but written with imap, so you need the > 'i' right to save sent mail there. OK thanks, it works. With regards, Paul van der Vlis. -- http://www.vandervlis.nl/ From morgan at orst.edu Mon Dec 15 15:47:17 2008 From: morgan at orst.edu (Andrew Morgan) Date: Mon, 15 Dec 2008 12:47:17 -0800 (PST) Subject: Problems with Sieve in Debian Etch In-Reply-To: <3388AB3E-6ADB-4369-A878-61FBA22CC48C@me.com> References: <3388AB3E-6ADB-4369-A878-61FBA22CC48C@me.com> Message-ID: On Sat, 13 Dec 2008, Alessandro Oliveira wrote: > Hi, > > I've been using cyrus-imap for the last 6 years in a Fedora Core 3 Box, since > cyrus compile gives me headache I used Simon Matter's package. > > But some time ago we had to replace our serves with Debian Etch, a wonderful > experience, apt-get is by far the most reliable update software, but the > problem lies with the cyrus-2.2 default package. All the Imap and everyting > else is working perfect except sieve. > > When I try to create a script using sieveshell -u username -a username > localhost, them use put vacation-username.sieve and after that activate > vacation-username.sieve, it feels to be correct, but when trying to deliver > any message I get: > > WARNING: sieve script /var/lib/cyrus/sieve/u/username/defaultbc doesn't > exist: No such file or directory > > and checking the sieve dir on /var/lib/cyrus/sieve the directory above > actually doesn't exist, but it created a global/defaultbc > > do you happen to know if this is a bug or maybe a misconfiguration ? Are you authenticating with sieveshell as a cyrus admin user? I can't remember the details of how it works, but it is possible to create "global" sieve scripts, which is probably done as the cyrus admin user. You really shouldn't be giving admin rights to a regular IMAP user account. Use a separate account as cyrus admin. Andy From michael at rach.org Tue Dec 16 12:17:57 2008 From: michael at rach.org (Michael M. Rach) Date: Tue, 16 Dec 2008 12:17:57 -0500 Subject: Problems with Sieve in Debian Etch In-Reply-To: <3388AB3E-6ADB-4369-A878-61FBA22CC48C@me.com> References: <3388AB3E-6ADB-4369-A878-61FBA22CC48C@me.com> Message-ID: <4947E2C5.6080508@rach.org> An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081216/e73ca7fb/attachment.html From hdembkowski at alcatel-lucent.com Tue Dec 16 12:19:49 2008 From: hdembkowski at alcatel-lucent.com (DEMBKOWSKI, Henryk (Henryk)) Date: Tue, 16 Dec 2008 18:19:49 +0100 Subject: Problem with sync_client Message-ID: <9E30FE5A3FF4DA4AB0EC1F135A6F763B328378E77B@FRMRSSXCHMBSB2.dc-m.alcatel-lucent.com> Hi, I am trying to get working replication between two message servers, both with new Cyrus 2.3.13. >From logs it seems that sync_client "hangs up". I have the following functions flows for sync_client: - main() calls replica_connect() to open connection to server - replica_connect() calls backend_connect() - backend_connect() calls ask_capability() since "banner is capability response" from protocol definition for "csync" static struct protocol_t csync_protocol = { "csync", "csync", { 1, "* OK" }, <========================== { NULL, NULL, "* OK", NULL, { { "* SASL ", CAPA_AUTH }, { "* STARTTLS", CAPA_STARTTLS }, { NULL, 0 } } }, { "STARTTLS", "OK", "NO", 0 }, { "AUTHENTICATE", INT_MAX, 0, "OK", "NO", "+ ", "*", NULL, 0 }, { "NOOP", NULL, "OK" }, { "EXIT", NULL, "OK" } }; Below code from backend_connect() - ask_capability() is called with automatic==AUTO_BANNER if (prot->banner.is_capa) { /* try to get the capabilities from the banner */ mechlist = ask_capability(ret->out, ret->in, prot, &ret->capability, AUTO_BANNER); if (mechlist || ret->capability) { /* found capabilities in banner -> don't ask */ ask = 0; } } - sync_server returns the following banner "OK ms04 Cyrus sync server v2.3.13" - ask_capability() tries to find capabilities (from protocol definition for "csync") in banner. So it tries to find "* SASL " or "* STARTTLS" in "* OK ms04 Cyrus sync server v2.3.13" And it fails. - therefore function backend_connect() calls once again ask_capability() - this time with automatic==AUTO_NO if (ask) { /* get the capabilities */ mechlist = ask_capability(ret->out, ret->in, prot, &ret->capability, AUTO_NO); } - however this time it seems that function ask_capability() "hangs up". It never ends. It tries to read stream but probably sync_server doesn't send anything. do { if (prot_fgets(str, sizeof(str), pin) == NULL) break; <================================ /* look for capabilities in the string */ for (c = prot->capa_cmd.capa; c->str; c++) { if ((tmp = strstr(str, c->str)) != NULL) { *capa = *capa | c->flag; if (c->flag == CAPA_AUTH) { if (prot->capa_cmd.parse_mechlist) ret = prot->capa_cmd.parse_mechlist(str, prot); else ret = xstrdup(tmp+strlen(c->str)); } } } if (!resp) { /* multiline response with no distinct end (IMAP banner) */ prot_NONBLOCK(pin); } /* look for the end of the capabilities */ } while (!resp || strncasecmp(str, resp, strlen(resp))); Do you know what can be wrong? Kind Regards, Henryk From sam.smith at ece.gatech.edu Tue Dec 16 13:58:04 2008 From: sam.smith at ece.gatech.edu (Sam Smith) Date: Tue, 16 Dec 2008 13:58:04 -0500 Subject: upgrading from 2.3.7 to 2.3.13 - reconstruct -r needed? Message-ID: <4947FA3C.9020709@ece.gatech.edu> When I upgrade from 2.3.7 to 2.3.13, on a 64 bit machine, do I need to do a reconstruct -r on the entire user tree? I'm looking at the ugrading doc, and it says "Due to byte alignment issues in cyrus.index, all mailboxes will have to be reconstructed." when upgrading from 2.3.3 or later on 64 bit machines. Will the user's email be accessible while that reconstruct is running? If not, that's going to be a significant downtime... Thanks for any help, Sam Smith From derwynd at gmail.com Wed Dec 17 06:27:00 2008 From: derwynd at gmail.com (Derwyn Dpenha) Date: Wed, 17 Dec 2008 16:57:00 +0530 Subject: Cyrus Replication Message-ID: <6f84ee5a0812170327w2f41fb10l755c33d309d7e792@mail.gmail.com> Hi, Was trying a combination of rsync and replication between the master and slave ie. master slave replication combined with if the slave recieves mail with rsync with the master every 5 min. This I know is flawed for simple reason is that on a high load system this will always be out of sync. Just wanted to know if there was any better way to get a multi way replication done. Derwyn From cyrus-ml at seichter.de Wed Dec 17 10:46:57 2008 From: cyrus-ml at seichter.de (Ralph Seichter) Date: Wed, 17 Dec 2008 16:46:57 +0100 (CET) Subject: Cyrus Replication In-Reply-To: <6f84ee5a0812170327w2f41fb10l755c33d309d7e792@mail.gmail.com> References: <6f84ee5a0812170327w2f41fb10l755c33d309d7e792@mail.gmail.com> Message-ID: <700d40ebb6e437c6e3f035b8f788586f.squirrel@secure.horus-it.de> > Just wanted to know if there was any better way to get a multi way > replication done. Have you tried asking your favourite search engine about "imap sync" yet? ;-) -R From ram at netcore.co.in Thu Dec 18 09:19:23 2008 From: ram at netcore.co.in (ram) Date: Thu, 18 Dec 2008 19:49:23 +0530 Subject: Cyrus SASL Hack: Always pass authentication for one host Message-ID: <1229609963.3599.59.camel@darkstar.netcore.co.in> I am trying to write a hack into pam and always pass authentication for a particular host So I modified pam_mysql.c , but the issue is for cyrus I am always getting rhost as null This is what I put in pam_mysql.c .... PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, const char **argv) { .... pam_get_item(pamh, PAM_RHOST,(PAM_GET_ITEM_CONST void **)&rhost); syslog(LOG_INFO,"RHOST = %s", rhost); .... I always get rhost as null. Is there a way I can get rhost set Thanks Ram From ewald.lists at fun.de Thu Dec 18 09:45:23 2008 From: ewald.lists at fun.de (Ewald Dieterich) Date: Thu, 18 Dec 2008 15:45:23 +0100 Subject: Quota inconsistency when copying > 2GB of mails Message-ID: <494A6203.4020307@fun.de> Hi, in Cyrus 2.3.13, when you do an IMAP COPY of mails with a total size of more then 2GB, the quota gets inconsistent because some variables overflow (at least on systems where sizeof(int) == 4). The attached patch changes some data types so that IMAP COPY works again, but I'm not sure if this is a proper fix. I think there is a similar problem in MULTIAPPEND (the total size in cmd_append() is declared as unsigned) but I didn't test it. I filed bug 3127 in bugzilla. Ewald -------------- next part -------------- A non-text attachment was scrubbed... Name: cyrus-copy-many-2.3.13.patch Type: text/x-patch Size: 2899 bytes Desc: not available Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081218/13acabae/attachment.bin From dwhite at olp.net Thu Dec 18 12:34:53 2008 From: dwhite at olp.net (Dan White) Date: Thu, 18 Dec 2008 11:34:53 -0600 Subject: Cyrus SASL Hack: Always pass authentication for one host In-Reply-To: <1229609963.3599.59.camel@darkstar.netcore.co.in> References: <1229609963.3599.59.camel@darkstar.netcore.co.in> Message-ID: <494A89BD.5010505@olp.net> ram wrote: > I am trying to write a hack into pam and always pass authentication for > a particular host > > So I modified pam_mysql.c , but the issue is for cyrus I am always > getting rhost as null > > This is what I put in pam_mysql.c > > .... > PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, > int argc, const char **argv) { > .... > pam_get_item(pamh, PAM_RHOST,(PAM_GET_ITEM_CONST void **)&rhost); > syslog(LOG_INFO,"RHOST = %s", rhost); > .... > > I always get rhost as null. Is there a way I can get rhost set > ram, If I understand you goal, a similar question was posted in June: http://lists.andrew.cmu.edu/pipermail/info-cyrus/2008-June/029296.html - Dan From mester at freemail.hu Thu Dec 18 15:06:07 2008 From: mester at freemail.hu (Mester) Date: Thu, 18 Dec 2008 21:06:07 +0100 Subject: question about logging Message-ID: <494AAD2F.3070100@freemail.hu> Hi, I have a Debian Etch server with Cyrus IMAPD (version). Is there a way to make logging verbose? I want to be able to find in the logfiles who has logged in to the IMAP server from which IP address and what did he/she do. I have to find out who and when has deleted some e-mails from the server, but I see nothing about Cyrus in the log files. Attila Mesterhazy From ml at awinkelmann.de Thu Dec 18 15:24:36 2008 From: ml at awinkelmann.de (Andreas Winkelmann) Date: Thu, 18 Dec 2008 21:24:36 +0100 Subject: Cyrus SASL Hack: Always pass authentication for one host In-Reply-To: <1229609963.3599.59.camel@darkstar.netcore.co.in> References: <1229609963.3599.59.camel@darkstar.netcore.co.in> Message-ID: <200812182124.36747.ml@awinkelmann.de> Am Donnerstag 18 Dezember 2008 15:19:23 schrieb ram: > I am trying to write a hack into pam and always pass authentication for > a particular host > > So I modified pam_mysql.c , but the issue is for cyrus I am always > getting rhost as null > > This is what I put in pam_mysql.c > > .... > PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, > int argc, const char **argv) { > .... > pam_get_item(pamh, PAM_RHOST,(PAM_GET_ITEM_CONST void **)&rhost); > syslog(LOG_INFO,"RHOST = %s", rhost); > .... > > I always get rhost as null. Is there a way I can get rhost set I don't know exactly what rhost means here. Would guess something like Remote- Host? From the logical Point of View. PAM is invoked from saslauthd, the Library sends in behalf of the Application only 4 things to saslauthd. The Username, Realm, Servicename and the Password. Nothing else. So there is just not enough data in saslauthd to give something about the remote Host to PAM. You would have to change the protocol between the SASL-Library and saslauthd to pass something about the Remote End to saslauthd and then change the PAM- Stuff in saslauthd to set the RHOST Data. -- Andreas From morgan at orst.edu Thu Dec 18 15:32:43 2008 From: morgan at orst.edu (Andrew Morgan) Date: Thu, 18 Dec 2008 12:32:43 -0800 (PST) Subject: question about logging In-Reply-To: <494AAD2F.3070100@freemail.hu> References: <494AAD2F.3070100@freemail.hu> Message-ID: On Thu, 18 Dec 2008, Mester wrote: > Hi, > > I have a Debian Etch server with Cyrus IMAPD (version). Is there a way > to make logging verbose? I want to be able to find in the logfiles who > has logged in to the IMAP server from which IP address and what did > he/she do. > > I have to find out who and when has deleted some e-mails from the > server, but I see nothing about Cyrus in the log files. Cyrus IMAPD does not log all the IMAP commands to syslog. It will log the IP address and username to syslog. To get all the gory details about the IMAP commands, you'll need to enable IMAP telemetry logging. Go to your {configdirectory}/log/ directory (I think it is /var/spool/cyrus/config/log on Debian). Inside that directory, make a directory for the username you want to capture telemetry logs. Make sure you give cyrus permissions to write to the directory. Cyrus will create a new file for each connection by that username. The files will contain the actual IMAP commands issued. You do not need to restart Cyrus for this to take effect, but it will only happen on new connections, not existing connections. Andy From morgan at orst.edu Thu Dec 18 20:30:22 2008 From: morgan at orst.edu (Andrew Morgan) Date: Thu, 18 Dec 2008 17:30:22 -0800 (PST) Subject: status cache Message-ID: I'm getting ready to upgrade from Cyrus v2.3.11 to v2.3.13 on Saturday, and I notice there is now a statuscache option listed in the changelog. Bron, could you elaborate a bit on this option? We run a reasonably large Cyrus installation (2 backends, 3 frontends) and most of our users check their email via Horde Webmail. Would the statuscache benefit us? Also, I've been sticking to mainly skiplist for all our database backends. Would skiplist be okay to use for the statuscache? Finally, is the information in the statuscache transient? Would it be safe to remove the statuscache.db file in between Cyrus restarts without losing data? Thanks, Andy From archi.laurent at gmail.com Fri Dec 19 02:09:39 2008 From: archi.laurent at gmail.com (Laurent Archambault) Date: Fri, 19 Dec 2008 08:09:39 +0100 Subject: Cyrus +multi domains Message-ID: <692f4d2f0812182309ifd7080fx5f69abad176f08b6@mail.gmail.com> Hello, I must use Cyrus with few domains, but i have the choice with 2 structural directory, i has activate "virtdomains" and same "unixhierarchysep". what is the better solving/answer for this : This ./mail/u/user/unautre at domaine2^com/cyrus.cache ... or This : ./mail/domain/d/domaine2.com/u/unautre/cyrus.cache ... Thanks a lot. Best regards -- ----~o00o-----//{ ??`(_)??` }\\-----o00o~------ Laurent Archambault Under Linux -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081219/eeed637a/attachment.html From simon.matter at invoca.ch Fri Dec 19 02:24:41 2008 From: simon.matter at invoca.ch (Simon Matter) Date: Fri, 19 Dec 2008 08:24:41 +0100 (CET) Subject: status cache In-Reply-To: References: Message-ID: <24d4b53e90c62323cbcd7f7b9cc93671.squirrel@webmail.bi.corp.invoca.ch> > I'm getting ready to upgrade from Cyrus v2.3.11 to v2.3.13 on Saturday, > and I notice there is now a statuscache option listed in the changelog. > > Bron, could you elaborate a bit on this option? > > We run a reasonably large Cyrus installation (2 backends, 3 frontends) and > most of our users check their email via Horde Webmail. Would the > statuscache benefit us? > > Also, I've been sticking to mainly skiplist for all our database backends. > Would skiplist be okay to use for the statuscache? Hi Andy, I can't answer most of your questions but, in our Invoca cyrus-imapd RPMS the statuscache option is set to on by default and it also uses skiplist by default. I didn't get any feedback since introducing it with our customized defaults so I guess that means you shouldn't expect much trouble with your choice. Simon > > Finally, is the information in the statuscache transient? Would it be > safe to remove the statuscache.db file in between Cyrus restarts without > losing data? > > Thanks, > Andy > ---- > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > From mngibso at yahoo.com Fri Dec 19 03:36:58 2008 From: mngibso at yahoo.com (Mark Gibson) Date: Fri, 19 Dec 2008 00:36:58 -0800 (PST) Subject: Migrating mailbox from cyrus-imapd-2.2.10 to 2.3.7 Message-ID: <922099.70934.qm@web59816.mail.ac4.yahoo.com> A server of mine crashed.? I'm brought up another new server that's running cyrus-imapd 2.3.7.? I copied my backup of /var/spool/imap to the new server.? When I connect, I can see all of the mail in my Inbox, but none of the subfolders show up.? The first time I tried to connect with Thunderbird, I got a message to the effect that the folder could not be found. Any idea why this is happening and what I can do to fix the problem? Thanks, mark -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081219/5710599e/attachment.html From joar at linpro.no Fri Dec 19 06:07:19 2008 From: joar at linpro.no (Joar Jegleim) Date: Fri, 19 Dec 2008 12:07:19 +0100 Subject: howto list inactive users in cyrus: Message-ID: <494B8067.7060606@linpro.no> Hi, is there any way to easily list 'last login' for users with cyradm ? I got over 1000 accounts and want to find out if there are any inactive accounts as in "haven't logged on" for like 6 months or so' . ">cyradm info some.mailbox" gives me the info I'm looking for (basically), but I'm having trouble with howto script this command and sort it, is there any written perl script for this out there ? Or mabye there are other ways to get what I want ? regards Joar Jegleim From archi.laurent at gmail.com Fri Dec 19 07:18:25 2008 From: archi.laurent at gmail.com (Laurent Archambault) Date: Fri, 19 Dec 2008 13:18:25 +0100 Subject: Cyrus +multi domains Message-ID: <692f4d2f0812190418m4866a5e2hd2f6a8a150fa2c9@mail.gmail.com> Hello, I must use Cyrus with few domains, but i have the choice with 2 structural directory, i has activate "virtdomains". what is the better solving/answer/structur for this ("ex with domaine2.com"): This ./mail/u/user/unautre at domaine2^com/cyrus.cache ... or This : ./mail/domain/d/domaine2.com/u/unautre/cyrus.cache ... Thanks a lot. Best regards -- ----~o00o-----//{ ??`(_)??` }\\-----o00o~------ Laurent Archambault Under Linux -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081219/15948607/attachment.html From brong at fastmail.fm Fri Dec 19 07:22:05 2008 From: brong at fastmail.fm (Bron Gondwana) Date: Fri, 19 Dec 2008 23:22:05 +1100 Subject: status cache In-Reply-To: References: Message-ID: <20081219122205.GA29175@brong.net> On Thu, Dec 18, 2008 at 05:30:22PM -0800, Andrew Morgan wrote: > I'm getting ready to upgrade from Cyrus v2.3.11 to v2.3.13 on Saturday, > and I notice there is now a statuscache option listed in the changelog. > > Bron, could you elaborate a bit on this option? Sure. > We run a reasonably large Cyrus installation (2 backends, 3 frontends) and > most of our users check their email via Horde Webmail. Would the > statuscache benefit us? Probably. I'm not entirely sure what fields Horde requests. Basically, if it frequently does STATUS requests against folders, then you will see a benefit. It works by checking the modification time, inode and size of the index file. If none of these have changed, then it assumes the response to status is the same. It also checks the seen file stat if the status request covers items that need a seen file lookup. > Also, I've been sticking to mainly skiplist for all our database backends. > Would skiplist be okay to use for the statuscache? skiplist isn't ideal. We use the default of berkeley-nosync because that's the most efficient for this access pattern (frequent writes, always specific key requests rather than enumeration) > Finally, is the information in the statuscache transient? Would it be > safe to remove the statuscache.db file in between Cyrus restarts without > losing data? That's what we do. conf/cyrus/init.tt2 105: system("rm -f $DATADIR/statuscache.db"); It's part of the startup script (yes, it is written in perl, and template toolkit as well!) Bron. From awilliam at whitemice.org Fri Dec 19 09:01:57 2008 From: awilliam at whitemice.org (Adam Tauno Williams) Date: Fri, 19 Dec 2008 09:01:57 -0500 Subject: Online ChangeLog Message-ID: <1229695317.7999.3.camel@linux-nnci.site> Is the Cyrus website's ChangeLog no longer updated? From awilliam at whitemice.org Fri Dec 19 09:06:19 2008 From: awilliam at whitemice.org (Adam Tauno Williams) Date: Fri, 19 Dec 2008 09:06:19 -0500 Subject: Migrating mailbox from cyrus-imapd-2.2.10 to 2.3.7 In-Reply-To: <922099.70934.qm@web59816.mail.ac4.yahoo.com> References: <922099.70934.qm@web59816.mail.ac4.yahoo.com> Message-ID: <1229695579.7999.8.camel@linux-nnci.site> > A server of mine crashed. I'm brought up another new server that's >running cyrus-imapd 2.3.7. I copied my backup of /var/spool/imap to > the new server. Did you copy the metadata? /var/lib/imap? > When I connect, I can see all of the mail in my Inbox, but none of the > subfolders show up. The first time I tried to connect with > Thunderbird, I got a message to the effect that the folder could not > be found. > Any idea why this is happening and what I can do to fix the problem? Running a reconstruct wouldn't hurt. P.S. Please try to post without HTML as it makes replying a pain. From awilliam at whitemice.org Fri Dec 19 09:08:05 2008 From: awilliam at whitemice.org (Adam Tauno Williams) Date: Fri, 19 Dec 2008 09:08:05 -0500 Subject: migrating mapi In-Reply-To: <24602529.44.1228906204400.JavaMail.root@www> References: <24602529.44.1228906204400.JavaMail.root@www> Message-ID: <1229695685.7999.11.camel@linux-nnci.site> On Wed, 2008-12-10 at 11:50 +0100, Gabriele Bulfon wrote: > Hi, I'm on the run to install a new cyrus imap server with 50 clients. > All of them have mapi clients with their old pop account on Outlook or > Express, containing all their history emails in folders. > I was going to develop a mini tool to transfer mapi account folders > and emails onto the imap server in Java, but it seems there is few > chances to read mapi folders from Java...am I wrong? Do you really need MAPI? I didn't think Outlook Express did MAPI, only "real" Outlook does. Do you need to actually communicate with an Exchange server or just process the local mail files (PST? EML?) > In any case, I don't need this tool do be Java at all, it's just that > I write only Java for years, and I'm skilled with JavaMail. > I also searched for existing tools to do this, but found none. > Can you help? -- Consonance: an Open Source .NET OpenGroupware client. Contact:awilliam at whitemiceconsulting.com http://freshmeat.net/projects/consonance/ From awilliam at whitemice.org Fri Dec 19 09:13:34 2008 From: awilliam at whitemice.org (Adam Tauno Williams) Date: Fri, 19 Dec 2008 09:13:34 -0500 Subject: Invalid certificate @ bugzilla.andrew.cmu.edu Message-ID: <1229696014.7999.15.camel@linux-nnci.site> If I try to visit the link my browser presents a certificate error (untrusted issuer); I don't even get an opportunity to connect-anyway. Does anyone else have this issue accessing bugzilla.andrew.cmu.edu? From dave64 at andrew.cmu.edu Fri Dec 19 09:18:14 2008 From: dave64 at andrew.cmu.edu (Dave McMurtrie) Date: Fri, 19 Dec 2008 09:18:14 -0500 Subject: Online ChangeLog In-Reply-To: <1229695317.7999.3.camel@linux-nnci.site> References: <1229695317.7999.3.camel@linux-nnci.site> Message-ID: <494BAD26.1020305@andrew.cmu.edu> Adam Tauno Williams wrote: > Is the Cyrus website's ChangeLog > no longer updated? That seems to be the case. That page, along with pretty much the rest of the site has been neglected for a couple years. We're planning to overhaul the entire http://www.cyrusimap.org/ site, but it's not a high-priority project right now. Thank you, Dave -- Dave McMurtrie, SPE Email Systems Team Leader Carnegie Mellon University, Computing Services From archi.laurent at gmail.com Fri Dec 19 09:38:09 2008 From: archi.laurent at gmail.com (Laurent Archambault) Date: Fri, 19 Dec 2008 15:38:09 +0100 Subject: Cyrus-imap + multi domains ... Urgent Thanks Message-ID: <692f4d2f0812190638y601cd81ak77e4afbc82541919@mail.gmail.com> Hello, I must use Cyrus with few domains, but i have the choice with 2 structural directory, i has activate "virtdomains" and same "unixhierarchysep". what is the better solving/answer for this : This : ./mail/u/user/unautre at domaine2^com/cyrus.cache ... or this : ./mail/domain/d/domaine2.com/u/unautre/cyrus.cache ... Thanks a lot. Best regards -- ----~o00o-----//{ ??`(_)??` }\\-----o00o~------ Laurent Archambault Under Linux -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081219/b91fbbb0/attachment.html From selsky at columbia.edu Fri Dec 19 10:46:04 2008 From: selsky at columbia.edu (Matt Selsky) Date: Fri, 19 Dec 2008 10:46:04 -0500 Subject: Invalid certificate @ bugzilla.andrew.cmu.edu In-Reply-To: <1229696014.7999.15.camel@linux-nnci.site> References: <1229696014.7999.15.camel@linux-nnci.site> Message-ID: <716718DA-340E-464B-8297-6D12419E79AD@columbia.edu> On Dec 19, 2008, at 9:13 AM, Adam Tauno Williams wrote: > If I try to visit the link > my browser > presents a certificate error (untrusted issuer); I don't even get an > opportunity to connect-anyway. Does anyone else have this issue > accessing bugzilla.andrew.cmu.edu? You need to download the CMU CA certificate: https://www.cmu.edu/computing/software/all/certs/download.html -- Matt From awilliam at whitemice.org Fri Dec 19 11:52:27 2008 From: awilliam at whitemice.org (Adam Tauno Williams) Date: Fri, 19 Dec 2008 11:52:27 -0500 Subject: Invalid certificate @ bugzilla.andrew.cmu.edu In-Reply-To: <716718DA-340E-464B-8297-6D12419E79AD@columbia.edu> References: <1229696014.7999.15.camel@linux-nnci.site> <716718DA-340E-464B-8297-6D12419E79AD@columbia.edu> Message-ID: <1229705547.4908.8.camel@linux-nnci.site> On Fri, 2008-12-19 at 10:46 -0500, Matt Selsky wrote: > On Dec 19, 2008, at 9:13 AM, Adam Tauno Williams wrote: > > If I try to visit the link > > my browser > > presents a certificate error (untrusted issuer); I don't even get an > > opportunity to connect-anyway. Does anyone else have this issue > > accessing bugzilla.andrew.cmu.edu? > You need to download the CMU CA certificate: > https://www.cmu.edu/computing/software/all/certs/download.html Yep. Imported that cert as a CA and now it works perfectly. Thanks. From nic at onlight.com Fri Dec 19 12:02:00 2008 From: nic at onlight.com (Nic Bernstein) Date: Fri, 19 Dec 2008 11:02:00 -0600 Subject: howto list inactive users in cyrus: In-Reply-To: <494B8067.7060606@linpro.no> References: <494B8067.7060606@linpro.no> Message-ID: <494BD388.9000300@onlight.com> Joar Jegleim wrote: > is there any way to easily list 'last login' for users with cyradm ? > I got over 1000 accounts and want to find out if there are any inactive > accounts as in "haven't logged on" for like 6 months or so' . > > ">cyradm info some.mailbox" gives me the info I'm looking for > (basically), but I'm having trouble with howto script this command and > sort it, is there any written perl script for this out there ? > Or mabye there are other ways to get what I want ? > I am looking into this right now. I think I have a Perl script which could be easily modified to do what you want. Cheers, -nic -- Nic Bernstein nic at onlight.com Onlight llc. www.onlight.com 2266 North Prospect Avenue #610 v. 414.272.4477 Milwaukee, Wisconsin 53202-6306 f. 414.290.0335 From morgan at orst.edu Fri Dec 19 12:06:58 2008 From: morgan at orst.edu (Andrew Morgan) Date: Fri, 19 Dec 2008 09:06:58 -0800 (PST) Subject: howto list inactive users in cyrus: In-Reply-To: <494B8067.7060606@linpro.no> References: <494B8067.7060606@linpro.no> Message-ID: On Fri, 19 Dec 2008, Joar Jegleim wrote: > is there any way to easily list 'last login' for users with cyradm ? > I got over 1000 accounts and want to find out if there are any inactive > accounts as in "haven't logged on" for like 6 months or so' . > > ">cyradm info some.mailbox" gives me the info I'm looking for > (basically), but I'm having trouble with howto script this command and > sort it, is there any written perl script for this out there ? > Or mabye there are other ways to get what I want ? Are you sure the is the information you need? Here is what I see on a test server: localhost> info user.morgan {user.morgan}: condstore: false duplicatedeliver: false lastpop: lastupdate: 31-Oct-2008 14:27:57 -0700 partition: default sharedseen: false size: 5277441 The lastupdate field corresponds with the last time the account received an email, not my last login (which was yesterday). Andy From brennan at columbia.edu Fri Dec 19 12:38:07 2008 From: brennan at columbia.edu (Joseph Brennan) Date: Fri, 19 Dec 2008 12:38:07 -0500 Subject: howto list inactive users in cyrus: In-Reply-To: References: <494B8067.7060606@linpro.no> Message-ID: <9B733BFFD7A4289F99CF942A@[192.168.2.14]> >> is there any way to easily list 'last login' for users with cyradm ? >> I got over 1000 accounts and want to find out if there are any inactive >> accounts as in "haven't logged on" for like 6 months or so' . > > The lastupdate field corresponds with the last time the account received > an email, not my last login (which was yesterday). How about checking the timestamp on the user.seen files? It seems to get touched at login, even if you don't open a message. Joseph Brennan Columbia University Information Technology From wes at umich.edu Fri Dec 19 13:41:18 2008 From: wes at umich.edu (Wesley Craig) Date: Fri, 19 Dec 2008 13:41:18 -0500 Subject: howto list inactive users in cyrus: In-Reply-To: <9B733BFFD7A4289F99CF942A@[192.168.2.14]> References: <494B8067.7060606@linpro.no> <9B733BFFD7A4289F99CF942A@[192.168.2.14]> Message-ID: <05ECE370-7D29-4F7D-906D-E31B54BA62EE@umich.edu> On 19 Dec 2008, at 12:38, Joseph Brennan wrote: > How about checking the timestamp on the user.seen files? It seems to > get touched at login, even if you don't open a message. There's a "last read" timestamp in the seen DB, which is probably more accurate. :wes From wes at umich.edu Fri Dec 19 13:42:57 2008 From: wes at umich.edu (Wesley Craig) Date: Fri, 19 Dec 2008 13:42:57 -0500 Subject: Online ChangeLog In-Reply-To: <494BAD26.1020305@andrew.cmu.edu> References: <1229695317.7999.3.camel@linux-nnci.site> <494BAD26.1020305@andrew.cmu.edu> Message-ID: <21F51343-C163-4FDE-840D-58DD91CB099B@umich.edu> Is there some way that interested people can contribute to the overhaul of http://www.cyrusimap.org/ , Dave? :wes On 19 Dec 2008, at 09:18, Dave McMurtrie wrote: > Adam Tauno Williams wrote: >> Is the Cyrus website's ChangeLog >> no longer updated? > > That seems to be the case. That page, along with pretty much the rest > of the site has been neglected for a couple years. > > We're planning to overhaul the entire http://www.cyrusimap.org/ site, > but it's not a high-priority project right now. From dave64 at andrew.cmu.edu Fri Dec 19 13:59:41 2008 From: dave64 at andrew.cmu.edu (Dave McMurtrie) Date: Fri, 19 Dec 2008 13:59:41 -0500 Subject: Online ChangeLog In-Reply-To: <21F51343-C163-4FDE-840D-58DD91CB099B@umich.edu> References: <1229695317.7999.3.camel@linux-nnci.site> <494BAD26.1020305@andrew.cmu.edu> <21F51343-C163-4FDE-840D-58DD91CB099B@umich.edu> Message-ID: <494BEF1D.1050608@andrew.cmu.edu> Wesley Craig wrote: > Is there some way that interested people can contribute to the overhaul > of http://www.cyrusimap.org/ , Dave? I'm sure we could work something out. The only reason that it's not a high priority for us right now is that we don't have spare people to work on it. Ken and I started talking about doing a complete overhaul to the site about a month or two ago. The plan at the time was to get a student employee to help us out, but that plan didn't work out so we put it on hold until next fiscal year. We're very interested in attracting more contributors to the Cyrus project in any capacity, and this is an area that needs a lot of help. Maybe you, Ken and I should have a conversation about this and see what we can come up with. Thanks, Dave -- Dave McMurtrie, SPE Email Systems Team Leader Carnegie Mellon University, Computing Services From nic at onlight.com Fri Dec 19 14:04:04 2008 From: nic at onlight.com (Nic Bernstein) Date: Fri, 19 Dec 2008 13:04:04 -0600 Subject: Online ChangeLog In-Reply-To: <494BEF1D.1050608@andrew.cmu.edu> References: <1229695317.7999.3.camel@linux-nnci.site> <494BAD26.1020305@andrew.cmu.edu> <21F51343-C163-4FDE-840D-58DD91CB099B@umich.edu> <494BEF1D.1050608@andrew.cmu.edu> Message-ID: <494BF024.2080804@onlight.com> Dave McMurtrie wrote: > Wesley Craig wrote: > >> Is there some way that interested people can contribute to the overhaul >> of http://www.cyrusimap.org/ , Dave? >> > > I'm sure we could work something out. The only reason that it's not a > high priority for us right now is that we don't have spare people to > work on it. > > Ken and I started talking about doing a complete overhaul to the site > about a month or two ago. The plan at the time was to get a student > employee to help us out, but that plan didn't work out so we put it on > hold until next fiscal year. > > We're very interested in attracting more contributors to the Cyrus > project in any capacity, and this is an area that needs a lot of help. > > Maybe you, Ken and I should have a conversation about this and see what > we can come up with. > Since the Wiki infrastructure already exists, would it be possible to set up some sort of review or moderation procedure to allow people to contribute to the site via the Wiki? This could also help with cleaning up vague or missing documentation, etc. Cheers, -nic -- Nic Bernstein nic at onlight.com Onlight llc. www.onlight.com 2266 North Prospect Avenue #610 v. 414.272.4477 Milwaukee, Wisconsin 53202-6306 f. 414.290.0335 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081219/1c1af6d5/attachment.html From mester at freemail.hu Sat Dec 20 03:11:42 2008 From: mester at freemail.hu (Mester) Date: Sat, 20 Dec 2008 09:11:42 +0100 Subject: question about logging In-Reply-To: References: <494AAD2F.3070100@freemail.hu> Message-ID: <494CA8BE.7000300@freemail.hu> Thank you. The configuration directory on Debian Etch is /var/lib/cyrus and it workks fine. Attila > To get all the gory details about the IMAP commands, you'll need to > enable IMAP telemetry logging. Go to your {configdirectory}/log/ > directory (I think it is /var/spool/cyrus/config/log on Debian). Inside > that directory, make a directory for the username you want to capture > telemetry logs. Make sure you give cyrus permissions to write to the > directory. > > Cyrus will create a new file for each connection by that username. The > files will contain the actual IMAP commands issued. You do not need to > restart Cyrus for this to take effect, but it will only happen on new > connections, not existing connections. > > Andy > > From mngibso at yahoo.com Sat Dec 20 11:37:26 2008 From: mngibso at yahoo.com (Mark Gibson) Date: Sat, 20 Dec 2008 08:37:26 -0800 (PST) Subject: Migrating mailbox from cyrus-imapd-2.2.10 to 2.3.7 In-Reply-To: <1229695579.7999.8.camel@linux-nnci.site> Message-ID: <569419.7603.qm@web59813.mail.ac4.yahoo.com> Thanks, that worked. --- On Fri, 12/19/08, Adam Tauno Williams wrote: > From: Adam Tauno Williams > Subject: Re: Migrating mailbox from cyrus-imapd-2.2.10 to 2.3.7 > To: "Cyrus Mailing List" > Date: Friday, December 19, 2008, 2:06 PM > > A server of mine crashed. I'm brought up another > new server that's > >running cyrus-imapd 2.3.7. I copied my backup of > /var/spool/imap to > > the new server. > > Did you copy the metadata? /var/lib/imap? > > > When I connect, I can see all of the mail in my Inbox, > but none of the > > subfolders show up. The first time I tried to connect > with > > Thunderbird, I got a message to the effect that the > folder could not > > be found. > > Any idea why this is happening and what I can do to > fix the problem? > > Running a reconstruct wouldn't hurt. > > P.S. Please try to post without HTML as it makes replying a > pain. > > ---- > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: > http://asg.web.cmu.edu/cyrus/mailing-list.html From ethariel at gmail.com Sat Dec 20 13:18:26 2008 From: ethariel at gmail.com (Ethariel) Date: Sat, 20 Dec 2008 19:18:26 +0100 Subject: Cyrus-imap + multi domains ... Urgent Thanks In-Reply-To: <692f4d2f0812190638y601cd81ak77e4afbc82541919@mail.gmail.com> References: <692f4d2f0812190638y601cd81ak77e4afbc82541919@mail.gmail.com> Message-ID: Hi, 2008/12/19 Laurent Archambault > Hello, > > I must use Cyrus with few domains, but i have the choice with 2 structural > directory, > i has activate "virtdomains" and same "unixhierarchysep". > > what is the better solving/answer for this : > > This : ./mail/u/user/unautre at domaine2^com/cyrus.cache > ... > or this : ./mail/domain/d/domaine2.com/u/unautre/cyrus.cache > ... > I can't say it's the best, but I prefer (and use) the second one's. It's easier IMHO to manager domains then users than users by name then searching domain in the full path. BRgds, Ethariel -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081220/24907fb4/attachment.html From teresa_ii at myeburg.net Mon Dec 22 17:11:53 2008 From: teresa_ii at myeburg.net (Teresa) Date: Mon, 22 Dec 2008 23:11:53 +0100 Subject: Cyrus Deadblocking In-Reply-To: <1229348431.5152.8.camel@linux-nnci.site> References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> <1229348431.5152.8.camel@linux-nnci.site> Message-ID: <495010A9.7020908@myeburg.net> Adam Tauno Williams wrote: >> since yesterday i have strange behavier of my productive mail server, >> and i >> cannt find the reason for 2 days allready. >> > > Does "dmesg" show anything odd? Ok guys, it happend again just right now. Exactly same behavier as described befor, but after few days successfully running. I restarted a cyrus and sendmail and attached strace to the lmpd this time. After some time (squatter was still working) it goes to take 100% cpu and doenst answer. Hangs. > If you attach to a hung process with "strace -p {pid}" what does it look > like? No idea what it says, but here is my strace output from lmtpd that hangs at the end. Then i sended kill command, what you can see at the last line: http://kvitka.net/log2.strace.txt I did Updated to latest kernel 2.6.27.10 cyrus 1509 0.0 0.0 36508 1940 ? Ss 22:51 0:00 /usr/lib/cyrus/master cyrus 1557 0.0 0.0 70600 652 ? S 22:51 0:00 idled cyrus 1578 23.1 10.0 284276 208016 ? R 22:51 3:57 squatter -r user cyrus 1583 0.0 0.1 98224 4012 ? S 22:51 0:00 imapd -s cyrus 1584 0.0 0.1 98224 3996 ? S 22:51 0:00 imapd -s cyrus 1585 0.0 0.1 98224 3912 ? S 22:51 0:00 imapd -s cyrus 1586 0.0 0.1 98224 3932 ? S 22:51 0:00 imapd -s cyrus 1587 0.0 0.1 98224 4012 ? S 22:51 0:00 imapd -s cyrus 1737 0.0 0.0 74956 2048 ? S 22:51 0:00 smmapd cyrus 2061 0.3 0.1 98012 3888 ? S 23:07 0:00 pop3d -s Now i get a lot of this processes, and everything seems to work again. Let see what happends if i start sendmail... Any idea whats wrong ? -- Teresa From teresa_ii at myeburg.net Mon Dec 22 20:28:03 2008 From: teresa_ii at myeburg.net (Teresa) Date: Tue, 23 Dec 2008 02:28:03 +0100 Subject: Cyrus Deadblocking In-Reply-To: <495010A9.7020908@myeburg.net> References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> <1229348431.5152.8.camel@linux-nnci.site> <495010A9.7020908@myeburg.net> Message-ID: <49503EA3.4@myeburg.net> Teresa wrote: > Let see what happends if i start sendmail... > Steel hangs after some time running... Now sometimes it even damage the DB. I delete all except mailbox.db and it starts again... but not for long... -- Teresa From teresa_ii at myeburg.net Mon Dec 22 20:44:50 2008 From: teresa_ii at myeburg.net (Teresa) Date: Tue, 23 Dec 2008 02:44:50 +0100 Subject: Cyrus Deadblocking In-Reply-To: <495010A9.7020908@myeburg.net> References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> <1229348431.5152.8.camel@linux-nnci.site> <495010A9.7020908@myeburg.net> Message-ID: <49504292.7090705@myeburg.net> Adam Tauno Williams wrote: >> Does "dmesg" show anything odd? >> > Another thing i get sometimes connecting hanging cyrus process with strace is a lot of : select(0, NULL, NULL, NULL, {0, 25000}) = 0 (Timeout) few per second, and it never ends... -- Teresa From teresa_ii at myeburg.net Tue Dec 23 05:30:31 2008 From: teresa_ii at myeburg.net (Teresa) Date: Tue, 23 Dec 2008 11:30:31 +0100 Subject: Cyrus Deadblocking In-Reply-To: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> Message-ID: <4950BDC7.7040101@myeburg.net> Teresa wrote: > Hi all, > > since yesterday i have strange behavier of my productive mail server, and i > cannt find the reason for 2 days allready. > Ok, new report. I did: reconstruct -r -f user and now run cyrus without squatted. And it seems to work. I have no idea if its on squatter, or on few broken folders. Running stable for about 6 hours now. -- Teresa From teresa_ii at myeburg.net Wed Dec 24 08:27:15 2008 From: teresa_ii at myeburg.net (Teresa) Date: Wed, 24 Dec 2008 14:27:15 +0100 Subject: Cyrus Deadblocking In-Reply-To: <4950BDC7.7040101@myeburg.net> References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> <4950BDC7.7040101@myeburg.net> Message-ID: <5460ef65f8976449dd652b168fe7ef17@mail.compulypse.net> On Tue, 23 Dec 2008 11:30:31 +0100, Teresa wrote: > Teresa wrote: > reconstruct -r -f user > > and now run cyrus without squatted. And it seems to work. I have no idea > if its on squatter, or on few broken folders. Running stable for about 6 > hours now. Ok, latest state. After 13 hours happy running it did hanged again. I did downgraded kernel to 2.6.26.8 and it doesn't changed anything. Behavier the same as with 2.6.27.10. So i think thats because of Berkley DB and glibc-2.9 It still randomly hangs. One of cyrus processes (ipurge, smmapd, imapd or pop3) just hangs, sometimes it take few mins to happend, sometimes few hours, or it can run even whole week. What i did now is update to db-4.7.25 maybe it works more stable with glibc-2.9 i dont know. -- Teresa From list at joreybump.com Wed Dec 24 09:09:27 2008 From: list at joreybump.com (Jorey Bump) Date: Wed, 24 Dec 2008 09:09:27 -0500 Subject: No Command Prompt after Login w/Sieveshell (Cyrus IMAPd 2.3.13) Message-ID: <49524297.9000404@joreybump.com> This is the first time I've used sieveshell since upgrading to Cyrus IMAPd 2.3.13. It will prompt me for my password, but once I log in, it simply hangs without any feedback or providing a '>' command prompt. According to the log, login was successful: sieve[29093]: login: localhost[127.0.0.1] jorey DIGEST-MD5 User logged in There are no other related entries that follow, other than the disconnection message when I hit Ctrl-C to abort. I've used previous versions of sieveshell successfully, but I'm getting the same behaviour on two different installations of Cyrus IMAPd 2.3.13. I really need to get this vacation message installed today. Is there a known fix? If not, is there a way to install the script manually, bypassing sieveshell? From obata at lins.jp Wed Dec 24 09:19:34 2008 From: obata at lins.jp (OBATA Akio) Date: Wed, 24 Dec 2008 23:19:34 +0900 Subject: No Command Prompt after Login w/Sieveshell (Cyrus IMAPd 2.3.13) In-Reply-To: <49524297.9000404@joreybump.com> References: <49524297.9000404@joreybump.com> Message-ID: Hi, On Wed, 24 Dec 2008 23:09:27 +0900, Jorey Bump wrote: > This is the first time I've used sieveshell since upgrading to Cyrus > IMAPd 2.3.13. It will prompt me for my password, but once I log in, it > simply hangs without any feedback or providing a '>' command prompt. > According to the log, login was successful: > > sieve[29093]: login: localhost[127.0.0.1] jorey DIGEST-MD5 User logged in > > There are no other related entries that follow, other than the > disconnection message when I hit Ctrl-C to abort. I've used previous > versions of sieveshell successfully, but I'm getting the same behaviour > on two different installations of Cyrus IMAPd 2.3.13. > > I really need to get this vacation message installed today. Is there a > known fix? If not, is there a way to install the script manually, > bypassing sieveshell? I've put a following line in imapd.conf to away from the situation: sieve_sasl_send_unsolicited_capability: 1 -- OBATA Akio / obata at lins.jp From list at joreybump.com Wed Dec 24 09:26:09 2008 From: list at joreybump.com (Jorey Bump) Date: Wed, 24 Dec 2008 09:26:09 -0500 Subject: No Command Prompt after Login w/Sieveshell (Cyrus IMAPd 2.3.13) In-Reply-To: References: <49524297.9000404@joreybump.com> Message-ID: <49524681.4000701@joreybump.com> OBATA Akio wrote, at 12/24/2008 09:19 AM: > Hi, > > On Wed, 24 Dec 2008 23:09:27 +0900, Jorey Bump wrote: > >> This is the first time I've used sieveshell since upgrading to Cyrus >> IMAPd 2.3.13. It will prompt me for my password, but once I log in, it >> simply hangs without any feedback or providing a '>' command prompt. >> According to the log, login was successful: >> >> sieve[29093]: login: localhost[127.0.0.1] jorey DIGEST-MD5 User logged in >> >> There are no other related entries that follow, other than the >> disconnection message when I hit Ctrl-C to abort. I've used previous >> versions of sieveshell successfully, but I'm getting the same behaviour >> on two different installations of Cyrus IMAPd 2.3.13. >> >> I really need to get this vacation message installed today. Is there a >> known fix? If not, is there a way to install the script manually, >> bypassing sieveshell? > > I've put a following line in imapd.conf to away from the situation: > > sieve_sasl_send_unsolicited_capability: 1 Thank you, it worked! From adam at morrison-ind.com Wed Dec 24 09:30:54 2008 From: adam at morrison-ind.com (Adam Tauno Williams) Date: Wed, 24 Dec 2008 09:30:54 -0500 Subject: Cyrus Deadblocking In-Reply-To: <5460ef65f8976449dd652b168fe7ef17@mail.compulypse.net> References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> <4950BDC7.7040101@myeburg.net> <5460ef65f8976449dd652b168fe7ef17@mail.compulypse.net> Message-ID: <1230129054.5576.10.camel@linux-nnci.site> On Wed, 2008-12-24 at 14:27 +0100, Teresa wrote: > On Tue, 23 Dec 2008 11:30:31 +0100, Teresa wrote: > > Teresa wrote: > > reconstruct -r -f user > > and now run cyrus without squatted. And it seems to work. I have no idea > > if its on squatter, or on few broken folders. Running stable for about 6 > > hours now. > Ok, latest state. After 13 hours happy running it did hanged again. > I did downgraded kernel to 2.6.26.8 and it doesn't changed anything. > Behavier the same as with 2.6.27.10. > So i think thats because of Berkley DB and glibc-2.9 Why? If so it makes more sense to convert your databases to skiplist and see if that helps than to flop library versions. > It still randomly hangs. One of cyrus processes (ipurge, smmapd, imapd or > pop3) just hangs, sometimes it take few mins to happend, sometimes few > hours, or it can run even whole week. > What i did now is update to db-4.7.25 maybe it works more stable with > glibc-2.9 i dont know. Maddly flipping versions seems a poor diagnostic method (if it even qualifies as a diagnostic method). The best approach is to switch to a distribution where things are tested and shipped in a known-working binary (w/dependencies) built by people who actually understand what the various compiler options mean, etc... Your method of shut-gunning various library versions isn't very likely to lead you to a solution. From adam at morrison-ind.com Wed Dec 24 09:39:46 2008 From: adam at morrison-ind.com (Adam Tauno Williams) Date: Wed, 24 Dec 2008 09:39:46 -0500 Subject: Cyrus Deadblocking In-Reply-To: <49504292.7090705@myeburg.net> References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> <1229348431.5152.8.camel@linux-nnci.site> <495010A9.7020908@myeburg.net> <49504292.7090705@myeburg.net> Message-ID: <1230129586.5576.17.camel@linux-nnci.site> On Tue, 2008-12-23 at 02:44 +0100, Teresa wrote: > Adam Tauno Williams wrote: > >> Does "dmesg" show anything odd? > Another thing i get sometimes connecting hanging cyrus process with > strace is a lot of : > select(0, NULL, NULL, NULL, {0, 25000}) = 0 (Timeout) > few per second, and it never ends... This above should be pretty normal. Select polls for any I/O, times out (because there is nothing to do), and then the process re-issues the select. Many services/servers use such a method to handle async I/O. I'd guess the above is a call to: ? int select(int nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds, struct timeval *timeout); - so the last value, the {0, 25000} is the timeout timeval struct - struct timeval { __time_t tv_sec; /* Seconds. */ __suseconds_t tv_usec; /* Microseconds. */ }; - so you get one of the select(...) calls roughly every 25,000 microseconds since. From adam at morrison-ind.com Wed Dec 24 09:45:00 2008 From: adam at morrison-ind.com (Adam Tauno Williams) Date: Wed, 24 Dec 2008 09:45:00 -0500 Subject: Cyrus Deadblocking In-Reply-To: <495010A9.7020908@myeburg.net> References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> <1229348431.5152.8.camel@linux-nnci.site> <495010A9.7020908@myeburg.net> Message-ID: <1230129900.5576.20.camel@linux-nnci.site> On Mon, 2008-12-22 at 23:11 +0100, Teresa wrote: > Adam Tauno Williams wrote: > >> since yesterday i have strange behavier of my productive mail server, > >> and i > >> cannt find the reason for 2 days allready. > > Does "dmesg" show anything odd? > Ok guys, it happend again just right now. Exactly same behavier as > described befor, but after few days successfully running. > I restarted a cyrus and sendmail and attached strace to the lmpd this > time. After some time (squatter was still working) it goes to take 100% > cpu and doenst answer. Hangs. > > If you attach to a hung process with "strace -p {pid}" what does it look > > like? > No idea what it says, but here is my strace output from lmtpd that hangs > at the end. Then i sended kill command, what you can see at the last line: > http://kvitka.net/log2.strace.txt Looks like one of the last things it did was put a message into user.teresa.Junk and then notify idled that the contents of user.teresa.Junk had changed. Nothing very suspicious. From teresa_ii at myeburg.net Fri Dec 26 07:06:11 2008 From: teresa_ii at myeburg.net (Teresa) Date: Fri, 26 Dec 2008 13:06:11 +0100 Subject: Cyrus Deadblocking In-Reply-To: <1230129054.5576.10.camel@linux-nnci.site> References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> <4950BDC7.7040101@myeburg.net> <5460ef65f8976449dd652b168fe7ef17@mail.compulypse.net> <1230129054.5576.10.camel@linux-nnci.site> Message-ID: <4954C8B3.7010809@myeburg.net> Adam Tauno Williams wrote: > Why? If so it makes more sense to convert your databases to skiplist > and see if that helps than to flop library versions. > Problem looks to be localized. After switching deliver.db to skiplist format it looks to run more stable (not sure yet, have to wait some time). More about what did found i will write later after i am 100% sure problem is identified. One thing i noticed over all this days, if i completely wipe deliver.db it takes longer to make cyrus processes hang again than just only restart cyrus. > Maddly flipping versions seems a poor diagnostic method (if it even > qualifies as a diagnostic method). > In some special way, you have right. But as example cyrus-sasl crash if it is compiled against 4.3.x versions of Berkeley DB. And works great with 4.5, 4.6 and 4.7 So sometimes trying deifferent version gives some result too. > The best approach is to switch to a distribution 1) not acceptable 2) you dont believe realy self what you wrote here, didnt you ? -- Teresa From damm at yazzy.org Fri Dec 26 13:52:50 2008 From: damm at yazzy.org (Scott Likens) Date: Fri, 26 Dec 2008 10:52:50 -0800 Subject: Cyrus Deadblocking In-Reply-To: <4954C8B3.7010809@myeburg.net> References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> <4950BDC7.7040101@myeburg.net> <5460ef65f8976449dd652b168fe7ef17@mail.compulypse.net> <1230129054.5576.10.camel@linux-nnci.site> <4954C8B3.7010809@myeburg.net> Message-ID: Hi Teresa, I've been running Cyrus 2.3.13 successfully on Gentoo (amd64/x86_64) for quite some time without any issues. It's currently linked against bdb 4.6, however I use skiplist for all my databases as I found overall that is much cleaner in the long run. However, I can honestly say I have never run into your issue with cyrus starting to hang like that. However, you want to ensure that both cyrus-sasl and imapd are linked to the same version of bdb, otherwise there's issues. ... So far the point of this email is pretty pointless, but I wanted to say that switching "distributions" is not ever an acceptable question/answer. Having more detail from /var/log/messages would be very helpful as cyrus does tend to send debug information to syslog when it's crashing, so we can get more detail of why. Scott On Dec 26, 2008, at 4:06 AM, Teresa wrote: > Adam Tauno Williams wrote: >> Why? If so it makes more sense to convert your databases to skiplist >> and see if that helps than to flop library versions. >> > Problem looks to be localized. After switching deliver.db to skiplist > format it looks to run more stable (not sure yet, have to wait some > time). > More about what did found i will write later after i am 100% sure > problem is identified. > > One thing i noticed over all this days, if i completely wipe > deliver.db > it takes longer to make cyrus processes hang again than just only > restart cyrus. > >> Maddly flipping versions seems a poor diagnostic method (if it even >> qualifies as a diagnostic method). >> > In some special way, you have right. But as example cyrus-sasl crash > if > it is compiled against 4.3.x versions of Berkeley DB. > And works great with 4.5, 4.6 and 4.7 > So sometimes trying deifferent version gives some result too. > >> The best approach is to switch to a distribution > 1) not acceptable > 2) you dont believe realy self what you wrote here, didnt you ? > > -- > Teresa > ---- > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > > > !DSPAM:4954caa2131671804284693! > > From jblaine at kickflop.net Fri Dec 26 14:55:48 2008 From: jblaine at kickflop.net (Jeff Blaine) Date: Fri, 26 Dec 2008 14:55:48 -0500 Subject: imapd.conf option for setting SASL_PATH ? In-Reply-To: <4946AA82.9020308@kickflop.net> References: <4946AA82.9020308@kickflop.net> Message-ID: <495536C4.9040207@kickflop.net> I'll take that as a no? Jeff Blaine wrote: > I need to explicitly override what our Cyrus IMAPd/SASL > build is using for SASL_PATH, as it appears to be > misusing what has already been explicitly configured: > > http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=9025 > > > That is, it would appear that SASL does not take > '--with-plugindir=/wherever' to mean "Find plugins > here and ONLY here." > > Instead, it seems to mean, "APPEND (not even PREPEND!) > /wherever to my compile-time generated list of places > to try to find plugins." > > Is there a sasl_* option for imapd.conf to specify > where (and ONLY where) to look for SASL plugins? As you > can see, I've already posted to the cyrus-sasl list. > From teresa_ii at myeburg.net Sat Dec 27 06:39:59 2008 From: teresa_ii at myeburg.net (::.. Teresa_II ..::) Date: Sat, 27 Dec 2008 12:39:59 +0100 Subject: Cyrus Deadblocking In-Reply-To: References: <72d59d39a3db6226d3bd03c533240f0e@mail.compulypse.net> <4950BDC7.7040101@myeburg.net> <5460ef65f8976449dd652b168fe7ef17@mail.compulypse.net> <1230129054.5576.10.camel@linux-nnci.site> <4954C8B3.7010809@myeburg.net> Message-ID: <1230377999.31216.20.camel@xtower.fri> ? ??, 2008-12-26 ? 10:52 -0800, Scott Likens ????: > I've been running Cyrus 2.3.13 successfully on Gentoo (amd64/x86_64) > for quite some time without any issues. Like i did... I am on gentoo x86_64 ~amd64 keyword. Never had any problems with that. Mailserver isnt that big. I have ca. 60 mailboxes and trafic is near 450 incomming and 350 outgoing messages per hour. > It's currently linked against bdb 4.6, however I use skiplist for all > my databases as I found overall that is much cleaner in the long run. Yes, thats what worked for me since quite long time. I had sendmail, cyrus-sasl and spamassassin(with perl libs) compiled against this version. > However, I can honestly say I have never run into your issue with > cyrus starting to hang like that. However, you want to ensure that > both cyrus-sasl and imapd are linked to the same version of bdb, > otherwise there's issues. Try to switch deliver db from skiplist to berkeley format and wait some time until it starts hanging... > ... So far the point of this email is pretty pointless, but I wanted > to say that switching "distributions" is not ever an acceptable > question/answer. Totaly agree. > Having more detail from /var/log/messages would be very helpful as > cyrus does tend to send debug information to syslog when it's > crashing, so we can get more detail of why. Thats the problem, it just hang. You can see that pretty easy just trying sendmail -bv some at adresss never return to promt, because sendmail wait for smmapd to return from checking mailbox. Or just start imap client, it will connect, but never get mails and etc. Identifieng problem is not that easy, because syslog doesn't show any DB cuptions, or problems. Dmesg isn't reporting anything wrong and strace on cyrus processes most time just do no output, or write a lot of select(0...) timeout. - What is not bad, but normal as i heared. Even if "saying nothing" in strace isnt good, it still doesnt help to identifiy the Problem. Throw try and catch i found that removing deliver.db and restart cyrus leads to longer life until one of cyrus processes hangs again. So what i did, i completely moved cyrus mail to another server. But after few mins it did same. I reinstalled new gentoo system with older glibc-2.8 but problem was same. Only thing what helps is to add duplicate_db: skiplist to the imapd.conf It was running stable on this new machine with this settings and compiled against sys-libs/db-4.6.21_p3-r1 sys-libs/glibc-2.9_p20081201 and sys-devel/gcc-4.3.2-r1 Now i moved back to the old machine with reinstaled system: sys-devel/gcc-4.3.2-r1 sys-libs/glibc-2.8_p20080602-r1 sys-libs/db-4.7.25_p1-r1 and runs stable too with skiplist as the deliver.db As soon i switch back from skiplist i can reproduce the problem. So, i found solution, but i realy can't say whats wrong. I mean i had this configuration runned since few years allready. Realy didn't changed anything radicaly in cyrus. I am happy now with running stable again, but if i can provide some more info to identify what was wrong, i would like to help. -- Teresa From ram at netcore.co.in Mon Dec 29 01:00:04 2008 From: ram at netcore.co.in (ram) Date: Mon, 29 Dec 2008 11:30:04 +0530 Subject: Delayed Master slave action Message-ID: <1230530404.26581.57.camel@darkstar.netcore.co.in> While using cyrus replica over a WAN network , I want to delay all the replication for "n" hours Say I store all the master-slave action into logfiles. Then after a time on "n" hours run a batchjob that transfers the logfiles to the slave and "applies" them Is that possible ? Thanks Ram From dom.lalot at gmail.com Tue Dec 30 11:49:38 2008 From: dom.lalot at gmail.com (LALOT Dominique) Date: Tue, 30 Dec 2008 17:49:38 +0100 Subject: choosing a file system Message-ID: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> Hello, We are using cyrus-imap for a long time. Our architecture is a SAN from EMC and thanks to our "DELL support" we are obliged to install redhat. The only option we have is to use ext3fs on rather old kernels. We have 4000 accounts for staff and 20000 for students The system is rather fast and reliable. BUT.. Once, there was a bad shutdown corrupting ext3fs and we spent 6 hours on an fsck. Next we discovered that our backup system was going slower and slower. We just pointed out that it was due to fragmentation, and guess what, there's no online defrag tool for ext3. I'm looking for other solutions: ext4fs (does somebody use such filesystem?), xfs zfs (but we should switch to solaris or freebsd and throw away our costly SAN) use a NetApp Appliance (are you using such a device?, NFS seems to be tricky with cyrus..) Thanks for your advice Dom -- Dominique LALOT Ing?nieur Syst?mes et R?seaux http://annuaire.univmed.fr/showuser?uid=lalot -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081230/bdae12c7/attachment.html From rob at nofocus.org Tue Dec 30 11:58:37 2008 From: rob at nofocus.org (Robert Banz) Date: Tue, 30 Dec 2008 08:58:37 -0800 Subject: choosing a file system In-Reply-To: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> Message-ID: On Dec 30, 2008, at 8:49 AM, LALOT Dominique wrote: > Hello, > > We are using cyrus-imap for a long time. Our architecture is a SAN > from EMC and thanks to our "DELL support" we are obliged to install > redhat. The only option we have is to use ext3fs on rather old > kernels. We have 4000 accounts for staff and 20000 for students > The system is rather fast and reliable. BUT.. > > Once, there was a bad shutdown corrupting ext3fs and we spent 6 > hours on an fsck. > Next we discovered that our backup system was going slower and > slower. We just pointed out that it was due to fragmentation, and > guess what, there's no online defrag tool for ext3. > > I'm looking for other solutions: > ext4fs (does somebody use such filesystem?), xfs > zfs (but we should switch to solaris or freebsd and throw away our > costly SAN) > use a NetApp Appliance (are you using such a device?, NFS seems to > be tricky with cyrus..) Run Solaris, but keep a machine on the SAN with that old version of RedHat that you can use to replicate any problems you have? ;) -rob From Pascal.Gienger at uni-konstanz.de Tue Dec 30 12:06:47 2008 From: Pascal.Gienger at uni-konstanz.de (Pascal Gienger) Date: Tue, 30 Dec 2008 18:06:47 +0100 Subject: choosing a file system In-Reply-To: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> Message-ID: <38EF7948B5B0BD7BE082E09F@amour.local> LALOT Dominique wrote: > zfs (but we should switch to solaris or freebsd and throw away our costly > SAN) Why that? SAN volumes are running very fine with Solaris 10 hosts (SPARC and x86). You have extended multipathing (symmetric and asymmetric) onboard. Solaris accepts nearly all Q-Logic FC cards (according to my experience). Pascal From rob at nofocus.org Tue Dec 30 12:13:43 2008 From: rob at nofocus.org (Robert Banz) Date: Tue, 30 Dec 2008 09:13:43 -0800 Subject: choosing a file system In-Reply-To: <38EF7948B5B0BD7BE082E09F@amour.local> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> <38EF7948B5B0BD7BE082E09F@amour.local> Message-ID: On Dec 30, 2008, at 9:06 AM, Pascal Gienger wrote: > LALOT Dominique wrote: > >> zfs (but we should switch to solaris or freebsd and throw away our >> costly >> SAN) > > Why that? SAN volumes are running very fine with Solaris 10 hosts > (SPARC > and x86). You have extended multipathing (symmetric and asymmetric) > onboard. > Solaris accepts nearly all Q-Logic FC cards (according to my > experience). At my last job, we had explored a Dell/EMC SAN at one point. Those folks don't seem to understand the idea that Fibre Channel is a well established standard -- they only expect you to connect their supported stack of hardware and software, otherwise they don't wanna talk. -rob From jmadden at ivytech.edu Tue Dec 30 12:19:58 2008 From: jmadden at ivytech.edu (John Madden) Date: Tue, 30 Dec 2008 12:19:58 -0500 Subject: choosing a file system In-Reply-To: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> Message-ID: <200812301219.58227.jmadden@ivytech.edu> > Once, there was a bad shutdown corrupting ext3fs and we spent 6 hours on an > fsck. > Next we discovered that our backup system was going slower and slower. We > just pointed out that it was due to fragmentation, and guess what, there's > no online defrag tool for ext3. Sure it isn't due to the number of files on those filesystems? File-level backups will slow down linearly as the filesystems grow, of course. I "solve" this by adding more spools (up to 8 at the moment with about 350k mailboxes) so they can be backed up in parallel. All on ext3. John -- John Madden Sr. UNIX Systems Engineer Ivy Tech Community College of Indiana jmadden at ivytech.edu From vbfox at ucdavis.edu Tue Dec 30 12:22:18 2008 From: vbfox at ucdavis.edu (Vincent Fox) Date: Tue, 30 Dec 2008 09:22:18 -0800 Subject: choosing a file system In-Reply-To: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> Message-ID: <495A58CA.1070702@ucdavis.edu> We run Solaris 10 on our Cyrus mail-store backends. The mail is stored in a ZFS pool. The ZFS pool are composed of 4 SAN volumes in RAID-10. The active and failover server of each backend pair have "fiber multipath" enabled so their dual connections to the SAN switch ensure that if an HBA or SAN switch fails there is no downtime. Once a month we run a scrub while the systems are online. Never having to run fsck EVER AGAIN is a good thing. The scrub is run during a weekend and not during a backup window to be paranoid since it does keep the disks busy for some hours but it never impacts performance. Using ZFS also allows us easy & CHEAP snapshots. We keep 14 days worth of snapshots in the pool and that handles 99% of restore requests. We run backups to tape once a week from the most recent snapshot also. LALOT Dominique wrote: > Hello, > > We are using cyrus-imap for a long time. Our architecture is a SAN > from EMC and thanks to our "DELL support" we are obliged to install > redhat. The only option we have is to use ext3fs on rather old > kernels. We have 4000 accounts for staff and 20000 for students > The system is rather fast and reliable. BUT.. > > Once, there was a bad shutdown corrupting ext3fs and we spent 6 hours > on an fsck. > Next we discovered that our backup system was going slower and slower. > We just pointed out that it was due to fragmentation, and guess what, > there's no online defrag tool for ext3. > > I'm looking for other solutions: > ext4fs (does somebody use such filesystem?), xfs > zfs (but we should switch to solaris or freebsd and throw away our > costly SAN) > use a NetApp Appliance (are you using such a device?, NFS seems to be > tricky with cyrus..) > > Thanks for your advice > > Dom > > -- > Dominique LALOT > Ing?nieur Syst?mes et R?seaux > http://annuaire.univmed.fr/showuser?uid=lalot > ------------------------------------------------------------------------ > > ---- > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html From Pascal.Gienger at uni-konstanz.de Tue Dec 30 12:37:32 2008 From: Pascal.Gienger at uni-konstanz.de (Pascal Gienger) Date: Tue, 30 Dec 2008 18:37:32 +0100 Subject: choosing a file system In-Reply-To: References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> <38EF7948B5B0BD7BE082E09F@amour.local> Message-ID: <4CB3843319AD91B0497C4B85@amour.local> Robert Banz wrote: > At my last job, we had explored a Dell/EMC SAN at one point. Those > folks don't seem to understand the idea that Fibre Channel is a well > established standard -- they only expect you to connect their > supported stack of hardware and software, otherwise they don't wanna > talk. Regarding to support as described by the support contract you are right - but I had many EMC big iron SAN devices running without a problem with Solaris 10. You have to adapt scsi_vhci.conf if you want symmetric multipathing as Sun does not recognize many of the FC devices which can handle symmetric links out there. ZFS with SAN devices is perfectly OK. We have 33 million files on our (single!) ZFS mail pool, running gzip compression (Solaris 10 Patch 137137-09 resp. 137138-09). Our Tivoli Storage Manager backup (tsm) runs every night for three hours approximately. Within this 3 hours it does scan all files. We do a zfs snapshot every day and we are holding 14 days snapshots to restore mailboxes. We are not conservatice enough to run scrub regularly, the last time I did was last week, without any error. A happy and successful 2009 for all of you! Pascal -- Pascal Gienger pascal at southbrain.com http://southbrain.com/ From jvoorhees1 at gmail.com Tue Dec 30 12:56:02 2008 From: jvoorhees1 at gmail.com (Jason Voorhees) Date: Tue, 30 Dec 2008 12:56:02 -0500 Subject: Basic question Message-ID: <495A60B2.7070701@gmail.com> Hi there: I'm planning to use Cyrus IMAP and OpenLDAP to authenticate users. Long time ago I used to configure Cyrus IMAP + Cyrus SASL using saslauthd with pam module. It was something simple. Then I used to configure Cyrus IMAP + Cyrus SASL using saslauthd with ldap module and /etc/saslauthd.conf without problems. That's fine. Now I would like to use Cyrus IMAP with OpenLDAP too, but I found that there are at least 2 ways: 1. Use Cyrus SASL with auxprop to authenticate users trough LDAP using auxprop_plugin: ldapdb, sasl_ldap_servers among other sasl_* directives. Right? 2. The other way is to use ldap_* directives like ldap_uri, ldap_filter among others. But I believe that I would need to use 'pts' module in auth_mech directive, right? The question is: What are pts, unix, krb and krb5 modules used for? What's the difference between them? Should I use pts module to make Cyrus talk directly to OpenLDAP...? Or should I use Cyrus SASL with auxprop plugin to make the authentication to OpenLDAP? Is there a place where I can get some clear information about these items? Man pages are not too clear :S Thanks people :) From dom.lalot at gmail.com Tue Dec 30 13:23:01 2008 From: dom.lalot at gmail.com (LALOT Dominique) Date: Tue, 30 Dec 2008 19:23:01 +0100 Subject: choosing a file system In-Reply-To: <200812301219.58227.jmadden@ivytech.edu> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> <200812301219.58227.jmadden@ivytech.edu> Message-ID: <1617f8010812301023t38095d49lde5b2e444d41e69b@mail.gmail.com> John, No, that was due to framentation. A fresh copy (one night to copy, then 2 hours to backup, 6 times faster then) solved that problem. There's a filefrag utility, and for some mailboxes, it was over 60%. I have 3 500Mo spools at the moment. And one is left for the copy.. You copy first your data, then you destroy randomly small files and you fill the holes randomly.. Ext4 is said to do delayed allocation, in order to have a decent idea of the file size when writing to disk Dom 2008/12/30 John Madden > > Once, there was a bad shutdown corrupting ext3fs and we spent 6 hours on > an > > fsck. > > Next we discovered that our backup system was going slower and slower. We > > just pointed out that it was due to fragmentation, and guess what, > there's > > no online defrag tool for ext3. > > Sure it isn't due to the number of files on those filesystems? File-level > backups will slow down linearly as the filesystems grow, of course. > I "solve" this by adding more spools (up to 8 at the moment with about 350k > mailboxes) so they can be backed up in parallel. All on ext3. > > John > > > > > -- > John Madden > Sr. UNIX Systems Engineer > Ivy Tech Community College of Indiana > jmadden at ivytech.edu > ---- > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > -- Dominique LALOT Ing?nieur Syst?mes et R?seaux http://annuaire.univmed.fr/showuser?uid=lalot -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081230/4b0d90ed/attachment.html From morgan at orst.edu Tue Dec 30 13:44:56 2008 From: morgan at orst.edu (Andrew Morgan) Date: Tue, 30 Dec 2008 10:44:56 -0800 (PST) Subject: choosing a file system In-Reply-To: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> Message-ID: On Tue, 30 Dec 2008, LALOT Dominique wrote: > Hello, > > We are using cyrus-imap for a long time. Our architecture is a SAN from EMC > and thanks to our "DELL support" we are obliged to install redhat. The only > option we have is to use ext3fs on rather old kernels. We have 4000 accounts > for staff and 20000 for students > The system is rather fast and reliable. BUT.. We also have a Dell/EMC SAN (currently a CX500 but upgrading to a CX4-240 soon). I'd like to dispel any rumors about SAN support though. Dell will support pretty much any combination of software and hardware that has been validated by EMC. This include RedHat, Suse, and Solaris that I'm aware of, plus more I'm sure. Now, if you want to get support for the operating system itself from Dell, then you are probably limited to RedHat. I know a lot of folks like to get their entire environment supported from a single vendor, but that can really limit your choices too. We run Solaris 10 and Debian Linux with our CX500. Dell helped us setup the Emulex HBA in the Solaris 10 boxes and connected it to the SAN. During the initial setup of the SAN, I installed Suse Enterprise on one of our servers so I could see what they did to install the Qlogic HBA and setup the SAN connection. After they left, I blew it away and installed Debian Linux. It's not "supported" by Dell/EMC, but this is all standardized hardware and software. It works great with the kernel-included Qlogic drivers and even with standard linux multipathing. > Once, there was a bad shutdown corrupting ext3fs and we spent 6 hours on an > fsck. > Next we discovered that our backup system was going slower and slower. We > just pointed out that it was due to fragmentation, and guess what, there's > no online defrag tool for ext3. How did you determine that it was due to fragmentation? We use ext3 here as well, so I'm curious. > I'm looking for other solutions: > ext4fs (does somebody use such filesystem?), xfs > zfs (but we should switch to solaris or freebsd and throw away our costly > SAN) No need to throw away your SAN if you switch to another OS, see above. :) Andy From nock at email.arizona.edu Tue Dec 30 16:43:14 2008 From: nock at email.arizona.edu (Shawn Nock) Date: Tue, 30 Dec 2008 14:43:14 -0700 Subject: choosing a file system In-Reply-To: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> Message-ID: <495A95F2.1010003@email.arizona.edu> LALOT Dominique wrote: > Hello, > > We are using cyrus-imap for a long time. Our architecture is a SAN from EMC > and thanks to our "DELL support" we are obliged to install redhat. The only > option we have is to use ext3fs on rather old kernels. We have 4000 accounts > for staff and 20000 for students > The system is rather fast and reliable. BUT.. > We support ~8000 faculty and staff and ~45000 students. On 16x 250G reiserfs 'partitions' from and EMC CX500 arrays. Reiserfs has proven to handle the load much better than ext3 (which we tested... it was a disaster). We've been using reiserfs since RedHat Linux 7.x. We also tested an early xfs patchset... but it was prone to corruption (but that was years ago). > Once, there was a bad shutdown corrupting ext3fs and we spent 6 hours on an > fsck. > Next we discovered that our backup system was going slower and slower. We > just pointed out that it was due to fragmentation, and guess what, there's > no online defrag tool for ext3. We've only had to reiserfsck a partition once (with --rebuild-tree eek!). It took a while, but the data was intact... it beats restoring from tape. We don't defragment (as such). In an attempt to speed up overnight backups we once did a scripted rename of mailboxes to spare partitions. Since this time we have given up on filesystem based backup and simply do a block-level backup in combination with partition snapshots. Keeping the cyrus partition size low has limited many of our problems and we do a scripted rename of mailboxes to balance partition utilization when we add another partition. Bron and the fastmail guys could tell you more about reiserfs... we've used RH&SuSE/reiserfs/EMC for quite a while and we are very happy. Except those loony folks who want Exchange... Shawn -- Shawn Nock (OpenPGP: 0xFF7D08A3) Unix Systems Group; UITS University of Arizona nock at email.arizona.edu -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: OpenPGP digital signature Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081230/3de752af/attachment.bin From brong at fastmail.fm Tue Dec 30 19:51:29 2008 From: brong at fastmail.fm (Bron Gondwana) Date: Wed, 31 Dec 2008 11:51:29 +1100 Subject: choosing a file system In-Reply-To: <495A95F2.1010003@email.arizona.edu> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> <495A95F2.1010003@email.arizona.edu> Message-ID: <20081231005129.GA15299@brong.net> On Tue, Dec 30, 2008 at 02:43:14PM -0700, Shawn Nock wrote: > Bron and the fastmail guys could tell you more about reiserfs... we've > used RH&SuSE/reiserfs/EMC for quite a while and we are very happy. Yeah, sure could :) You can probably find plenty of stuff from me in the archives about our setup - the basic things are: * separate metadata on RAID1 10kRPM (or 15kRPM in the new boxes) drives. * data files on RAID5 big slow drives - data IO isn't a limiting factor * 300Gb "slots" with 15Gb associated meta drives, like this: /dev/sdb6 14016208 8080360 5935848 58% /mnt/meta6 /dev/sdb7 14016208 8064848 5951360 58% /mnt/meta7 /dev/sdb8 14016208 8498812 5517396 61% /mnt/meta8 /dev/sdd2 292959500 248086796 44872704 85% /mnt/data6 /dev/sdd3 292959500 242722420 50237080 83% /mnt/data7 /dev/sdd4 292959500 248840432 44119068 85% /mnt/data8 as you can see, that balances out pretty nicely. We also store per-user bayes databases on the associated meta drives. We balance our disk usage by moving users between stores when usage reaches 88% on any partition. We get emailed if it goes above 92% and paged if it goes above 95%. Replication. We have multiple "slots" on each server, and since they are all the same size, we have replication pairs spread pretty randomly around the hosts, so the failure of any one drive unit (SCSI attached SATA) or imap server doesn't significantly overload any one other machine. By using Cyrus replication rather than, say, DRBD, a filesystem corruption should only affect a single partition, which won't take so long to fsck. Moving users is easy - we run a sync_server on the Cyrus master, and just create a custom config directory with symlinks into the tree on the real server and a rewritten piece of mailboxes.db so we can rename them during the move if needed. It's all automatic. We also have a "CheckReplication" perl module that can be used to compare two ends to make sure everything is the same. It does full per-message flags checks, random sha1 integrity checks, etc. Does require a custom patch to expose the GUID (as DIGEST.SHA1) via IMAP. I lost an entire drive unit on the 26th. It stopped responding. 8 x 1TB drives in it. I tried rebooting everything, then switched the affected stores over to their replicas. Total downtime for those users of about 15 minutes because I tried the reboot first just in case (there's a chance that some messages were delivered and not yet replicated, so it's better not to bring up the replica uncleanly until you're sure there's no other choice) In the end I decided that it wasn't recoverable quickly enough to be viable, so chose new replica pairs for the slots that had been on that drive unit (we keep some empty space on our machines for just this eventuality) and started up another handy little script "sync_all_users" which runs sync_client -u for every user, then starts the rolling sync_client again at the end. It took about 16 hours to bring everything back to fully replicated again. Bron. From dom.lalot at gmail.com Wed Dec 31 05:47:49 2008 From: dom.lalot at gmail.com (LALOT Dominique) Date: Wed, 31 Dec 2008 11:47:49 +0100 Subject: choosing a file system In-Reply-To: <20081231005129.GA15299@brong.net> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> <495A95F2.1010003@email.arizona.edu> <20081231005129.GA15299@brong.net> Message-ID: <1617f8010812310247l4c94e47fr296efceb30951d8a@mail.gmail.com> Thanks for everybody. That was an interesting thread. Nobody seems to use a NetApp appliance, may be due to NFS architecture problems. I believe I'll look to ext4 that seemed to be available in last kernel, and also to Solaris, but we are not enough to support another OS. Dom And Happy New Year ! 2008/12/31 Bron Gondwana > On Tue, Dec 30, 2008 at 02:43:14PM -0700, Shawn Nock wrote: > > Bron and the fastmail guys could tell you more about reiserfs... we've > > used RH&SuSE/reiserfs/EMC for quite a while and we are very happy. > > Yeah, sure could :) > > You can probably find plenty of stuff from me in the archives about our > setup - the basic things are: > > * separate metadata on RAID1 10kRPM (or 15kRPM in the new boxes) drives. > * data files on RAID5 big slow drives - data IO isn't a limiting factor > * 300Gb "slots" with 15Gb associated meta drives, like this: > > /dev/sdb6 14016208 8080360 5935848 58% /mnt/meta6 > /dev/sdb7 14016208 8064848 5951360 58% /mnt/meta7 > /dev/sdb8 14016208 8498812 5517396 61% /mnt/meta8 > /dev/sdd2 292959500 248086796 44872704 85% /mnt/data6 > /dev/sdd3 292959500 242722420 50237080 83% /mnt/data7 > /dev/sdd4 292959500 248840432 44119068 85% /mnt/data8 > > as you can see, that balances out pretty nicely. We also store > per-user bayes databases on the associated meta drives. > > We balance our disk usage by moving users between stores when usage > reaches 88% on any partition. We get emailed if it goes above 92% > and paged if it goes above 95%. > > Replication. We have multiple "slots" on each server, and since > they are all the same size, we have replication pairs spread pretty > randomly around the hosts, so the failure of any one drive unit > (SCSI attached SATA) or imap server doesn't significantly overload > any one other machine. By using Cyrus replication rather than, > say, DRBD, a filesystem corruption should only affect a single > partition, which won't take so long to fsck. > > Moving users is easy - we run a sync_server on the Cyrus master, and > just create a custom config directory with symlinks into the tree on > the real server and a rewritten piece of mailboxes.db so we can > rename them during the move if needed. It's all automatic. > > We also have a "CheckReplication" perl module that can be used to > compare two ends to make sure everything is the same. It does full > per-message flags checks, random sha1 integrity checks, etc. > Does require a custom patch to expose the GUID (as DIGEST.SHA1) > via IMAP. > > I lost an entire drive unit on the 26th. It stopped responding. > 8 x 1TB drives in it. > > I tried rebooting everything, then switched the affected stores over > to their replicas. Total downtime for those users of about 15 > minutes because I tried the reboot first just in case (there's a > chance that some messages were delivered and not yet replicated, > so it's better not to bring up the replica uncleanly until you're > sure there's no other choice) > > In the end I decided that it wasn't recoverable quickly enough to > be viable, so chose new replica pairs for the slots that had been > on that drive unit (we keep some empty space on our machines for > just this eventuality) and started up another handy little script > "sync_all_users" which runs sync_client -u for every user, then > starts the rolling sync_client again at the end. It took about > 16 hours to bring everything back to fully replicated again. > > Bron. > -- Dominique LALOT Ing?nieur Syst?mes et R?seaux http://annuaire.univmed.fr/showuser?uid=lalot -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081231/9741ea07/attachment.html From awilliam at whitemice.org Wed Dec 31 07:38:21 2008 From: awilliam at whitemice.org (Adam Tauno Williams) Date: Wed, 31 Dec 2008 07:38:21 -0500 Subject: choosing a file system In-Reply-To: <1617f8010812310247l4c94e47fr296efceb30951d8a@mail.gmail.com> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> <495A95F2.1010003@email.arizona.edu> <20081231005129.GA15299@brong.net> <1617f8010812310247l4c94e47fr296efceb30951d8a@mail.gmail.com> Message-ID: <1230727101.5300.6.camel@linux-nnci.site> On Wed, 2008-12-31 at 11:47 +0100, LALOT Dominique wrote: > Thanks for everybody. That was an interesting thread. Nobody seems to > use a NetApp appliance, may be due to NFS architecture problems. Personally, I'd never use NFS for anything. Over the years I've had way to many NFS related problems on other things to ever want to try it again. > I believe I'll look to ext4 that seemed to be available in last > kernel, and also to Solaris, but we are not enough to support another > OS. We've used Cyrus on XFS for almost a years, no problems. In regards to ext3 I'd pay attention to the vintage of problem reports and performance issues; ext3 of several years ago is not the ext3 of today, many improvements have been made. "data=writeback" mode can help performance quite a bit, as well as enabling "dir_index" if it isn't already (did it ever become the default?). The periodic fsck can also be disabled via tune2fs. I only point this out since, if you already have any ext3 setup, trying the above are all painless and might buy you something. From nik at bu.edu Wed Dec 31 07:47:31 2008 From: nik at bu.edu (Nik Conwell) Date: Wed, 31 Dec 2008 07:47:31 -0500 Subject: choosing a file system In-Reply-To: <495A95F2.1010003@email.arizona.edu> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> <495A95F2.1010003@email.arizona.edu> Message-ID: <9843C43C-2CE4-4882-8C6C-FCABF4EE9809@bu.edu> On Dec 30, 2008, at 4:43 PM, Shawn Nock wrote: [...] > a scripted rename of mailboxes to balance partition utilization when > we > add another partition. Just curious - how do stop people from accessing their mailboxes during the time they are being renamed and moved to another partition? -nik Information Technology Systems Programming Boston University From damm at yazzy.org Wed Dec 31 07:58:57 2008 From: damm at yazzy.org (Scott Likens) Date: Wed, 31 Dec 2008 04:58:57 -0800 Subject: choosing a file system In-Reply-To: <1617f8010812310247l4c94e47fr296efceb30951d8a@mail.gmail.com> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> <495A95F2.1010003@email.arizona.edu> <20081231005129.GA15299@brong.net> <1617f8010812310247l4c94e47fr296efceb30951d8a@mail.gmail.com> Message-ID: <8B28597E-F7D7-4303-B45E-156A61EA626C@yazzy.org> Hi, I would not discount using reiserfs (v3) by any means. It's still by far a better choice for a filesystem with Cyrus then Ext3 or Ext4. I haven't really seen anyone do any tests with Ext4, but I imagine it should be about par for the course for Ext3. as far as the NFS... NFS isn't itself that bad, it's just that people tend to find ways to use NFS in a incorrect manner that only ends up leading to failure. Scott On Dec 31, 2008, at 2:47 AM, LALOT Dominique wrote: > Thanks for everybody. That was an interesting thread. Nobody seems > to use a NetApp appliance, may be due to NFS architecture problems. > > I believe I'll look to ext4 that seemed to be available in last > kernel, and also to Solaris, but we are not enough to support > another OS. > > Dom > > And Happy New Year ! > > 2008/12/31 Bron Gondwana > On Tue, Dec 30, 2008 at 02:43:14PM -0700, Shawn Nock wrote: > > Bron and the fastmail guys could tell you more about reiserfs... > we've > > used RH&SuSE/reiserfs/EMC for quite a while and we are very happy. > > Yeah, sure could :) > > You can probably find plenty of stuff from me in the archives about > our > setup - the basic things are: > > * separate metadata on RAID1 10kRPM (or 15kRPM in the new boxes) > drives. > * data files on RAID5 big slow drives - data IO isn't a limiting > factor > * 300Gb "slots" with 15Gb associated meta drives, like this: > > /dev/sdb6 14016208 8080360 5935848 58% /mnt/meta6 > /dev/sdb7 14016208 8064848 5951360 58% /mnt/meta7 > /dev/sdb8 14016208 8498812 5517396 61% /mnt/meta8 > /dev/sdd2 292959500 248086796 44872704 85% /mnt/data6 > /dev/sdd3 292959500 242722420 50237080 83% /mnt/data7 > /dev/sdd4 292959500 248840432 44119068 85% /mnt/data8 > > as you can see, that balances out pretty nicely. We also store > per-user bayes databases on the associated meta drives. > > We balance our disk usage by moving users between stores when usage > reaches 88% on any partition. We get emailed if it goes above 92% > and paged if it goes above 95%. > > Replication. We have multiple "slots" on each server, and since > they are all the same size, we have replication pairs spread pretty > randomly around the hosts, so the failure of any one drive unit > (SCSI attached SATA) or imap server doesn't significantly overload > any one other machine. By using Cyrus replication rather than, > say, DRBD, a filesystem corruption should only affect a single > partition, which won't take so long to fsck. > > Moving users is easy - we run a sync_server on the Cyrus master, and > just create a custom config directory with symlinks into the tree on > the real server and a rewritten piece of mailboxes.db so we can > rename them during the move if needed. It's all automatic. > > We also have a "CheckReplication" perl module that can be used to > compare two ends to make sure everything is the same. It does full > per-message flags checks, random sha1 integrity checks, etc. > Does require a custom patch to expose the GUID (as DIGEST.SHA1) > via IMAP. > > I lost an entire drive unit on the 26th. It stopped responding. > 8 x 1TB drives in it. > > I tried rebooting everything, then switched the affected stores over > to their replicas. Total downtime for those users of about 15 > minutes because I tried the reboot first just in case (there's a > chance that some messages were delivered and not yet replicated, > so it's better not to bring up the replica uncleanly until you're > sure there's no other choice) > > In the end I decided that it wasn't recoverable quickly enough to > be viable, so chose new replica pairs for the slots that had been > on that drive unit (we keep some empty space on our machines for > just this eventuality) and started up another handy little script > "sync_all_users" which runs sync_client -u for every user, then > starts the rolling sync_client again at the end. It took about > 16 hours to bring everything back to fully replicated again. > > Bron. > > > > -- > Dominique LALOT > Ing?nieur Syst?mes et R?seaux > http://annuaire.univmed.fr/showuser?uid=lalot > !DSPAM:495b4f1f47731804284693! ---- > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > > !DSPAM:495b4f1f47731804284693! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081231/b33a4447/attachment-0001.html From Hagedorn at uni-koeln.de Wed Dec 31 07:59:47 2008 From: Hagedorn at uni-koeln.de (Sebastian Hagedorn) Date: Wed, 31 Dec 2008 13:59:47 +0100 Subject: choosing a file system In-Reply-To: <9843C43C-2CE4-4882-8C6C-FCABF4EE9809@bu.edu> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> <495A95F2.1010003@email.arizona.edu> <9843C43C-2CE4-4882-8C6C-FCABF4EE9809@bu.edu> Message-ID: <7B7A05189DC06E3CB4026F84@G5.voip.local> -- Nik Conwell is rumored to have mumbled on 31. Dezember 2008 07:47:31 -0500 regarding Re: choosing a file system: > Just curious - how do stop people from accessing their mailboxes > during the time they are being renamed and moved to another partition? I just do a grep on the username in the proc directory - if there is no process for that user, I figure it's safe enough to move the mailbox. This approach has worked well so far. I experimented with accessing a mailbox while it was being moved and that seemed to be OK as well, i.e. it failed while the operation was in progress. -- Sebastian Hagedorn - RZKR-R1 (Flachbau), Zi. 18, Robert-Koch-Str. 10 Zentrum f?r angewandte Informatik - Universit?tsweiter Service RRZK Universit?t zu K?ln / Cologne University - Tel. +49-221-478-5587 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 194 bytes Desc: not available Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081231/403b03c1/attachment.bin From Eric.Luyten at vub.ac.be Wed Dec 31 08:15:18 2008 From: Eric.Luyten at vub.ac.be (Eric Luyten) Date: Wed, 31 Dec 2008 14:15:18 +0100 (CET) Subject: choosing a file system In-Reply-To: <7B7A05189DC06E3CB4026F84@G5.voip.local> from Sebastian Hagedorn at "Dec 31, 2008 01:59:47 pm" Message-ID: <20081231131518.8990C9D@mach.vub.ac.be> > -- Nik Conwell is rumored to have mumbled on 31. Dezember 2008 > 07:47:31 -0500 regarding Re: choosing a file system: > > > Just curious - how do stop people from accessing their mailboxes > > during the time they are being renamed and moved to another partition? I moved a few thousand mailboxes in a similar fashion (summer of 2007) and encountered no problems. New message deliveries were nicely "frozen" by Cyrus while the target Inbox was being renamed/moved. Question : would it, stabilitywise, make a difference if the mail data and metadata are split, allocating the metadata partitions on SAN-based LUNs and storing messages in NAS (NFS) space ? In other words : are the Cyrus-over-NFS inconveniences confined to the cyrus.* files ? Rationale : NAS space can, typically, be "grown" more easily than SAN space. This could be an advantage to older server OSes en filesystems... Eric Luyten, Brussels Free University Computing Centre (Cyrus 2.2, 58k users, 2.3 TB) From ram at netcore.co.in Wed Dec 31 08:28:36 2008 From: ram at netcore.co.in (ram) Date: Wed, 31 Dec 2008 18:58:36 +0530 Subject: cyrus-sasl pam mysql connections are not getting closed Message-ID: <1230730116.2076.26.camel@darkstar.netcore.co.in> I am using cyrus-sasl with pam mysql ( on Centos5) The mysql is on a remote server. After some time I find that there are too many connections to mysql open ( using netstat) I restart saslauthd but still these dont away How do I check what the mysql connection is being used for ? and how do I avoid these piling up Thanks Ram From janne.peltonen at helsinki.fi Wed Dec 31 08:46:16 2008 From: janne.peltonen at helsinki.fi (Janne Peltonen) Date: Wed, 31 Dec 2008 15:46:16 +0200 Subject: choosing a file system In-Reply-To: <1230727101.5300.6.camel@linux-nnci.site> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> <495A95F2.1010003@email.arizona.edu> <20081231005129.GA15299@brong.net> <1617f8010812310247l4c94e47fr296efceb30951d8a@mail.gmail.com> <1230727101.5300.6.camel@linux-nnci.site> Message-ID: <20081231134616.GA32353@helsinki.fi> On Wed, Dec 31, 2008 at 07:38:21AM -0500, Adam Tauno Williams wrote: > In regards to ext3 I'd pay attention to the vintage of problem reports > and performance issues; ext3 of several years ago is not the ext3 of > today, many improvements have been made. "data=writeback" mode can help > performance quite a bit, as well as enabling "dir_index" if it isn't > already (did it ever become the default?). The periodic fsck can also > be disabled via tune2fs. I only point this out since, if you already > have any ext3 setup, trying the above are all painless and might buy > you something. I wouldn't call data=writeback painless. I had it on in the testing phase of our current Cyrus installation, and if the filesystem had to be forcibly unmounted by any reason (yes, there are reasons), the amount of corruption in those files that happened to be active during the unmount - well, it wasn't a nice sight. And the files weren't recoverable, except from backup. I never really got the point of the data=writeback mode. Sure, it increases throughput, but so does disabling the journal completely, and seems to me the end result as concerns data integrity is exactly the same. --Janne -- Janne Peltonen PGP Key ID: 0x9CFAC88B Please consider membership of the Hospitality Club (http://www.hospitalityclub.org) From teresa_ii at myeburg.net Wed Dec 31 08:58:23 2008 From: teresa_ii at myeburg.net (::.. Teresa_II ..::) Date: Wed, 31 Dec 2008 14:58:23 +0100 Subject: choosing a file system In-Reply-To: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> Message-ID: <1230731903.4057.35.camel@xtower.fri> ? ??, 2008-12-30 ? 17:49 +0100, LALOT Dominique ????: > Once, there was a bad shutdown corrupting ext3fs and we spent 6 hours > on an fsck. Actually i do use reiserfs over 2 years on cyrus-imapd. It performs great even with realy big count of files in imap spool folders. But i dont know how it will perform on EMC. 4 years ago i tryied ext3. It was disaster. Slow as hell. Reiser4 was once used too, it did even better than reiserfs. But after 2 mounth stable running it get kernel OPS because a FS. And i did swiched back to reiserfs. -- Teresa From janne.peltonen at helsinki.fi Wed Dec 31 09:20:23 2008 From: janne.peltonen at helsinki.fi (Janne Peltonen) Date: Wed, 31 Dec 2008 16:20:23 +0200 Subject: choosing a file system In-Reply-To: <8B28597E-F7D7-4303-B45E-156A61EA626C@yazzy.org> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> <495A95F2.1010003@email.arizona.edu> <20081231005129.GA15299@brong.net> <1617f8010812310247l4c94e47fr296efceb30951d8a@mail.gmail.com> <8B28597E-F7D7-4303-B45E-156A61EA626C@yazzy.org> Message-ID: <20081231142023.GB32353@helsinki.fi> On Wed, Dec 31, 2008 at 04:58:57AM -0800, Scott Likens wrote: > I would not discount using reiserfs (v3) by any means. It's still by far a > better choice for a filesystem with Cyrus then Ext3 or Ext4. I haven't really > seen anyone do any tests with Ext4, but I imagine it should be about par for > the course for Ext3. There are /lots/ of (comparative) tests done: The most recent I could find with a quick Google is here: http://www.phoronix.com/scan.php?page=article&item=ext4_benchmarks The problem with reiserfs is... well. The developers have explicitely stated that the development of v3 has come to its end, and there was the long argument between Hans Reiser and kernel delevopers about whether v4 could be included in kernel. When Hans Reiser was charged with murder (not the crow or Cyrus variant), his company assured that the development (of v4) would continue, but the last time I tried to find out anything about the project, it appeared more or less dead. Of course, the current reiserfs (v3) is very stable, but if you run into any issues,?there really isn't a developer you can contact (or send patches to, if you figure out the bug). --Janne -- Janne Peltonen PGP Key ID: 0x9CFAC88B Please consider membership of the Hospitality Club (http://www.hospitalityclub.org) From dwhite at olp.net Wed Dec 31 10:23:32 2008 From: dwhite at olp.net (Dan White) Date: Wed, 31 Dec 2008 09:23:32 -0600 Subject: Basic question In-Reply-To: <495A60B2.7070701@gmail.com> References: <495A60B2.7070701@gmail.com> Message-ID: <495B8E74.5020903@olp.net> Jason Voorhees wrote: > Hi there: > > I'm planning to use Cyrus IMAP and OpenLDAP to authenticate users. > Long time ago I used to configure Cyrus IMAP + Cyrus SASL using > saslauthd with pam module. It was something simple. > > Then I used to configure Cyrus IMAP + Cyrus SASL using saslauthd with > ldap module and /etc/saslauthd.conf without problems. That's fine. > > > Now I would like to use Cyrus IMAP with OpenLDAP too, but I found that > there are at least 2 ways: > > 1. Use Cyrus SASL with auxprop to authenticate users trough LDAP using > auxprop_plugin: ldapdb, sasl_ldap_servers among other sasl_* directives. > Right? > > 2. The other way is to use ldap_* directives like ldap_uri, ldap_filter > among others. But I believe that I would need to use 'pts' module in > auth_mech directive, right? > > The question is: What are pts, unix, krb and krb5 modules used for? > What's the difference between them? Should I use pts module to make > Cyrus talk directly to OpenLDAP...? Or should I use Cyrus SASL with > auxprop plugin to make the authentication to OpenLDAP? > > Is there a place where I can get some clear information about these > items? Man pages are not too clear :S > > Thanks people :) > Jason, Available documentation that I'm aware of includes: /doc/options.html (within the cyrus-sasl source) which documents how to configure the ldapdb auxprop plugin /saslauthd/LDAP_SASLAUTHD (within the cyrus-sasl source) which discusses how to configure the ldap saslauthd backend /doc/overview.html (within the cyrus-imap source), in the 'Kerberos vs. Unix Authorization' section, which discusses authorization. As I understand it, the ldapdb auxprop plugin is entirely within the realm of cyrus sasl (authentication), and the auth_mech directive in imapd.conf is cyrus imapd specific, and only handles authorization. The auth_mech options (pts, unix, krb and krb5) direct how cyrus imapd authorizes users to access mailboxes/resources *after* they have been authenticated. The kerberos options direct imapd to perform some canonicalization of the authenticating user before opening their mailbox - so if a user connects as jsmith at EXAMPLE.COM, the kerberos options could canonicalize that to 'jsmith', so that the server can open the 'jsmith' mailbox instead of searching for a 'jsmith at EXAMPLE.COM' mailbox. The unix and pts options should only come in to play if you have specified a 'group:staff' style ACL for your mailboxes. It tells the imapd server how to resolve group membership to grant access to the mailbox. The 'unix' option will perform a unix getgrent call, or something like that, to determine if a user belongs to a group - using nss for instance, which in turn can use the nss-ldap or nss-mysql modules to lookup groups. However, that's pretty slow in my experience and you'd need to make sure you're properly optimizing your LDAP database. The pts route can be used to reference and LDAP server directly to resolve group membership within an LDAP database. - Dan From awilliam at whitemice.org Wed Dec 31 12:04:08 2008 From: awilliam at whitemice.org (Adam Tauno Williams) Date: Wed, 31 Dec 2008 12:04:08 -0500 Subject: choosing a file system In-Reply-To: <20081231134616.GA32353@helsinki.fi> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> <495A95F2.1010003@email.arizona.edu> <20081231005129.GA15299@brong.net> <1617f8010812310247l4c94e47fr296efceb30951d8a@mail.gmail.com> <1230727101.5300.6.camel@linux-nnci.site> <20081231134616.GA32353@helsinki.fi> Message-ID: <1230743048.6328.11.camel@linux-nnci.site> On Wed, 2008-12-31 at 15:46 +0200, Janne Peltonen wrote: > On Wed, Dec 31, 2008 at 07:38:21AM -0500, Adam Tauno Williams wrote: > > In regards to ext3 I'd pay attention to the vintage of problem reports > > and performance issues; ext3 of several years ago is not the ext3 of > > today, many improvements have been made. "data=writeback" mode can help > > performance quite a bit, as well as enabling "dir_index" if it isn't > > already (did it ever become the default?). The periodic fsck can also > > be disabled via tune2fs. I only point this out since, if you already > > have any ext3 setup, trying the above are all painless and might buy > > you something. > I wouldn't call data=writeback painless. I had it on in the testing phase > of our current Cyrus installation, and if the filesystem had to be > forcibly unmounted by any reason (yes, there are reasons), the amount of > corruption in those files that happened to be active during the unmount > - well, it wasn't a nice sight. And the files weren't recoverable, > except from backup. > I never really got the point of the data=writeback mode. Sure, it > increases throughput, but so does disabling the journal completely, and > seems to me the end result as concerns data integrity is exactly the > same. The *filesystem* is recoverable as the meta-data is journaled. *Contents* of files may be lost/corrupted. I'm fine with that since a serious abend usually leaves the state of the data in a questionable state anyway for reasons other than the filesystem; I want something I can safely (and quickly) remount and investigate/restore. It is a trade-off. From damm at yazzy.org Wed Dec 31 12:37:31 2008 From: damm at yazzy.org (Scott Likens) Date: Wed, 31 Dec 2008 09:37:31 -0800 Subject: choosing a file system In-Reply-To: <20081231142023.GB32353@helsinki.fi> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> <495A95F2.1010003@email.arizona.edu> <20081231005129.GA15299@brong.net> <1617f8010812310247l4c94e47fr296efceb30951d8a@mail.gmail.com> <8B28597E-F7D7-4303-B45E-156A61EA626C@yazzy.org> <20081231142023.GB32353@helsinki.fi> Message-ID: <1057C95F-7764-400E-9688-11A90474EED7@yazzy.org> Ah the saga of Hans Reiser. That unfortunately is the Downfall of Reiserfs. Yes, his company has disappeared, and a "void" has appeared from his lack of presence? However, the Reiserfs4 patch set is current against the linux kernel 2.6.28 (see http://www.kernel.org/pub/linux/kernel/people/edward/reiser4/reiser4-for-2.6/) However I think that (http://en.wikipedia.org/wiki/Reiser4) pretty much sums up the future of Reiserfs4. ... However I haven't really run into show stopping bugs on Reiserfs3 in quite some time (with excellent hardware). However you replace it with dodgy hardware and things change. I haven't looked at btrfs yet with Cyrus, perhaps I'll do that sometime soon. On Dec 31, 2008, at 6:20 AM, Janne Peltonen wrote: > On Wed, Dec 31, 2008 at 04:58:57AM -0800, Scott Likens wrote: >> I would not discount using reiserfs (v3) by any means. It's still >> by far a >> better choice for a filesystem with Cyrus then Ext3 or Ext4. I >> haven't really >> seen anyone do any tests with Ext4, but I imagine it should be >> about par for >> the course for Ext3. > > There are /lots/ of (comparative) tests done: The most recent I could > find with a quick Google is here: > > http://www.phoronix.com/scan.php?page=article&item=ext4_benchmarks > > The problem with reiserfs is... well. The developers have explicitely > stated that the development of v3 has come to its end, and there was > the > long argument between Hans Reiser and kernel delevopers about > whether v4 > could be included in kernel. When Hans Reiser was charged with murder > (not the crow or Cyrus variant), his company assured that the > development (of v4) would continue, but the last time I tried to find > out anything about the project, it appeared more or less dead. Of > course, the current reiserfs (v3) is very stable, but if you run into > any issues, there really isn't a developer you can contact (or send > patches to, if you figure out the bug). > > > --Janne > -- > Janne Peltonen PGP Key ID: 0x9CFAC88B > Please consider membership of the Hospitality Club (http://www.hospitalityclub.org > ) > > > !DSPAM:495b87d570801804284693! > > From david.lang at digitalinsight.com Wed Dec 31 13:20:52 2008 From: david.lang at digitalinsight.com (David Lang) Date: Wed, 31 Dec 2008 10:20:52 -0800 (PST) Subject: choosing a file system In-Reply-To: <1230727101.5300.6.camel@linux-nnci.site> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com><495A95F2.1010003@email.arizona.edu> <20081231005129.GA15299@brong.net><1617f8010812310247l4c94e47fr296efceb30951d8a@mail.gmail.com> <1230727101.5300.6.camel@linux-nnci.site> Message-ID: On Wed, 31 Dec 2008, Adam Tauno Williams wrote: > On Wed, 2008-12-31 at 11:47 +0100, LALOT Dominique wrote: >> Thanks for everybody. That was an interesting thread. Nobody seems to >> use a NetApp appliance, may be due to NFS architecture problems. > > Personally, I'd never use NFS for anything. Over the years I've had way > to many NFS related problems on other things to ever want to try it > again. NFS has some very interesting capabilities and limitations. it's really bad for multiple processes writing to the same file (the cyrus* files for example) and for atomic actions (writing the message files for example) there are ways that you can configure it that will work, but unless you already have a big NFS server you are probably much better off using a mechanism that makes the drives look more like local drives (SAN, iSCSI, etc) or try one of the cluster filesystems that has different tradeoffs than NFS does >> I believe I'll look to ext4 that seemed to be available in last >> kernel, and also to Solaris, but we are not enough to support another >> OS. > > We've used Cyrus on XFS for almost a years, no problems. > > In regards to ext3 I'd pay attention to the vintage of problem reports > and performance issues; ext3 of several years ago is not the ext3 of > today, many improvements have been made. "data=writeback" mode can help > performance quite a bit, as well as enabling "dir_index" if it isn't > already (did it ever become the default?). The periodic fsck can also > be disabled via tune2fs. I only point this out since, if you already > have any ext3 setup, trying the above are all painless and might buy > you something. it's definantly worth testing different filesystems. I last did a test about two years ago and confirmed XFS as my choice. I have one instance of cyrus still running on ext3 and I definantly see it as a user in the performance. David Lang From nock at email.arizona.edu Wed Dec 31 13:41:02 2008 From: nock at email.arizona.edu (Shawn Nock) Date: Wed, 31 Dec 2008 11:41:02 -0700 Subject: choosing a file system In-Reply-To: <9843C43C-2CE4-4882-8C6C-FCABF4EE9809@bu.edu> References: <1617f8010812300849k1c7c878bl2f17e8d4287c10be@mail.gmail.com> <495A95F2.1010003@email.arizona.edu> <9843C43C-2CE4-4882-8C6C-FCABF4EE9809@bu.edu> Message-ID: <495BBCBE.60708@email.arizona.edu> Nik Conwell wrote: > > On Dec 30, 2008, at 4:43 PM, Shawn Nock wrote: > > [...] > >> a scripted rename of mailboxes to balance partition utilization when we >> add another partition. > > Just curious - how do stop people from accessing their mailboxes during > the time they are being renamed and moved to another partition? > We don't really bother. We run the script overnight (over several nights) to minimize storage utilization and we haven't run into a problem. I haven't looked at the code in a while, but as I recall the rename operation is fairly atomic. In short: it doesn't take long to move a box. The worst thing that I could imagine would be a momentary outage for a single user (``Mailbox does not exist'' or similar). This sort of error (if it does occur in the wild) would clear almost immediately. Shawn -- Shawn Nock (OpenPGP: 0xFF7D08A3) Unix Systems Group; UITS University of Arizona nock at email.arizona.edu -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: OpenPGP digital signature Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081231/88183cf3/attachment.bin