From zhuzhixin at realss.com  Tue Nov  3 02:44:02 2009
From: zhuzhixin at realss.com (Zhu Zhixin)
Date: Tue, 03 Nov 2009 15:44:02 +0800
Subject: If it possible to manipulate imap accounts from the client side with
	certain account
Message-ID: <4AEFDF42.4090805@realss.com>

Dear all,

    I have an perl script to archive imap mailboxes from the client
side. The script uses Perl::LDAP modules from cpan.

    It is succeed to archive all my old mails to new mailboxes, such as
mail_2007 and mail_2008 and so on.

    The question now is, i don't know other peoples' password and well
even if i know the passwords, it is much more frustrated to change an
account and password for every account.

   So, i wonder if it is possible that one mail account can access all
other mail accounts just as the account owner. Then, this way, i just
need to run the script once and do archive on all account in the same
domain.

Best wishes,

Zhu Zhixin
-- 
Real SoftService

Baiyan Building Unit 406B
Beisihuan Zhong Road No.238

Mobile: 150 1030 1841

From simon.matter at invoca.ch  Tue Nov  3 03:47:58 2009
From: simon.matter at invoca.ch (Simon Matter)
Date: Tue, 3 Nov 2009 09:47:58 +0100
Subject: If it possible to manipulate imap accounts from the client 
	side with certain account
In-Reply-To: <4AEFDF42.4090805@realss.com>
References: <4AEFDF42.4090805@realss.com>
Message-ID: <22a003d1bd7ca539ef4cad586179ac40.squirrel@webmail.bi.corp.invoca.ch>

> Dear all,
>
>     I have an perl script to archive imap mailboxes from the client
> side. The script uses Perl::LDAP modules from cpan.
>
>     It is succeed to archive all my old mails to new mailboxes, such as
> mail_2007 and mail_2008 and so on.
>
>     The question now is, i don't know other peoples' password and well
> even if i know the passwords, it is much more frustrated to change an
> account and password for every account.
>
>    So, i wonder if it is possible that one mail account can access all
> other mail accounts just as the account owner. Then, this way, i just
> need to run the script once and do archive on all account in the same
> domain.

Hi,

You may want to check the "proxyservers" option in imapd.conf. Looks like
what you are looking for.

Regards,
Simon



From tplancon at bkaarchs.com  Tue Nov  3 09:44:37 2009
From: tplancon at bkaarchs.com (Tom Plancon)
Date: Tue, 03 Nov 2009 09:44:37 -0500
Subject: Repeating emails
Message-ID: <4AF041D5.9090604@bkaarchs.com>

An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091103/dec1ee1f/attachment.html 

From brennan at columbia.edu  Tue Nov  3 11:27:45 2009
From: brennan at columbia.edu (Joseph Brennan)
Date: Tue, 03 Nov 2009 11:27:45 -0500
Subject: Repeating emails
In-Reply-To: <4AF041D5.9090604@bkaarchs.com>
References: <4AF041D5.9090604@bkaarchs.com>
Message-ID: <8DB9001C6952E6C76880C43D@[192.168.2.14]>



--On Tuesday, November 3, 2009 9:44 AM -0500 Tom Plancon 
<tplancon at bkaarchs.com> wrote:

> Hello all,
>
> Not sure if this is the place to ask this, just trying to track it down.
> I'm running Cyrus 2.2.12 with Postfix 2.2.2 for only 45 users. Every once
> in a while, but much more recently, users are receiving emails sent a few
> days ago - again. The recent repeat emails were all from users on our
> network sent to all users on our network. The headers appear like
> regular, legit emails. Any thoughts as to what could be going on or where
> to begin looking.
>
> Any input is greatly appreciated. Thanks.



Find out whether the message was actually sent twice by the sender.
See system log ; diff the Received headers and Message-ID.  Most
likely it was sent twice, indicating a sender client problem.

If sent only once, find out whether the message is really repeated
on the cyrus server.  Grep the Message-ID.  If it's there only once,
it's some kind of index problem on cyrus or in the client.  You could
reconstruct.  You could have the recipient read the mailbox with a
different client and see whether the duplication still appears.


Joseph Brennan
Columbia University Information Technology



From nic at onlight.com  Tue Nov  3 11:52:34 2009
From: nic at onlight.com (Nic Bernstein)
Date: Tue, 03 Nov 2009 10:52:34 -0600
Subject: Repeating emails
In-Reply-To: <4AF041D5.9090604@bkaarchs.com>
References: <4AF041D5.9090604@bkaarchs.com>
Message-ID: <4AF05FD2.8020700@onlight.com>

On 11/03/2009 08:44 AM, Tom Plancon wrote:
> Hello all,
>
> Not sure if this is the place to ask this, just trying to track it 
> down. I'm running Cyrus 2.2.12 with Postfix 2.2.2 for only 45 users. 
> Every once in a while, but much more recently, users are receiving 
> emails sent a few days ago - again. The recent repeat emails were all 
> from users on our network sent to all users on our network. The 
> headers appear like regular, legit emails. Any thoughts as to what 
> could be going on or where to begin looking.
>
> Any input is greatly appreciated. Thanks.
We saw a situation like this some years back, which was caused by 
misconfiguration between postfix and cyrus.  The specific problem we saw 
was that when a local user sent a message to a group of local users, and 
one member of the group (mailing list, alias expansion or whatever) 
generated a 4XX (temp fail) error on delivery, then we would see the 
whole list get the message again when the cause of the temp fail was 
cleared up (such as quota getting fixed).

I don't remember the exact fix, but it involved switching from 
mailbox_transport to local_transport in postfix, and switching from 
alias_maps to virtual_alias_maps as well.  This causes the redelivery 
attempts to occur post-alias expansion rather than pre-alias expansion.

I know this is off topic for the cyrus-imapd list, but thought others 
may find it helpful.

Cheers,
    -nic

-- 
Nic Bernstein                             nic at onlight.com
Onlight llc.                              www.onlight.com
219 N. Milwaukee St., Suite 2a		  v. 414.272.4477
Milwaukee, Wisconsin  53202

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091103/2c726f54/attachment.html 

From anthony-list at tibbs.ca  Tue Nov  3 17:07:04 2009
From: anthony-list at tibbs.ca (Anthony Tibbs)
Date: Tue, 3 Nov 2009 17:07:04 -0500
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <m1N1PX1-000kn2C@most.weird.com>
References: <1256060184.2946.53.camel@skunk>
	<m1N0K6o-000kn2C@most.weird.com><alpine.DEB.2.00.0910201258110.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz><1256072052.3739.4.camel@badjo>
	<m1N181A-000kn2C@most.weird.com><alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<m1N1PX1-000kn2C@most.weird.com>
Message-ID: <F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes>


You know, I don't know if I agree with all the objections over this person's 
request.  I actually have a similar setup where Fetchmail is used to 
retrieve messages from a remote mailbox for injection into a Cyrus setup, 
primarily because of quota requirements on the far end.  Yes, modern MUA's 
offer the ability to store messages locally, but what if you have that MUA 
installed in several computers in different locations?  Moving to 'local 
folders' in that case isn't helpful.  And yes, you could setup two 
accounts - one on the main server and one to your cyrus setup - and move 
messages manually, but then why not fetchmail to the cyrus setup directly 
too?


----- Original Message ----- 
From: "Greg A. Woods" <woods-cyrus at weird.com>
To: "Cyrus User's Mailing List" <info-cyrus at lists.andrew.cmu.edu>
Sent: Friday, October 23, 2009 2:57 PM
Subject: Re: Exec'ing a script from Cyrus when imapd has a client


> At Thu, 22 Oct 2009 18:43:41 -0700 (PDT), David Lang 
> <david.lang at digitalinsight.com> wrote:
> Subject: Re: Exec'ing a script from Cyrus when imapd has a client
>>
>> there can be cases where you are providing mail services for several 
>> people, or
>> have multiple machines you use yourself where having an IMAP server is
>> worthwhile.
>
> Neither of those things make any real sense whatsoever.  They certainly
> don't define any clear requirements that make sense in this context.
>
> Every modern and useful IMAP-capable MUA can collect e-mail from any
> combination of many IMAP servers anywhere and everywhere all at once.
>
> If "fetchmail" can fetch the mail from an IMAP server, then so can any
> MUA.
>
> Just get rid of all the unnecessary complexity in the middle and just
> use the MUA for what it's designed to be used for!
>
>
>
>> now, it's unusual to use something like this without having a full MTA, 
>> but it's
>> not unheard of.
>
> It's not unusual for people to create all kinds of crazy complicated
> setups that have no real purpose, in every domain in life.
>
> I'm sure I make my own life more complicated than it needs to be in some 
> ways.
>
> However things do not _need_ to be made more complicated than necessary,
>
> Here the OP's question provides a perfect clue showing that something is
> far more complicated than it needs to be because we see that it will
> even have to get more complex (and even less robust) before it begins to
> work the way it would actually work without any of this unnecessary
> complexity in the middle in the first place.
>
> -- 
> Greg A. Woods
>
> +1 416 218-0098                VE3TCP          RoboHack 
> <woods at robohack.ca>
> Planix, Inc. <woods at planix.com>      Secrets of the Weird 
> <woods at weird.com>
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
> 


From maria at shadlen.org  Tue Nov  3 18:32:28 2009
From: maria at shadlen.org (Maria McKinley)
Date: Tue, 03 Nov 2009 15:32:28 -0800
Subject: avelsieve problem switching mail servers
Message-ID: <4AF0BD8C.3000309@shadlen.org>

Hi there,

I tried posting this on the squirrelmail plugin mailing list, but didn't
get a response, so thought maybe someone on this list might be able to
give me a hint, since I know a lot of you have sieve set up with cyrus
and squirrelmail. Feel free to tell me this is the wrong list, and I
will try elsewhere, but if someone can help, I would be very grateful.

I recently moved my mail server to a new server, and have managed to get
everything working except for sieve access through squirrelmail. I hope
this mail isn't too confusing, but wanted to lay out a few different
possibilities for what might be going on.

Initially, when I tried to go to filters after logging into
squirrelmail, squirrelmail would hang, and eventually time out with no
error messages (just a reset by peer, I think). I tried going into
imapd.conf and turning off tls for sieve to see if there was an
authentication problem:

sieve_tls_cert_file: disable

When I do this, then I get an error message when I click on filters:

Warning: stream_socket_enable_crypto()
[function.stream-socket-enable-crypto]: SSL operation failed with code
1. OpenSSL Error messages: error:1408F10B:SSL
routines:SSL3_GET_RECORD:wrong version number in
/usr/share/squirrelmail/plugins/avelsieve/include/managesieve.lib.php on
line 514
ERROR:
Could not log on to timsieved daemon on your IMAP server localhost:2000.
Error Encountered: 255
Please contact your administrator.

I looked at the managesieve.lib.php script, and I noticed that it uses
php4, but I am using php5. But, it seems kind of strange that it would
require php4, since this is the stable package for debian with default
settings, and I didn't have any dependency issues installing, so I'm not
sure this is the problem.

squirrelmail                        2:1.4.15-4+lenny2
avelsieve                           1.9.7-6+lenny1

TLS/SSL works for eveything else (imap,imaps,smtp,and apache), so I'm a
little bit suspicious for that being the problem.

Something I did notice was that in the previous installation, we seemed
to be using something called websieve, although we also had the
avelsieve plugin installed. I copied the websieve directory, but I
haven't found any documentation about how websieve is different from
avelsieve or whether you can use both, or how
squirrelmail/avelsieve/websieve interact. I think I need to get rid of
websieve, and just use avelsieve, but I'm not sure about this. Would I
run into problems if I just got rid of the websieve directory? How is
avelsieve suppose to interact with squirrelmail?

thanks for any hints,
maria



From zhuzhixin at realss.com  Tue Nov  3 20:11:38 2009
From: zhuzhixin at realss.com (Zhu Zhixin)
Date: Wed, 04 Nov 2009 09:11:38 +0800
Subject: If it possible to manipulate imap accounts from the client side
	with certain account
In-Reply-To: <22a003d1bd7ca539ef4cad586179ac40.squirrel@webmail.bi.corp.invoca.ch>
References: <4AEFDF42.4090805@realss.com>
	<22a003d1bd7ca539ef4cad586179ac40.squirrel@webmail.bi.corp.invoca.ch>
Message-ID: <4AF0D4CA.5010701@realss.com>

Simon Matter wrote:
> 
> Hi,
> 
> You may want to check the "proxyservers" option in imapd.conf. Looks like
> what you are looking for.
> 

Thanks very much. For proxyservers, i have done some test on it and
final didn't get any idea on howto use it.

It seems that no documents about proxyservers.

If you have experience on this, please help!


Thanks,
Zhu Zhixin


From simon.matter at invoca.ch  Wed Nov  4 02:26:49 2009
From: simon.matter at invoca.ch (Simon Matter)
Date: Wed, 4 Nov 2009 08:26:49 +0100
Subject: If it possible to manipulate imap accounts from the client  
	side with certain account
In-Reply-To: <4AF0D4CA.5010701@realss.com>
References: <4AEFDF42.4090805@realss.com>
	<22a003d1bd7ca539ef4cad586179ac40.squirrel@webmail.bi.corp.invoca.ch>
	<4AF0D4CA.5010701@realss.com>
Message-ID: <c27bb1dac4ee7c39d36aa998f5dccde5.squirrel@webmail.bi.corp.invoca.ch>

> Simon Matter wrote:
>>
>> Hi,
>>
>> You may want to check the "proxyservers" option in imapd.conf. Looks
>> like
>> what you are looking for.
>>
>
> Thanks very much. For proxyservers, i have done some test on it and
> final didn't get any idea on howto use it.
>
> It seems that no documents about proxyservers.
>
> If you have experience on this, please help!

I don't remember exactly how I have used it. It was to copy mailboxes from
cyrus-imapd to another system using imapsync. It was something like

- create a proxy user, in our case called "proxy". I don't remember
whether it needed a mailbox or maybe we only created it in the auth db.
- add "proxyservers: proxy" to imapd.conf

Now, with an IMAP client, you can authenticate as user "proxy" with
proxy's password but then login as the target user. That means you don't
need the target users password.

With imapsync that was done using
imapsync --authuser1 proxy --user1 buddy ...

I hope someone on the list can tell you how to do this in perl.

Regards,
Simon


From simon.matter at invoca.ch  Wed Nov  4 02:44:29 2009
From: simon.matter at invoca.ch (Simon Matter)
Date: Wed, 4 Nov 2009 08:44:29 +0100
Subject: avelsieve problem switching mail servers
In-Reply-To: <4AF0BD8C.3000309@shadlen.org>
References: <4AF0BD8C.3000309@shadlen.org>
Message-ID: <bbde98e2b718137fca509e97a2bb8961.squirrel@webmail.bi.corp.invoca.ch>

> Hi there,
>
> I tried posting this on the squirrelmail plugin mailing list, but didn't
> get a response, so thought maybe someone on this list might be able to
> give me a hint, since I know a lot of you have sieve set up with cyrus
> and squirrelmail. Feel free to tell me this is the wrong list, and I
> will try elsewhere, but if someone can help, I would be very grateful.
>
> I recently moved my mail server to a new server, and have managed to get
> everything working except for sieve access through squirrelmail. I hope
> this mail isn't too confusing, but wanted to lay out a few different
> possibilities for what might be going on.
>
> Initially, when I tried to go to filters after logging into
> squirrelmail, squirrelmail would hang, and eventually time out with no
> error messages (just a reset by peer, I think). I tried going into
> imapd.conf and turning off tls for sieve to see if there was an
> authentication problem:
>
> sieve_tls_cert_file: disable
>
> When I do this, then I get an error message when I click on filters:
>
> Warning: stream_socket_enable_crypto()
> [function.stream-socket-enable-crypto]: SSL operation failed with code
> 1. OpenSSL Error messages: error:1408F10B:SSL
> routines:SSL3_GET_RECORD:wrong version number in
> /usr/share/squirrelmail/plugins/avelsieve/include/managesieve.lib.php on
> line 514
> ERROR:
> Could not log on to timsieved daemon on your IMAP server localhost:2000.
> Error Encountered: 255
> Please contact your administrator.
>
> I looked at the managesieve.lib.php script, and I noticed that it uses
> php4, but I am using php5. But, it seems kind of strange that it would
> require php4, since this is the stable package for debian with default
> settings, and I didn't have any dependency issues installing, so I'm not
> sure this is the problem.
>
> squirrelmail                        2:1.4.15-4+lenny2
> avelsieve                           1.9.7-6+lenny1
>
> TLS/SSL works for eveything else (imap,imaps,smtp,and apache), so I'm a
> little bit suspicious for that being the problem.
>
> Something I did notice was that in the previous installation, we seemed
> to be using something called websieve, although we also had the
> avelsieve plugin installed. I copied the websieve directory, but I
> haven't found any documentation about how websieve is different from
> avelsieve or whether you can use both, or how
> squirrelmail/avelsieve/websieve interact. I think I need to get rid of
> websieve, and just use avelsieve, but I'm not sure about this. Would I
> run into problems if I just got rid of the websieve directory? How is
> avelsieve suppose to interact with squirrelmail?

Hi,

>From you previous mail I got the impression that you have used avelsieve
in the past. Now, did you use avelsieve or websieve (or both). At least I
think using both at the same time doesn't make much sense. Avelsieve uses
comments in your sieve scripts to store it's "metadata" and other tools
won't understand them.

On one host running RHEL4 (which means PHP 4) I'm running avelsieve-1.9.8
and in it's config file I see this:

/**
 * @var boolean Disable STARTTLS for ManageSieve. You can set this to true,
 * if you do not wish to use encryption via TLS mechanisms (i.e. the server
 * is not configured properly, or this is a local connection and TLS is not
 * needed.
 * Note that STARTTLS is supported only in PHP5+. In PHP4 this option will
 * have no effect and STARTTLS will be disabled anyway.
 */
global $avelsieve_disabletls;
$avelsieve_disabletls = false;

I was using avelsieve 1.9.7 before and a patch was needed to get the same
behaviour. The patch is attached, don't remember where I got it, I think
from avelsieve CVS.

That said, I have used it to run sieve on the local host with STARTTLS. If
you want to use STARTTLS then I don't know how to make it work.

Regards,
Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: avelsieve-1.9.7-php5_disabletls.patch.gz
Type: application/x-gzip
Size: 1559 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091104/a4345d0b/attachment.bin 

From maria at shadlen.org  Wed Nov  4 03:26:46 2009
From: maria at shadlen.org (Maria McKinley)
Date: Wed, 04 Nov 2009 00:26:46 -0800
Subject: avelsieve problem switching mail servers
In-Reply-To: <bbde98e2b718137fca509e97a2bb8961.squirrel@webmail.bi.corp.invoca.ch>
References: <4AF0BD8C.3000309@shadlen.org>
	<bbde98e2b718137fca509e97a2bb8961.squirrel@webmail.bi.corp.invoca.ch>
Message-ID: <4AF13AC6.1010500@shadlen.org>

Simon Matter wrote:
>> Hi there,
>>
>> I tried posting this on the squirrelmail plugin mailing list, but didn't
>> get a response, so thought maybe someone on this list might be able to
>> give me a hint, since I know a lot of you have sieve set up with cyrus
>> and squirrelmail. Feel free to tell me this is the wrong list, and I
>> will try elsewhere, but if someone can help, I would be very grateful.
>>
>> I recently moved my mail server to a new server, and have managed to get
>> everything working except for sieve access through squirrelmail. I hope
>> this mail isn't too confusing, but wanted to lay out a few different
>> possibilities for what might be going on.
>>
>> Initially, when I tried to go to filters after logging into
>> squirrelmail, squirrelmail would hang, and eventually time out with no
>> error messages (just a reset by peer, I think). I tried going into
>> imapd.conf and turning off tls for sieve to see if there was an
>> authentication problem:
>>
>> sieve_tls_cert_file: disable
>>
>> When I do this, then I get an error message when I click on filters:
>>
>> Warning: stream_socket_enable_crypto()
>> [function.stream-socket-enable-crypto]: SSL operation failed with code
>> 1. OpenSSL Error messages: error:1408F10B:SSL
>> routines:SSL3_GET_RECORD:wrong version number in
>> /usr/share/squirrelmail/plugins/avelsieve/include/managesieve.lib.php on
>> line 514
>> ERROR:
>> Could not log on to timsieved daemon on your IMAP server localhost:2000.
>> Error Encountered: 255
>> Please contact your administrator.
>>
>> I looked at the managesieve.lib.php script, and I noticed that it uses
>> php4, but I am using php5. But, it seems kind of strange that it would
>> require php4, since this is the stable package for debian with default
>> settings, and I didn't have any dependency issues installing, so I'm not
>> sure this is the problem.
>>
>> squirrelmail                        2:1.4.15-4+lenny2
>> avelsieve                           1.9.7-6+lenny1
>>
>> TLS/SSL works for eveything else (imap,imaps,smtp,and apache), so I'm a
>> little bit suspicious for that being the problem.
>>
>> Something I did notice was that in the previous installation, we seemed
>> to be using something called websieve, although we also had the
>> avelsieve plugin installed. I copied the websieve directory, but I
>> haven't found any documentation about how websieve is different from
>> avelsieve or whether you can use both, or how
>> squirrelmail/avelsieve/websieve interact. I think I need to get rid of
>> websieve, and just use avelsieve, but I'm not sure about this. Would I
>> run into problems if I just got rid of the websieve directory? How is
>> avelsieve suppose to interact with squirrelmail?
> 
> Hi,
> 
> From you previous mail I got the impression that you have used avelsieve
> in the past. Now, did you use avelsieve or websieve (or both). At least I
> think using both at the same time doesn't make much sense. Avelsieve uses
> comments in your sieve scripts to store it's "metadata" and other tools
> won't understand them.
> 
> On one host running RHEL4 (which means PHP 4) I'm running avelsieve-1.9.8
> and in it's config file I see this:
> 
> /**
>  * @var boolean Disable STARTTLS for ManageSieve. You can set this to true,
>  * if you do not wish to use encryption via TLS mechanisms (i.e. the server
>  * is not configured properly, or this is a local connection and TLS is not
>  * needed.
>  * Note that STARTTLS is supported only in PHP5+. In PHP4 this option will
>  * have no effect and STARTTLS will be disabled anyway.
>  */
> global $avelsieve_disabletls;
> $avelsieve_disabletls = false;
> 
> I was using avelsieve 1.9.7 before and a patch was needed to get the same
> behaviour. The patch is attached, don't remember where I got it, I think
> from avelsieve CVS.
> 
> That said, I have used it to run sieve on the local host with STARTTLS. If
> you want to use STARTTLS then I don't know how to make it work.
> 
> Regards,
> Simon

Thanks Simon,
I don't seem to have anything about tls in my avelsieve-config.php file.

I seem to have both websieve and avelsieve on the previous installation, 
and I'm not sure which was actually being used. Where in the config 
files would I find out which one was actually being used?

thanks,
maria

From simon.matter at invoca.ch  Wed Nov  4 03:39:22 2009
From: simon.matter at invoca.ch (Simon Matter)
Date: Wed, 4 Nov 2009 09:39:22 +0100
Subject: avelsieve problem switching mail servers
In-Reply-To: <4AF13AC6.1010500@shadlen.org>
References: <4AF0BD8C.3000309@shadlen.org>
	<bbde98e2b718137fca509e97a2bb8961.squirrel@webmail.bi.corp.invoca.ch>
	<4AF13AC6.1010500@shadlen.org>
Message-ID: <85f25e1daad231c3b5eaabf88db830f7.squirrel@webmail.bi.corp.invoca.ch>

> Simon Matter wrote:
>>> Hi there,
>>>
>>> I tried posting this on the squirrelmail plugin mailing list, but
>>> didn't
>>> get a response, so thought maybe someone on this list might be able to
>>> give me a hint, since I know a lot of you have sieve set up with cyrus
>>> and squirrelmail. Feel free to tell me this is the wrong list, and I
>>> will try elsewhere, but if someone can help, I would be very grateful.
>>>
>>> I recently moved my mail server to a new server, and have managed to
>>> get
>>> everything working except for sieve access through squirrelmail. I hope
>>> this mail isn't too confusing, but wanted to lay out a few different
>>> possibilities for what might be going on.
>>>
>>> Initially, when I tried to go to filters after logging into
>>> squirrelmail, squirrelmail would hang, and eventually time out with no
>>> error messages (just a reset by peer, I think). I tried going into
>>> imapd.conf and turning off tls for sieve to see if there was an
>>> authentication problem:
>>>
>>> sieve_tls_cert_file: disable
>>>
>>> When I do this, then I get an error message when I click on filters:
>>>
>>> Warning: stream_socket_enable_crypto()
>>> [function.stream-socket-enable-crypto]: SSL operation failed with code
>>> 1. OpenSSL Error messages: error:1408F10B:SSL
>>> routines:SSL3_GET_RECORD:wrong version number in
>>> /usr/share/squirrelmail/plugins/avelsieve/include/managesieve.lib.php
>>> on
>>> line 514
>>> ERROR:
>>> Could not log on to timsieved daemon on your IMAP server
>>> localhost:2000.
>>> Error Encountered: 255
>>> Please contact your administrator.
>>>
>>> I looked at the managesieve.lib.php script, and I noticed that it uses
>>> php4, but I am using php5. But, it seems kind of strange that it would
>>> require php4, since this is the stable package for debian with default
>>> settings, and I didn't have any dependency issues installing, so I'm
>>> not
>>> sure this is the problem.
>>>
>>> squirrelmail                        2:1.4.15-4+lenny2
>>> avelsieve                           1.9.7-6+lenny1
>>>
>>> TLS/SSL works for eveything else (imap,imaps,smtp,and apache), so I'm a
>>> little bit suspicious for that being the problem.
>>>
>>> Something I did notice was that in the previous installation, we seemed
>>> to be using something called websieve, although we also had the
>>> avelsieve plugin installed. I copied the websieve directory, but I
>>> haven't found any documentation about how websieve is different from
>>> avelsieve or whether you can use both, or how
>>> squirrelmail/avelsieve/websieve interact. I think I need to get rid of
>>> websieve, and just use avelsieve, but I'm not sure about this. Would I
>>> run into problems if I just got rid of the websieve directory? How is
>>> avelsieve suppose to interact with squirrelmail?
>>
>> Hi,
>>
>> From you previous mail I got the impression that you have used avelsieve
>> in the past. Now, did you use avelsieve or websieve (or both). At least
>> I
>> think using both at the same time doesn't make much sense. Avelsieve
>> uses
>> comments in your sieve scripts to store it's "metadata" and other tools
>> won't understand them.
>>
>> On one host running RHEL4 (which means PHP 4) I'm running
>> avelsieve-1.9.8
>> and in it's config file I see this:
>>
>> /**
>>  * @var boolean Disable STARTTLS for ManageSieve. You can set this to
>> true,
>>  * if you do not wish to use encryption via TLS mechanisms (i.e. the
>> server
>>  * is not configured properly, or this is a local connection and TLS is
>> not
>>  * needed.
>>  * Note that STARTTLS is supported only in PHP5+. In PHP4 this option
>> will
>>  * have no effect and STARTTLS will be disabled anyway.
>>  */
>> global $avelsieve_disabletls;
>> $avelsieve_disabletls = false;
>>
>> I was using avelsieve 1.9.7 before and a patch was needed to get the
>> same
>> behaviour. The patch is attached, don't remember where I got it, I think
>> from avelsieve CVS.
>>
>> That said, I have used it to run sieve on the local host with STARTTLS.
>> If
>> you want to use STARTTLS then I don't know how to make it work.
>>
>> Regards,
>> Simon
>
> Thanks Simon,
> I don't seem to have anything about tls in my avelsieve-config.php file.
>
> I seem to have both websieve and avelsieve on the previous installation,
> and I'm not sure which was actually being used. Where in the config
> files would I find out which one was actually being used?

I don't think websieve was used with squirrelmail but standalone. At least
I never heard of a websieve plugin for squirrelmail, but I know a tool
named websieve which has no relation to squirrelmail.

If you want to know how your sieve scripts were managed, you may just look
at the script on your imap server. If they have been created with
avelsieve then you will find lot's of comment string from avelsieve.

Regards,
Simon


From maria at shadlen.org  Wed Nov  4 04:45:54 2009
From: maria at shadlen.org (Maria McKinley)
Date: Wed, 04 Nov 2009 01:45:54 -0800
Subject: avelsieve problem switching mail servers
In-Reply-To: <85f25e1daad231c3b5eaabf88db830f7.squirrel@webmail.bi.corp.invoca.ch>
References: <4AF0BD8C.3000309@shadlen.org>
	<bbde98e2b718137fca509e97a2bb8961.squirrel@webmail.bi.corp.invoca.ch>
	<4AF13AC6.1010500@shadlen.org>
	<85f25e1daad231c3b5eaabf88db830f7.squirrel@webmail.bi.corp.invoca.ch>
Message-ID: <4AF14D52.5000704@shadlen.org>

Simon Matter wrote:
>> Simon Matter wrote:
>>>> Hi there,
>>>>
>>>> I tried posting this on the squirrelmail plugin mailing list, but
>>>> didn't
>>>> get a response, so thought maybe someone on this list might be able to
>>>> give me a hint, since I know a lot of you have sieve set up with cyrus
>>>> and squirrelmail. Feel free to tell me this is the wrong list, and I
>>>> will try elsewhere, but if someone can help, I would be very grateful.
>>>>
>>>> I recently moved my mail server to a new server, and have managed to
>>>> get
>>>> everything working except for sieve access through squirrelmail. I hope
>>>> this mail isn't too confusing, but wanted to lay out a few different
>>>> possibilities for what might be going on.
>>>>
>>>> Initially, when I tried to go to filters after logging into
>>>> squirrelmail, squirrelmail would hang, and eventually time out with no
>>>> error messages (just a reset by peer, I think). I tried going into
>>>> imapd.conf and turning off tls for sieve to see if there was an
>>>> authentication problem:
>>>>
>>>> sieve_tls_cert_file: disable
>>>>
>>>> When I do this, then I get an error message when I click on filters:
>>>>
>>>> Warning: stream_socket_enable_crypto()
>>>> [function.stream-socket-enable-crypto]: SSL operation failed with code
>>>> 1. OpenSSL Error messages: error:1408F10B:SSL
>>>> routines:SSL3_GET_RECORD:wrong version number in
>>>> /usr/share/squirrelmail/plugins/avelsieve/include/managesieve.lib.php
>>>> on
>>>> line 514
>>>> ERROR:
>>>> Could not log on to timsieved daemon on your IMAP server
>>>> localhost:2000.
>>>> Error Encountered: 255
>>>> Please contact your administrator.
>>>>
>>>> I looked at the managesieve.lib.php script, and I noticed that it uses
>>>> php4, but I am using php5. But, it seems kind of strange that it would
>>>> require php4, since this is the stable package for debian with default
>>>> settings, and I didn't have any dependency issues installing, so I'm
>>>> not
>>>> sure this is the problem.
>>>>
>>>> squirrelmail                        2:1.4.15-4+lenny2
>>>> avelsieve                           1.9.7-6+lenny1
>>>>
>>>> TLS/SSL works for eveything else (imap,imaps,smtp,and apache), so I'm a
>>>> little bit suspicious for that being the problem.
>>>>
>>>> Something I did notice was that in the previous installation, we seemed
>>>> to be using something called websieve, although we also had the
>>>> avelsieve plugin installed. I copied the websieve directory, but I
>>>> haven't found any documentation about how websieve is different from
>>>> avelsieve or whether you can use both, or how
>>>> squirrelmail/avelsieve/websieve interact. I think I need to get rid of
>>>> websieve, and just use avelsieve, but I'm not sure about this. Would I
>>>> run into problems if I just got rid of the websieve directory? How is
>>>> avelsieve suppose to interact with squirrelmail?
>>> Hi,
>>>
>>> From you previous mail I got the impression that you have used avelsieve
>>> in the past. Now, did you use avelsieve or websieve (or both). At least
>>> I
>>> think using both at the same time doesn't make much sense. Avelsieve
>>> uses
>>> comments in your sieve scripts to store it's "metadata" and other tools
>>> won't understand them.
>>>
>>> On one host running RHEL4 (which means PHP 4) I'm running
>>> avelsieve-1.9.8
>>> and in it's config file I see this:
>>>
>>> /**
>>>  * @var boolean Disable STARTTLS for ManageSieve. You can set this to
>>> true,
>>>  * if you do not wish to use encryption via TLS mechanisms (i.e. the
>>> server
>>>  * is not configured properly, or this is a local connection and TLS is
>>> not
>>>  * needed.
>>>  * Note that STARTTLS is supported only in PHP5+. In PHP4 this option
>>> will
>>>  * have no effect and STARTTLS will be disabled anyway.
>>>  */
>>> global $avelsieve_disabletls;
>>> $avelsieve_disabletls = false;
>>>
>>> I was using avelsieve 1.9.7 before and a patch was needed to get the
>>> same
>>> behaviour. The patch is attached, don't remember where I got it, I think
>>> from avelsieve CVS.
>>>
>>> That said, I have used it to run sieve on the local host with STARTTLS.
>>> If
>>> you want to use STARTTLS then I don't know how to make it work.
>>>
>>> Regards,
>>> Simon
>> Thanks Simon,
>> I don't seem to have anything about tls in my avelsieve-config.php file.
>>
>> I seem to have both websieve and avelsieve on the previous installation,
>> and I'm not sure which was actually being used. Where in the config
>> files would I find out which one was actually being used?
> 
> I don't think websieve was used with squirrelmail but standalone. At least
> I never heard of a websieve plugin for squirrelmail, but I know a tool
> named websieve which has no relation to squirrelmail.
> 
> If you want to know how your sieve scripts were managed, you may just look
> at the script on your imap server. If they have been created with
> avelsieve then you will find lot's of comment string from avelsieve.
> 
> Regards,
> Simon
> 

I seem to have scripts created by both websieve and avelsieve, but I do 
know that we have been managing sieve through squirrelmail for a very 
long time. Looks like the websieve scripts haven't been touched since 
2007. So, I think I'm back to where I was. Avelsieve was working on the 
last machine, but isn't working now. I'm pretty sure I have copied all 
configs over. How can I increase logging, so I can see what is happening 
when I get the time-out?

thanks,
maria

From michael.menge at zdv.uni-tuebingen.de  Wed Nov  4 05:12:45 2009
From: michael.menge at zdv.uni-tuebingen.de (Michael Menge)
Date: Wed, 04 Nov 2009 11:12:45 +0100
Subject: avelsieve problem switching mail servers
In-Reply-To: <4AF14D52.5000704@shadlen.org>
References: <4AF0BD8C.3000309@shadlen.org>
	<bbde98e2b718137fca509e97a2bb8961.squirrel@webmail.bi.corp.invoca.ch>
	<4AF13AC6.1010500@shadlen.org>
	<85f25e1daad231c3b5eaabf88db830f7.squirrel@webmail.bi.corp.invoca.ch>
	<4AF14D52.5000704@shadlen.org>
Message-ID: <20091104111245.49406zsf311lpcbh@webmail.uni-tuebingen.de>

Hi,

Quoting Maria McKinley <maria at shadlen.org>:

> Simon Matter wrote:
>>> Simon Matter wrote:
>>>>> Hi there,
>>>>>
>>>>> I tried posting this on the squirrelmail plugin mailing list, but
>>>>> didn't
>>>>> get a response, so thought maybe someone on this list might be able to
>>>>> give me a hint, since I know a lot of you have sieve set up with cyrus
>>>>> and squirrelmail. Feel free to tell me this is the wrong list, and I
>>>>> will try elsewhere, but if someone can help, I would be very grateful.
>>>>>
>>>>> I recently moved my mail server to a new server, and have managed to
>>>>> get
>>>>> everything working except for sieve access through squirrelmail. I hope
>>>>> this mail isn't too confusing, but wanted to lay out a few different
>>>>> possibilities for what might be going on.
>>>>>
>>>>> Initially, when I tried to go to filters after logging into
>>>>> squirrelmail, squirrelmail would hang, and eventually time out with no
>>>>> error messages (just a reset by peer, I think). I tried going into
>>>>> imapd.conf and turning off tls for sieve to see if there was an
>>>>> authentication problem:
>>>>>
>>>>> sieve_tls_cert_file: disable
>>>>>
>>>>> When I do this, then I get an error message when I click on filters:
>>>>>
>>>>> Warning: stream_socket_enable_crypto()
>>>>> [function.stream-socket-enable-crypto]: SSL operation failed with code
>>>>> 1. OpenSSL Error messages: error:1408F10B:SSL
>>>>> routines:SSL3_GET_RECORD:wrong version number in
>>>>> /usr/share/squirrelmail/plugins/avelsieve/include/managesieve.lib.php
>>>>> on
>>>>> line 514
>>>>> ERROR:
>>>>> Could not log on to timsieved daemon on your IMAP server
>>>>> localhost:2000.
>>>>> Error Encountered: 255
>>>>> Please contact your administrator.
>>>>>
>>>>> I looked at the managesieve.lib.php script, and I noticed that it uses
>>>>> php4, but I am using php5. But, it seems kind of strange that it would
>>>>> require php4, since this is the stable package for debian with default
>>>>> settings, and I didn't have any dependency issues installing, so I'm
>>>>> not
>>>>> sure this is the problem.
>>>>>
>>>>> squirrelmail                        2:1.4.15-4+lenny2
>>>>> avelsieve                           1.9.7-6+lenny1
>>>>>
>>>>> TLS/SSL works for eveything else (imap,imaps,smtp,and apache), so I'm a
>>>>> little bit suspicious for that being the problem.
>>>>>
>>>>> Something I did notice was that in the previous installation, we seemed
>>>>> to be using something called websieve, although we also had the
>>>>> avelsieve plugin installed. I copied the websieve directory, but I
>>>>> haven't found any documentation about how websieve is different from
>>>>> avelsieve or whether you can use both, or how
>>>>> squirrelmail/avelsieve/websieve interact. I think I need to get rid of
>>>>> websieve, and just use avelsieve, but I'm not sure about this. Would I
>>>>> run into problems if I just got rid of the websieve directory? How is
>>>>> avelsieve suppose to interact with squirrelmail?
>>>> Hi,
>>>>
>>>> From you previous mail I got the impression that you have used avelsieve
>>>> in the past. Now, did you use avelsieve or websieve (or both). At least
>>>> I
>>>> think using both at the same time doesn't make much sense. Avelsieve
>>>> uses
>>>> comments in your sieve scripts to store it's "metadata" and other tools
>>>> won't understand them.
>>>>
>>>> On one host running RHEL4 (which means PHP 4) I'm running
>>>> avelsieve-1.9.8
>>>> and in it's config file I see this:
>>>>
>>>> /**
>>>>  * @var boolean Disable STARTTLS for ManageSieve. You can set this to
>>>> true,
>>>>  * if you do not wish to use encryption via TLS mechanisms (i.e. the
>>>> server
>>>>  * is not configured properly, or this is a local connection and TLS is
>>>> not
>>>>  * needed.
>>>>  * Note that STARTTLS is supported only in PHP5+. In PHP4 this option
>>>> will
>>>>  * have no effect and STARTTLS will be disabled anyway.
>>>>  */
>>>> global $avelsieve_disabletls;
>>>> $avelsieve_disabletls = false;
>>>>
>>>> I was using avelsieve 1.9.7 before and a patch was needed to get the
>>>> same
>>>> behaviour. The patch is attached, don't remember where I got it, I think
>>>> from avelsieve CVS.
>>>>
>>>> That said, I have used it to run sieve on the local host with STARTTLS.
>>>> If
>>>> you want to use STARTTLS then I don't know how to make it work.
>>>>
>>>> Regards,
>>>> Simon
>>> Thanks Simon,
>>> I don't seem to have anything about tls in my avelsieve-config.php file.
>>>
>>> I seem to have both websieve and avelsieve on the previous installation,
>>> and I'm not sure which was actually being used. Where in the config
>>> files would I find out which one was actually being used?
>>
>> I don't think websieve was used with squirrelmail but standalone. At least
>> I never heard of a websieve plugin for squirrelmail, but I know a tool
>> named websieve which has no relation to squirrelmail.
>>
>> If you want to know how your sieve scripts were managed, you may just look
>> at the script on your imap server. If they have been created with
>> avelsieve then you will find lot's of comment string from avelsieve.
>>
>> Regards,
>> Simon
>>
>
> I seem to have scripts created by both websieve and avelsieve, but I do
> know that we have been managing sieve through squirrelmail for a very
> long time. Looks like the websieve scripts haven't been touched since
> 2007. So, I think I'm back to where I was. Avelsieve was working on the
> last machine, but isn't working now. I'm pretty sure I have copied all
> configs over. How can I increase logging, so I can see what is happening
> when I get the time-out?
>
> thanks,
> maria


Which Versions of cyrus do you have installed on the new
and the old mailserver? And does Avelsieve use Net_Sieve?
If yes which version of Net_Sieve do you have installed.

--------------------------------------------------------------------------------
M.Menge                                Tel.: (49) 7071/29-70316
Universit?t T?bingen                   Fax.: (49) 7071/29-5912
Zentrum f?r Datenverarbeitung          mail:  
michael.menge at zdv.uni-tuebingen.de
W?chterstra?e 76
72074 T?bingen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5339 bytes
Desc: S/MIME krytographische Unterschrift
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091104/50695b6b/attachment-0001.bin 

From maria at shadlen.org  Wed Nov  4 05:27:10 2009
From: maria at shadlen.org (Maria McKinley)
Date: Wed, 04 Nov 2009 02:27:10 -0800
Subject: avelsieve problem switching mail servers
In-Reply-To: <mailman.39102.1257329569.5312.info-cyrus@lists.andrew.cmu.edu>
References: <mailman.39102.1257329569.5312.info-cyrus@lists.andrew.cmu.edu>
Message-ID: <4AF156FE.3070004@shadlen.org>

>>snipped a bunch of stuff to keep things readable<<
>>>
>> I seem to have scripts created by both websieve and avelsieve, but I do
>> know that we have been managing sieve through squirrelmail for a very
>> long time. Looks like the websieve scripts haven't been touched since
>> 2007. So, I think I'm back to where I was. Avelsieve was working on the
>> last machine, but isn't working now. I'm pretty sure I have copied all
>> configs over. How can I increase logging, so I can see what is happening
>> when I get the time-out?
>>
>> thanks,
>> maria
> 
> 
> Which Versions of cyrus do you have installed on the new
> and the old mailserver? And does Avelsieve use Net_Sieve?
> If yes which version of Net_Sieve do you have installed.
> 
old
   cyrus-admin-2.2                   2.2.13-13
   avelsieve                         1.9.7-2
new
   cyrus-admin-2.2                     2.2.13-14+lenny3
   avelsieve                           1.9.7-6+lenny1

avelsieve does not appear to use Net_Sieve.

cheers,
maria

From simon.matter at invoca.ch  Wed Nov  4 05:39:27 2009
From: simon.matter at invoca.ch (Simon Matter)
Date: Wed, 4 Nov 2009 11:39:27 +0100
Subject: avelsieve problem switching mail servers
In-Reply-To: <4AF156FE.3070004@shadlen.org>
References: <mailman.39102.1257329569.5312.info-cyrus@lists.andrew.cmu.edu>
	<4AF156FE.3070004@shadlen.org>
Message-ID: <54982b4057b1fb8e50eabcf93eb1f670.squirrel@webmail.bi.corp.invoca.ch>

>>>snipped a bunch of stuff to keep things readable<<
>>>>
>>> I seem to have scripts created by both websieve and avelsieve, but I do
>>> know that we have been managing sieve through squirrelmail for a very
>>> long time. Looks like the websieve scripts haven't been touched since
>>> 2007. So, I think I'm back to where I was. Avelsieve was working on the
>>> last machine, but isn't working now. I'm pretty sure I have copied all
>>> configs over. How can I increase logging, so I can see what is
>>> happening
>>> when I get the time-out?
>>>
>>> thanks,
>>> maria
>>
>>
>> Which Versions of cyrus do you have installed on the new
>> and the old mailserver? And does Avelsieve use Net_Sieve?
>> If yes which version of Net_Sieve do you have installed.
>>
> old
>    cyrus-admin-2.2                   2.2.13-13
>    avelsieve                         1.9.7-2
> new
>    cyrus-admin-2.2                     2.2.13-14+lenny3
>    avelsieve                           1.9.7-6+lenny1
>
> avelsieve does not appear to use Net_Sieve.

Which version of PHP do you have on old and new?

Simon


From R.Gilbert at sheffield.ac.uk  Wed Nov  4 08:51:18 2009
From: R.Gilbert at sheffield.ac.uk (Richard Gilbert)
Date: Wed, 04 Nov 2009 13:51:18 +0000
Subject: Over quota when not
Message-ID: <4AF186D6.7060004@sheffield.ac.uk>

We have been happily running cyrus-imap 2.2.12 on a Solaris 10 system 
(installed from Blastwave) for years.  I now have a problem with a 
user's quota which I don't understand.

Usage as reported by cyradm lq, lqr and by the equivalent IMAP query all 
report that the user is at 78% but when they login, after selecting a 
folder they get a "Mailbox is over quota" error.

The user's quota file in /var/imap/quota contained:

3604871753
4500000

The actual filestore in use is consistent with the 3.6 GB usage figure 
above.  I tried running quota -f on the mailbox but that did not make 
any difference.  I deleted the quota file and this had the effect of 
disabling quotaing for the user.  This would appear to be a workaround 
for the user but not really a satisfactory solution.

The 4.5 GB quota was subsequently reinistated.  Initially the quota file 
contained

2285158
4500000

which looks like the amount of mail received after the quota was 
reinstated.  After running quota -f it went back to a similar number as 
before, equivalent to 78% usage, but still with the "Mailbox is over 
quota" error.

How can I correct this problem?

Thank you in anticipation.

Richard
-- 
Richard Gilbert
Corporate Information and Computing Services
University of Sheffield, Sheffield, S10 2TN, UK
Phone: +44 114 222 3028   Fax: +44 114 222 3040

From ktm at rice.edu  Wed Nov  4 09:02:32 2009
From: ktm at rice.edu (Kenneth Marshall)
Date: Wed, 4 Nov 2009 08:02:32 -0600
Subject: Over quota when not
In-Reply-To: <4AF186D6.7060004@sheffield.ac.uk>
References: <4AF186D6.7060004@sheffield.ac.uk>
Message-ID: <20091104140232.GC10895@it.is.rice.edu>

On Wed, Nov 04, 2009 at 01:51:18PM +0000, Richard Gilbert wrote:
> We have been happily running cyrus-imap 2.2.12 on a Solaris 10 system 
> (installed from Blastwave) for years.  I now have a problem with a 
> user's quota which I don't understand.
> 
> Usage as reported by cyradm lq, lqr and by the equivalent IMAP query all 
> report that the user is at 78% but when they login, after selecting a 
> folder they get a "Mailbox is over quota" error.
> 
> The user's quota file in /var/imap/quota contained:
> 
> 3604871753
> 4500000
> 
> The actual filestore in use is consistent with the 3.6 GB usage figure 
> above.  I tried running quota -f on the mailbox but that did not make 
> any difference.  I deleted the quota file and this had the effect of 
> disabling quotaing for the user.  This would appear to be a workaround 
> for the user but not really a satisfactory solution.
> 
> The 4.5 GB quota was subsequently reinistated.  Initially the quota file 
> contained
> 
> 2285158
> 4500000
> 
> which looks like the amount of mail received after the quota was 
> reinstated.  After running quota -f it went back to a similar number as 
> before, equivalent to 78% usage, but still with the "Mailbox is over 
> quota" error.
> 
> How can I correct this problem?
> 
> Thank you in anticipation.
> 
> Richard

Is Cyrus 2.2.x able to handle quotas over what can be stored in
an integer? That certainly seems to be the about the typical size
that 32-bit OS systems start having problems. I know that they
fixed such a problem, but you would need to check the change logs
for when and in which versions. Good luck.

Regards,
Ken

From awilliam at whitemice.org  Wed Nov  4 09:40:20 2009
From: awilliam at whitemice.org (Adam Tauno Williams)
Date: Wed, 04 Nov 2009 09:40:20 -0500
Subject: Over quota when not
In-Reply-To: <20091104140232.GC10895@it.is.rice.edu>
References: <4AF186D6.7060004@sheffield.ac.uk>
	<20091104140232.GC10895@it.is.rice.edu>
Message-ID: <1257345620.5257.12.camel@linux-m3mt>

On Wed, 2009-11-04 at 08:02 -0600, Kenneth Marshall wrote:
> On Wed, Nov 04, 2009 at 01:51:18PM +0000, Richard Gilbert wrote:
> > The 4.5 GB quota was subsequently reinistated.  Initially the quota file 
> > contained
> > which looks like the amount of mail received after the quota was 
> > reinstated.  After running quota -f it went back to a similar number as 
> > before, equivalent to 78% usage, but still with the "Mailbox is over 
> > quota" error.
> > How can I correct this problem?
> > Thank you in anticipation.
> Is Cyrus 2.2.x able to handle quotas over what can be stored in
> an integer? That certainly seems to be the about the typical size
> that 32-bit OS systems start having problems. I know that they
> fixed such a problem, but you would need to check the change logs
> for when and in which versions. Good luck.

I think this is it; we had the exact same problem with very large
quotas.  This issue is resolved in a recent update;  we are running
2.3.14-8 and large quotas are working.

I think that is Bug#2690
<https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=2690>


From jjneely at ncsu.edu  Wed Nov  4 11:17:07 2009
From: jjneely at ncsu.edu (Jack Neely)
Date: Wed, 4 Nov 2009 11:17:07 -0500
Subject: quota -f doubling users' quota usage
Message-ID: <20091104161707.GU9927@virge.linuxczar.net>

Folks,

I'm in the midst of upgrading our cyrus imap servers.  We've hit a snag
that our testing did not reveal.  The quota -f utility is doubling all
of our users' actual usage.  This seems to be reported several times on
various places on the web.  Running quota -f a second time seems to
correct the issue.  However, I wanted to track down the actual issue/bug
here.

We are moving from RHEL 3 i386 with Cyrus version 2.2.12 to RHEL 5
x86_64 machines running cyrus version 2.3.14.  We tar up the cyrus data
store and move it to the new server, rebuild the DB from a dump from the
old server, run reconstructs, and finally run quota -f.  We are getting
output below.

user.cechafin.RESTORE.Drafts: quota root user.cechafin.RESTORE --> user.cechafin 
user.cechafin.RESTORE.Sent: quota root user.cechafin.RESTORE --> user.cechafin  
user.cechafin.RESTORE.Sent.2006: quota root user.cechafin.RESTORE --> user.cechafi
user.cechafin.RESTORE.Sent.2007: quota root user.cechafin.RESTORE --> user.cechafin
user.cechafin: usage was 33900479, now 33914622
user.mmorrow: usage was 152034181, now 105570337
user.vrtownse: usage was 9382963, now 9385921
user.wwang: usage was 203145147, now 203333738
user.aaardest: usage was 31204975, now 62409950
user.aaaskar: usage was 44789845, now 89579690
user.aaatiq: usage was 29105529, now 58211058

What's happening?

Jack
-- 
Jack Neely <jjneely at ncsu.edu>
Linux Czar, OIT Campus Linux Services
Office of Information Technology, NC State University
GPG Fingerprint: 1917 5AC1 E828 9337 7AA4  EA6B 213B 765F 3B6A 5B89

From maria at shadlen.org  Wed Nov  4 18:13:11 2009
From: maria at shadlen.org (Maria McKinley)
Date: Wed, 04 Nov 2009 15:13:11 -0800
Subject: avelsieve problem switching mail servers
In-Reply-To: <54982b4057b1fb8e50eabcf93eb1f670.squirrel@webmail.bi.corp.invoca.ch>
References: <mailman.39102.1257329569.5312.info-cyrus@lists.andrew.cmu.edu>
	<4AF156FE.3070004@shadlen.org>
	<54982b4057b1fb8e50eabcf93eb1f670.squirrel@webmail.bi.corp.invoca.ch>
Message-ID: <4AF20A87.5040301@shadlen.org>

Simon Matter wrote:
>>>> snipped a bunch of stuff to keep things readable<<
>>>> I seem to have scripts created by both websieve and avelsieve, but I do
>>>> know that we have been managing sieve through squirrelmail for a very
>>>> long time. Looks like the websieve scripts haven't been touched since
>>>> 2007. So, I think I'm back to where I was. Avelsieve was working on the
>>>> last machine, but isn't working now. I'm pretty sure I have copied all
>>>> configs over. How can I increase logging, so I can see what is
>>>> happening
>>>> when I get the time-out?
>>>>
>>>> thanks,
>>>> maria
>>>
>>> Which Versions of cyrus do you have installed on the new
>>> and the old mailserver? And does Avelsieve use Net_Sieve?
>>> If yes which version of Net_Sieve do you have installed.
>>>
>> old
>>    cyrus-admin-2.2                   2.2.13-13
>>    avelsieve                         1.9.7-2
>> new
>>    cyrus-admin-2.2                     2.2.13-14+lenny3
>>    avelsieve                           1.9.7-6+lenny1
>>
>> avelsieve does not appear to use Net_Sieve.
> 
> Which version of PHP do you have on old and new?
> 
> Simon
> 

Well, this is interesting.

old:
montoya:~# dpkg -l |grep php
ii  libapache-mod-php4                6:4.4.4-9+lenny1 
server-side, HTML-embedded scripting languag
ii  libapache2-mod-php5               5.2.6.dfsg.1-1+lenny2 
server-side, HTML-embedded scripting languag
ii  libphp-phpmailer                  1.73-6                     full 
featured email transfer class for PHP
ii  libphp-snoopy                     1.2.4-1                    Snoopy 
is a PHP class that simulates a web b
ii  php4-common                       6:4.4.4-9+lenny1           Common 
files for packages built from the php
ii  php4-ldap                         6:4.4.4-9+lenny1           LDAP 
module for php4
ii  php5                              5.2.4-2 
server-side, HTML-embedded scripting languag
ii  php5-common                       5.2.6.dfsg.1-1+lenny2      Common 
files for packages built from the php
ii  php5-gd                           5.2.6.dfsg.1-1+lenny2      GD 
module for php5
ii  php5-ldap                         5.2.6.dfsg.1-1+lenny2      LDAP 
module for php5
ii  php5-mysql                        5.2.6.dfsg.1-1+lenny2      MySQL 
module for php5


new:
ella:~# dpkg -l |grep php
ii  libapache2-mod-php5                 5.2.6.dfsg.1-1+lenny3 
server-side, HTML-embedded scripting language (Apache 2 module
ii  php5-common                         5.2.6.dfsg.1-1+lenny3 
Common files for packages built from the php5 source
ii  php5-ldap                           5.2.6.dfsg.1-1+lenny3      LDAP 
module for php5

I'm not sure how to figure out which php packages avelsieve was actually 
using. There is no executable to check libraries, and there is not a 
version of php listed in dependencies for the package.

thanks,
maria

From dlg at dsrw.org  Wed Nov  4 18:38:24 2009
From: dlg at dsrw.org (david l goodrich)
Date: Wed, 04 Nov 2009 17:38:24 -0600
Subject: imapd GSSAPI requests host/ ticket
Message-ID: <4AF21070.1020903@dsrw.org>

I'm running 2.2.13-14+lenny3 on service-n2.dsrw.org, running 
Debian/lenny with Heimdal kerberos.  The built-in GSSAPI is functional, 
but on my KDC I see that it requests a ticket for 
host/service-n2.dsrw.org at DSRW.ORG, digest/DSRW at DSRW.ORG and finally 
krbtgt/DSRW at DSRW.ORG.

Why?  I see no obvious need for a host/* ticket to authorize imap, and 
digest/DSRW and krbtgt/DSRW simply make no sense.

Thanks!
   --david

From brong at fastmail.fm  Wed Nov  4 23:36:24 2009
From: brong at fastmail.fm (Bron Gondwana)
Date: Thu, 5 Nov 2009 15:36:24 +1100
Subject: quota -f doubling users' quota usage
In-Reply-To: <20091104161707.GU9927@virge.linuxczar.net>
References: <20091104161707.GU9927@virge.linuxczar.net>
Message-ID: <20091105043624.GD2091@brong.net>

On Wed, Nov 04, 2009 at 11:17:07AM -0500, Jack Neely wrote:
> Folks,
> 
> I'm in the midst of upgrading our cyrus imap servers.  We've hit a snag
> that our testing did not reveal.  The quota -f utility is doubling all
> of our users' actual usage.  This seems to be reported several times on
> various places on the web.  Running quota -f a second time seems to
> correct the issue.  However, I wanted to track down the actual issue/bug
> here.
> 
> We are moving from RHEL 3 i386 with Cyrus version 2.2.12 to RHEL 5
> x86_64 machines running cyrus version 2.3.14.  We tar up the cyrus data
> store and move it to the new server, rebuild the DB from a dump from the
> old server, run reconstructs, and finally run quota -f.  We are getting
> output below.
> 
> user.cechafin.RESTORE.Drafts: quota root user.cechafin.RESTORE --> user.cechafin 
> user.cechafin.RESTORE.Sent: quota root user.cechafin.RESTORE --> user.cechafin  
> user.cechafin.RESTORE.Sent.2006: quota root user.cechafin.RESTORE --> user.cechafi
> user.cechafin.RESTORE.Sent.2007: quota root user.cechafin.RESTORE --> user.cechafin
> user.cechafin: usage was 33900479, now 33914622
> user.mmorrow: usage was 152034181, now 105570337
> user.vrtownse: usage was 9382963, now 9385921
> user.wwang: usage was 203145147, now 203333738
> user.aaardest: usage was 31204975, now 62409950
> user.aaaskar: usage was 44789845, now 89579690
> user.aaatiq: usage was 29105529, now 58211058
> 
> What's happening?

I _suspect_ that the changing of the quota roots above is causing a second pass through
a loop somewhere.  The code is pretty, um, loopy.

You say a second quota -f run fixes it.  I suspect that doing a second quota -f run
is the correct response.  Yes there's a bug in there somewhere, but there's a pretty
good workaround available :)

Bron ( but put in a bugzilla entry if there isn't one already, and we'll notice it
       again one day )

From simon.matter at invoca.ch  Thu Nov  5 01:51:20 2009
From: simon.matter at invoca.ch (Simon Matter)
Date: Thu, 5 Nov 2009 07:51:20 +0100
Subject: avelsieve problem switching mail servers
In-Reply-To: <4AF20A87.5040301@shadlen.org>
References: <mailman.39102.1257329569.5312.info-cyrus@lists.andrew.cmu.edu>
	<4AF156FE.3070004@shadlen.org>
	<54982b4057b1fb8e50eabcf93eb1f670.squirrel@webmail.bi.corp.invoca.ch>
	<4AF20A87.5040301@shadlen.org>
Message-ID: <3d075727de8d6066ef51d25adb9b185f.squirrel@webmail.bi.corp.invoca.ch>

> Simon Matter wrote:
>>>>> snipped a bunch of stuff to keep things readable<<
>>>>> I seem to have scripts created by both websieve and avelsieve, but I
>>>>> do
>>>>> know that we have been managing sieve through squirrelmail for a very
>>>>> long time. Looks like the websieve scripts haven't been touched since
>>>>> 2007. So, I think I'm back to where I was. Avelsieve was working on
>>>>> the
>>>>> last machine, but isn't working now. I'm pretty sure I have copied
>>>>> all
>>>>> configs over. How can I increase logging, so I can see what is
>>>>> happening
>>>>> when I get the time-out?
>>>>>
>>>>> thanks,
>>>>> maria
>>>>
>>>> Which Versions of cyrus do you have installed on the new
>>>> and the old mailserver? And does Avelsieve use Net_Sieve?
>>>> If yes which version of Net_Sieve do you have installed.
>>>>
>>> old
>>>    cyrus-admin-2.2                   2.2.13-13
>>>    avelsieve                         1.9.7-2
>>> new
>>>    cyrus-admin-2.2                     2.2.13-14+lenny3
>>>    avelsieve                           1.9.7-6+lenny1
>>>
>>> avelsieve does not appear to use Net_Sieve.
>>
>> Which version of PHP do you have on old and new?
>>
>> Simon
>>
>
> Well, this is interesting.
>
> old:
> montoya:~# dpkg -l |grep php
> ii  libapache-mod-php4                6:4.4.4-9+lenny1
> server-side, HTML-embedded scripting languag
> ii  libapache2-mod-php5               5.2.6.dfsg.1-1+lenny2
> server-side, HTML-embedded scripting languag
> ii  libphp-phpmailer                  1.73-6                     full
> featured email transfer class for PHP
> ii  libphp-snoopy                     1.2.4-1                    Snoopy
> is a PHP class that simulates a web b
> ii  php4-common                       6:4.4.4-9+lenny1           Common
> files for packages built from the php
> ii  php4-ldap                         6:4.4.4-9+lenny1           LDAP
> module for php4
> ii  php5                              5.2.4-2
> server-side, HTML-embedded scripting languag
> ii  php5-common                       5.2.6.dfsg.1-1+lenny2      Common
> files for packages built from the php
> ii  php5-gd                           5.2.6.dfsg.1-1+lenny2      GD
> module for php5
> ii  php5-ldap                         5.2.6.dfsg.1-1+lenny2      LDAP
> module for php5
> ii  php5-mysql                        5.2.6.dfsg.1-1+lenny2      MySQL
> module for php5
>
>
> new:
> ella:~# dpkg -l |grep php
> ii  libapache2-mod-php5                 5.2.6.dfsg.1-1+lenny3
> server-side, HTML-embedded scripting language (Apache 2 module
> ii  php5-common                         5.2.6.dfsg.1-1+lenny3
> Common files for packages built from the php5 source
> ii  php5-ldap                           5.2.6.dfsg.1-1+lenny3      LDAP
> module for php5
>
> I'm not sure how to figure out which php packages avelsieve was actually
> using. There is no executable to check libraries, and there is not a
> version of php listed in dependencies for the package.

I'm afraid I can't help you much with the debian specific things, I have
no idea how debian handles such parallel installs of multiple PHP
versions.

What I know is that there is a difference when using avelsieve with PHP4
or 5 concerning STARTTLS. With PHP4, no STARTTLS is used, while with PHP5
it is used - and I think that's where changes were made in avelsieve-1.9.8
so you can configure what to do with STARTTLS when using PHP5.

Now, if you have everything installed from debian packages, I think it
should work an if it doesn't, you may contact the package maintainers
about it. We don't know which patches have been included in your avelsieve
package.

Regards,
Simon


From zhuzhixin at realss.com  Thu Nov  5 05:23:21 2009
From: zhuzhixin at realss.com (Zhu Zhixin)
Date: Thu, 05 Nov 2009 18:23:21 +0800
Subject: Any idea on read the backup of mailboxes out of imap server
Message-ID: <4AF2A799.7020405@realss.com>

Hello all,

     When a user is not valid anymore, i usually compress all the user's
mails to an .tar.gz file and then delete the user account from the imapd
server.

    Well, there is situation which i need to read the old mail of the
deleted user. So, before, i restore it from the backup to an
experimental imapd server. It is not convenient.

   I guess there must be other solutions on this. Please help!

regards,
Zhu Zhixin

From mhlavink at redhat.com  Thu Nov  5 05:34:00 2009
From: mhlavink at redhat.com (Michal Hlavinka)
Date: Thu, 5 Nov 2009 11:34:00 +0100
Subject: Excessive logging of inflate/deflate messages
In-Reply-To: <200910151640.17189.mhlavink@redhat.com>
References: <200910151640.17189.mhlavink@redhat.com>
Message-ID: <200911051134.00836.mhlavink@redhat.com>

ping, any response?

On Thursday 15 October 2009 16:40:17 Michal Hlavinka wrote:
> Hi,
> 
> one Fedora user has reported their imap server has logged 3GB of messages
> like:
> 
> Oct  8 19:43:01 mail imaps[6149]: deflate(4096 bytes, level=-1, flush=SYNC)
> Oct  8 19:43:01 mail imaps[6149]:    => compressed to 325 bytes
> Oct  8 19:43:01 mail imaps[6149]: deflate(4096 bytes, level=-1, flush=SYNC)
> Oct  8 19:43:01 mail imaps[6149]:    => compressed to 320 bytes
> Oct  8 19:43:01 mail imaps[6149]: deflate(4096 bytes, level=-1, flush=SYNC)
> Oct  8 19:43:01 mail imaps[6149]:    => compressed to 231 bytes
> Oct  8 19:43:01 mail imaps[6149]: deflate(4096 bytes, level=-1, flush=SYNC)
> Oct  8 19:43:01 mail imaps[6149]:    => compressed to 451 bytes
> Oct  8 19:43:01 mail imaps[5932]: inflate(14 bytes)
> Oct  8 19:43:01 mail imaps[5932]:    => decompressed to 32 bytes
> Oct  8 19:43:02 mail imaps[6202]: deflate(4096 bytes, level=-1, flush=SYNC)
> Oct  8 19:43:02 mail imaps[6202]:    => compressed to 783 bytes
> 
> Would it be possible to lower number of these messages (they are new in
> 2.3.15) or (preferably) add new option for enabling/disabling LOG_DEBUG
> messages? It should be quite easy, just call setlogmask(x) with appropriate
> argument depending on config option. I can write patch if required.
> 
> Regards,
> Michal Hlavinka
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
> 

From michael.menge at zdv.uni-tuebingen.de  Thu Nov  5 05:59:46 2009
From: michael.menge at zdv.uni-tuebingen.de (Michael Menge)
Date: Thu, 05 Nov 2009 11:59:46 +0100
Subject: Any idea on read the backup of mailboxes out of imap server
In-Reply-To: <4AF2A799.7020405@realss.com>
References: <4AF2A799.7020405@realss.com>
Message-ID: <20091105115946.23606oe5pww1zwgy@webmail.uni-tuebingen.de>

Quoting Zhu Zhixin <zhuzhixin at realss.com>:

> Hello all,
>
>      When a user is not valid anymore, i usually compress all the user's
> mails to an .tar.gz file and then delete the user account from the imapd
> server.
>
>     Well, there is situation which i need to read the old mail of the
> deleted user. So, before, i restore it from the backup to an
> experimental imapd server. It is not convenient.
>
>    I guess there must be other solutions on this. Please help!

As the mails are stored as text files you can read them
with "less" or "more". If you have to access the attachments,
view the html part formarted, you can open the file
with a mailclient wich supports single mails (.eml formart) e.g.
thunderbird or KMail.

   Michael






--------------------------------------------------------------------------------
M.Menge                                Tel.: (49) 7071/29-70316
Universit?t T?bingen                   Fax.: (49) 7071/29-5912
Zentrum f?r Datenverarbeitung          mail:  
michael.menge at zdv.uni-tuebingen.de
W?chterstra?e 76
72074 T?bingen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5339 bytes
Desc: S/MIME krytographische Unterschrift
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091105/17143d3a/attachment-0001.bin 

From choeger at open-xchange.com  Thu Nov  5 07:32:44 2009
From: choeger at open-xchange.com (Carsten Hoeger)
Date: Thu, 5 Nov 2009 13:32:44 +0100
Subject: Excessive logging of inflate/deflate messages
In-Reply-To: <200911051134.00836.mhlavink@redhat.com>
References: <200910151640.17189.mhlavink@redhat.com>
	<200911051134.00836.mhlavink@redhat.com>
Message-ID: <20091105123244.GD17247@open-xchange.com>

On Thu, Nov 05, Michal Hlavinka wrote:

> ping, any response?

I'd suggest to create a patch as you offered and open a bug with severity
feature at https://bugzilla.andrew.cmu.edu/
 
> On Thursday 15 October 2009 16:40:17 Michal Hlavinka wrote:
> > Hi,
> > 
> > one Fedora user has reported their imap server has logged 3GB of messages
> > like:
> > 
> > Oct  8 19:43:01 mail imaps[6149]: deflate(4096 bytes, level=-1, flush=SYNC)
> > Oct  8 19:43:01 mail imaps[6149]:    => compressed to 325 bytes
> > Oct  8 19:43:01 mail imaps[6149]: deflate(4096 bytes, level=-1, flush=SYNC)
> > Oct  8 19:43:01 mail imaps[6149]:    => compressed to 320 bytes
> > Oct  8 19:43:01 mail imaps[6149]: deflate(4096 bytes, level=-1, flush=SYNC)
> > Oct  8 19:43:01 mail imaps[6149]:    => compressed to 231 bytes
> > Oct  8 19:43:01 mail imaps[6149]: deflate(4096 bytes, level=-1, flush=SYNC)
> > Oct  8 19:43:01 mail imaps[6149]:    => compressed to 451 bytes
> > Oct  8 19:43:01 mail imaps[5932]: inflate(14 bytes)
> > Oct  8 19:43:01 mail imaps[5932]:    => decompressed to 32 bytes
> > Oct  8 19:43:02 mail imaps[6202]: deflate(4096 bytes, level=-1, flush=SYNC)
> > Oct  8 19:43:02 mail imaps[6202]:    => compressed to 783 bytes
> > 
> > Would it be possible to lower number of these messages (they are new in
> > 2.3.15) or (preferably) add new option for enabling/disabling LOG_DEBUG
> > messages? It should be quite easy, just call setlogmask(x) with appropriate
> > argument depending on config option. I can write patch if required.
> > 
> > Regards,
> > Michal Hlavinka
> > ----
> > Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
> > 
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

-- 
With best regards,

Carsten Hoeger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091105/7f52caa3/attachment.bin 

From brong at fastmail.fm  Thu Nov  5 07:57:16 2009
From: brong at fastmail.fm (Bron Gondwana)
Date: Thu, 5 Nov 2009 23:57:16 +1100
Subject: Excessive logging of inflate/deflate messages
In-Reply-To: <20091105123244.GD17247@open-xchange.com>
References: <200910151640.17189.mhlavink@redhat.com>
	<200911051134.00836.mhlavink@redhat.com>
	<20091105123244.GD17247@open-xchange.com>
Message-ID: <20091105125716.GA11675@brong.net>

On Thu, Nov 05, 2009 at 01:32:44PM +0100, Carsten Hoeger wrote:
> On Thu, Nov 05, Michal Hlavinka wrote:
> 
> > ping, any response?
> 
> I'd suggest to create a patch as you offered and open a bug with severity
> feature at https://bugzilla.andrew.cmu.edu/

I've actually just committed a patch to CVS earlier today which removes this 
level of debugging amongst other things.

Sorry about not replying to it before...

Bron ( it is annoying, though logging at DEBUG level by default is a little
       crazy as well )

From schweizer.martin at gmail.com  Thu Nov  5 11:00:27 2009
From: schweizer.martin at gmail.com (Martin Schweizer)
Date: Thu, 5 Nov 2009 17:00:27 +0100
Subject: sendmail/cyrus deliver not to subdomain
In-Reply-To: <w8q048cpw4-9AU@jay.huge.strangled.net>
References: <380ccfd60910301020m6f5d4c08g8273924752eb3713@mail.gmail.com>
	<w8q048cpw4-9AU@jay.huge.strangled.net>
Message-ID: <380ccfd60911050800q54f7d79br8e0194422ce34609@mail.gmail.com>

Hello Andrzej

Thank you for the hint. I did what you suggested (install the new
mailer, clean the mailertable) but I get the same result as before. If
I created a user.abc (without any domain part) the mail was received.
Any ideas?

Regards,

2009/10/30 Andrzej Adam Filip <anfi at onet.eu>:
> Martin Schweizer <schweizer.martin at gmail.com> wrote:
>> Hello
>>
>> My setup is FreeBSD 7.2 amd64 and the newest Cyrus Imapd (.15).
>>
>> My cyrus server as the defaultdomain set to abc.ch and I set virtdomains: userid
>> . All users works a expected. Now I want to receive additionaly mails
>> for sub.abc.ch. In sendmail set all the necessary entries in access. I
>> also set in mailtable
>>
>> sub.abc.ch ?cyrusv2:/usr/imap/var/imap/socket/lmtp
>>
>> In maillog I get:
>>
>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920: --- 050
>> <abc at sub.abc.ch>... Connecting to /usr/imap/var/imap/socket/lmtp via
>> cyrusv2...
>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11920]: n9UGguri011920: --- 250
>> 2.0.0 n9UGguri011920 Message accepted for delivery
>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11920]: STARTTLS=read, info: fds=8/4, err=2
>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11920]: n9UGgurj011920: <-- QUIT
>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11920]: n9UGgurj011920: --- 221
>> 2.0.0 acsvfbsd06.abc.ch closing connection
>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11920]: STARTTLS=server, SSL_shutdown not done
>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: STARTTLS: CRLFile missing
>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: STARTTLS=client, init=1
>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: AUTH=client,
>> relay=localhost, mech=, bits=0
>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920: --- 550
>> 5.1.1 <abc at sub.abc.ch>... User unknown (hold)
>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920:
>> to=<abc at sub.abc.ch>, delay=00:00:00, xdelay=00:00:00, mailer=cyrusv2,
>> pri=30344, relay=localhost, dsn=5.1.1, stat=User unknown
>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920: --- 050
>> <mschweizer at abc.ch>... aliased to martin at abc.ch
>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920: alias
>> <mschweizer at abc.ch> => martin at abc.ch
>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920:
>> n9UGgurh011922: DSN: User unknown
>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGgurh011922: --- 050
>> martin at abc.ch... Using cached LMTP connection to localhost via
>> cyrusv2...
>>
>> Is seems that abc at sub.abc.ch is unknown but if I ?lm *@sub.abc.ch I
>> get user.abc at sub.abc.ch (\HasNoChildren).
>>
>> What Do I wrong? Or did I missunderstood something?
>
> *IF* you use unmodified cyrusv2 mailer provided by sendmail.org
> *THEN* be warned that it "strips" domain part of the recipient address.
>
> You may test it by sending test mail in verbose mode as root - it should
> show you trace of LMTP session:
>
> (echo subject: test; echo)|sendmail -Am -v -- abc at sub.abc.ch
>
>
> BTW you can not set "lmtp socket path" via mailertable in the above
> mentioned mailer.
>
> URL(s):
> http://anfi.homeunix.org/sendmail/cyrusv2.html
> http://open-sendmail.sourceforge.net/rtcyrus3/
>
> --
> [pl>en: Andrew] Andrzej Adam Filip : anfi at onet.eu
> Thank goodness modern convenience is a thing of the remote future.
> ?-- Pogo, by Walt Kelly
>



-- 
Martin Schweizer
schweizer.martin at gmail.com
Tel.: +41 32 512 48 54 (VoIP)
Fax: +1 619 3300587

From anfi at onet.eu  Thu Nov  5 12:57:48 2009
From: anfi at onet.eu (Andrzej Adam Filip)
Date: Thu, 05 Nov 2009 18:57:48 +0100
Subject: sendmail/cyrus deliver not to subdomain
In-Reply-To: <380ccfd60911050800q54f7d79br8e0194422ce34609@mail.gmail.com>
	(Martin Schweizer's message of "Thu, 5 Nov 2009 17:00:27 +0100")
References: <380ccfd60910301020m6f5d4c08g8273924752eb3713@mail.gmail.com>
	<w8q048cpw4-9AU@jay.huge.strangled.net>
	<380ccfd60911050800q54f7d79br8e0194422ce34609@mail.gmail.com>
Message-ID: <3jlbz8bhow-9B5@lonnie.brudna.chmurka.net>

Martin Schweizer <schweizer.martin at gmail.com> wrote:
> 2009/10/30 Andrzej Adam Filip <anfi at onet.eu>:
>> Martin Schweizer <schweizer.martin at gmail.com> wrote:
>>> Hello
>>>
>>> My setup is FreeBSD 7.2 amd64 and the newest Cyrus Imapd (.15).
>>>
>>> My cyrus server as the defaultdomain set to abc.ch and I set virtdomains: userid
>>> . All users works a expected. Now I want to receive additionaly mails
>>> for sub.abc.ch. In sendmail set all the necessary entries in access. I
>>> also set in mailtable
>>>
>>> sub.abc.ch ?cyrusv2:/usr/imap/var/imap/socket/lmtp
>>>
>>> In maillog I get:
>>>
>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920: --- 050
>>> <abc at sub.abc.ch>... Connecting to /usr/imap/var/imap/socket/lmtp via
>>> cyrusv2...
>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11920]: n9UGguri011920: --- 250
>>> 2.0.0 n9UGguri011920 Message accepted for delivery
>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11920]: STARTTLS=read, info: fds=8/4, err=2
>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11920]: n9UGgurj011920: <-- QUIT
>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11920]: n9UGgurj011920: --- 221
>>> 2.0.0 acsvfbsd06.abc.ch closing connection
>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11920]: STARTTLS=server, SSL_shutdown not done
>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: STARTTLS: CRLFile missing
>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: STARTTLS=client, init=1
>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: AUTH=client,
>>> relay=localhost, mech=, bits=0
>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920: --- 550
>>> 5.1.1 <abc at sub.abc.ch>... User unknown (hold)
>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920:
>>> to=<abc at sub.abc.ch>, delay=00:00:00, xdelay=00:00:00, mailer=cyrusv2,
>>> pri=30344, relay=localhost, dsn=5.1.1, stat=User unknown
>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920: --- 050
>>> <mschweizer at abc.ch>... aliased to martin at abc.ch
>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920: alias
>>> <mschweizer at abc.ch> => martin at abc.ch
>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920:
>>> n9UGgurh011922: DSN: User unknown
>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGgurh011922: --- 050
>>> martin at abc.ch... Using cached LMTP connection to localhost via
>>> cyrusv2...
>>>
>>> Is seems that abc at sub.abc.ch is unknown but if I ?lm *@sub.abc.ch I
>>> get user.abc at sub.abc.ch (\HasNoChildren).
>>>
>>> What Do I wrong? Or did I missunderstood something?
>>
>> *IF* you use unmodified cyrusv2 mailer provided by sendmail.org
>> *THEN* be warned that it "strips" domain part of the recipient address.
>>
>> You may test it by sending test mail in verbose mode as root - it should
>> show you trace of LMTP session:
>>
>> (echo subject: test; echo)|sendmail -Am -v -- abc at sub.abc.ch
>>
>>
>> BTW you can not set "lmtp socket path" via mailertable in the above
>> mentioned mailer.
>>
>> URL(s):
>> http://anfi.homeunix.org/sendmail/cyrusv2.html
>> http://open-sendmail.sourceforge.net/rtcyrus3/
>
> Thank you for the hint. I did what you suggested (install the new
> mailer, clean the mailertable) but I get the same result as before. If
> I created a user.abc (without any domain part) the mail was received.
> Any ideas?

How have you integrated cyrus mailer and sendmail?

Do you you use cyruvv2 as "local mailer"?
  define(confLOCAL_MAILER,...)
YES => sendmail.cf  strips recipients domain anyway before selecting
  local mailer or its substitute.

-- 
[pl>en: Andrew] Andrzej Adam Filip : anfi at onet.eu
When there are two conflicting versions of the story, the wise course
is to believe the one in which people appear at their worst.
  -- H. Allen Smith, "Let the Crabgrass Grow"

From jjneely at ncsu.edu  Thu Nov  5 14:20:08 2009
From: jjneely at ncsu.edu (Jack Neely)
Date: Thu, 5 Nov 2009 14:20:08 -0500
Subject: quota -f doubling users' quota usage
In-Reply-To: <20091105043624.GD2091@brong.net>
References: <20091104161707.GU9927@virge.linuxczar.net>
	<20091105043624.GD2091@brong.net>
Message-ID: <20091105192008.GY9927@virge.linuxczar.net>

On Thu, Nov 05, 2009 at 03:36:24PM +1100, Bron Gondwana wrote:
> On Wed, Nov 04, 2009 at 11:17:07AM -0500, Jack Neely wrote:
> > Folks,
> > 
> > I'm in the midst of upgrading our cyrus imap servers.  We've hit a snag
> > that our testing did not reveal.  The quota -f utility is doubling all
> > of our users' actual usage.  This seems to be reported several times on
> > various places on the web.  Running quota -f a second time seems to
> > correct the issue.  However, I wanted to track down the actual issue/bug
> > here.
> > 
> > We are moving from RHEL 3 i386 with Cyrus version 2.2.12 to RHEL 5
> > x86_64 machines running cyrus version 2.3.14.  We tar up the cyrus data
> > store and move it to the new server, rebuild the DB from a dump from the
> > old server, run reconstructs, and finally run quota -f.  We are getting
> > output below.
> > 
> > user.cechafin.RESTORE.Drafts: quota root user.cechafin.RESTORE --> user.cechafin 
> > user.cechafin.RESTORE.Sent: quota root user.cechafin.RESTORE --> user.cechafin  
> > user.cechafin.RESTORE.Sent.2006: quota root user.cechafin.RESTORE --> user.cechafi
> > user.cechafin.RESTORE.Sent.2007: quota root user.cechafin.RESTORE --> user.cechafin
> > user.cechafin: usage was 33900479, now 33914622
> > user.mmorrow: usage was 152034181, now 105570337
> > user.vrtownse: usage was 9382963, now 9385921
> > user.wwang: usage was 203145147, now 203333738
> > user.aaardest: usage was 31204975, now 62409950
> > user.aaaskar: usage was 44789845, now 89579690
> > user.aaatiq: usage was 29105529, now 58211058
> > 
> > What's happening?
> 
> I _suspect_ that the changing of the quota roots above is causing a second pass through
> a loop somewhere.  The code is pretty, um, loopy.
> 
> You say a second quota -f run fixes it.  I suspect that doing a second quota -f run
> is the correct response.  Yes there's a bug in there somewhere, but there's a pretty
> good workaround available :)
> 
> Bron ( but put in a bugzilla entry if there isn't one already, and we'll notice it
>        again one day )

Bugzilla is my friend.  :-)

https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=3179

A workaround is fairly easy, but I like to stomp on bugs.

Thanks!

Jack

-- 
Jack Neely <jjneely at ncsu.edu>
Linux Czar, OIT Campus Linux Services
Office of Information Technology, NC State University
GPG Fingerprint: 1917 5AC1 E828 9337 7AA4  EA6B 213B 765F 3B6A 5B89

From schweizer.martin at gmail.com  Thu Nov  5 14:41:57 2009
From: schweizer.martin at gmail.com (Martin Schweizer)
Date: Thu, 5 Nov 2009 20:41:57 +0100
Subject: sendmail/cyrus deliver not to subdomain
In-Reply-To: <3jlbz8bhow-9B5@lonnie.brudna.chmurka.net>
References: <380ccfd60910301020m6f5d4c08g8273924752eb3713@mail.gmail.com>
	<w8q048cpw4-9AU@jay.huge.strangled.net>
	<380ccfd60911050800q54f7d79br8e0194422ce34609@mail.gmail.com>
	<3jlbz8bhow-9B5@lonnie.brudna.chmurka.net>
Message-ID: <380ccfd60911051141k33edbcdci3eb033aec9fd0a7d@mail.gmail.com>

Hello Andrzej

>>>> My setup is FreeBSD 7.2 amd64 and the newest Cyrus Imapd (.15).
>>>>
>>>> My cyrus server as the defaultdomain set to abc.ch and I set virtdomains: userid
>>>> . All users works a expected. Now I want to receive additionaly mails
>>>> for sub.abc.ch. In sendmail set all the necessary entries in access. I
>>>> also set in mailtable
>>>>
>>>> sub.abc.ch ?cyrusv2:/usr/imap/var/imap/socket/lmtp
>>>>
>>>> In maillog I get:
>>>>
>>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920: --- 050
>>>> <abc at sub.abc.ch>... Connecting to /usr/imap/var/imap/socket/lmtp via
>>>> cyrusv2...
>>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11920]: n9UGguri011920: --- 250
>>>> 2.0.0 n9UGguri011920 Message accepted for delivery
>>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11920]: STARTTLS=read, info: fds=8/4, err=2
>>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11920]: n9UGgurj011920: <-- QUIT
>>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11920]: n9UGgurj011920: --- 221
>>>> 2.0.0 acsvfbsd06.abc.ch closing connection
>>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11920]: STARTTLS=server, SSL_shutdown not done
>>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: STARTTLS: CRLFile missing
>>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: STARTTLS=client, init=1
>>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: AUTH=client,
>>>> relay=localhost, mech=, bits=0
>>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920: --- 550
>>>> 5.1.1 <abc at sub.abc.ch>... User unknown (hold)
>>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920:
>>>> to=<abc at sub.abc.ch>, delay=00:00:00, xdelay=00:00:00, mailer=cyrusv2,
>>>> pri=30344, relay=localhost, dsn=5.1.1, stat=User unknown
>>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920: --- 050
>>>> <mschweizer at abc.ch>... aliased to martin at abc.ch
>>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920: alias
>>>> <mschweizer at abc.ch> => martin at abc.ch
>>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGguri011920:
>>>> n9UGgurh011922: DSN: User unknown
>>>> Oct 30 17:42:56 acsvfbsd06 sm-mta[11922]: n9UGgurh011922: --- 050
>>>> martin at abc.ch... Using cached LMTP connection to localhost via
>>>> cyrusv2...
>>>>
>>>> Is seems that abc at sub.abc.ch is unknown but if I ?lm *@sub.abc.ch I
>>>> get user.abc at sub.abc.ch (\HasNoChildren).
>>>>
>>>> What Do I wrong? Or did I missunderstood something?
>>>
>>> *IF* you use unmodified cyrusv2 mailer provided by sendmail.org
>>> *THEN* be warned that it "strips" domain part of the recipient address.
>>>
>>> You may test it by sending test mail in verbose mode as root - it should
>>> show you trace of LMTP session:
>>>
>>> (echo subject: test; echo)|sendmail -Am -v -- abc at sub.abc.ch
>>>
>>>
>>> BTW you can not set "lmtp socket path" via mailertable in the above
>>> mentioned mailer.
>>>
>>> URL(s):
>>> http://anfi.homeunix.org/sendmail/cyrusv2.html
>>> http://open-sendmail.sourceforge.net/rtcyrus3/
>>
>> Thank you for the hint. I did what you suggested (install the new
>> mailer, clean the mailertable) but I get the same result as before. If
>> I created a user.abc (without any domain part) the mail was received.
>> Any ideas?
>
> How have you integrated cyrus mailer and sendmail?
>
> Do you you use cyruvv2 as "local mailer"?
> ?define(confLOCAL_MAILER,...)
> YES => sendmail.cf ?strips recipients domain anyway before selecting
> ?local mailer or its substitute.

Here is the relevant part of my sendmail.mc:

[snip]
define(`CYRUSV2_MAILER_ARGS',`FILE /usr/imap/var/imap/socket/lmtp')
define(`confLOCAL_MAILER', `cyrusv2')
MAILER(`local')
MAILER(`smtp')
MAILER(`cyrusv2')
/end of file

It seems that it is set as "local mailer" as you expected. What is the
"correct way"?

Regards,

-- 
Martin Schweizer
schweizer.martin at gmail.com
Tel.: +41 32 512 48 54 (VoIP)
Fax: +1 619 3300587

From dbosso+lists.cyrus at lsit.ucsb.edu  Thu Nov  5 19:20:12 2009
From: dbosso+lists.cyrus at lsit.ucsb.edu (David R Bosso)
Date: Thu, 05 Nov 2009 16:20:12 -0800
Subject: caches on tmpfs?
Message-ID: <BDCFFD371CA6631A1B252F3B@bossland.lsit.ucsb.edu>


Both the tls_sessions cache and statuscache look like good candidates to 
move to tmpfs.  I don't see an easy way to relocate them, am I missing it, 
or should this be a feature request?

I've currently got proc on tmpfs as previously suggested.

Thanks.

-David

From gombasg at sztaki.hu  Fri Nov  6 02:42:45 2009
From: gombasg at sztaki.hu (Gabor Gombas)
Date: Fri, 6 Nov 2009 08:42:45 +0100
Subject: caches on tmpfs?
In-Reply-To: <BDCFFD371CA6631A1B252F3B@bossland.lsit.ucsb.edu>
References: <BDCFFD371CA6631A1B252F3B@bossland.lsit.ucsb.edu>
Message-ID: <20091106074244.GB8046@boogie.lpds.sztaki.hu>

On Thu, Nov 05, 2009 at 04:20:12PM -0800, David R Bosso wrote:
> 
> Both the tls_sessions cache and statuscache look like good candidates to 
> move to tmpfs.  I don't see an easy way to relocate them, am I missing it, 
> or should this be a feature request?

mount -t tmpfs tmpfs /some/where
cp /var/lib/cyrus/tls_session.db /some/where/tls_session.db
mount --bind /some/where/tls_session.db /var/lib/cyrus/tls_session.db

I did not test it. YMMV.

Gabor

-- 
     ---------------------------------------------------------
     MTA SZTAKI Computer and Automation Research Institute
                Hungarian Academy of Sciences
     ---------------------------------------------------------

From dom.lalot at gmail.com  Fri Nov  6 05:16:34 2009
From: dom.lalot at gmail.com (LALOT Dominique)
Date: Fri, 6 Nov 2009 11:16:34 +0100
Subject: quota -f doubling users' quota usage
In-Reply-To: <20091104161707.GU9927@virge.linuxczar.net>
References: <20091104161707.GU9927@virge.linuxczar.net>
Message-ID: <1617f8010911060216k214a165elaf5f4099d3a1d678@mail.gmail.com>

I can just say, that I have strange behaviour in 2.3 about quota. Does it
come from our migration, I can't say.
Sometimes people have very smal quota, sometimes 4000% overquota.
Each time, reconstruct + quota -f and once delete indexes as neither
reconstruct nor quota -f solved the problem.

I got no answer from the list. I didn't notice it doubles the quota

Dom

2009/11/4 Jack Neely <jjneely at ncsu.edu>

> Folks,
>
> I'm in the midst of upgrading our cyrus imap servers.  We've hit a snag
> that our testing did not reveal.  The quota -f utility is doubling all
> of our users' actual usage.  This seems to be reported several times on
> various places on the web.  Running quota -f a second time seems to
> correct the issue.  However, I wanted to track down the actual issue/bug
> here.
>
> We are moving from RHEL 3 i386 with Cyrus version 2.2.12 to RHEL 5
> x86_64 machines running cyrus version 2.3.14.  We tar up the cyrus data
> store and move it to the new server, rebuild the DB from a dump from the
> old server, run reconstructs, and finally run quota -f.  We are getting
> output below.
>
> user.cechafin.RESTORE.Drafts: quota root user.cechafin.RESTORE -->
> user.cechafin
> user.cechafin.RESTORE.Sent: quota root user.cechafin.RESTORE -->
> user.cechafin
> user.cechafin.RESTORE.Sent.2006: quota root user.cechafin.RESTORE -->
> user.cechafi
> user.cechafin.RESTORE.Sent.2007: quota root user.cechafin.RESTORE -->
> user.cechafin
> user.cechafin: usage was 33900479, now 33914622
> user.mmorrow: usage was 152034181, now 105570337
> user.vrtownse: usage was 9382963, now 9385921
> user.wwang: usage was 203145147, now 203333738
> user.aaardest: usage was 31204975, now 62409950
> user.aaaskar: usage was 44789845, now 89579690
> user.aaatiq: usage was 29105529, now 58211058
>
> What's happening?
>
> Jack
> --
> Jack Neely <jjneely at ncsu.edu>
> Linux Czar, OIT Campus Linux Services
> Office of Information Technology, NC State University
> GPG Fingerprint: 1917 5AC1 E828 9337 7AA4  EA6B 213B 765F 3B6A 5B89
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>



-- 
Dominique LALOT
Ing?nieur Syst?mes et R?seaux
http://annuaire.univmed.fr/showuser.php?uid=lalot
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091106/291825d5/attachment-0001.html 

From anfi at onet.eu  Fri Nov  6 15:56:37 2009
From: anfi at onet.eu (Andrzej Adam Filip)
Date: Fri, 06 Nov 2009 21:56:37 +0100
Subject: sendmail/cyrus deliver not to subdomain
In-Reply-To: <380ccfd60911051141k33edbcdci3eb033aec9fd0a7d@mail.gmail.com>
	(Martin Schweizer's message of "Thu, 5 Nov 2009 20:41:57 +0100")
References: <380ccfd60910301020m6f5d4c08g8273924752eb3713@mail.gmail.com>
	<w8q048cpw4-9AU@jay.huge.strangled.net>
	<380ccfd60911050800q54f7d79br8e0194422ce34609@mail.gmail.com>
	<3jlbz8bhow-9B5@lonnie.brudna.chmurka.net>
	<380ccfd60911051141k33edbcdci3eb033aec9fd0a7d@mail.gmail.com>
Message-ID: <6jpadf73ai-9B6@terry.huge.strangled.net>

Martin Schweizer <schweizer.martin at gmail.com> wrote:
> Andrze wrote:
>> [...]
>> How have you integrated cyrus mailer and sendmail?
>>
>> Do you you use cyruvv2 as "local mailer"?
>> ?define(confLOCAL_MAILER,...)
>> YES => sendmail.cf ?strips recipients domain anyway before selecting
>> ?local mailer or its substitute.
>
> Here is the relevant part of my sendmail.mc:
>
> [snip]
> define(`CYRUSV2_MAILER_ARGS',`FILE /usr/imap/var/imap/socket/lmtp')
> define(`confLOCAL_MAILER', `cyrusv2')
> MAILER(`local')
> MAILER(`smtp')
> MAILER(`cyrusv2')
> /end of file
>
> It seems that it is set as "local mailer" as you expected. What is the
> "correct way"?

There are many ways.
* One is present at cyrus website (mailertable based).
* You may use RTCyrus3 (for "additional domain only")
  http://open-sendmail.sourceforge.net/rtcyrus3/

-- 
[pl>en: Andrew] Andrzej Adam Filip : anfi at onet.eu
"Now here's something you're really going to like!"
  -- Rocket J. Squirrel

From woods-cyrus at weird.com  Sat Nov  7 11:08:31 2009
From: woods-cyrus at weird.com (Greg A. Woods)
Date: Sat, 07 Nov 2009 11:08:31 -0500
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes>
References: <1256060184.2946.53.camel@skunk> <m1N0K6o-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910201258110.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<1256072052.3739.4.camel@badjo> <m1N181A-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<m1N1PX1-000kn2C@most.weird.com>
	<F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes>
Message-ID: <m1N6n6W-000kmgC@most.weird.com>

At Tue, 3 Nov 2009 17:07:04 -0500, "Anthony Tibbs" <anthony-list at tibbs.ca> wrote:
Subject: Re: Exec'ing a script from Cyrus when imapd has a client
> 
> 
> You know, I don't know if I agree with all the objections over this person's 
> request.  I actually have a similar setup where Fetchmail is used to 
> retrieve messages from a remote mailbox for injection into a Cyrus setup, 
> primarily because of quota requirements on the far end.


Oy!  Why are you using broken hacks when a perfectly good solution is
just begging to be used?

Just get a forwarding alias installed on the remote mail server and then
you'll be using the MTA to move your mail in a robust, secure, and
fail-safe manner to the IMAP server where you desire it to be finally
delivered.



The rest of this is kinda just BS about how to use a proper IMAP client.


>  Yes, modern MUA's 
> offer the ability to store messages locally, but what if you have that MUA 
> installed in several computers in different locations?

IMAP, with modern capable IMAP clients, is an ideal way to access
multiple mail folders on multiple IMAP servers from multiple clients,
all simultaneously.


>  Moving to 'local 
> folders' in that case isn't helpful.

"local" is just one option -- you can copy and/or move messages to _any_
folder that the MUA has access to!


>  And yes, you could setup two 
> accounts - one on the main server and one to your cyrus setup - and move 
> messages manually,

Exactly.  It's _trivial_ to do with any modern and capable IMAP client!


>  but then why not fetchmail to the cyrus setup directly 
> too?

Well, partly because fetchmail is a rather horrible hack in terms of its
code and implementation, but mostly because in doing so you're violating
way too many protocol levels and introducing all kinds of possible
problems and errors, some of which will cause your mail to be lost, and
others of which will compromise the security of both servers.


The best and proper way to transport mail to any given desired
location is to use a proper and robust Mail Transport Agent with
whatever protocol is most appropriate and effective for the job.

Fetchmail is not a solution to anything, and never was!

-- 
						Greg A. Woods

+1 416 218-0098                VE3TCP          RoboHack <woods at robohack.ca>
Planix, Inc. <woods at planix.com>      Secrets of the Weird <woods at weird.com>

From brong at fastmail.fm  Sat Nov  7 14:54:30 2009
From: brong at fastmail.fm (Bron Gondwana)
Date: Sun, 8 Nov 2009 06:54:30 +1100
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <m1N6n6W-000kmgC@most.weird.com>
References: <1256060184.2946.53.camel@skunk> <m1N0K6o-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910201258110.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<1256072052.3739.4.camel@badjo> <m1N181A-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<m1N1PX1-000kn2C@most.weird.com>
	<F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes>
	<m1N6n6W-000kmgC@most.weird.com>
Message-ID: <20091107195430.GA21955@brong.net>

On Sat, Nov 07, 2009 at 11:08:31AM -0500, Greg A. Woods wrote:
> At Tue, 3 Nov 2009 17:07:04 -0500, "Anthony Tibbs" <anthony-list at tibbs.ca> wrote:
> Subject: Re: Exec'ing a script from Cyrus when imapd has a client
> > 
> > 
> > You know, I don't know if I agree with all the objections over this person's 
> > request.  I actually have a similar setup where Fetchmail is used to 
> > retrieve messages from a remote mailbox for injection into a Cyrus setup, 
> > primarily because of quota requirements on the far end.
> 
> 
> Oy!  Why are you using broken hacks when a perfectly good solution is
> just begging to be used?
> 
> Just get a forwarding alias installed on the remote mail server and then
> you'll be using the MTA to move your mail in a robust, secure, and
> fail-safe manner to the IMAP server where you desire it to be finally
> delivered.

Maybe unreliable network connectivity?  A dynamic IP where they don't
want a stale DynDNS pointer to cause someone else to get the mail?
Pull vs Push in the abstract is an age old question that never has only
one answer, much as you are trying to paint it that way.
 
> The rest of this is kinda just BS about how to use a proper IMAP client.

Er, you know a perfect IMAP client?  I've never been able to find a good
one, which is why I use offlineimap to local Maildirs and mutt to talk
to them.
 
> >  Yes, modern MUA's 
> > offer the ability to store messages locally, but what if you have that MUA 
> > installed in several computers in different locations?
> 
> IMAP, with modern capable IMAP clients, is an ideal way to access
> multiple mail folders on multiple IMAP servers from multiple clients,
> all simultaneously.

Uses more bandwidth than a single pull to local followed by the above
to the local IMAP store.  Fact.

> > accounts - one on the main server and one to your cyrus setup - and move 
> > messages manually,
> 
> Exactly.  It's _trivial_ to do with any modern and capable IMAP client!

So trivial you could replace it with a script.  Woah, wait.  That's
what everyone else on this thread has been suggesting all along!
 
> >  but then why not fetchmail to the cyrus setup directly 
> > too?
> 
> Well, partly because fetchmail is a rather horrible hack in terms of its
> code and implementation, but mostly because in doing so you're violating
> way too many protocol levels and introducing all kinds of possible
> problems and errors, some of which will cause your mail to be lost, and
> others of which will compromise the security of both servers.
> 
> 
> The best and proper way to transport mail to any given desired
> location is to use a proper and robust Mail Transport Agent with
> whatever protocol is most appropriate and effective for the job.
> 
> Fetchmail is not a solution to anything, and never was!

Ahh, I see.  Fetchmail screwed your dog and pissed in your cereal.

Rumour has it that offlineimap supports running an IMAP server
locally and synchronising changes in BOTH directions, with the
help of a little on-disk-database to keep track of who changed
what.  I don't use it because last time I did it was still buggy
and new, and now I'm wary.  So I just use local Maildirs.  A
Cyrus instance on my laptop using it would be pretty shiny for
testing stuff though.  Hmm.

This whole fetchmail thing is a tangent.  Implementation detail.
The important thing was pull versus push and how to trigger the
"monkey with a modern email client" equivalent of a copy between
IMAP folders, but scripted.

Regards,

Bron.

From awilliam at whitemice.org  Sat Nov  7 16:05:53 2009
From: awilliam at whitemice.org (Adam Tauno Williams)
Date: Sat, 07 Nov 2009 16:05:53 -0500
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <m1N6n6W-000kmgC@most.weird.com>
References: <1256060184.2946.53.camel@skunk> <m1N0K6o-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910201258110.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<1256072052.3739.4.camel@badjo> <m1N181A-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<m1N1PX1-000kn2C@most.weird.com>
	<F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes>
	<m1N6n6W-000kmgC@most.weird.com>
Message-ID: <1257627953.4682.9.camel@linux-m3mt>

> >  but then why not fetchmail to the cyrus setup directly 
> > too?
> Well, partly because fetchmail is a rather horrible hack in terms of its
> code and implementation,

So what?  Seriously, if a tool accomplishes the task... and
accomplishing the task is the purpose for the technology to exist in the
first place.  The quality of code and implementation of many mainstream
products could be question - but at the end it just doesn't matter -
they are accomplishing the ends for their users.

>  but mostly because in doing so you're violating
> way too many protocol levels 

Bogus, Fetchmail is a POP/IMAP/SMTP client that automatically moves
messages based upon its configuration.  It doesn't "violate" any
"protocol levels" at all.  If I drag-and-drop messages with my GUI MUA
between two servers, or use fetchmail, it is the exact same affect and
both are perfectly legitimate.  Except, of course, that fetchmail will
do so at 3AM every morning while I sleep.

> and introducing all kinds of possible
> problems and errors, 

Such as?  I've used fetchmail on several occasions and never had "all
kinds of problems".

> some of which will cause your mail to be lost, and

Right, just like a misconfigured MTA will, or a botched DNS server.

> others of which will compromise the security of both servers.

No more so that the use of a MUA; it is just an IMAP/SMTP client after
all.

> The best and proper way to transport mail to any given desired
> location is to use a proper and robust Mail Transport Agent with
> whatever protocol is most appropriate and effective for the job.

Sure, assuming that is an option and you the ability to modify all the
intermediary systems [not likely in the real-world].

> Fetchmail is not a solution to anything, and never was!

It is an excellent solution for automatically moving messages from one
mailbox to another;  just like it always has been.
-- 
OpenGroupware developer: awilliam at whitemice.org
<http://whitemiceconsulting.blogspot.com/>
OpenGroupare & Cyrus IMAPd documenation @
<http://docs.opengroupware.org/Members/whitemice/wmogag/file_view>


From Hagedorn at uni-koeln.de  Mon Nov  9 06:23:37 2009
From: Hagedorn at uni-koeln.de (Sebastian Hagedorn)
Date: Mon, 09 Nov 2009 12:23:37 +0100
Subject: VMware for Cyrus?
Message-ID: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>

Hi,

today I've learned that the Dell hardware our mail servers run on is out of 
support, because it's more than 5 years old (time flies ...). We were 
planning an upgrade from RHEL 3 to RHEL 5 anyway, but now we will try to 
accelerate that procedure somewhat. Our systems group is pushing VMware ESX 
on all levels. Previously VMware was not recommended for IO-heavy tasks, 
but apparently that's not the case anymore. Currently we have an ESX 3.5 
environment, but that will be upgraded to ESX 4 by the end of January.

My question is if there have been recent experiences running a Cyrus server 
with up to 2,500 concurrent IMAP connections under VMware ESX? I've found 
some posts in the archives, e.g.

<http://cyrusimap.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=45854>
<http://cyrusimap.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=48535>

but the former is relatively old, and the latter isn't really answered wrt 
VMware ...

FWIW, the current setup is a single Dell PowerEdge 6650 with 16 GB of RAM, 
coupled with a twin using Red Hat Cluster Suite.

Thanks, Sebastian
-- 
     .:.Sebastian Hagedorn - RZKR-R1 (Geb?ude 52), Zimmer 18.:.
                 .:.Regionales Rechenzentrum (RRZK).:.
.:.Universit?t zu K?ln / Cologne University - ? +49-221-478-5587.:.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pkcs7-signature
Size: 5292 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091109/5c942de2/attachment.bin 

From reinaldoc at gmail.com  Mon Nov  9 06:37:46 2009
From: reinaldoc at gmail.com (Reinaldo de Carvalho)
Date: Mon, 9 Nov 2009 08:37:46 -0300
Subject: VMware for Cyrus?
In-Reply-To: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>
References: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>
Message-ID: <4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>

On Mon, Nov 9, 2009 at 8:23 AM, Sebastian Hagedorn
<Hagedorn at uni-koeln.de> wrote:
> Hi,
>
> today I've learned that the Dell hardware our mail servers run on is out of
> support, because it's more than 5 years old (time flies ...). We were
> planning an upgrade from RHEL 3 to RHEL 5 anyway, but now we will try to
> accelerate that procedure somewhat. Our systems group is pushing VMware ESX
> on all levels. Previously VMware was not recommended for IO-heavy tasks, but
> apparently that's not the case anymore. Currently we have an ESX 3.5
> environment, but that will be upgraded to ESX 4 by the end of January.
>
> My question is if there have been recent experiences running a Cyrus server
> with up to 2,500 concurrent IMAP connections under VMware ESX? I've found
> some posts in the archives, e.g.

You need analyse the I/O consumition.

# iostat -d 1


-- 
Reinaldo de Carvalho
http://korreio.sf.net
http://python-cyrus.sf.net

"Don't try to adapt the software to the way you work, but rather
yourself to the way the software works" (myself)

From Hagedorn at uni-koeln.de  Mon Nov  9 06:43:46 2009
From: Hagedorn at uni-koeln.de (Sebastian Hagedorn)
Date: Mon, 09 Nov 2009 12:43:46 +0100
Subject: VMware for Cyrus?
In-Reply-To: <4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>
References: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>
	<4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>
Message-ID: <C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>

--On 9. November 2009 08:37:46 -0300 Reinaldo de Carvalho 
<reinaldoc at gmail.com> wrote:

> You need analyse the I/O consumition.
>
># iostat -d 1

I trust real world experiences more than benchmarks ... either people on 
this list have successfully run Cyrus under ESX or they haven't. I don't 
want to be the first to try it.
-- 
     .:.Sebastian Hagedorn - RZKR-R1 (Geb?ude 52), Zimmer 18.:.
                 .:.Regionales Rechenzentrum (RRZK).:.
.:.Universit?t zu K?ln / Cologne University - ? +49-221-478-5587.:.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pkcs7-signature
Size: 5292 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091109/c2597174/attachment.bin 

From reinaldoc at gmail.com  Mon Nov  9 06:55:50 2009
From: reinaldoc at gmail.com (Reinaldo de Carvalho)
Date: Mon, 9 Nov 2009 08:55:50 -0300
Subject: VMware for Cyrus?
In-Reply-To: <C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>
References: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>
	<4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>
	<C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>
Message-ID: <4a5881460911090355u69e7edb4je95b971d1fc75efd@mail.gmail.com>

On Mon, Nov 9, 2009 at 8:43 AM, Sebastian Hagedorn
<Hagedorn at uni-koeln.de> wrote:
> --On 9. November 2009 08:37:46 -0300 Reinaldo de Carvalho
> <reinaldoc at gmail.com> wrote:
>
>> You need analyse the I/O consumition.
>>
>> # iostat -d 1
>
> I trust real world experiences more than benchmarks ... either people on
> this list have successfully run Cyrus under ESX or they haven't. I don't
> want to be the first to try it.

A lower I/O consumition should always to work fine in virtualization.

-- 
Reinaldo de Carvalho
http://korreio.sf.net
http://python-cyrus.sf.net

"Don't try to adapt the software to the way you work, but rather
yourself to the way the software works" (myself)

From awilliam at whitemice.org  Mon Nov  9 07:24:22 2009
From: awilliam at whitemice.org (Adam Tauno Williams)
Date: Mon, 09 Nov 2009 07:24:22 -0500
Subject: VMware for Cyrus?
In-Reply-To: <4a5881460911090355u69e7edb4je95b971d1fc75efd@mail.gmail.com>
References: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>
	<4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>
	<C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>
	<4a5881460911090355u69e7edb4je95b971d1fc75efd@mail.gmail.com>
Message-ID: <1257769462.7703.7.camel@linux-m3mt>

On Mon, 2009-11-09 at 08:55 -0300, Reinaldo de Carvalho wrote:
> On Mon, Nov 9, 2009 at 8:43 AM, Sebastian Hagedorn
> <Hagedorn at uni-koeln.de> wrote:
> > --On 9. November 2009 08:37:46 -0300 Reinaldo de Carvalho
> > <reinaldoc at gmail.com> wrote:
> >> You need analyse the I/O consumition.
> >> # iostat -d 1
> > I trust real world experiences more than benchmarks ... either people on
> > this list have successfully run Cyrus under ESX or they haven't. I don't
> > want to be the first to try it.
> A lower I/O consumition should always to work fine in virtualization.

"Lower" than what?  This statement is meaningless.

We run a ~500-600 connection Cyrus in ESX.  But that isn't ~2,500.
There are so many variables here.

How much I/O your hypervisor can absorb depends on the same thing as a
metal system - the underlying I/O subsystem.  So far with ESX I've seen
that the I/O subsystem bottlenecks before there is any 'hard limit' in
the hypervisor;  just like a metal system bottlenecks before any 'hard
limit' in a [modern/recent] OS.  The real problem with virtualization is
that it becomes almost trivial to over-subscribe the system,  it works
great so long as only a few systems load spike at once - when seven or
eight servers load spike at the same time things get ugly and the poor
sys-admin's cell phone gets inundated with SMS alerts.


From Hagedorn at uni-koeln.de  Mon Nov  9 07:36:04 2009
From: Hagedorn at uni-koeln.de (Sebastian Hagedorn)
Date: Mon, 09 Nov 2009 13:36:04 +0100
Subject: VMware for Cyrus?
In-Reply-To: <1257769462.7703.7.camel@linux-m3mt>
References: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>
	<4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>
	<C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>
	<4a5881460911090355u69e7edb4je95b971d1fc75efd@mail.gmail.com>
	<1257769462.7703.7.camel@linux-m3mt>
Message-ID: <3C1449E5713780EAB230B362@tyrion.rrz.uni-koeln.de>

Thanks for your reply!

--On 9. November 2009 07:24:22 -0500 Adam Tauno Williams 
<awilliam at whitemice.org> wrote:

> We run a ~500-600 connection Cyrus in ESX.  But that isn't ~2,500.
> There are so many variables here.

True ...

> How much I/O your hypervisor can absorb depends on the same thing as a
> metal system - the underlying I/O subsystem.

We have a 2 Gbit IBM SVC-SAN connected with Fibrechannel over Cisco MDS 
9509 switches. So far that's been sufficient, but we will probably upgrade 
that as well in the forseeable future. We will use the same SAN devices as 
raw devices under VMware. I've successfully done that on test installations.

>  So far with ESX I've seen
> that the I/O subsystem bottlenecks before there is any 'hard limit' in
> the hypervisor;  just like a metal system bottlenecks before any 'hard
> limit' in a [modern/recent] OS.  The real problem with virtualization is
> that it becomes almost trivial to over-subscribe the system,

Exactly.

>  it works
> great so long as only a few systems load spike at once - when seven or
> eight servers load spike at the same time things get ugly and the poor
> sys-admin's cell phone gets inundated with SMS alerts.

So the real task would be to define appropriate reservations. But it's good 
to know that someone actually uses such a system in production, even though 
it's lower-sized than ours.
-- 
     .:.Sebastian Hagedorn - RZKR-R1 (Geb?ude 52), Zimmer 18.:.
                 .:.Regionales Rechenzentrum (RRZK).:.
.:.Universit?t zu K?ln / Cologne University - ? +49-221-478-5587.:.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pkcs7-signature
Size: 5292 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091109/2312c8d0/attachment.bin 

From simon.matter at invoca.ch  Mon Nov  9 08:10:54 2009
From: simon.matter at invoca.ch (Simon Matter)
Date: Mon, 9 Nov 2009 14:10:54 +0100
Subject: VMware for Cyrus?
In-Reply-To: <3C1449E5713780EAB230B362@tyrion.rrz.uni-koeln.de>
References: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>
	<4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>
	<C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>
	<4a5881460911090355u69e7edb4je95b971d1fc75efd@mail.gmail.com>
	<1257769462.7703.7.camel@linux-m3mt>
	<3C1449E5713780EAB230B362@tyrion.rrz.uni-koeln.de>
Message-ID: <bf16b3721f4f065d98b53f8fd12456cf.squirrel@webmail.bi.corp.invoca.ch>

> Thanks for your reply!
>
> --On 9. November 2009 07:24:22 -0500 Adam Tauno Williams
> <awilliam at whitemice.org> wrote:
>
>> We run a ~500-600 connection Cyrus in ESX.  But that isn't ~2,500.
>> There are so many variables here.
>
> True ...
>
>> How much I/O your hypervisor can absorb depends on the same thing as a
>> metal system - the underlying I/O subsystem.
>
> We have a 2 Gbit IBM SVC-SAN connected with Fibrechannel over Cisco MDS
> 9509 switches. So far that's been sufficient, but we will probably upgrade
> that as well in the forseeable future. We will use the same SAN devices as
> raw devices under VMware. I've successfully done that on test
> installations.
>
>>  So far with ESX I've seen
>> that the I/O subsystem bottlenecks before there is any 'hard limit' in
>> the hypervisor;  just like a metal system bottlenecks before any 'hard
>> limit' in a [modern/recent] OS.  The real problem with virtualization is
>> that it becomes almost trivial to over-subscribe the system,
>
> Exactly.

While virtualization has advantages it has also disadvantages. One thing
is that it introduces an additional layer of complexity into the game.
It's my impression that in many areas virtualization gets introduced not
because of technical reasons but because of political pressure.

For a high power, mission critical system like a mail cluster I'd stick
with real iron as long as possible. That may sound old fashioned but is
what I would do after everything I've seen. You will need the irons
anyway, with or without virtualization. Did I miss something?

Regards,
Simon

>
>>  it works
>> great so long as only a few systems load spike at once - when seven or
>> eight servers load spike at the same time things get ugly and the poor
>> sys-admin's cell phone gets inundated with SMS alerts.
>
> So the real task would be to define appropriate reservations. But it's
> good
> to know that someone actually uses such a system in production, even
> though
> it's lower-sized than ours.
> --
>      .:.Sebastian Hagedorn - RZKR-R1 (Geb??ude 52), Zimmer 18.:.
>                  .:.Regionales Rechenzentrum (RRZK).:.
> .:.Universit??t zu K??ln / Cologne University - ???
> +49-221-478-5587.:.----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html



From Hagedorn at uni-koeln.de  Mon Nov  9 08:35:53 2009
From: Hagedorn at uni-koeln.de (Sebastian Hagedorn)
Date: Mon, 09 Nov 2009 14:35:53 +0100
Subject: VMware for Cyrus?
In-Reply-To: <bf16b3721f4f065d98b53f8fd12456cf.squirrel@webmail.bi.corp.invoca.ch>
References: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>   
	<4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>   
	<C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>   
	<4a5881460911090355u69e7edb4je95b971d1fc75efd@mail.gmail.com>   
	<1257769462.7703.7.camel@linux-m3mt>   
	<3C1449E5713780EAB230B362@tyrion.rrz.uni-koeln.de>
	<bf16b3721f4f065d98b53f8fd12456cf.squirrel@webmail.bi.corp.invoca.ch>
Message-ID: <11A9C3D93CCEA779DB7B747B@tyrion.rrz.uni-koeln.de>

--On 9. November 2009 14:10:54 +0100 Simon Matter <simon.matter at invoca.ch> 
wrote:

> While virtualization has advantages it has also disadvantages. One thing
> is that it introduces an additional layer of complexity into the game.
> It's my impression that in many areas virtualization gets introduced not
> because of technical reasons but because of political pressure.

In our case I wouldn't necessarily call it political pressure ... it's more 
like organizational pressure. We have fewer personnel resources than we 
used to, and have to run more systems with them!

> For a high power, mission critical system like a mail cluster I'd stick
> with real iron as long as possible. That may sound old fashioned but is
> what I would do after everything I've seen. You will need the irons
> anyway, with or without virtualization. Did I miss something?

Maybe. Ideally you save irons by putting more than one VM on each. For the 
mail cluster that may or may not be an option. I think it might, because as 
I mentioned the current boxes are 5+ years old. So I'd think with brand new 
hardware we would get away with less than 100% on each box.

The main advantage that ESX would offer is in employing VMotion, VMMware HA 
and such. It adds a layer of complexity, but also a layer of security and 
convenience.
-- 
     .:.Sebastian Hagedorn - RZKR-R1 (Geb?ude 52), Zimmer 18.:.
                 .:.Regionales Rechenzentrum (RRZK).:.
.:.Universit?t zu K?ln / Cologne University - ? +49-221-478-5587.:.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pkcs7-signature
Size: 5292 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091109/39505c8c/attachment.bin 

From forrie at forrie.com  Mon Nov  9 08:41:43 2009
From: forrie at forrie.com (Forrest Aldrich)
Date: Mon, 09 Nov 2009 08:41:43 -0500
Subject: VMware for Cyrus?
In-Reply-To: <11A9C3D93CCEA779DB7B747B@tyrion.rrz.uni-koeln.de>
References: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>
	<4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>
	<C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>
	<4a5881460911090355u69e7edb4je95b971d1fc75efd@mail.gmail.com>
	<1257769462.7703.7.camel@linux-m3mt>
	<3C1449E5713780EAB230B362@tyrion.rrz.uni-koeln.de>	<bf16b3721f4f065d98b53f8fd12456cf.squirrel@webmail.bi.corp.invoca.ch>
	<11A9C3D93CCEA779DB7B747B@tyrion.rrz.uni-koeln.de>
Message-ID: <4AF81C17.8030603@forrie.com>



Sebastian Hagedorn wrote:
> --On 9. November 2009 14:10:54 +0100 Simon Matter 
> <simon.matter at invoca.ch> wrote:
>
>> While virtualization has advantages it has also disadvantages. One thing
>> is that it introduces an additional layer of complexity into the game.
>> It's my impression that in many areas virtualization gets introduced not
>> because of technical reasons but because of political pressure.
>
> In our case I wouldn't necessarily call it political pressure ... it's 
> more like organizational pressure. We have fewer personnel resources 
> than we used to, and have to run more systems with them!
>
>> For a high power, mission critical system like a mail cluster I'd stick
>> with real iron as long as possible. That may sound old fashioned but is
>> what I would do after everything I've seen. You will need the irons
>> anyway, with or without virtualization. Did I miss something?
>
> Maybe. Ideally you save irons by putting more than one VM on each. For 
> the mail cluster that may or may not be an option. I think it might, 
> because as I mentioned the current boxes are 5+ years old. So I'd 
> think with brand new hardware we would get away with less than 100% on 
> each box.
>
> The main advantage that ESX would offer is in employing VMotion, 
> VMMware HA and such. It adds a layer of complexity, but also a layer 
> of security and convenience.
>   

I wanted to add a note here on this.

We've been deploying ESXi where I work -- in some cases with success, 
such as development systems.   We've noticed significant problems when 
it comes to disk I/O.   Of course, our systems are RAID5 and that almost 
certainly contributes to it; though, I think you're going to see a 
performance hit either way.

Anyone else care to comment on that issue?



Best,

Forrest



From ktm at rice.edu  Mon Nov  9 08:51:34 2009
From: ktm at rice.edu (Kenneth Marshall)
Date: Mon, 9 Nov 2009 07:51:34 -0600
Subject: VMware for Cyrus?
In-Reply-To: <11A9C3D93CCEA779DB7B747B@tyrion.rrz.uni-koeln.de>
References: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>
	<4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>
	<C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>
	<4a5881460911090355u69e7edb4je95b971d1fc75efd@mail.gmail.com>
	<1257769462.7703.7.camel@linux-m3mt>
	<3C1449E5713780EAB230B362@tyrion.rrz.uni-koeln.de>
	<bf16b3721f4f065d98b53f8fd12456cf.squirrel@webmail.bi.corp.invoca.ch>
	<11A9C3D93CCEA779DB7B747B@tyrion.rrz.uni-koeln.de>
Message-ID: <20091109135134.GP10895@it.is.rice.edu>

On Mon, Nov 09, 2009 at 02:35:53PM +0100, Sebastian Hagedorn wrote:
> --On 9. November 2009 14:10:54 +0100 Simon Matter <simon.matter at invoca.ch> 
> wrote:
>
>> While virtualization has advantages it has also disadvantages. One thing
>> is that it introduces an additional layer of complexity into the game.
>> It's my impression that in many areas virtualization gets introduced not
>> because of technical reasons but because of political pressure.
>
> In our case I wouldn't necessarily call it political pressure ... it's more 
> like organizational pressure. We have fewer personnel resources than we 
> used to, and have to run more systems with them!
>
>> For a high power, mission critical system like a mail cluster I'd stick
>> with real iron as long as possible. That may sound old fashioned but is
>> what I would do after everything I've seen. You will need the irons
>> anyway, with or without virtualization. Did I miss something?
>
> Maybe. Ideally you save irons by putting more than one VM on each. For the 
> mail cluster that may or may not be an option. I think it might, because as 
> I mentioned the current boxes are 5+ years old. So I'd think with brand new 
> hardware we would get away with less than 100% on each box.
>
> The main advantage that ESX would offer is in employing VMotion, VMMware HA 
> and such. It adds a layer of complexity, but also a layer of security and 
> convenience.
> -- 
>     .:.Sebastian Hagedorn - RZKR-R1 (Geb??ude 52), Zimmer 18.:.
>                 .:.Regionales Rechenzentrum (RRZK).:.
> .:.Universit??t zu K??ln / Cologne University - ??? +49-221-478-5587.:.

I will go ahead and chime in here. If and only if your I/O usage is
well understood and managed, would a VM option work. As others have
mentioned, any amount of heavy I/O will take out or slow dramatically
every VM that needs any I/O at all. Most people tend to over provision
CPU/memory on VM host boxes. Usually phrases like "it's all in memory",
"next to no I/O",... preceed the I/O backlog and consequent multi VM
outage. People really like their mail to stay up, maybe slow but up.

Regards,
Ken

From jmadden at ivytech.edu  Mon Nov  9 09:23:18 2009
From: jmadden at ivytech.edu (John Madden)
Date: Mon, 09 Nov 2009 09:23:18 -0500
Subject: VMware for Cyrus?
In-Reply-To: <4AF81C17.8030603@forrie.com>
References: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>	<4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>	<C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>	<4a5881460911090355u69e7edb4je95b971d1fc75efd@mail.gmail.com>	<1257769462.7703.7.camel@linux-m3mt>	<3C1449E5713780EAB230B362@tyrion.rrz.uni-koeln.de>	<bf16b3721f4f065d98b53f8fd12456cf.squirrel@webmail.bi.corp.invoca.ch>	<11A9C3D93CCEA779DB7B747B@tyrion.rrz.uni-koeln.de>
	<4AF81C17.8030603@forrie.com>
Message-ID: <4AF825D6.6090908@ivytech.edu>

>> The main advantage that ESX would offer is in employing VMotion, 
>> VMMware HA and such. It adds a layer of complexity, but also a layer 
>> of security and convenience.

We're about to virtualize our environment, albeit on Xen rather than 
ESX.  (It's been my experience that Xen performs better.)  We're also 
moving from a single node to a six-node murder.

I don't think a mail server requires anything different of you than any 
other application -- install the app and test it thoroughly.  Maybe you 
wouldn't be able to handle 2500 connections on a single IMAP server 
anymore but you would be able to under murder?  Maybe the hardware 
running the new hypervisors is new enough relative to your 5-year-old 
hardware to overcome the overhead of virtualization?

FWIW, I won't run anything on hardware anymore unless I absolutely have 
to.  To me, the benefits of running virtualized outweigh the pitfalls -- 
dealing with real OS installs on real hardware, dealing with 
multipathing and SAN (virtual disks are easy), etc.

John




-- 
John Madden
Sr UNIX Systems Engineer
Ivy Tech Community College of Indiana
jmadden at ivytech.edu

From Hagedorn at uni-koeln.de  Mon Nov  9 09:35:53 2009
From: Hagedorn at uni-koeln.de (Sebastian Hagedorn)
Date: Mon, 09 Nov 2009 15:35:53 +0100
Subject: VMware for Cyrus?
In-Reply-To: <20091109135134.GP10895@it.is.rice.edu>
References: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>
	<4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>
	<C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>
	<4a5881460911090355u69e7edb4je95b971d1fc75efd@mail.gmail.com>
	<1257769462.7703.7.camel@linux-m3mt>
	<3C1449E5713780EAB230B362@tyrion.rrz.uni-koeln.de>
	<bf16b3721f4f065d98b53f8fd12456cf.squirrel@webmail.bi.corp.invoca.ch>
	<11A9C3D93CCEA779DB7B747B@tyrion.rrz.uni-koeln.de>
	<20091109135134.GP10895@it.is.rice.edu>
Message-ID: <A2F0817865EF5EF12C3719C3@tyrion.rrz.uni-koeln.de>

--On 9. November 2009 07:51:34 -0600 Kenneth Marshall <ktm at rice.edu> wrote:

> I will go ahead and chime in here. If and only if your I/O usage is
> well understood and managed, would a VM option work. As others have
> mentioned, any amount of heavy I/O will take out or slow dramatically
> every VM that needs any I/O at all.

Is that really true if you map raw SAN devices to the VM? I would expect 
that I/O wouldn't be much different in that case. That's what we're going 
to do.
-- 
     .:.Sebastian Hagedorn - RZKR-R1 (Geb?ude 52), Zimmer 18.:.
                 .:.Regionales Rechenzentrum (RRZK).:.
.:.Universit?t zu K?ln / Cologne University - ? +49-221-478-5587.:.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pkcs7-signature
Size: 5292 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091109/6085a673/attachment.bin 

From ktm at rice.edu  Mon Nov  9 09:39:40 2009
From: ktm at rice.edu (Kenneth Marshall)
Date: Mon, 9 Nov 2009 08:39:40 -0600
Subject: VMware for Cyrus?
In-Reply-To: <A2F0817865EF5EF12C3719C3@tyrion.rrz.uni-koeln.de>
References: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>
	<4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>
	<C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>
	<4a5881460911090355u69e7edb4je95b971d1fc75efd@mail.gmail.com>
	<1257769462.7703.7.camel@linux-m3mt>
	<3C1449E5713780EAB230B362@tyrion.rrz.uni-koeln.de>
	<bf16b3721f4f065d98b53f8fd12456cf.squirrel@webmail.bi.corp.invoca.ch>
	<11A9C3D93CCEA779DB7B747B@tyrion.rrz.uni-koeln.de>
	<20091109135134.GP10895@it.is.rice.edu>
	<A2F0817865EF5EF12C3719C3@tyrion.rrz.uni-koeln.de>
Message-ID: <20091109143940.GQ10895@it.is.rice.edu>

On Mon, Nov 09, 2009 at 03:35:53PM +0100, Sebastian Hagedorn wrote:
> --On 9. November 2009 07:51:34 -0600 Kenneth Marshall <ktm at rice.edu> wrote:
>
>> I will go ahead and chime in here. If and only if your I/O usage is
>> well understood and managed, would a VM option work. As others have
>> mentioned, any amount of heavy I/O will take out or slow dramatically
>> every VM that needs any I/O at all.
>
> Is that really true if you map raw SAN devices to the VM? I would expect 
> that I/O wouldn't be much different in that case. That's what we're going 
> to do.

If you have dedicated I/O resources, it will be fine. The case I
was referring to was with one big shared I/O pool usually with the
disclaimer "that will be enough I/O for anything..." :) 

Ken

From Pascal.Gienger at uni-konstanz.de  Mon Nov  9 09:41:56 2009
From: Pascal.Gienger at uni-konstanz.de (Pascal Gienger)
Date: Mon, 09 Nov 2009 15:41:56 +0100
Subject: VMware for Cyrus?
In-Reply-To: <4AF825D6.6090908@ivytech.edu>
References: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>	<4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>	<C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>	<4a5881460911090355u69e7edb4je95b971d1fc75efd@mail.gmail.com>	<1257769462.7703.7.camel@linux-m3mt>	<3C1449E5713780EAB230B362@tyrion.rrz.uni-koeln.de>	<bf16b3721f4f065d98b53f8fd12456cf.squirrel@webmail.bi.corp.invoca.ch>	<11A9C3D93CCEA779DB7B747B@tyrion.rrz.uni-koeln.de>	<4AF81C17.8030603@forrie.com>
	<4AF825D6.6090908@ivytech.edu>
Message-ID: <4AF82A34.4080107@uni-konstanz.de>

John Madden schrieb:
> FWIW, I won't run anything on hardware anymore unless I absolutely have 
> to.  To me, the benefits of running virtualized outweigh the pitfalls -- 
> dealing with real OS installs on real hardware, dealing with 
> multipathing and SAN (virtual disks are easy), etc.

Our Cyrus runs on Solaris with proper ZFS storage. This kind of storage 
is fast, reliable and supports many nodes per directory without a 
problem. Files check for backup is done in two hours for 50 million 
files (Tivoli Storage Manager Backup).

We just can't virtualize this because in whatever "solution" the 
underlying block devices get virtualized again. The only solution we 
would have is to bind these storage devices (fc) exclusively on the 
virtualized guest systems. Problem remains: Solaris 10 is not well 
supported in VMware (no client tools and without them access remains 
_SLOW_) nor in Xen/Sun xVM. In the latter OpenSolaris (and Solaris 11) 
is the way to go (architecture i86xpv).

Just to give a reason why sometimes it _IS_ necessary or better to have 
a real iron.

Pascal
-- 
Pascal Gienger
University of Konstanz, IT Services Department ("Rechenzentrum")
Electronic Communications and Web Services
Building V, Room V404, Phone +49 7531 88 5048, Fax +49 7531 88 3739

From brong at fastmail.fm  Mon Nov  9 15:46:04 2009
From: brong at fastmail.fm (Bron Gondwana)
Date: Tue, 10 Nov 2009 07:46:04 +1100
Subject: VMware for Cyrus?
In-Reply-To: <4AF825D6.6090908@ivytech.edu>
References: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>
	<4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>
	<C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>
	<4a5881460911090355u69e7edb4je95b971d1fc75efd@mail.gmail.com>
	<1257769462.7703.7.camel@linux-m3mt>
	<3C1449E5713780EAB230B362@tyrion.rrz.uni-koeln.de>
	<bf16b3721f4f065d98b53f8fd12456cf.squirrel@webmail.bi.corp.invoca.ch>
	<11A9C3D93CCEA779DB7B747B@tyrion.rrz.uni-koeln.de>
	<4AF81C17.8030603@forrie.com> <4AF825D6.6090908@ivytech.edu>
Message-ID: <20091109204603.GA8710@brong.net>

On Mon, Nov 09, 2009 at 09:23:18AM -0500, John Madden wrote:
> FWIW, I won't run anything on hardware anymore unless I absolutely have 
> to.  To me, the benefits of running virtualized outweigh the pitfalls -- 
> dealing with real OS installs on real hardware, dealing with 
> multipathing and SAN (virtual disks are easy), etc.

Whereas I have totally the other approach.  I hate single points of
failure, so every machine has its own local storage.  Real OS installs
are automated - just netboot and it sets itself up.

And it's not turtles all the way down - at some point there's still
real hardware underneath whatever layers you're running.  We're managing
to get increadibly high levels of utilisation out our machines while
remaining fast by having everything sit as close to the metal as possible.
Power costs too much to waste it on virtualisation overhead!

Bron ( we do use virtualisation for our test machines, but production
       doesn't have any parts sub-machine-sized, so why split a machine? )

From maria at shadlen.org  Tue Nov 10 03:03:17 2009
From: maria at shadlen.org (Maria McKinley)
Date: Tue, 10 Nov 2009 00:03:17 -0800
Subject: avelsieve problem switching mail servers
In-Reply-To: <3d075727de8d6066ef51d25adb9b185f.squirrel@webmail.bi.corp.invoca.ch>
References: <mailman.39102.1257329569.5312.info-cyrus@lists.andrew.cmu.edu>
	<4AF156FE.3070004@shadlen.org>
	<54982b4057b1fb8e50eabcf93eb1f670.squirrel@webmail.bi.corp.invoca.ch>
	<4AF20A87.5040301@shadlen.org>
	<3d075727de8d6066ef51d25adb9b185f.squirrel@webmail.bi.corp.invoca.ch>
Message-ID: <4AF91E45.8060200@shadlen.org>

Simon Matter wrote:
>> Simon Matter wrote:
>>>>>> snipped a bunch of stuff to keep things readable<<
>>>>>> I seem to have scripts created by both websieve and avelsieve, but I
>>>>>> do
>>>>>> know that we have been managing sieve through squirrelmail for a very
>>>>>> long time. Looks like the websieve scripts haven't been touched since
>>>>>> 2007. So, I think I'm back to where I was. Avelsieve was working on
>>>>>> the
>>>>>> last machine, but isn't working now. I'm pretty sure I have copied
>>>>>> all
>>>>>> configs over. How can I increase logging, so I can see what is
>>>>>> happening
>>>>>> when I get the time-out?
>>>>>>
>>>>>> thanks,
>>>>>> maria
>>>>> Which Versions of cyrus do you have installed on the new
>>>>> and the old mailserver? And does Avelsieve use Net_Sieve?
>>>>> If yes which version of Net_Sieve do you have installed.
>>>>>
>>>> old
>>>>    cyrus-admin-2.2                   2.2.13-13
>>>>    avelsieve                         1.9.7-2
>>>> new
>>>>    cyrus-admin-2.2                     2.2.13-14+lenny3
>>>>    avelsieve                           1.9.7-6+lenny1
>>>>
>>>> avelsieve does not appear to use Net_Sieve.
>>> Which version of PHP do you have on old and new?
>>>
>>> Simon
>>>
>> Well, this is interesting.
>>
>> old:
>> montoya:~# dpkg -l |grep php
>> ii  libapache-mod-php4                6:4.4.4-9+lenny1
>> server-side, HTML-embedded scripting languag
>> ii  libapache2-mod-php5               5.2.6.dfsg.1-1+lenny2
>> server-side, HTML-embedded scripting languag
>> ii  libphp-phpmailer                  1.73-6                     full
>> featured email transfer class for PHP
>> ii  libphp-snoopy                     1.2.4-1                    Snoopy
>> is a PHP class that simulates a web b
>> ii  php4-common                       6:4.4.4-9+lenny1           Common
>> files for packages built from the php
>> ii  php4-ldap                         6:4.4.4-9+lenny1           LDAP
>> module for php4
>> ii  php5                              5.2.4-2
>> server-side, HTML-embedded scripting languag
>> ii  php5-common                       5.2.6.dfsg.1-1+lenny2      Common
>> files for packages built from the php
>> ii  php5-gd                           5.2.6.dfsg.1-1+lenny2      GD
>> module for php5
>> ii  php5-ldap                         5.2.6.dfsg.1-1+lenny2      LDAP
>> module for php5
>> ii  php5-mysql                        5.2.6.dfsg.1-1+lenny2      MySQL
>> module for php5
>>
>>
>> new:
>> ella:~# dpkg -l |grep php
>> ii  libapache2-mod-php5                 5.2.6.dfsg.1-1+lenny3
>> server-side, HTML-embedded scripting language (Apache 2 module
>> ii  php5-common                         5.2.6.dfsg.1-1+lenny3
>> Common files for packages built from the php5 source
>> ii  php5-ldap                           5.2.6.dfsg.1-1+lenny3      LDAP
>> module for php5
>>
>> I'm not sure how to figure out which php packages avelsieve was actually
>> using. There is no executable to check libraries, and there is not a
>> version of php listed in dependencies for the package.
> 
> I'm afraid I can't help you much with the debian specific things, I have
> no idea how debian handles such parallel installs of multiple PHP
> versions.
> 
> What I know is that there is a difference when using avelsieve with PHP4
> or 5 concerning STARTTLS. With PHP4, no STARTTLS is used, while with PHP5
> it is used - and I think that's where changes were made in avelsieve-1.9.8
> so you can configure what to do with STARTTLS when using PHP5.
> 
> Now, if you have everything installed from debian packages, I think it
> should work an if it doesn't, you may contact the package maintainers
> about it. We don't know which patches have been included in your avelsieve
> package.
> 
> Regards,
> Simon
> 

Yup, I found a bug.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=547648

cheers,
maria

From baconm at email.unc.edu  Tue Nov 10 11:51:42 2009
From: baconm at email.unc.edu (Michael Bacon)
Date: Tue, 10 Nov 2009 11:51:42 -0500
Subject: Murder confusion -- two mupdate slaves, lmtpproxyd's always
	connecting to master
Message-ID: <310A5BF30C4D68D84300DD57@trophic.its.unc.edu>

First off, thank you to everyone who's chimed in with extremely helpful 
suggestions in response to my previous message.  Some of them have helped 
performance, and others mysteriously haven't when I really thought they 
would, but it's been very helpful for me in untying this knot.  I've been 
too busy with a cranky service to respond to everyone personally, but 
please know it's appreciated.

I have two questions regarding the Murder architecture.  The first is just 
a general annoyance at the way master starts up the mupdate processes.  In 
order to get master to fire off anything, you have to set prefork=1. 
However, the result of this is that you generate one mupdate, it reports as 
unavailable to the master, and so the master fires off another one.  These 
two seem to fight with each other over connections to the mupdate master, 
over locks to the mailboxes database, and over who gets to serve 
connections.  I don't think more than one is needed from what I can tell, 
but you get two just out of the master architecture.  Do I really need two, 
and if not, is there some way to keep more than one from starting up? 
(maxchild=1 does not do the trick for whatever reason.  I'm still 
deciphering code on this one.)

The second one is that the code for lmtpproxyd very explicitly connects to 
the mupdate master rather than the local slave.  I can't really figure out 
why it would do this, but here are the two relevant snippets from lmtpd.c:

This is from service_init:

    if (config_mupdate_server &&
        (config_mupdate_config == IMAP_ENUM_MUPDATE_CONFIG_STANDARD) &&
        !config_getstring(IMAPOPT_PROXYSERVERS)) {
        /* proxy only -- talk directly to mupdate master */
        r = mupdate_connect(config_mupdate_server, NULL, &mhandle, NULL);
        if (r) {
            syslog(LOG_ERR, "couldn't connect to MUPDATE server %s: %s",
                   config_mupdate_server, error_message(r));
            fatal("error connecting with MUPDATE server", EC_TEMPFAIL);
        }
    }


and it appears that this runs every time a message delivery is attempted:

static int mlookup(const char *name, char **server, char **aclp, void *tid)
{
    int r, type;

    if (server) *server = NULL;

    if (mhandle) {
        /* proxy only, so check the mupdate master */
        struct mupdate_mailboxdata *mailboxdata;

        /* find what server we're sending this to */
        r = mupdate_find(mhandle, name, &mailboxdata);

In short, it looks like, unlike proxyd and pop3proxyd, lmtpproxyd never 
even bothers to check the local mailboxes database, and when it wants an 
answer, feels the need to go directly to the mupdate master, rather than 
querying the handy dandy local slave.  Is this intentional?  Why can't it 
use the local cache?

Thanks much,
Michael Bacon
UNC Chapel Hill

From mills at cc.umanitoba.ca  Tue Nov 10 12:11:41 2009
From: mills at cc.umanitoba.ca (Gary Mills)
Date: Tue, 10 Nov 2009 11:11:41 -0600
Subject: Murder confusion -- two mupdate slaves,
	lmtpproxyd's always connecting to master
In-Reply-To: <310A5BF30C4D68D84300DD57@trophic.its.unc.edu>
References: <310A5BF30C4D68D84300DD57@trophic.its.unc.edu>
Message-ID: <20091110171141.GA26661@cc.umanitoba.ca>

On Tue, Nov 10, 2009 at 11:51:42AM -0500, Michael Bacon wrote:
> 
> I have two questions regarding the Murder architecture.  The first is just 
> a general annoyance at the way master starts up the mupdate processes.  In 
> order to get master to fire off anything, you have to set prefork=1. 
> However, the result of this is that you generate one mupdate, it reports as 
> unavailable to the master, and so the master fires off another one.  These 
> two seem to fight with each other over connections to the mupdate master, 
> over locks to the mailboxes database, and over who gets to serve 
> connections.  I don't think more than one is needed from what I can tell, 
> but you get two just out of the master architecture.  Do I really need two, 
> and if not, is there some way to keep more than one from starting up? 
> (maxchild=1 does not do the trick for whatever reason.  I'm still 
> deciphering code on this one.)

I finally fixed that one, but it took a long time to find the reason.
I always had two copies of the mupdate master running, but one of them
did almost nothing...

    # ps -fp "$(pgrep mupdate)"
         UID   PID  PPID   C    STIME TTY         TIME CMD
       cyrus  3024   700   0   Apr 03 ?           0:01 mupdate -C /etc/mupdate/imapd.conf -m
       cyrus  3026   700   0   Apr 03 ?          49:02 mupdate -C /etc/mupdate/imapd.conf -m

It turned out that one was listening on an IPv4 port and the other on
an IPv6 port.  Changing cyrus.conf from `listen=3905 prefork=1' to
`listen=3905 proto="tcp4" prefork=1' solved the problem for me.

I did the same thing for other Cyrus services as well.

-- 
-Gary Mills-        -Unix Group-        -Computer and Network Services-

From bawood at umich.edu  Tue Nov 10 12:26:22 2009
From: bawood at umich.edu (Brian Awood)
Date: Tue, 10 Nov 2009 12:26:22 -0500
Subject: Murder confusion -- two mupdate slaves,
	lmtpproxyd's always connecting to master
In-Reply-To: <310A5BF30C4D68D84300DD57@trophic.its.unc.edu>
References: <310A5BF30C4D68D84300DD57@trophic.its.unc.edu>
Message-ID: <200911101226.23369.bawood@umich.edu>


You can avoid the behavior in your second question by setting 
mupdate_config: unified
in your proxies imapd.conf.  That was a long standing issue with 
murder in a large scale environment with cyrus 2.2.

On Tuesday 10 November 2009 @ 11:51, Michael Bacon wrote:
> The second one is that the code for lmtpproxyd very explicitly
> connects to the mupdate master rather than the local slave.  I
> can't really figure out why it would do this, but here are the two
> relevant snippets from lmtpd.c:
>
> This is from service_init:
>
>     if (config_mupdate_server &&
>         (config_mupdate_config ==
> IMAP_ENUM_MUPDATE_CONFIG_STANDARD) &&
> !config_getstring(IMAPOPT_PROXYSERVERS)) {
>         /* proxy only -- talk directly to mupdate master */
>         r = mupdate_connect(config_mupdate_server, NULL, &mhandle,
> NULL); if (r) {
>             syslog(LOG_ERR, "couldn't connect to MUPDATE server %s:
> %s", config_mupdate_server, error_message(r)); fatal("error
> connecting with MUPDATE server", EC_TEMPFAIL); }
>     }
>
>
> and it appears that this runs every time a message delivery is
> attempted:
>
> static int mlookup(const char *name, char **server, char **aclp,
> void *tid) {
>     int r, type;
>
>     if (server) *server = NULL;
>
>     if (mhandle) {
>         /* proxy only, so check the mupdate master */
>         struct mupdate_mailboxdata *mailboxdata;
>
>         /* find what server we're sending this to */
>         r = mupdate_find(mhandle, name, &mailboxdata);
>
> In short, it looks like, unlike proxyd and pop3proxyd, lmtpproxyd
> never even bothers to check the local mailboxes database, and when
> it wants an answer, feels the need to go directly to the mupdate
> master, rather than querying the handy dandy local slave.  Is this
> intentional?  Why can't it use the local cache?
>
> Thanks much,
> Michael Bacon
> UNC Chapel Hill
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html



From baconm at email.unc.edu  Tue Nov 10 12:35:33 2009
From: baconm at email.unc.edu (Michael Bacon)
Date: Tue, 10 Nov 2009 12:35:33 -0500
Subject: Murder confusion -- two mupdate slaves, lmtpproxyd's always
	connecting to master
In-Reply-To: <20091110171141.GA26661@cc.umanitoba.ca>
References: <310A5BF30C4D68D84300DD57@trophic.its.unc.edu>
	<20091110171141.GA26661@cc.umanitoba.ca>
Message-ID: <D40397E0B11F2A7EE11218CB@trophic.its.unc.edu>

--On November 10, 2009 11:11:41 AM -0600 Gary Mills <mills at cc.umanitoba.ca> 
wrote:

> I finally fixed that one, but it took a long time to find the reason.
> I always had two copies of the mupdate master running, but one of them
> did almost nothing...
>
>     # ps -fp "$(pgrep mupdate)"
>          UID   PID  PPID   C    STIME TTY         TIME CMD
>        cyrus  3024   700   0   Apr 03 ?           0:01 mupdate -C
> /etc/mupdate/imapd.conf -m        cyrus  3026   700   0   Apr 03 ?
> 49:02 mupdate -C /etc/mupdate/imapd.conf -m
>
> It turned out that one was listening on an IPv4 port and the other on
> an IPv6 port.  Changing cyrus.conf from `listen=3905 prefork=1' to
> `listen=3905 proto="tcp4" prefork=1' solved the problem for me.

Ah ha!  Thank you!

-M


From baconm at email.unc.edu  Tue Nov 10 12:37:05 2009
From: baconm at email.unc.edu (Michael Bacon)
Date: Tue, 10 Nov 2009 12:37:05 -0500
Subject: Murder confusion -- two mupdate slaves, lmtpproxyd's always
	connecting to master
In-Reply-To: <200911101226.23369.bawood@umich.edu>
References: <310A5BF30C4D68D84300DD57@trophic.its.unc.edu>
	<200911101226.23369.bawood@umich.edu>
Message-ID: <FB07D254211075E83AF4DE5C@trophic.its.unc.edu>

I saw this recommendation elsewhere, but I don't understand why one would 
set mupdate_config: unified if I'm not, in fact, running a unified murder. 
What's the gain here?  We have dedicated front-end boxes and dedicated 
back-end boxes.  Is this just sort of a, "yeah, it's not for that, but it 
does what you want anyway" kind of things?

Thanks,
-Michael

--On November 10, 2009 12:26:22 PM -0500 Brian Awood <bawood at umich.edu> 
wrote:

>
> You can avoid the behavior in your second question by setting
> mupdate_config: unified
> in your proxies imapd.conf.  That was a long standing issue with
> murder in a large scale environment with cyrus 2.2.
>
> On Tuesday 10 November 2009 @ 11:51, Michael Bacon wrote:
>> The second one is that the code for lmtpproxyd very explicitly
>> connects to the mupdate master rather than the local slave.  I
>> can't really figure out why it would do this, but here are the two
>> relevant snippets from lmtpd.c:
>>
>> This is from service_init:
>>
>>     if (config_mupdate_server &&
>>         (config_mupdate_config ==
>> IMAP_ENUM_MUPDATE_CONFIG_STANDARD) &&
>> !config_getstring(IMAPOPT_PROXYSERVERS)) {
>>         /* proxy only -- talk directly to mupdate master */
>>         r = mupdate_connect(config_mupdate_server, NULL, &mhandle,
>> NULL); if (r) {
>>             syslog(LOG_ERR, "couldn't connect to MUPDATE server %s:
>> %s", config_mupdate_server, error_message(r)); fatal("error
>> connecting with MUPDATE server", EC_TEMPFAIL); }
>>     }
>>
>>
>> and it appears that this runs every time a message delivery is
>> attempted:
>>
>> static int mlookup(const char *name, char **server, char **aclp,
>> void *tid) {
>>     int r, type;
>>
>>     if (server) *server = NULL;
>>
>>     if (mhandle) {
>>         /* proxy only, so check the mupdate master */
>>         struct mupdate_mailboxdata *mailboxdata;
>>
>>         /* find what server we're sending this to */
>>         r = mupdate_find(mhandle, name, &mailboxdata);
>>
>> In short, it looks like, unlike proxyd and pop3proxyd, lmtpproxyd
>> never even bothers to check the local mailboxes database, and when
>> it wants an answer, feels the need to go directly to the mupdate
>> master, rather than querying the handy dandy local slave.  Is this
>> intentional?  Why can't it use the local cache?
>>
>> Thanks much,
>> Michael Bacon
>> UNC Chapel Hill
>> ----
>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
>
>





From bawood at umich.edu  Tue Nov 10 13:23:33 2009
From: bawood at umich.edu (Brian Awood)
Date: Tue, 10 Nov 2009 13:23:33 -0500
Subject: Murder confusion -- two mupdate slaves,
	lmtpproxyd's always connecting to master
In-Reply-To: <FB07D254211075E83AF4DE5C@trophic.its.unc.edu>
References: <310A5BF30C4D68D84300DD57@trophic.its.unc.edu>
	<200911101226.23369.bawood@umich.edu>
	<FB07D254211075E83AF4DE5C@trophic.its.unc.edu>
Message-ID: <200911101323.33628.bawood@umich.edu>


On Tuesday 10 November 2009 @ 12:37, Michael Bacon wrote:
> I saw this recommendation elsewhere, but I don't understand why one
> would set mupdate_config: unified if I'm not, in fact, running a
> unified murder. What's the gain here?  We have dedicated front-end
> boxes and dedicated back-end boxes.  Is this just sort of a, "yeah,
> it's not for that, but it does what you want anyway" kind of
> things?

Unfortunately it's not well documented, but the unified murder config 
currently only works on a proxy host.  Don't try to configure it on 
a "backend" machine that has local mailboxes!!!  Unless you want to 
manually fix up the mailboxes.db and mupdate master. :)  There are a 
few reports in the bugzilla from people who have tried to do that and 
mucked things up.  

So to answer your question, basically yes.  The gain is that using it 
on a proxy gives you the behavior you want,  which is lmtpd checks 
it's local db copy first instead of asking mupdate on every delivery.  
It seems to me like the behavior anyone running murder would want, 
but for some reason that isn't apparently true.

-Brian

From nybbles2byte at gmail.com  Tue Nov 10 14:10:27 2009
From: nybbles2byte at gmail.com (Nybbles2Byte)
Date: Tue, 10 Nov 2009 11:10:27 -0800
Subject: Quota question
Message-ID: <1262242866.20091110111027@gmail.com>

Hello,

If I do a SETQUOTA and GETQUOTA should I be using bytes or kilobytes? Sorry, this is probably obvious to most people but I am rather new at it.

I'm connecting with "fsockopen" since I'm right on the server... just in case how you connect makes a difference.

-- 
Nybbles2Byte                          mailto:nybbles2byte at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091110/3643abf0/attachment.html 

From baconm at email.unc.edu  Tue Nov 10 14:46:14 2009
From: baconm at email.unc.edu (Michael Bacon)
Date: Tue, 10 Nov 2009 14:46:14 -0500
Subject: Murder confusion -- two mupdate slaves, lmtpproxyd's always
	connecting to master
In-Reply-To: <200911101323.33628.bawood@umich.edu>
References: <310A5BF30C4D68D84300DD57@trophic.its.unc.edu>
	<200911101226.23369.bawood@umich.edu>
	<FB07D254211075E83AF4DE5C@trophic.its.unc.edu>
	<200911101323.33628.bawood@umich.edu>
Message-ID: <8CF243642C4DFD7944FC8854@trophic.its.unc.edu>

--On November 10, 2009 1:23:33 PM -0500 Brian Awood <bawood at umich.edu> 
wrote:

> Unfortunately it's not well documented, but the unified murder config
> currently only works on a proxy host.  Don't try to configure it on
> a "backend" machine that has local mailboxes!!!  Unless you want to
> manually fix up the mailboxes.db and mupdate master. :)  There are a
> few reports in the bugzilla from people who have tried to do that and
> mucked things up.
>
> So to answer your question, basically yes.  The gain is that using it
> on a proxy gives you the behavior you want,  which is lmtpd checks
> it's local db copy first instead of asking mupdate on every delivery.
> It seems to me like the behavior anyone running murder would want,
> but for some reason that isn't apparently true.

Thanks very much for this -- the mupdate server is now not sweating nearly 
as much.  We still have some outstanding performance issues to stomp, but 
we were locking up the mupdate master pretty badly, and it was making 
everything worse.  With this, I think we can focus on single-server issues 
from here on out.

-Michael




From awilliam at whitemice.org  Tue Nov 10 14:47:24 2009
From: awilliam at whitemice.org (Adam Tauno Williams)
Date: Tue, 10 Nov 2009 14:47:24 -0500
Subject: Quota question
In-Reply-To: <1262242866.20091110111027@gmail.com>
References: <1262242866.20091110111027@gmail.com>
Message-ID: <1257882444.5565.51.camel@linux-m3mt>

On Tue, 2009-11-10 at 11:10 -0800, Nybbles2Byte wrote:
> Hello,
> If I do a SETQUOTA and GETQUOTA should I be using bytes or kilobytes?
> Sorry, this is probably obvious to most people but I am rather new at
> it.

KB.  So "sq user.me 384000" is 384MB.

> I'm connecting with "fsockopen" since I'm right on the server... just
> in case how you connect makes a difference.

Eh?
-- 
openSUSE <http://www.opensuse.org/en/>
Linux for human beings who need to get things done.


From david.lang at digitalinsight.com  Tue Nov 10 17:58:40 2009
From: david.lang at digitalinsight.com (David Lang)
Date: Tue, 10 Nov 2009 14:58:40 -0800 (PST)
Subject: VMware for Cyrus?
In-Reply-To: <C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>
References: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de><4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>
	<C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>
Message-ID: <alpine.DEB.2.00.0911101457210.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>

On Mon, 9 Nov 2009, Sebastian Hagedorn wrote:

> --On 9. November 2009 08:37:46 -0300 Reinaldo de Carvalho
> <reinaldoc at gmail.com> wrote:
>
>> You need analyse the I/O consumition.
>>
>> # iostat -d 1
>
> I trust real world experiences more than benchmarks ... either people on
> this list have successfully run Cyrus under ESX or they haven't. I don't
> want to be the first to try it.

iostat is not a benchmark, it's a tool to measure your I/O patterns (number of 
I/O's, size of transfers, etc)

while I understand your desire to have real-world experiance, you do need to 
know your usage patterns to size the system accordingly.

David Lang
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ATT1862578.txt
Url: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091110/7e8a7ed9/attachment.txt 

From david.lang at digitalinsight.com  Tue Nov 10 18:01:04 2009
From: david.lang at digitalinsight.com (David Lang)
Date: Tue, 10 Nov 2009 15:01:04 -0800 (PST)
Subject: VMware for Cyrus?
In-Reply-To: <11A9C3D93CCEA779DB7B747B@tyrion.rrz.uni-koeln.de>
References: <37B5D432C5C5FB4A30F11646@tyrion.rrz.uni-koeln.de>
	<4a5881460911090337y53e3caie656dfa788a6ad5a@mail.gmail.com>
	<C55B2929BC0F6FBBEEEE1F2D@tyrion.rrz.uni-koeln.de>
	<4a5881460911090355u69e7edb4je95b971d1fc75efd@mail.gmail.com> 
	<1257769462.7703.7.camel@linux-m3mt>
	<3C1449E5713780EAB230B362@tyrion.rrz.uni-koeln.de><bf16b3721f4f065d98b53f8fd12456cf.squirrel@webmail.bi.corp.invoca.ch>
	<11A9C3D93CCEA779DB7B747B@tyrion.rrz.uni-koeln.de>
Message-ID: <alpine.DEB.2.00.0911101459270.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>

On Mon, 9 Nov 2009, Sebastian Hagedorn wrote:

> --On 9. November 2009 14:10:54 +0100 Simon Matter <simon.matter at invoca.ch>
> wrote:
>
>> While virtualization has advantages it has also disadvantages. One thing
>> is that it introduces an additional layer of complexity into the game.
>> It's my impression that in many areas virtualization gets introduced not
>> because of technical reasons but because of political pressure.
>
> In our case I wouldn't necessarily call it political pressure ... it's more
> like organizational pressure. We have fewer personnel resources than we
> used to, and have to run more systems with them!

and every time you introduce virtualization you introduce an additional system 
that you need to run.

remember that you need to admin all the virtual machines, just like you would if 
they were on their own physical boxes, plus you now need to admin the host OS.

David Lang
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ATT1869805.txt
Url: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091110/4af89f26/attachment.txt 

From boutilpj at ednet.ns.ca  Tue Nov 10 19:40:17 2009
From: boutilpj at ednet.ns.ca (Patrick Boutilier)
Date: Tue, 10 Nov 2009 20:40:17 -0400
Subject: ipurge syntax
Message-ID: <1349_1257900080_nAB0fJbP007509_4AFA07F1.3070803@ednet.ns.ca>

How can you get ipurge to only work on the INBOX? If I try this nothing 
happens:

ipurge -d 31 user.spam


If I put in -f then the INBOX and every folder underneath gets processed.


man page seems to indicate that only processing the INBOX is not possible:

Ipurge by default only deletes mail below shared folders, which means 
that  mails  in  mailbox(es)  below  INBOX.*  and  user.*  stay
        untouched. Use the option -f to also delete mail in mailbox(es) 
below these folders.

From brandt at decoit.de  Wed Nov 11 04:43:30 2009
From: brandt at decoit.de (Andre Brandt)
Date: Wed, 11 Nov 2009 10:43:30 +0100
Subject: Questions about ctl_cyrusdb
Message-ID: <4AFA8742.5060800@decoit.de>

Hi,

last night, after an accident, my mailserver ran out of space within 
half an hour. After solving the problem, I thought, that the problem was 
gone. What I didn't know was, that, after solving the original problem, 
cyrus started to create more than 6600 files unter /var/lib/cyrus/db. 
(log.00000xxxx) Each file with a size of 10mb.
After starting cyrus again, I can see, that ctl_cyrusdb recovers the 
database. But this takes a _very_ long time.... :(

As I found in documentation, files under /var/lib/cyrus/db can be safely 
deleted, when no cyrus process is running - is this right? What are this 
files for? What kind of information do they contain? How can It happen, 
that cyrus writes more than 70 GB of logs? When the server has nearly no 
work to do?

Thanks,
Andre







From jukka.huhta at helsinki.fi  Wed Nov 11 07:57:52 2009
From: jukka.huhta at helsinki.fi (Jukka Huhta)
Date: Wed, 11 Nov 2009 14:57:52 +0200 (EET)
Subject: STARTTLS TLS handshake fails after ServerKeyExchange
Message-ID: <alpine.DEB.2.00.0911111311050.21932@frodo.it.helsinki.fi>


We have a problem: when connecting to backend servers (with
cyradm/openssl s_client/whatever) the server just hangs in the TLS
handshake after ServerKeyExchange.  The reason for this is unknown to
us.

By reading RFC 5246, it seems to me that the client waits for
CertificateRequest or ServerHelloDone which is never received.
The client is stuck in the read system call and imapd is select()ing
something. Nothing happens.

It is strange that this happens in a test environment almost every
time and in a production environment in about 1/3 of the connection
attempts BUT never when connecting to a service running on a local
node, only when connecting to a remote node. A network related issue?

Cyradm fails also when I connect to a frontend and issue a command
that requires cyradm to connect to a remote backend. Otherwise
frontends work fine (without tls_ca_file defined).

After reading tls.c and imapd.c code we came to a conclusion: When
STARTTLS is used, the server wants to ask for a client certificate
regardless of whether the client certificates are in use or not.
Since we are not using them we worked this around by adding a new
config option tls_ask_cert: 0 and using it like the attached patch
shows.

Certainly I don't want to apply this patch in the production
environment before I fully understand what's really going on and is it
at all the right way to fix this problem.

Any hints, ideas, anything?

Running Cyrus 2.3.15 (rpm 2.3.15-4 by Simon Matter) on a CentOS 5.4
cluster (openssl 0.9.8e-12.el5).


-Jukka Huhta
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cyrus-imapd-2.3.15-hy_askcert.patch
Type: text/x-diff
Size: 1144 bytes
Desc: 
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091111/f4de7fc4/attachment.bin 

From aj at mindcrash.com  Wed Nov 11 10:46:22 2009
From: aj at mindcrash.com (AJ)
Date: Wed, 11 Nov 2009 10:46:22 -0500
Subject: Autocreate patch for 2.3.15?
Message-ID: <20091111104622.19842omhw2i0xnc4@webmail.mindcrash.com>

Has anyone used the 2.3.14 autocreate patch on 2.3.15?  There does not  
seem to be a patch for 2.3.15 on the site and I have tried using the  
2.3.14 patch and it does not apply cleanly.  It fails at  
imap/Makefile.in

Any help would be appreciated.  Output is below.

Thanks.
AJ

patching file cyrus-imapd-2.3.15/README.autocreate
patching file cyrus-imapd-2.3.15/imap/Makefile.in
Hunk #2 FAILED at 118.
Hunk #4 FAILED at 199.
2 out of 4 hunks FAILED -- saving rejects to file  
cyrus-imapd-2.3.15/imap/Makefile.in.rej
patching file cyrus-imapd-2.3.15/imap/autosieve.c
patching file cyrus-imapd-2.3.15/imap/compile_sieve.c
patching file cyrus-imapd-2.3.15/imap/imapd.c
Hunk #1 succeeded at 211 (offset 2 lines).
Hunk #2 succeeded at 2002 (offset 26 lines).
Hunk #3 succeeded at 2191 (offset 2 lines).
Hunk #4 succeeded at 2375 (offset 26 lines).
patching file cyrus-imapd-2.3.15/imap/lmtpd.c
Hunk #2 succeeded at 979 (offset 1 line).
Hunk #4 succeeded at 1137 (offset 1 line).
patching file cyrus-imapd-2.3.15/imap/mboxlist.c
Hunk #3 succeeded at 3437 (offset 14 lines).
patching file cyrus-imapd-2.3.15/imap/mboxlist.h
Hunk #1 succeeded at 216 (offset 1 line).
patching file cyrus-imapd-2.3.15/imap/pop3d.c
Hunk #1 succeeded at 173 (offset 1 line).
Hunk #3 succeeded at 1552 (offset 1 line).
patching file cyrus-imapd-2.3.15/lib/auth.c
patching file cyrus-imapd-2.3.15/lib/auth.h
patching file cyrus-imapd-2.3.15/lib/auth_krb.c
Hunk #1 succeeded at 341 (offset 1 line).
Hunk #3 succeeded at 398 (offset 1 line).
patching file cyrus-imapd-2.3.15/lib/auth_krb5.c
patching file cyrus-imapd-2.3.15/lib/auth_pts.c
patching file cyrus-imapd-2.3.15/lib/auth_unix.c
Hunk #1 succeeded at 315 (offset 1 line).
patching file cyrus-imapd-2.3.15/lib/imapoptions
patching file cyrus-imapd-2.3.15/notifyd/Makefile.in
patching file cyrus-imapd-2.3.15/notifyd/notifyd.c
patching file cyrus-imapd-2.3.15/ptclient/Makefile.in


From simon.matter at invoca.ch  Wed Nov 11 11:31:30 2009
From: simon.matter at invoca.ch (Simon Matter)
Date: Wed, 11 Nov 2009 17:31:30 +0100
Subject: Autocreate patch for 2.3.15?
In-Reply-To: <20091111104622.19842omhw2i0xnc4@webmail.mindcrash.com>
References: <20091111104622.19842omhw2i0xnc4@webmail.mindcrash.com>
Message-ID: <775a2266239e9439d645969b03b7ea78.squirrel@webmail.bi.corp.invoca.ch>

> Has anyone used the 2.3.14 autocreate patch on 2.3.15?  There does not
> seem to be a patch for 2.3.15 on the site and I have tried using the
> 2.3.14 patch and it does not apply cleanly.  It fails at
> imap/Makefile.in

Find attached my version of the patch adopted for 2.3.15. Note that this
is not an official patch from UOA but it is widely used because it's the
patch used in my cyrus-imapd rpms.
IIRC UOA is not using 2.3.x which is why they are not so fast upgrading
the patches.

Regards,
Simon

>
> Any help would be appreciated.  Output is below.
>
> Thanks.
> AJ
>
> patching file cyrus-imapd-2.3.15/README.autocreate
> patching file cyrus-imapd-2.3.15/imap/Makefile.in
> Hunk #2 FAILED at 118.
> Hunk #4 FAILED at 199.
> 2 out of 4 hunks FAILED -- saving rejects to file
> cyrus-imapd-2.3.15/imap/Makefile.in.rej
> patching file cyrus-imapd-2.3.15/imap/autosieve.c
> patching file cyrus-imapd-2.3.15/imap/compile_sieve.c
> patching file cyrus-imapd-2.3.15/imap/imapd.c
> Hunk #1 succeeded at 211 (offset 2 lines).
> Hunk #2 succeeded at 2002 (offset 26 lines).
> Hunk #3 succeeded at 2191 (offset 2 lines).
> Hunk #4 succeeded at 2375 (offset 26 lines).
> patching file cyrus-imapd-2.3.15/imap/lmtpd.c
> Hunk #2 succeeded at 979 (offset 1 line).
> Hunk #4 succeeded at 1137 (offset 1 line).
> patching file cyrus-imapd-2.3.15/imap/mboxlist.c
> Hunk #3 succeeded at 3437 (offset 14 lines).
> patching file cyrus-imapd-2.3.15/imap/mboxlist.h
> Hunk #1 succeeded at 216 (offset 1 line).
> patching file cyrus-imapd-2.3.15/imap/pop3d.c
> Hunk #1 succeeded at 173 (offset 1 line).
> Hunk #3 succeeded at 1552 (offset 1 line).
> patching file cyrus-imapd-2.3.15/lib/auth.c
> patching file cyrus-imapd-2.3.15/lib/auth.h
> patching file cyrus-imapd-2.3.15/lib/auth_krb.c
> Hunk #1 succeeded at 341 (offset 1 line).
> Hunk #3 succeeded at 398 (offset 1 line).
> patching file cyrus-imapd-2.3.15/lib/auth_krb5.c
> patching file cyrus-imapd-2.3.15/lib/auth_pts.c
> patching file cyrus-imapd-2.3.15/lib/auth_unix.c
> Hunk #1 succeeded at 315 (offset 1 line).
> patching file cyrus-imapd-2.3.15/lib/imapoptions
> patching file cyrus-imapd-2.3.15/notifyd/Makefile.in
> patching file cyrus-imapd-2.3.15/notifyd/notifyd.c
> patching file cyrus-imapd-2.3.15/ptclient/Makefile.in
>
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cyrus-imapd-2.3.15-autocreate-0.10-0.diff.gz
Type: application/x-gzip
Size: 17911 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091111/e54c5159/attachment-0001.bin 

From dwhite at olp.net  Wed Nov 11 14:02:25 2009
From: dwhite at olp.net (Dan White)
Date: Wed, 11 Nov 2009 13:02:25 -0600
Subject: Questions about ctl_cyrusdb
In-Reply-To: <4AFA8742.5060800@decoit.de>
References: <4AFA8742.5060800@decoit.de>
Message-ID: <20091111190225.GE4988@dan.olp.net>

On 11/11/09?10:43?+0100, Andre Brandt wrote:
>Hi,
>
>last night, after an accident, my mailserver ran out of space within 
>half an hour. After solving the problem, I thought, that the problem was 
>gone. What I didn't know was, that, after solving the original problem, 
>cyrus started to create more than 6600 files unter /var/lib/cyrus/db. 
>(log.00000xxxx) Each file with a size of 10mb.
>After starting cyrus again, I can see, that ctl_cyrusdb recovers the 
>database. But this takes a _very_ long time.... :(
>
>As I found in documentation, files under /var/lib/cyrus/db can be safely 
>deleted, when no cyrus process is running - is this right? What are this 
>files for? What kind of information do they contain? How can It happen, 
>that cyrus writes more than 70 GB of logs? When the server has nearly no 
>work to do?

Andre,

See the database-formats.html file located in the source distribution, also
found here:

http://tinyurl.com/yzn8wke

-- 
Dan White

From mikeegg1 at mac.com  Wed Nov 11 14:08:38 2009
From: mikeegg1 at mac.com (Mike Eggleston)
Date: Wed, 11 Nov 2009 13:08:38 -0600
Subject: general question, how to do this?
Message-ID: <20091111190838.GI17458@mail.mac.com>

Morning,

One user is out sick, another user asked me to search the first user's
email for a specific message. If I had found that message and the second
user wanted to access that message in the second user's normal INBOX
would I do this:

# cd /var/spool/imap/a/user/auser
# cp 999999. /var/spool/imap/b/user/buser
# su - cyrus
# reconstruct -r user.buser
# exit
# exit

The message was not found, so no urgent need for this. I want to know
how for next time.

Mike

From dgottsc at emory.edu  Wed Nov 11 14:18:10 2009
From: dgottsc at emory.edu (Gottschalk, David)
Date: Wed, 11 Nov 2009 14:18:10 -0500
Subject: general question, how to do this?
In-Reply-To: <20091111190838.GI17458@mail.mac.com>
References: <20091111190838.GI17458@mail.mac.com>
Message-ID: <C18A46305CFFBD45BE113C0823CC4856C8273C48B2@EXCHANGE10.Enterprise.emory.net>

That should work fine.

David Gottschalk
UTS Email team
david.gottschalk at emory.edu

-----Original Message-----
From: info-cyrus-bounces+dgottsc=emory.edu at lists.andrew.cmu.edu [mailto:info-cyrus-bounces+dgottsc=emory.edu at lists.andrew.cmu.edu] On Behalf Of Mike Eggleston
Sent: Wednesday, November 11, 2009 2:09 PM
To: info-cyrus at lists.andrew.cmu.edu
Subject: general question, how to do this?

Morning,

One user is out sick, another user asked me to search the first user's
email for a specific message. If I had found that message and the second
user wanted to access that message in the second user's normal INBOX
would I do this:

# cd /var/spool/imap/a/user/auser
# cp 999999. /var/spool/imap/b/user/buser
# su - cyrus
# reconstruct -r user.buser
# exit
# exit

The message was not found, so no urgent need for this. I want to know
how for next time.

Mike
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

This e-mail message (including any attachments) is for the sole use of
the intended recipient(s) and may contain confidential and privileged
information.  If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination, distribution
or copying of this message (including any attachments) is strictly
prohibited.

If you have received this message in error, please contact
the sender by reply e-mail message and destroy all copies of the
original message (including attachments).

From dwhite at olp.net  Wed Nov 11 14:22:56 2009
From: dwhite at olp.net (Dan White)
Date: Wed, 11 Nov 2009 13:22:56 -0600
Subject: general question, how to do this?
In-Reply-To: <20091111190838.GI17458@mail.mac.com>
References: <20091111190838.GI17458@mail.mac.com>
Message-ID: <20091111192255.GF4988@dan.olp.net>

On 11/11/09?13:08?-0600, Mike Eggleston wrote:
>One user is out sick, another user asked me to search the first user's
>email for a specific message. If I had found that message and the second
>user wanted to access that message in the second user's normal INBOX
>would I do this:
>
># cd /var/spool/imap/a/user/auser
># cp 999999. /var/spool/imap/b/user/buser
># su - cyrus
># reconstruct -r user.buser
># exit
># exit
>
>The message was not found, so no urgent need for this. I want to know
>how for next time.

pinky:~# imtest -a cyrus localhost
<cut>
S: A01 OK Success (privacy protection)
Authenticated.
Security strength factor: 128
111 select user.auser
<cut>
111 OK [READ-WRITE] Completed
222 uid copy 999999 user.buser
222 OK [COPYUID 1089193296 1 1480] Completed
333 logout
* BYE LOGOUT received
333 OK Completed
Connection closed.

Where 'cyrus' is an admin.

-- 
Dan White

From mikeegg1 at mac.com  Wed Nov 11 14:27:32 2009
From: mikeegg1 at mac.com (Mike Eggleston)
Date: Wed, 11 Nov 2009 13:27:32 -0600
Subject: general question, how to do this?
In-Reply-To: <20091111192255.GF4988@dan.olp.net>
References: <20091111190838.GI17458@mail.mac.com>
	<20091111192255.GF4988@dan.olp.net>
Message-ID: <20091111192732.GJ17458@mail.mac.com>

On Wed, 11 Nov 2009, Dan White might have said:

> On 11/11/09?13:08?-0600, Mike Eggleston wrote:
> >One user is out sick, another user asked me to search the first user's
> >email for a specific message. If I had found that message and the second
> >user wanted to access that message in the second user's normal INBOX
> >would I do this:
> >
> ># cd /var/spool/imap/a/user/auser
> ># cp 999999. /var/spool/imap/b/user/buser
> ># su - cyrus
> ># reconstruct -r user.buser
> ># exit
> ># exit
> >
> >The message was not found, so no urgent need for this. I want to know
> >how for next time.
> 
> pinky:~# imtest -a cyrus localhost
> <cut>
> S: A01 OK Success (privacy protection)
> Authenticated.
> Security strength factor: 128
> 111 select user.auser
> <cut>
> 111 OK [READ-WRITE] Completed
> 222 uid copy 999999 user.buser
> 222 OK [COPYUID 1089193296 1 1480] Completed
> 333 logout
> * BYE LOGOUT received
> 333 OK Completed
> Connection closed.
> 
> Where 'cyrus' is an admin.
> 
> -- 
> Dan White

That's a neat approach, thanks.

Mike

From michael.menge at zdv.uni-tuebingen.de  Thu Nov 12 02:28:45 2009
From: michael.menge at zdv.uni-tuebingen.de (Michael Menge)
Date: Thu, 12 Nov 2009 08:28:45 +0100
Subject: Autocreate patch for 2.3.15?
In-Reply-To: <775a2266239e9439d645969b03b7ea78.squirrel@webmail.bi.corp.invoca.ch>
References: <20091111104622.19842omhw2i0xnc4@webmail.mindcrash.com>
	<775a2266239e9439d645969b03b7ea78.squirrel@webmail.bi.corp.invoca.ch>
Message-ID: <20091112082845.25095h4b6laglfe5@webmail.uni-tuebingen.de>

Quoting Simon Matter <simon.matter at invoca.ch>:

>> Has anyone used the 2.3.14 autocreate patch on 2.3.15?  There does not
>> seem to be a patch for 2.3.15 on the site and I have tried using the
>> 2.3.14 patch and it does not apply cleanly.  It fails at
>> imap/Makefile.in
>
> Find attached my version of the patch adopted for 2.3.15. Note that this
> is not an official patch from UOA but it is widely used because it's the
> patch used in my cyrus-imapd rpms.
> IIRC UOA is not using 2.3.x which is why they are not so fast upgrading
> the patches.

Is there a reason that this patch is not in the official cyrus release?




--------------------------------------------------------------------------------
M.Menge                                Tel.: (49) 7071/29-70316
Universit?t T?bingen                   Fax.: (49) 7071/29-5912
Zentrum f?r Datenverarbeitung          mail:  
michael.menge at zdv.uni-tuebingen.de
W?chterstra?e 76
72074 T?bingen

From woods-cyrus at weird.com  Thu Nov 12 13:47:04 2009
From: woods-cyrus at weird.com (Greg A. Woods)
Date: Thu, 12 Nov 2009 13:47:04 -0500
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <20091107195430.GA21955@brong.net>
References: <1256060184.2946.53.camel@skunk> <m1N0K6o-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910201258110.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<1256072052.3739.4.camel@badjo> <m1N181A-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<m1N1PX1-000kn2C@most.weird.com>
	<F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes>
	<m1N6n6W-000kmgC@most.weird.com> <20091107195430.GA21955@brong.net>
Message-ID: <m1N8dxe-000kn1C@most.weird.com>

At Sun, 8 Nov 2009 06:54:30 +1100, Bron Gondwana <brong at fastmail.fm> wrote:
Subject: Re: Exec'ing a script from Cyrus when imapd has a client
> 
> On Sat, Nov 07, 2009 at 11:08:31AM -0500, Greg A. Woods wrote:
> > 
> > Just get a forwarding alias installed on the remote mail server and then
> > you'll be using the MTA to move your mail in a robust, secure, and
> > fail-safe manner to the IMAP server where you desire it to be finally
> > delivered.
> 
> Maybe unreliable network connectivity?

That's _exactly_ where you want to use SMTP or some other store and
forward mechanism to create a robust and reliable mail transport link!

Use SMTP to breech the unreliable link!  It's safe, proven, and designed
for that very task!


>  A dynamic IP where they don't
> want a stale DynDNS pointer to cause someone else to get the mail?

Well, amateurs can and will run whatever hacks they want, and they're
not usually interested in doing the kinds of things necessary for
production systems in the first place either.

Further, if anyone is stupid enough to try to use dynamic IP addresses
where static IP addresses are REQUIRED for proper functionality and
robust operations then they get every problem they deserve and I have no
interest whatsoever in catering to any of their hacks and abominations.

Use proper client/server protocols for dynamic IP clients!


> Pull vs Push in the abstract is an age old question that never has only
> one answer, much as you are trying to paint it that way.

Well, in Internet e-mail delivery there has always been one and only one
answer to the push vs. pull philosophy.  I'm only talking about e-mail
here.

Fight the way e-mail has always worked and you have to fight the whole
infrastructure and use fringe tools with known risks and problems.

If you want your e-mail to work reliably then you have to work with the
existing infrastructure and with the tried and tested tools that
designed and implemented to work that way.

Note how even in SMTP the proposed mechanisms for pull-like
functionality have been lost, broken, and forgotten forever, and even
there, like in UUCP, it's still fundamentally store-and-FORWARD even if
the client makes the call.  Nobody has _ever_ made "pull" work for
e-mail in any significant widely accepted and implemented way.  To that
extent history and experience have proven that your age-old question
does in fact have only one good workable answer.

Note that the final last-hop fetch done by the likes of POP and IMAP is
not a "pull" mechanism -- they switch the whole paradigm to client/server.


> > The rest of this is kinda just BS about how to use a proper IMAP client.
> 
> Er, you know a perfect IMAP client?  I've never been able to find a good
> one, which is why I use offlineimap to local Maildirs and mutt to talk
> to them.

I didn't say "perfect" -- I said "proper".   :-)

Mutt is not a proper IMAP client so far as I can tell, for example.

Pine, Emacs Wanderlust, Thunderbird, Apple Mail, etc. are all "proper"
IMAP clients in most respects, I think.  Pick your poison.  :-)


> Ahh, I see.  Fetchmail screwed your dog and pissed in your cereal.

No, not me -- I've seen dozens of others screwed by it though.  It does
nothing good for e-mail.


> Rumour has it that offlineimap supports running an IMAP server
> locally and synchronising changes in BOTH directions, with the
> help of a little on-disk-database to keep track of who changed
> what.

Yes, back to a more proper client/server paradigm.  No messing with
protocol layer violations is necessary.

(offlineimap does sound like a rather crazy idea though -- why not just
use a proper IMAP client that properly supports a true offline working
mode?)


>  I don't use it because last time I did it was still buggy
> and new, and now I'm wary.

And you would use/recommend fetchmail instead?  Talk about a
fundamental contradiction!  :-)


> This whole fetchmail thing is a tangent.  Implementation detail.

Sort of.  Anything in its class is at question.


> The important thing was pull versus push and how to trigger the
> "monkey with a modern email client" equivalent of a copy between
> IMAP folders, but scripted.

No, IMAP uses a client/server paradigm, not really a pull.  There's a
subtle but VERY important difference, especially for e-mail
w.r.t. protocol layering violations (especially RFC 822 and newer).

-- 
						Greg A. Woods

+1 416 218-0098                VE3TCP          RoboHack <woods at robohack.ca>
Planix, Inc. <woods at planix.com>      Secrets of the Weird <woods at weird.com>

From woods-cyrus at weird.com  Thu Nov 12 13:53:35 2009
From: woods-cyrus at weird.com (Greg A. Woods)
Date: Thu, 12 Nov 2009 13:53:35 -0500
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <1257627953.4682.9.camel@linux-m3mt>
References: <1256060184.2946.53.camel@skunk> <m1N0K6o-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910201258110.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<1256072052.3739.4.camel@badjo> <m1N181A-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<m1N1PX1-000kn2C@most.weird.com>
	<F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes>
	<m1N6n6W-000kmgC@most.weird.com>
	<1257627953.4682.9.camel@linux-m3mt>
Message-ID: <m1N8e3w-000kn1C@most.weird.com>

At Sat, 07 Nov 2009 16:05:53 -0500, Adam Tauno Williams <awilliam at whitemice.org> wrote:
Subject: Re: Exec'ing a script from Cyrus when imapd has a client
> 
> So what?  Seriously, if a tool accomplishes the task... and
> accomplishing the task is the purpose for the technology to exist in the
> first place.

Well, if all you've got is a hammer....


> Bogus, Fetchmail is a POP/IMAP/SMTP client that automatically moves
> messages based upon its configuration.  It doesn't "violate" any
> "protocol levels" at all.  If I drag-and-drop messages with my GUI MUA
> between two servers, or use fetchmail, it is the exact same affect and
> both are perfectly legitimate.  Except, of course, that fetchmail will
> do so at 3AM every morning while I sleep.

Ah, NOPE.  POP and IMAP are entirely different paradigms than SMTP (or
LMTP), for example.  Fetchmail violates RFC822 for starters.  See my
other reply.  If you don't understand then perhaps you don't care about
such things -- that's your business.  Also fetchmail introduces a huge
hole in reliability and robustness of normal MTA message transmission
and delivery.

I'd very much like to stop anyone from offering such hacks as
"solutions" to others though, especially when there are perfectly good
alternatives which don't violate any protocol layers and which are
infinitely more robust and reliable.

-- 
						Greg A. Woods

+1 416 218-0098                VE3TCP          RoboHack <woods at robohack.ca>
Planix, Inc. <woods at planix.com>      Secrets of the Weird <woods at weird.com>

From david.lang at digitalinsight.com  Thu Nov 12 14:55:25 2009
From: david.lang at digitalinsight.com (David Lang)
Date: Thu, 12 Nov 2009 11:55:25 -0800 (PST)
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <m1N8dxe-000kn1C@most.weird.com>
References: <1256060184.2946.53.camel@skunk>
	<m1N0K6o-000kn2C@most.weird.com><alpine.DEB.2.00.0910201258110.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz><1256072052.3739.4.camel@badjo>
	<m1N181A-000kn2C@most.weird.com><alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz><m1N1PX1-000kn2C@most.weird.com><F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes><m1N6n6W-000kmgC@most.weird.com>
	<20091107195430.GA21955@brong.net> <m1N8dxe-000kn1C@most.weird.com>
Message-ID: <alpine.DEB.2.00.0911121149090.26993@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>

On Thu, 12 Nov 2009, Greg A. Woods wrote:

> At Sun, 8 Nov 2009 06:54:30 +1100, Bron Gondwana <brong at fastmail.fm> wrote:
> Subject: Re: Exec'ing a script from Cyrus when imapd has a client
>>
>> On Sat, Nov 07, 2009 at 11:08:31AM -0500, Greg A. Woods wrote:
>>>
>>> Just get a forwarding alias installed on the remote mail server and then
>>> you'll be using the MTA to move your mail in a robust, secure, and
>>> fail-safe manner to the IMAP server where you desire it to be finally
>>> delivered.
>>
>> Maybe unreliable network connectivity?
>
> That's _exactly_ where you want to use SMTP or some other store and
> forward mechanism to create a robust and reliable mail transport link!
>
> Use SMTP to breech the unreliable link!  It's safe, proven, and designed
> for that very task!

no, SMTP only works if you have network connectivity that is up most of the 
time. it will handle short outages, but it will not handle the case where your 
network connectivity is off most of the time

>>  A dynamic IP where they don't
>> want a stale DynDNS pointer to cause someone else to get the mail?
>
> Well, amateurs can and will run whatever hacks they want, and they're
> not usually interested in doing the kinds of things necessary for
> production systems in the first place either.
>
> Further, if anyone is stupid enough to try to use dynamic IP addresses
> where static IP addresses are REQUIRED for proper functionality and
> robust operations then they get every problem they deserve and I have no
> interest whatsoever in catering to any of their hacks and abominations.
>
> Use proper client/server protocols for dynamic IP clients!

SMTP is not a proper protocol for a dynamic IP environement.

>> Pull vs Push in the abstract is an age old question that never has only
>> one answer, much as you are trying to paint it that way.
>
> Well, in Internet e-mail delivery there has always been one and only one
> answer to the push vs. pull philosophy.  I'm only talking about e-mail
> here.

not true, in the beginning UUCP was the primary mechanism for transporting 
e-mail. it was designed for the (then current) environement where connectivity 
was very intermittent and expensive to leave idle (which happens to match the 
use case here as well, but using UUCP takes far more cooperation on the part of 
the Internet server, thus the fetchmail approach)

> Fight the way e-mail has always worked and you have to fight the whole
> infrastructure and use fringe tools with known risks and problems.
>
> If you want your e-mail to work reliably then you have to work with the
> existing infrastructure and with the tried and tested tools that
> designed and implemented to work that way.
>
> Note how even in SMTP the proposed mechanisms for pull-like
> functionality have been lost, broken, and forgotten forever, and even
> there, like in UUCP, it's still fundamentally store-and-FORWARD even if
> the client makes the call.  Nobody has _ever_ made "pull" work for
> e-mail in any significant widely accepted and implemented way.

UUCP that's acttivated when the client connects and tickles the server to let it 
know that it's connected is effectivly a pull mechanism.

>>> The rest of this is kinda just BS about how to use a proper IMAP client.
>>
>> Er, you know a perfect IMAP client?  I've never been able to find a good
>> one, which is why I use offlineimap to local Maildirs and mutt to talk
>> to them.
>
> I didn't say "perfect" -- I said "proper".   :-)
>
> Mutt is not a proper IMAP client so far as I can tell, for example.
>
> Pine, Emacs Wanderlust, Thunderbird, Apple Mail, etc. are all "proper"
> IMAP clients in most respects, I think.  Pick your poison.  :-)

Thunderbird? my understanding (from watching people use it) is that it wants to 
pull a copy of all your mail to the local box before processing it. how is this 
a proper IMAP client?

David Lang

From xavier.bestel at free.fr  Thu Nov 12 15:21:24 2009
From: xavier.bestel at free.fr (Xavier Bestel)
Date: Thu, 12 Nov 2009 21:21:24 +0100
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <m1N8e3w-000kn1C@most.weird.com>
References: <1256060184.2946.53.camel@skunk> <m1N0K6o-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910201258110.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<1256072052.3739.4.camel@badjo> <m1N181A-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<m1N1PX1-000kn2C@most.weird.com>
	<F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes>
	<m1N6n6W-000kmgC@most.weird.com> <1257627953.4682.9.camel@linux-m3mt>
	<m1N8e3w-000kn1C@most.weird.com>
Message-ID: <1258057284.4904.28.camel@bip>

Le jeudi 12 novembre 2009 ? 13:53 -0500, Greg A. Woods a ?crit :
> I'd very much like to stop anyone from offering such hacks as
> "solutions" to others though, especially when there are perfectly good
> alternatives which don't violate any protocol layers and which are
> infinitely more robust and reliable. 

You dispense a lot of stop energy on this list, with dubious technical
arguments to justify your point. Do you gain anything if Cyrus doesn't
fulfill the needs of some users ?

	Xav




From gombasg at sztaki.hu  Thu Nov 12 17:34:37 2009
From: gombasg at sztaki.hu (Gabor Gombas)
Date: Thu, 12 Nov 2009 23:34:37 +0100
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <alpine.DEB.2.00.0911121149090.26993@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
References: <alpine.DEB.2.00.0910201258110.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<1256072052.3739.4.camel@badjo> <m1N181A-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<m1N1PX1-000kn2C@most.weird.com>
	<F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes>
	<m1N6n6W-000kmgC@most.weird.com> <20091107195430.GA21955@brong.net>
	<m1N8dxe-000kn1C@most.weird.com>
	<alpine.DEB.2.00.0911121149090.26993@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
Message-ID: <20091112223436.GA2444@boogie.lpds.sztaki.hu>

On Thu, Nov 12, 2009 at 11:55:25AM -0800, David Lang wrote:

> > Use SMTP to breech the unreliable link!  It's safe, proven, and designed
> > for that very task!
> 
> no, SMTP only works if you have network connectivity that is up most of the 
> time. it will handle short outages, but it will not handle the case where your 
> network connectivity is off most of the time

ETRN can solve this, you just need a relay that understands ETRN and is
willing to hold your e-mails while you're off-line. ODMR is better for
dynamic addresses (you don't need dynamic DNS) but it seems to be less
supported. I have not used either yet, so YMMV.

Gabor

-- 
     ---------------------------------------------------------
     MTA SZTAKI Computer and Automation Research Institute
                Hungarian Academy of Sciences
     ---------------------------------------------------------

From david.lang at digitalinsight.com  Thu Nov 12 17:52:42 2009
From: david.lang at digitalinsight.com (David Lang)
Date: Thu, 12 Nov 2009 14:52:42 -0800 (PST)
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <20091112223436.GA2444@boogie.lpds.sztaki.hu>
References: <alpine.DEB.2.00.0910201258110.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<1256072052.3739.4.camel@badjo> <m1N181A-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<m1N1PX1-000kn2C@most.weird.com>
	<F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes>
	<m1N6n6W-000kmgC@most.weird.com> <20091107195430.GA21955@brong.net>
	<m1N8dxe-000kn1C@most.weird.com>
	<alpine.DEB.2.00.0911121149090.26993@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<20091112223436.GA2444@boogie.lpds.sztaki.hu>
Message-ID: <alpine.DEB.2.00.0911121450190.26993@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>

On Thu, 12 Nov 2009, Gabor Gombas wrote:

> On Thu, Nov 12, 2009 at 11:55:25AM -0800, David Lang wrote:
>
>>> Use SMTP to breech the unreliable link!  It's safe, proven, and designed
>>> for that very task!
>>
>> no, SMTP only works if you have network connectivity that is up most of the
>> time. it will handle short outages, but it will not handle the case where your
>> network connectivity is off most of the time
>
> ETRN can solve this, you just need a relay that understands ETRN and is
> willing to hold your e-mails while you're off-line. ODMR is better for
> dynamic addresses (you don't need dynamic DNS) but it seems to be less
> supported. I have not used either yet, so YMMV.

the big advantage of the fetchmail approach that the initial poster was asking 
about is that it does not require special configuration of the upstream mail 
server.

I definantly agree that it is not the best possible approach. but as far as I 
can tell, every approach that's better requires cooperation from a mail server 
that does have full-time Internet connectivity. unfortunantly that's not always 
available (at least, not available at an affordable price in time and money)

David Lang

From woods-cyrus at weird.com  Thu Nov 12 19:20:01 2009
From: woods-cyrus at weird.com (Greg A. Woods)
Date: Thu, 12 Nov 2009 19:20:01 -0500
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <alpine.DEB.2.00.0911121149090.26993@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
References: <1256060184.2946.53.camel@skunk> <m1N0K6o-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910201258110.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<1256072052.3739.4.camel@badjo> <m1N181A-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<m1N1PX1-000kn2C@most.weird.com>
	<F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes>
	<m1N6n6W-000kmgC@most.weird.com> <20091107195430.GA21955@brong.net>
	<m1N8dxe-000kn1C@most.weird.com>
	<alpine.DEB.2.00.0911121149090.26993@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
Message-ID: <m1N8j9r-000knNC@most.weird.com>

At Thu, 12 Nov 2009 11:55:25 -0800 (PST), David Lang <david.lang at digitalinsight.com> wrote:
Subject: Re: Exec'ing a script from Cyrus when imapd has a client
> 
> no, SMTP only works if you have network connectivity that is up most of the 
> time. it will handle short outages, but it will not handle the case where your 
> network connectivity is off most of the time

If your link is off most of the time then use UUCP -- that's what it was
designed for.  Tunnel it through SSL if you're using public IP
addressing and routing for the same link.

Or just use IMAP from a client MUA -- your link will be up when you want
to read mail and all your mail will be available at the IMAP server at
that time.

All these excuses for doing strange things with things like fetchmail
are really really lame and stretching the imagination beyond belief!


> > Use proper client/server protocols for dynamic IP clients!
> 
> SMTP is not a proper protocol for a dynamic IP environement.

Indeed, SMTP is not a client/server style protocol in the sense I meant.

IMAP would be a proper client/server style protocol in the sense I meant.


> not true, in the beginning UUCP was the primary mechanism for transporting 
> e-mail. it was designed for the (then current) environement where connectivity 
> was very intermittent and expensive to leave idle (which happens to match the 
> use case here as well, but using UUCP takes far more cooperation on the part of 
> the Internet server, thus the fetchmail approach)

I used UUCP intensively for at least 10 years at dozens of sites with
hundreds of peers, starting over 20 years ago.  I've worked on UUCP
implementations, including building alternate transport layers for UUCP
connectivity over networks such as X.25.

UUCP e-mail, _is_ fundamentally a store and forward protocol, _even_
when the client makes the call.  Don't confuse connection establishment
with higher protocol layers.

UUCP is _NOT_ an "Internet" protocol (though of course modern
implementations can use TCP/IP as an underlying connection transport).

Now read again what I wrote with all of that in mind:

    Well, in Internet e-mail delivery there has always been one and only
    one answer to the push vs. pull philosophy.  I'm only talking about
    e-mail here.

> UUCP that's acttivated when the client connects and tickles the server to let it 
> know that it's connected is effectivly a pull mechanism.

No.  The server _always_ _pushes_ the command and data files to the
client REGARDLESS of how the connection was initiated.  The UUCP client
doesn't know what to ask for -- it just opens the connection and allows
the server to proceed normally with using the connection.  The server
pushes over command and data files for the client to act upon, in just
exactly the same was as if it had initiated the connection.

Connection establishment in UUCP is no more related to the fundamental
fact that e-mail via UUCP is a store-and-forward protocol than PPP
connection establishment is related to the fact that SMTP is a
store-and-forward protocol.  They are both different layers.

Keep it Simple -- don't confuse or violate protocol layers!


> Thunderbird? my understanding (from watching people use it) is that it wants to 
> pull a copy of all your mail to the local box before processing it. how is this 
> a proper IMAP client?

How is it not a proper IMAP client?  Like I said, pick your poison.
Some MUAs will want to copy everything over at once for one kind of
performance profile, some will request only headers (enough to form the
summary index) for another kind of performance profile.  Thunderbird
fully understands the concept of multiple folders on arbitrary servers,
and it more or less speaks true IMAPv4, giving the user an interface to
do most everything that IMAPv4 will easily allow.  It has additional
features that make it possible to work offline.  That sounds like a
proper IMAP client to me.

-- 
						Greg A. Woods

+1 416 218-0098                VE3TCP          RoboHack <woods at robohack.ca>
Planix, Inc. <woods at planix.com>      Secrets of the Weird <woods at weird.com>

From woods-cyrus at weird.com  Thu Nov 12 19:36:48 2009
From: woods-cyrus at weird.com (Greg A. Woods)
Date: Thu, 12 Nov 2009 19:36:48 -0500
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <1258057284.4904.28.camel@bip>
References: <1256060184.2946.53.camel@skunk> <m1N0K6o-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910201258110.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<1256072052.3739.4.camel@badjo> <m1N181A-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<m1N1PX1-000kn2C@most.weird.com>
	<F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes>
	<m1N6n6W-000kmgC@most.weird.com>
	<1257627953.4682.9.camel@linux-m3mt>
	<m1N8e3w-000kn1C@most.weird.com> <1258057284.4904.28.camel@bip>
Message-ID: <m1N8jQ6-000kmuC@most.weird.com>

At Thu, 12 Nov 2009 21:21:24 +0100, Xavier Bestel <xavier.bestel at free.fr> wrote:
Subject: Re: Exec'ing a script from Cyrus when imapd has a client
> 
> Do you gain anything if Cyrus doesn't
> fulfill the needs of some users ?

Did I ever say Cyrus should or should not meet the needs of some users?

I think you've got something backwards here.

Why should any one "product" meet the needs of all users?  That's the
"if all you've got is a hammer..." analogy.  Cyrus IMAP will _NEVER_
meet the needs of all users, and that's fundamentally what I've been
trying to say from the start.  If you don't need it then don't try to
wedge it into your implementation!

We all gain if we can avoid the "all you've got is a hammer" trap, and
indeed we all gain if we can help each other avoid that trap too.

If I'm not too mistaken it seems most everyone who wanted to use an IMAP
server as a client-level tool (by employing the likes of fetchmail) were
clearly falling for the "I have this Cyrus IMAP Hammer and I want to use
it to manage all of my e-mail even though I'm not running a server" trap.
Certainly that seemed to me to be the OP's situation.

The real fear I have is that as a result others will believe that this
kind of use is condoned and approved, or worse that these folks were
actually setting up such things for other groups of users.  In both
cases we end up with naive users who will not understand the issues
involved.   Issues such as mangled headers, unreliable delivery, loss of
e-mail, and so on.

Sure, it's all fine and dandy for someone to want to learn about a
product like Cyrus IMAP (or even fetchmail) by installing and using it
in some form where they can personally make use of it.

However if the goal is just to make something work in the real world for
end users then we really need to go back to the fundamental end-user
requirements and figure out how best to meet them without creating
hidden problems along the way simply because we've got this hammer in
our hands and we're dying to bang away on something.  If the user wants
some screws installed then we'd be doing them a huge favour if we would
go and find the proper screwdriver to do the job for them!

-- 
						Greg A. Woods

+1 416 218-0098                VE3TCP          RoboHack <woods at robohack.ca>
Planix, Inc. <woods at planix.com>      Secrets of the Weird <woods at weird.com>

From david.lang at digitalinsight.com  Thu Nov 12 20:20:19 2009
From: david.lang at digitalinsight.com (David Lang)
Date: Thu, 12 Nov 2009 17:20:19 -0800 (PST)
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <m1N8jQ6-000kmuC@most.weird.com>
References: <1256060184.2946.53.camel@skunk>
	<m1N0K6o-000kn2C@most.weird.com><alpine.DEB.2.00.0910201258110.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz><1256072052.3739.4.camel@badjo>
	<m1N181A-000kn2C@most.weird.com><alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz><m1N1PX1-000kn2C@most.weird.com><F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes><m1N6n6W-000kmgC@most.weird.com><1257627953.4682.9.camel@linux-m3mt><m1N8e3w-000kn1C@most.weird.com>
	<1258057284.4904.28.camel@bip> <m1N8jQ6-000kmuC@most.weird.com>
Message-ID: <alpine.DEB.2.00.0911121711470.26993@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>

On Thu, 12 Nov 2009, Greg A. Woods wrote:

> At Thu, 12 Nov 2009 21:21:24 +0100, Xavier Bestel <xavier.bestel at free.fr> wrote:
> Subject: Re: Exec'ing a script from Cyrus when imapd has a client
>>
>> Do you gain anything if Cyrus doesn't
>> fulfill the needs of some users ?
>
> Did I ever say Cyrus should or should not meet the needs of some users?
>
> I think you've got something backwards here.
>
> Why should any one "product" meet the needs of all users?  That's the
> "if all you've got is a hammer..." analogy.  Cyrus IMAP will _NEVER_
> meet the needs of all users, and that's fundamentally what I've been
> trying to say from the start.  If you don't need it then don't try to
> wedge it into your implementation!
>
> We all gain if we can avoid the "all you've got is a hammer" trap, and
> indeed we all gain if we can help each other avoid that trap too.
>
> If I'm not too mistaken it seems most everyone who wanted to use an IMAP
> server as a client-level tool (by employing the likes of fetchmail) were
> clearly falling for the "I have this Cyrus IMAP Hammer and I want to use
> it to manage all of my e-mail even though I'm not running a server" trap.
> Certainly that seemed to me to be the OP's situation.
>
> The real fear I have is that as a result others will believe that this
> kind of use is condoned and approved, or worse that these folks were
> actually setting up such things for other groups of users.  In both
> cases we end up with naive users who will not understand the issues
> involved.   Issues such as mangled headers, unreliable delivery, loss of
> e-mail, and so on.

who are you to officially condone or approve any particular use?

who on this list (or any list) has the authority to do so?

it's fine to suggest other solutions, but if people then say that those 
solutions cannot be used in these cases (and especially when they give the 
reasons) continuing to argue that it's wrong and evil to use the tool that way 
is not productive. you may not choose that solution, but that may be because you 
have resources available to you that make a different solution better.

> Sure, it's all fine and dandy for someone to want to learn about a
> product like Cyrus IMAP (or even fetchmail) by installing and using it
> in some form where they can personally make use of it.
>
> However if the goal is just to make something work in the real world for
> end users then we really need to go back to the fundamental end-user
> requirements and figure out how best to meet them without creating
> hidden problems along the way simply because we've got this hammer in
> our hands and we're dying to bang away on something.  If the user wants
> some screws installed then we'd be doing them a huge favour if we would
> go and find the proper screwdriver to do the job for them!

even if the OP was using UUCP for the mail transport, the question he asked (how 
to have a job run frequently when a user is logged in, and not run if there are 
no users logged in) is still a very useful question to get an answer to.

you have focused on the fact that he wants to use fetchmail as the transport 
between the full-time internet and his intermittently connected network and are 
telling everyone that he absolutly, under no conditions should try to do what 
he's attempting.

that's where we have severe disagreements.

most of the rest of us see situations where the basic approach he's doing could 
be the best possible approach. we may quibble over exact details of some of the 
things (use fetchmail vs UUCP vs other), but that doesn't make the basic 
approach invalid.

David Lang

From david.lang at digitalinsight.com  Thu Nov 12 20:30:56 2009
From: david.lang at digitalinsight.com (David Lang)
Date: Thu, 12 Nov 2009 17:30:56 -0800 (PST)
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <m1N8j9r-000knNC@most.weird.com>
References: <1256060184.2946.53.camel@skunk>
	<m1N0K6o-000kn2C@most.weird.com><alpine.DEB.2.00.0910201258110.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz><1256072052.3739.4.camel@badjo>
	<m1N181A-000kn2C@most.weird.com><alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz><m1N1PX1-000kn2C@most.weird.com><F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes><m1N6n6W-000kmgC@most.weird.com>
	<20091107195430.GA21955@brong.net><m1N8dxe-000kn1C@most.weird.com><alpine.DEB.2.00.0911121149090.26993@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<m1N8j9r-000knNC@most.weird.com>
Message-ID: <alpine.DEB.2.00.0911121720530.26993@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>

On Thu, 12 Nov 2009, Greg A. Woods wrote:

> At Thu, 12 Nov 2009 11:55:25 -0800 (PST), David Lang <david.lang at digitalinsight.com> wrote:
> Subject: Re: Exec'ing a script from Cyrus when imapd has a client
>>
>> no, SMTP only works if you have network connectivity that is up most of the
>> time. it will handle short outages, but it will not handle the case where your
>> network connectivity is off most of the time
>
> If your link is off most of the time then use UUCP -- that's what it was
> designed for.  Tunnel it through SSL if you're using public IP
> addressing and routing for the same link.

you can only do this if the servers you are connecting to support UUCP, most do 
not.

but even if you do this, it's valid to want UUCP to check frequently when imapd 
has a client and infrequently (if at all) when it doesn't.

> Or just use IMAP from a client MUA -- your link will be up when you want
> to read mail and all your mail will be available at the IMAP server at
> that time.

over a slow, high latency, error-prone link IMAP is very painful to use.

> All these excuses for doing strange things with things like fetchmail
> are really really lame and stretching the imagination beyond belief!



>>> Use proper client/server protocols for dynamic IP clients!
>>
>> SMTP is not a proper protocol for a dynamic IP environement.
>
> Indeed, SMTP is not a client/server style protocol in the sense I meant.
>
> IMAP would be a proper client/server style protocol in the sense I meant.

so you are claiming that his business need is invalid. you are not in a position 
to declare this.

>> Thunderbird? my understanding (from watching people use it) is that it wants to
>> pull a copy of all your mail to the local box before processing it. how is this
>> a proper IMAP client?
>
> How is it not a proper IMAP client?  Like I said, pick your poison.
> Some MUAs will want to copy everything over at once for one kind of
> performance profile, some will request only headers (enough to form the
> summary index) for another kind of performance profile.  Thunderbird
> fully understands the concept of multiple folders on arbitrary servers,
> and it more or less speaks true IMAPv4, giving the user an interface to
> do most everything that IMAPv4 will easily allow.  It has additional
> features that make it possible to work offline.  That sounds like a
> proper IMAP client to me.

that 'more or less speaks true IMAPv4' makes me say it's not a proper IMAP 
client.

I also consider any client that uses IMAP to pull the data to the local system 
and does everything else there to be a POP client that happens to use IMAP 
to fetch it's messages.

A proper IMAP client would fetch only the portions of a message that the user 
needs, and would use the capabilities of the server (or at least the basic 
IMAPv4 capabilities, they may not use all of the enhancements) rather than 
duplicating the functionality on local copies.

this doesn't prevent the client from offering a disconnected mode of operation, 
but if disconnected mode is not in use, the server should be used.

David Lang


From raj at csub.edu  Thu Nov 12 20:46:20 2009
From: raj at csub.edu (Russell Jackson)
Date: Thu, 12 Nov 2009 17:46:20 -0800
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <1256060184.2946.53.camel@skunk>
References: <1256060184.2946.53.camel@skunk>
Message-ID: <4AFCBA6C.2080704@csub.edu>

Xavier Bestel wrote:
> Hi,
> 
> I have a small install with cyrus-imapd 2.3.14, which reads some of its
> mails with fetchmail. To limit the delay in mail delivery, fetchmail
> awakes each minute to get mails.
> What I would like is let fetchmail do that only when there's a client
> actually reading its mails, i.e. an MUA actually connected to imapd.
> 
> So, my question: how to hook a script each time a client
> connects/disconnects from imapd ?
>

Check /var/imap/proc for files. If any are present, then a client is connected. Write a
polling script to run out of cron that checks for this and runs fetchmail if appropriate.
I'll let other's comment on the soundness of this.

Semi-pseudo code.

#/bin/sh
if [ $(find /var/imap/proc -type f | wc -l) -gt 0 ]; then
  fetchmail
fi

For bonus points, you could parse the proc files and only run fetch mail for the users
actually connected.

find /var/imap/proc -type f | \
  xargs awk 'BEGIN{FS="\t"}{if (length($2)) print $2}' | \
  sort -u | \
  xargs <dispatch_command>

-- 
Russell A. Jackson <raj at csub.edu>
Network Analyst
California State University, Bakersfield


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091112/91eb0b46/attachment.bin 

From raj at csub.edu  Thu Nov 12 23:49:52 2009
From: raj at csub.edu (Russell Jackson)
Date: Thu, 12 Nov 2009 20:49:52 -0800
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <4AFCBA6C.2080704@csub.edu>
References: <1256060184.2946.53.camel@skunk> <4AFCBA6C.2080704@csub.edu>
Message-ID: <4AFCE570.20706@csub.edu>

Russell Jackson wrote:
> Xavier Bestel wrote:
>> Hi,
>>
>> I have a small install with cyrus-imapd 2.3.14, which reads some of its
>> mails with fetchmail. To limit the delay in mail delivery, fetchmail
>> awakes each minute to get mails.
>> What I would like is let fetchmail do that only when there's a client
>> actually reading its mails, i.e. an MUA actually connected to imapd.
>>
>> So, my question: how to hook a script each time a client
>> connects/disconnects from imapd ?
>>
> 
> Check /var/imap/proc for files. If any are present, then a client is connected. Write a
> polling script to run out of cron that checks for this and runs fetchmail if appropriate.
> I'll let other's comment on the soundness of this.
> 

Opps. Didn't see that second sub-thread that said pretty much the same exact thing already.


-- 
Russell A. Jackson <raj at csub.edu>
Network Analyst
California State University, Bakersfield


From schweizer.martin at gmail.com  Fri Nov 13 00:52:29 2009
From: schweizer.martin at gmail.com (Martin Schweizer)
Date: Fri, 13 Nov 2009 06:52:29 +0100
Subject: imapd GSSAPI requests host/ ticket
In-Reply-To: <4AF21070.1020903@dsrw.org>
References: <4AF21070.1020903@dsrw.org>
Message-ID: <380ccfd60911122152y148f33d7uae18a4a340a9d3a6@mail.gmail.com>

Hello David

2009/11/5 david l goodrich <dlg at dsrw.org>:
> I'm running 2.2.13-14+lenny3 on service-n2.dsrw.org, running
> Debian/lenny with Heimdal kerberos. ?The built-in GSSAPI is functional,
> but on my KDC I see that it requests a ticket for
> host/service-n2.dsrw.org at DSRW.ORG, digest/DSRW at DSRW.ORG and finally
> krbtgt/DSRW at DSRW.ORG.
>
> Why? ?I see no obvious need for a host/* ticket to authorize imap, and
> digest/DSRW and krbtgt/DSRW simply make no sense.

I'm not sure I can help you. I have a similar setup but I use WIndows
domain controller as KDC and Cyrus Imap -> Cyrus SALS (saslauthd) ->
PAM -> Kerberos5. Should I send you any hints for this way?

Regards,


-- 
Martin Schweizer
schweizer.martin at gmail.com
Tel.: +41 32 512 48 54 (VoIP)
Fax: +1 619 3300587

From cvizitiu at gbif.org  Fri Nov 13 04:49:00 2009
From: cvizitiu at gbif.org (Ciprian Marius Vizitiu (GBIF))
Date: Fri, 13 Nov 2009 10:49:00 +0100
Subject: Preventing mbox deletion
Message-ID: <4AFD2B8C.5020306@gbif.org>

Hi everybody,

Do the old 2.2.x flags mean the same thing in 2.3.7? I'm trying to give 
a user maximum on a mailbox except for mailbox deletion. I thought 
"lrswipte" would do the trick but if I sam the box like that it also 
acquires "d" which used to mean "allow for delete of both messages and 
mailbox". So, what would be the magic combination of flags to allow an 
user to subscribe, read, post and delete messages but prevent deletion 
of the mailbox?



From xavier.bestel at free.fr  Fri Nov 13 05:10:08 2009
From: xavier.bestel at free.fr (Xavier Bestel)
Date: Fri, 13 Nov 2009 11:10:08 +0100
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <m1N8dxe-000kn1C@most.weird.com>
References: <1256060184.2946.53.camel@skunk> <m1N0K6o-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910201258110.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<1256072052.3739.4.camel@badjo> <m1N181A-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<m1N1PX1-000kn2C@most.weird.com>
	<F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes>
	<m1N6n6W-000kmgC@most.weird.com> <20091107195430.GA21955@brong.net>
	<m1N8dxe-000kn1C@most.weird.com>
Message-ID: <1258107008.4532.143.camel@skunk>

On Thu, 2009-11-12 at 13:47 -0500, Greg A. Woods wrote:
> Use SMTP to breech the unreliable link!  It's safe, proven, and designed
> for that very task!

... and not an option at some mail providers, which are mandatory for
some people because they are their employer whose mail they must read.
For transferring from a POP-only server to an IMAP-enabled server,
there's not much else than fetchmail, like it or not.

	Xav




From awilliam at whitemice.org  Fri Nov 13 08:44:14 2009
From: awilliam at whitemice.org (Adam Tauno Williams)
Date: Fri, 13 Nov 2009 08:44:14 -0500
Subject: Preventing mbox deletion
In-Reply-To: <4AFD2B8C.5020306@gbif.org>
References: <4AFD2B8C.5020306@gbif.org>
Message-ID: <1258119854.9543.3.camel@linux-m3mt>

> Do the old 2.2.x flags mean the same thing in 2.3.7? I'm trying to give 
> a user maximum on a mailbox except for mailbox deletion. I thought 
> "lrswipte" would do the trick but if I sam the box like that it also 
> acquires "d" which used to mean "allow for delete of both messages and 
> mailbox". So, what would be the magic combination of flags to allow an 
> user to subscribe, read, post and delete messages but prevent deletion 
> of the mailbox?

IMAP ACLs have been revised, and "d" is deprecated (see RFC4314). Also
there were some changes in Cyrus 2.3.7 and earlier vs. 2.3.8 and later.
My suggestion is to take a look at the "Folder Permissions" section of
the Cyrus chapter of WMOGAG and see if that clears anything up.
<http://docs.opengroupware.org/Members/whitemice/wmogag/file_view>

Comments welcome.


-- 
OpenGroupware developer: awilliam at whitemice.org
<http://whitemiceconsulting.blogspot.com/>
OpenGroupare & Cyrus IMAPd documenation @
<http://docs.opengroupware.org/Members/whitemice/wmogag/file_view>


From awilliam at whitemice.org  Fri Nov 13 08:46:12 2009
From: awilliam at whitemice.org (Adam Tauno Williams)
Date: Fri, 13 Nov 2009 08:46:12 -0500
Subject: general question, how to do this?
In-Reply-To: <20091111190838.GI17458@mail.mac.com>
References: <20091111190838.GI17458@mail.mac.com>
Message-ID: <1258119972.9543.4.camel@linux-m3mt>

> One user is out sick, another user asked me to search the first user's
> email for a specific message. If I had found that message and the second
> user wanted to access that message in the second user's normal INBOX
> would I do this:
> # cd /var/spool/imap/a/user/auser
> # cp 999999. /var/spool/imap/b/user/buser
> # su - cyrus
> # reconstruct -r user.buser
> # exit
> # exit

Don't do any of the above.  Just grant the use the rights to access the
other user's folder.

> The message was not found, so no urgent need for this. I want to know
> how for next time.



From boutilpj at ednet.ns.ca  Fri Nov 13 09:51:01 2009
From: boutilpj at ednet.ns.ca (Patrick Boutilier)
Date: Fri, 13 Nov 2009 10:51:01 -0400
Subject: general question, how to do this?
In-Reply-To: <1258119972.9543.4.camel@linux-m3mt>
References: <20091111190838.GI17458@mail.mac.com>
	<1258119972.9543.4.camel@linux-m3mt>
Message-ID: <3274_1258123928_nADEq7pH010382_4AFD7255.6020302@ednet.ns.ca>

On 11/13/2009 09:46 AM, Adam Tauno Williams wrote:
>> One user is out sick, another user asked me to search the first user's
>> email for a specific message. If I had found that message and the second
>> user wanted to access that message in the second user's normal INBOX
>> would I do this:
>> # cd /var/spool/imap/a/user/auser
>> # cp 999999. /var/spool/imap/b/user/buser
>> # su - cyrus
>> # reconstruct -r user.buser
>> # exit
>> # exit
>
> Don't do any of the above.  Just grant the use the rights to access the
> other user's folder.

That would give access to all the e-mail in the folder, not just one 
specific message.



>
>> The message was not found, so no urgent need for this. I want to know
>> how for next time.
>
>
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html


From dwhite at olp.net  Fri Nov 13 13:15:50 2009
From: dwhite at olp.net (Dan White)
Date: Fri, 13 Nov 2009 12:15:50 -0600
Subject: general question, how to do this?
In-Reply-To: <1258119972.9543.4.camel@linux-m3mt>
References: <20091111190838.GI17458@mail.mac.com>
	<1258119972.9543.4.camel@linux-m3mt>
Message-ID: <20091113181550.GE5339@dan.olp.net>

On 13/11/09?08:46?-0500, Adam Tauno Williams wrote:
>> One user is out sick, another user asked me to search the first user's
>> email for a specific message. If I had found that message and the second
>> user wanted to access that message in the second user's normal INBOX
>> would I do this:
>> # cd /var/spool/imap/a/user/auser
>> # cp 999999. /var/spool/imap/b/user/buser
>> # su - cyrus
>> # reconstruct -r user.buser
>> # exit
>> # exit
>
>Don't do any of the above.  Just grant the use the rights to access the
>other user's folder.

Except that that grants access to all of that users messages rather than a
specific message.

-- 
Dan White

From woods-cyrus at weird.com  Fri Nov 13 15:07:00 2009
From: woods-cyrus at weird.com (Greg A. Woods)
Date: Fri, 13 Nov 2009 15:07:00 -0500
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <alpine.DEB.2.00.0911121711470.26993@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
References: <1256060184.2946.53.camel@skunk> <m1N0K6o-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910201258110.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<1256072052.3739.4.camel@badjo> <m1N181A-000kn2C@most.weird.com>
	<alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<m1N1PX1-000kn2C@most.weird.com>
	<F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes>
	<m1N6n6W-000kmgC@most.weird.com>
	<1257627953.4682.9.camel@linux-m3mt>
	<m1N8e3w-000kn1C@most.weird.com> <1258057284.4904.28.camel@bip>
	<m1N8jQ6-000kmuC@most.weird.com>
	<alpine.DEB.2.00.0911121711470.26993@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
Message-ID: <m1N91gX-000kn1C@most.weird.com>

At Thu, 12 Nov 2009 17:20:19 -0800 (PST), David Lang <david.lang at digitalinsight.com> wrote:
Subject: Re: Exec'ing a script from Cyrus when imapd has a client
> 
> you have focused on the fact that he wants to use fetchmail as the transport 
> between the full-time internet and his intermittently connected network and are 
> telling everyone that he absolutly, under no conditions should try to do what 
> he's attempting.

Actually I've said that anyone trying to do this is failing to
understand, or even define, the problem they're prematurely throwing
half-baked solutions at.


> most of the rest of us see situations where the basic approach he's doing could 
> be the best possible approach.

I believe those of you who are trying to defend the OP's scheme are also
failing to understand and even define the actual problem at hand.

In fact nobody has come up with a solid real-world scenario where there
isn't a much simpler and more obvious solution available, one that can
only be seen by stepping back and looking at the actual requirements
from a higher level.

-- 
						Greg A. Woods

+1 416 218-0098                VE3TCP          RoboHack <woods at robohack.ca>
Planix, Inc. <woods at planix.com>      Secrets of the Weird <woods at weird.com>

From brong at fastmail.fm  Fri Nov 13 20:45:34 2009
From: brong at fastmail.fm (Bron Gondwana)
Date: Sat, 14 Nov 2009 12:45:34 +1100
Subject: Exec'ing a script from Cyrus when imapd has a client
In-Reply-To: <m1N91gX-000kn1C@most.weird.com>
References: <alpine.DEB.2.00.0910221830450.31173@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<m1N1PX1-000kn2C@most.weird.com>
	<F560E7E18C6642AB9BC5E092DBFA40BE@Rhodes>
	<m1N6n6W-000kmgC@most.weird.com>
	<1257627953.4682.9.camel@linux-m3mt>
	<m1N8e3w-000kn1C@most.weird.com> <1258057284.4904.28.camel@bip>
	<m1N8jQ6-000kmuC@most.weird.com>
	<alpine.DEB.2.00.0911121711470.26993@qynat-qrfxgbc.qvtvgnyvafvtug.pbz>
	<m1N91gX-000kn1C@most.weird.com>
Message-ID: <20091114014534.GB2203@brong.net>

On Fri, Nov 13, 2009 at 03:07:00PM -0500, Greg A. Woods wrote:
> I believe those of you who are trying to defend the OP's scheme are also
> failing to understand and even define the actual problem at hand.

That would be everyone else on this list I believe.  Because we
realise that the real world is more complex and you don't always
have control over which protocols are available to you and how
much control you have over where you mail is stored.
 
> In fact nobody has come up with a solid real-world scenario where there
> isn't a much simpler and more obvious solution available, one that can
> only be seen by stepping back and looking at the actual requirements
> from a higher level.

That's only because you're not actually reading them  There have been
solid real world scenarios.  Here's one:

1) you have mail stored on a system that only allows you POP access,
   and for real-world political reasons you can't make them feed the
   mail to you.

2) you read your mail on multiple different systems.

3) you don't want to be manually copying messages around with a GUI
   client.

Feel free to step back and find a simpler and more obvious solution
for me that doesn't involve wishful thinking that corporate IT could
be convinced to change their policies on your behalf in under 5 years,
or that it's worth your while to fight that fight to come up with a
slightly more technically "pure" solution.

Bron ( and don't get me started on the "don't use a dynamic IP"
       argument until you've lived in Australia for a year and paid
       a massive premium for a static IP )

From nunatarsuaq at gmail.com  Mon Nov 16 08:05:56 2009
From: nunatarsuaq at gmail.com (nunatarsuaq)
Date: Mon, 16 Nov 2009 14:05:56 +0100
Subject: Problem with server-side filtering using sieve
Message-ID: <ff1ce9ee0911160505t364cb9bfx6d5da1090827655a@mail.gmail.com>

Hello to everybody

I'm a new user here and found this list while searching for solution
to my problem.

I have a running mail server with postfix and cyrus-imap and would
like to start filtering incoming messages on the server side.
I tried to put a filter using sieve shell according to this tutorial
http://wiki.linuxwall.info/doku.php/en:ressources:astuces:sieve but
with no results.

Here's my configuration:

I created a file with a sieve filter:

if header :contains "X-Spam-Flag" "YES" {
 fileinto "Junk";
 stop;
}

I tried also type fileinto as "user.USERNAME.Junk",
"user/USERNAME.Junk" and "user/USERNAME/Junk")

Now when I invoke

# sieveshell -u cyrus -a cyrus localhost (tried also with a user other
than cyrus)

and type

> put sieve_filter

I get an error:

upload failed: put script: script errors:
line 2: fileinto not required


What does it really mean?
What can be done to get it working?

Rangifer

From simon.matter at invoca.ch  Mon Nov 16 08:16:35 2009
From: simon.matter at invoca.ch (Simon Matter)
Date: Mon, 16 Nov 2009 14:16:35 +0100
Subject: Problem with server-side filtering using sieve
In-Reply-To: <ff1ce9ee0911160505t364cb9bfx6d5da1090827655a@mail.gmail.com>
References: <ff1ce9ee0911160505t364cb9bfx6d5da1090827655a@mail.gmail.com>
Message-ID: <1d26caa74a5379976b5cc8cbe241b81b.squirrel@webmail.bi.corp.invoca.ch>

> Hello to everybody
>
> I'm a new user here and found this list while searching for solution
> to my problem.
>
> I have a running mail server with postfix and cyrus-imap and would
> like to start filtering incoming messages on the server side.
> I tried to put a filter using sieve shell according to this tutorial
> http://wiki.linuxwall.info/doku.php/en:ressources:astuces:sieve but
> with no results.
>
> Here's my configuration:
>
> I created a file with a sieve filter:
>
> if header :contains "X-Spam-Flag" "YES" {
>  fileinto "Junk";
>  stop;
> }

I think your script should start with a require line. Do you have it?

Simon

>
> I tried also type fileinto as "user.USERNAME.Junk",
> "user/USERNAME.Junk" and "user/USERNAME/Junk")
>
> Now when I invoke
>
> # sieveshell -u cyrus -a cyrus localhost (tried also with a user other
> than cyrus)
>
> and type
>
>> put sieve_filter
>
> I get an error:
>
> upload failed: put script: script errors:
> line 2: fileinto not required
>
>
> What does it really mean?
> What can be done to get it working?
>
> Rangifer
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>



From peo at intersonic.se  Mon Nov 16 11:41:28 2009
From: peo at intersonic.se (Per olof Ljungmark)
Date: Mon, 16 Nov 2009 17:41:28 +0100
Subject: Autocreate patch for 2.3.15?
In-Reply-To: <20091112082845.25095h4b6laglfe5@webmail.uni-tuebingen.de>
References: <20091111104622.19842omhw2i0xnc4@webmail.mindcrash.com>	<775a2266239e9439d645969b03b7ea78.squirrel@webmail.bi.corp.invoca.ch>
	<20091112082845.25095h4b6laglfe5@webmail.uni-tuebingen.de>
Message-ID: <4B0180B8.8040000@intersonic.se>

Michael Menge wrote:
> Quoting Simon Matter <simon.matter at invoca.ch>:
> 
>>> Has anyone used the 2.3.14 autocreate patch on 2.3.15?  There does not
>>> seem to be a patch for 2.3.15 on the site and I have tried using the
>>> 2.3.14 patch and it does not apply cleanly.  It fails at
>>> imap/Makefile.in
>> Find attached my version of the patch adopted for 2.3.15. Note that this
>> is not an official patch from UOA but it is widely used because it's the
>> patch used in my cyrus-imapd rpms.
>> IIRC UOA is not using 2.3.x which is why they are not so fast upgrading
>> the patches.
> 
> Is there a reason that this patch is not in the official cyrus release?

I'll chime in here and and vote for it too, I know it has been discussed
before but if it's not too complicated I would really like to be part of
the official release.

Would be interesting to have the opinion of others on the list...?

Thanks,

--
per

From boutilpj at ednet.ns.ca  Mon Nov 16 15:39:17 2009
From: boutilpj at ednet.ns.ca (Patrick Boutilier)
Date: Mon, 16 Nov 2009 16:39:17 -0400
Subject: Quick SASL question
Message-ID: <22932_1258404029_nAGKeSqv011295_4B01B875.9050904@ednet.ns.ca>

I am setting up a murder environment in testing. The backends use
SASL with pam for imap/pop authentication. I have to configure a user 
for "proxyservers" on the backends for the frontends to use. Is there 
anyway to configure it so that the "proxyservers" user can be in 
/etc/sasldb2 while still using pam for the "real" users?

From nunatarsuaq at gmail.com  Tue Nov 17 04:35:27 2009
From: nunatarsuaq at gmail.com (nunatarsuaq)
Date: Tue, 17 Nov 2009 10:35:27 +0100
Subject: Problem with server-side filtering using sieve
In-Reply-To: <ac1e4dc30385f7a6556ccf6e9bc829d2.squirrel@webmail.bi.corp.invoca.ch>
References: <ff1ce9ee0911160505t364cb9bfx6d5da1090827655a@mail.gmail.com>
	<1d26caa74a5379976b5cc8cbe241b81b.squirrel@webmail.bi.corp.invoca.ch>
	<ff1ce9ee0911160523u4983504dge3cd5863dea8fe7b@mail.gmail.com>
	<5c5894d51322c57c1c80a7d5adbc978f.squirrel@webmail.bi.corp.invoca.ch>
	<ff1ce9ee0911160545s2baf559apb3ffa202cd2aa63f@mail.gmail.com>
	<ff1ce9ee0911160833r1bdd5c4fld2d7c0c50125140d@mail.gmail.com>
	<ac1e4dc30385f7a6556ccf6e9bc829d2.squirrel@webmail.bi.corp.invoca.ch>
Message-ID: <ff1ce9ee0911170135q56b0ed84p365a379e5be874be@mail.gmail.com>

Hi

I'm still having problem with getting the filtering working

Even though the script can be loaded it doesn't work.
I'm trying

if header :contains ["Subject"] "test" {
         fileinto "Junk";
 ? ? ? ? stop;
}

if header :contains ["Subject"] "test" {
? ? ? ? fileinto "user/testowy/Junk";
? ? ? ? stop;
}

if header :contains ["Subject"] "test" {
? ? ? ? fileinto "user.testowy.Junk";
? ? ? ? stop;
}

and

if header :contains ["Subject"] "test" {
? ? ? ? fileinto "user/testowy.Junk";
? ? ? ? stop;
}

None method works. Is there a bad syntax somewhere?
I noticed that when working on imap accounts (using reconstruct
command for example) I need to type user/USERNAME instead of
user.USERNAME found everywhere on the web.

Going further I'd like to set up a filter moving messages marked as
spam for all users.
How should it be installed?

Rangifer

>>>>>
>>>>>
>>>>> 2009/11/16 Simon Matter <simon.matter at invoca.ch>:
>>>>>>> Hello to everybody
>>>>>>>
>>>>>>> I'm a new user here and found this list while searching for solution
>>>>>>> to my problem.
>>>>>>>
>>>>>>> I have a running mail server with postfix and cyrus-imap and would
>>>>>>> like to start filtering incoming messages on the server side.
>>>>>>> I tried to put a filter using sieve shell according to this tutorial
>>>>>>> http://wiki.linuxwall.info/doku.php/en:ressources:astuces:sieve but
>>>>>>> with no results.
>>>>>>>
>>>>>>> Here's my configuration:
>>>>>>>
>>>>>>> I created a file with a sieve filter:
>>>>>>>
>>>>>>> if header :contains "X-Spam-Flag" "YES" {
>>>>>>> ?fileinto "Junk";
>>>>>>> ?stop;
>>>>>>> }
>>>>>>
>>>>>> I think your script should start with a require line. Do you have it?
>>>>>>
>>>>>> Simon
>>>>>>
>>>>>>>
>>>>>>> I tried also type fileinto as "user.USERNAME.Junk",
>>>>>>> "user/USERNAME.Junk" and "user/USERNAME/Junk")
>>>>>>>
>>>>>>> Now when I invoke
>>>>>>>
>>>>>>> # sieveshell -u cyrus -a cyrus localhost (tried also with a user
>>>>>>> other
>>>>>>> than cyrus)
>>>>>>>
>>>>>>> and type
>>>>>>>
>>>>>>>> put sieve_filter
>>>>>>>
>>>>>>> I get an error:
>>>>>>>
>>>>>>> upload failed: put script: script errors:
>>>>>>> line 2: fileinto not required
>>>>>>>
>>>>>>>
>>>>>>> What does it really mean?
>>>>>>> What can be done to get it working?
>>>>>>>
>>>>>>> Rangifer
>>>>>>> ----
>>>>>>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>>>>>>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>>>>>>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>

From nunatarsuaq at gmail.com  Tue Nov 17 06:34:47 2009
From: nunatarsuaq at gmail.com (nunatarsuaq)
Date: Tue, 17 Nov 2009 12:34:47 +0100
Subject: Problem with server-side filtering using sieve
In-Reply-To: <ff1ce9ee0911170135q56b0ed84p365a379e5be874be@mail.gmail.com>
References: <ff1ce9ee0911160505t364cb9bfx6d5da1090827655a@mail.gmail.com>
	<1d26caa74a5379976b5cc8cbe241b81b.squirrel@webmail.bi.corp.invoca.ch>
	<ff1ce9ee0911160523u4983504dge3cd5863dea8fe7b@mail.gmail.com>
	<5c5894d51322c57c1c80a7d5adbc978f.squirrel@webmail.bi.corp.invoca.ch>
	<ff1ce9ee0911160545s2baf559apb3ffa202cd2aa63f@mail.gmail.com>
	<ff1ce9ee0911160833r1bdd5c4fld2d7c0c50125140d@mail.gmail.com>
	<ac1e4dc30385f7a6556ccf6e9bc829d2.squirrel@webmail.bi.corp.invoca.ch>
	<ff1ce9ee0911170135q56b0ed84p365a379e5be874be@mail.gmail.com>
Message-ID: <ff1ce9ee0911170334g1d13911x3abc0e2763ee05f4@mail.gmail.com>

Found a partial solution:

1. In my case the filter script should refer to user's mailbox as
"user/USERNAME/folder"
2. Then I used sievec to create bytecode file for a particular user's sieve dir:

/usr/lib/cyrus/bin/sievec sieve.filter /var/lib/sieve/U/USERNAME/defaultbc

That's it. The filtering started working. Strange though...
I don't get it why it doesn't work using sieveshell and a regular text
script file.

Anyway I'd prefer to have a main filter file for all users that would
move all spam-marked messages to Spam folder in each mailbox.

Any ideas?

Rangifer

2009/11/17 nunatarsuaq <nunatarsuaq at gmail.com>:
> Hi
>
> I'm still having problem with getting the filtering working
>
> Even though the script can be loaded it doesn't work.
> I'm trying
>
> if header :contains ["Subject"] "test" {
> ? ? ? ? fileinto "Junk";
> ?? ? ? ? stop;
> }
>
> if header :contains ["Subject"] "test" {
> ? ? ? ? fileinto "user/testowy/Junk";
> ? ? ? ? stop;
> }
>
> if header :contains ["Subject"] "test" {
> ? ? ? ? fileinto "user.testowy.Junk";
> ? ? ? ? stop;
> }
>
> and
>
> if header :contains ["Subject"] "test" {
> ? ? ? ? fileinto "user/testowy.Junk";
> ? ? ? ? stop;
> }
>
> None method works. Is there a bad syntax somewhere?
> I noticed that when working on imap accounts (using reconstruct
> command for example) I need to type user/USERNAME instead of
> user.USERNAME found everywhere on the web.
>
> Going further I'd like to set up a filter moving messages marked as
> spam for all users.
> How should it be installed?
>
> Rangifer
>
>>>>>>
>>>>>>
>>>>>> 2009/11/16 Simon Matter <simon.matter at invoca.ch>:
>>>>>>>> Hello to everybody
>>>>>>>>
>>>>>>>> I'm a new user here and found this list while searching for solution
>>>>>>>> to my problem.
>>>>>>>>
>>>>>>>> I have a running mail server with postfix and cyrus-imap and would
>>>>>>>> like to start filtering incoming messages on the server side.
>>>>>>>> I tried to put a filter using sieve shell according to this tutorial
>>>>>>>> http://wiki.linuxwall.info/doku.php/en:ressources:astuces:sieve but
>>>>>>>> with no results.
>>>>>>>>
>>>>>>>> Here's my configuration:
>>>>>>>>
>>>>>>>> I created a file with a sieve filter:
>>>>>>>>
>>>>>>>> if header :contains "X-Spam-Flag" "YES" {
>>>>>>>> ?fileinto "Junk";
>>>>>>>> ?stop;
>>>>>>>> }
>>>>>>>
>>>>>>> I think your script should start with a require line. Do you have it?
>>>>>>>
>>>>>>> Simon
>>>>>>>
>>>>>>>>
>>>>>>>> I tried also type fileinto as "user.USERNAME.Junk",
>>>>>>>> "user/USERNAME.Junk" and "user/USERNAME/Junk")
>>>>>>>>
>>>>>>>> Now when I invoke
>>>>>>>>
>>>>>>>> # sieveshell -u cyrus -a cyrus localhost (tried also with a user
>>>>>>>> other
>>>>>>>> than cyrus)
>>>>>>>>
>>>>>>>> and type
>>>>>>>>
>>>>>>>>> put sieve_filter
>>>>>>>>
>>>>>>>> I get an error:
>>>>>>>>
>>>>>>>> upload failed: put script: script errors:
>>>>>>>> line 2: fileinto not required
>>>>>>>>
>>>>>>>>
>>>>>>>> What does it really mean?
>>>>>>>> What can be done to get it working?
>>>>>>>>
>>>>>>>> Rangifer
>>>>>>>> ----
>>>>>>>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>>>>>>>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>>>>>>>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>
>



-- 
ToMasz

http://skocz.pl/przystanekGL - wspomnienia coraz bardziej odleg?e...

From michael.menge at zdv.uni-tuebingen.de  Tue Nov 17 06:52:14 2009
From: michael.menge at zdv.uni-tuebingen.de (Michael Menge)
Date: Tue, 17 Nov 2009 12:52:14 +0100
Subject: Problem with server-side filtering using sieve
In-Reply-To: <ff1ce9ee0911170334g1d13911x3abc0e2763ee05f4@mail.gmail.com>
References: <ff1ce9ee0911160505t364cb9bfx6d5da1090827655a@mail.gmail.com>
	<1d26caa74a5379976b5cc8cbe241b81b.squirrel@webmail.bi.corp.invoca.ch>
	<ff1ce9ee0911160523u4983504dge3cd5863dea8fe7b@mail.gmail.com>
	<5c5894d51322c57c1c80a7d5adbc978f.squirrel@webmail.bi.corp.invoca.ch>
	<ff1ce9ee0911160545s2baf559apb3ffa202cd2aa63f@mail.gmail.com>
	<ff1ce9ee0911160833r1bdd5c4fld2d7c0c50125140d@mail.gmail.com>
	<ac1e4dc30385f7a6556ccf6e9bc829d2.squirrel@webmail.bi.corp.invoca.ch>
	<ff1ce9ee0911170135q56b0ed84p365a379e5be874be@mail.gmail.com>
	<ff1ce9ee0911170334g1d13911x3abc0e2763ee05f4@mail.gmail.com>
Message-ID: <20091117125214.20682e56q8tb5sha@webmail.uni-tuebingen.de>

Quoting nunatarsuaq <nunatarsuaq at gmail.com>:

> Found a partial solution:
>
> 1. In my case the filter script should refer to user's mailbox as
> "user/USERNAME/folder"
> 2. Then I used sievec to create bytecode file for a particular  
> user's sieve dir:
>
> /usr/lib/cyrus/bin/sievec sieve.filter /var/lib/sieve/U/USERNAME/defaultbc
>
> That's it. The filtering started working. Strange though...
> I don't get it why it doesn't work using sieveshell and a regular text
> script file.

Did you activate the script?

defaultbc is normaly a softlink to the active script bytecode

>
> Anyway I'd prefer to have a main filter file for all users that would
> move all spam-marked messages to Spam folder in each mailbox.
>
> Any ideas?
>
> Rangifer
>
> 2009/11/17 nunatarsuaq <nunatarsuaq at gmail.com>:
>> Hi
>>
>> I'm still having problem with getting the filtering working
>>
>> Even though the script can be loaded it doesn't work.
>> I'm trying
>>
>> if header :contains ["Subject"] "test" {
>> ? ? ? ? fileinto "Junk";
>> ?? ? ? ? stop;
>> }
>>
>> if header :contains ["Subject"] "test" {
>> ? ? ? ? fileinto "user/testowy/Junk";
>> ? ? ? ? stop;
>> }
>>
>> if header :contains ["Subject"] "test" {
>> ? ? ? ? fileinto "user.testowy.Junk";
>> ? ? ? ? stop;
>> }
>>
>> and
>>
>> if header :contains ["Subject"] "test" {
>> ? ? ? ? fileinto "user/testowy.Junk";
>> ? ? ? ? stop;
>> }
>>
>> None method works. Is there a bad syntax somewhere?
>> I noticed that when working on imap accounts (using reconstruct
>> command for example) I need to type user/USERNAME instead of
>> user.USERNAME found everywhere on the web.
>>
>> Going further I'd like to set up a filter moving messages marked as
>> spam for all users.
>> How should it be installed?
>>
>> Rangifer
>>
>>>>>>>
>>>>>>>
>>>>>>> 2009/11/16 Simon Matter <simon.matter at invoca.ch>:
>>>>>>>>> Hello to everybody
>>>>>>>>>
>>>>>>>>> I'm a new user here and found this list while searching for solution
>>>>>>>>> to my problem.
>>>>>>>>>
>>>>>>>>> I have a running mail server with postfix and cyrus-imap and would
>>>>>>>>> like to start filtering incoming messages on the server side.
>>>>>>>>> I tried to put a filter using sieve shell according to this tutorial
>>>>>>>>> http://wiki.linuxwall.info/doku.php/en:ressources:astuces:sieve but
>>>>>>>>> with no results.
>>>>>>>>>
>>>>>>>>> Here's my configuration:
>>>>>>>>>
>>>>>>>>> I created a file with a sieve filter:
>>>>>>>>>
>>>>>>>>> if header :contains "X-Spam-Flag" "YES" {
>>>>>>>>> ?fileinto "Junk";
>>>>>>>>> ?stop;
>>>>>>>>> }
>>>>>>>>
>>>>>>>> I think your script should start with a require line. Do you have it?
>>>>>>>>
>>>>>>>> Simon
>>>>>>>>
>>>>>>>>>
>>>>>>>>> I tried also type fileinto as "user.USERNAME.Junk",
>>>>>>>>> "user/USERNAME.Junk" and "user/USERNAME/Junk")
>>>>>>>>>
>>>>>>>>> Now when I invoke
>>>>>>>>>
>>>>>>>>> # sieveshell -u cyrus -a cyrus localhost (tried also with a user
>>>>>>>>> other
>>>>>>>>> than cyrus)
>>>>>>>>>
>>>>>>>>> and type
>>>>>>>>>
>>>>>>>>>> put sieve_filter
>>>>>>>>>
>>>>>>>>> I get an error:
>>>>>>>>>
>>>>>>>>> upload failed: put script: script errors:
>>>>>>>>> line 2: fileinto not required
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> What does it really mean?
>>>>>>>>> What can be done to get it working?
>>>>>>>>>
>>>>>>>>> Rangifer
>>>>>>>>> ----
>>>>>>>>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>>>>>>>>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>>>>>>>>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>
>>
>
>
>
> --
> ToMasz
>
> http://skocz.pl/przystanekGL - wspomnienia coraz bardziej odleg?e...
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>



--------------------------------------------------------------------------------
M.Menge                                Tel.: (49) 7071/29-70316
Universit?t T?bingen                   Fax.: (49) 7071/29-5912
Zentrum f?r Datenverarbeitung          mail:  
michael.menge at zdv.uni-tuebingen.de
W?chterstra?e 76
72074 T?bingen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5339 bytes
Desc: S/MIME krytographische Unterschrift
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091117/5b6be4a6/attachment-0001.bin 

From nunatarsuaq at gmail.com  Tue Nov 17 07:01:27 2009
From: nunatarsuaq at gmail.com (nunatarsuaq)
Date: Tue, 17 Nov 2009 13:01:27 +0100
Subject: Problem with server-side filtering using sieve
In-Reply-To: <20091117125214.20682e56q8tb5sha@webmail.uni-tuebingen.de>
References: <ff1ce9ee0911160505t364cb9bfx6d5da1090827655a@mail.gmail.com>
	<1d26caa74a5379976b5cc8cbe241b81b.squirrel@webmail.bi.corp.invoca.ch>
	<ff1ce9ee0911160523u4983504dge3cd5863dea8fe7b@mail.gmail.com>
	<5c5894d51322c57c1c80a7d5adbc978f.squirrel@webmail.bi.corp.invoca.ch>
	<ff1ce9ee0911160545s2baf559apb3ffa202cd2aa63f@mail.gmail.com>
	<ff1ce9ee0911160833r1bdd5c4fld2d7c0c50125140d@mail.gmail.com>
	<ac1e4dc30385f7a6556ccf6e9bc829d2.squirrel@webmail.bi.corp.invoca.ch>
	<ff1ce9ee0911170135q56b0ed84p365a379e5be874be@mail.gmail.com>
	<ff1ce9ee0911170334g1d13911x3abc0e2763ee05f4@mail.gmail.com>
	<20091117125214.20682e56q8tb5sha@webmail.uni-tuebingen.de>
Message-ID: <ff1ce9ee0911170401r51cbccf5j33102b8d0359a417@mail.gmail.com>

2009/11/17 Michael Menge <michael.menge at zdv.uni-tuebingen.de>:
> Quoting nunatarsuaq <nunatarsuaq at gmail.com>:
>
>> Found a partial solution:
>>
>> 1. In my case the filter script should refer to user's mailbox as
>> "user/USERNAME/folder"
>> 2. Then I used sievec to create bytecode file for a particular user's
>> sieve dir:
>>
>> /usr/lib/cyrus/bin/sievec sieve.filter /var/lib/sieve/U/USERNAME/defaultbc
>>
>> That's it. The filtering started working. Strange though...
>> I don't get it why it doesn't work using sieveshell and a regular text
>> script file.
>
> Did you activate the script?

When I tried to use sieveshell I had my loaded script activated.

> defaultbc is normaly a softlink to the active script bytecode
>
>>
>> Anyway I'd prefer to have a main filter file for all users that would
>> move all spam-marked messages to Spam folder in each mailbox.
>>
>> Any ideas?
>>
>> Rangifer
>>
>> 2009/11/17 nunatarsuaq <nunatarsuaq at gmail.com>:
>>>
>>> Hi
>>>
>>> I'm still having problem with getting the filtering working
>>>
>>> Even though the script can be loaded it doesn't work.
>>> I'm trying
>>>
>>> if header :contains ["Subject"] "test" {
>>> ? ? ? ? fileinto "Junk";
>>> ?? ? ? ? stop;
>>> }
>>>
>>> if header :contains ["Subject"] "test" {
>>> ? ? ? ? fileinto "user/testowy/Junk";
>>> ? ? ? ? stop;
>>> }
>>>
>>> if header :contains ["Subject"] "test" {
>>> ? ? ? ? fileinto "user.testowy.Junk";
>>> ? ? ? ? stop;
>>> }
>>>
>>> and
>>>
>>> if header :contains ["Subject"] "test" {
>>> ? ? ? ? fileinto "user/testowy.Junk";
>>> ? ? ? ? stop;
>>> }
>>>
>>> None method works. Is there a bad syntax somewhere?
>>> I noticed that when working on imap accounts (using reconstruct
>>> command for example) I need to type user/USERNAME instead of
>>> user.USERNAME found everywhere on the web.
>>>
>>> Going further I'd like to set up a filter moving messages marked as
>>> spam for all users.
>>> How should it be installed?
>>>
>>> Rangifer
>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> 2009/11/16 Simon Matter <simon.matter at invoca.ch>:
>>>>>>>>>>
>>>>>>>>>> Hello to everybody
>>>>>>>>>>
>>>>>>>>>> I'm a new user here and found this list while searching for
>>>>>>>>>> solution
>>>>>>>>>> to my problem.
>>>>>>>>>>
>>>>>>>>>> I have a running mail server with postfix and cyrus-imap and would
>>>>>>>>>> like to start filtering incoming messages on the server side.
>>>>>>>>>> I tried to put a filter using sieve shell according to this
>>>>>>>>>> tutorial
>>>>>>>>>> http://wiki.linuxwall.info/doku.php/en:ressources:astuces:sieve
>>>>>>>>>> but
>>>>>>>>>> with no results.
>>>>>>>>>>
>>>>>>>>>> Here's my configuration:
>>>>>>>>>>
>>>>>>>>>> I created a file with a sieve filter:
>>>>>>>>>>
>>>>>>>>>> if header :contains "X-Spam-Flag" "YES" {
>>>>>>>>>> ?fileinto "Junk";
>>>>>>>>>> ?stop;
>>>>>>>>>> }
>>>>>>>>>
>>>>>>>>> I think your script should start with a require line. Do you have
>>>>>>>>> it?
>>>>>>>>>
>>>>>>>>> Simon
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> I tried also type fileinto as "user.USERNAME.Junk",
>>>>>>>>>> "user/USERNAME.Junk" and "user/USERNAME/Junk")
>>>>>>>>>>
>>>>>>>>>> Now when I invoke
>>>>>>>>>>
>>>>>>>>>> # sieveshell -u cyrus -a cyrus localhost (tried also with a user
>>>>>>>>>> other
>>>>>>>>>> than cyrus)
>>>>>>>>>>
>>>>>>>>>> and type
>>>>>>>>>>
>>>>>>>>>>> put sieve_filter
>>>>>>>>>>
>>>>>>>>>> I get an error:
>>>>>>>>>>
>>>>>>>>>> upload failed: put script: script errors:
>>>>>>>>>> line 2: fileinto not required
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> What does it really mean?
>>>>>>>>>> What can be done to get it working?
>>>>>>>>>>
>>>>>>>>>> Rangifer
>>>>>>>>>> ----
>>>>>>>>>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>>>>>>>>>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>>>>>>>>>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>
>>>
>>
>>
>>
>> --
>> ToMasz
>>
>> http://skocz.pl/przystanekGL - wspomnienia coraz bardziej odleg?e...
>> ----
>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>
>
>
>
> --------------------------------------------------------------------------------
> M.Menge ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?Tel.: (49) 7071/29-70316
> Universit?t T?bingen ? ? ? ? ? ? ? ? ? Fax.: (49) 7071/29-5912
> Zentrum f?r Datenverarbeitung ? ? ? ? ?mail:
> michael.menge at zdv.uni-tuebingen.de
> W?chterstra?e 76
> 72074 T?bingen
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>



-- 
ToMasz

http://skocz.pl/przystanekGL - wspomnienia coraz bardziej odleg?e...

From brong at fastmail.fm  Tue Nov 17 07:28:49 2009
From: brong at fastmail.fm (Bron Gondwana)
Date: Tue, 17 Nov 2009 23:28:49 +1100
Subject: ANNOTATEMORE => METADATA and rfc 5464
Message-ID: <20091117122849.GA4503@brong.net>

I'm in the process of implementing rfc 5464, which is what the
ANNOTATEMORE drafts turned into.

Unfortunately, Cyrus' support is an early draft, before the paths
to everything were changed and the commands were renamed.  It would
be great to be complient, and there is software out there like Kolab
which would benefit from it.

Also, the database format is pretty nasty - complete with nulls
embedded in keys and other fun stuff (like platform dependent type
lengths codified in the format, ick)

So I'm thinking: create a new metadata.db, require a conversion on upgrade
from annotations.db.  I had a look, and none of our servers had ANY
annotations until I added a /comment to my INBOX for testing.

Does anybody out there use annotations much?  Does anybody know any code
that would be broken by changing the way annotations are done?

Thanks,

Bron.

From Pascal.Gienger at uni-konstanz.de  Tue Nov 17 07:32:57 2009
From: Pascal.Gienger at uni-konstanz.de (Pascal Gienger)
Date: Tue, 17 Nov 2009 13:32:57 +0100
Subject: ANNOTATEMORE => METADATA and rfc 5464
In-Reply-To: <20091117122849.GA4503@brong.net>
References: <20091117122849.GA4503@brong.net>
Message-ID: <4B0297F9.7090101@uni-konstanz.de>

Bron Gondwana schrieb:
> Does anybody out there use annotations much?  Does anybody know any code
> that would be broken by changing the way annotations are done?

We are using annotations to define expire times for spam folders and to 
define mailboxes to be indexed by squatter. Approx. 40000 annotations 
are always set.
-- 
Pascal Gienger
University of Konstanz, IT Services Department ("Rechenzentrum")
Electronic Communications and Web Services
Building V, Room V404, Phone +49 7531 88 5048, Fax +49 7531 88 3739

From Hagedorn at uni-koeln.de  Tue Nov 17 07:35:40 2009
From: Hagedorn at uni-koeln.de (Sebastian Hagedorn)
Date: Tue, 17 Nov 2009 13:35:40 +0100
Subject: ANNOTATEMORE => METADATA and rfc 5464
In-Reply-To: <20091117122849.GA4503@brong.net>
References: <20091117122849.GA4503@brong.net>
Message-ID: <6AE6AC06E3F232943CE3C7E8@tyrion.rrz.uni-koeln.de>

--On 17. November 2009 23:28:49 +1100 Bron Gondwana <brong at fastmail.fm> 
wrote:

> Does anybody out there use annotations much?

Not much, but I have used them a few times to use with expire. Anyway,  I'd 
be OK with an upgrade procedure.
-- 
     .:.Sebastian Hagedorn - RZKR-R1 (Geb?ude 52), Zimmer 18.:.
                 .:.Regionales Rechenzentrum (RRZK).:.
.:.Universit?t zu K?ln / Cologne University - ? +49-221-478-5587.:.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pkcs7-signature
Size: 5292 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091117/2723be06/attachment.bin 

From awilliam at whitemice.org  Tue Nov 17 07:51:01 2009
From: awilliam at whitemice.org (Adam Tauno Williams)
Date: Tue, 17 Nov 2009 07:51:01 -0500
Subject: ANNOTATEMORE => METADATA and rfc 5464
In-Reply-To: <20091117122849.GA4503@brong.net>
References: <20091117122849.GA4503@brong.net>
Message-ID: <1258462262.4446.3.camel@linux-m3mt>

On Tue, 2009-11-17 at 23:28 +1100, Bron Gondwana wrote:
> I'm in the process of implementing rfc 5464, which is what the
> ANNOTATEMORE drafts turned into.
> Unfortunately, Cyrus' support is an early draft, before the paths
> to everything were changed and the commands were renamed.  It would
> be great to be complient, and there is software out there like Kolab
> which would benefit from it.
> Also, the database format is pretty nasty - complete with nulls
> embedded in keys and other fun stuff (like platform dependent type
> lengths codified in the format, ick)
> So I'm thinking: create a new metadata.db, require a conversion on upgrade
> from annotations.db.  I had a look, and none of our servers had ANY
> annotations until I added a /comment to my INBOX for testing.
> Does anybody out there use annotations much?  Does anybody know any code
> that would be broken by changing the way annotations are done?

Just for an occasional comment and expire values.

Nothing where we couldn't dump, parse, and re-apply.


From murch at andrew.cmu.edu  Tue Nov 17 09:03:11 2009
From: murch at andrew.cmu.edu (Ken Murchison)
Date: Tue, 17 Nov 2009 09:03:11 -0500
Subject: ANNOTATEMORE => METADATA and rfc 5464
In-Reply-To: <20091117122849.GA4503@brong.net>
References: <20091117122849.GA4503@brong.net>
Message-ID: <4B02AD1F.9030606@andrew.cmu.edu>

What is your new format proposal?


Bron Gondwana wrote:
> I'm in the process of implementing rfc 5464, which is what the
> ANNOTATEMORE drafts turned into.
> 
> Unfortunately, Cyrus' support is an early draft, before the paths
> to everything were changed and the commands were renamed.  It would
> be great to be complient, and there is software out there like Kolab
> which would benefit from it.
> 
> Also, the database format is pretty nasty - complete with nulls
> embedded in keys and other fun stuff (like platform dependent type
> lengths codified in the format, ick)
> 
> So I'm thinking: create a new metadata.db, require a conversion on upgrade
> from annotations.db.  I had a look, and none of our servers had ANY
> annotations until I added a /comment to my INBOX for testing.
> 
> Does anybody out there use annotations much?  Does anybody know any code
> that would be broken by changing the way annotations are done?
> 
> Thanks,
> 
> Bron.
> 

-- 
Kenneth Murchison
Systems Programmer
Carnegie Mellon University

From dwhite at olp.net  Tue Nov 17 09:56:36 2009
From: dwhite at olp.net (Dan White)
Date: Tue, 17 Nov 2009 08:56:36 -0600
Subject: Quick SASL question
In-Reply-To: <22932_1258404029_nAGKeSqv011295_4B01B875.9050904@ednet.ns.ca>
References: <22932_1258404029_nAGKeSqv011295_4B01B875.9050904@ednet.ns.ca>
Message-ID: <20091117145636.GA6058@dan.olp.net>

On 16/11/09?16:39?-0400, Patrick Boutilier wrote:
>I am setting up a murder environment in testing. The backends use
>SASL with pam for imap/pop authentication. I have to configure a user 
>for "proxyservers" on the backends for the frontends to use. Is there 
>anyway to configure it so that the "proxyservers" user can be in 
>/etc/sasldb2 while still using pam for the "real" users?

Patrick,

You can specify more than one pwcheck method in imapd.conf, e.g.:

sasl_pwcheck_method: saslauthd auxprop

-- 
Dan White

From russek at win-rar.com  Tue Nov 17 12:03:43 2009
From: russek at win-rar.com (Johannes =?ISO-8859-1?Q?Ru=DFek?=)
Date: Tue, 17 Nov 2009 18:03:43 +0100
Subject: setting up replication
Message-ID: <1258477423.7729.10.camel@dell-jr.intern.win-rar.com>

hello everybody,
i'm trying to replicate an existing imap servers over to a new one, this
is basically fedora core 6 to rhel5.
i've set up the replication as per the howto and it appears to basically
work. however, when sync_client reaches the point of creating a mailbox,
i get the following error in the log:

sync_client[30485]: CREATE received BAD response: Unexpected extra
arguments to Create

is there anything i am doing wrong?
regards,
Johannes



From boutilpj at ednet.ns.ca  Tue Nov 17 12:26:23 2009
From: boutilpj at ednet.ns.ca (Patrick Boutilier)
Date: Tue, 17 Nov 2009 13:26:23 -0400
Subject: setting up replication
In-Reply-To: <1258477423.7729.10.camel@dell-jr.intern.win-rar.com>
References: <1258477423.7729.10.camel@dell-jr.intern.win-rar.com>
Message-ID: <22944_1258478857_nAHHRajQ022554_4B02DCBF.3010706@ednet.ns.ca>

On 11/17/2009 01:03 PM, Johannes Ru?ek wrote:
> hello everybody,
> i'm trying to replicate an existing imap servers over to a new one, this
> is basically fedora core 6 to rhel5.
> i've set up the replication as per the howto and it appears to basically
> work. however, when sync_client reaches the point of creating a mailbox,
> i get the following error in the log:
>
> sync_client[30485]: CREATE received BAD response: Unexpected extra
> arguments to Create
>
> is there anything i am doing wrong?

Are you running the same version of imapd on both the master and slave?




> regards,
> Johannes
>
>
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html


From russek at win-rar.com  Tue Nov 17 12:34:25 2009
From: russek at win-rar.com (Johannes =?ISO-8859-1?Q?Ru=DFek?=)
Date: Tue, 17 Nov 2009 18:34:25 +0100
Subject: setting up replication
In-Reply-To: <22944_1258478857_nAHHRajQ022554_4B02DCBF.3010706@ednet.ns.ca>
References: <1258477423.7729.10.camel@dell-jr.intern.win-rar.com>
	<22944_1258478857_nAHHRajQ022554_4B02DCBF.3010706@ednet.ns.ca>
Message-ID: <1258479265.7729.13.camel@dell-jr.intern.win-rar.com>

Nope, i'm not. is this necessary?
it's 2.3.9 on the master and 2.3.7 on the replica.
if that's the problem i will take care of that first.
regards,
johannes


Am Dienstag, den 17.11.2009, 13:26 -0400 schrieb Patrick Boutilier:
> On 11/17/2009 01:03 PM, Johannes Ru?ek wrote:
> > hello everybody,
> > i'm trying to replicate an existing imap servers over to a new one, this
> > is basically fedora core 6 to rhel5.
> > i've set up the replication as per the howto and it appears to basically
> > work. however, when sync_client reaches the point of creating a mailbox,
> > i get the following error in the log:
> >
> > sync_client[30485]: CREATE received BAD response: Unexpected extra
> > arguments to Create
> >
> > is there anything i am doing wrong?
> 
> Are you running the same version of imapd on both the master and slave?
> 
> 
> 
> 
> > regards,
> > Johannes
> >
> >
> > ----
> > Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html



From boutilpj at ednet.ns.ca  Tue Nov 17 13:11:29 2009
From: boutilpj at ednet.ns.ca (Patrick Boutilier)
Date: Tue, 17 Nov 2009 14:11:29 -0400
Subject: setting up replication
In-Reply-To: <1258479265.7729.13.camel@dell-jr.intern.win-rar.com>
References: <1258477423.7729.10.camel@dell-jr.intern.win-rar.com>	<22944_1258478857_nAHHRajQ022554_4B02DCBF.3010706@ednet.ns.ca>
	<1258479265.7729.13.camel@dell-jr.intern.win-rar.com>
Message-ID: <17756_1258481563_nAHICgEZ021948_4B02E751.8070405@ednet.ns.ca>

On 11/17/2009 01:34 PM, Johannes Ru?ek wrote:
> Nope, i'm not. is this necessary?
> it's 2.3.9 on the master and 2.3.7 on the replica.
> if that's the problem i will take care of that first.

They are both 2.3.x so that shouldn't be a problem. However those 
versions are relatively old. 2.3.15 is the latest in the 2.3 series.

I just setup replication a couple of weeks ago and haven't seen any of 
those errors.


> regards,
> johannes
>
>
> Am Dienstag, den 17.11.2009, 13:26 -0400 schrieb Patrick Boutilier:
>> On 11/17/2009 01:03 PM, Johannes Ru?ek wrote:
>>> hello everybody,
>>> i'm trying to replicate an existing imap servers over to a new one, this
>>> is basically fedora core 6 to rhel5.
>>> i've set up the replication as per the howto and it appears to basically
>>> work. however, when sync_client reaches the point of creating a mailbox,
>>> i get the following error in the log:
>>>
>>> sync_client[30485]: CREATE received BAD response: Unexpected extra
>>> arguments to Create
>>>
>>> is there anything i am doing wrong?
>>
>> Are you running the same version of imapd on both the master and slave?
>>
>>
>>
>>
>>> regards,
>>> Johannes
>>>
>>>
>>> ----
>>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
>
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html


From brong at fastmail.fm  Tue Nov 17 16:01:35 2009
From: brong at fastmail.fm (Bron Gondwana)
Date: Wed, 18 Nov 2009 08:01:35 +1100
Subject: ANNOTATEMORE => METADATA and rfc 5464
In-Reply-To: <4B02AD1F.9030606@andrew.cmu.edu>
References: <20091117122849.GA4503@brong.net> <4B02AD1F.9030606@andrew.cmu.edu>
Message-ID: <20091117210135.GA5302@brong.net>

On Tue, Nov 17, 2009 at 09:03:11AM -0500, Ken Murchison wrote:
> What is your new format proposal?

I'll see :)  Not sure yet - but mainly not sizeof(unsigned long)!

Bron.

From murch at andrew.cmu.edu  Tue Nov 17 16:17:51 2009
From: murch at andrew.cmu.edu (Ken Murchison)
Date: Tue, 17 Nov 2009 16:17:51 -0500
Subject: ANNOTATEMORE => METADATA and rfc 5464
In-Reply-To: <20091117210135.GA5302@brong.net>
References: <20091117122849.GA4503@brong.net> <4B02AD1F.9030606@andrew.cmu.edu>
	<20091117210135.GA5302@brong.net>
Message-ID: <4B0312FF.9080302@andrew.cmu.edu>

Bron Gondwana wrote:
> On Tue, Nov 17, 2009 at 09:03:11AM -0500, Ken Murchison wrote:
>> What is your new format proposal?
> 
> I'll see :)  Not sure yet - but mainly not sizeof(unsigned long)!

If we make a wholesale change to the database, perhaps this might be 
something we put in the 2.4 branch.  It already has some 
partial/complete extensions like QRESYNC, LIST-EXTENDED, URLAUTH=BINARY 
and COMPRESS (which I backported to 2.3).

I was also thinking that although the charset changes have been fully 
tested at Fastmail that it too might be a candidate for 2.4.


-- 
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University

From Rudy.Gevaert at UGent.be  Tue Nov 17 17:47:49 2009
From: Rudy.Gevaert at UGent.be (Rudy Gevaert)
Date: Tue, 17 Nov 2009 23:47:49 +0100
Subject: ANNOTATEMORE => METADATA and rfc 5464
In-Reply-To: <20091117122849.GA4503@brong.net>
References: <20091117122849.GA4503@brong.net>
Message-ID: <20091117224749.GB13535@ugent.be>

On Tue, Nov 17, 2009 at 11:28:49PM +1100, Bron Gondwana wrote:
> 
> Does anybody out there use annotations much?  Does anybody know any code
> that would be broken by changing the way annotations are done?

I'm the only one who uses it here ;)


-- 
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Rudy Gevaert          Rudy.Gevaert at UGent.be          tel:+32 9 264 4734
Directie ICT, afd. Infrastructuur  Direction ICT, Infrastructure dept.
Groep Systemen                     Systems group
Universiteit Gent                  Ghent University
Krijgslaan 281, gebouw S9, 9000 Gent, Belgie               www.UGent.be
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- 

From brong at fastmail.fm  Tue Nov 17 18:27:46 2009
From: brong at fastmail.fm (Bron Gondwana)
Date: Wed, 18 Nov 2009 10:27:46 +1100
Subject: ANNOTATEMORE => METADATA and rfc 5464
In-Reply-To: <4B0312FF.9080302@andrew.cmu.edu>
References: <20091117122849.GA4503@brong.net> <4B02AD1F.9030606@andrew.cmu.edu>
	<20091117210135.GA5302@brong.net> <4B0312FF.9080302@andrew.cmu.edu>
Message-ID: <20091117232746.GA6069@brong.net>

On Tue, Nov 17, 2009 at 04:17:51PM -0500, Ken Murchison wrote:
> Bron Gondwana wrote:
> >On Tue, Nov 17, 2009 at 09:03:11AM -0500, Ken Murchison wrote:
> >>What is your new format proposal?
> >
> >I'll see :)  Not sure yet - but mainly not sizeof(unsigned long)!
> 
> If we make a wholesale change to the database, perhaps this might be
> something we put in the 2.4 branch.  It already has some
> partial/complete extensions like QRESYNC, LIST-EXTENDED,
> URLAUTH=BINARY and COMPRESS (which I backported to 2.3).
> 
> I was also thinking that although the charset changes have been
> fully tested at Fastmail that it too might be a candidate for 2.4.

Yeah, fair enough!  I did commit them to CVS, but it's easy enough to
back them out and commit to a branch instead.

Do we have a roadmap for what else people want on the 2.4 branch?
I'd be happy to put a bit more effort into polishing up those features
that are there so we can ship a 2.4 soonish.  Say by April next year,
which gives us 6 months to prepare.

Bron.

From murch at andrew.cmu.edu  Tue Nov 17 18:37:13 2009
From: murch at andrew.cmu.edu (Ken Murchison)
Date: Tue, 17 Nov 2009 18:37:13 -0500
Subject: ANNOTATEMORE => METADATA and rfc 5464
In-Reply-To: <20091117232746.GA6069@brong.net>
References: <20091117122849.GA4503@brong.net> <4B02AD1F.9030606@andrew.cmu.edu>
	<20091117210135.GA5302@brong.net> <4B0312FF.9080302@andrew.cmu.edu>
	<20091117232746.GA6069@brong.net>
Message-ID: <4B0333A9.50901@andrew.cmu.edu>

Bron Gondwana wrote:
> On Tue, Nov 17, 2009 at 04:17:51PM -0500, Ken Murchison wrote:
>> Bron Gondwana wrote:
>>> On Tue, Nov 17, 2009 at 09:03:11AM -0500, Ken Murchison wrote:
>>>> What is your new format proposal?
>>> I'll see :)  Not sure yet - but mainly not sizeof(unsigned long)!
>> If we make a wholesale change to the database, perhaps this might be
>> something we put in the 2.4 branch.  It already has some
>> partial/complete extensions like QRESYNC, LIST-EXTENDED,
>> URLAUTH=BINARY and COMPRESS (which I backported to 2.3).
>>
>> I was also thinking that although the charset changes have been
>> fully tested at Fastmail that it too might be a candidate for 2.4.
> 
> Yeah, fair enough!  I did commit them to CVS, but it's easy enough to
> back them out and commit to a branch instead.
> 
> Do we have a roadmap for what else people want on the 2.4 branch?
> I'd be happy to put a bit more effort into polishing up those features
> that are there so we can ship a 2.4 soonish.  Say by April next year,
> which gives us 6 months to prepare.

My original vision for 2.4 was to be compliant with the LEMONADE v2 profile.

At this point is can morph into anything we want.  Some of the 2.4 
features required changes that I felt were too in depth to put into a 
relatively stable 2.3.

I'm pretty close to having the time to dive back into the 2.4 code.  The 
first thing that needs to be done is to merge all of the new 2.3 stuff 
into 2.4.

-- 
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University

From D.J.Mayo at bath.ac.uk  Wed Nov 18 04:45:21 2009
From: D.J.Mayo at bath.ac.uk (David Mayo)
Date: Wed, 18 Nov 2009 09:45:21 +0000
Subject: setting up replication
In-Reply-To: <1258477423.7729.10.camel@dell-jr.intern.win-rar.com>
References: <1258477423.7729.10.camel@dell-jr.intern.win-rar.com>
Message-ID: <4B03C231.1040409@bath.ac.uk>

Johannes,

Johannes Ru?ek wrote:

> i'm trying to replicate an existing imap servers over to a new one, this
> is basically fedora core 6 to rhel5.
> i've set up the replication as per the howto and it appears to basically
> work. however, when sync_client reaches the point of creating a mailbox,
> i get the following error in the log:
> 
> sync_client[30485]: CREATE received BAD response: Unexpected extra
> arguments to Create

Do you have the same mailbox partitions set up in imapd.conf on the 
master and the slave?

Regards,


Dave.

David Mayo
Networks/Systems Administrator
University of Bath Computing Services, UK


From brong at fastmail.fm  Wed Nov 18 06:34:44 2009
From: brong at fastmail.fm (Bron Gondwana)
Date: Wed, 18 Nov 2009 22:34:44 +1100
Subject: ANNOTATEMORE => METADATA and rfc 5464
In-Reply-To: <4B0333A9.50901@andrew.cmu.edu>
References: <20091117122849.GA4503@brong.net> <4B02AD1F.9030606@andrew.cmu.edu>
	<20091117210135.GA5302@brong.net> <4B0312FF.9080302@andrew.cmu.edu>
	<20091117232746.GA6069@brong.net> <4B0333A9.50901@andrew.cmu.edu>
Message-ID: <20091118113444.GA18502@brong.net>

On Tue, Nov 17, 2009 at 06:37:13PM -0500, Ken Murchison wrote:
> Bron Gondwana wrote:
> >On Tue, Nov 17, 2009 at 04:17:51PM -0500, Ken Murchison wrote:
> >>Bron Gondwana wrote:
> >>>On Tue, Nov 17, 2009 at 09:03:11AM -0500, Ken Murchison wrote:
> >>>>What is your new format proposal?
> >>>I'll see :)  Not sure yet - but mainly not sizeof(unsigned long)!
> >>If we make a wholesale change to the database, perhaps this might be
> >>something we put in the 2.4 branch.  It already has some
> >>partial/complete extensions like QRESYNC, LIST-EXTENDED,
> >>URLAUTH=BINARY and COMPRESS (which I backported to 2.3).
> >>
> >>I was also thinking that although the charset changes have been
> >>fully tested at Fastmail that it too might be a candidate for 2.4.
> >
> >Yeah, fair enough!  I did commit them to CVS, but it's easy enough to
> >back them out and commit to a branch instead.
> >
> >Do we have a roadmap for what else people want on the 2.4 branch?
> >I'd be happy to put a bit more effort into polishing up those features
> >that are there so we can ship a 2.4 soonish.  Say by April next year,
> >which gives us 6 months to prepare.
> 
> My original vision for 2.4 was to be compliant with the LEMONADE v2 profile.

Sounds like a good plan :)
 
> At this point is can morph into anything we want.  Some of the 2.4
> features required changes that I felt were too in depth to put into
> a relatively stable 2.3.
> 
> I'm pretty close to having the time to dive back into the 2.4 code.
> The first thing that needs to be done is to merge all of the new 2.3
> stuff into 2.4.

Sure.  I'm happy to put the more unstable stuff (even including the
charset changes) into 2.4.  I just want to have some idea that they
won't get stuck waiting for some lemonade scented towlettes forever.
If we commit to something like "2.4 will ship with whatever features
we have ready in April 2010" then we have a decent timeline to figure
out what we'll actually have time to support, and focus on getting
that stable.  In particular, that's a good time for all the format
changes to land all at once, and potentially new defaults for a bunch
of config values that have occured over the years.  In particular
things like collation order for the mailboxes.db should just be fixed.
Dump and restore your DB and do it this way!  In general I'd like to
simplify configuration where possible even at the expense of backwards
compatibility.  We could have a "config_version: 2.4" key which needs
to be changed over major version differences, and keep configs compatible
within the major versions. (2.x that is)

Bron.

From lists at egidy.de  Wed Nov 18 07:21:07 2009
From: lists at egidy.de (Gerd v. Egidy)
Date: Wed, 18 Nov 2009 13:21:07 +0100
Subject: ANNOTATEMORE => METADATA and rfc 5464
In-Reply-To: <20091117122849.GA4503@brong.net>
References: <20091117122849.GA4503@brong.net>
Message-ID: <200911181321.07900.lists@egidy.de>

Hi Bron,

thanks for looking into the annotation/metadata stuff.

> So I'm thinking: create a new metadata.db, require a conversion on upgrade
> from annotations.db.  I had a look, and none of our servers had ANY
> annotations until I added a /comment to my INBOX for testing.

Just to be sure: do you plan to change the current annotatemore-code so that 
it will access the new database and an old client still using annotatemore 
will still work?
 
> Does anybody out there use annotations much?  Does anybody know any code
> that would be broken by changing the way annotations are done?

Given that there is code to convert the old annotations.db to metadata.db I 
don't see any problems for us. Our backup code will probably need some 
tweaking, but when the new db format is more sane than the current mess I 
don't see any problems with that.

Kind regards,

Gerd

-- 
Address (better: trap) for people I really don't want to get mail from:
jonas at cactusamerica.com

From mayak at australsat.com  Wed Nov 18 09:49:50 2009
From: mayak at australsat.com (mayak-cq)
Date: Wed, 18 Nov 2009 15:49:50 +0100
Subject: moving a cyrus folder and reconstruct?
Message-ID: <1258555790.26543.3.camel@sumatra.ccuse.com>

hi all,

i've been migrating from smartermail to cyrus using imapsync

that has worked, yet, i end up with an Inbox child of Inbox.

i'd like to goto the file system and just move the folders around and
delete the 2nd Inbox, however, cyrus barfs.

is there a way to move the mail folders using a script?

many thanks

mcq


From bawood at umich.edu  Wed Nov 18 10:43:55 2009
From: bawood at umich.edu (Brian Awood)
Date: Wed, 18 Nov 2009 10:43:55 -0500
Subject: setting up replication
In-Reply-To: <17756_1258481563_nAHICgEZ021948_4B02E751.8070405@ednet.ns.ca>
References: <1258477423.7729.10.camel@dell-jr.intern.win-rar.com>
	<1258479265.7729.13.camel@dell-jr.intern.win-rar.com>
	<17756_1258481563_nAHICgEZ021948_4B02E751.8070405@ednet.ns.ca>
Message-ID: <200911181043.55355.bawood@umich.edu>


On Tuesday 17 November 2009 @ 13:11, Patrick Boutilier wrote:
> On 11/17/2009 01:34 PM, Johannes Ru?ek wrote:
> > Nope, i'm not. is this necessary?
> > it's 2.3.9 on the master and 2.3.7 on the replica.
> > if that's the problem i will take care of that first.
>
> They are both 2.3.x so that shouldn't be a problem. However those
> versions are relatively old. 2.3.15 is the latest in the 2.3
> series.
>
> I just setup replication a couple of weeks ago and haven't seen any
> of those errors.

I believe there were major changes in the sync protocol between 2.3.7 
& 2.3.9, enough to probably make them incompatible.  Although, I 
would also recommend running 2.3.15 over anything older.

-Brian

From julien at linuxwall.info  Wed Nov 18 10:50:55 2009
From: julien at linuxwall.info (Julien Vehent)
Date: Wed, 18 Nov 2009 16:50:55 +0100
Subject: moving a cyrus folder and =?UTF-8?Q?reconstruct=3F?=
In-Reply-To: <1258555790.26543.3.camel@sumatra.ccuse.com>
References: <1258555790.26543.3.camel@sumatra.ccuse.com>
Message-ID: <fdc497460a61af522a0dce6ab7453f2a@localhost>

On Wed, 18 Nov 2009 15:49:50 +0100, mayak-cq <mayak at australsat.com> wrote:
> hi all,
> 

hello :)

> i've been migrating from smartermail to cyrus using imapsync
> 
> that has worked, yet, i end up with an Inbox child of Inbox.
> 
> i'd like to goto the file system and just move the folders around and
> delete the 2nd Inbox, however, cyrus barfs.
> 
> is there a way to move the mail folders using a script?
> 

when I have to move mailboxes, I do the following :

http://wiki.linuxwall.info/doku.php/en:ressources:dossiers:cyrus:migrate_maiboxes

hope it helps,

julien

> many thanks
> 
> mcq
> 
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html


From russek at win-rar.com  Wed Nov 18 12:15:25 2009
From: russek at win-rar.com (Johannes =?ISO-8859-1?Q?Ru=DFek?=)
Date: Wed, 18 Nov 2009 18:15:25 +0100
Subject: setting up replication
In-Reply-To: <200911181043.55355.bawood@umich.edu>
References: <1258477423.7729.10.camel@dell-jr.intern.win-rar.com>
	<1258479265.7729.13.camel@dell-jr.intern.win-rar.com>
	<17756_1258481563_nAHICgEZ021948_4B02E751.8070405@ednet.ns.ca>
	<200911181043.55355.bawood@umich.edu>
Message-ID: <1258564525.18940.2.camel@dell-jr.intern.win-rar.com>

Hi Brian,
thanks for the recommendation, but you have to note that this is RHEL
cyrus, which means there are a lot of backports in it..
As usual, RH version is not the same as upstream version. Also with RH
you are pretty much bound to what you get :)
I'll get both machines to RHEL's 2.3.9 first, then try replication
again.
Thanks everybody,
Johannes

Am Mittwoch, den 18.11.2009, 10:43 -0500 schrieb Brian Awood:
> On Tuesday 17 November 2009 @ 13:11, Patrick Boutilier wrote:
> > On 11/17/2009 01:34 PM, Johannes Ru?ek wrote:
> > > Nope, i'm not. is this necessary?
> > > it's 2.3.9 on the master and 2.3.7 on the replica.
> > > if that's the problem i will take care of that first.
> >
> > They are both 2.3.x so that shouldn't be a problem. However those
> > versions are relatively old. 2.3.15 is the latest in the 2.3
> > series.
> >
> > I just setup replication a couple of weeks ago and haven't seen any
> > of those errors.
> 
> I believe there were major changes in the sync protocol between 2.3.7 
> & 2.3.9, enough to probably make them incompatible.  Although, I 
> would also recommend running 2.3.15 over anything older.
> 
> -Brian
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
-- 
****************************************************************************

Best Regards,

Johannes Ru?ek
Linux/UNIX Administration

win.rar GmbH
Schumannstr. 17
10117 Berlin
Germany

www.win-rar.com    (website)
russek at win-rar.com (e-mail)

+49 30 28886758  (tel Zentrale)
+49 30 28884514 (fax)

****************************************************************************
win.rar GmbH Berlin                           |    HR B-Nr. 109885 B
Management: ?nc?l Kaya, Burak Canboy          |    Amtsgericht
                                              |    Charlottenburg
****************************************************************************


From boutilpj at ednet.ns.ca  Wed Nov 18 12:52:26 2009
From: boutilpj at ednet.ns.ca (Patrick Boutilier)
Date: Wed, 18 Nov 2009 13:52:26 -0400
Subject: setting up replication
In-Reply-To: <1258564525.18940.2.camel@dell-jr.intern.win-rar.com>
References: <1258477423.7729.10.camel@dell-jr.intern.win-rar.com>	<1258479265.7729.13.camel@dell-jr.intern.win-rar.com>	<17756_1258481563_nAHICgEZ021948_4B02E751.8070405@ednet.ns.ca>	<200911181043.55355.bawood@umich.edu>
	<1258564525.18940.2.camel@dell-jr.intern.win-rar.com>
Message-ID: <25300_1258566822_nAIHreMA005326_4B04345A.9040000@ednet.ns.ca>

On 11/18/2009 01:15 PM, Johannes Ru?ek wrote:
> Hi Brian,
> thanks for the recommendation, but you have to note that this is RHEL
> cyrus, which means there are a lot of backports in it..

Usually security fixes though.

> As usual, RH version is not the same as upstream version. Also with RH
> you are pretty much bound to what you get :)

You could try this source RPM:


http://www.invoca.ch/pub/packages/cyrus-imapd/cyrus-imapd-2.3.15-4.src.rpm




> I'll get both machines to RHEL's 2.3.9 first, then try replication
> again.
> Thanks everybody,
> Johannes
>
> Am Mittwoch, den 18.11.2009, 10:43 -0500 schrieb Brian Awood:
>> On Tuesday 17 November 2009 @ 13:11, Patrick Boutilier wrote:
>>> On 11/17/2009 01:34 PM, Johannes Ru?ek wrote:
>>>> Nope, i'm not. is this necessary?
>>>> it's 2.3.9 on the master and 2.3.7 on the replica.
>>>> if that's the problem i will take care of that first.
>>>
>>> They are both 2.3.x so that shouldn't be a problem. However those
>>> versions are relatively old. 2.3.15 is the latest in the 2.3
>>> series.
>>>
>>> I just setup replication a couple of weeks ago and haven't seen any
>>> of those errors.
>>
>> I believe there were major changes in the sync protocol between 2.3.7
>> &  2.3.9, enough to probably make them incompatible.  Although, I
>> would also recommend running 2.3.15 over anything older.
>>
>> -Brian
>> ----
>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html


From tv at solnet.ch  Thu Nov 19 10:06:06 2009
From: tv at solnet.ch (Thomas Vogt)
Date: Thu, 19 Nov 2009 16:06:06 +0100
Subject: move mailboxes and mark email as "read"
Message-ID: <0283E131-42BC-4A8D-AE7D-05486901A1CE@solnet.ch>

Hi

I'll move several thousand cyrus mailboxes to a new server. Old Server was running cyrus imapd 2.2, new server runs cyrus imapd 2.3.

The task seems pretty trivial. I tar all users starting with A (later b,c,d..), create all mailboxes on the new server with cyradm (script), extract the tar file, reconstruct all mailboxes.

The only problemI have, is "seen.db". On my new server, every email is marked as new, unread email. Is there a way to fix this?

Regards,
Thomas Vogt



From rrdansmith at gmail.com  Thu Nov 19 13:13:49 2009
From: rrdansmith at gmail.com (Dan Smith)
Date: Thu, 19 Nov 2009 13:13:49 -0500
Subject: Is there a graceful shutdown of imapd process?
Message-ID: <5971ECA38DA442E7A47FF390452B10DA@e012981desktop>

My goal is to be able to reload the imapd.conf file for imap processes
without impacting currently connected subscribers.
I know that there are some patches available to allow this to be done with a
SIGHUP, but until they are widely accepted and one is brought into the code
thread, we will probably shy away from it.
 
I was wondering if another approach would be possible.
Is there any way that anyone can think of of that would stop an imapd
process from taking on new connections without impacting the existing ones?
 
If there were, I could block new connections for one process at a time and
when all connections were drained off, restart it.
 
Any other ideas about how to accomplish this?
 
Thanks!
 
-dan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091119/f240654a/attachment.html 

From hans.moser at ofd-sth.niedersachsen.de  Fri Nov 20 03:30:26 2009
From: hans.moser at ofd-sth.niedersachsen.de (Marc Patermann)
Date: Fri, 20 Nov 2009 09:30:26 +0100
Subject: move mailboxes and mark email as "read"
In-Reply-To: <0283E131-42BC-4A8D-AE7D-05486901A1CE@solnet.ch>
References: <0283E131-42BC-4A8D-AE7D-05486901A1CE@solnet.ch>
Message-ID: <4B0653A2.6010400@ofd-sth.niedersachsen.de>

Hi,

Thomas Vogt schrieb:

> I'll move several thousand cyrus mailboxes to a new server. Old
> Server was running cyrus imapd 2.2, new server runs cyrus imapd 2.3.
> 
> The task seems pretty trivial. I tar all users starting with A (later
> b,c,d..), create all mailboxes on the new server with cyradm
> (script), extract the tar file, reconstruct all mailboxes.
> 
> The only problemI have, is "seen.db". On my new server, every email
> is marked as new, unread email. Is there a way to fix this?
# man cvt_cyrusdb
# /usr/lib/cyrus/bin/cvt_cyrusdb
Usage: /usr/lib/cyrus/bin/cvt_cyrusdb [-C altconfig] <old db> <old db 
backend> <new db> <new db backend>
Usable Backends:  berkeley, berkeley-nosync, flat, skiplist, quotalegacy

Dump to flat file, copy to new server, convert back to desired bd format.
[Should work, untested here. Inspired by 
http://wiki.linuxwall.info/doku.php/en:ressources:dossiers:cyrus:repair_skiplist]

Or you copy by imapsync.


Marc

From nodens2099 at gmail.com  Fri Nov 20 04:22:00 2009
From: nodens2099 at gmail.com (nodens2099)
Date: Fri, 20 Nov 2009 10:22:00 +0100
Subject: Is there a graceful shutdown of imapd process?
In-Reply-To: <5971ECA38DA442E7A47FF390452B10DA@e012981desktop>
References: <5971ECA38DA442E7A47FF390452B10DA@e012981desktop>
Message-ID: <4B065FB8.5070101@gmail.com>

Le 19/11/2009 19:13, Dan Smith a ?crit :
> My goal is to be able to reload the imapd.conf file for imap processes 
> without impacting currently connected subscribers.
> I know that there are some patches available to allow this to be done 
> with a SIGHUP, but until they are widely accepted and one is brought 
> into the code thread, we will probably shy away from it.
>  
> I was wondering if another approach would be possible.
> Is there any way that anyone can think of of that would stop an imapd 
> process from taking on new connections without impacting the existing ones?
>  
> If there were, I could block new connections for one process at a time 
> and when all connections were drained off, restart it.
>  
> Any other ideas about how to accomplish this?
>  

Actually, the SIGHUP handling patch as been in debian packages (2.2.x) 
for a while now. This is a pretty large audience, and AFAIK no problem 
has been reported on this feature.

Anyway, if you are on linux (or *BSD), a good solution would be to 
prevent new connections via netfilter/iptables (or pf for BSD), while 
allowing "established" data flow, using the stateful firewalling.

The problem is, most modern clients try to stay connected...

Best regards,

-- 
Cl?ment Hermann (nodens)

From steuwer at univention.de  Fri Nov 20 06:17:11 2009
From: steuwer at univention.de (Ingo Steuwer)
Date: Fri, 20 Nov 2009 12:17:11 +0100
Subject: configuration option for db-files in a different path than mailboxes?
Message-ID: <200911201217.11801.steuwer@univention.de>

Hi,

I'm in building a test-environment where I'd like to setup my cyrus mail spoll 
(/var/spool/cyrus/mail) on a NFS filesystem. I know that locking issues in 
NFSv3 prevent a clean mail delivery with cyrus and want to give NFSv4 a try.

My suspect from older tests was, that the handling of cyrus.index and 
other "database"-files (cyrus.cache, cyrus.header, cyrus.squat) isn't 
possible on NFSv3. Beside changing the NFS version, I thougt of an option 
where those files are stored on a different (non-NFS) partition.

Does anybody know about a way to configure the path of those files? Or are 
there ways to move them after creation?

BTW: Has anybody expieriences with NFSv4?

Thanks,
Ingo Steuwer


-- 
Ingo Steuwer
Head of Professional Services

Univention GmbH
Linux for your business
Mary-Somerville-Str.1
28359 Bremen
Tel.: +49 421 22232-43
Fax : +49 421 22232-99
Mob : +49 173 2112971

steuwer at univention.de>
http://www.univention.de

Gesch?ftsf?hrer: Peter H. Ganten
HRB 20755 Amtsgericht Bremen
Steuer-Nr.: 71-597-02876 

From nunatarsuaq at gmail.com  Fri Nov 20 06:51:09 2009
From: nunatarsuaq at gmail.com (nunatarsuaq)
Date: Fri, 20 Nov 2009 12:51:09 +0100
Subject: Problem with server-side filtering using sieve
In-Reply-To: <ff1ce9ee0911170401r51cbccf5j33102b8d0359a417@mail.gmail.com>
References: <ff1ce9ee0911160505t364cb9bfx6d5da1090827655a@mail.gmail.com>
	<ff1ce9ee0911160523u4983504dge3cd5863dea8fe7b@mail.gmail.com>
	<5c5894d51322c57c1c80a7d5adbc978f.squirrel@webmail.bi.corp.invoca.ch>
	<ff1ce9ee0911160545s2baf559apb3ffa202cd2aa63f@mail.gmail.com>
	<ff1ce9ee0911160833r1bdd5c4fld2d7c0c50125140d@mail.gmail.com>
	<ac1e4dc30385f7a6556ccf6e9bc829d2.squirrel@webmail.bi.corp.invoca.ch>
	<ff1ce9ee0911170135q56b0ed84p365a379e5be874be@mail.gmail.com>
	<ff1ce9ee0911170334g1d13911x3abc0e2763ee05f4@mail.gmail.com>
	<20091117125214.20682e56q8tb5sha@webmail.uni-tuebingen.de>
	<ff1ce9ee0911170401r51cbccf5j33102b8d0359a417@mail.gmail.com>
Message-ID: <ff1ce9ee0911200351u4248ce2fs8aebd1c05f0fdce0@mail.gmail.com>

Any ideas how to install a filter for all users?
I mean moving messages marked as spam (by SpamAssassin) to personal
Spam folders.



W dniu 17 listopada 2009 13:01 u?ytkownik nunatarsuaq
<nunatarsuaq at gmail.com> napisa?:
> 2009/11/17 Michael Menge <michael.menge at zdv.uni-tuebingen.de>:
>> Quoting nunatarsuaq <nunatarsuaq at gmail.com>:
>>
>>> Found a partial solution:
>>>
>>> 1. In my case the filter script should refer to user's mailbox as
>>> "user/USERNAME/folder"
>>> 2. Then I used sievec to create bytecode file for a particular user's
>>> sieve dir:
>>>
>>> /usr/lib/cyrus/bin/sievec sieve.filter /var/lib/sieve/U/USERNAME/defaultbc
>>>
>>> That's it. The filtering started working. Strange though...
>>> I don't get it why it doesn't work using sieveshell and a regular text
>>> script file.
>>
>> Did you activate the script?
>
> When I tried to use sieveshell I had my loaded script activated.
>
>> defaultbc is normaly a softlink to the active script bytecode
>>
>>>
>>> Anyway I'd prefer to have a main filter file for all users that would
>>> move all spam-marked messages to Spam folder in each mailbox.
>>>
>>> Any ideas?
>>>
>>> Rangifer
>>>
>>> 2009/11/17 nunatarsuaq <nunatarsuaq at gmail.com>:
>>>>
>>>> Hi
>>>>
>>>> I'm still having problem with getting the filtering working
>>>>
>>>> Even though the script can be loaded it doesn't work.
>>>> I'm trying
>>>>
>>>> if header :contains ["Subject"] "test" {
>>>> ? ? ? ? fileinto "Junk";
>>>> ?? ? ? ? stop;
>>>> }
>>>>
>>>> if header :contains ["Subject"] "test" {
>>>> ? ? ? ? fileinto "user/testowy/Junk";
>>>> ? ? ? ? stop;
>>>> }
>>>>
>>>> if header :contains ["Subject"] "test" {
>>>> ? ? ? ? fileinto "user.testowy.Junk";
>>>> ? ? ? ? stop;
>>>> }
>>>>
>>>> and
>>>>
>>>> if header :contains ["Subject"] "test" {
>>>> ? ? ? ? fileinto "user/testowy.Junk";
>>>> ? ? ? ? stop;
>>>> }
>>>>
>>>> None method works. Is there a bad syntax somewhere?
>>>> I noticed that when working on imap accounts (using reconstruct
>>>> command for example) I need to type user/USERNAME instead of
>>>> user.USERNAME found everywhere on the web.
>>>>
>>>> Going further I'd like to set up a filter moving messages marked as
>>>> spam for all users.
>>>> How should it be installed?
>>>>
>>>> Rangifer
>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> 2009/11/16 Simon Matter <simon.matter at invoca.ch>:
>>>>>>>>>>>
>>>>>>>>>>> Hello to everybody
>>>>>>>>>>>
>>>>>>>>>>> I'm a new user here and found this list while searching for
>>>>>>>>>>> solution
>>>>>>>>>>> to my problem.
>>>>>>>>>>>
>>>>>>>>>>> I have a running mail server with postfix and cyrus-imap and would
>>>>>>>>>>> like to start filtering incoming messages on the server side.
>>>>>>>>>>> I tried to put a filter using sieve shell according to this
>>>>>>>>>>> tutorial
>>>>>>>>>>> http://wiki.linuxwall.info/doku.php/en:ressources:astuces:sieve
>>>>>>>>>>> but
>>>>>>>>>>> with no results.
>>>>>>>>>>>
>>>>>>>>>>> Here's my configuration:
>>>>>>>>>>>
>>>>>>>>>>> I created a file with a sieve filter:
>>>>>>>>>>>
>>>>>>>>>>> if header :contains "X-Spam-Flag" "YES" {
>>>>>>>>>>> ?fileinto "Junk";
>>>>>>>>>>> ?stop;
>>>>>>>>>>> }
>>>>>>>>>>
>>>>>>>>>> I think your script should start with a require line. Do you have
>>>>>>>>>> it?
>>>>>>>>>>
>>>>>>>>>> Simon
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> I tried also type fileinto as "user.USERNAME.Junk",
>>>>>>>>>>> "user/USERNAME.Junk" and "user/USERNAME/Junk")
>>>>>>>>>>>
>>>>>>>>>>> Now when I invoke
>>>>>>>>>>>
>>>>>>>>>>> # sieveshell -u cyrus -a cyrus localhost (tried also with a user
>>>>>>>>>>> other
>>>>>>>>>>> than cyrus)
>>>>>>>>>>>
>>>>>>>>>>> and type
>>>>>>>>>>>
>>>>>>>>>>>> put sieve_filter
>>>>>>>>>>>
>>>>>>>>>>> I get an error:
>>>>>>>>>>>
>>>>>>>>>>> upload failed: put script: script errors:
>>>>>>>>>>> line 2: fileinto not required
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> What does it really mean?
>>>>>>>>>>> What can be done to get it working?
>>>>>>>>>>>
>>>>>>>>>>> Rangifer
>>>>>>>>>>> ----
>>>>>>>>>>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>>>>>>>>>>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>>>>>>>>>>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> ToMasz
>>>
>>> http://skocz.pl/przystanekGL - wspomnienia coraz bardziej odleg?e...
>>> ----
>>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>>
>>
>>
>>
>> --------------------------------------------------------------------------------
>> M.Menge ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?Tel.: (49) 7071/29-70316
>> Universit?t T?bingen ? ? ? ? ? ? ? ? ? Fax.: (49) 7071/29-5912
>> Zentrum f?r Datenverarbeitung ? ? ? ? ?mail:
>> michael.menge at zdv.uni-tuebingen.de
>> W?chterstra?e 76
>> 72074 T?bingen
>> ----
>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>
>
>
>
> --
> ToMasz
>
> http://skocz.pl/przystanekGL - wspomnienia coraz bardziej odleg?e...
>



-- 
ToMasz

http://skocz.pl/przystanekGL - wspomnienia coraz bardziej odleg?e...

From hans.moser at ofd-sth.niedersachsen.de  Fri Nov 20 07:07:52 2009
From: hans.moser at ofd-sth.niedersachsen.de (Marc Patermann)
Date: Fri, 20 Nov 2009 13:07:52 +0100
Subject: configuration option for db-files in a different path than
	mailboxes?
In-Reply-To: <200911201217.11801.steuwer@univention.de>
References: <200911201217.11801.steuwer@univention.de>
Message-ID: <4B068698.5040102@ofd-sth.niedersachsen.de>

Hi,

Ingo Steuwer schrieb:

> I'm in building a test-environment where I'd like to setup my cyrus mail spoll 
> (/var/spool/cyrus/mail) on a NFS filesystem. I know that locking issues in 
> NFSv3 prevent a clean mail delivery with cyrus and want to give NFSv4 a try.
> 
> My suspect from older tests was, that the handling of cyrus.index and 
> other "database"-files (cyrus.cache, cyrus.header, cyrus.squat) isn't 
> possible on NFSv3. Beside changing the NFS version, I thougt of an option 
> where those files are stored on a different (non-NFS) partition.
> 
> Does anybody know about a way to configure the path of those files? Or are 
> there ways to move them after creation?
check for metapartion in your imapd.conf man page:

metapartition_files: <empty string>
     Space-separated list of metadata files to be stored on a
     metapartition rather than in the mailbox directory on a spool
     partition.
     Allowed values: header, index, cache, expunge, squat
metapartition-name: <none>
     The pathname of the metadata partition name, corresponding to spool 
partition partition-name. For any mailbox residing in a directory on 
partition-name, the metadata files listed in metapartition_files will be 
stored in a corresponding directory on metapartition-name. Note that not 
every partition-name option is required to have a corresponding 
metapartition-name option, so that you can selectively choose which 
spool partitions will have separate metadata partitions.


Marc

From michael.menge at zdv.uni-tuebingen.de  Fri Nov 20 07:16:05 2009
From: michael.menge at zdv.uni-tuebingen.de (Michael Menge)
Date: Fri, 20 Nov 2009 13:16:05 +0100
Subject: move mailboxes and mark email as "read"
In-Reply-To: <4B0653A2.6010400@ofd-sth.niedersachsen.de>
References: <0283E131-42BC-4A8D-AE7D-05486901A1CE@solnet.ch>
	<4B0653A2.6010400@ofd-sth.niedersachsen.de>
Message-ID: <20091120131605.74324dobl4ao5ksl@webmail.uni-tuebingen.de>

Quoting Marc Patermann <hans.moser at ofd-sth.niedersachsen.de>:

> Hi,
>
> Thomas Vogt schrieb:
>
>> I'll move several thousand cyrus mailboxes to a new server. Old
>> Server was running cyrus imapd 2.2, new server runs cyrus imapd 2.3.
>>
>> The task seems pretty trivial. I tar all users starting with A (later
>> b,c,d..), create all mailboxes on the new server with cyradm
>> (script), extract the tar file, reconstruct all mailboxes.
>>
>> The only problemI have, is "seen.db". On my new server, every email
>> is marked as new, unread email. Is there a way to fix this?
> # man cvt_cyrusdb
> # /usr/lib/cyrus/bin/cvt_cyrusdb
> Usage: /usr/lib/cyrus/bin/cvt_cyrusdb [-C altconfig] <old db> <old db
> backend> <new db> <new db backend>
> Usable Backends:  berkeley, berkeley-nosync, flat, skiplist, quotalegacy
>
> Dump to flat file, copy to new server, convert back to desired bd format.
> [Should work, untested here. Inspired by
> http://wiki.linuxwall.info/doku.php/en:ressources:dossiers:cyrus:repair_skiplist]
>

You should also dump the mailboxes.db and import it on the new server,
this insures that the mailbox uid, which is used in the seen.db is
consistent.


--------------------------------------------------------------------------------
M.Menge                                Tel.: (49) 7071/29-70316
Universit?t T?bingen                   Fax.: (49) 7071/29-5912
Zentrum f?r Datenverarbeitung          mail:  
michael.menge at zdv.uni-tuebingen.de
W?chterstra?e 76
72074 T?bingen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5339 bytes
Desc: S/MIME krytographische Unterschrift
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091120/b64a56ad/attachment.bin 

From michael.menge at zdv.uni-tuebingen.de  Fri Nov 20 07:26:43 2009
From: michael.menge at zdv.uni-tuebingen.de (Michael Menge)
Date: Fri, 20 Nov 2009 13:26:43 +0100
Subject: configuration option for db-files in a different path than
	mailboxes?
In-Reply-To: <200911201217.11801.steuwer@univention.de>
References: <200911201217.11801.steuwer@univention.de>
Message-ID: <20091120132643.305129gplg1dkv0j@webmail.uni-tuebingen.de>

Quoting Ingo Steuwer <steuwer at univention.de>:

> Hi,
>
> I'm in building a test-environment where I'd like to setup my cyrus  
> mail spoll
> (/var/spool/cyrus/mail) on a NFS filesystem. I know that locking issues in
> NFSv3 prevent a clean mail delivery with cyrus and want to give NFSv4 a try.
>
> My suspect from older tests was, that the handling of cyrus.index and
> other "database"-files (cyrus.cache, cyrus.header, cyrus.squat) isn't
> possible on NFSv3. Beside changing the NFS version, I thougt of an option
> where those files are stored on a different (non-NFS) partition.

You have to keep them in sync across your servers and mailstorage.
So i would not use it for active/active usage.

> Does anybody know about a way to configure the path of those files? Or are
> there ways to move them after creation?

Have a look at metapartition-name in the imapd.conf manpage
and migrate-metadata in the toold directory


--------------------------------------------------------------------------------
M.Menge                                Tel.: (49) 7071/29-70316
Universit?t T?bingen                   Fax.: (49) 7071/29-5912
Zentrum f?r Datenverarbeitung          mail:  
michael.menge at zdv.uni-tuebingen.de
W?chterstra?e 76
72074 T?bingen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5339 bytes
Desc: S/MIME krytographische Unterschrift
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091120/1baaf4f8/attachment.bin 

From boutilpj at ednet.ns.ca  Fri Nov 20 07:26:51 2009
From: boutilpj at ednet.ns.ca (Patrick Boutilier)
Date: Fri, 20 Nov 2009 08:26:51 -0400
Subject: configuration option for db-files in a different path than
	mailboxes?
In-Reply-To: <200911201217.11801.steuwer@univention.de>
References: <200911201217.11801.steuwer@univention.de>
Message-ID: <29975_1258720089_nAKCS84s006771_4B068B0B.70204@ednet.ns.ca>

On 11/20/2009 07:17 AM, Ingo Steuwer wrote:
> Hi,
>
> I'm in building a test-environment where I'd like to setup my cyrus mail spoll
> (/var/spool/cyrus/mail) on a NFS filesystem. I know that locking issues in
> NFSv3 prevent a clean mail delivery with cyrus and want to give NFSv4 a try.
>
> My suspect from older tests was, that the handling of cyrus.index and
> other "database"-files (cyrus.cache, cyrus.header, cyrus.squat) isn't
> possible on NFSv3. Beside changing the NFS version, I thougt of an option
> where those files are stored on a different (non-NFS) partition.
>
> Does anybody know about a way to configure the path of those files? Or are
> there ways to move them after creation?


What version of Cyrus? In 2.3.x you can use the metapartition options in 
imapd.conf

To move existing metatadata use the tools/migrate-metadata script in the 
source tarball.


metapartition_files: <empty string>
             Space-separated list of metadata files to be stored on a 
metapartition rather than in the mailbox directory on a spool partition.

             Allowed values: header, index, cache, expunge, squat

        metapartition-name: <none>
             The pathname of the metadata partition name, corresponding 
to spool partition partition-name.  For  any  mailbox  residing  in  a
             directory  on  partition-name,  the  metadata  files listed 
in metapartition_files will be stored in a corresponding directory on
             metapartition-name.   Note that not every partition-name 
option is required to have a corresponding metapartition-name option, so
             that you can selectively choose which spool partitions will 
have separate metadata partitions.



>
> BTW: Has anybody expieriences with NFSv4?
>
> Thanks,
> Ingo Steuwer
>
>


From boutilpj at ednet.ns.ca  Fri Nov 20 07:31:31 2009
From: boutilpj at ednet.ns.ca (Patrick Boutilier)
Date: Fri, 20 Nov 2009 08:31:31 -0400
Subject: move mailboxes and mark email as "read"
In-Reply-To: <0283E131-42BC-4A8D-AE7D-05486901A1CE@solnet.ch>
References: <0283E131-42BC-4A8D-AE7D-05486901A1CE@solnet.ch>
Message-ID: <29959_1258720370_nAKCWne3016735_4B068C23.3040000@ednet.ns.ca>

On 11/19/2009 11:06 AM, Thomas Vogt wrote:
> Hi
>
> I'll move several thousand cyrus mailboxes to a new server. Old Server was running cyrus imapd 2.2, new server runs cyrus imapd 2.3.
>
> The task seems pretty trivial. I tar all users starting with A (later b,c,d..), create all mailboxes on the new server with cyradm (script), extract the tar file, reconstruct all mailboxes.
>

Why bother with the reconstruct? If you have pristine copies of the 
metadata you should be fine and seen state will be intact.



> The only problemI have, is "seen.db". On my new server, every email is marked as new, unread email. Is there a way to fix this?
>
> Regards,
> Thomas Vogt
>
>
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html


From steuwer at univention.de  Fri Nov 20 08:01:36 2009
From: steuwer at univention.de (Ingo Steuwer)
Date: Fri, 20 Nov 2009 14:01:36 +0100
Subject: configuration option for db-files in a different path than
	mailboxes?
In-Reply-To: <4B068698.5040102@ofd-sth.niedersachsen.de>
References: <200911201217.11801.steuwer@univention.de>
	<4B068698.5040102@ofd-sth.niedersachsen.de>
Message-ID: <200911201401.36988.steuwer@univention.de>

Hi,

thanks for your quick feedback. The option is exactly what I was looking for; 
I haven't noticed it because I'm using cyrus 2.2 at the moment.

Thanks,
Ingo Steuwer

Am Freitag, 20. November 2009 schrieb Marc Patermann:
> Hi,
>
> Ingo Steuwer schrieb:
> > I'm in building a test-environment where I'd like to setup my cyrus mail
> > spoll (/var/spool/cyrus/mail) on a NFS filesystem. I know that locking
> > issues in NFSv3 prevent a clean mail delivery with cyrus and want to give
> > NFSv4 a try.
> >
> > My suspect from older tests was, that the handling of cyrus.index and
> > other "database"-files (cyrus.cache, cyrus.header, cyrus.squat) isn't
> > possible on NFSv3. Beside changing the NFS version, I thougt of an option
> > where those files are stored on a different (non-NFS) partition.
> >
> > Does anybody know about a way to configure the path of those files? Or
> > are there ways to move them after creation?
>
> check for metapartion in your imapd.conf man page:
>
> metapartition_files: <empty string>
>      Space-separated list of metadata files to be stored on a
>      metapartition rather than in the mailbox directory on a spool
>      partition.
>      Allowed values: header, index, cache, expunge, squat
> metapartition-name: <none>
>      The pathname of the metadata partition name, corresponding to spool
> partition partition-name. For any mailbox residing in a directory on
> partition-name, the metadata files listed in metapartition_files will be
> stored in a corresponding directory on metapartition-name. Note that not
> every partition-name option is required to have a corresponding
> metapartition-name option, so that you can selectively choose which
> spool partitions will have separate metadata partitions.
>
>
> Marc



-- 
Ingo Steuwer
Head of Professional Services

Univention GmbH
Linux for your business
Mary-Somerville-Str.1
28359 Bremen
Tel.: +49 421 22232-43
Fax : +49 421 22232-99
Mob : +49 173 2112971

steuwer at univention.de>
http://www.univention.de

Gesch?ftsf?hrer: Peter H. Ganten
HRB 20755 Amtsgericht Bremen
Steuer-Nr.: 71-597-02876 

From rrdansmith at gmail.com  Fri Nov 20 11:14:19 2009
From: rrdansmith at gmail.com (Dan Smith)
Date: Fri, 20 Nov 2009 11:14:19 -0500
Subject: Is there a graceful shutdown of imapd process?
In-Reply-To: <4B065FB8.5070101@gmail.com>
References: <5971ECA38DA442E7A47FF390452B10DA@e012981desktop>
	<4B065FB8.5070101@gmail.com>
Message-ID: <C4922B7E398843B0B6C3ACDE5608F98F@e012981desktop>

Thanks for your reply.  We're running Red Hat and just getting started with
Cyrus.
The solution is provided by a third party, so I'm kind of hobbled with what
I can and can't do (and have been told that patching imapd is definitely
out).

I thought a bit about the iptables solution, but it would still cause an
overall imap outage.  I was hoping that there would be a way to convince a
single imapd process to not take new connections...while allowing the others
to continue operating.  That would allow me to drain calls from one process
and restart it.  The connection duration wouldn't matter so much - as long
as it is scripted, I'd have all night.

My main goal is really to distribute newly created subscribers across
multiple partitions.  The vendor supports multiple messaging solutions, so
they chose to implement this partition load balancing as an external script
that updates the default partition and restarts imapd.  I have a strong
dislike for killing active connections, so I'm trying to find a better
solution.

I'm going to go back and beat on the vendor for a while to try to get them
to implement the partition load balancing in their creation request.

Thanks again!

-dan

-----Original Message-----
From: nodens2099 [mailto:nodens2099 at gmail.com] 
Sent: Friday, November 20, 2009 4:22 AM
To: Dan Smith
Cc: info-cyrus at lists.andrew.cmu.edu
Subject: Re: Is there a graceful shutdown of imapd process?

Le 19/11/2009 19:13, Dan Smith a ?crit :
> My goal is to be able to reload the imapd.conf file for imap processes 
> without impacting currently connected subscribers.
> I know that there are some patches available to allow this to be done 
> with a SIGHUP, but until they are widely accepted and one is brought 
> into the code thread, we will probably shy away from it.
>  
> I was wondering if another approach would be possible.
> Is there any way that anyone can think of of that would stop an imapd 
> process from taking on new connections without impacting the existing
ones?
>  
> If there were, I could block new connections for one process at a time 
> and when all connections were drained off, restart it.
>  
> Any other ideas about how to accomplish this?
>  

Actually, the SIGHUP handling patch as been in debian packages (2.2.x) for a
while now. This is a pretty large audience, and AFAIK no problem has been
reported on this feature.

Anyway, if you are on linux (or *BSD), a good solution would be to prevent
new connections via netfilter/iptables (or pf for BSD), while allowing
"established" data flow, using the stateful firewalling.

The problem is, most modern clients try to stay connected...

Best regards,

--
Cl?ment Hermann (nodens)


From Duncan.Gibb at SiriusIT.co.uk  Fri Nov 20 11:02:51 2009
From: Duncan.Gibb at SiriusIT.co.uk (Duncan Gibb)
Date: Fri, 20 Nov 2009 16:02:51 +0000
Subject: move mailboxes and mark email as "read"
In-Reply-To: <20091120131605.74324dobl4ao5ksl@webmail.uni-tuebingen.de>
References: <0283E131-42BC-4A8D-AE7D-05486901A1CE@solnet.ch>	<4B0653A2.6010400@ofd-sth.niedersachsen.de>
	<20091120131605.74324dobl4ao5ksl@webmail.uni-tuebingen.de>
Message-ID: <4B06BDAB.1060003@SiriusIT.co.uk>

Michael Menge wrote:

TV> I'll move several thousand cyrus mailboxes to a new server. Old
TV> Server was running cyrus imapd 2.2, new server runs cyrus imapd 2.3.

TV> I tar all users starting with A (later b,c,d..), create all
TV> mailboxes on the new server with cyradm (script), extract the
TV> tar file, reconstruct all mailboxes.

TV> The only problemI have, is "seen.db". On my new server, every email
TV> is marked as new, unread email. Is there a way to fix this?

MP> Dump to flat file, copy to new server, convert back to desired bd
MP> format.

MM> You should also dump the mailboxes.db and import it on the new server,
MM> this insures that the mailbox uid, which is used in the seen.db is
MM> consistent.

Another possibility is to use an rsync+reconstruct cycle to copy the
message content, then (possibly asynchronously with the user switchover)
use a scripted IMAP client like perl's Mail::IMAPClient to connect to
old and new systems and transfer the metadata (read all the message
flags, including "seen", on the source and set them on the target).

This allows you to phase the migration if you have a large volume of
data, and means you do not need to stick to the same namespace
conventions on the target server(s).  It also means you can redistribute
mailboxes across a Murder differently to how they were in the source
system(s).

However unless you can keep identical message UIDs at both ends it
doesn't scale well when you have folders containing very large numbers
of messages, because your script must either hold all flags for all
messages in memory, or keep doing search operations on one end or the
other to find the relevant message by some more expensive identifier.

Cheers


Duncan

-- 
Duncan Gibb - Technical Director
Sirius Corporation plc - control through freedom
http://www.siriusit.co.uk/ || t: +44 870 608 0063
Debian Cyrus Team - https://alioth.debian.org/projects/pkg-cyrus-imapd/

From jmadden at ivytech.edu  Fri Nov 20 17:00:11 2009
From: jmadden at ivytech.edu (John Madden)
Date: Fri, 20 Nov 2009 17:00:11 -0500
Subject: unexpected mailbox reservations
Message-ID: <4B07116B.9090408@ivytech.edu>

What causes mailbox reservations and how do you clear them without 
server restarts?

I'm running through re-populating our cluster in advance of a go-live 
next week and I'm finding that about one in every hundred or so return 
"Mailbox is currently reserved" when trying to adjust quotas or create 
sub-folders (that theoretically should already be there and return 
"mailbox exists).  The server isn't yet in use so it isn't a matter of 
anyone logging into it and, say, locking it over pop3.

Any ideas?

John


-- 
John Madden
Sr UNIX Systems Engineer
Ivy Tech Community College of Indiana
jmadden at ivytech.edu

From woods-cyrus at weird.com  Fri Nov 20 18:05:45 2009
From: woods-cyrus at weird.com (Greg A. Woods)
Date: Fri, 20 Nov 2009 18:05:45 -0500
Subject: Is there a graceful shutdown of imapd process?
In-Reply-To: <C4922B7E398843B0B6C3ACDE5608F98F@e012981desktop>
References: <5971ECA38DA442E7A47FF390452B10DA@e012981desktop>
	<4B065FB8.5070101@gmail.com>
	<C4922B7E398843B0B6C3ACDE5608F98F@e012981desktop>
Message-ID: <m1NBcY1-000kn1C@most.weird.com>

At Fri, 20 Nov 2009 11:14:19 -0500, "Dan Smith" <rrdansmith at gmail.com> wrote:
Subject: RE: Is there a graceful shutdown of imapd process?
> 
> My main goal is really to distribute newly created subscribers across
> multiple partitions.  The vendor supports multiple messaging solutions, so
> they chose to implement this partition load balancing as an external script
> that updates the default partition and restarts imapd.

(do you mean "imapd" there, or do you mean the Cyrus "master" process?)

Either way that sounds rather hokey for the purpose...

For example, what exactly does it mean to "support multiple messaging
_solutions_", and how exactly does this have anything to do with active
load balancing of IMAP/POP services over different "partitions"?  Does
"partition" here really mean what it does in /etc/imapd.conf?  Why the
heck isn't this level of "load balancing" being down way down in the
storage "layer"?  Does this in any way involve a MURDER configuration?


>  I have a strong
> dislike for killing active connections, so I'm trying to find a better
> solution.

I wouldn't worry about it and you should not either.  The correct
solution is to ask each active imapd to close its connection cleanly but
quickly, and to exit cleanly.

The IMAP protocol _MUST_ be robust against such events.  (I haven't done
a protocol analysis to determine this, but I do observe that some IMAP
servers have login timeouts which disconnect idle clients, and I also
observe that many other events can adversely affect communications
between a client and the server at any time causing the connection to
terminate abruptly at any phase or state.)


HOWEVER, this is _not_ what the patch being circulated does.

Currently the patch only tells _waiting_ processes to timeout and exit
without accepting any new connections.  _Active_ working processes will
still _ignore_ the SIGHUP.

The patch as it sits is _extremely_ safe!

It probably also does _exactly_ what your vendor's solution requires in
order to implement their form of partition load balancing.

-- 
						Greg A. Woods

+1 416 218-0098                VE3TCP          RoboHack <woods at robohack.ca>
Planix, Inc. <woods at planix.com>      Secrets of the Weird <woods at weird.com>

From rrdansmith at gmail.com  Fri Nov 20 18:22:50 2009
From: rrdansmith at gmail.com (Dan Smith)
Date: Fri, 20 Nov 2009 18:22:50 -0500
Subject: Is there a graceful shutdown of imapd process?
In-Reply-To: <m1NBcY1-000kn1C@most.weird.com>
References: <5971ECA38DA442E7A47FF390452B10DA@e012981desktop>
	<4B065FB8.5070101@gmail.com>
	<C4922B7E398843B0B6C3ACDE5608F98F@e012981desktop>
	<m1NBcY1-000kn1C@most.weird.com>
Message-ID: <18609788696041B998D86D2D547D9B7B@e012981desktop>

 

> -----Original Message-----
> From: Greg A. Woods [mailto:woods-cyrus at weird.com] 
> Sent: Friday, November 20, 2009 6:06 PM

> At Fri, 20 Nov 2009 11:14:19 -0500, "Dan Smith" 
> <rrdansmith at gmail.com> wrote:
> Subject: RE: Is there a graceful shutdown of imapd process?
> > 
> > My main goal is really to distribute newly created 
> subscribers across 
> > multiple partitions.  The vendor supports multiple messaging 
> > solutions, so they chose to implement this partition load 
> balancing as 
> > an external script that updates the default partition and 
> restarts imapd.
> 
> (do you mean "imapd" there, or do you mean the Cyrus "master" 
> process?)

I really mean imapd.  They are updating the imapd.conf file with a new
default partition, and then killing off the imapd processes as a way to get
it to reload the config and move to the next partition.

> Either way that sounds rather hokey for the purpose...

I completely agree there.

> For example, what exactly does it mean to "support multiple 
> messaging _solutions_", and how exactly does this have 
> anything to do with active load balancing of IMAP/POP 
> services over different "partitions"?  Does "partition" here 
> really mean what it does in /etc/imapd.conf?  Why the heck 
> isn't this level of "load balancing" being down way down in 
> the storage "layer"?  Does this in any way involve a MURDER 
> configuration?

The support of multiple messaging solutions really refers to the fact that
the company doesn't just use Cyrus.  They support other messaging solutions
that might not behave exactly the same way as Cyrus for load balancing.  So
their argument is that building support for the distribution of subs across
multiple partitions for Cyrus into the code would break support for one of
the other messaging solutions.

No connection with murder...this is specifically for the creation of the
accounts.

> >  I have a strong
> > dislike for killing active connections, so I'm trying to 
> find a better 
> > solution.
> 
> I wouldn't worry about it and you should not either.  The 
> correct solution is to ask each active imapd to close its 
> connection cleanly but quickly, and to exit cleanly.
> 
> The IMAP protocol _MUST_ be robust against such events.  (I 
> haven't done a protocol analysis to determine this, but I do 
> observe that some IMAP servers have login timeouts which 
> disconnect idle clients, and I also observe that many other 
> events can adversely affect communications between a client 
> and the server at any time causing the connection to 
> terminate abruptly at any phase or state.)

Understood...and I will definitely go back and completely verify my concerns
with some additional tests.  This Cyrus install is fronting larger than
average files (~1.5M each) on a voicemail solution.  As a result, the
retrieval/playback would be impacted if the connection was severed and then
rebuilt/restarted.

That said, I need to go back and quantify the actual end user impact of a
restart.  My experience said it was a bad idea, and initial testing showed
enough delay in presentation to worry me.

> HOWEVER, this is _not_ what the patch being circulated does.
> 
> Currently the patch only tells _waiting_ processes to timeout 
> and exit without accepting any new connections.  _Active_ 
> working processes will still _ignore_ the SIGHUP.
> 
> The patch as it sits is _extremely_ safe!
> 
> It probably also does _exactly_ what your vendor's solution 
> requires in order to implement their form of partition load balancing.

Thanks for the explanation of the patch, and you are right...that's exactly
what we need.  
I will go ahead and start a full-court press to get them to adopt it.

Thank you!

-dan

> -- 
> 						Greg A. Woods
> 
> +1 416 218-0098                VE3TCP          RoboHack 
> <woods at robohack.ca>
> Planix, Inc. <woods at planix.com>      Secrets of the Weird 
> <woods at weird.com>
> 


From richw at richw.org  Sat Nov 21 14:34:02 2009
From: richw at richw.org (Rich Wales)
Date: Sat, 21 Nov 2009 11:34:02 -0800
Subject: Cyrus SSL/TLS and StartCom SSL certificates?
Message-ID: <4B0840AA.107@liberation.richw.org>

I'm running Cyrus 2.3.14 on two Ubuntu 9.10 (Karmic) servers.

Recently, I installed new "StartSSL Free" SSL certificates from StartCom
on these servers.  After doing so, I could no longer connect securely to
Cyrus in any mode (imaps, imap + starttls, pop3s, pop3 + starttls) -- the
client sat for a long time before timing out, and the syslog messages
on the server spoke vaguely about "STARTTLS negotiation failed", "Fatal
error: tls_start_servertls() failed", etc.

When I reinstated the older certificates (one purchased from Comodo, and
another self-signed), everything started working fine again.

These same StartCom certificates work just fine with Apache and Postfix,
so I don't think the certs are obviously broken in any way.

The only difference I've been able to identify so far is that the older
SSL certificates were using 1024-bit public keys, but the new certs from
StartCom are using 2048-bit public keys.  Is this a known Cyrus issue?
If so, will upgrading to a newer version of Cyrus fix this problem?  Or
is there a configuration option somewhere that will allow Cyrus 2.3.14
to use SSL certs with 2048-bit public keys?

StartCom doesn't offer SSL certs with 1024-bit public keys, by the way,
so that isn't an option here.

Rich Wales
richw at richw.org

From richw at richw.org  Sat Nov 21 23:01:14 2009
From: richw at richw.org (Rich Wales)
Date: Sat, 21 Nov 2009 20:01:14 -0800
Subject: Cyrus SSL/TLS and StartCom SSL certificates?
In-Reply-To: <4B0840AA.107@liberation.richw.org>
References: <4B0840AA.107@liberation.richw.org>
Message-ID: <4B08B78A.4060907@liberation.richw.org>

It turns out that my earlier problem with a StartCom SSL certificate
was that I was giving Cyrus a PEM file containing not only the
essentials (my server cert, my decrypted private key, and the CA
certs), but containing StartCom's revocation lists (CRL's) as well.

Apache and Postfix don't seem to mind having this extra stuff around,
but apparently Cyrus does.

When I created a new PEM containing only what I really needed, Cyrus
accepted my StartSSL certificate without complaint.

I suppose it might be nice to modify Cyrus's TLS code to accept (and
presumably ignore) CRL info in PEM files -- but this is probably a
"wish list" item and not a "critical bug fix" issue.

Rich Wales
richw at richw.org

From eric at knudstrup.org  Sun Nov 22 00:11:04 2009
From: eric at knudstrup.org (Eric Knudstrup)
Date: Sat, 21 Nov 2009 21:11:04 -0800
Subject: sync_client login?
Message-ID: <4B08C7E8.8070706@knudstrup.org>

I'm having a problem where I'm trying to use the sync server but keep 
getting authentication errors.  If I use cyradm it's fine.
I'm using 2.3.8  (OpenSuSE 10.3) against 2.3.11 (OpenSuSE 11.1).  Any ideas?

Thanks,

Eric



From jukka.huhta at helsinki.fi  Sun Nov 22 08:48:00 2009
From: jukka.huhta at helsinki.fi (Jukka Huhta)
Date: Sun, 22 Nov 2009 15:48:00 +0200 (EET)
Subject: Cyrus SSL/TLS and StartCom SSL certificates?
In-Reply-To: <4B0840AA.107@liberation.richw.org>
References: <4B0840AA.107@liberation.richw.org>
Message-ID: <alpine.LRH.2.00.0911221534320.14594@ruuvi.it.helsinki.fi>

On Sat, 21 Nov 2009, Rich Wales wrote:

> Recently, I installed new "StartSSL Free" SSL certificates from StartCom
> on these servers.  After doing so, I could no longer connect securely to
> Cyrus in any mode (imaps, imap + starttls, pop3s, pop3 + starttls) -- the
> client sat for a long time before timing out, and the syslog messages
> on the server spoke vaguely about "STARTTLS negotiation failed", "Fatal
> error: tls_start_servertls() failed", etc.

I don't know but the symptoms sound familiar (see my previous mail
with the subject line "STARTTLS TLS handshake fails after
ServerKeyExchange").

We tried to debug the problem by adding some logging to both Cyrus'
and OpenSSL's code. The problem may somehow be related to the CA file
reading. (My understanding of OpenSSL is too limited but after all it
all came down to a return value of -1 from BIO_write library call or
something...)

Anyway, removing extra CA's from ca-bundle.crt seems to fix it for us
too.


-Jukka Huhta

From scrappy at hub.org  Sun Nov 22 18:16:57 2009
From: scrappy at hub.org (Marc G. Fournier)
Date: Sun, 22 Nov 2009 19:16:57 -0400 (AST)
Subject: Odd auth issue: Windows 7 + Outlook auth fails
Message-ID: <alpine.BSF.2.00.0911221916380.57398@hub.org>



Okay, I'm running a setup that has worked for years, but my mother just 
upgraded their computer to Windows 7 with a full version of Outlook, and 
can no longer connect ...

So, I logged in via vnc and played around, and I'm getting the most odd 
results ...

If i put her login id as user at hub.org, the servers sees user at org ... but, 
if I do something like user at hub.hub.org, the server sees user at hub.hub.org 
... same if I do something like user at .hub.org, the server sees the whole 
address properly ... its only if I do the proper format of user at hub.org 
does it truncate off the hub. part of it, which doesn't authenticate ...

Everything used to work fine for her, when she was on XP, but I'm really 
having trouble with seeing this as a Win problem when different formats do 
appear to work properly ...

Everything else works fine ..  my iphone connects fine, my alpine client 
works fine ... so as far as I can tell, everything *should* work fine ...

----
Marc G. Fournier                        Hub.Org Hosting Solutions S.A.
scrappy at hub.org                                     http://www.hub.org

Yahoo:yscrappy    Skype: hub.org    ICQ:7615664    MSN:scrappy at hub.org

From dwhite at olp.net  Sun Nov 22 18:43:42 2009
From: dwhite at olp.net (Dan White)
Date: Sun, 22 Nov 2009 17:43:42 -0600
Subject: Odd auth issue: Windows 7 + Outlook auth fails
In-Reply-To: <alpine.BSF.2.00.0911221916380.57398@hub.org>
References: <alpine.BSF.2.00.0911221916380.57398@hub.org>
Message-ID: <20091122234342.GB31119@dan.olp.net>

On 22/11/09?19:16?-0400, Marc G. Fournier wrote:
>Okay, I'm running a setup that has worked for years, but my mother just 
>upgraded their computer to Windows 7 with a full version of Outlook, and 
>can no longer connect ...
>
>So, I logged in via vnc and played around, and I'm getting the most odd 
>results ...
>
>If i put her login id as user at hub.org, the servers sees user at org ... but, 
>if I do something like user at hub.hub.org, the server sees user at hub.hub.org 
>... same if I do something like user at .hub.org, the server sees the whole 
>address properly ... its only if I do the proper format of user at hub.org 
>does it truncate off the hub. part of it, which doesn't authenticate ...
>
>Everything used to work fine for her, when she was on XP, but I'm really 
>having trouble with seeing this as a Win problem when different formats do 
>appear to work properly ...
>
>Everything else works fine ..  my iphone connects fine, my alpine client 
>works fine ... so as far as I can tell, everything *should* work fine ...

IMAP/POP?
Which version of Cyrus SASL and IMAPd are you running?
What does your sasl configuration look like? (grep sasl /etc/imapd.conf)
What are you 'virtudomains' and 'defaultdomain' config items? Verify
that user and user at hub.org are not admin users.

If you suspect Outlook or Cyrus is mucking up the username, use a wire
level capture tool (with ssl/tls temporarily turned off) to find out
exactly who is at fault. 

-- 
Dan White

From nybbles2byte at gmail.com  Mon Nov 23 02:28:48 2009
From: nybbles2byte at gmail.com (Nybbles2Byte)
Date: Sun, 22 Nov 2009 23:28:48 -0800
Subject: Child mailboxes quota question
Message-ID: <710622715.20091122232848@gmail.com>

Hello Cyrus,

Is there any inheritance, or are there limits on child mailboxes based on quotas up the parent chain?

Also, what is the difference between GetQuotaRoot and GetQuota?  I read the RFC but I didn't really pick up a clear distinction.

-- 
Nybbles2Byte                          mailto:nybbles2byte at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20091122/ecf8c5b8/attachment.html