cyrus problems -- deliver exits with 65/75

Mike Eldridge diz at
Sun Apr 20 00:11:58 EDT 2003

i'm having some issues with a sendmail->procmail->cyrus setup.

my experience with cyrus is extremely limited; i'm being baptized by
fire, so to speak.

deliver craps out when delivering a message with EX_TEMPFAIL (75).  no
error message whatsoever.

i caught a message in the archives regarding the 'p' flag on mailboxes
that allow deliveries from apps such as procmail.  however, i can't get
cyradm to do *anything*, and i have no idea how it's supposed to work.
the info-cyrus archives haven't turned up anything.

i glanced at the mailboxes file to see if they are set in there and they
are.  the 'p' flag is already set, so it doesn't appear that is the
problem.  however, read on:

when attempting to connect to the server, it just sits there.
cyrusmaster is runnning (assuming that's what cyradm connects to), as
well as sslauthd.  sslauthd is configured to use sslauthd for
authentication against the shadow file.

i've upgraded this system from cyrus-1.5.19 to cyrus-2.1.11, so quite a
few things have changed.  i've converted the mailboxes file to db3
format, and the user spools are now in a one-level hashed directory tree
(though i did not use the utilities to do this -- i do hope there's
nothing special behind the directory hashing).  all permissions are set
to cyrus:mail.

some information follows:


    # $Header: /home/cvsroot/gentoo-x86/net-mail/cyrus-imapd/files/imapd_2.conf,v 1.1 2002/10/11 14:51:49 raker Exp $
    # Don't forget to use chattr +S (if you are using ext[23]) 
    # when you change these directories (read the docs).
    configdirectory:        /var/imap
    partition-default:      /var/spool/imap
    sievedir:               /var/imap/sieve

    tls_cert_file:          /etc/cyrusimapd/server.crt
    tls_key_file:           /etc/cyrusimapd/server.key

    # Don't use an everyday user as admin.
    admins:                 cyrus cyrusadmin

    hashimapspool:          yes
    allowanonymouslogin:    no
    allowplaintext:         no

    reject8bit:             no

    # Use this if sieve-scripts could be in ~user/.sieve.
    #sieveusehomedir:       yes

    # Use saslauthd if you want to use pam for imap.
    # But be warned: login with DIGEST-MD5 or CRAM-MD5 
    # is not possible using pam.
    sasl_pwcheck_method:    saslauthd


    # $Header: /home/cvsroot/gentoo-x86/net-mail/cyrus-imapd/files/cyrus_2.conf,v 1.1 2002/10/11 14:51:49 raker Exp $

    # standard standalone server implementation

    START {
        # do not delete this entry!
        recover       cmd="ctl_cyrusdb -r"

        # this is only necessary if using idled for IMAP IDLE
        #  idled                cmd="idled"

    # UNIX sockets start with a slash and are put into /var/imap/socket
        # add or remove based on preferences
        imap          cmd="imapd" listen="imap2" prefork=0
        pop3          cmd="pop3d" listen="pop-3" prefork=0
        # Don't forget to generate the needed keys for SSL or TLS
        # (see doc/html/install-configure.html)
        imaps         cmd="imapd -s" listen="imaps" prefork=0
        pop3s         cmd="pop3d -s" listen="pop3s" prefork=0
        sieve         cmd="timsieved" listen="sieve" prefork=0

        # at least one LMTP is required for delivery
        #  lmtp         cmd="lmtpd" listen="lmtp" prefork=0
        lmtpunix      cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0

        # this is only necessary if using notifications
        #  notify       cmd="notifyd" listen="/var/imap/socket/notify"
        #  proto="udp" prefork=1

        # this is required
        checkpoint    cmd="ctl_cyrusdb -c" period=30

        # this is only necessary if using duplicate delivery suppression
        delprune      cmd="ctl_deliver -E 3" period=1440

        # this is only necessary if caching TLS sessions
        tlsprune      cmd="tls_prune" period=1440

cyrus-specific procmail action:

    | formail -I "From " | $CYRDELIVER -a $CYUSER $CYUSER

deliver exists with EX_TEMPFAIL in cases where i pipe a simple test
message to procmail or directly to deliver, so the sendmail
configuration shouldn't be relevant.

cyradm sits there for a *long* time before timing out with this message:

    server: localhost: cannot authenticate

i can't trace cyrumaster because i'm getting EPERM (linux-2.4.20):

    trace: ptrace(PTRACE_SYSCALL, ...): Operation not permitted
    detach: ptrace(PTRACE_DETACH, ...): Operation not permitted

when tracing deliver, i get "451 4.3.0 System I/O error":

    socket(PF_UNIX, SOCK_STREAM, 0)         = 3
    connect(3, {sin_family=AF_UNIX, path="/var/imap/socket/lmtp"}, 24) = 0
    brk(0x8070000)                          = 0x8070000
    brk(0x8071000)                          = 0x8071000
    read(3, "220 L"..., 4096) = 57
    select(4, [3], NULL, NULL, {0, 0})      = 0 (Timeout)
    write(3, "LHLO\r"..., 33) = 33
    read(3, "\r\n"..., 4096) = 133
    select(4, [3], NULL, NULL, {0, 0})      = 0 (Timeout)
    write(3, "RSET\r\n", 6)                 = 6
    read(3, "250 2.0.0 ok\r\n", 4096)       = 14
    select(4, [3], NULL, NULL, {0, 0})      = 0 (Timeout)
    write(3, "MAIL FROM:<root> AUTH=<>\r\n", 26) = 26
    read(3, "250 2.1.0 ok\r\n", 4096)       = 14
    select(4, [3], NULL, NULL, {0, 0})      = 0 (Timeout)
    write(3, "RCPT TO:<allen+allen>\r\n", 23) = 23
    read(3, "451 4.3.0 System I/O error\r\n", 4096) = 28
    select(4, [3], NULL, NULL, {0, 0})      = 0 (Timeout)
    write(3, "QUIT\r\n", 6)                 = 6
    read(3, "221 2.0.0 bye\r\n", 4096)      = 15
    close(3)                                = 0
    _exit(75)                               = ?

previously, i was getting "554 5.0.0 Unexpected internal error" per this
syscall as reported by strace:

    read(3, "554 5.0.0 Unexpected internal er"..., 4096) = 37

deliver consistently exits with codes 65 and 75.  the exit code is
seemingly random, as i've experienced both when changing nothing.

cyrusmaster -D offers *no* output whatsoever.

if anyone has any ideas, i'm open to suggestions.  btw, it should be
mentioned that the package was installed via the gentoo linux portage



You must be ready to accept the possibility that there is a limitless
range of awareness for which we now have no words; that awareness can
expand beyond range of your ego, your self, your familiar identity,
beyond everything you have learned, beyond your notions of space and
time, beyond the differences which usually separate people from each
other and from the world around them.

            -- tim leary, "the psychadelic experience"

More information about the Info-cyrus mailing list