Newbie Cyrus IMAP on Fedora Core 2

Cory D. Wiles cory at
Tue Aug 17 10:32:01 EDT 2004

I spent ALOT of time getting Cyrus IMAP to work on my Fedora Core 2 and it works great now. I documented the steps that one would need to go through to get it to work. I credited those individuals from this mailing list who assisted. If for some reason I did miss someone then just let me know and I'll give you the credit you greatly deserve.

---cut here----
Cyrus IMAP Mail Server Install 2.2.8

Written Primarily by:
Michael Sims <michaels at>
Contributions by:
Cory Wiles <cory at>
Andreas <andreas at>
Cyrus Mailinglist <info-cyrus at>

Install and configure Cyrus IMAP
Installing Cyrus is a two step process.  First we must install the Cyrus SASL 
libraries, which Cyrus IMAP uses for authentication.  Go to the source directory
for Cyrus SASL and do the following:
Shell>./configure --disable-krb4 --disable-gssapi --disable-cram --disable-digest\

>From the Cyrus source directory:
./configure --with-auth=unix --with-perl=/usr/bin/perl\ 
--with-comm_err=/usr/include/et/com_err.h --with-idle=idled\  
--with-mboxlist-db=skiplist --with-seen-db=skiplist --with-duplicate-db=skiplist\ 
Shell>make install
Shell>ln -s /usr/local/lib/sasl2 /usr/lib/sasl2

This last step is necessary because the sasl libraries look for plugins
under /usr/lib/sasl2, not /usr/local/lib/sasl2.
The next step is installing the Cyrus IMAP server itself.:
Shell>make depend
Shell>make all CFLAGS=-O
Shell>make install

Next we need to create a user for the server.  Create a user called "cyrus" and
set it's primary group to "mail". Next create the cyradmin user, with mail as 
the primary group:
You MAY need to create the log files:
Shell>touch /var/log/imapd.log /var/log/auth.log

This may not be necessary, as syslogd may have already created them.
Next create the cyradmin user, with mail as the primary group:
Shell>useradd -g mail cyradmin
Next we have to create the configuration, partition and sieve directories for 

Shell>cd /var
Shell>mkdir imap
Shell>chown cyrus.mail imap/
Shell>chmod 750 imap
Shell>cd /var/spool/
Shell>mkdir imap
Shell>chown cyrus.mail imap/
Shell>chmod 750 imap
Shell>cd /usr/local/
Shell>mkdir sieve
Shell>chown cyrus.mail sieve
chmod 750 sieve
Check to make sure there is a directory called /var/state/saslauthd.  If not, 
create it.  This was done automatically for me once but not the next time I 
installed.  I didn't have the time to research why, but you should be able to 
just create the directory as root and not have any problems.

Next move to the root of the cyrus imapd source directory and do the following:
Shell>su cyrus
To use normal.conf, do: 
Shell>cp master/conf/normal.conf /etc/cyrus.conf

This sets up the directories for use with cyrus.
There is a file in this module under var/imap/db called DB_CONFIG.
It's very important that you place this file in /var/imap/db.  It increases the 
size of the Berkeley DB cache from it's default of 256kb (way too low) to 2MB.  
Optionally, you can edit /etc/cyrus.conf to disable or enabling certain 
services, or to tune the number of preforked copies. Be sure not to remove the 
entries that are labeled required.  Start the service:

Shell>/usr/cyrus/bin/master &
Configuring Sendmail
For Sendmail 8.12.4 and higher, 
use the cyrusv2 mailer definition in the Sendmail distribution:
Shell>vi /etc/mail/

define(`confLOCAL_MAILER', `cyrusv2')

>From your normal account, telnet to the IMAP port on the server you're setting 
Shell>telnet foobar imap

If your server is running, you'll get the following message: 
   Connected to
   Escape character is '^]'.
   * OK Cyrus IMAP4 v2.0.0 server ready

Any message other than one starting with "* OK" means there is a problem. 
To terminate the connection, type ". logout". 
Naturally the version number should match the version you just installed. 
Use "imtest" to test logging in with plaintext passwords:

Shell>/usr/local/bin/imtest -m login foobar

If you want to specify a different user, do:

Shell>/usr/local/bin/imtest -m login -a USER foobar

If your server is running, you'll get the following message: 
   % /usr/local/bin/imtest -m login foobar
   S: * OK Cyrus IMAP4 v2.0.0 server ready
   S: C01 OK Completed
   + go ahead
   L01 OK User logged in
   Security strength factor: 0

Any message other than one starting with a "L01 OK" means there is a problem. 
If the test fails, a more specific error message should be written through 
syslog to the server log. To terminate the connection, type ". logout". 

Making Cyrus Start On Boot

Unfortunately, Cyrus doesn't come with a SYSV init script. But that's ok, we can
make one easily enough. Create a file called /etc/init.d/cyrus, and make it look
something like this:
On the inital installation you ran:
shell>/usr/cyrus/bin/master &
The process is already running so you will get an error if you run the startup
shell script right away. If you want to test and see if it works then run
shell>kill `cat /var/run/`
shell>rm /var/run/
Then test your script
shell>/etc/init.d/cyrus start

# This script starts, stops, or restarts the
# Cyrus master.
# It was written by Phil Dibowitz
case "$1" in
                echo -n "Starting Cyrus IMAPd..."
                /usr/cyrus/bin/master &
                echo $! > /var/run/
                echo "done"
                echo -n "Stopping Cyrus IMAPd..."
                if [ -e /var/run/ ] ; then
                        kill `cat /var/run/`
                        rm /var/run/
                        echo "done"
                        echo "Sorry, can't find PID file, is it running?"
                $0 stop
                sleep 2
                $0 start
                echo "Usage: $0 {start|stop|restart}"

NOTE WELL: If you use postfix stop/restart will KILL postfix! You either need 
to modify this script, OR rename the postfix 'master' to 'pf_master' 
(or something like that), and change postfix's initscript, or some combination 

So now you have an init script, lets make it active. Assuming your default 
runleve is 3, do:
cd /etc/rc3.d
ln -s ../init.d/cyrus S95cyrus

Before you proceed to creating the mailboxes you need to make sure that you have 
sendmail, saslauthd, and cyrus running.
shell>ps -e | grep sendmail
26872 ?        00:00:00 sendmail
26881 ?        00:00:00 sendmail
shell>ps -e | grep saslauthd
26678 ?        00:00:00 saslauthd
26681 ?        00:00:00 saslauthd
26682 ?        00:00:00 saslauthd
26683 ?        00:00:00 saslauthd
26684 ?        00:00:00 saslauthd
shell>ps -e | grep master
26700 ?        00:00:00 master

If you do not see the processes then you need to start them. Once you have 
verified that they are up and running then want to make sure that you can
login to the cyradm.
shell>cyradm -user adminname localhost
localhost>enter cmd here

The adminname is the name that you have has admin in the /etc/imapd.conf 
file.  Here is an example of my /etc/imapd.conf
--cut here--
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: cyrus
sasl_pwcheck_method: saslauthd
sievedir: /usr/local/sieve
hashimapspool: true
altnamespace: yes
sendmail: /usr/sbin/sendmail
timeout: 90
allowplaintext: yes
--end cut--

It was at this point that I start having trouble. Everytime that I would try
and login to the damn server I would get a Segmentation Fault error. If this
happens check the auth.log and imapd.log. I posted various messages to the
mailinglist and here is the response I got from andreas at

I tried to force the method and got the same error that you received did:
$cyradm --user cyrus --auth DIGEST-MD5 stasis
$cyradm: cannot authenticate to server with DIGEST-MD5 as cyrus
That's because you don't have digest-md5 setup properly. The segfault happens
whenever gssapi comes into play here and is not configured, that is, it fails.

If no mechanisms are specified, cyradm will try several, in order, including
gssapi, where the segfault occurs if gssapi is not configured.

So, to sum things up, you may want to remove the gssapi sasl plugin from your
sistem for now and configure digest-md5 or some other mechanism. To use
digest-md5 is not that hard, basically:
- saslpasswd2 -c <yourname>
- check that /etc/sasldb2 is created
- check permissions on that file: the cyrus-master daemon has to be able to read
To fix this...
shell>/usr/sbin/saslpasswd2 -c cwiles
Password Again:
shell>chmod 644 /etc/sasldb2
That will set the world readable to the file
This might be over kill but it makes sure that all the changes have taken place.
Restart saslauthd, cyrus(master), and sendmail
shell>cyradm --user cyrus --auth DIGEST-MD5 localhost or machinename
localhost>{enter cmd here}
Now you should have logged in and admin the mailboxes. Type help to see the list
of commands.
To create the first mailbox do:
localhost>cm user.username
!!!!You have to proceed the username with 'user.'!!!!

As of the inital installation of the program you MUST login to the cyradm to
create/modify/delete the mailboxes however there is a patch that reads the 
/etc/passwd file and when a user first logins it will create the mailbox.  Here
is the email with detailed information from andreas at
On an unpatched cyrus server, you will have to create the mailbox everytime
for a new user. It has no association with the user in /etc/passwd. However, 
there are external patches available[1] that will automatically create INBOX 
when the user first logs in.

You will only need the user in /etc/passwd if you use ACLs and cyrus
was compiled with --with-auth=unix AFAIK.

--cut here--
I hope this helps. If you find any thing wrong with the file then please edit it and then let me know so that I can make notes on my version.
> Try issuing this command:
> rpm -qa | grep cyrus
> Since I too have the RPM version of Cyrus, my results show up as:
> [root at mail root]# rpm -qa | grep cyrus
> cyrus-sasl-md5-2.1.18-2
> cyrus-sasl-2.1.18-2
> cyrus-imapd-2.2.3-11
> cyrus-imapd-utils-2.2.3-11
> cyrus-sasl-plain-2.1.18-2
> If your results show a "cyrus-imapd" package, try:
> rpm -ql cyrus-imapd
> BTW, my imapd.conf is in /etc/. I'll be glad to help out more if
> needed.
> Andrew
> --
> Systems Administrator
> Georgia Institute of Technology
> Library and Information Center
> 704 Cherry Street
> Atlanta, GA 30332-0900
> On Tue, August 17, 2004 8:27 am, Søren Neigaard said:
> > -----Original Message-----
> > From: Simon Matter [mailto:simon.matter at]
> > Sent: 17. august 2004 14:20
> > To: Søren Neigaard
> > Cc: info-cyrus at
> > Subject: Re: Newbie Cyrus IMAP on Fedora Core 2
> >
> >> Im trying to setup a Cyrus IMAP server following this howto:
> >>
> >>
> >> However Im already stuck on this page:
> >>
> >>
> >> I do not have a /etc/inetd.conf on my Fedora, and I have no idea
> >> where to
> >> add the Cyrus services.
> >>
> >> Is there a better howto I should follow, and can you guys easily
> >> help me
> >> out here?
> >
> >> Check the file /usr/share/doc/cyrus-imapd-[version]/README.RPM
> >> which
> >> should help you to get started.
> >
> > I dont have that file, but i did a find / -name "cyrus-imapd*" and
> > that gave
> > me this:
> >
> > /home/mobile/temp/cyrus-imapd-2.2.8
> > /var/spool/up2date/cyrus-imapd-nntp-2.2.3-11.i386.hdr
> > /var/spool/up2date/cyrus-imapd-murder-2.2.3-11.i386.hdr
> > /var/spool/up2date/cyrus-imapd-utils-2.2.3-11.i386.hdr
> > /var/spool/up2date/cyrus-imapd-devel-2.2.3-11.i386.hdr
> > /var/spool/up2date/cyrus-imapd-2.2.3-11.i386.hdr
> >
> > I wonder if Cyrus was already installed by Fedore? And if so,
> > where should I
> > go looking for help, where would there be any doc/redme?
> >
> > Best regards
> > Søren
> >
> >
> >
> > ---
> > Cyrus Home Page:
> > Cyrus Wiki/FAQ:
> > List Archives/Info:
> >
> >
> --
> Systems Administrator
> Georgia Institute of Technology
> Library and Information Center
> 704 Cherry Street
> Atlanta, GA 30332-0900
> ----------------------------------------------------------------------
>         This email was composed using the GTEL Webmail client.
> The information transmitted is intended only for the person or entity
> to  which  it  is  addressed  and  may  contain  confidential  and/or
> priviledged  material. Any  review, retransmission,  dissemination or
> other  use  of, or  taking  of any  action  in  reliance  upon, this
> information  by persons or entities other than the intended recipient
> is prohibited.
>            Georgia Tech Library and Information Center
> ----------------------------------------------------------------------
> ---
> Cyrus Home Page:
> Cyrus Wiki/FAQ:
> List Archives/Info:

Cyrus Home Page:
Cyrus Wiki/FAQ:
List Archives/Info:

More information about the Info-cyrus mailing list