Refresh of Cyrus Murder Frontends
Our Cyrus Murder Configuration works lika a charm now (thanks to Ken again), but one problem is still flying through the air: a Murder frontend server seems only to be synced when it is restarted. Thats weird, since i want a group of users only to use the frontend servers, but after creating a mailbox it only becomes visible when the frontend servers are restarted. Is there a way of doing this without restarting the frontends? I still can allow the users to connect to their 'real' backends, but for a group of users, this is not the way we want to go (since the backends are in a private network segment). TIA -- Bernd --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
no subject
also ich wollte die saslauthd Auth gegen LDAP machen (momentan mysql) Sep 7 21:54:05 gate slapd[1000]: conn=153 fd=21 ACCEPT from IP=127.0.0.1:36884 (IP=0.0.0.0:389) Sep 7 21:54:05 gate slapd[1011]: conn=153 op=0 BIND dn="" method=128 Sep 7 21:54:05 gate slapd[1011]: conn=153 op=0 RESULT tag=97 err=0 text= Sep 7 21:54:05 gate slapd[1011]: conn=153 op=1 SRCH base="dc=schinx,dc=net" scope=2 filter="(uid=ba1020)" Sep 7 21:54:05 gate slapd[1011]: conn=153 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= Sep 7 21:54:05 gate saslauthd[1779]: Entry not found or more than one entries found ((uid=ba1020)). Sep 7 21:54:05 gate saslauthd[1779]: do_auth : auth failure: [user=ba1020] [service=imap] [realm=] [mech=ldap] [reason=Unknown] Sep 7 21:54:05 gate imapd[1814]: badlogin: localhost[127.0.0.1] plaintext ba1020 SASL(-13): authentication failure: checkpass failed den User ba1020 gibt es nur einmal in LDAP mit eindeutiger id kann mir jemand einen Hinweis geben wo es hängt --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Refresh of Cyrus Murder Frontends
Bernd Helmle wrote: Our Cyrus Murder Configuration works lika a charm now (thanks to Ken again), but one problem is still flying through the air: a Murder frontend server seems only to be synced when it is restarted. Thats weird, since i want a group of users only to use the frontend servers, but after creating a mailbox it only becomes visible when the frontend servers are restarted. Is there a way of doing this without restarting the frontends? I still can allow the users to connect to their 'real' backends, but for a group of users, this is not the way we want to go (since the backends are in a private network segment). When a new mailbox is created on a backend server, an entry should also get created on the mupdate master. This should then be propagated to all of the mupdate slaves running on the frontends. Double check your configs and make sure that you have mupdate services (non-master) running on the frontends. -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
SA via spamcheck.py or procmail, spamc and postfix
Hi, Since we want "per user userprefs" (stored in sql) we need to filter our mail with the "User" option passed through to spamd. Since amavis cannot do it's job here (it cannot provide all userpref options in sql), I think that we have two options left while using postfix: - we can define a content-filter that delivers the mail to procmail, where the username is rewritten by a small perl script, the mail is piped through spamc and then fed to postfix again by forking the "sendmail" process with correct parameters; - we can define spamcheck.py as local transport and have it pass the mail through spamd and deliver it directly by lmtp I'm not happy with procmail since it's a resource-eater sometimes, and we also two other processes (the perl script and postfix again), but I'm not sure if I'm happy with spamcheck.py as well - it's python, seems to perform quite nice, but well - although it seems to work fine It's maybe not as mature as procmail in filtering and not an "as proven" method. Any advise? (I'm slightly leaning towards the spamcheck.py solution, since I think it's really ugly how we need several processes for delivery with procmail.) Paul --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
RE: Cyradm - error with db_version. Tested on FC2
Hi 'KL'! > I've read alot of messages regarding the error with > cyrus-imapd cyradm command, and seldom any good replies. > > I've composed a quick workaround tested on Fedora Core 2. [ ... ] > For me, an upgraded Fedora Core 2 installation also caused > this error.. > > I finally found a solution from "Victor" here : > http://asg.web.cmu.edu/archive/message.php?mailbox=archive.inf > o-cyrus&msg=30493 This problem is because cyrus-imapd from fedora was not build agains the latest perl package from fedora... The easiest solution is to rebuild the srpm and the reinstall the cyrus-imapd-perl package... :-) Best, Oliver --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Missing quota
Hi all. I had a working Cyrus IMAP 2.2.8 a couple of weeks ago. That being a test box, I haven't really used it and I was busy setting up AMaViS on it. Now, after two weeks of fiddling, I have AMaViS working, but now Cyrus beltches on me: Sep 8 15:25:16 Papa-Legba lmtpunix[227446]: executed Sep 8 15:25:20 Papa-Legba lmtpunix[227446]: accepted connection Sep 8 15:25:20 Papa-Legba lmtpunix[227446]: lmtp connection preauth'd as postman Sep 8 15:25:20 Papa-Legba lmtpunix[227446]: verify_user(user.nikola) failed: Quota root does not exist "cyradm" also reports this. Mailbox is there and it used to recieve mails. "cyradm" can list it no problem. What is the (hopefully) quick fix for this? Blowing away all mailboxes (all two of them) is acceptable at this stage. I do notice that quota DB file is missing - it did not get created automagically, like all other DB files. parts of imapd.conf file: # # Server settings # configdirectory:/var/opt/Cyrus-IMAP-2.2.8/config umask: 077 defaultpartition: default partition-default: /var/opt/Cyrus-IMAP-2.2.8/mailboxes # # Databases # berkeley_cachesize: 512 berkeley_locks_max: 5 berkeley_txns_max: 100 annotation_db: skiplist duplicate_db: berkeley-nosync mboxlist_db:skiplist quota_db: quotalegacy # ptscache_db: berkeley seenstate_db: skiplist subscription_db:flat tlscache_db:berkeley-nosync # # Quota # quotawarn: 90 quotawarnkb:0 This is the config and spool area: Papa-Legba:/# l /var/opt/Cyrus-IMAP-2.2.8 total 32 drwx-- 10 cyrusmail8192 Sep 8 15:19 config drwx-- 5 cyrusmail8192 Aug 28 15:51 mailboxes drwx-- 2 cyrusmail8192 Aug 27 18:16 sieve drwxr-x--- 2 cyrusmail8192 Sep 8 14:52 socket Papa-Legba:/# l /var/opt/Cyrus-IMAP-2.2.8/config total 98 -rw--- 1 cyrusmail 144 Aug 28 15:49 annotations.db drwx-- 2 root mail8192 Aug 27 18:16 certs drwx-- 2 cyrusmail8192 Aug 28 15:49 db drwx-- 2 cyrusmail8192 Sep 8 15:19 db.backup1 drwx-- 2 cyrusmail8192 Sep 8 14:49 db.backup2 -rw--- 1 cyrusmail 16384 Sep 8 15:19 deliver.db drwx-- 2 cyrusmail8192 Aug 27 18:16 log -rw--- 1 cyrusmail 504 Aug 28 15:51 mailboxes.db drwx-- 2 cyrusmail8192 Aug 27 18:16 msg drwx-- 2 cyrusmail8192 Sep 8 15:23 proc drwx-- 2 cyrusmail8192 Aug 27 18:16 ptclient lrwxr-xr-x 1 root mail 9 Aug 27 18:16 socket -> ../socket -rw--- 1 cyrusmail 16384 Sep 8 04:19 tls_sessions.db Nix. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyradm - error with db_version. Tested on FC2
>> For me, an upgraded Fedora Core 2 installation also caused >> this error.. >> >> I finally found a solution from "Victor" here : >> http://asg.web.cmu.edu/archive/message.php?mailbox=archive.inf >> o-cyrus&msg=30493 > > This problem is because cyrus-imapd from fedora was not build agains the > latest perl package from fedora... > > The easiest solution is to rebuild the srpm and the reinstall the > cyrus-imapd-perl package... :-) Thanks Olivier ! I tried that now, and now I've got it the 'right' way. Cheers, Kjetil --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Migrating from courier to cyrus
Christiano Anderson wrote: Hello, I am trying to migrate a server with 10K accounts under courier Imapd to Cyrus. I have got the imapmigrate from http://sourceforge.net/projects/cyrus-utils/, but while I start the script, it creates only empty folders. No messages are migrated to Cyrus. I tried the debug mode, I made many changes to imapmigrate script, but I still couldn't get the old courier messages to cyrus. Does anyone know what is wrong or can recommend any other migration tool? Thanks for any help Christiano --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html I am attempting the same project. I was looking at ImapSync and also just drag and dropping from thunderbird. I noticed that Cyrus rejects any email with "invalid header" if the message has "From " (from_line) as the first line. From my brief googling it appears the "From " thing looks to be/have been a standard Unix thing and procmail seems to append this into the message also. Probably why I couldn't get postfix/procmail working with Cyrus, but that made me discover what sieve is. ;-) I wonder if there some kind of switch in a conf file to make Cyrus accept "From " as a valid header? This would make the migration much easier. If not I will have to remove the "From " line in messages that have it. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
cyrus messages format
Hi, I have read in the documentation of cyrus that message files in each mailboxes is the message's UID followed by a dot (.) when I look into one of my mailboxes I see files like: 45. 46. . it is normal ? or should I have another kind of numbering ? (when I delete all my files , and receive a new mail , the number will be 47 and not 0 ) Thank you for your help Best Regards Patrice --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Migrating from courier to cyrus
> Christiano Anderson wrote: > > > Hello, > > > > I am trying to migrate a server with 10K accounts under courier Imapd > > to Cyrus. I have got the imapmigrate from > > http://sourceforge.net/projects/cyrus-utils/, but while I start the > > script, it creates only empty folders. No messages are migrated to > > Cyrus. Can you comment some thoughts on what make you to change from courier to cyrus ? Regards, mike --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Migrating from courier to cyrus
Maykel Moya wrote: Christiano Anderson wrote: Hello, I am trying to migrate a server with 10K accounts under courier Imapd to Cyrus. I have got the imapmigrate from http://sourceforge.net/projects/cyrus-utils/, but while I start the script, it creates only empty folders. No messages are migrated to Cyrus. Can you comment some thoughts on what make you to change from courier to cyrus ? For me, the driving force is that most of the groupware products (Kolab, etc.) require it. It appears that the shared folders in Cyrus, is what Cyrus does better than most of the other IMAP servers. I could never get courier's shared folders to work consistently with all the users. I sure hope it works better in Cyrus. On the other hand, I personally like the Maildir's of courier rather than Cyrus and courier has been very reliable with many concurrent users and large email accounts. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Not a bytecode file
Hello, I have a Problem with the Cyrus SIEVE. The SIEVE-Scripts are in the user homes (e.g. /home/mailings/.sieve) But this script will not work. If a mail comes I get something like that in /var/log/messages: --- snip --- Sep 8 20:53:49 lion lmtpunix[31676]: sieve runtime error for mailings id <[EMAIL PROTECTED]>: Not a bytecode file Sep 8 20:53:49 lion lmtpunix[31676]: duplicate_check: <[EMAIL PROTECTED]> user.mailings0 Sep 8 20:53:49 lion lmtpunix[31676]: mystore: starting txn 2147483659 Sep 8 20:53:49 lion lmtpunix[31676]: mystore: committing txn 2147483659 Sep 8 20:53:49 lion lmtpunix[31676]: duplicate_mark: <[EMAIL PROTECTED]> user.mailings1094669629 349 --- snap --- And the Mail will not be filtered. How comes this? Regards Bastian --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Not a bytecode file
On Wed, 8 Sep 2004, Bastian Schern wrote: Hello, I have a Problem with the Cyrus SIEVE. The SIEVE-Scripts are in the user homes (e.g. /home/mailings/.sieve) But this script will not work. If a mail comes I get something like that in /var/log/messages: --- snip --- Sep 8 20:53:49 lion lmtpunix[31676]: sieve runtime error for mailings id <[EMAIL PROTECTED]>: Not a bytecode file Look here: http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=31144 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus messages format
Patrice wrote: Hi, I have read in the documentation of cyrus that message files in each mailboxes is the message's UID followed by a dot (.) when I look into one of my mailboxes I see files like: 45. 46. . it is normal ? Yes. or should I have another kind of numbering ? No. (when I delete all my files , and receive a new mail , the number will be 47 and not 0 ) Correct. Read RFC 3501 is you want to know why. -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Missing quota
Nikola Milutinovic wrote: Hi all. I had a working Cyrus IMAP 2.2.8 a couple of weeks ago. That being a test box, I haven't really used it and I was busy setting up AMaViS on it. Now, after two weeks of fiddling, I have AMaViS working, but now Cyrus beltches on me: Sep 8 15:25:16 Papa-Legba lmtpunix[227446]: executed Sep 8 15:25:20 Papa-Legba lmtpunix[227446]: accepted connection Sep 8 15:25:20 Papa-Legba lmtpunix[227446]: lmtp connection preauth'd as postman Sep 8 15:25:20 Papa-Legba lmtpunix[227446]: verify_user(user.nikola) failed: Quota root does not exist "cyradm" also reports this. Mailbox is there and it used to recieve mails. "cyradm" can list it no problem. What is the (hopefully) quick fix for this? Blowing away all mailboxes (all two of them) is acceptable at this stage. I do notice that quota DB file is missing - it did not get created automagically, like all other DB files. Somehow you have a quotaroot set on the mailbox (the quotaroot is listed in cyrus.header of the mailbox), but the quotaroot file doesn't exist (there isn't even a /var/opt/Cyrus-IMAP-2.2.8/config/quota directory). Try running: quota -f user.nikola -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Migrating from courier to cyrus
Gerald Drouillard wrote: Maykel Moya wrote: Christiano Anderson wrote: Hello, I am trying to migrate a server with 10K accounts under courier Imapd to Cyrus. I have got the imapmigrate from http://sourceforge.net/projects/cyrus-utils/, but while I start the script, it creates only empty folders. No messages are migrated to Cyrus. Can you comment some thoughts on what make you to change from courier to cyrus ? For me, the driving force is that most of the groupware products (Kolab, etc.) require it. It appears that the shared folders in Cyrus, is what Cyrus does better than most of the other IMAP servers. I could never get courier's shared folders to work consistently with all the users. I sure hope it works better in Cyrus. On the other hand, I personally like the Maildir's of courier rather than Cyrus and courier has been very reliable with many concurrent users and large email accounts. The main reason *should* be that Courier isn't IMAP compliant (its IMAP-like, but not complaint per RFC 3501), and the author has no intention of making it so. There are plenty of threads on mailing lists and newsgroups which discuss this. -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
What has to be restarted when the certificate changes?
When the SSL certificate is about to expire and has to be replaced, is it necessary to restart the Cyrus IMAP server. There will be new private key and server certificate files. In case it matters, I'm running cyrus-imapd-2.1.14 with cyrus-sasl-2.1.18. -- -Gary Mills--Unix Support--U of M Academic Computing and Networking- --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus, NFS and mail spools
Ken Murchison wrote: >As far as I'm concerned, NFS still is not an option for Cyrus for all of >the reasons that have been outlined in the past. Cyrus 2.3 *might* work >with NFS, but I'm not making any guarantees. For what it's worth, we've been running Cyrus 2.1 in production on NFS for about a year now. Approximately six Cyrus instances running under Solaris share a high-availability NetApp filler, shifting about 1TB of mail per week without problem. We had to make a few small modifications to Cyrus. I think these have all been discussed on the list at some time - things like not holding files open across rmdir calls. I would suggest the specific combination of NFS client and NFS server was important - I doubt any other combination would have been as successful. One important detail - we are using local locking (undocumented NFS mount option "llock"). When network locking is enabled (default), the Solaris NFS client disables all client-side caching of locked files, which results in excessive I/O rates. Using "llock" allows client-side caching of locked files, but makes it absolutely critical that only one Cyrus instance accesses a given volume at any time, and we go to great lengths to ensure this is the case. I'm not sure we would make the same choice again, but when project was initiated SANs were not mature enough, and we had extensive experience in running the Solaris/NetApp combination in demanding applications (among other things, a very busy multi-terabyte Oracle instance). -- Andrew McNamara, Senior Developer, Object Craft http://www.object-craft.com.au/ --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus, NFS and mail spools
Andrew McNamara wrote: Ken Murchison wrote: [snip] We had to make a few small modifications to Cyrus. I think these have all been discussed on the list at some time - things like not holding files open across rmdir calls. Could you elaborate more on this? I would suggest the specific combination of NFS client and NFS server was important - I doubt any other combination would have been as successful. One important detail - we are using local locking (undocumented NFS mount option "llock"). When network locking is enabled (default), the Solaris NFS client disables all client-side caching of locked files, which results in excessive I/O rates. Using "llock" allows client-side caching of locked files, but makes it absolutely critical that only one Cyrus instance accesses a given volume at any time, and we go to great lengths to ensure this is the case. I'm not sure we would make the same choice again, but when project was initiated SANs were not mature enough, and we had extensive experience in running the Solaris/NetApp combination in demanding applications (among other things, a very busy multi-terabyte Oracle instance). --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
