I'm running Squatter trying to prune my indexes and see if it helps with
performance. Let's face it, that's hard. Cyrus runs SWELL on this Ultra
Sparc 5.
But Squatter seems to have problems with HTML encoded mail.
I've gdb'd it and here is the trace and i hope this helps.
$ gdb /usr/cyrus/b
Birger Toedtmann schrieb:
>
> Mathias Koerber schrieb am Thu, Apr 11, 2002 at 12:35:46PM +0800:
> > I have only problems getting IMAPD-2.1.3 to work on my RH7.2 system.
> >
> > I removed all prior instances I had compiled and totally re-made
> > both SASLv2 (2.1.2) and IMAPD 2.1.3 (from the sourc
Hi,
I suggest you take my RPMs at http://home.teleport.ch/simix/ as a
starting point. They should build and run out of the box, using PAM for
auth. It is easier to upgrade/modify a running system than to get it
work for the first time.
-Simon
Mathias Koerber schrieb:
>
> I just installed SASL-
Mathias Koerber schrieb am Thu, Apr 11, 2002 at 12:35:46PM +0800:
> I have only problems getting IMAPD-2.1.3 to work on my RH7.2 system.
>
> I removed all prior instances I had compiled and totally re-made
> both SASLv2 (2.1.2) and IMAPD 2.1.3 (from the source RPMS announced
[...]
> sasl_pw
I have only problems getting IMAPD-2.1.3 to work on my RH7.2 system.
I removed all prior instances I had compiled and totally re-made
both SASLv2 (2.1.2) and IMAPD 2.1.3 (from the source RPMS announced
here a few days ago, with the single modification that I configure
cyrus-imapd with
--w
I just installed SASL-2.1.2 and IMAPD-2.1.3 from the source RPMS which
were mentioned here yesterday on my RH-7.2 system..
(I had to modify the IMAPD SPEC file somewhat to avoid configure
complaining about missing des libraries (where can I get those??)
# cd /usr/src/redhat/SRPMS
Hi,
What is the correct way to shutdown cyrus imap service? I'm starting
with '/usr/cyrus/bin/master &' and shutdown using 'pkill master'. Is
this correct.
Is there a more graceful way to start/stop cyrus?
--Kervin
--
http://linuxquestions.org/ - Ask linux questions, give linux help.
http
On Wed, 2002-04-10 at 21:59, Dustin Puryear wrote:
> Any help on this one? We are quite stumped. At this point our only other
> option is to drop Cyrus, which we'd rather not do.
>
What is the quota of the users ???
--
Simon
Any help on this one? We are quite stumped. At this point our only other
option is to drop Cyrus, which we'd rather not do.
At 10:49 PM 4/9/2002 -0500, you wrote:
>I have a rather peculiar problem. I am running Cyrus 2.0.16_1 under
>FreeBSD along with Postfix. Every seems to run fine EXCEPT tha
On Wed, 10 Apr 2002, Lawrence Greenfield wrote:
> We currently use the PTS database from AFS. It would be cool to write
> an auth_ldap backend for Cyrus, but we haven't gotten the time to do
> it. (A seperate process like ptloader is probably the way to go.)
Do you have any documenation? I'd
On Wed, 10 Apr 2002, Igor Brezac wrote:
> True. However, in most cases userPassword in LDAP is of
> {(crypt|sha|md5)}xx format. It appears that cmusaslsecretPLAIN takes
> md5 password only.
Yes. It is.
> As you suggested below, a possibly better approach would be to develop a
> saslauthd
Hello,
You did not mention which version of the IMAP server you are running.
If its an older one it may not understand the STARTTLs command that
an SSL'ed connection will probably use. I've had a couple of Outlook
users have this problem with our current production server, but the
newer version (
FYI
>>>cyrus unix - n n - - pipe
>>> user=cyrus argv=/usr/cyrus/bin/deliver -r ${sender} -m ${extension}
>>>${user}
>>>
>>>-Hein
>>>
>>>
>>
>>This ends up with:
>>
>>test postfix/pipe[10454]: 458C5D9DA1: to=<[EMAIL PROTECTED]>,
>>relay=cyrus, delay=418, s
From: "Tim Pushor" <[EMAIL PROTECTED]>
Date: Wed, 10 Apr 2002 10:35:39 -0600
While we're on the subject of SASL and authorization/authentication, if
Cyrus IMAP has abstracted authentication through SASL, why is the group ACL
still handled locally (in Cyrus) via UNIX groups or Kerbe
On Wed, 10 Apr 2002, Rob Siemborski wrote:
> On Wed, 10 Apr 2002, Igor Brezac wrote:
>
> > Auxprop has to return a clear text password unless you make neccessary
> > changes to lib/checkpw.c.
>
> I don't agree, auxprop_verify_password() will take either a userPassword
> (plaintext) or a cmusaslse
Hi folks.
I am currently testing a postfix/cyrus-2.1.3 combination to find the
best installation option for a >50 mailbox system.
I am experiencing heavy i/o from the seen-db files.
Although I can split the i/o from mailboxes using paritions to
different disks, all the seen-db's go to one
On Wed, 10 Apr 2002, Igor Brezac wrote:
> Auxprop has to return a clear text password unless you make neccessary
> changes to lib/checkpw.c.
I don't agree, auxprop_verify_password() will take either a userPassword
(plaintext) or a cmusaslsecretPLAIN.
> It would be nicer if auxprop would simply
On 10 Apr 2002, simon wrote:
> userPassword and cmusaslsecret(what ever) .
> So for all those people who might want to use this they just need
> to set a property in ldap or mysql of cmusaslsecret(MECHNAME) (in case
> of mysql you %p the select statement to make sure it gets the correct
> thing).
While we're on the subject of SASL and authorization/authentication, if
Cyrus IMAP has abstracted authentication through SASL, why is the group ACL
still handled locally (in Cyrus) via UNIX groups or Kerberos?
I would really like to base group ACL's on the same scheme that
authentication is using
O
> Most of the mechanisms that can take plaintext passwords can also take the
> hashes, the problem is that the type of hash they need varies based on
> mechanism.
>
> This is, by the way, how the database conversion works.
>
> So, any auxprop plugin that can return either a hash of the correct
On 10 Apr 2002, simon wrote:
> I dont see how this would work ? An auxprop plugin gets a username/
> realm and a list of properties to return ? Are you saying it should
> return the password encrypted and then use a patch like someone did
> a couple of weeks ago. Or is there some other way for a
On 10 Apr 2002, simon wrote:
> I dont see how this would work ? An auxprop plugin gets a username/
> realm and a list of properties to return ? Are you saying it should
> return the password encrypted and then use a patch like someone did
> a couple of weeks ago. Or is there some other way for an
> > form). That means if anyone ever gets access to your sasldb, you are
> > hosed. Not true for an LDAP database, stores passwords in hashed form.
>
> There is no requirement in SASL that says that passwords must be stored in
> cleartext. Yes, it is true that libsasl's sasldb does so, however
On Wed, 10 Apr 2002, David Wright wrote:
> Since there is such as SASL love-fest going on here, allow me to chime
> in with my dissenting viewpoint. SASL adds nothing but an annoying
> dependency to LDAP. No, I take that back, it also adds a security hole.
SASL does not in any way force the addi
This message took so long to appear, I was hoping it would not :)
On Mon, 08 Apr 2002, Henrique de Moraes Holschuh wrote:
> Right now, in master/README (CVS head), the notifyd entry reads:
> # notify cmd="notifyd" listen="/notify" proto="udp" prefork=1
>
> Is that correct? proto="udp" wit
Hello all,
It seems as though INBOX just drops my connection to it without warning.
Background:
I upgraded from 1.6x IMAP to 2.1.2 and now INBOX is not happy with me.
It just drops my connection to it without warning... no autologout or anything
just drops it.
Any insight? Where there settin
oops...I should pay more attention to where I paste stuff...see Birger's
response.
Galen Johnson wrote:
> I read this as:
> cyrus unix - n n - - pipe
> flags= user=cyrus argv=/usr/cyrus/bin/deliver -e -m -r ${sender}
> ${extension} ${user}
>
> but I haven't
On Wed, 10 Apr 2002, Birger Toedtmann wrote:
> > This means the exaxt line in /etc/postfix/master.cf looks like this?
> >
> > cyrus unix - n n - - pipe
> > flags=R -r ${sender} user=cyrus argv=/usr/cyrus/bin/deliver -e -m
> > ${extension} ${user}
>
> No, rea
Luc de Louw schrieb am Wed, Apr 10, 2002 at 02:41:39PM +0200:
> On 10 Apr 2002, Hein Roehrig wrote:
>
> > The following message is a courtesy copy of an article
> > that has been posted to comp.mail.imap as well.
> >
> > Hein Roehrig <[EMAIL PROTECTED]> writes in comp.mail.imap:
> >
> > > I also
On 10 Apr 2002, Hein Roehrig wrote:
> > This means the exaxt line in /etc/postfix/master.cf looks like this?
> >
> > cyrus unix - n n - - pipe
> > flags=R -r ${sender} user=cyrus argv=/usr/cyrus/bin/deliver -e -m
> > ${extension} ${user}
>
> cyrus unix -
I read this as:
cyrus unix - n n - - pipe
flags= user=cyrus argv=/usr/cyrus/bin/deliver -e -m -r ${sender}
${extension} ${user}
but I haven't actually tried it...
Luc de Louw wrote:
> On 10 Apr 2002, Hein Roehrig wrote:
>
>
>>The following message is a co
> This means the exaxt line in /etc/postfix/master.cf looks like this?
>
> cyrus unix - n n - - pipe
> flags=R -r ${sender} user=cyrus argv=/usr/cyrus/bin/deliver -e -m
> ${extension} ${user}
cyrus unix - n n - - pipe
user
On 10 Apr 2002, Hein Roehrig wrote:
> The following message is a courtesy copy of an article
> that has been posted to comp.mail.imap as well.
>
> Hein Roehrig <[EMAIL PROTECTED]> writes in comp.mail.imap:
>
> > I also get bitten by this problem (on Cyrus 2.1.3.)
>
> Ok, I resolved the problem by
Kervin Pierre schrieb:
>
> Michael Bartosh wrote:
>
> > At 7:52 AM +0200 4/10/02, Birger Toedtmann wrote:
> >
> > In practice, most LDAP implementations don't have great authentication
> > mechanisms without sasl. You can always use TLS, and probably should,
> > anyway, but that's not the p
The following message is a courtesy copy of an article
that has been posted to comp.mail.imap as well.
Hein Roehrig <[EMAIL PROTECTED]> writes in comp.mail.imap:
> I also get bitten by this problem (on Cyrus 2.1.3.)
Ok, I resolved the problem by 1) telling postfix not to put a
Return-path (drop
On Wed, 2002-04-10 at 12:16, Russell Packer wrote:
> I'm getting these (error?) messages in the imapd.log:
>
> Apr 10 09:01:06 mailserver imapd[1045]: SQUAT failed
> Apr 10 09:01:06 mailserver imapd[1045]: SQUAT failed to open index file
Somebody did a full-text search and Cyrus checked (and did
> The following message is a courtesy copy of an article
> that has been posted to comp.mail.imap as well.
>
> "Eric A. Hall" <[EMAIL PROTECTED]> writes in comp.mail.imap:
> [...]
> > >From: "Eric A. Hall" <[EMAIL PROTECTED]>
> > > Return-Path: <[EMAIL PROTECTED]><--- extra!
> > >
Hi,
I'm getting these (error?) messages in the imapd.log:
Apr 10 09:01:06 mailserver imapd[1045]: SQUAT failed
Apr 10 09:01:06 mailserver imapd[1045]: SQUAT failed to open index file
I can't find any information on SQUAT, making it a little tricky to figure
out what is going on. Any help much a
The following message is a courtesy copy of an article
that has been posted to comp.mail.imap as well.
"Eric A. Hall" <[EMAIL PROTECTED]> writes in comp.mail.imap:
[...]
> >From: "Eric A. Hall" <[EMAIL PROTECTED]>
> > Return-Path: <[EMAIL PROTECTED]><--- extra!
> > Return-Path:
At 1:56 AM -0700 4/10/02, David Wright wrote:
>>Putting the password over the wire is always a bad idea.
>If there were no downside to challenge-response, I'd agree. But if
>the price is storing my passwords unhashed, I'm not willing to pay
>it. All my sites use MD5 or SHA hashing, which OpenLDA
David Wright schrieb am Wed, Apr 10, 2002 at 01:41:39AM -0700:
[...]
> >So how do we get these toys together if one
> >
> > 1. is going to protect user information based on "by self write" - you
> >first have to see what "self" is! - and
> >
> > 2. has, to faciliate 1., authenticate someone b
Michael Bartosh wrote:
> At 7:52 AM +0200 4/10/02, Birger Toedtmann wrote:
>
> In practice, most LDAP implementations don't have great authentication
> mechanisms without sasl. You can always use TLS, and probably should,
> anyway, but that's not the point. Keeping hashed password in the
>
David Wright schrieb am Wed, Apr 10, 2002 at 01:41:39AM -0700:
>
> >>Finally, Birger, what's "really creative" about
> >>
> >> by self write
> >> by anonymous auth
> >> by * none
> >>
> >>?
> >
> >So how do we get these toys together if one
> >
> > 1. is going to protect user information based o
At 1:13 AM -0700 4/10/02, David Wright wrote:
>Since there is such as SASL love-fest going on here, allow me to
>chime in with my dissenting viewpoint. SASL adds nothing but an
>annoying dependency to LDAP. No, I take that back, it also adds a
>security hole.
>
>Challenge-response mechanisms ha
> Putting the password over the wire is always a bad idea.
If there were no downside to challenge-response, I'd agree. But if the
price is storing my passwords unhashed, I'm not willing to pay it. All
my sites use MD5 or SHA hashing, which OpenLDAP supports.
> Maybe I'm a dork for buying into
Birger Toedtmann schrieb am Wed, Apr 10, 2002 at 10:31:42AM +0200:
[...]
> storing user passwords), LDAP is. So how do we get these toys together
> if one
>
> 1. is going to protect user information based on "by self write" - you
> first have to see what "self" is! - and
>
> 2. has, to
>>Finally, Birger, what's "really creative" about
>>
>> by self write
>> by anonymous auth
>> by * none
>>
>>?
>
> So how do we get these toys together if one
>
> 1. is going to protect user information based on "by self write" - you
> first have to see what "self" is! - and
>
> 2. h
Michael Bartosh schrieb am Wed, Apr 10, 2002 at 01:35:08AM -0600:
[...]
>
> >
> >So I would prefer for SASL doing all authentication requests but fetching
> >information needed from a directory.
>
> That's where I'd (personally) disagree, unless you consider Kerberos
> a directory. I think this
David Wright schrieb am Wed, Apr 10, 2002 at 01:13:37AM -0700:
>
> Since there is such as SASL love-fest going on here, allow me to chime
> in with my dissenting viewpoint. SASL adds nothing but an annoying
> dependency to LDAP. No, I take that back, it also adds a security hole.
>
> Challenge
Since there is such as SASL love-fest going on here, allow me to chime
in with my dissenting viewpoint. SASL adds nothing but an annoying
dependency to LDAP. No, I take that back, it also adds a security hole.
Challenge-response mechanisms have absolutely no advantage over straight
password t
I just installed SASL-2.1.2 and IMAPD-2.1.3 from the source RPMS which
were mentioned here yesterday on my RH-7.2 system..
(I had to modify the IMAPD SPEC file somewhat to avoid configure
complaining about missing des libraries (where can I get those??)
# cd /usr/src/redhat/SRPMS
On 10/04/02 13:48 +0800, Mathias Koerber wrote:
> I'm trying to build Cyrus-IMAP on RedHat 7.2.
>
> It seems that Cyrus by default installs its perl libs under
> /usr/local/lib/...
Pass the -I flag to the perl script.
perl -I /usr/local/lib/ -MCyrus::IMAP -e shell
Devdas Bhagat
On Wed, 2002-04-10 at 07:59, [EMAIL PROTECTED] wrote:
> Anthony Brock schrieb am Tue, Apr 09, 2002 at 11:19:28PM -0700:
> > Where would you find this patch?
>
> Mmmh, maybe my post was a littly fast - I was sure I saw it flying around
> somewhere. However, you may begin with
>
> http://www.s
At 9:25 AM +0200 4/10/02, Birger Toedtmann wrote:
>SASL is a lib for
>
> faciliating authentication mechanisms,
>
>not directly for
>
> storing authentication credentials.
True, although it can store secrets in sasldb, which is what I tend
to use for a lot of projects (most organizations don
I haven't seen a definitive howto here or elsewhere for building
2.0.16 on Mac OS X, so I thought I'd post this for the archives.
I'm using 2.0.16 since the project I'm working on needs OpenLDAP,
which doesn't yet support sasl 2.x.
I used fink (a package manager, for those of you not familiar
Michael Bartosh schrieb am Wed, Apr 10, 2002 at 12:56:31AM -0600:
> At 7:52 AM +0200 4/10/02, Birger Toedtmann wrote:
> >But why not storing *authentication* information (i.e. passwords) in
> >LDAP as well so you don't have to maintain two userbases (one auth"E"
> >in SASLs sasldb and one auth"O"
At 7:52 AM +0200 4/10/02, Birger Toedtmann wrote:
>But why not storing *authentication* information (i.e. passwords) in
>LDAP as well so you don't have to maintain two userbases (one auth"E"
>in SASLs sasldb and one auth"O" in LDAP)?
Because in theory, Directories are better suited for authorizat
Anthony Brock schrieb am Tue, Apr 09, 2002 at 11:19:28PM -0700:
> Where would you find this patch?
Mmmh, maybe my post was a littly fast - I was sure I saw it flying around
somewhere. However, you may begin with
http://www.surf.org.uk/downloads/HIERSEP-r2.patch
but that seems to apply to 2.
59 matches
Mail list logo
