cyrus-imapd howto - SOLVED! + fetchmail question

Gene Smith gds at chartertn.net
Sun Jan 16 20:45:11 UTC 2005 

Sorry to revive this old thread. See question below.

Florin Andrei wrote, On 06/08/2004 03:58 AM:
 > On Mon, 2004-06-07 at 00:45, Florin Andrei wrote:
 >
 >>When it was more difficult, it worked: months ago, i compiled and
 >>installed Cyrus-IMAPd on FC1 and had no issues with it.
 >>Now, when it's simple, it does not work. On FC2, i can't convince Cyrus
 >>to work. I can create the accounts, but Evo does not read the email
 >>that's delivered.
 >
 >
 > Ok, i got it nailed down.
 >
 > These are the steps required to make it work:
 >
 > 0. Fix saslauthd
 >
 > Edit /etc/sysconfig/saslauthd and change MECH to "pam":
 >
 > MECH=pam
 >
 > Then (re)start saslauthd
 >
 > 1. Install the software
 >
 > [root at weiqi florin]# yum install cyrus-imapd cyrus-imapd-utils
 >
 > (optionally cyrus-imapd-devel)
 >
 > 2. Edit config files
 >
 > In /etc/cyrus.conf i only commented out pop3 and pop3s, since i'm not
 > going to use POP3 with Cyrus.
 > In /etc/imapd.conf i added these lines at the end:
 >
 > unixhierarchysep: 1
 > altnamespace: 1
 > sieve_maxscriptsize: 320
 >
 > The first line allows for Unix-style separators (/) instead of
 > news-style (.). Also the folders are created a bit differently inside
 > the Cyrus spool.
 >
 > Without the second line, all IMAP folders must be created inside Inbox
 > by your mail client. That's weird, so i added the second line which
 > allows to create new folders at the same level as Inbox.
 >
 > On my other Cyrus server, I had to increase the variable on the 3rd line
 > (default is 32) to 320 because i have way too many folders and a lot of
 > Sieve filter rules, so i was hitting the limits.
 >
 > Now verify there is no other IMAP server running, then start
 > cyrus-imapd.
 >
 > 3. Change password to the "cyrus" account
 >
 > [root at weiqi florin]# passwd cyrus
 > Changing password for user cyrus.
 > New UNIX password:
 > Retype new UNIX password:
 > passwd: all authentication tokens updated successfully.
 >
 > 4. Login as "cyrus"
 >
 > [root at weiqi florin]# su - cyrus
 > -bash-2.05b$$ whoami
 > cyrus
 > -bash-2.05b$
 >
 > 5. As the "cyrus" user, create accounts with the cyradm tool
 >
 > Run "cyradm localhost" and provide the password of the account "cyrus".
 >>From now on, you'll do a lot of things at the cyradm prompt.
 >
 > -bash-2.05b$ cyradm localhost
 > IMAP Password: weiqi.home.local>
 > weiqi.home.local> cm user/florin
 >
 > IMPORTANT:
 > This is why it failed before! I used to do "cm user.florin" which is the
 > default Cyrus way, and it failed. Once i did "cm user/florin" instead,
 > it worked.
 >
 > Repeat by replacing "florin" with other account names.
 >
 > All authentication will be done against the Unix user database (IMAP
 > password same as Unix password). That's not required by Cyrus, which can
 > create its own user database; in fact, one could run a Cyrus server with
 > no Unix accounts, just accounts in the Cyrus db; but for that, the auth
 > must be changed from the default.
 > Just for testing purposes, Unix auth is fine.
 >
 > Verify the account creation:
 >
 > weiqi.home.local> lm
 > user/florin (\HasNoChildren)
 >
 > Set permissive ACLs for that account (see "man cyradm" for details):
 >
 > weiqi.home.local> setacl user/florin florin lrswipcd
 >
 > See ACLs that you just set:
 >
 > weiqi.home.local> lam user/florin
 > florin lrswipcd
 >
 > On a production server you might need to restrict those ACLs. The ACL i
 > indicated is almost (but not quite) equal to administrator privileges on
 > that account.
 >
 > 6. Configure Postfix to deliver to Cyrus instead of delivering to
 > /var/spool/mail
 >
 > Edit /etc/postfix/main.cf, look for the section containing
 > mailbox_transport and add this line:
 >
 > mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
 >
 > If this is your "production" server, then just for the duration of the
 > tests comment out "inet_interfaces = all" and uncomment "inet_interfaces
 > = localhost" so that mail coming in from outside is not delivered to
 > your unborn-yet maybe-still-buggy Cyrus server.
 > Restart Postfix.
 >
 > 7. Test
 >
 > [root at weiqi root]# echo test | mail -s test florin at localhost
 >
 > Watch the logs to see if it gets delivered properly.
 > This is where it used to fail for me before. It kept on saying there's
 > no such account ("550-Mailbox unknown"). Once i created the account with
 > "/" instead of ".", the delivery succeeded.
 >
 > Go to /var/spool/imap and poke around and see if you can find the mail
 > files. Cyrus stores each message in its own file, try and find them.
 >
 > Now hook-up an IMAP client to your server and see if you can access the
 > mail. Try it out, create directories, move messages around, etc.

Ok, everything up to this point is working as described in this 
excellent HOWTO. My problem comes in when I try to do a fetchmail from 
my ISP and place the received email directly into the imap mailbox using 
the lmtp unix socket. Here is my ~/.fetchmail:

poll pop.chartertn.net proto pop3 user
         "gds at chartertn.net" password "xxxxxxxxxxxx",
         is "gene" here
	smtphost "/var/lib/imap/socket/lmtp"

When I have a new message on the pop server and I run fetchmail -kv 
from ~ I get the error:
fetchmail: LMTP connect to /var/lib/imap/socket/lmtp failed
Same if I run it as root.

I get the same error if I run lmtptest

So, if I understand it right, postfix accesses the LMTP socket and the 
test mail appears in the imap inbox. But, fetchmail cannot make the same 
connection to lmtp. Is this possibly a privilege problem? I read 
somewhere too about a "lmtpd" that needs to be running. I don't seem to 
have it runing on my system. I do have the postfix master process 
running which is related to lmtpd. But this seem independent of what I 
am trying to get fetchmail to do. Or is it? My understanding is a bit 
fuzzy on this.

Thanks,
-gene



 >
 > 8. Go live
 >
 > Once all is ok, replace "inet_interfaces = localhost" with
 > "inet_interfaces = all" then restart Postfix.
 >
 > 9. Future development
 >
 > One of the strengths of Cyrus is server-side filtering: you can tell it
 > to filter email in folders regardless of the email client: sorting is
 > performed by the server, not by the client.
 > This is accomplished via Sieve. Install Horde/Ingo or another Sieve
 > manager and create your own rules.
 >
 > Another trick:
 > Create shared folders among users, either for collaboration or for other
 > purposes (big unique spam trashcans that get polled by scripts feeding
 > spam into SpamAssassin/sa-learn).
 >
 > That's it.
 >

More information about the users mailing list