Archive for the Cyrus-Imap Category

Enforcing Mailbox Quotas

Posted by Filed Under Cyrus-Imap with Comments Off

One nice feature of cyrus IMAP is that it does support quotas. Quotas are applied on the basis of the mailbox and any sub-mailboxes that do not have quotas. This means that a mailbox can only have or be a part of one quota. When mail arrives the quota is checked to verify that the mail will not cause the quota to be exceeded, THE MAIL WILL STILL BE DELEVERED; however, the user will be notified  they are over the limit. If the mailbox is already over the limit when the mail arrives it will not be accepted.

Cyrus-Utils Command Summary

Posted by Filed Under Cyrus-Imap with Comments Off

The Cyrus IMAP server has a program that is in the cyrus-utils that provides a way to administer the system.   The rpm for cyrus-utils should be installed when the server is installed.  The utils are an important part of the program management.

Command                                   Description
createmailbox, cm                                 Create a mailbox
deleteaclmailbox, dam                           Delete an ACL on a mailbox
deletemailbox, dm                                 Delete a mailbox
help                                                        Help
listaclmailbox, lam                                 List the ACL on mailbox
listmailbox, lm                                       List mailboxes
listquota, lq                                            List quota on root
listquotaroot, lqr,lqm                             List quota roots on mailbox
quit                                                        exit
renamemailbox. renm                           Rename a mailbox
setaclmailbox, sam                               Set an ACL on mailbox
setquota, sq                                          Set quota limits

Cyrus Admin User

Posted by Filed Under Cyrus-Imap with Comments Off

The default admin user is cyrus; however, an additional admin may be needed, or for some reason the default does not work a new admin can be created. Create an admin user name on the system with a password first.  cyrus is the default and will be created when cyrus IMAP is installed. However, a good password must be created, see the example.

# passwd cyrus
Changing password for user cyrus.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
It may be a good idea to create a second admin account as is seen here:
useradd cyrusad
passwd cyrusad

Now create an admin with saslauthd:
Verify sasauthd is started with this command:
service saslauthd status
If the status is off it will need to be started with the command below.
Start saslauthd

Centos
# service saslauthd start
Starting saslauthd:                                        [  OK  ]

Suse or Ubuntu
/etc/init.d/saslauthd start
saslpasswd2 -c cyrus

Error Message – generic falure
If you get this message do not panic, just do the password again.
# saslpasswd2 -c cyrus
Password:
Again (for verification):
saslpasswd: generic failure
Second time it works!
# saslpasswd2 -c cyrus
Password:
Again (for verification):
Edit the file /etc/impad.conf and view the line that lists admins, add the second admin that was just created and add the third admin if needed.
admins: cyrus
Note: You should not use regular users who have mailboxes as admins.  This adds to the security risk.

Create cyrus Folders
su to the user cyrus
su cyrus
Create the necessary file and directories for Cyrus to run by executing this script.
/usr/lib/cyrus-imapd/mkimap
Here is what it looks like from the console.
bash-3.00$ /usr/lib/cyrus-imapd/mkimap
reading configure file…
i will configure directory /var/lib/imap.
i saw partition /var/spool/imap.
done
configuring /var/lib/imap…
creating /var/spool/imap…
done

Return to the root user by using the exit command:
exit
You will probably need to reboot to get everything running.

Create Users in Cyrus-IMAP

Posted by Filed Under Cyrus-Imap with Comments Off

Create Users
Create the users on the system. Create users with the false option so they cannot log into the server. This is an added security feature.

A. Create the User
useradd sue -s /bin/false
passwd sue

A common mistake is to forget to provide passwords for these users.

B. Use saslpasswd2 to create a cyrus account for the user.
echo linux23 | saslpasswd2 -p -c sue -p -u realm

Note that linux23 is the password that you are providing for this user sue.
The realm is the domain that you are using for the hostname. If you have no domain just use realm.

Here are several options for the saslpasswd2 program:
-p    pipe mode
-c    create
-d    delete
-u    domain
-f    file

C. List the users to verify they were created.
Use this command to list the users created with saslpasswd2.
List Users Example
Here is an example of the sasldblistusers2 command. Notice that there are two methods of authentication; PLAIN, and CRAM-MD5.

# /usr/sbin/sasldblistusers2
user: cyrus realm: example.org mech: CRAM-MD5
user: tom realm: realm mech: CRAM-MD5
user: cyrus realm: example.org mech: PLAIN
user: tom realm: realm mech: PLAIN
user: tom realm: realm mech: DIGEST-MD5
user: cyrus realm: example.org mech: DIGEST-MD5
You may also want to send an email to the account.
echo test |/usr/sbin/sendmail -f root username

Cyrus-Imap Install

Posted by Filed Under Cyrus-Imap with Comments Off

Basic Installation
Install the two basic applications required, cyrus-imapd and cyrus-imapd-utils.
You can either use the graphical tools to install or from the command line:
yum install cyrus-imapd cyrus-imapd-utils (CentOS)
apt-get install cyrus-imapd cyrus-impad-utils (Ubuntu)

Start cyrus-imapd
# service cyrus-imapd start
Starting cyrus-imapd: preparing databases… done.         [  OK  ]
(Suse and Ubuntu)
/etc/init.d/cyrus-imapd start
Starting cyrus-imapd: preparing databases… done.         [  OK  ]