Difference between revisions of "Cyrus-imap"
(New page: This page is in preparation. I'm not done yet! == Cyrus-Imap == How to install and use cyrus-imap on sme7 Cyrus-imap enables folder sharing of mail items. Coupled with the Toltec conne...) |
(No difference)
|
Revision as of 21:27, 23 May 2008
This page is in preparation. I'm not done yet!
Cyrus-Imap
How to install and use cyrus-imap on sme7
Cyrus-imap enables folder sharing of mail items. Coupled with the Toltec connector, it can replace many functions of the Exchange Server with mail client Outlook.
This howto presents installation and usage of the cyrus-imap server on a Sme-Server system.
The cyrus-imap web site is at http://cyrusimap.web.cmu.edu/
Summary:
1. Credits 2. Installation 3. Administration 4. Mail accounts 5. Quotas 6. Shared folders 7. Toltec's Outlook Connector 8. CLI actions
Last modification 2008-03-17, 2008-05-17 Credits
The original scripts were developped by Mr. Lionel Debrus for SME6. Then, Jon Roberts from WestCountryBusiness adapted them for SME7. Since, Jon has switched to a different solution and might not be available to provide updates.
The packages are available from here for Toltec and without Toltec. Look under "Tech. Forum" menu. Versions without RPMS (which are not needed anymore) are available here (about 68KB):
* smeserver-cyrus.tgz (no rpms) * Note: these packages don't have rpms. Only install/uninstall scripts.
INSTALLATION
Some services (imap, imaps, pop, pops) are disabled and replaced. After the installation of needed RPMS, templates are created and expanded, and newly replaced services are enabled. Finally, a panel is added to the server-manager menu.
Note that POP and IMAP are rendered inaccessible from the Internet with these changes. It better to leave that so since vulnerabilities with this cyrus-imap implementation are not managed and investigated by the dev-team.
Beware!
The script uses password "%imapmail%" that needs to be set to something else!
Files:
* ./create-accounts * /etc/e-smith/templates-custom/etc/hosts.deny/00startup * /etc/e-smith/templates-custom/etc/cyrus.conf/cyrus * /etc/e-smith/templates-custom/etc/cyrus.conf/template-begin * /etc/e-smith/templates-custom/etc/cyrus.conf/template-end * /etc/e-smith/templates-custom/etc/imapd.conf/imapd * /etc/e-smith/templates-custom/etc/imapd.conf/template-begin * /etc/e-smith/templates-custom/etc/imapd.conf/template-end * /usr/lib/perl5/site_perl/5.8.5/Net/Telnet.pm * /etc/e-smith/events/actions/user-create-cyrus * /etc/e-smith/events/actions/user-delete-cyrus * /etc/e-smith/templates-user-custom/.qmail/90local * /etc/e-smith/templates-custom/etc/services/30cyrus-imap * /etc/e-smith/web/functions/sherwood/sherwood70
Script for installation:
- !/bin/sh
- =========================================================================
- Prepare files to use a different password
cyrus_password=<password_required>
- =========================================================================
mv -f sherwood70 sherwood70.old mv -f user-create-unix user-create-unix.old mv -f user-delete-unix user-delete-unix.old mv -f user-create-cyrus user-create-cyrus.old mv -f user-delete-cyrus user-delete-cyrus.old mv -f create-accounts create-accounts.old
sed "s/%imapmail%/$cyrus_password/" create-accounts.old > create-accounts sed "s/%imapmail%/$cyrus_password/" sherwood70.old > sherwood70 sed "s/%imapmail%/$cyrus_password/" user-create-unix.old > user-create-unix sed "s/%imapmail%/$cyrus_password/" user-create-cyrus.old > user-create-cyrus sed "s/%imapmail%/$cyrus_password/" user-delete-cyrus.old > user-delete-cyrus sed "s/%imapmail%/$cyrus_password/" sherwood70.old > sherwood70
=============================================================
- PHASE # 1
- =========================================================================
- Save current files
cp /etc/e-smith/events/actions/user-create-unix uninstall/user-create-unix-b4cyrus cp /etc/e-smith/events/actions/user-delete-unix uninstall/user-delete-unix-b4cyrus
- Stopping existing services (if running):
/etc/rc.d/init.d/saslauthd stop /etc/rc.d/init.d/xinetd stop service imap stop service imaps stop
- Disabling existing IMAP & POP services:
/sbin/e-smith/config setprop imap status disabled /sbin/e-smith/config setprop imaps status disabled /sbin/e-smith/config setprop pop3 status disabled /sbin/e-smith/config setprop pop3s status disabled
- Activating new services :
/sbin/e-smith/config set saslauthd service InitscriptOrder 70 access private status enabled /sbin/e-smith/config set cyrus-imapd service InitscriptOrder 71 access private status enabled
- Initialisation des fichiers de configuration grace aux patrons
- Donne Acces au service cyrus imap qui ne demarre pas avec Xinetd
- Installing custom-templates:
mkdir -p /etc/e-smith/templates-custom/etc/hosts.deny/ cp ./00startup /etc/e-smith/templates-custom/etc/hosts.deny/
- =========================================================================
- PHASE # 2
- =========================================================================
- Installation des RPMs
yum -y install \ cyrus-imapd \ cyrus-imapd \ cyrus-imapd-devel \ cyrus-imapd-murder \ cyrus-imapd-nntp \ cyrus-imapd-utils \ cyrus-sasl-devel \ cyrus-sasl-gssapi \ cyrus-sasl-ntlm \ cyrus-sasl-plain \ perl-Cyrus \ cyrus-sasl \ cyrus-sasl-md5
- =========================================================================
- PHASE # 3
- =========================================================================
- Configure Custom Templates
- Configuration de Cyrus
mkdir -p /etc/e-smith/templates-custom/etc/cyrus.conf/ cp ./cyrus /etc/e-smith/templates-custom/etc/cyrus.conf/ cp ./template-begin /etc/e-smith/templates-custom/etc/cyrus.conf/ cp ./template-end /etc/e-smith/templates-custom/etc/cyrus.conf/
mkdir -p /etc/e-smith/templates-custom/etc/imapd.conf/ cp ./imapd /etc/e-smith/templates-custom/etc/imapd.conf/ cp ./template-begin /etc/e-smith/templates-custom/etc/imapd.conf/ cp ./template-end /etc/e-smith/templates-custom/etc/imapd.conf/
- On ajoute un script Perl pour gerer les connexions Telnet
- dont nous avons besoin pour ajouter/supprimer des comptes IMAP
mkdir /usr/lib/perl5/site_perl/5.8.5/Net cp ./Telnet.pm /usr/lib/perl5/site_perl/5.8.5/Net/ cp ./user-create-cyrus /etc/e-smith/events/actions/ cp ./user-delete-cyrus /etc/e-smith/events/actions/
chmod 554 /etc/e-smith/events/actions/user-create-cyrus chmod 554 /etc/e-smith/events/actions/user-delete-cyrus
ln -s /etc/e-smith/events/actions/user-create-cyrus /etc/e-smith/events/user-create/S95user-create-cyrus ln -s /etc/e-smith/events/actions/user-delete-cyrus /etc/e-smith/events/user-delete/S05user-delete-cyrus
- Create symlinks for starting & stopping services
- Configuring start up services
ln -s /etc/rc.d/init.d/e-smith-service /etc/rc.d/rc7.d/S71cyrus-imapd ln -s /etc/rc.d/init.d/cyrus-imapd /etc/rc.d/rc0.d/K71cyrus-imap ln -s /etc/rc.d/init.d/saslauthd /etc/rc.d/rc7.d/S71saslauthd ln -s /etc/rc.d/init.d/saslauthd /etc/rc.d/rc0.d/K71saslauthd
- Configuring Qmail
- The original script changes permissions like this:
- chmod 4755 /var/qmail/bin/preline
- chmod 4755 /var/qmail/bin/sendmail
- ... but the standard permissions are already set to 0755 for files that exist.
- ... so why change?
chmod o+x /usr/lib/cyrus-imapd/deliver
- this sticky bit is used to allow a called process
- to inherit/assume the user credentials of the calling process.
mkdir /etc/e-smith/templates-user-custom/.qmail/ cp ./90local /etc/e-smith/templates-user-custom/.qmail/
mkdir -p /etc/e-smith/templates-custom/etc/services cp ./30cyrus-imap /etc/e-smith/templates-custom/etc/services/
- On remet a jour les fichiers de configuration a partir des templates.
- Expanding Templates
/sbin/e-smith/expand-template /etc/hosts.deny /sbin/e-smith/expand-template /etc/xinetd.conf /sbin/e-smith/expand-template /etc/cyrus.conf /sbin/e-smith/expand-template /etc/imapd.conf /sbin/e-smith/expand-template /etc/services
- Restarting services
/etc/rc.d/init.d/xinetd start /etc/rc.d/init.d/saslauthd start /etc/rc.d/init.d/cyrus-imapd start
- Configuring Server Manager
cp ./sherwood70 /etc/e-smith/web/functions/sherwood chown root:admin /etc/e-smith/web/functions/sherwood chmod 4750 /etc/e-smith/web/functions/sherwood
ln -s /etc/e-smith/web/functions/sherwood /etc/e-smith/web/panels/manager/cgi-bin/sherwood
- Setting IMAP administration password
- The cyrus user was created by rpm (?)
- Change password for cyrus using the variable set at the beginning
echo $cyrus_password | `passwd cyrus --stdin >/dev/null 2>&1`
- create cyrus-imap individual account based on user names
chmod 750 create-accounts ./create-accounts /sbin/e-smith/db /home/e-smith/db/navigation/navigation.en set sherwood panel Description "cyrus-IMAP" DescriptionWeight 6750 Heading Configuration HeadingWeight 6000
- /sbin/e-smith/db /home/e-smith/db/navigation/navigation.fr set sherwood panel Description "Gestion Des comptes Imap" DescriptionWeight 8555 Heading Sherwood HeadingWeight 8000
- /sbin/e-smith/db /home/e-smith/db/navigation/navigation.fr-ca set sherwood panel Description "Gestion Des comptes Imap" DescriptionWeight 8555 Heading Sherwood HeadingWeight 8000
- Apply changes
signal-event email-update
Uninstall with the script 'uninstall/uninstall' The script must be a sub-folder named "uninstall"
- !/bin/sh
- Uninstall script
- Uninstall RPMs
rpm -e cyrus-imapd-murder rpm -e cyrus-imapd-devel rpm -e cyrus-imapd-nntp rpm -e cyrus-imapd-utils rpm -e cyrus-imapd rpm -e perl-Cyrus rpm -e cyrus-sasl-plain rpm -e cyrus-sasl-devel rpm -e cyrus-sasl-gssapi rpm -e cyrus-sasl-ntlm rpm -e cyrus-sasl-sql
- Remove files
rm /etc/rc.d/rc7.d/S71cyrus-imapd rm /etc/rc.d/rc0.d/K71cyrus-imap rm /etc/rc.d/rc7.d/S71saslauthd rm /etc/rc.d/rc0.d/K71saslauthd rm /usr/lib/perl5/site_perl/5.8.5/Net/Telnet.pm rmdir /usr/lib/perl5/site_perl/5.8.5/Net rm -f /etc/e-smith/events/user-create/S95user-create-cyrus rm -f /etc/e-smith/events/user-delete/S05user-delete-cyrus rm -f /etc/e-smith/events/actions/user-create-cyrus rm -f /etc/e-smith/events/actions/user-delete-cyrus
- Reconfigure Custom Templates
rm -f /etc/e-smith/templates-custom/etc/cyrus.conf/* rmdir /etc/e-smith/templates-custom/etc/cyrus.conf/
rm -f /etc/e-smith/templates-custom/etc/imapd.conf/* rmdir /etc/e-smith/templates-custom/etc/imapd.conf/
- Rebuild Templates
rm -f /etc/e-smith/templates-custom/etc/hosts.deny/00startup rm -f /etc/e-smith/templates-user-custom/.qmail/* rmdir /etc/e-smith/templates-user-custom/.qmail rm -f /etc/e-smith/templates-custom/etc/services/30cyrus-imap
- Expand Templates
/sbin/e-smith/expand-template /etc/hosts.deny /sbin/e-smith/expand-template /etc/xinetd.conf /sbin/e-smith/expand-template /etc/services
- Remove Server-Manger Panel
rm /etc/e-smith/web/functions/sherwood rm /etc/e-smith/web/panels/manager/cgi-bin/sherwood
/sbin/e-smith/db /home/e-smith/db/navigation/navigation.en delete sherwood /sbin/e-smith/db /home/e-smith/db/navigation/navigation.fr delete sherwood /sbin/e-smith/db /home/e-smith/db/navigation/navigation.fr-ca delete sherwood
- Reinstall Original Service settings
/sbin/e-smith/config delete saslauthd /sbin/e-smith/config delete cyrus-imapd /sbin/e-smith/config setprop imap status enabled /sbin/e-smith/config setprop imaps status enabled /sbin/e-smith/config setprop pop3 status enabled /sbin/e-smith/config setprop pop3s status enabled /etc/rc.d/init.d/saslauthd stop >/dev/null 2>&1 /etc/rc.d/init.d/xinetd restart >/dev/null 2>&1
- Note: the script does not remove user "cyrus"
- if it was not delete when removing RPMs then delete it:
- userdel -r cyrus
service imap start signal-event email-update
This script will reset to %imapmail%, all occurences of password:
- !/bin/sh
cyrus_password=<password_to_be_reset>
rm -f *.old
mv -f sherwood70 sherwood70.old mv -f user-create-unix user-create-unix.old mv -f user-delete-unix user-delete-unix.old mv -f user-create-cyrus user-create-cyrus.old mv -f user-delete-cyrus user-delete-cyrus.old mv -f create-accounts create-accounts.old
sed "s/$cyrus_password/%imapmail%/" create-accounts.old > create-accounts sed "s/$cyrus_password/%imapmail%/" sherwood70.old > sherwood70 sed "s/$cyrus_password/%imapmail%/" user-create-unix.old > user-create-unix sed "s/$cyrus_password/%imapmail%/" user-create-cyrus.old > user-create-cyrus sed "s/$cyrus_password/%imapmail%/" user-delete-cyrus.old > user-delete-cyrus sed "s/$cyrus_password/%imapmail%/" sherwood70.old > sherwood70
Administration
The server-manager now has a new menu item at the bottom.
Imap accounts are based on the users list already existing on the server. They have been migrated to the new location.
Also note that the normal users's folders are not deleted and their content are intact.
It is then advisable to apply this howto on a new list of account that did not receive mail yet.
It is possible to keep messages by transfering them to a different server with the imapcopy tool. Then, after this installation, reimport them with the same tool.
Managing Accounts
Mail Accounts
The standard SME folder structure for mail is in /home/e-smith/files/users/<user>/Maildir.
With cyrus-imap, the new structure is in /var/spool/imap/<user>/user/<user>.
The standard structure is not destroyed with the installation and content just stay there, unreachable. If mail options in the server-manager are switched back to pop enabled and imap enabled, the standard structure is reactivated. When disabled, the cyrus-iamp structure is active.
It is advisable to plan ahead if users are already defined and have content in their mail boxes. With installation, new imap accounts will be created, but old content will not be transfered to new folder structure. The tool imapcopy is handy to move users's content to a temporary imap server, and restored the same way after installation. Access Rights - Explanation
* l: List * r: Read * s: Set Read Flag * w: Write * i: Insert * p: Post * c: Create * d: Delete * a: Administrator
To assign permissions to everybody, the group name is "anyone". Quotas
Quotas for each account is set to 100MB by default. This means that this space will be "reserved" on the server. So increasing default quota to 1GB for 20 users would reserve 20GB on the server. Shared folders
With this installation (without Toltec Connector), sharing folders is done from the server-manager. Creating a folder and assigning access rights allows for other users and groups to see the account. EGroupware, Thunderbird, Outlook work with this. But note that Outlook will interfere with other clients with its character coding for languages like french. Toltec's Outlook Connector
The connector is available from here and the manual from here (toltec.co.za). It has been tested with the Kolab server.
The cost is affordable at about 14USD per seat. This connector is for use where a group needs/wants/prefers/sticks to Outlook for whatever the reason. It provides for sharing calendars, address books, notes, todos, etc.
Beware of the Connector's concept of attachment to the server. Read the manual about this, it's important. Changing or reinstalling on the server will reset the internal ID of the server and all attached clients will see the server as a new one. Then all items on clients will be downloaded again!
Toltec Connector wants to see the server as a POP account and each station can provide for content to be shared. Permissions need to be set for each station providing content to someone or to others. Cyradm
CLI can be used to manage some options. See the man pages here.
Folders that matter are:
* Cyrus config: /var/lib/imap * Cyrus mailboxes: /var/spool/imap
Backing up:
/etc/init.d/cyrus-imapd stop cp /var/lib/imap /somewhere cp /var/spool/imap /somewhere /etc/init.d/cyrus-imapd start
Administration:
cd /usr/lib/cyrus-imapd su cyrus ./mbexamine <box> ./mupdate ./reconstruct -r <box> ./chk_cyrus ./ipurge -f -d 0
Login:
cyradm --user cyrus localhost cyradm --user admin localhost
Purge mailboxes :
Force deletion of mail in all mailboxes: /usr/lib/cyrus-imapd/ipurge -f -d 0
Reconstruct:
Reconstruct: /usr/lib/cyrus-imapd/reconstruct -r -f user.username