Building the imap server on jupiter:
Things you need:
You will need to rpmbuild the sasl, and the db4 (using the specfile). When you do the update with the resulting packages, you will probably have to use --nodeps to force it to work.
Once this is completed, building and installing the cyrus imapd srpm is straight forward.
Here is our /etc/imapd.conf file:
configdirectory: /opt/cyrus/imap
partition-default: /opt/cyrus/spool
admins: cyrus
sievedir: /opt/cyrus/imap/sieve
sendmail: /usr/sbin/sendmail
hashimapspool: true
tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt
sasl_pwcheck_method: auxprop
sasl_mechs: PLAIN
virtdomains: yes
defaultdomain: completely-bogus-and-unrelated-domain.ca
allowplaintext: yes
altnamespace: yes
autocreatequota: 15000000
createonpost: 1
unixhierarchysep: 1
This is our /etc/mail/cyrus.conf:
START {
recover cmd="ctl_cyrusdb -r"
}SERVICES {
imap cmd="imapd" listen="imap" prefork=5
imaps cmd="imapd -s" listen="imaps" prefork=1
pop3 cmd="pop3d" listen="pop3" prefork=3
pop3s cmd="pop3d -s" listen="pop3s" prefork=1
sieve cmd="timsieved" listen="sieve" prefork=0
lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1
}EVENTS {
checkpoint cmd="ctl_cyrusdb -c" period=30
delprune cmd="cyr_expire -E 3" at=0400
tlsprune cmd="tls_prune" at=0400
}
The
cyradm administration thing is dependant on name resolution order, so you need to have your /etc/hosts look like this:
127.0.0.1 localhost.localdomain localhost
142.46.200.221 jupiter jupiter.gridway.net
142.46.200.194 fwall.gridway.net
...ie:
the short system name must be first. Or it won't work. You have been warned. (This is probably some interaction between name resolution and treating the real domain as a virtual one.)
Testing:
Oh yeah, don't forget to use
saslpasswd2 to create your user authentication. Especially for the admin user, defined above in imapd.conf.
$ /usr/local/bin/imtest -m login -a cyrus@gwx1 localhost
S: * OK gwx1 Cyrus IMAP4 v2.2.3 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=DIGEST-MD5 AUTH=CRAM-MD5 SASL-IR
S: C01 OK Completed
Please enter your password:
C: L01 LOGIN cyrus@gwx1 {5}
S: + go ahead
C: <omitted>
S: L01 OK User logged in
Authenticated.
Security strength factor: 0
. logout
Enter the the relevant password (in this case, it is the password for
cyrus@gwx1); and as long as you don't get any evil error messages prefixed by
S: L01 you should be ok. Enter
. logout to make it go away.
Test it with the authentication method you wish to use (ie, you want
plain, login, and
DIGEST-MD5). As so:
$ /usr/local/bin/imtest -m DIGEST-MD5 -a cyrus@gwx1 localhost
S: * OK gwx1 Cyrus IMAP4 v2.2.3 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=DIGEST-MD5 AUTH=CRAM-MD5 SASL-IR
S: C01 OK Completed
C: A01 AUTHENTICATE DIGEST-MD5
S: + bm9uY2U9Ik1RcTlwaTQvZ3czalcyaUVPaFhLRng2NnNPMnZ2eENrZWxRRGlBbnN1Szg9IixyZWFsbT0iZ3d4MSIscW9wPSJhdXRoLGF1dGgtaW50LGF1dGgtY29uZiIsY2lwaGVyPSJyYzQtNDAscmM0LTU2LHJjNCIsbWF4YnVmPTQwOTYsY2hhcnNldD11dGYtOCxhbGdvcml0aG09bWQ1LXNlc3M=
Please enter your password:
...blah, blah, blah.
It would be a good idea to configure sendmail for delivery to cyrus:
sendmail.
Now you can go use
cyradm to create and administrate mailboxes.