[Gllug] Large mail files was -> RedHat

Mike Brodbelt mike at coruscant.demon.co.uk
Tue Nov 6 00:05:25 UTC 2001 

Dave Cridland wrote:
> 
> On Mon, 2001-11-05 at 12:20, Steve Nicholson wrote:
> > > I have all my mail on a Cyrus IMAP server. Here, I have a GLLUG folder
> >
> > Cyrus IMAP server is something I have wanted to set up for a while, have
> > read good things about it, time is my issue at the moment, 4 weeks and
> > I'm off home for 3 months and there are a lot of other things I need to
> > get sorted out so everything is reliable (and recoverable) while I'm
> > away.
> 
> Cyrus is very good, very fast, and very stable.

Seconded.
 
> > How long did it take to set up the IMAP server?  Are there any
> > gotcatchas in there?

To be honest, it can be a pain. Cyrus IMAP links against the SASL
library, which requires a DB implementation when you build it. It'll
cheerfully build against the DB provided with your libc, but if you do
this, and then link the imap daemon against it, it'll throw up. There
are lots of people who have this problem. To use Cyrus IMAP, you must
build SASL linked against Berkeley DB. As things other than Cyrus can
use SASL (like sendmail), they must also be linked against Berkeley DB
if linked against SASL.

That said, if you know the caveats in advance, it's fairly easy. I've
got web pages up at http://www.coruscant.demon.co.uk/mike/imap which may
help.
 
> You want to run it on some kind of Journalling FS for best results, or
> else you'll need to chattr +S a few places. Which is the downside.

A JFS like Reiser, optimised for small files is the best. That said, I
still run my production Cyrus server on kernel 2.2, so it's currently
using ext2 with synchronous updates for the spool, and is still more
than fast enough. A decent disk subsystem helps - that machine runs with
a hardware raid controller with 32Mb of on controller battery backed
cache, so the synchronous updates just hit the buffer on the controller.
 
> The other gotcha with cyrus is that, of course, you can't then read
> email on the server itself. Only via IMAP or POP3 (of course, you can
> read email that way on the server, but you know what I mean).

Not true... well, true, but it's easy to configure Mutt on the server to
read via IMAP. Mutt does no caching of IMAP headers, so is slower on
loading large folders, but is pretty useable as long as you don't have
more than 20-30,000 messages in a folder.
 
> Also, the IMAP/POP3 "INBOX" doesn't exist by default. A real bugger.
> It's possible to configure Cyrus such that these can be created by the
> user, but realistically, you want to create them when you install. I
> suggest using the "imtest" program in the distribution, giving it a
> preprepared IMAP script, generated by a suitable script run over
> /etc/passwd or `ls /var/spool/mail`, at your choice. (You need a file
> with lines that look like "$USER CREATE user.$USER", if you see what I
> mean.)

You can script the Cyradm tool. Also, the cyrus distribution comes with
several perl modules that make it quite easily extensible if necessary.
 
> Finally, Cyrus "accounts" are configured differently from ordinary shell
> accounts. You can tell Cyrus to authenticate plain logins through PAM,
> but then you need your PAM mechanisms to operate as cyrus.mail as well
> as root, often not possible. It's possible with Kerberos V, though.
> Alternatively, use the sasldb instead. If all your usernames and
> passwords are currently stored in /etc/passwd or /etc/shadow, then
> you'll be a bit stuck either way. I think there's ways of migrating,
> using SASL itself to do the hard work.

You can use the pwcheck daemon. It runs as root, and can read your
shadow file. Cyrus talks to pwcheck, which returns an OK/not OK
response, so you can fairly easilt migrate from an existing setup using
shadow passwords.
 
> 1) Initially, no email goes anywhere near Cyrus. You need to setup your
> MTA to deliver email via LMTP into Cyrus, ideally. For sendmail, there's
> an example config file provided.

I'd add to this that Cyrus provides a "deliver" program to do this, that
can be invoked by sendmail. More recent sendmails can speak LMTP
directly, and I'd strongly advise doing this - I had significant grief
with the deliver program.
 
HTH,

Mike.

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug

More information about the GLLUG mailing list