Hi. What imapd can you recommend for minimum configuration and maintenance (no Cyrus)? This is for a small shop, so no hard performance requirements.
I'd prefer one where I don't have to build my own packages (no Courier, unless packages exist).
Thanks.
Morten
On Sunday 23 October 2005 03:40, Morten wrote:
Hi. What imapd can you recommend for minimum configuration and maintenance (no Cyrus)? This is for a small shop, so no hard performance requirements.
I'd prefer one where I don't have to build my own packages (no Courier, unless packages exist).
cyrus is very easy to set, but if you don't like to use cyrus then dovecot is the other alternative :)
On Sun, 2005-10-23 at 10:40 +0200, Morten wrote:
Hi. What imapd can you recommend for minimum configuration and maintenance (no Cyrus)? This is for a small shop, so no hard performance requirements.
I'd prefer one where I don't have to build my own packages (no Courier, unless packages exist).
Thanks.
Morten
Morten, I have never used imapd...I just always heard was such a bear to set up and have just used dovecot to get the mail around internally.
John Rose
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Morten wrote:
I'd prefer one where I don't have to build my own packages (no Courier, unless packages exist).
I just installed the latest courier-imapd today and it's really easy to build the packages (this is all from memory, so there may be slight typos):
1) log in as root and install rpm-devel (if it's not already installed)
2) 'su - user' [su to a "normal" user]
3) echo "%_topdir /home/user/rpm" > .rpmmacros [replace 'user' with your username]
4) mkdir -p rpm/BUILD rpm/RPMS/i386 rpm/SOURCES rpm/SPECS rpm/SRPMS
5) download courier-imapd-XXX.bz2 and courier-authlib-XXX.bz2
6) rpmbuild -ta courier-authlib-XXX.bz2 [ it will probably ask for requirements like postgresql and mysql, just 'yum install' them for the build, you can remove them later]
7) as root, rpm -Uvh ~user/rpm/RPMS/i386/courier-authlib-XXX.rpm [and the devel package too]
8) back as the user, build imap with: rpmbuild -ta courier-imapd-XXX.bz2 (you may need other packages to build this too, like fam-devel, just install them to make it happy, and remove them later)
9) as root, rpm -Uvh ~user/rpm/RPMS/i386/courier-imapd-XXX.rpm
10) start it up: /etc/init.d/courier-authlib start /etc/init.d/courier-imapd start
If your users are all normal system users and you don't need any fancy mysql/ldap lookups, you should be all set. Going this route makes it really easy to keep updated and you don't have to wait for package maintainers.
--Ajay
Morten wrote:
Hi. What imapd can you recommend for minimum configuration and maintenance (no Cyrus)? This is for a small shop, so no hard performance requirements.
I'd prefer one where I don't have to build my own packages (no Courier, unless packages exist).
Well, then use Dovecot. Comes standard with CentOS. Although, Cyrus also needs minimal configuration and maintance, and has clear advantages even for small shops.
On 10/24/2005 08:02 AM, Aleksandar Milivojevic wrote:
Morten wrote:
Hi. What imapd can you recommend for minimum configuration and maintenance (no Cyrus)? This is for a small shop, so no hard performance requirements.
I'd prefer one where I don't have to build my own packages (no Courier, unless packages exist).
Well, then use Dovecot. Comes standard with CentOS. Although, Cyrus also needs minimal configuration and maintance, and has clear advantages even for small shops.
I have cyrus-imapd packages available that should build on CentOS as well (originally build on RH8, now for FC*).
It's fine for all kind of mailservers (enterprise with many users as well as small business or just a few users)... I'm currently maintaining 3 Cyrus mailservers (two with < 50 users as well as one with > 1500 users and - of course - both run great!).
Best, Oliver
Morten wrote:
Hi. What imapd can you recommend for minimum configuration and maintenance (no Cyrus)? This is for a small shop, so no hard performance requirements.
I'd prefer one where I don't have to build my own packages (no Courier, unless packages exist).
Thanks.
Morten
Courier is the default imapd server on Gralinux AS 3, so there is rpms for it. You can intall the last Centos3 on your server and take the courier-imapd rpm from gralinux here -> http://www.gralinux.org/gralinux/AS3/i686/RPMS.main/courier-imap-3.0.8-2gral...
For informations, this version is in production from 335 days ago (the process of courier-imap ais 335 days old) and there is 20 users. Accounts size is near 1.5 Go per user, so .. maybe it's a good way to use courier-imap ??
Regards
Morten wrote:
Hi. What imapd can you recommend for minimum configuration and maintenance (no Cyrus)? This is for a small shop, so no hard performance requirements.
If you want something easy - use dovecot. yum install it and it just works out of the box with very little config required. If you want something with a great feature set, excellent performance and near zero admin - try Cyrus-Imapd. And in relative terms its much much easier to setup than Courier, considering its just a straight yum install.
Since you did not specify it, I presume you are using CentOS 4.
- K
Karanbir Singh wrote:
Morten wrote:
Hi. What imapd can you recommend for minimum configuration and maintenance (no Cyrus)? This is for a small shop, so no hard performance requirements.
If you want something easy - use dovecot. yum install it and it just works out of the box with very little config required. If you want something with a great feature set, excellent performance and near zero admin - try Cyrus-Imapd. And in relative terms its much much easier to setup than Courier, considering its just a straight yum install.
Since you did not specify it, I presume you are using CentOS 4.
- K
Why say that cyrus-imapd is a near zero admin ?? It's far the hardest imap/pop3 to configure, and if you want for exemple add mysql feature (to store user account); take 30 L of coffee, some anti-depressive medics and go :)
jean-seb
jean-sebastien Hubert wrote:
Why say that cyrus-imapd is a near zero admin ?? It's far the hardest imap/pop3 to configure, and if you want for exemple add mysql feature (to store user account); take 30 L of coffee, some anti-depressive medics and go :)
I run cyrus-imapd, have done so for years. I do find it near zero admin. If you want mysql backend support, use via pam_mysqld, takes all of about 2 minutes to setup. It usually takes me longer to get postfix setup and running against the mysql hosted userlist than cyrus.
And acquisition of the app does not get easier than yum installing it out of the base repo, with the assurance of it being supported within the distro framework.
perhaps I should say 'does not need excessive admin, nothing more than what you would expect with any imapd'
- KB
Karanbir Singh wrote:
jean-sebastien Hubert wrote:
Why say that cyrus-imapd is a near zero admin ?? It's far the hardest imap/pop3 to configure, and if you want for exemple add mysql feature (to store user account); take 30 L of coffee, some anti-depressive medics and go :)
I run cyrus-imapd, have done so for years. I do find it near zero admin. If you want mysql backend support, use via pam_mysqld, takes all of about 2 minutes to setup. It usually takes me longer to get postfix setup and running against the mysql hosted userlist than cyrus.
!!!!!!!!!!!!!! I have a cyrus-imapd to admin (with mysql, postfix) and .. the thing i can say is: in the next 3 month, I will install courier to kick this ... of . (there is 500 accounts on this server) Cyrus is very hard to install/configure/manage.
And acquisition of the app does not get easier than yum installing it out of the base repo, with the assurance of it being supported within the distro framework.
perhaps I should say 'does not need excessive admin, nothing more than what you would expect with any imapd'
- KB
Maybe; the problem with cyrus is when you use it with mysql and postfix .. you need to recompile so many stuff , and more you modify your distrib, more it's hard to apply security updates.
Courier-imap is, when you compare, far easy to configure.
Regards
jean-sebastien Hubert wrote:
Cyrus is very hard to install/configure/manage.
Like I said before, I dont agree with that point of view at all - Cyrus is an excellent imapd that scales very well, from 3 user systems to 45,000 user systems ( the largest that I've seen, there are most likely larger setup's out there ).
There is an old Indian saying : things you know about tend to be easy - things you have no clue about, tend to be really hard.
When such arguments are raised, I find it has great significance, since it explains the entire argument over. So if you comfort zone is Courier, so be it, nothing wrong with that, use Courier - its a good email solution - but dont slag off Cyrus because of your mindset.
Maybe; the problem with cyrus is when you use it with mysql and postfix .. you need to recompile so many stuff , and more you modify your distrib, more it's hard to apply security updates.
You dont need to rebuild anything in order to get cyrus-imapd working with mysql, it works out of the box as supplied within CentOS4. Again, a point that emphasis your knowledge pool lies elsewhere.
Courier-imap is, when you compare, far easy to configure.
Incorrect again. Its actually courier that you are going to need to rebuild from source, maintain and test yourself ( which includes tracking security fix's and vuln's over the Internet, rebuilding and testing on your own each time there is a fix etc, and if that fix involves a version update that breaks configs.... foobar! ). I think you missed my point about app acquisition + maint from the last email.
Also, we're drifting off here, Morten ( the OP ) wanted to know what imapd to use with the distro, Since Dovecot and Cyrus are included within the distro, my recommendation is going to be -> use one of them. Dovecot works out of the box, cyrus needs a couple of lines edited.
- K
Karanbir Singh wrote:
jean-sebastien Hubert wrote:
Cyrus is very hard to install/configure/manage.
Like I said before, I dont agree with that point of view at all - Cyrus is an excellent imapd that scales very well, from 3 user systems to 45,000 user systems ( the largest that I've seen, there are most likely larger setup's out there ).
Just use google; you will see that Cyrus is hard to make it run correctly.
There is an old Indian saying : things you know about tend to be easy
- things you have no clue about, tend to be really hard.
When such arguments are raised, I find it has great significance, since it explains the entire argument over. So if you comfort zone is Courier, so be it, nothing wrong with that, use Courier - its a good email solution - but dont slag off Cyrus because of your mindset.
I talk about my experience: I (still) have an old debian-woody with cyrus+mysql+sieve+postfix+web-cyradm. To me (and hat was my mystake) the best way was: install a RHEL3 clone, build cyrus and let's go; you have nothing to do. 3 days later: I fail. I don't think I'm clever, but after 3 days I have a half-working server .. and hard to maintain (I'm not the only system administrator)
So, the next day, I try courier+maildrop+postfix+postfixadm: I have a full working server in 2 days.
At the beginning, my knoledge of cyrus and courier was close to zero. So, if you can install such type of server in 2 minutes (or 2 yours) , I will begin your fan. But I don't think that the common mortal human can do that :-/ (sorry for the strange "french translation" :)
Maybe; the problem with cyrus is when you use it with mysql and postfix .. you need to recompile so many stuff , and more you modify your distrib, more it's hard to apply security updates.
You dont need to rebuild anything in order to get cyrus-imapd working with mysql, it works out of the box as supplied within CentOS4. Again, a point that emphasis your knowledge pool lies elsewhere.
Sure. The problem is in fact "postfix", there is no mysql support by default (in RHAS4) , but the rpm is simple to rebuild.
Courier-imap is, when you compare, far easy to configure.
Incorrect again. Its actually courier that you are going to need to rebuild from source, maintain and test yourself ( which includes tracking security fix's and vuln's over the Internet, rebuilding and testing on your own each time there is a fix etc, and if that fix involves a version update that breaks configs.... foobar! ).
courier is not complicated to maintain., so ... that's not a big problem.
I think you missed my point about app acquisition + maint from the last email.
Also, we're drifting off here, Morten ( the OP ) wanted to know what imapd to use with the distro, Since Dovecot and Cyrus are included within the distro, my recommendation is going to be -> use one of them. Dovecot works out of the box, cyrus needs a couple of lines edited.
- K
The main thing to have in mind: I'm in the cast where I'm still in a RHAS3 clone, not RHAS4, that's why I prefer courier-imap.
Regards
jean-seb
On Mon, 2005-10-24 at 15:52 +0400, jean-sebastien Hubert wrote: [snip]
The problem is in fact "postfix", there is no mysql support by default (in RHAS4) , but the rpm is simple to rebuild.
For the record, there is a postfix in the centosplus repo that has mysql support built in.
[snip]
Johnny Hughes wrote:
On Mon, 2005-10-24 at 15:52 +0400, jean-sebastien Hubert wrote: [snip]
The problem is in fact "postfix", there is no mysql support by default (in RHAS4) , but the rpm is simple to rebuild.
For the record, there is a postfix in the centosplus repo that has mysql support built in.
[snip]
And it works well. I've been using postfix since 1998-ish and haven't even considered going back to sendwhale since. Postfix is faster (by a rather wide margin) and much easier to maintain. And now I don't have to speak in tongues (M4) to edit my config files. 8-)
Cheers,
On Mon, 2005-10-24 at 10:21 -0400, Chris Mauritz wrote:
Johnny Hughes wrote:
On Mon, 2005-10-24 at 15:52 +0400, jean-sebastien Hubert wrote: [snip]
The problem is in fact "postfix", there is no mysql support by default (in RHAS4) , but the rpm is simple to rebuild.
For the record, there is a postfix in the centosplus repo that has mysql support built in.
[snip]
And it works well. I've been using postfix since 1998-ish and haven't even considered going back to sendwhale since. Postfix is faster (by a rather wide margin) and much easier to maintain. And now I don't have to speak in tongues (M4) to edit my config files. 8-)
---- Really? Did you have some empirical evidence for this performance difference or was this a subjective conclusion by someone what apparently never got the m4 macro concept down?
I use both sendmail and postifx and think that both have their strengths and weaknesses and never saw m4 as a problem, in fact, I think it is one of sendmail's greatest strengths. I never noticed a performance difference either. It's awfully easy to configure and maintain. Postfix has more granularity of configuration options.
I think that if your notions of sendmail and postfix were widely held, that few would use sendmail any longer.
Craig
Craig White wrote:
Really? Did you have some empirical evidence for this performance difference or was this a subjective conclusion by someone what apparently never got the m4 macro concept down?
Sounds like he hit a nerve. Sendmail's config is, indeed, overly complicated. sendmail.cf is a total headache. Yeah, people aren't supposed to edit it directly, but somehow the word has not really gotten out.
Of course, the mc's also deserve a place in the usability "Hall of Shame" for their unreadability. I mean, "dnl" is a perfectly logical symbol to designate a comment, right?
My favorite quote about sendmail.cf?
"Most users' sendmail.cf comes from God, their OS distributor, and they pray that it just works..."
Sincerely (and still using sendmail), Steve Bergman
Craig White wrote:
And it works well. I've been using postfix since 1998-ish and haven't even considered going back to sendwhale since. Postfix is faster (by a rather wide margin) and much easier to maintain. And now I don't have to speak in tongues (M4) to edit my config files. 8-)
Really? Did you have some empirical evidence for this performance difference or was this a subjective conclusion by someone what apparently never got the m4 macro concept down?
Yes, I did head to head comparisons about 5 years go on the same hardware. Postfix was the fastest, qmail was next, and sendmail was slowest. I believe I've also seen similar benchmarks posted on the net. I had to do independent testing to satisfy a skeptical consulting cilent.
I use both sendmail and postifx and think that both have their strengths and weaknesses and never saw m4 as a problem, in fact, I think it is one of sendmail's greatest strengths. I never noticed a performance difference either. It's awfully easy to configure and maintain. Postfix has more granularity of configuration options.
I think that if your notions of sendmail and postfix were widely held, that few would use sendmail any longer.
I think most people that still use sendmail do so because it's been a defacto standard for so many years and they're not interested in learning a new playbook for another program (kinda like why I still use Emacs...wink)...not because it has any speed or security advantage. I'm happy to not have to deal with cryptic M4 config files any longer.
Anyway, this has nothing to do with CentOS. I'd be happy to continue this chat offline.
Cheers,
On Mon, 24 Oct 2005, Chris Mauritz wrote:
Craig White wrote:
And it works well. I've been using postfix since 1998-ish and haven't even considered going back to sendwhale since. Postfix is faster (by a rather wide margin) and much easier to maintain. And now I don't have to speak in tongues (M4) to edit my config files. 8-)
Really? Did you have some empirical evidence for this performance difference or was this a subjective conclusion by someone what apparently never got the m4 macro concept down?
Yes, I did head to head comparisons about 5 years go on the same hardware. Postfix was the fastest, qmail was next, and sendmail was slowest. I believe I've also seen similar benchmarks posted on the net. I had to do independent testing to satisfy a skeptical consulting cilent.
In the systems I administer -- small sites, to be sure -- the MTA itself doesn't impact the speed of delivery nearly as much as anti-virus and anti-spam scanners.
Paul Heinlein wrote:
Yes, I did head to head comparisons about 5 years go on the same hardware. Postfix was the fastest, qmail was next, and sendmail was slowest. I believe I've also seen similar benchmarks posted on the net. I had to do independent testing to satisfy a skeptical consulting cilent.
In the systems I administer -- small sites, to be sure -- the MTA itself doesn't impact the speed of delivery nearly as much as anti-virus and anti-spam scanners.
Agreed.
Cheers,
On Mon, 2005-10-24 at 10:26, Chris Mauritz wrote:
Craig White wrote:
And it works well. I've been using postfix since 1998-ish and haven't even considered going back to sendwhale since. Postfix is faster (by a rather wide margin) and much easier to maintain. And now I don't have to speak in tongues (M4) to edit my config files. 8-)
Really? Did you have some empirical evidence for this performance difference or was this a subjective conclusion by someone what apparently never got the m4 macro concept down?
Yes, I did head to head comparisons about 5 years go on the same hardware. Postfix was the fastest, qmail was next, and sendmail was slowest. I believe I've also seen similar benchmarks posted on the net. I had to do independent testing to satisfy a skeptical consulting cilent.
Sendmail is infinitely configurable. Did you check with any large site administrators about a configuration appropriate for your benchmarks? The only problem I've ever heard of regarding capacity is that you may need to set up multiple outbound queues. If there is any difference in the network side of MTA's it has to be trivial. The only real work is local delivery (which sendmail doen't do anyway) and scanning the queue. If scanning the queue becomes a bottleneck you need multiple queues.
I think that if your notions of sendmail and postfix were widely held, that few would use sendmail any longer.
I think most people that still use sendmail do so because it's been a defacto standard for so many years and they're not interested in learning a new playbook for another program (kinda like why I still use Emacs...wink)...not because it has any speed or security advantage.
Another way to say that is that sendmail does the job perfectly well.
The one thing that you can't duplicate in postfix is the milter interface for things like MimeDefang to let other programs make decisions about disposition in real time during the SMTP conversation. MimeDefang is hard to beat to control virus and spam scanning and any local customization of mail handling.
jean-sebastien Hubert wrote:
Karanbir Singh wrote:
jean-sebastien Hubert wrote:
Cyrus is very hard to install/configure/manage.
Like I said before, I dont agree with that point of view at all - Cyrus is an excellent imapd that scales very well, from 3 user systems to 45,000 user systems ( the largest that I've seen, there are most likely larger setup's out there ).
Just use google; you will see that Cyrus is hard to make it run correctly.
Just coz they don't know how to use cyrus doesn't mean it's hard to make it run correctly. I've installed it in an installation with anywhere from 2-3 mail accounts to over 100,000. I found cyrus to over perform in many different areas. If you prefer a more "accessible" message store, you might choose Courier. From some googling around here is the consensus of the differences between courier and cyrus
o Courier uses a standard mailbox format (Maildir), whereas Cyrus uses a unique one. o Cyrus comes with a proxy module for scalability. o Both support ACLs. o Cyrus supports single-instance message store (Courier does not) o Courier can be a bit easier to setup
With Cyrus' format, it's a "single message per file" format with the IMAP folder structure built in a directory structure, but each folder has an index file so that accessing the headers of a message (which is done very frequently, for example, when displaying the message summary window) is done very quickly. Having the headers indexed into a single file in each folder means that the server does not have to do an open/read/close for every message in a folder.
I use Cyrus because of it's speed and flexibility.
I think the general consensus is that Cyrus is _the_ enterprise IMAP server in the OSS world. It scales fabulously to large user bases. Even Sun iPlanet Messaging Server/Netscape Messaging server uses cyrus with some places with mail volume close to 10 million/day and about a million accounts (Source: Info-iMS Mailing List/google)
PS - Did I mention the speed? It's FAST!!!
My 2 cents.
Quoting jean-sebastien Hubert security@air-austral.com:
Just use google; you will see that Cyrus is hard to make it run correctly.
It's an urban legend that got a life of its own. Boooo, it's Cyrus, complicated. Doesn't have much ground in reality. Most of those people don't know about the concept of separate MTA and LDA (sendmail *never* writes mail to mailboxes, and doesn't have the clue what format your mailboxes are stored on the disk). And they don't have a clue about bunch of other stuff too. For them, it would be equally hard to configure anything else that:
a) doesn't store mailboxes in pre-historic mailbox format in /var/mail (or /var/spool/mail, depending on OS version) b) doesn't use (or at least doesn't need to use) system accounts for authentication
Cyrus is very easy to configure. But you need to know few (very) basic concepts how mail delivery works. And frankly, somebody who calls himself system administrator of an mail server *must* know that stuff.
---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
Aleksandar Milivojevic wrote:
Quoting jean-sebastien Hubert security@air-austral.com:
Just use google; you will see that Cyrus is hard to make it run correctly.
It's an urban legend that got a life of its own. Boooo, it's Cyrus, complicated.
Try to make in run on a non RHAS4 system: Yes, if you want cyrus+mysql+sieve+ a web interface to admin accounts: Yes, it's hard to configure it. Ok, if you use a "cyrus ready" distro, 95 percent of the work is done, but in the other case .. It's not a urban legend, I said that because I did it, that's all.
Doesn't have much ground in reality. Most of those people don't know about the concept of separate MTA and LDA (sendmail *never* writes mail to mailboxes, and doesn't have the clue what format your mailboxes are stored on the disk). And they don't have a clue about bunch of other stuff too. For them, it would be equally hard to configure anything else that:
a) doesn't store mailboxes in pre-historic mailbox format in /var/mail (or /var/spool/mail, depending on OS version) b) doesn't use (or at least doesn't need to use) system accounts for authentication
Thanks for the scorning comparison ... "those" people have could be smart you know, and maybe they think we have other thinks to do than build cyrus and postfix by themselve ..
Cyrus is very easy to configure. But you need to know few (very) basic concepts how mail delivery works. And frankly, somebody who calls himself system administrator of an mail server *must* know that stuff.
I agree .. but did you try to configure cyrus in Debian Woody ??? I'm not sure ....
jean-sebastien Hubert wrote:
Try to make in run on a non RHAS4 system:
why should I ? It works fine on CentOS4. if you run some other distro, I am sure they have mailing lists you can take your gripe to. There are reasons why people run a stable distro like CentOS, maybe you should consider moving - it might make things easier for you ( as you put it, some of the things we rate as being easy are very hard on other distro's )
I agree .. but did you try to configure cyrus in Debian Woody ??? I'm not sure ....
if debian is brain dead and has issues, please take it to their mailing lists, we dont really care ...
- K
Karanbir Singh wrote:
jean-sebastien Hubert wrote:
Try to make in run on a non RHAS4 system:
why should I ?
To get a proof that cyrus* is not so trivial to install/configure :)
It works fine on CentOS4. if you run some other distro, I am sure they have mailing lists you can take your gripe to.
Ok , so, If a software run fine on one or 2 distro, that mean "this software is easy to install, you're just too stupid" ??? I repeat: I never try to install it on RHAS4 clone, so to me it was not so "easy". That's all :)
There are reasons why people run a stable distro like CentOS, maybe you should consider moving - it might make things easier for you ( as you put it, some of the things we rate as being easy are very hard on other distro's )
Maybe, I will sure try it soon.
I agree .. but did you try to configure cyrus in Debian Woody ??? I'm not sure ....
if debian is brain dead and has issues, please take it to their mailing lists, we dont really care ...
- K
Thanks to not scorn Debian ... I thought that a free-software project like CentOS was a little more "open", like RH or Mandriva is.
jean-sebastien Hubert wrote:
Try to make in run on a non RHAS4 system:
why should I ?
To get a proof that cyrus* is not so trivial to install/configure :)
you seem to miss the point completely, this is CentOS were talking about - there are inherint benefits of running a stable consolidated distro, one of which is that s/w on the distro works as expected.
I dont care if something does not work on some random setup. Were talking centos here, like I said before, if its debian you want to talk about - they have a bunch of mailing lists, please take your issue there.
It works fine on CentOS4. if you run some other distro, I am sure they have mailing lists you can take your gripe to.
Ok , so, If a software run fine on one or 2 distro, that mean "this software is easy to install, you're just too stupid" ??? I repeat: I never try to install it on RHAS4 clone, so to me it was not so "easy".
You should try it then 8->
Maybe, I will sure try it soon.
:)
Thanks to not scorn Debian ... I thought that a free-software project like CentOS was a little more "open", like RH or Mandriva is.
I dont understand your point here, were talking about a set of pkgs that are put together in a distro to work with the other components of the distro. The guy who asked about what imapd to use on CentOS should not really be concerned about or influenced by how the setups' are done and the releative app acquisition and deployment process on debian ...
Would people say we've actually thrashed this issue out enough ? no wait. Dont answer that :)
- K
On Tue, 2005-10-25 at 13:30 +0100, Karanbir Singh wrote:
jean-sebastien Hubert wrote:
Try to make in run on a non RHAS4 system:
why should I ?
To get a proof that cyrus* is not so trivial to install/configure :)
you seem to miss the point completely, this is CentOS were talking about
- there are inherint benefits of running a stable consolidated distro,
one of which is that s/w on the distro works as expected.
OK ... I think the points that Karabir are trying to make (or at least the ones I want to make) are these:
1. The question was not what is the easiest or recommend imapd to use on debian (or mandriva, ubuntu, slackware, fedora core, gentoo, free bsd, hpux, aix, windows 2003 server, or any other OS) ... it was what is the best imap server to use on CentOS ... and I believe that it was even CentOS-4.x
2. If we are asked that question, and if there is an included package to meet the requirements in CentOS, we will normally tell people the best included solution ... simply because those packages are already designed/packaged to work with the other packages included with the distro.
3. If someone knows how to use another package, it might be easier for that person to bring their old package over instead of using a new package in the distro ... BUT ... if you are starting from scratch (and not bringing over old data), it would probably be better to use a package that is included in the distro that you are choosing. I personally would think this holds true no matter what distro you ultimately choose to use.
4. If you want to discuss the ins and outs of installing packages on other distros (except maybe to compare that install to CentOS), there are better places to discuss that ... especially to discuss it in depth ... like either the package's mailing list or the other distro's mailing list.
Thanks to not scorn Debian ... I thought that a free-software project like CentOS was a little more "open", like RH or Mandriva is.
no one is trying to scorn debian ... I like debian (and gentoo as well), but this is not a debian or gentoo mailing list. I would not say, for example, don't use program x in CentOS because it doesn't compile correctly on gentoo, or because the debian config files for that program are hosed :)
Would people say we've actually thrashed this issue out enough ? no wait. Dont answer that :)
YES :)
I'm not sure what this is all about. I was setting up personal imap and dovecot was recommended (I think by the machine or by Yum) and I just installed that and it works great.
Preston
Quoting jean-sebastien Hubert security@air-austral.com:
Try to make in run on a non RHAS4 system: Yes, if you want cyrus+mysql+sieve+ a web interface to admin accounts: Yes, it's hard to configure it. Ok, if you use a "cyrus ready" distro, 95 percent of the work is done, but in the other case .. It's not a urban legend, I said that because I did it, that's all.
Yeah, I had it running on non Red Hat systems. Don't see what all this fuss is about. The only more complicated thing: I had to compile it from source. Big deal.
The only relatively complicated part is bulk moving existing mailboxes to Cyrus. However, even for that there are plenty of good solutions around.
I agree .. but did you try to configure cyrus in Debian Woody ??? I'm not sure ....
Haven't used Debian for a very long time, so I'd have to say no to this question. Anyhow, don't see why it would be complicated. And no, I'm not going to reinstall my PC just to prove you wrong ;-)
---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
On 24 Oct 2005 at 14:23, jean-sebastien Hubert wrote:
<snip>
!!!!!!!!!!!!!! I have a cyrus-imapd to admin (with mysql, postfix) and .. the thing i can say is: in the next 3 month, I will install courier to kick this ... of . (there is 500 accounts on this server) Cyrus is very hard to install/configure/manage.
You seem to be confusing Cyrus-IMAPD with Cyrus-SASL. Cyrus-IMAPD doesn't use any kind of SQL backend, and I have no idea why you'd want to try.
Cyrus SASL is used by Cyrus IMAPD (and many other applications) for authentication support, and it can indeed be quite complex to configure because of the enormous number of available backends and configuration options. Getting rid of Cyrus-IMAPD won't rid you of your SASL configuration headaches if, say, you're using SMTP AUTH with Postfix, because Postfix (along with many other MTAs) requires Cyrus-SASL for its AUTH support.
<snip>
Maybe; the problem with cyrus is when you use it with mysql and postfix .. you need to recompile so many stuff , and more you modify your distrib, more it's hard to apply security updates.
The version of Cyrus-SASL which shipped with CentOS3/RHEL3 is somewhat antiquated, and the SQL plugin support pretty clunky. I'd strongly recommend that if you're using Cyrus software on RHEL3 or smilar, you should download Simon Mattar's Cyrus SRPMs:
http://www.invoca.ch/pub/packages/cyrus-sasl/ http://www.invoca.ch/pub/packages/cyrus-imapd/
Late in the SASL 2.1.x branch, support for both MySQL and Postgresql was shifted to a single sql plugin which allows for specific backend configuration in the sasl.conf files.
---- Nels Lindquist <*> Information Systems Manager Morningstar Air Express Inc.
Nels Lindquist wrote:
On 24 Oct 2005 at 14:23, jean-sebastien Hubert wrote:
<snip>
!!!!!!!!!!!!!! I have a cyrus-imapd to admin (with mysql, postfix) and .. the thing i can say is: in the next 3 month, I will install courier to kick this ... of . (there is 500 accounts on this server) Cyrus is very hard to install/configure/manage.
You seem to be confusing Cyrus-IMAPD with Cyrus-SASL. Cyrus-IMAPD doesn't use any kind of SQL backend, and I have no idea why you'd want to try.
Cyrus SASL is used by Cyrus IMAPD (and many other applications) for authentication support, and it can indeed be quite complex to configure because of the enormous number of available backends and configuration options. Getting rid of Cyrus-IMAPD won't rid you of your SASL configuration headaches if, say, you're using SMTP AUTH with Postfix, because Postfix (along with many other MTAs) requires Cyrus-SASL for its AUTH support.
<snip>
That's a global problem in fact: cyrus-imapd/cyrus-sasl/postfix/mysql must be run together; and that's hard to configure them when you don't have a distro which is "cyrus ready", like RHAS3 or Debian Woody ...
Maybe; the problem with cyrus is when you use it with mysql and postfix .. you need to recompile so many stuff , and more you modify your distrib, more it's hard to apply security updates.
The version of Cyrus-SASL which shipped with CentOS3/RHEL3 is somewhat antiquated, and the SQL plugin support pretty clunky.
That was the main problem: use the default cyrus-sasl is ... impossible (in RHAS3), you need to modify your system with non-standard rpms so in a certain way you "break" your RHAS3 compilance.
I'd strongly recommend that if you're using Cyrus software on RHEL3 or smilar, you should download Simon Mattar's Cyrus SRPMs:
http://www.invoca.ch/pub/packages/cyrus-sasl/ http://www.invoca.ch/pub/packages/cyrus-imapd/
Late in the SASL 2.1.x branch, support for both MySQL and Postgresql was shifted to a single sql plugin which allows for specific backend configuration in the sasl.conf files.
I will try it soon.
Thanks
Thanks for the interesting discussion. I've decided to try Cyrus first, and if that fails, try one of the proposed alternatives.
I've configured Exim/Cyrus now, and they run. Only Cyrus doesn't like to authenticate the users. I'd like it to authenticate OS users, so this should be simple. When I try to log on, /var/log/maillog shows:
Oct 24 23:33:35 obiwan master[7371]: about to exec /usr/lib/cyrus-imapd/imapd Oct 24 23:33:35 obiwan imap[7353]: accepted connection Oct 24 23:33:35 obiwan imap[7371]: executed Oct 24 23:33:35 obiwan imap[7353]: badlogin: localhost.localdomain [127.0.0.1] plaintext morten SASL(-1): generic failure: checkpass failed
My /etc/imapd.conf has:
sasl_pwcheck_method: saslauthd
So I guess the question is, how to make SASL authenticate OS users. Any tips?
Thanks.
Morten
On 10/25/2005 09:11 AM, Morten wrote:
Thanks for the interesting discussion. I've decided to try Cyrus first, and if that fails, try one of the proposed alternatives.
I've configured Exim/Cyrus now, and they run. Only Cyrus doesn't like to authenticate the users. I'd like it to authenticate OS users, so this should be simple. When I try to log on, /var/log/maillog shows:
Oct 24 23:33:35 obiwan master[7371]: about to exec /usr/lib/cyrus-imapd/imapd Oct 24 23:33:35 obiwan imap[7353]: accepted connection Oct 24 23:33:35 obiwan imap[7371]: executed Oct 24 23:33:35 obiwan imap[7353]: badlogin: localhost.localdomain [127.0.0.1] plaintext morten SASL(-1): generic failure: checkpass failed
My /etc/imapd.conf has:
sasl_pwcheck_method: saslauthd
So I guess the question is, how to make SASL authenticate OS users. Any tips?
/etc/sysconfig/saslauthd MECH=pam
restart saslauthd /etc/init.d/saslauthd
should do the trick.
You may want to check /etc/saslauthd.conf as well...
-of
Quoting Oliver Falk oliver@linux-kernel.at:
You may want to check /etc/saslauthd.conf as well...
That one is used only if MECH=ldap (virtual users).
---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
Quoting Morten lists@kikobu.com:
My /etc/imapd.conf has:
sasl_pwcheck_method: saslauthd
So I guess the question is, how to make SASL authenticate OS users. Any tips?
Check if saslauthd is running. If not, "/etc/init.d/saslauthd start" (don't forget to enable it to start during boot, "chkconfig saslauthd on"). You'll find saslauthd logs in /var/log/messages. My guess is that most likely you haven't started saslauthd service.
The config file for saslauthd is /etc/sysconfig/saslauthd. To be more precise, it is config file for the startup script. Check the MECH line. If your system accounts are all in local files (/etc/passwd, /etc/shadow), the default MECH=shadow is fine. If they are on NIS or something similar, you might consider changing MECH line to MECH=pam. See manual page for saslauthd for more info.
There's also testsaslauthd program that you can use to test if saslauthd itself works correctly. However, you must give it password on command line, so change it to something dummy before using this program.
If saslauthd is running, and it runs correctly (test with testsaslauthd), user's INBOX folder probably doesn't exist. It can be created automatically when user logins for the first time, or you can create it manually.
To have it automatically created, add this option to imapd.conf:
autocreatequota: -1
You can also use autocreateinboxfolders and autosubscribeinboxfolders options to automatically create some subfolders for user (such as Drafts or Sent Items for example) when INBOX folder is automatically created. See imapd.conf manual page for more details.
If you prefer to create mailboxes manually, you can use cyradm command for that:
cyradm --user cyrus localhost
Make sure you set password for cyrus account first.
Than, in cyradm, you would use "cm" (create mailbox) command to create the mailbox under the user tree (yes, you must type "user." part, otherwise you would be creating shared folder):
cm user.username
---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
Quoting Aleksandar Milivojevic alex@milivojevic.org:
To have it automatically created, add this option to imapd.conf:
autocreatequota: -1
One thing I forgot to mention. If you go through imapd.conf man page (as I suggested), you'll probably find one tempting option: createonpost. Having createonpost option enabled is really bad idea (unless you have some other mechanism to bounce mail for non-existing users).
Oh, and if you want full-body text searches in IMAP to really fly (literaly blowing away most other IMAP servers), add this to EVENTS section of /etc/cyrus.conf:
squatter cmd="squatter -rs user" at=0100
That line would rebuild indexes every day at 1 AM (so when you wake up next morning, and search for email in which somebody mentioned how to make kebab, the search is going to be an order of magnitude faster).
---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
jean-sebastien Hubert wrote:
Why say that cyrus-imapd is a near zero admin ?? It's far the hardest imap/pop3 to configure, and if you want for exemple add mysql feature (to store user account); take 30 L of coffee, some anti-depressive medics and go :)
I too have to disagree with this statement. It takes me about 5 minutes to setup cyrus, and my configuration is way more complicated than simply authenticating users against SQL database. The default cyrus-imapd configuration since it become standard distro RPM in Fedora Core 3 was very well choosen and works practically out of the box (all you need is to do is to replace two procmail lines in sendmail.mc with three cyrus related lines, would be nice if stock sendmail.mc containted comments about that, and after that enable and start saslauthd service and off you go). If total zero-admin is desired, enable auto create inbox on user login option. And basically, that's it.
Aleksandar Milivojevic wrote:
jean-sebastien Hubert wrote:
Why say that cyrus-imapd is a near zero admin ?? It's far the hardest imap/pop3 to configure, and if you want for exemple add mysql feature (to store user account); take 30 L of coffee, some anti-depressive medics and go :)
I too have to disagree with this statement. It takes me about 5 minutes to setup cyrus, and my configuration is way more complicated than simply authenticating users against SQL database. The default cyrus-imapd configuration since it become standard distro RPM in Fedora Core 3 was very well choosen and works practically out of the box (all you need is to do is to replace two procmail lines in sendmail.mc with three cyrus related lines, would be nice if stock sendmail.mc containted comments about that, and after that enable and start saslauthd service and off you go). If total zero-admin is desired, enable auto create inbox on user login option. And basically, that's it.
Ok. RH do all the job :) I never try to install cyrus on RHAS4, I think I will try it ... to cry and said "Why It was so complicated before ??" :)
Thanks
jean-seb
On Mon, 2005-10-24 at 04:40, Karanbir Singh wrote:
Hi. What imapd can you recommend for minimum configuration and maintenance (no Cyrus)? This is for a small shop, so no hard performance requirements.
If you want something easy - use dovecot. yum install it and it just works out of the box with very little config required. If you want something with a great feature set, excellent performance and near zero admin - try Cyrus-Imapd. And in relative terms its much much easier to setup than Courier, considering its just a straight yum install.
And for something slightly in-between, use dovecot, but tweak it and your mail delivery agent to use maildir format (procmail already knows how). You'll get better performance manipulating large inboxes that way.
Dovecot. We started using it a while back, and it's been worry free, zero administration, and good performance, even with hundreds of MB of email. We're using IMAP/TLS so that we have decent security and multiple-point availability for executives and sales staff, who are frequently mobile. Now, we have backups of all email, they can get their messages anywhere, and we have decent security.
Works good, hard to beat the price, too!
=)
-Ben
On Sunday 23 October 2005 01:40, Morten wrote:
Hi. What imapd can you recommend for minimum configuration and maintenance (no Cyrus)? This is for a small shop, so no hard performance requirements.
I'd prefer one where I don't have to build my own packages (no Courier, unless packages exist).
Thanks.
Morten
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-
Ajay Sharma -
Aleksandar Milivojevic -
Benjamin Smith -
Black Hand -
Bruno S. Delbono -
Chris Mauritz -
Craig White -
jean-sebastien Hubert -
Johnny Hughes -
Karanbir Singh -
Les Mikesell -
Morten -
Nels Lindquist -
Oliver Falk -
Paul Heinlein -
Preston Crawford -
rado -
Security
-
Steve Bergman