This article descibes the configuration of an IMAP server. The software I used was Fedora Core 4, 5 and 6 and Red Hat AS 4.0 and Cyrus Imap. Before you get started it is advisable and really cool to create a (dymanic) DNS service on your network.

Install & Setup

Install (some commands might not be needed on Fedora or are just for Fedora):
# yum install cyrus-imapd
# chkconfig –add cyrus-imapd
# chkconfig –level 2345 cyrus-imapd on
# service cyrus-imapd start
Starting cyrus-imapd: preparing databases… done.         [  OK  ]

[root@galibier ~]# chkconfig –list saslauthd
saslauthd       0:off   1:off   2:off   3:off   4:off   5:off   6:off
# chkconfig –level 2345 saslauthd on
# service saslauthd start
Starting saslauthd:                                        [  OK  ]

Change password user cyrus

# passwd cyrus
Changing password for user cyrus.
New UNIX password: ********
Retype new UNIX password: ********
passwd: all authentication tokens updated successfully.

Sendmail configuration including SSL

# cd /etc/pki/tls/certs
# make smtp.r71.nl
# vi /etc/mail/sendmail.mc

include(`/usr/share/sendmail-cf/m4/cf.m4′)dnl VERSIONID(`Setup for Red Hat Linux – r71.nl – 20060804′)dnl OSTYPE(`linux’)dnl Cw roderickderks.nl Cw telegraph.r71.nl Cw r71.nl define(`SMART_HOST’,`smtp.tiscali.nl’) define(`confDEF_USER_ID’,“8:12”)dnl define(`confTO_CONNECT’, `1m’)dnl define(`confTRY_NULL_MX_LIST’,true)dnl define(`confDONT_PROBE_INTERFACES’,true)dnl define(`PROCMAIL_MAILER_PATH’,`/usr/bin/procmail’)dnl define(`ALIAS_FILE’, `/etc/aliases’)dnl define(`STATUS_FILE’, `/var/log/mail/statistics’)dnl define(`UUCP_MAILER_MAX’, `2000000′)dnl define(`confUSERDB_SPEC’, `/etc/mail/userdb.db’)dnl define(`confPRIVACY_FLAGS’, `authwarnings,novrfy,noexpn,restrictqrun’)dnl define(`confAUTH_OPTIONS’, `A’)dnl define(`confCACERT_PATH’, `/etc/pki/tls/certs’)dnl define(`confCACERT’, `/etc/pki/tls/certs/ca-bundle.crt’)dnl define(`confSERVER_CERT’, `/etc/pki/tls/certs/smtp.r71.nl.pem’)dnl define(`confSERVER_KEY’, `/etc/pki/tls/certs/smtp.r71.nl.pem’)dnl dnl # dnl # RRD: following is needed to use CYRUS IMAP dnl # define(`CYRUSV2_MAILER_ARGS’, `FILE /var/lib/imap/socket/lmtp’)dnl define(`confLOCAL_MAILER’,`cyrusv2′)dnl define(`confTO_IDENT’, `0′)dnl FEATURE(`no_default_msa’,`dnl’)dnl FEATURE(`smrsh’,`/usr/sbin/smrsh’)dnl FEATURE(`mailertable’,`hash -o /etc/mail/mailertable.db’)dnl FEATURE(`virtusertable’,`hash -o /etc/mail/virtusertable.db’)dnl FEATURE(redirect)dnl// FEATURE(always_add_domain)dnl FEATURE(use_cw_file)dnl FEATURE(use_ct_file)dnl FEATURE(`access_db’,`hash -T<TMPF> -o /etc/mail/access.db’)dnl FEATURE(`blacklist_recipients’)dnl EXPOSED_USER(`root’)dnl DAEMON_OPTIONS(`Port=smtp, Name=MTA’)dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s’)dnl LOCAL_DOMAIN(`telegraph.r71.nl’)dnl MASQUERADE_AS(`r71.nl’) FEATURE(masquerade_envelope) FEATURE(masquerade_entire_domain) FEATURE(relay_entire_domain) MASQUERADE_DOMAIN(r71.nl) MAILER(smtp)dnl dnl # RRD: following is needed to use CYRUS IMAP MAILER(cyrusv2)dnl dnl MAILER(procmail)dnl

# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

Add ip adresses or -ranges of machines who are allowed to make a smtp connection to /etc/mail/access
# vi /etc/mail/access

badspammer.com            550 Go away and don’t spam us anymore tux.badspammer.com      OK 10.0                                RELAY

 

# service sendmail stop
Shutting down sendmail:                                    [  OK  ]
Shutting down sm-client:                                    [  OK  ]
# service sendmail start
Starting sendmail:                                               [  OK  ]
Starting sm-client:                                              [  OK  ]

Check current sendmail configuration
# /usr/lib/sendmail -d0.1 -bv

Create mailuser

# cyradm –user cyrus localhost
IMAP Password:
mailserver.domainname.nl> createmailbox user.roderick (ALSO: cm user.roderick)
mailserver.domainname.nl> setaclmailbox user.roderick logon all
mailserver.domainname.nl> quit

Copy mail from other server:

# cd /var/spool/imap/

Did you get an error like this?
Login failed: generic failure at /usr/lib/perl5/site_perl/5.8.6/i386-linux-thread-multi/Cyrus/IMAP/Admin.pm line 118
cyradm: cannot authenticate to server with PLAIN as cyrus
[root@mailserver] tail /var/log/messages
Aug  9 09:00:42 telegraph perl: No worthy mechs found
Aug  9 09:00:44 telegraph saslauthd[1980]: do_request      : NULL password received

Then go back to paragraph: change password user cyrus. 

 

Restore Mailbox

This is for users that already have a (cyrus) mailbox on another server.

Synchronize the following directories from our source server mailserver01 to mailserver02. Using this command the rights and permissions will be copied too.
[root@mailserver02 ] cd /var/spool/imap/
[root@mailserver02 imap] rsync -avu -e ssh root@mailserver01.domainname.nl:/var/spool/imap/ .

Copy the following directories from the old server mailserver01 to mailserver02:
[root@mailserver02 ]scp -r root@mailserver01.domain.nl :/var/lib/imap/ /var/lib/imap/

[root@mailserver02 roderick]# su – cyrus
-bash-3.00$ /usr/lib/cyrus-imapd/reconstruct -f -r user.roderick
user.roderick
user.roderick.Drafts
user.roderick.Finances
user.roderick.GMail
user.roderick.SPAM
user.roderick.Sent
user.roderick.Trash
user.roderick.Vriendenpost
user.roderick.Holidays
user.roderick.Website
user.roderick.Work
-bash-3.00$

Configure squatter (mailbox index process)
add the two lines in the cyrus config file in the EVENTS section
# vi /etc/cyrus.conf

EVENTS {   #rrd index aanmaken van de emails dmv squatter   squatter      cmd=”squatter -r user” period=1440 }

# su – cyrus
# /usr/lib/cyrus-imapd/squatter -v -r user.roderick

Setup SSL for Cyrus-Imapd

# openssl req -new -x509 -nodes -out /etc/pki/cyrus-imapd/imap.r71.nl.pem -keyout /etc/pki/cyrus-imapd/imap.r71.nl.pem -days 999
# openssl req -new -x509 -nodes -out /etc/pki/cyrus-imapd/imap.r71.nl.pem -keyout /etc/pki/cyrus-imapd/imap.r71.nl.pem -days 999
# chown cyrus /etc/pki/cyrus-imapd/imap.r71.nl.pem
# vi /etc/imapd.conf

configdirectory: /var/lib/imap partition-default: /var/spool/imap admins: cyrus sievedir: /var/lib/imap/sieve sendmail: /usr/sbin/sendmail hashimapspool: true sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN tls_cert_file: /etc/pki/cyrus-imapd/imap.r71.nl.pem tls_key_file: /etc/pki/cyrus-imapd/imap.r71.nl.pem

# vi /etc/cyrus.conf

imap          cmd=”imapd” listen=”imap” prefork=5 imaps         cmd=”imapd -s” listen=”imaps” prefork=1

Test STARTTLS by using imtest
# imtest -t “” imap.r71.nl

By default, Cyrus will cache SSL/TLS sessions for reuse for up to 24 hours. By adjusting the value of the tls_session_timeout option in imapd.conf, the session caching can be disabled (0) or the expiration period shortened.

Don’t forget to adjust the firewall to open port 993 for TCP (imaps:tcp in iptables) 

 

FAQ

Problems with folders when using Squirelmail:

Q: Cyrus squirrelmail  ERROR : Could not complete request. Query: CREATE “Sent”
A: 1. Start conf.pl of squirrelmail, select D, select cyrus.
2. Just use “Options – Folder Preferences” and set the “Sent” folder to a folder you created using for example cyradm. Squirrelmail “can” create folders only if you prefix them with “INBOX.”. So for example create (using squirrelmail) “INBOX.Sent”, go to the “Options – Folder Preferences” and set the Sentbox to “INBOX.Sent”.

Restoring email saved in Cyrus
Novell Cool Solutions: Question & Answer
Posted: 30 Apr 2004

Q: You never know what happened to me today. I deleted some email by mistake, and I need to restore from an available backup. We use Cyrus as the IMAP server and I have a backup of the directory /var/spool/imap/. Oh my God! What do I do now?
A: Cyrus saves email in this directory:

/var/spool/imap/user/<user_name>/

There is a file for each message. File names consist of successive numbers followed by a dot. To prevent existing messages with an identical “number” from being overwritten, it is advisable to first create an additional folder in which to install the backup.

Use the webmail interface to create a new folder under the relevant user (e.g., backup). To do this, select Configuration -> Folder -> New folder. The system creates a new folder with the path

/var/spool/imap/user/<user_name>/backup/

(make sure not to create the folder manually. Otherwise, Cyrus will ignore it.)

Copy the messages to restore from your backup to the new folder. Restart your mailbox to make Cyrus acknowledge the new messages with

cyrus@mailserver:~> reconstruct -r user/<user_name>

or simply reconstruct without any option to restart all mailboxes.

Free BonusTip:

You can use the grep command to find messages based on certain criteria, such as the sender or subject. For example:
cyrus@mailserver:/tmp/<archive>/var/spool/imap/user> grep “From: testuser@domainname.nl” /smith/*