Introduction to Cyrus IMAP

Wil Cooley <wcooley@nakedape.cc>>

Naked Ape Consulting, Ltd.

http://naked-ape.com

Summary

Introduction to IMAP
Introduction to Cyrus IMAP
Quick Installation
Configuration
Example Installations
Conclusion

Introduction to IMAP

What is IMAP?

Internet Mail Layers

MTA - Mail Transfer Agent
MUA - Mail User Agent
MP[AL] - Mail Presentation Agent/Layer

Internet Standard for Mail Access
Supported By Most MUAs

IMAP vs POP

On-line

Access Mail Anywhere
Stored on Server, Not Client
Persistent Message Flags
Concurrent Access

Disconnected Access
Multiple Folders on Server
Shared Mailboxes
Store/Post Message (If MUA Supports)

Introduction to Cyrus IMAP

Background

Developed at Carnegie Mellon, to Meet University Needs
Began In 1994 As Part of Andrew Distributed Computing System
Became Free Software Around 2000
BSD-ish License

Features of Cyrus IMAP

Fast and Scalable
Efficient Storage
Shared Mailboxes
Access Control Lists
Server-side Mail Filtering with Sieve
Duplicate Suppression
Indexed Server-side Searching with Squatter
SSL/TLS Support
Direct Mailbox Delivery with Address Extension

Features of Cyrus IMAP (Cont)

Virtual Hosting
"Blackbox" Server
Flexible Authentication with Cyrus SASL
Message Expiration with ipurge
Real Quotas
Single-Instance Store
Partitioned Storage
POP3 and NNTP Servers
Clusterable w/Murder

Problems with Cyrus IMAP

Flexible Authentication Can Also Be Complex
Database Problems With Older Berkeley DB Versions
Was Not Free Software
More Complicated Management
Difficult Migration
Documentation Spotty
Percieved Problems

Mail Storage is Opaque
Per-user Spam Scanning Is Tough
Databases Cannot be SQL Server

Quick Installation Example

Fedora Core 3

FC3 has Cyrus SASL and Cyrus IMAP Configured For "Typical" Use
Remove UW-IMAP
Install Packages

# yum install postfix cyrus-imapd cyrus-imapd-utils \
    perl-Cyrus cyrus-sasl cyrus-sasl-plain \
    perl-Term-ReadLine-Gnu

Start saslauthd and imapd

# /sbin/service saslauthd start
# /sbin/service cyrus-imapd start

Quick Installation Example (Cont)

Set Password For Admin User cyrus
Create Mailboxes With Admin Tool cyradm

$  cyradm --user cyrus localhost
IMAP Password: 
localhost> createmailbox user.wcooley
localhost> listmailbox user.wcooley
user.wcooley (\HasNoChildren)  
localhost> listaclmailbox user.wcooley
wcooley lrswipcda
localhost> listquotaroot user.wcooley

Configure and Start Postfix

# alternatives --set mta /usr/sbin/sendmail.postfix 
# postconf -e  mailbox_transport=\
lmtp:unix:/var/lib/imap/socket/lmtp
# /sbin/service sendmail stop
# /sbin/service postfix start

Now Have a Live Cyrus IMAP Server!

Managment Overview

cyradm is Command-Line Management Tool
/etc/cyrus.conf Start-up, Super-server, Scheduling, Like init, inetd, cron
/etc/imapd.conf Holds Configuration Parameters
Several Other Test and Data Store Utilities
Deleting Mailboxes

localhost> cm user.wcooley.test
localhost> dm user.wcooley.test
deletemailbox: Permission denied
localhost> sam user.wcooley.test cyrus c
localhost> dm user.wcooley.test

Access Control Lists

Use cyradm To Manage

deleteacl
setacl
listacl

l: Lookup (visible to LIST/LSUB/UNSEEN)
r: Read (SELECT, CHECK, FETCH, PARTIAL, SEARCH, COPY source)
s: Seen (STORE \SEEN)

Access Control Lists (Cont)

w: Write flags other than \SEEN and \DELETED
i: Insert (APPEND, COPY destination)
p: Post (send mail to mailbox)
c: Create and Delete mailbox (CREATE new sub-mailboxes, RENAME or DELETE mailbox)
d: Delete (STORE \DELETED, EXPUNGE)
a: Administer (SETACL)

Sieve Filtering

Write a Sieve Script

require [ "fileinto", "imapflags" ];
if header :contains "From" [ "billg@microsoft.com",
        "robinson-west.com" ] {
    addflag "\\Seen"; 
}
elsif header :contains "X-BeenThere" "plug-announce" {
    fileinto "INBOX.plug.announce";
}
elsif header :contains "X-BeenThere" "plug@" {
    fileinto "INBOX.plug";
}
elsif header :contains "X-BeenThere" "plug-*@" {
    fileinto "INBOX.plug.other";
}

Sieve Filtering (Cont)

Upload Script

$ sieveshell localhost
connecting to localhost
Please enter your password: 
> put sieve-script 
> ls
sieve-script 
> activate sieve-script
> ls
sieve-script  <- active script
> quit

Extension Delivery

"+" Recipient Delimiter in Most MTAs
Create Mailbox and Set ACL

localhost> setaclmailbox INBOX.plug \
    anonymous p
localhost> listaclmailbox INBOX.plug
anonymous p
wcooley lrswipcda

Messages for wcooley+plug@nakedape.cc Delivered Directly to INBOX.plug

Shared Mailboxes

Create Mailbox and Set ACLs

localhost> cm shared.announcements
localhost> lam shared.announcements
anyone lrs
localhost> sam shared.announcements \
    group:wcooley all
localhost> lam shared.announcements
group:wcooley lrswipcda
anyone lrs

Sometimes Need to Fiddle With MUAs Namespace Setting
postuser in /etc/imapd.conf Provides Extension-based Posting
Default "bb" (bb+shared.announcements@)
Some MTAs Can Even Post Directly!

Quotas

Use cyradm to Setup

localhost> setquota user.wcooley 10240
quota:10240
localhost> lq user.wcooley
 STORAGE 0/10240 (0%)

Use quotawarn or quotawarnkb in /etc/imapd.conf to Warn Users
Use lmtp_over_quota_perm_failure to Control Whether Messages Bounce or Are Held In MTA's Queue

Squatter Mailbox Indexing

Searching Large Mailboxes Is Nearly Instantaneous
Running Once Daily Is Enough
Messages Not Indexed Will Be Searched Directly

Add Entry to /etc/cyrus.conf

EVENTS {
  ...
  squatter cmd="squatter -s -r user" at=0200
  ...
}

MESD Installation

Eric Harrison, Multnomah Education Service District

1413 Mailboxes, 700-800 Concurrent Users
Hardware:

Dual 2.4GHz Xeons
2G RAM
Three 36G U320 SCSI Drives, Hardware RAID5

9695 Mailboxes, 700-800 Concurrent Users
Hardware:

Single Pentium III 1GHz
1GB RAM
Single 36G U160 SCSI Drive

OSU Installation

Andrew Morgan, Oregon State University

3500 Accounts, 300 Concurrent Users
250,000 Logins Daily, 7500 Users

Dual 2.8GHz Pentium 4
2GB RAM
Fourteen 73GB 15k drives, RAID 1+0.

Conclusion

Introduced IMAP and Cyrus IMAP
Quick Installation on Fedora Core 3
Overview of Mailbox Management, ACLs, Sieve, Quotas, Extension Delivery, Shared Mailboxes and Squatter.

April 2005

Introduction to Cyrus IMAP

Introduction to Cyrus IMAP

Wil Cooley <wcooley@nakedape.cc>>

Naked Ape Consulting, Ltd.

http://naked-ape.com

Summary

Introduction to IMAP

What is IMAP?

IMAP vs POP

Introduction to Cyrus IMAP

Background

Features of Cyrus IMAP

Features of Cyrus IMAP (Cont)

Problems with Cyrus IMAP

Quick Installation Example

Fedora Core 3

Quick Installation Example (Cont)

Managment Overview

Access Control Lists

Access Control Lists (Cont)

Sieve Filtering

Sieve Filtering (Cont)

Extension Delivery

Shared Mailboxes

Quotas

Squatter Mailbox Indexing

MESD Installation

Eric Harrison, Multnomah Education Service District

OSU Installation

Andrew Morgan, Oregon State University

Conclusion