Setup Cyrus IMAP-Server on Ubuntu 10.

10 | Dirk groe Osterhues

http://www.grosseosterhues.com/2011/04/setup-cyrus-imap-server-on-...

>ome

About

Site

ap

!ublic log) selected documentation and brain dump

!osted by digo on April 34) "433

7o to comments

$eave a comment 546 C$I Tricks

This article describes the installation of Cyrus I A!-server v".". It #ill use SS$ for secure access and SAS$ for user authentication. %ollo#-up articles #ill e&plain ho# to add the '&im ( as TA) the I A! administrative management system *penmailadmin) the spamfilter SpamAssassin and +oundcube as the #ebfrontend to the I A!-server for the users.

Contents Necessary packages Activation of Saslauthd auth-daemon Configuration of /etc/cyrus.conf Configuration of /etc/imapd.conf Initial user creation

$aTe8 $inu& *pen/rt *S 8 Security Synology 1ncategori9ed

Necessary packages
In order to set up Cyrus I A!-server) some necessary packages have to be installed,
aptitude install cyrus-imapd-2.2 cyrus-common-2.2 sasl2-bin cyrus-admin-2.2 :ecember "43" August "43" %ebruary "43" :ecember "433 *ctober "433 September "433 August "433 # Should saslauthd run automatically on startup? (default: no) START=yes ;uly "433 April "433 arch "433 %ebruary "433 ;anuary "433 :ecember "434 November "434 *ctober "434 ;uly "434 ay "434 arch "434 %ebruary "434 ;anuary "434 idled cmd="idled" September "44< August "44< ;uly "44< ;une "44< # --- Normal cyrus spool, or Murder backends --# add or remove based on preferences #imap cmd="imapd -U 30" listen="localhost:imap" prefork=0 maxchild=100 imaps cmd="imapd -s -U 30" listen="imaps" prefork=0 maxchild=100 #pop3 cmd="pop3d -U 30" listen="pop3" prefork=0 maxchild=50 #pop3s cmd="pop3d -s -U 30" listen="pop3s" prefork=0 maxchild=50 #nntp cmd="nntpd -U 30" listen="nntp" prefork=0 maxchild=100 #nntps cmd="nntpd -s -U 30" listen="nntps" prefork=0 maxchild=100 arch "44< %ebruary "44< ;anuary "44=

Activation of Saslauthd auth-daemon

In order for saslauthd to start) the follo#ing line in /etc/default/saslauthd has to be set,

No#) start saslauthd,

service saslauthd start

Configuration of /etc/cyrus.conf
No#) open the file /etc/cyrus.conf in #hich some changes should be made. It is divided into three sections called START) S'+-IC'Sand'-'NTS.. /e start #ith I A! Idle. To enable it) uncomment the follo#ing line in the START section,

To activate secure I A! access and to disable NNT! the SERVICES section has to be set,

In the EVENTS section) #e #ant to enable the S01AT inde&es for mailbo&es) enabling significantly reduced search times,
# reindex changed mailboxes (fulltext) approximately every other hour squatter_1 cmd="/usr/bin/nice -n 19 /usr/sbin/squatter -s" period=120

Configuration of /etc/imapd.conf
In /etc/imapd.conf you first need to declare the cyrus2 admin user,
admins: cyrus

No#) define the authentication mechanism by setting sasl_mech_list and sasl_pwcheck_method,

sasl_mech_list: LOGIN PLAIN sasl_pwcheck_method: auxprop saslauthd sasl_auxprop_plugin: sasldb

To activate SS$ for secure I A! access) set the follo#ing variables and place your certificates and key accordingly,

1 sur 2

01/05/2013 01:31

Setup Cyrus IMAP-Server on Ubuntu 10.10 | Dirk groe Osterhues

http://www.grosseosterhues.com/2011/04/setup-cyrus-imap-server-on-...

tls_cert_file: tls_key_file: tls_ca_file:

/etc/ssl/certs/{your_server_name}.cert.pem /etc/ssl/private/{your_server_name}.key.pem /etc/ssl/{your_ca_chain}.pem

ake sure Cyrus can read the SS$ files by running this,
chmod 640 /etc/ssl/certs/{your_server_name}.cert.pem \ /etc/ssl/private/{your_server_name}.key.pem \ /etc/ssl/{your_ca_chain}.pem chown :mail /etc/ssl/certs/{your_server_name}.cert.pem \ /etc/ssl/private/{your_server_name}.key.pem \ /etc/ssl/{your_ca_chain}.pem

Also in this file) the I A! Idle functionality has to be set defining idlemethod,
idlemethod: idled

Activate your setting by restarting the Cyrus daemon,

service cyrus2.2 restart

Initial user creation

%irst) create an inital SAS$ pass#ord in order to enable cyrus2 administrative user,
saslpasswd2 -c cyrus

No#) authenticate yourself as the user cyrus to cyradm #ith the previous pass#ord,
cyradm --user cyrus localhost

As user cyrus in cyradm) you may do maintenance tasks like creating a ne# user,
cm user.{username}

Test your authentication by running,

testsaslauthd -u username -p password

If that #orked) you may no# connect to your ne# I A! account by accessing your server on port <<? and using the set username and pass#ord as authentication.
$inu&

Install Transmission in 1buntu 34.34 from !!A

igrate I A! Accounts from one Server to another

NA ' ' AI$ /ebsite 1+$

SUBMIT

Copyright @ "43? :irk groAe *sterhues B !o#ered by /ord!ress B Theme 9Cench

D Top

2 sur 2

01/05/2013 01:31