You have to create /etc/imapd.conf and /etc/cyrus.conf
If you like to use sieve (a mail filtering language), you must change an entry in /etc/services. With SuSE 8.0 take especially care about the port for sieve, they defined the wrong port. Add or change the following lines:
pop3 110/tcp imap 143/tcp imaps 993/tcp pop3s 995/tcp sieve 2000/tcp |
Be sure »servername« contains your FQHN (Fully Qualified Hostname)
The parameter »unixhierarchysep: yes« is only used if you like to have usernames like »hans.mueller.somedomain.tld« see the Section called Configuring Web-cyradm for more info.
postmaster: postmaster configdirectory: /var/imap partition-default: /var/spool/imap # admins: cyrus # no admins! allowanonymouslogin: no allowplaintext: yes sasl_mech_list: PLAIN servername: servername autocreatequota: 10000 reject8bit: no quotawarn: 90 timeout: 30 poptimeout: 10 dracinterval: 0 drachost: localhost sasl_pwcheck_method: saslauthd sievedir: /usr/sieve sendmail: /usr/sbin/sendmail sieve_maxscriptsize: 32 sieve_maxscripts: 5 #unixhierarchysep: yes |
Be sure »servername« contains your FQHN (Fully Qualified Hostname)
The parameter »unixhierarchysep: yes« is only used if you like to have usernames like »hans.mueller.somedomain.tld« see the Section called Configuring Web-cyradm for more info.
This second file ensures, that admin users only can connect via localhost. Decide by yourself if this additional security feature is needed for your site.
postmaster: postmaster configdirectory: /var/imap partition-default: /var/spool/imap admins: cyrus allowanonymouslogin: no allowplaintext: yes sasl_mech_list: PLAIN servername: servername autocreatequota: 10000 reject8bit: no quotawarn: 90 timeout: 30 poptimeout: 10 dracinterval: 0 drachost: localhost sasl_pwcheck_method: saslauthd sievedir: /usr/sieve sendmail: /usr/sbin/sendmail sieve_maxscriptsize: 32 sieve_maxscripts: 5 #unixhierarchysep: yes |
If you want to enable Cyrus' TLS/SSL facilities, you have to create a certificate first. This requires an OpenSSL installation
openssl req -new -nodes -out req.pem -keyout key.pem openssl rsa -in key.pem -out new.key.pem openssl x509 -in req.pem -out ca-cert -req \ -signkey new.key.pem -days 999 mkdir /var/imap cp new.key.pem /var/imap/server.pem rm new.key.pem cat ca-cert >> /var/imap/server.pem chown cyrus:mail /var/imap/server.pem chmod 600 /var/imap/server.pem # Your key should be protected echo tls_ca_file: /var/imap/server.pem >> /etc/imapd.conf echo tls_cert_file: /var/imap/server.pem >> /etc/imapd.conf echo tls_key_file: /var/imap/server.pem >> /etc/imapd.conf |
The other file you need to create is /etc/cyrus.conf It is the configuration file for the Cyrus master process. It defines the startup procedures, services and events to be spawned by process »master«.
# standard standalone server implementation START { # do not delete this entry! recover cmd="ctl_cyrusdb -r" # this is only necessary if using idled for IMAP IDLE # idled cmd="idled" } # UNIX sockets start with a slash and are put into /var/imap/socket SERVICES { # add or remove based on preferences imap cmd="imapd" listen="192.168.0.1:imap" prefork=0 imaplocal cmd="imapd -C /etc/imapd-local.conf" listen="127.0.0.1:imap" prefork=0 imaps cmd="imapd -s" listen="192.168.0.1:imaps" prefork=0 imapslocal cmd="imapd -C /etc/imapd-local.conf" listen="127.0.0.1:imaps" prefork=0 pop3 cmd="pop3d" listen="pop3" prefork=0 pop3s cmd="pop3d -s" listen="pop3s" prefork=0 sieve cmd="timsieved" listen="192.168.0.1:sieve" prefork=0 sievelocal cmd="timsieved -C /etc/imapd-local.conf listen="127.0.0.1:sieve" prefork=0 # at least one LMTP is required for delivery # lmtp cmd="lmtpd" listen="lmtp" prefork=0 lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0 # this is only necessary if using notifications # notify cmd="notifyd" listen="/var/imap/socket/notify" proto="udp" prefork=1 } EVENTS { # this is required checkpoint cmd="ctl_cyrusdb -c" period=30 # this is only necessary if using duplicate delivery suppression delprune cmd="ctl_deliver -E 3" period=1440 # this is only necessary if caching TLS sessions tlsprune cmd="tls_prune" period=1440 } |
Please check your Systems IP address: In the example above the IP 192.168.0.1 is to be replaced with your systems external IP address.
There must be created different directories. Additionally you should change some attributes of the filesystem
cd /var mkdir imap chown cyrus:mail imap chmod 750 imap |
cd /var/spool mkdir imap chown cyrus:mail imap chmod 750 imap |
cd /usr mkdir sieve chown cyrus:mail sieve chmod 750 sieve |
The rest of the directories can be created by the tool mkimap
su - cyrus /usr/local/cyrus-imapd-2.1.12/tools/mkimap |
When using the ext2 filesystem, you must set an attribute, that defines, that all changes are immediately committed to the disk. With todays journaling filesystems there is no need. If you are still running ext2 filesystems, I strongly suggest to switch to ext3 filesystems. Ext2 and ext3 are fully compatible to each other.
To check what type of filesystem is used for /var issue the command mount or see your /etc/fstab. Please note that the /var could also be a part of the root or other filesystem.
cd /var/imap chattr +S user quota user/* quota/* chattr +S /var/spool/imap /var/spool/imap/* |