GNU.WIKI: The GNU/Linux Knowledge Base

  [HOME] [HowTo] [ABS] [MAN1] [MAN2] [MAN3] [MAN4] [MAN5] [MAN6] [MAN7] [MAN8] [MAN9]


  Aurora Skarra-Gallagher (Community Vision)
  v1.3, 11 October 2000

  A comprehensive guide to installing, configuring, and running Cyrus
  Imap and Cyrus Sasl

  Table of Contents

  1. About this HOWTO

     1.1 Copyrights and Trademarks
     1.2 Feedback
     1.3 CHANGES
     1.4 Document Conventions

  2. Introduction to IMAP

     2.1 What is IMAP?
     2.2 IMAP vs. POP
     2.3 Cyrus IMAP vs. Washington IMAP

  3. Obtaining the Files

     3.1 Cyrus Imap Homepage
     3.2 Downloading the files

  4. Different SASL Authentication Methods

     4.1 sasldb
     4.2 LDAP
     4.3 PAM
     4.4 kerberos_v4

  5. Cyrus SASL

     5.1 Uncompress
     5.2 Building the files

  6. Cyrus IMAP Installation

     6.1 Uncompress
     6.2 A note on com_err.h
     6.3 Configure
     6.4 Adding the default user
     6.5 Building the files

  7. Cyrus IMAP Configuration

     7.1 Editing conf files
     7.2 Creating the necessary directories
     7.3 More configuration file editing
     7.4 If you use postfix instead of sendmail

  8. Cyrus IMAP Implementation

     8.1 Add the cyrus administrator
     8.2 Testing Cyrus IMAP
     8.3 Setting up users
     8.4 Delivery database pruning
     8.5 Finishing up

  9. Troubleshooting


  1.  About this HOWTO

  1.1.  Copyrights and Trademarks

  (c) 2000 Aurora Skarra-Gallagher

  This section was copied from the HOWTO-HOWTO:

  This manual may be reproduced in whole or in part, without fee,
  subject to the following restrictions:

  �  The copyright notice above and this permission notice must be
     preserved complete on all complete or partial copies

  �  Any translation or derived work must be approved by the author in
     writing before distribution.

  �  If you distribute this work in part, instructions for obtaining the
     complete version of this manual must be included, and a means for
     obtaining a complete version provided.

  �  Small portions may be reproduced as illustrations for reviews or
     quotes in other works without this permission notice if proper
     citation is given. Exceptions to these rules may be granted for
     academic purposes: Write to the author and ask. These restrictions
     are here to protect us as authors, not to restrict you as learners
     and educators. Any source code (aside from the SGML this document
     was written in) in this document is placed under the GNU General
     Public License, available via anonymous FTP from the GNU archive.

  1.2.  Feedback

  Comments (especially corrections) can be sent to <>

  1.3.  CHANGES

  �  v1.3: inetd.conf error fix, authentication information added, more
     troubleshooting info

  �  v1.2: SASL Config error fix, new postfix configuration, and
     database pruning (thanks, Jernej)

  �  v1.1: Fixed configuration file error and added IMAP
     information to the introduction.

  1.4.  Document Conventions

  �  Italics signifies a  directory

  �  This font signifies instructions to be ran at the command line

  2.  Introduction to IMAP

  2.1.  What is IMAP?

  This definition is from the High-Tech Dictionary

  Internet Message Access Protocol. A protocol that allows a user to
  perform certain electronic mail functions on a remote server rather
  than on a local computer. Through IMAP the user can create, delete, or
  rename mailboxes; get new messages; delete messages; and perform
  search functions on mail. A separate protocol is required for sending
  mail. Also called Internet Mail Access Protocol.

  2.2.  IMAP vs. POP

  IMAP allows the user to read email from many different locations and
  accounts because email folders are stored on the server, locally, at
  the home or the office, for instance. Even saved and read messages are
  stored on the IMAP server. POP only stores new unread messages on the
  server, and the read and saved messages are stored locally. To force
  POP to not delete email once it has been read can create many copies
  of the same email, creating a waste of space and confusion. However,
  IMAP is usually more complicated to set up. If you only have one email
  account, POP is most likely your best choice. If you want to access
  more than one account, from different locations, IMAP will probably
  serve you most efficiently.

  2.3.  Cyrus IMAP vs. Washington IMAP

  Cyrus has its own mailbox database which is standalone and increases
  performance, whereas Washington uses the stanard UNIX mailbox format,
  which was designed for a smaller set of users. Washington is portable
  to more UNIX and non-UNIX systems than Cyrus. The main difference is
  that with Cyrus, you don't have to add new users to your linux box
  (i.e. in /etc/passwd) to add new mail users, and with Washington, you

  3.  Obtaining the Files

  3.1.  Cyrus Imap Homepage

  The homepage is currently located at:

  3.2.  Downloading the files

  You will need both IMAP and SASL. Download the latest files here:

  Download cyrus-imapd-X.X.X.tar.gz and cyrus-sasl-X.X.X.tar.gz (where
  X.X.X is the latest release) into your temporary directory.

  I will use /temp as the directory I've uncompressed the files under
  for the rest of the examples.

  4.  Different SASL Authentication Methods

  4.1.  sasldb

  This is the default method of authentication. It stores usernames and
  passwords in the SASL secrets file sasldb. In this HOWTO, I assume you
  are using the sasldb method of authentication.

  4.2.  LDAP

  The following definition came from the OpenLDAP website. Lightweight
  Directory Access Protocol (LDAP) is an open-standard protocol for
  accessing information services. The protocol runs over Internet
  transport protocols, such as TCP, and can be used to access stand-
  alone directory servers or X.500 directories. This method isn't
  discussed in this HOWTO, but here is a link to a page with patches and
  4.3.  PAM

  Not enough info to document. Email me if you have some.

  4.4.  kerberos_v4

  Not enough info to document. Email me if you have some.

  5.  Cyrus SASL

  5.1.  Uncompress

  Here we untar and gunzip the file in a single step.

  1.  cd /temp

  2.  tar -zxvf cyrus-sasl-X.X.X.tar.gz

  3.  cd cyrus-sasl-X.X.X

  5.2.  Building the files

  For most purposes, the following set of instructions works fine. If
  you would like to examine the other configuration options, type
  ./configure --help | more

  1.  ./configure

  2.  make

  3.  make install

  If you don't want your password check to be the default sasldb, you
  must specify which one of PAM, kerberos_v4, passwd, shadow you wish to
  use. If PAM is the authentication you desire for example, you would

  ./configure --with-pwcheck_method=PAM

  instead of the ./configure line above

  6.  Cyrus IMAP Installation

  6.1.  Uncompress

  The following commands will tar and gunzip cyrus IMAP under /temp.

  1. cd /temp

  2. tar -zxvf tar/cyrus-imapd-1.6.24.tar.gz

  3. cd cyrus-imapd-1.6.24

  6.2.  A note on com_err.h

  When I tried to install cyrus IMAP, I got errors regarding the file
  com_err.h. My com_err.h was located in /usr/include/et. It needs to
  reside in /usr/include.  Run the following command to make sure it is
  in the correct location:

  locate com_err.h

  This will show you where the file is. If it is under /usr/include, you
  can skip to the next section. If it is in another directory, just copy
  it to /usr/include. If it doesn't exist, download it here:

  6.3.  Configure

   ./configure --with-auth=unix

  6.4.  Adding the default user

  Cyrus requires a user to own its files. The default user is cyrus. The
  following command adds a user cyrus with the group of "mail"

  useradd -g mail cyrus

  You'll want to set the password for user cyrus.

  passwd cyrus

  Type in the password you desire cyrus to have each time you are

  6.5.  Building the files

  1.  make depend

  2.  make all CFLAGS=-O

  3.  make install

  That's it! You're ready to configure Cyrus IMAP.

  7.  Cyrus IMAP Configuration

  7.1.  Editing conf files

  1. Edit /etc/syslog.conf and add the following lines at the bottom:

             local6.debug    /var/adm/imapd.log
             auth.debug      /var/adm/auth.log

  2. Edit a new file /etc/imapd.conf and place in it the following

             configdirectory: /var/imap
             partition-default: /var/spool/imap
             admins: cyrus root
             srvtab: /var/imap/srvtab
             allowanonymouslogin: no
             sasl_passwd_check: shadow

  If you don't want your password check to be the default sasldb, you
  must specify which one of PAM, kerberos_v4, passwd, shadow you wish to
  use. If PAM is the authentication you desire for example, you would

  sasl_passwd_check: pam

  instead of the line above

  7.2.  Creating the necessary directories

  This list of instructions will set up all the directories necessary
  for imap.

  1. mkdir /var/adm

  2. touch /var/adm/imapd.log /var/adm/auth.log

  3. mkdir /var/imap /var/spool/imap /var/imap/srvtab

  4. chown cyrus /var/imap /var/spool/imap /var/imap/srvtab

  5. chgrp mail /var/imap /var/spool/imap /var/imap/srvtab

  6. chmod 750 /var/imap /var/spool/imap /var/imap/srvtab

  7. su cyrus

  You are now the user cyrus. This is necessary for the files to have
  the correct owner and group.  Continue:

  1. tools/mkimap

  2. cd /var/imap

  3. chattr +S . user quota user/* quota/*

  4. chattr +S /var/spool/imap

  5. exit

  You are now root again. The last command:

  chattr +S /var/spool/mqueue

  7.3.  More configuration file editing

  1. Edit /etc/services and check for the following lines. If they do
     not exist, add them:

             pop3    110/tcp
             imap    143/tcp
             imsp    406/tcp
             kpop    1109/tcp
             sieve   2000/tcp

  2. Edit /etc/inetd.conf and comment out any imap and pop3 lines and
     add the following:

             imap    stream  tcp     nowait  cyrus   /usr/cyrus/bin/imapd    imapd
             pop3    stream  tcp     nowait  cyrus   /usr/cyrus/bin/pop3d    pop3d

  3. Edit /etc/ with care not to add extra spaces and add the
     following lines(do not copy and paste directly from this text as
     the tabs won't be added correctly):

       R$=N                   $: $#local $: $1
       R$=N < @ $=w . >       $: $#local $: $1
       Rbb + $+ < @ $=w . >   $#cyrusbb $: $1

  Use tabs to separate the data (i.e. R$=N has three tabs between it and
  $: $#local $: $1) Then run: m4 >

  4. Edit /etc/group and add the user daemon to the mail group.

  7.4.  If you use postfix instead of sendmail

  Postfix is a mail-deliver alternative to sendmail. Most linux
  installations use sendmail by default. If you use postfix, ignore
  configuration #3 from the last section and uncomment or add the
  following line in /etc/postfix/

  cyrus   unix    -       n       n       -       -       pipe    flags=R user=cyrus      argv=/usr/sbin/cyrdeliver -e -m ${extension} ${user}

  Also add or uncomment this line in /etc/postfix/

  local_transport = cyrus

  8.  Cyrus IMAP Implementation

  8.1.  Add the cyrus administrator

  Run the following command to set up a user for cyrus

  /usr/local/sbin/saslpasswd cyrus

  8.2.  Testing Cyrus IMAP

  1. killall -HUP inetd

  2. su cyrus

  3. imtest -m login -p imap localhost

  Enter your password. If you see something like:

          (L01 OK User logged in means you're in)

  Then the setup has been successful. Type

          . logout

  to log out.

  8.3.  Setting up users

  Still as the user cyrus, type the following commands. They will set up
  the mailbox(es) for each user. Fill in the username where you see the

  1. cyradm localhost

  2. cm user.joebob  (for all the user joebob)

  3. quit

  4. exit (back as root)

  Now as root, enter a password for each username

  saslpasswd (username)

  8.4.  Delivery database pruning

  If you don't periodically prune the database of deliveries, you can
  fill up your file system. Adding a cron job which will run once a day
  is one way to do this. That involves going to /etc/cron.daily and
  creating a file named cyrus-imapd. Inside that file, put the following
  two lines of code:

  su cyrus -s /bin/bash -c '/usr/cyrus/bin/deliver -E 3'

  Make this script executable by running: chmod 755 cyrus-imapd

  You should also create the deliverdb directory to store database files

  mkdir /var/imap/deliverdb

  8.5.  Finishing up

  Reboot the machine to make sure that everything has been restarted
  under the new configuration

  9.  Troubleshooting

  If you encounter any errors, you can do the following to view error

  1. tail /var/log/messages

  2. tail /var/adm/imapd.log

  3. killall sendmail && sendmail -bd -X /root/error.log (then read

  If you are having "virtual memory exhausted errors" when compiling,

  ulimit -d unlimited

  as root has been reported to work.

  All copyrights belong to their respective owners. Other site content (c) 2014, GNU.WIKI. Please report any site errors to