November 17, 2007

Restoring mailboxes to Cyrus and CRLF

I had to restore some Maildir-style mailboxes from an old Courier IMAP server to a newish Cyrus IMAP server. There’s not much to it, and this is well documented elsewhere, but basically you can copy the files in (I don’t know if they need to be named like 123. like Cyrus does by default), make sure permissions are right (and SELinux, if applicable), and invoke some combinations of reconstruct.

I did hit a few gotchas though:

  • Like I said above, don’t forget to restorecon -Rv on the restored files if you’re on a system with SELinux enabled.
  • If you have mailboxes, particularly folders underneath the inbox, you may need to invoke reconstruct with -p default. This registers them in mailboxes.db, I guess? It makes them show up in lm from cyradm which can’t be bad.
  • Related to the above, I don’t think reconstruct will believe a directory is a mailbox unless there is a cyrus.header file in it. Just touch cyrus.header was enough for me. (I was calling reconstruct -p default -xrf BTW; I don’t know if, for example, -x makes it rewrite cyrus.header to have valid/meaningful contents. It should be non-empty, I believe.)
  • Finally, Courier’s messages all just used a line feed for line endings. Cyrus demands DOS-style CRLF for line endings. Symptom for this: bringing up the message index (in Mutt, at least) goes much, much slower than it should. I believe this happens because too much information gets put in the Cyrus header/cache files. (Use the mbexamine program and you’ll see lots of weird information in the “headers” I think.) Fixing this for me was as simple as running unix2dos over the files (and then fixing permissions; I should have done sudo -u cyrus unix2dos [0-9]*. instead of just running unix2dos as root.)
November 1, 2007

Letting Cyrus’ Sieve send e-mail on CentOS 5

Problem: sieve rules like redirect (A.K.A. forward) don’t work on CentOS 5. You see things in the logs like:

Oct 29 17:15:52 gateway lmtpunix[26948]: sieve runtime error for
someone@example.com id <blahlblahasdlahd@as987da97da987ads7>:
Vacation: Sendmail process terminated normally, exit status 75

Nov  1 00:47:10 gateway lmtpunix[30206]: FATAL: couldn't exec() sendmail

Explanation: SELinux is preventing Cyrus from running sendmail.

Solution:

  1. Install the selinux-policy-devel package.
  2. Jam this in local_cyrus.te:

    policy_module(local_cyrus, 1.0.3)
    
    
    require {
            type cyrus_t;
    };
    
    
    corecmd_exec_sbin(cyrus_t)
    mta_send_mail(cyrus_t)
    
  3. make -f /usr/share/selinux/devel/Makefile local_cyrus.pp

  4. semodule --install local_cyrus.pp

Now Cyrus should be able to run sendmail.

WARNING: this may allow Cyrus to do more than it should be able to. I’m hardly an SELinux expert.