-
Notifications
You must be signed in to change notification settings - Fork 178
CyrusImap
The Cyrus Electronic Mail Project is continuing to build a highly scalable enterprise mail system designed for use in a small to large enterprise environments using standards based technologies. The Cyrus technologies will scale from independent use in small departments to a system centrally managed in a large enterprise.
The major item of interest to Exim users is the Cyrus Imap server, which can be integrated with an exim MTA.
- `Cyrus Project`_
- `Cyrus Imap Server`_
- Cyrus Wiki
- Cyrus-IMAP virtual domains
Based on information provided by Andrzej Filip in "Real Time Cyrus and Exim Integration" and copied into here.
Original e-mail announcement to exim-users mailing list.
Make cyrus wait for unauthenticated lmtp connections over TCP on local interface. In cyrus.conf add:-
SERVICES {
...
lmtp cmd="lmtpd -a" listen="127.0.0.1:lmtp" prefork=0
}
Without "-a" lmtp requires authentication for LMTP over TCP (Exim does
not support callouts over UNIX sockets). If your /etc/services files
does not define lmtp service (2003/tcp) then use
listen="127.0.0.1:2003"
Define cyrus_domains domainlist to list all virtual domains handled by your cyrus.
domainlist cyrus_domains = example.net : example.com : example.org
The best place is just before (or just after) "domainlist local_domains =" line.
Define cyrus_ltcp (cyrus local tcp) transport in transports section.
cyrus_ltcp:
driver = smtp
protocol = lmtp
hosts = localhost
allow_localhost
(Note, be cautious about localhost if your server has IPv6, if LMTP is only listening on IP4, you MUST specify hosts = 127.0.0.1 instead of localhost, unless you have set it up otherwise. On my new server localhost resolves to ::1).
It will deliver messages to lmtp port at localhost using lmtp protocol. If your /etc/services files does not define lmtp service (2003/tcp) then add the following line to the file
port = 2003
Insert cyrus_vdom router as first routers section
cyrus_vdom:
driver = accept
domains = +cyrus_domains
transport = cyrus_ltcp
no_more
It will select cyrus_lmtp transport for all addresses in cyrus_domains domains.
Add checking validity of addresses in cyrus virtual domain in acl_check_rcpt section. I have added the lines just after "accept hosts = :" line [skipping tests for SMTP not over TCP/IP (local)].
# Reject "faked" envelope sender addresses in cyrus domains
deny sender_domains = +cyrus_domains
message = Sender unknown/invalid
!verify = sender/callout=defer_ok,5s
# Accept valid (and reject invalid) envelope recipient adresses in cyrus domains
accept domains = +cyrus_domains
endpass
message = ${if match{$acl_verify_message}\
{\N(?m)^\d{3} (\d\.\d\.\d .{0,120})\Z\N} \
{IMAP said: $1}{Recipient unknown/invalid}}
verify = recipient/callout=random,5s
defer_ok makes exim accpet messages when cyrus in unavailable. 30s defines timeout for callout connection attempts. The strange looking message is supposed to provide Cyrus-IMAP's reply to failed "RCPT TO:" in Exim's reply to "RCPT TO:".
If you are getting the message (in exim4/mainlog
)
Could not complete recipient verify callout
use hosts = your.host.name
instead of hosts = localhost
in the
transport. You might also have to adjust the hostname in the
cyrus.conf
accordingly. Try telnet your.host.name lmtp
to see if you
can still connect to it.
- making Exim capable to do LMTP callouts via UNIX socket
- making Exim support "socket map" protocol supported by Cyrus-IMAP (and sendmail).