Hi all,
I have an almost running unified-configuration murder installation with 3
machines:
* backbox: backend
* unibox: fronend/backend in unified mode
* mupbox: mupdate master
It all looks like it's fine. when accessing unibox with an imap client, it
serves the mailbox if it is at unibox or proxies it if it's at backbox. So,
the unified config looks like it works, in terms of accessing the mailboxes.
But we are trying to be able to move mailboxes from backbox to unibox and
from unibox to backbox as well. Right now, if I issue a xfer command to
transfer a mailbox from unibox to backbox, it works flawlessly. But not
the other way around. If we try to move from backbox to unibox, it fails
with an error like:
backbox> xfer user.andy@xxxxxxxxxx unibox
xfermailbox: The remote Server(s) denied the operation
Sniffing the connection, there is a connect to the mupdate master as follows:
* AUTH "CRAM-MD5" "DIGEST-MD5" "LOGIN" "PLAIN"
* PARTIAL-UPDATE
* OK MUPDATE "mupbox" "Cyrus Murder" "v2.3.7" "(master)"
A01 AUTHENTICATE "PLAIN" {32+}
PASSWORD=
A01 OK "Authenticated"
X0 DEACTIVATE {23+}
domain.com!user.andy {13+}
backbox!default
X0 OK "done"
X1 ACTIVATE {23+}
domain.com!user.andy {13+}
backbox!default {31+}
andy@xxxxxxxxxxxxxxxxxxxxxxx
X1 OK "done"
and then, there's this connection to unibox' imap port:
* OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID MUPDATE=mupdate://mupbox/
AUTH=DIGEST-MD5 AUTH=CRAM-MD5 SASL-IR] unibox Cyrus IMAP4 (Murder) v2.3.7
server ready
C01 CAPABILITY
* CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID MUPDATE=mupdate://mupbox/
AUTH=DIGEST-MD5 AUTH=CRAM-MD5 SASL-IR ACL RIGHTS=kxte QUOTA NAMESPACE UIDPLUS
NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ
THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE
URLAUTH
C01 OK Completed
A01 AUTHENTICATE PLAIN PASSWORD==
A01 OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID MUPDATE=mupdate://mupbox/
LOGINDISABLED ACL RIGHTS=kxte QUOTA NAMESPACE UIDPLUS NO_ATOMIC_RENAME
UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE URLAUTH] Success (no
protection)
LC1 LOCALCREATE {23+}
user.andy@xxxxxxxxxx
LC1 NO Mailbox already exists
Q01 LOGOUT
* BYE LOGOUT received
Q01 OK Completed
The thing is that it is failing at the LOCALCREATE command because the mailbox
looks like it *exist* to cyrus, although it is not at that server
(unibox).
Having a look at the boxes, I've noticed that the mailboxes.db files contains
info as follows:
* mupbox[mupdate master] - contains all the mailboxes from backbox and unibox
* unibox(unified) - contains all the mailboxes from backbox and unibox
* backbox - contains only the mailboxes at backbox.
I guess this is the right way to do it because unibox is running an unified
config and it is running a slave mupdate process for its frontend section and
needs to know all this data, right? So then, why is it failing to move the
mailbox?
I think everything is right in terms of permissions. backbox logs in to
unibox as an admin, so there should be no problem with permissions at all,
i guess.
Any ideas? I am running out of them at this point.
Configuration files follows:
backbox -- cyrus.conf
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
START {
recover cmd="ctl_cyrusdb -r"
mupdatepush cmd="ctl_mboxlist -m"
}
# UNIX sockets start with a slash and are put into /var/imap/socket
SERVICES {
# add or remove based on preferences
#mupdate cmd="/opt/cyrus-imapd-2.3.7/bin/mupdate" listen=3905 prefork=1
imap cmd="imapd" listen="imap" prefork=0
imaps cmd="imapd -s" listen="imaps" prefork=0
pop3 cmd="pop3d" listen="pop3" prefork=0
pop3s cmd="pop3d -s" listen="pop3s" prefork=0
sieve cmd="timsieved" listen="sieve" prefork=0
lmtp cmd="lmtpd" listen="lmtp" prefork=0
}
EVENTS {
checkpoint cmd="ctl_cyrusdb -c" period=30
}
backbox -- imapd.conf
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
configdirectory: /var/imap
partition-default: /var/spool/imap
sasl_pwcheck_method: auxprop
sasl_mech_list: plain login CRAM-MD5 DIGEST-MD5
sasldb_path: /etc/sasldb2
sieve_admins: cyrus, golan
sievedir: /var/spool/sieve
virtdomains: yes
altnamespace: yes
allowallsubscribe: yes
allowusermoves: 1
admins: golan murder murder@xxxxxxxxxx golan@xxxxxxxxxx
# How to get to mupdate master server
mupdate_username: backend1
mupdate_password: Password
mupdate_server: mupbox
mupdate_port: 2004
mupdate_authname: backend1
mupdate_config: standard
unibox_mechs: PLAIN
proxy_authname: murder
unibox_password: Password
mupbox_mechs: PLAIN
mupbox_password: Password
force_sasl_client_mech: PLAIN
proxyservers: murder
allowpaintext: 1
unibox -- cyrus
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
START {
mboxlist cmd="ctl_cyrusdb -r"
mupdatepush cmd="ctl_mboxlist -m"
}
SERVICES {
mupdate cmd="/home/golan/cyrus-imapd-2.3.7/bin/mupdate" listen=2004
prefork=1
imap cmd="proxyd" listen="imap" prefork=1
pop3 cmd="pop3d" listen="pop3" prefork=0
kpop cmd="pop3d -k" listen="kpop" prefork=0
sieve cmd="timsieved" listen="2000" prefork=1
# fud
fud cmd="fud" listen="fud" prefork=0 proto="udp"
# relay mail correctly
lmtpunix cmd="lmtpproxyd" listen="/home/golan/var/imap/socket/lmtpproxy"
prefork=1
}
EVENTS {
checkpoint cmd="ctl_cyrusdb -c" period=5
}
unibox -- imapd.conf
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
configdirectory: /home/golan/var/imap
# DO NOT leave any SPACE at the end of any config setting
# ARGGGGGGGGGGGG
partition-default: /home/golan/var/spool/imap
sasl_pwcheck_method: auxprop
sasl_mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
sasldb_path: /home/golan/etc/sasldb2
force_sasl_client_mech: PLAIN
sieve_admins: cyrus, golan
sievedir: /home/golan/var/spool/sieve
virtdomains: yes
altnamespace: yes
allowallsubscribe: yes
allowusermoves: 1
backbox_mechs: PLAIN
unibox_mechs: PLAIN
# we don't want sieve referrrals
sieve_allowreferrals: 0
admins: golan backend1 murder unified1 golan@xxxxxxxxxx murder@xxxxxxxxxx
# How to get to the mupdate server (this machine)
mupdate_config: unified
mupdate_username: backend1
mupdate_password: Password
mupdate_server: mupbox
mupdate_port: 2004
mupdate_authname: backend1
# How to get to the backends
proxy_authname: murder
backbox_password: Password
unibox_password: Password
proxyservers: murder
syslog_prefix: unified
mupbox -- cyrus
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
START {
mboxlist cmd="ctl_cyrusdb -r"
}
SERVICES {
mupdate cmd="/home/golan/cyrus-imapd-2.3.7-mupdate/bin/mupdate -m"
listen=2004 prefork=1
}
EVENTS {
checkpoint cmd="ctl_cyrusdb -c" period=5
}
mupbox -- imapd.conf
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
configdirectory: /home/golan/var/imap
partition-default: /tmp # because it is not used
sasl_pwcheck_method: auxprop
sasl_mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
sasldb_path: /home/golan/etc/sasldb2
force_sasl_client_mech: PLAIN
auxprop_plugin: sasldb
virtdomains: yes
altnamespace: yes
allowallsubscribe: yes
backbox_mechs: PLAIN
unibox_mechs: PLAIN
# we don't want sieve referrrals
sieve_allowreferrals: 0
allowusermoves: 1
admins: golan backend1 backend1@xxxxxxxxxx # should I use box names here?
proxyservers: murder
proxy_authname: murder
backbox_password: Password
--
Jesus Roncero <jesus@xxxxxxxxxxxxx>
System Developer
Tel: +44 (0) 845 666 7778
http://www.mxtelecom.com
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
