book

Managing IMAP

by Dianna Mullet, Kevin Mullet

September 2000

Beginner

408 pages

10h 29m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Managing IMAP
Foreword
Preface
How This Book Is Organized
Conventions Used in This Book
Related Books
We’d Like to Hear From You
Acknowledgments
I. IMAP Fundamentals
1. The Internet Mail Model
What Is the Internet Mail Model?The Agents (MUA, MTA, MDA)MTAMDAMUAThe MailstoreThe Standards (RFC 822, MIME, SMTP/ESMTP, POP, IMAP)Formatting and encoding mailMail transferMail access
Why Follow the Internet Mail Model?

Examples
Mail RoutingExamples of AgentsMTAsMDAsMUAs
2. What Is IMAP?
IMAP in a Nutshell
IMAP’s Three Interaction Models
The Online ModelThe Offline ModelThe Disconnected Model
Why IMAP?
Host-Based EmailShared MailstoreProblems with shared mailstoresProprietary Mail SchemesStandardized Mail Access Protocols
IMAP and POP: A Comparison
POPIMAPIMAP Culture Versus POP CultureWhy Not Both POP and IMAP?Advantages of IMAPAppending to mailboxesMultiple mailbox supportRemote mailbox managementSupport for local mailboxesMailbox hierarchiesRemote mailboxes on multiple serversPersistent mailbox status flagsServer-initiated mailbox status updatesCompanion configuration protocolsIMAP extensionsPerformance advantagesIMAP supports non-email dataShared mailboxesFeature Breakdown
Present and Future of IMAP
Open Source Server Implementations
University of Washington IMAP ServerCarnegie Mellon University Cyrus IMAP Server
IMAP-Related Standards and Documents
3. Anatomy of an IMAP Session
IMAP Session ConceptsIMAP Is Line-OrientedStory of an IMAP Session
IMAP Components
ModesStatesMailboxesMessages
An IMAP Session Play-by-Play
A POP3 Session for Comparison
II. IMAP Mail User Agents (MUAs)
4. IMAP Clients
Client FeaturesFeatures Reviewed
PINE and PC PINE
FeaturesSupported PlatformsConfiguring PINE for IMAPPINE for UnixPC PINE
Star Mail
FeaturesClient-side filteringImport filtersRemote LDAP searchingAdvanced searchingPerformance enhancements for slow connectionsConfiguring Star Mail for IMAPConfiguring the IMAP optionsReading IMAP mail with Star Mail
Netscape Messenger
FeaturesSupports SSLFolders are stored on the IMAP serverPerforms well over slow connectionsSuperior LDAP supportSite customizationAlmost-there ACL supportConfiguring Netscape Messenger for IMAPConfiguring your preferencesReading your mailSubscribing to foldersExpunging your deleted mail
Outlook Express
FeaturesEase of useSupports SSLAdvanced searchingPerformance over slow connectionsConfigurationIf you’re running Outlook Express for the first time...If you can’t conjure up the Wizard...
Mulberry
FeaturesPerformanceSupport for site customizationQuota viewerIMSP and ACAP supportEncrypted authenticationFull IMAP supportConfiguring MulberryIndividual user configurationSite-wide configuration
Eudora
FeaturesEnhanced filtersAdvanced searchingPersonalitiesImport optionMultitaskingMessage viewing bells and whistlesCompose optionsOther featuresConfiguring Eudora
Other Clients
5. Web-Based IMAP Clients
What’s a Web-Based IMAP Client?
Why Use a Web-Based IMAP Client?
End-User Platform IndependenceGlobal AccessIntegration with Existing IMAP ServerCentralized AdministrationSecurityIntuitive and Friendly InterfaceLow Cost
Web IMAP Clients
A Note on PHPA Note on Server Platform
IMP
OverviewStrengths and WeaknessesStrengthsWeaknessesRequirementsHordePHPPHP-supporting web serverPerlAdministrationSite CustomizationExamplesFor Help with IMPIMP web siteMailing listsOverall Impressions
Mailspinner
OverviewStrengths and WeaknessesStrengthsWeaknessesRequirementsAdministrationSite CustomizationPersonalizationExamplesCompose messageLocale supportOverall Impressions
SilkyMail
OverviewStrengths and WeaknessesStrengthsWeaknessesRequirementsAdministrationSite CustomizationPersonalizationExamplesOverall Impressions
EMU 3
OverviewStrengths and WeaknessesStrengthsWeaknessesRequirementsAdministrationSite CustomizationPersonalizationExamplesOverall Impressions
WING
OverviewStrengths and WeaknessesStrengthsWeaknessesRequirements
III. The Cyrus IMAP Server
6. Introduction to the Cyrus IMAP Server
History of Cyrus
Cyrus Concepts and Features
The Cyrus Mailbox NamespaceThe Cyrus MailstoreCyrus FeaturesAccess controlShared folders and bulletin boardsMailstore partitioningStorage quotasQuota warningsQuotas and mail deliveryUsenet news integrationAuthentication
Cyrus Server Configuration
The imapd Server Configuration FileServer Configuration DirectorySpecial filesMailboxes fileLogging and process informationQuota rootThe delivered databaseMailbox subscriptions
The Future of Cyrus
Strengths and Weaknesses of Cyrus
When Is Cyrus the Right Choice?
7. Installing the Cyrus IMAP Server
Software Prerequisites
Hardware Note
Where to Get the Software
Supported Platforms
Installing Cyrus
Unpack the DistributionSetting Up Build-Time Configuration OptionsCompile and Install the Software
Upgrading from Previous Versions of Cyrus IMAP
Components of Cyrus and What They Do
Common Problems
Significant Bugs
8. Configuring the Cyrus Server
IMAP Configuration File and DirectoryThe Server Configuration File: imapd.confThe Configuration DirectoryOdds and Ends
Configuring the Authentication Mechanism
Cleartext Authentication with Shadow PasswordsSetting up cleartext authentication in Cyrus Version 1.5.19Setting up cleartext authentication in Version 1.6.22Kerberos Authentication
Configuring syslog
Configuring the MTA
The deliver MDAThe sendmail Configuration FileBuild the sendmail configuration fileTesting the sendmail configurationDuplicate delivery suppression and the delivered database maintenance
Getting Cyrus Up and Running
Testing Your Server
Check That the Server Is RunningTesting Cleartext Password AuthenticationTesting Kerberos Authentication
9. Cyrus System Administration
Cyrus System Administration with cyradmThe .cyradmrc File
Common Tasks
Listing MailboxesCreating a Mailbox or Adding a UserMailbox Access ControlThe setaclmailbox commandCommon examplesDeleting a Mailbox or Removing a UserManaging QuotasRenaming a User’s Account
Batch Account Maintenance with cyradm
Add New UsersRename an Account
Shared Folders and Bulletin Boards
Implementing Shared FoldersImplementing Bulletin BoardsA Word of Warning...
Mailstore Partitioning
Quota Maintenance
Disaster Recovery
Checkpoint Your mailboxes FileBack Up Your DataBe Prepared for More than One DisasterKeep Hard Copies of Your ConfigurationDisasters and Recovery StrategiesCorruption or inconsistency in the mailboxes fileCorruption in a user’s mailboxInconsistency in quotasLoss of a disk
Migration from Berkeley (Unix) Mailbox Format to Cyrus
How Do I Know My Mail Is Berkeley Format?IssuesUser-driven versus batch conversionDowntimeIt’s all or nothing!ToolsBackward compatibilityUser -Driven ConversionBatch Conversion: An Example and ToolsProcedureStep 1: Shut down imapd and sendmailStep 2: Create the new accountsStep 3: Create Cyrus mail foldersStep 4: Transfer messages from old inbox to new inboxStep 5: Transfer messages from old folders to Cyrus foldersStep 6: Reconstruct the new mailboxesStep 7: Restart imapd and sendmailBacking Out
Mail Forwarding and Filtering on a Black Box
ForwardingMigrating existing .forward files to aliases.forward supportServer -Side Mail Filtering with procmailThe global procmail rules filePersonal procmail rules fileSetting up the MTAServer -Side Filtering with CMU Sieve
Usenet Integration
Programs for News IntegrationConfiguring NewsCreate the news partitionSet up auxiliary databases
Troubleshooting
Testing the ServerUser cannot access mailboxesUser stops receiving mailUsers are unable to log in
Adding SSL Support to Cyrus
IV. The UW IMAP Server
10. Introduction to the UW IMAP Server
What Is UW IMAP?HistoryThe C-Client Library
UW’s Strengths
FlexibilityModularity
UW’s Limitations
No Support for IMAP QuotasNo Support for IMAP ACLsRelies Heavily on Unix
UW IMAP Concepts
Black Box and Clearbox ModelsUW IMAP NamespaceC-Client DriversAuthentication and Authenticator ModulesLogging
Does UW IMAP Match Your Needs?
11. Installing UW IMAP
Where Do You Get UW IMAP?Keeping CurrentWhat Systems Does It Support?What Hardware?What Else Do You Need?
What Do You Get with UW IMAP?
Important Documents
How Do You Install It?
Not Leaving Well Enough Alone...Monkeying with the MakefilesClobbering the Code
Where Can You Go for Help If You Get Stuck?
12. UW System Administration
General IssuesIMAP AlertsDisabling the mbox DriverAlternative Default Subdirectory for User MailboxesChanging Location of INBOXPermissionsMailbox Formats
Authentication
Disabling Plaintext PasswordsEnabling Anonymous LoginUsing PAM for Plaintext PasswordsCRAM-MD5Kerberos
Security
SSL and TLSPermissions on Files Under /tmpMail Spool Directory Permissions
UW IMAP Utilities
V. Other Topics
13. Addressing IMAP Security
Security ResourcesThe Computer Emergency Response Team/Coordination Center (CERT/CC)L0pht Heavy IndustriesComputer Incident Advisory CapabilityRootShellBugtraq and SecurityFocus.com
A Handful of Security Tips
TripwireSocial EngineeringThe Man-in-the-MiddleTCP WrappersBasic installationThe access files: /etc/hosts.allow and /etc/hosts.denyA Word Against Cleartext PasswordsSSLSSHEncrypted authentication: Kerberos and CRAMThe Core of the Problem
Monitoring Security
IP WatcherNetLogswatchNetwork Operations Center On-Line (NOCOL)
Boiling It All Down
14. Running a Dedicated Server
What’s a Dedicated Server?
Account Provisioning
A Web SolutionSecurityAuthenticationCGI Scripts for Common TasksChanging a passwordChecking disk quotaChecking IMAP quotas
Mission Restriction
Reducing Server Processes
The Ultimate in Dedicated Servers
15. Server-Side Mail Filtering
Why Filter on the Server?
Procmail
How Do You Install It?How Does It Work?Simple ExamplesRisks
Sieve
BackgroundScopeSieve ImplementationsSieve ExamplesSieve DocumentationSieve web siteIETF draftsMailing list and archives
To Filter or Not to Filter...
Silencing the BullhornWith Friends Like That...Loose Cannons and Processes
16. Server Performance Tuning
PlatformSize for Twice the Expected LoadRedundancy, Redundancy, Redundancy...Keep the Spaghetti on Your Plate...
I/O Subsystem Tuning
Disk InterfaceRAID versus standalone disksFilesystem TuningInode densityMinimum free space
Memory Tuning
How Much RAM Is Enough?Optimizing Swap Performance
Kernel and Network Driver Tuning
Diagnose the ProblemUsing netstat
How to Know When It’s Time to Scale Up
CPU UsageWhat is a heavy CPU load?How does one go about lightening the load?Physical Memory UsageI/O UsageNetworkingHow do you tell if your network is the bottleneck?
Running imapd: inetd Versus Standalone
Charting It Up for the Suits
17. Remote Configuration Storage
Why Store Client Configurations on a Server?Benefits of Centralized Configuration Storage
IMSP, ACAP, or LDAP?
IMSP
IMSP SpecificationCyrus IMSP ServerWhere to get IMSPHow to install and configure IMSPHow to run IMSPGetting helpIMSP Clients
ACAP
ACAP SpecificationACAP-related RFCs and draftsCyrus ACAP ServerWhere to get ACAPHow to install and configure ACAPHow to use ACAPWhere to get helpACAP Clients
18. IMAP Tools
IMAP Administration ToolsGeneral IMAP Server AdministrationIMAP-AdminPHP Cyrus-ToolsBalancing Users Across Cyrus Partitionsmove_imap_usersRunning Multiple Instances of Cyrus on a Single Machinecyrus-imapd-configfilesMethod 1: One IP, one port, multiple mailstoresMethod 2: Virtual IP per server
Authentication Tools
Authenticating Against a SQL Database (UW)getpg/UW-IMAPAuthenticating Against an SQL Database (Cyrus)Authcheckcyrus-sasl-mysql patchpwcheck_mysqlpwcheck_pgsqlAuthenticating Against an LDAP Directory (Cyrus)pwcheck_ldap
Monitoring and Testing Tools
SMTtcpflowtm: A Stress Tester
IMAP Clustering
BLUETAIL Mail RobustifierCyrus IMAP Aggregator
IMAP APIs
C-Client APIPerl APIsMail-IMAPClientNet-IMAP-SimpleNetxAPPHPJavaMail
VI. Appendixes
A. Conversion from Berkeley Mail Format to Cyrus: Tools
bsd2cyrus
createfolders
inboxfer
folderxfer
batchreconstruct
B. Adding SSL Support to IMAP
Get the SoftwareOpenSSLstunnel
Put It All Together
Install OpenSSLInstall stunnelCreate a CertificateModify ServicesListen for Secure IMAP ConnectionsRunning stunnel standaloneRunning stunnel out of inetd
C. IMAP Commands
Commands Valid in Any State
Commands Valid in the Non-authenticated State
Commands Valid in the Authenticated State
Commands Valid in the Selected State
Index
Colophon

Content preview from Managing IMAP

Mission Restriction

If you decide to bring up dedicated IMAP servers, there’s a short list of things you can do to help prepare your host and help focus its activities on the task at hand: IMAP. Primarily, these activities can be grouped together as limiting the number of server processes, eliminating or restricting non-administrative accounts, and reducing non-essential workload on the host.

Reducing Server Processes

Out of the box, your operating system probably supports a variety of services through the inetd superserver. None of those services is essential to the IMAP mission. In most cases, you can reduce your inetd services down to a single line in your configuration file that supports your particular IMAP service. If non-privileged users never log on to your mail host, you are somewhat freer to make assumptions about what kind of client software those users have. For example, assuming that:

Interactive logins, if allowed, are done via Secure Shell (SSH), and SSH runs as a standalone daemon, and
The MTA runs as standalone daemon, as does sendmail

then there’s little reason to have anything but a one-line inetd.conf file.

Once you’ve shaved down your inetd.conf file, send a HUP signal to it to refresh the active configuration. Then, use netstat to get a picture of what kinds of “listens” are still active on your machine. Here’s an example from a machine that hasn’t completely reduced its inetd.conf file yet (the output has been trimmed down with some filtering from egrep):

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 059600012XCatalog Page Errata

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Managing IMAP

by Dianna Mullet, Kevin Mullet

Mission Restriction

Reducing Server Processes

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

More than 5,000 organizations count on O’Reilly

Julian F.

Addison B.

Amir M.

Mark W.

You might also like

Why Sleep Is a Strategic Resource

What Successful Project Managers Do

PHP 8 Revealed: Use Attributes, the JIT Compiler, Union Types, and More for Web Development

The Three Traps That Stymie Reinvention

Publisher Resources

Mission Restriction

Reducing Server Processes

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

More than 5,000 organizations count on O’Reilly

Julian F.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.