Setup Cyrus IMAP-Server on Ubuntu 10.

This article describes the installation of Cyrus I A!-server v".". It #ill use SS$ for secure access and SAS$ for user authentication. %ollo#-up articles #ill e&plain ho# to add the '&im ( as TA) the I A! administrative management system *penmailadmin) the spamfilter SpamAssassin and +oundcube as the #ebfrontend to the I A!-server for the users.

Contents Necessary packages Activation of Saslauthd auth-daemon Configuration of /etc/cyrus.conf Configuration of /etc/imapd.conf Initial user creation

Necessary packages
In order to set up Cyrus I A!-server) some necessary packages have to be installed,
aptitude install cyrus-imapd-2.2 cyrus-common-2.2 sasl2-bin cyrus-admin-2.2

Activation of Saslauthd auth-daemon

In order for saslauthd to start) the follo#ing line in /etc/default/saslauthd has to be set,

No#) start saslauthd,

service saslauthd start

Configuration of /etc/cyrus.conf
No#) open the file /etc/cyrus.conf in #hich some changes should be made. It is divided into three sections called START) S'+-IC'Sand'-'NTS.. /e start #ith I A! Idle. To enable it) uncomment the follo#ing line in the START section,

To activate secure I A! access and to disable NNT! the SERVICES section has to be set,

In the EVENTS section) #e #ant to enable the S01AT inde&es for mailbo&es) enabling significantly reduced search times,
# reindex changed mailboxes (fulltext) approximately every other hour squatter_1 cmd="/usr/bin/nice -n 19 /usr/sbin/squatter -s" period=120

Configuration of /etc/imapd.conf
In /etc/imapd.conf you first need to declare the cyrus2 admin user,
admins: cyrus

No#) define the authentication mechanism by setting sasl_mech_list and sasl_pwcheck_method,

sasl_mech_list: LOGIN PLAIN sasl_pwcheck_method: auxprop saslauthd sasl_auxprop_plugin: sasldb

To activate SS$ for secure I A! access) set the follo#ing variables and place your certificates and key accordingly,

tls_cert_file: tls_key_file: tls_ca_file:

/etc/ssl/certs/{your_server_name}.cert.pem /etc/ssl/private/{your_server_name}.key.pem /etc/ssl/{your_ca_chain}.pem

ake sure Cyrus can read the SS$ files by running this,
chmod 640 /etc/ssl/certs/{your_server_name}.cert.pem \ /etc/ssl/private/{your_server_name}.key.pem \ /etc/ssl/{your_ca_chain}.pem chown :mail /etc/ssl/certs/{your_server_name}.cert.pem \ /etc/ssl/private/{your_server_name}.key.pem \ /etc/ssl/{your_ca_chain}.pem

Also in this file) the I A! Idle functionality has to be set defining idlemethod,
idlemethod: idled

Activate your setting by restarting the Cyrus daemon,

service cyrus2.2 restart

Initial user creation

%irst) create an inital SAS$ pass#ord in order to enable cyrus2 administrative user,
saslpasswd2 -c cyrus

No#) authenticate yourself as the user cyrus to cyradm #ith the previous pass#ord,
cyradm --user cyrus localhost

As user cyrus in cyradm) you may do maintenance tasks like creating a ne# user,
cm user.{username}

Test your authentication by running,

testsaslauthd -u username -p password

If that #orked) you may no# connect to your ne# I A! account by accessing your server on port <<? and using the set username and pass#ord as authentication.

You might also like