Cover image for Managing IMAP

Book description

Virtually everything--not just computers, but every kind of device--is coming on board the Internet, and the two principal applications are the World Wide Web and email. The POP3 model for online-only messaging is being taxed to its limit, and users clearly would like mail servers with more "oomph." More specifically, the demand is for email servers that take advantage of centralized resources to manage mail, rather than heap more tasks on end-user computers. This clamor has resulted in the IMAP protocol being incorporated into virtually every major email server on the market. Those who haven't already installed IMAP are probably planning to do so. Managing IMAP is a movable feast of IMAP help. It is a handy guide for everyday tasks common to most IMAP servers as well as a concise reference to help navigate the sometimes sparsely and obtusely documented open source software. Whether the goal is more insight into the IMAP server and client or utility software, or big-picture strategic suggestions to get off a legacy system, Managing IMAP is here to help. This book is both a conceptual and a mechanical IMAP road map. Managers, system integrators, and system administrators on the front lines of Internet messaging will find it a valuable tool for IMAP system provision, maintenance and support. It is also useful if you're considering IMAP for your messaging system. Managing IMAP covers the IMAP protocol, setting up a client, IMAP security, performance monitoring, and tools. Several chapters are devoted specifically to two of the most popular servers: the University of Washington server and Cyrus, and detailed appendixes cover topics such as TCL, procmail, Sieve, and sendmail.

Table of Contents

  1. Managing IMAP
    1. Foreword
    2. Preface
      1. How This Book Is Organized
      2. Conventions Used in This Book
      3. Related Books
      4. We’d Like to Hear From You
      5. Acknowledgments
    3. I. IMAP Fundamentals
      1. 1. The Internet Mail Model
        1. What Is the Internet Mail Model?
          1. The Agents (MUA, MTA, MDA)
            1. MTA
            2. MDA
            3. MUA
          2. The Mailstore
          3. The Standards (RFC 822, MIME, SMTP/ESMTP, POP, IMAP)
            1. Formatting and encoding mail
            2. Mail transfer
            3. Mail access
        2. Why Follow the Internet Mail Model?
        3. Examples
          1. Mail Routing
          2. Examples of Agents
            1. MTAs
            2. MDAs
            3. MUAs
      2. 2. What Is IMAP?
        1. IMAP in a Nutshell
        2. IMAP’s Three Interaction Models
          1. The Online Model
          2. The Offline Model
          3. The Disconnected Model
        3. Why IMAP?
          1. Host-Based Email
          2. Shared Mailstore
            1. Problems with shared mailstores
          3. Proprietary Mail Schemes
          4. Standardized Mail Access Protocols
        4. IMAP and POP: A Comparison
          1. POP
          2. IMAP
          3. IMAP Culture Versus POP Culture
          4. Why Not Both POP and IMAP?
          5. Advantages of IMAP
            1. Appending to mailboxes
            2. Multiple mailbox support
            3. Remote mailbox management
            4. Support for local mailboxes
            5. Mailbox hierarchies
            6. Remote mailboxes on multiple servers
            7. Persistent mailbox status flags
            8. Server-initiated mailbox status updates
            9. Companion configuration protocols
            10. IMAP extensions
            11. Performance advantages
            12. IMAP supports non-email data
            13. Shared mailboxes
          6. Feature Breakdown
        5. Present and Future of IMAP
        6. Open Source Server Implementations
          1. University of Washington IMAP Server
          2. Carnegie Mellon University Cyrus IMAP Server
        7. IMAP-Related Standards and Documents
      3. 3. Anatomy of an IMAP Session
        1. IMAP Session Concepts
          1. IMAP Is Line-Oriented
          2. Story of an IMAP Session
        2. IMAP Components
          1. Modes
          2. States
          3. Mailboxes
          4. Messages
        3. An IMAP Session Play-by-Play
          1. A POP3 Session for Comparison
    4. II. IMAP Mail User Agents (MUAs)
      1. 4. IMAP Clients
        1. Client Features
          1. Features Reviewed
        2. PINE and PC PINE
          1. Features
          2. Supported Platforms
          3. Configuring PINE for IMAP
            1. PINE for Unix
            2. PC PINE
        3. Star Mail
          1. Features
            1. Client-side filtering
            2. Import filters
            3. Remote LDAP searching
            4. Advanced searching
            5. Performance enhancements for slow connections
          2. Configuring Star Mail for IMAP
            1. Configuring the IMAP options
            2. Reading IMAP mail with Star Mail
        4. Netscape Messenger
          1. Features
            1. Supports SSL
            2. Folders are stored on the IMAP server
            3. Performs well over slow connections
            4. Superior LDAP support
            5. Site customization
            6. Almost-there ACL support
          2. Configuring Netscape Messenger for IMAP
            1. Configuring your preferences
            2. Reading your mail
            3. Subscribing to folders
            4. Expunging your deleted mail
        5. Outlook Express
          1. Features
            1. Ease of use
            2. Supports SSL
            3. Advanced searching
            4. Performance over slow connections
          2. Configuration
            1. If you’re running Outlook Express for the first time...
            2. If you can’t conjure up the Wizard...
        6. Mulberry
          1. Features
            1. Performance
            2. Support for site customization
            3. Quota viewer
            4. IMSP and ACAP support
            5. Encrypted authentication
            6. Full IMAP support
          2. Configuring Mulberry
            1. Individual user configuration
            2. Site-wide configuration
        7. Eudora
          1. Features
            1. Enhanced filters
            2. Advanced searching
            3. Personalities
            4. Import option
            5. Multitasking
            6. Message viewing bells and whistles
            7. Compose options
            8. Other features
          2. Configuring Eudora
        8. Other Clients
      2. 5. Web-Based IMAP Clients
        1. What’s a Web-Based IMAP Client?
        2. Why Use a Web-Based IMAP Client?
          1. End-User Platform Independence
          2. Global Access
          3. Integration with Existing IMAP Server
          4. Centralized Administration
          5. Security
          6. Intuitive and Friendly Interface
          7. Low Cost
        3. Web IMAP Clients
          1. A Note on PHP
          2. A Note on Server Platform
        4. IMP
          1. Overview
          2. Strengths and Weaknesses
            1. Strengths
            2. Weaknesses
          3. Requirements
            1. Horde
            2. PHP
            3. PHP-supporting web server
            4. Perl
          4. Administration
          5. Site Customization
          6. Examples
          7. For Help with IMP
            1. IMP web site
            2. Mailing lists
          8. Overall Impressions
        5. Mailspinner
          1. Overview
          2. Strengths and Weaknesses
            1. Strengths
            2. Weaknesses
          3. Requirements
          4. Administration
          5. Site Customization
          6. Personalization
          7. Examples
            1. Compose message
            2. Locale support
          8. Overall Impressions
        6. SilkyMail
          1. Overview
          2. Strengths and Weaknesses
            1. Strengths
            2. Weaknesses
          3. Requirements
          4. Administration
          5. Site Customization
          6. Personalization
          7. Examples
          8. Overall Impressions
        7. EMU 3
          1. Overview
          2. Strengths and Weaknesses
            1. Strengths
            2. Weaknesses
          3. Requirements
          4. Administration
          5. Site Customization
          6. Personalization
          7. Examples
          8. Overall Impressions
        8. WING
          1. Overview
          2. Strengths and Weaknesses
            1. Strengths
            2. Weaknesses
          3. Requirements
    5. III. The Cyrus IMAP Server
      1. 6. Introduction to the Cyrus IMAP Server
        1. History of Cyrus
        2. Cyrus Concepts and Features
          1. The Cyrus Mailbox Namespace
          2. The Cyrus Mailstore
          3. Cyrus Features
            1. Access control
            2. Shared folders and bulletin boards
            3. Mailstore partitioning
            4. Storage quotas
              1. Quota warnings
              2. Quotas and mail delivery
            5. Usenet news integration
          4. Authentication
        3. Cyrus Server Configuration
          1. The imapd Server Configuration File
          2. Server Configuration Directory
            1. Special files
            2. Mailboxes file
            3. Logging and process information
            4. Quota root
            5. The delivered database
            6. Mailbox subscriptions
        4. The Future of Cyrus
        5. Strengths and Weaknesses of Cyrus
        6. When Is Cyrus the Right Choice?
      2. 7. Installing the Cyrus IMAP Server
        1. Software Prerequisites
        2. Hardware Note
        3. Where to Get the Software
        4. Supported Platforms
        5. Installing Cyrus
          1. Unpack the Distribution
          2. Setting Up Build-Time Configuration Options
          3. Compile and Install the Software
        6. Upgrading from Previous Versions of Cyrus IMAP
        7. Components of Cyrus and What They Do
        8. Common Problems
        9. Significant Bugs
      3. 8. Configuring the Cyrus Server
        1. IMAP Configuration File and Directory
          1. The Server Configuration File: imapd.conf
          2. The Configuration Directory
          3. Odds and Ends
        2. Configuring the Authentication Mechanism
          1. Cleartext Authentication with Shadow Passwords
            1. Setting up cleartext authentication in Cyrus Version 1.5.19
            2. Setting up cleartext authentication in Version 1.6.22
          2. Kerberos Authentication
        3. Configuring syslog
        4. Configuring the MTA
          1. The deliver MDA
          2. The sendmail Configuration File
            1. Build the sendmail configuration file
            2. Testing the sendmail configuration
            3. Duplicate delivery suppression and the delivered database maintenance
        5. Getting Cyrus Up and Running
        6. Testing Your Server
          1. Check That the Server Is Running
          2. Testing Cleartext Password Authentication
          3. Testing Kerberos Authentication
      4. 9. Cyrus System Administration
        1. Cyrus System Administration with cyradm
          1. The .cyradmrc File
        2. Common Tasks
          1. Listing Mailboxes
          2. Creating a Mailbox or Adding a User
          3. Mailbox Access Control
            1. The setaclmailbox command
            2. Common examples
          4. Deleting a Mailbox or Removing a User
          5. Managing Quotas
          6. Renaming a User’s Account
        3. Batch Account Maintenance with cyradm
          1. Add New Users
          2. Rename an Account
        4. Shared Folders and Bulletin Boards
          1. Implementing Shared Folders
          2. Implementing Bulletin Boards
          3. A Word of Warning...
        5. Mailstore Partitioning
        6. Quota Maintenance
        7. Disaster Recovery
          1. Checkpoint Your mailboxes File
          2. Back Up Your Data
          3. Be Prepared for More than One Disaster
          4. Keep Hard Copies of Your Configuration
          5. Disasters and Recovery Strategies
            1. Corruption or inconsistency in the mailboxes file
            2. Corruption in a user’s mailbox
            3. Inconsistency in quotas
            4. Loss of a disk
        8. Migration from Berkeley (Unix) Mailbox Format to Cyrus
          1. How Do I Know My Mail Is Berkeley Format?
          2. Issues
            1. User-driven versus batch conversion
            2. Downtime
            3. It’s all or nothing!
            4. Tools
            5. Backward compatibility
          3. User -Driven Conversion
          4. Batch Conversion: An Example and Tools
          5. Procedure
            1. Step 1: Shut down imapd and sendmail
            2. Step 2: Create the new accounts
            3. Step 3: Create Cyrus mail folders
            4. Step 4: Transfer messages from old inbox to new inbox
            5. Step 5: Transfer messages from old folders to Cyrus folders
            6. Step 6: Reconstruct the new mailboxes
            7. Step 7: Restart imapd and sendmail
          6. Backing Out
        9. Mail Forwarding and Filtering on a Black Box
          1. Forwarding
            1. Migrating existing .forward files to aliases
            2. .forward support
          2. Server -Side Mail Filtering with procmail
            1. The global procmail rules file
            2. Personal procmail rules file
            3. Setting up the MTA
          3. Server -Side Filtering with CMU Sieve
        10. Usenet Integration
          1. Programs for News Integration
          2. Configuring News
            1. Create the news partition
            2. Set up auxiliary databases
        11. Troubleshooting
          1. Testing the Server
            1. User cannot access mailboxes
            2. User stops receiving mail
            3. Users are unable to log in
        12. Adding SSL Support to Cyrus
    6. IV. The UW IMAP Server
      1. 10. Introduction to the UW IMAP Server
        1. What Is UW IMAP?
          1. History
          2. The C-Client Library
        2. UW’s Strengths
          1. Flexibility
          2. Modularity
        3. UW’s Limitations
          1. No Support for IMAP Quotas
          2. No Support for IMAP ACLs
          3. Relies Heavily on Unix
        4. UW IMAP Concepts
          1. Black Box and Clearbox Models
          2. UW IMAP Namespace
          3. C-Client Drivers
          4. Authentication and Authenticator Modules
          5. Logging
        5. Does UW IMAP Match Your Needs?
      2. 11. Installing UW IMAP
        1. Where Do You Get UW IMAP?
          1. Keeping Current
          2. What Systems Does It Support?
          3. What Hardware?
          4. What Else Do You Need?
        2. What Do You Get with UW IMAP?
          1. Important Documents
        3. How Do You Install It?
          1. Not Leaving Well Enough Alone...
          2. Monkeying with the Makefiles
          3. Clobbering the Code
        4. Where Can You Go for Help If You Get Stuck?
      3. 12. UW System Administration
        1. General Issues
          1. IMAP Alerts
          2. Disabling the mbox Driver
          3. Alternative Default Subdirectory for User Mailboxes
          4. Changing Location of INBOX
          5. Permissions
          6. Mailbox Formats
        2. Authentication
          1. Disabling Plaintext Passwords
          2. Enabling Anonymous Login
          3. Using PAM for Plaintext Passwords
          4. CRAM-MD5
          5. Kerberos
        3. Security
          1. SSL and TLS
          2. Permissions on Files Under /tmp
          3. Mail Spool Directory Permissions
        4. UW IMAP Utilities
    7. V. Other Topics
      1. 13. Addressing IMAP Security
        1. Security Resources
          1. The Computer Emergency Response Team/Coordination Center (CERT/CC)
          2. L0pht Heavy Industries
          3. Computer Incident Advisory Capability
          4. RootShell
          5. Bugtraq and SecurityFocus.com
        2. A Handful of Security Tips
          1. Tripwire
          2. Social Engineering
          3. The Man-in-the-Middle
          4. TCP Wrappers
            1. Basic installation
            2. The access files: /etc/hosts.allow and /etc/hosts.deny
          5. A Word Against Cleartext Passwords
            1. SSL
            2. SSH
            3. Encrypted authentication: Kerberos and CRAM
          6. The Core of the Problem
        3. Monitoring Security
          1. IP Watcher
          2. NetLog
          3. swatch
          4. Network Operations Center On-Line (NOCOL)
        4. Boiling It All Down
      2. 14. Running a Dedicated Server
        1. What’s a Dedicated Server?
        2. Account Provisioning
          1. A Web Solution
            1. Security
            2. Authentication
          2. CGI Scripts for Common Tasks
            1. Changing a password
            2. Checking disk quota
            3. Checking IMAP quotas
        3. Mission Restriction
          1. Reducing Server Processes
        4. The Ultimate in Dedicated Servers
      3. 15. Server-Side Mail Filtering
        1. Why Filter on the Server?
        2. Procmail
          1. How Do You Install It?
          2. How Does It Work?
          3. Simple Examples
          4. Risks
        3. Sieve
          1. Background
          2. Scope
          3. Sieve Implementations
          4. Sieve Examples
          5. Sieve Documentation
            1. Sieve web site
            2. IETF drafts
            3. Mailing list and archives
        4. To Filter or Not to Filter...
          1. Silencing the Bullhorn
          2. With Friends Like That...
          3. Loose Cannons and Processes
      4. 16. Server Performance Tuning
        1. Platform
          1. Size for Twice the Expected Load
          2. Redundancy, Redundancy, Redundancy...
          3. Keep the Spaghetti on Your Plate...
        2. I/O Subsystem Tuning
          1. Disk Interface
            1. RAID versus standalone disks
          2. Filesystem Tuning
            1. Inode density
            2. Minimum free space
        3. Memory Tuning
          1. How Much RAM Is Enough?
          2. Optimizing Swap Performance
        4. Kernel and Network Driver Tuning
          1. Diagnose the Problem
            1. Using netstat
        5. How to Know When It’s Time to Scale Up
          1. CPU Usage
            1. What is a heavy CPU load?
            2. How does one go about lightening the load?
          2. Physical Memory Usage
          3. I/O Usage
          4. Networking
            1. How do you tell if your network is the bottleneck?
        6. Running imapd: inetd Versus Standalone
        7. Charting It Up for the Suits
      5. 17. Remote Configuration Storage
        1. Why Store Client Configurations on a Server?
          1. Benefits of Centralized Configuration Storage
        2. IMSP, ACAP, or LDAP?
        3. IMSP
          1. IMSP Specification
          2. Cyrus IMSP Server
            1. Where to get IMSP
            2. How to install and configure IMSP
            3. How to run IMSP
            4. Getting help
          3. IMSP Clients
        4. ACAP
          1. ACAP Specification
            1. ACAP-related RFCs and drafts
          2. Cyrus ACAP Server
            1. Where to get ACAP
            2. How to install and configure ACAP
            3. How to use ACAP
            4. Where to get help
          3. ACAP Clients
      6. 18. IMAP Tools
        1. IMAP Administration Tools
          1. General IMAP Server Administration
            1. IMAP-Admin
            2. PHP Cyrus-Tools
          2. Balancing Users Across Cyrus Partitions
            1. move_imap_users
          3. Running Multiple Instances of Cyrus on a Single Machine
            1. cyrus-imapd-configfiles
              1. Method 1: One IP, one port, multiple mailstores
              2. Method 2: Virtual IP per server
        2. Authentication Tools
          1. Authenticating Against a SQL Database (UW)
            1. getpg/UW-IMAP
          2. Authenticating Against an SQL Database (Cyrus)
            1. Authcheck
            2. cyrus-sasl-mysql patch
            3. pwcheck_mysql
            4. pwcheck_pgsql
          3. Authenticating Against an LDAP Directory (Cyrus)
            1. pwcheck_ldap
        3. Monitoring and Testing Tools
          1. SMT
          2. tcpflow
          3. tm: A Stress Tester
        4. IMAP Clustering
          1. BLUETAIL Mail Robustifier
          2. Cyrus IMAP Aggregator
        5. IMAP APIs
          1. C-Client API
          2. Perl APIs
            1. Mail-IMAPClient
            2. Net-IMAP-Simple
            3. NetxAP
          3. PHP
          4. JavaMail
    8. VI. Appendixes
      1. A. Conversion from Berkeley Mail Format to Cyrus: Tools
        1. bsd2cyrus
        2. createfolders
        3. inboxfer
        4. folderxfer
        5. batchreconstruct
      2. B. Adding SSL Support to IMAP
        1. Get the Software
          1. OpenSSL
          2. stunnel
        2. Put It All Together
          1. Install OpenSSL
          2. Install stunnel
          3. Create a Certificate
          4. Modify Services
          5. Listen for Secure IMAP Connections
            1. Running stunnel standalone
            2. Running stunnel out of inetd
      3. C. IMAP Commands
        1. Commands Valid in Any State
        2. Commands Valid in the Non-authenticated State
        3. Commands Valid in the Authenticated State
        4. Commands Valid in the Selected State
    9. Index
    10. Colophon