Quickstart: Fedora Core


Beginning with Core 3, Fedora includes Cyrus IMAP. In Core 3, the package is part of base, but in Core 4, it was moved to extras. The RPMs are built indirectly from Simon Matter's SRPMs, which I have used on Red Hat Enterprise Linux 3 systems and are quite good. While I do not recommend Fedora as a server platform given the brevity of its lifespan, I will use it as a base for demonstration since the Cyrus IMAP RPMs and dependencies are already included.

The following guide gives steps without much explanation about getting started using Cyrus IMAP on this platform; the procedure for RHEL3 (or clones, like CentOS3) is very similar, albeit with additional steps of downloading and perhaps rebuilding.

The configuration I will be using with use PAM authentication with saslauthd, since PAM is configured by default. Delivery will happen with Postfix, because I eschew Sendmail where possible. (Sendmail information may be added at a later date.)

These instructions have been updated and tested for Cyrus IMAP 2.3.13 on Fedora 10; they might work for older versions but have not been tested.

Install Required Packages

You must remove the imap package; it is the UW-IMAP server and conflicts with Cyrus IMAP. Newer versions call the package uw-imap and it may be no longer installed by default. Obviously, if you have installed another IMAP server such as dovecot you should remove that also. The following packages need to be installed:

  • postfix

  • cyrus-imapd

  • cyrus-imapd-utils

  • perl-Cyrus

  • cyrus-sasl

  • cyrus-sasl-plain

The Perl module Term::ReadLine::Gnu is also recommended, as it provides readline support to cyradm. An RPM is in the RPMforge repository.

# rpm -e imap
# yum install postfix cyrus-imapd cyrus-imapd-utils cyrus-sasl \
> cyrus-sasl-plain perl-Term-ReadLine-Gnu
Performing the following to resolve dependencies:
  Install: perl-Cyrus.i386 0:2.2.10-3.fc3
Is this ok [y/N]: y

Configure Cyrus SASL

Next, we configure Cyrus SASL to authenticate with PAM and test.

Edit /etc/sysconfig/saslauthd and change MECH to be pam. Older versions used shadow by default, which will authenticate regular UNIX accounts, but PAM is more flexible.

Start saslauthd by running its init script and configure it to start on boot:

# /sbin/service saslauthd start
Starting saslauthd:                                        [  OK  ]
# /sbin/chkconfig saslauthd on
# chkconfig --list saslauthd
saslauthd       0:off   1:off   2:on    3:on    4:on    5:on    6:off

Now let's test that saslauthd is working. (I assume here that you have already created a user account somewhere.) Yes, you do have to specify the password on the command line; it is an annoyance that should be fixed.

$ testsaslauthd -u username -p password
0: OK "Success."

Configure Cyrus IMAP

Actually, this is pretty easy. While a usual installation requires modifying parameters in /etc/imapd.conf and /etc/cyrus.conf, the Fedora RPMs are already configured for general use, even SSL support.

All that must be done, then, is to start and test it and create mailboxes. First, we start it up:

# /sbin/service cyrus-imapd start
Starting cyrus-imapd: preparing databases... done.         [  OK  ]
# /sbin/chkconfig cyrus-imapd on
# /sbin/chkconfig --list cyrus-imapd 
cyrus-imapd     0:off   1:off   2:on    3:on    4:on    5:on    6:off

And then test it with imtest:

$ imtest -t "" -u wcooley localhost
S: * OK imap.example.com Cyrus IMAP4 v2.2.10-Invoca-RPM-2.2.10-3.fc3 server ready
S: C01 OK Completed
Please enter your password: 
C: L01 LOGIN wcooley {6}
S: + go ahead
C: "omitted"
S: L01 OK User logged in
Security strength factor: 0
* BYE LOGOUT received
. OK Completed
Connection closed.

Finally, we must create mailboxes with cyradm. But in order to do that, we must set a password for the cyrus account:

#  passwd cyrus
Changing password for user cyrus.
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.

Now login with cyradm:

$  cyradm --user cyrus --auth PLAIN localhost
verify error:num=18:self signed certificate
IMAP Password: 

And create an initial mailbox and view some stats:

localhost.localdomain> createmailbox user.wcooley
localhost.localdomain> listmailbox user.wcooley
user.wcooley (\HasNoChildren)  
localhost.localdomain> listaclmailbox user.wcooley
wcooley lrswipcda
localhost.localdomain> listquotaroot user.wcooley

Alternatively, you can use abbreviations of the commands:

localhost.localdomain> cm user.wcooley
localhost.localdomain> lm user.wcooley
user.wcooley (\HasNoChildren)  
localhost.localdomain> lam user.wcooley
wcooley lrswipcda
localhost.localdomain> lqr user.wcooley

At this point, you have a working IMAP server. You might want to start an IMAP client and login to the server, just to doublecheck before actually delivering mail to it.

Configure Postfix

Since Sendmail is the default MTA in Fedora, you must change the default with the alternatives command after stopping Sendmail.

# /sbin/service sendmail stop
Shutting down sendmail:                                    [  OK  ]
Shutting down sm-client:                                   [  OK  ]
# chkconfig sendmail off
# chkconfig --list sendmail
sendmail        0:off   1:off   2:off   3:off   4:off   5:off   6:off
# alternatives --config mta

There are 2 programs which provide 'mta'.

  Selection    Command
*+ 1           /usr/sbin/sendmail.sendmail
   2           /usr/sbin/sendmail.postfix

Enter to keep the current selection[+], or type selection number: 2
# alternatives --display mta
mta - status is manual.
 link currently points to /usr/sbin/sendmail.postfix

Now we configure mailbox_transport in /etc/postfix/main.cf. Add this line to the bottom:

mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp

Finally, start up Postfix:

# /sbin/service postfix start
Starting postfix:                                          [  OK  ]
# /sbin/chkconfig postfix on
# /sbin/chkconfig --list postfix
postfix         0:off   1:off   2:on    3:on    4:on    5:on    6:off

Assuming you have a functional SMTP server, you should now have a functional IMAP server ready to go.