The following are detailed descriptions of M-Store's key operating files. These include the files necessary for the startup and shutdown of M-Store.
ms.conf is used to configure the mailstore at invocation. The options that can be listed in the ms.conf file are organized into Required Configuration, Recommended Configuration, and Optional Configuration. Each line of the file has the form:
option value ... |
where option is the name of the configuration option being set and value is the value the configuration option is being set to. Blank lines and lines beginning with # are ignored. Options take either a boolean, numerical, or (multiple) string argument.
 | Note: If an option is not present in the file, its default is assumed. Default values in Table 10-1 through Table 10-6 appear in square brackets at the head of the description text, for example, [default]. Some options have no default value; these are listed with <no default>. Options that default to an empty string are listed with <none>. |
For boolean options, the values yes, on, t, and 1 (one) turn the option on, and the values no, off, f, and 0 (zero) turn the option off.
The following options are required for the operation of M-Store (see Note in “Message Store Configuration (ms.conf)”):
Table 10-1. ms.conf Required Options
Option | Description |
|---|---|
admin_domain [<no default>] | All users of the specified domain are assumed to have site administration privileges. This option is necessary to perform Web-based site administration. |
cleartext-login-enable [on] | Enables the IMAP4 LOGIN command and the POP3 USER and PASS commands. At least one of cleartext-login-enable or sasl-enable-<mech> must be enabled for users to authenticate. By default, all SASL CRAM-MD5 and DIGEST-MD5 authentication mechanisms are also enabled. |
default-domain name [<no default>] | The default domain name if single-domain is enabled. |
mailstore name path [<no default>] | Declare path as a mailstore with the symbolic name name. There must be at least one mailstore declared. |
ms-assignment-policy rule [glob] mailstore ... [<no default>] | Determine the mailstore (with symbolic name mailstore) on which a newly created mailbox resides. There must be at least one assignment policy defined as each acts as a filter executed in order of appearance in the ms.conf file. |
There are three available ms-assignment-policy rules:
user-rule | The mailbox resides on the mailstore for which the user matches the glob pattern. This rule takes both a glob pattern and a single mailstore name. |
domain-rule | The mailbox resides on the mailstore for which the domain matches the glob pattern. This rule takes both a glob pattern and a single mailstore name. |
bytes-free | The mailbox resides on the mailstore with the most free space. This rule does not require a glob pattern, but does take a list of mailstore names. It is recommended to end with a bytes-free rule or a glob rule with a glob pattern of * to ensure a default mailstore exists for newly created mailboxes. |
Table 10-2. SASL Plugin Options
Option | Description |
|---|---|
sasl-enable-cram-md5 [on] | Enable the built-in SASL CRAM-MD5 authentication mechanism. |
sasl-enable-digest-md5 [on] | Enable the built-in SASL DIGEST-MD5 authentication mechanism. |
sasl-enable-plain [off] | Enable the built-in SASL PLAIN authentication mechanism. |
sasl-enable-<mech> [off] | Enable the SASL <mech> authentication mechanism plugin. The <mech> plugin must also be installed in executable-base-path/lib/plugins/ |
The following options are recommended for proper operation of M-Store.
Table 10-4. Recommended M-Store Configuration Options
Option | Description |
|---|---|
hash-level-1 [20] | The number of hash directories in the first level of the mailstore. The minimum value allowed is 5 and the maximum is 500. (See NOTE in hash-level-2 Description) |
hash-level-2 [200] | The number of hash directories in the second level of the mailstore. The minimum value allowed is 5 and the maximum is 500. NOTE: Under each of the defined mailstores exist a number of first-level hash directories. Each of which contains a number of second level hash directories. Mailboxes physically reside under the second-level hash directories. |
quotawarn [90] | The percentage of quota utilization above which the IMAP server generates warnings. |
transaction-log-directory [transaction_log] | The directory path where the database log files are stored. If the argument is a relative path, the logs are stored in ms-path/database/transaction-log-directory/. NOTE: It is highly recommended that the log files are stored and backed up on a separate disk from the database tables. See msdb_backup (“Database Backup Tool (msdb_backup)” in Chapter 12 ) for more information. |
The following are optional for M-Store configuration file.
Table 10-5. Optional ms.conf Entries
Option | Description |
|---|---|
admin-auth-modal [on] | In multi-domain mode, append the current domain to the identifier when creating authentication accounts with the administration tools. i.e. creating an auth account for user foo implicitly creates the account for foo@mydomain.bar. This option has no effect in single-domain mode. |
allow8bitheaders [off] | Accept messages with non-ASCII header characters by stripping the high-bit off offending characters. This option affects imapd, lmtpd, and deliver. |
allow-one-message-overquota [off] |
|
| Allow a user to receive one message that would put them over quota. Note that if a user is already over quota then no messages can be received. |
allowanonymouslogin [off] | Permit logins by the user anonymous using any password (this feature is not supported by all authentication mechanisms). |
auto-create-inbox [off] | If the authenticated user does not already have an IMAP INBOX, create one automatically when they authenticate. |
auto-create-inbox-quota [0] | If auto-create-inbox is enabled, the newly created INBOX is assigned a quota root with the specified value (in bytes). If the value is less than or equal to zero, no quota root is assigned. |
defaultacl [anyone lrs] | The default acl (access control list) for newly created mailboxes. |
executable-base-path [/usr/local/md] | The base path for M-Store binaries and documentation. |
imap-port [143] | Specify the port used by imapd. |
license-file-path [/etc/md/store/license.dat] | Specify the absolute path of the license file license.dat. |
lmtp-shared-name [shared] | Specify the local name used by lmtpd to denote shared folders during Plus-Addressing delivery. |
lmtp-stuff-nul [off] | Enable the conversion of NUL characters in messages to"?". The default behavior is to reject such messages. Note that converting such characters may render parts of the message unreadable. NUL characters are illegal in messages according to RFC2060. This option is provided to allow sites to work around noncompliant (broken) mail clients. |
map-authentication [off] | Enable the translation of authentication identifiers using the internal authmap database. See msadm_tclsh (“IM-Store Administration Command Interpreter (msadm_tclsh)” in Chapter 12 ) for more information on adding authentication mappings. |
max-overquota-kb [0] | If we have allow-one-message-overquota set [on], this option limits the size of a message that can be delivered over quota. If this is set to 0 or undefined, there is no limit. |
messagestore-deliver-overquota -bounce [off] | If enabled, causes deliver and lmtpd to return a permanent delivery failure for any message delivery that would put the target mailbox over its quota limit. Normally these programs return a temporary failure, allowing the message transport agent (MTA) to requeue the delivery attempt. Enabling this option forces the MTA to immediately bounce the message. |
ms-path [/var/md/store] | The base path of the message store data. |
plaintextloginpause [0] | Number of seconds to pause after a successful plaintext login. For systems that support strong authentication, this permits users to perceive a cost in using plaintext passwords. |
pop-port [110] | Specify the port used by pop3d. |
popminpoll [0] | Set the minimum amount of time, in minutes, the server forces users to wait between successive POP3 logins. |
poptimeout [10] | Set the length of the POP3 server inactivity for the autologout timer, in minutes. The minimum value is 10 minutes. |
runtime-user [sms] | The login name of the UNIX account under which the server runs. |
single-domain [off] | If enabled, the server assumes all users are of the domain specified by the default-domain option. Disabling this option allows the server to support multiple domains. |
timeout [30] | The length of the IMAP server inactivity for the autologout timer, in minutes. The minimum value is 30 minutes. |
umask [077] | The default umask value used by the server programs. |
The following options are used by authproxyd, the M-Store authentication server.
Table 10-6. authproxyd Options
Option | Description |
|---|---|
authproxy-authmech [authdb] | Specify the mechanism used to authenticate plaintext logins. |
authproxy-legacy-authmech [<no default>] | If authentication using authmech fails, authenticate using the legacy-authmech. If the latter succeeds, automatically build an account in the authmech authentication environment using the username and password information supplied in the authentication request. Future authentications with the same username and password will succeed with the original authmech. |
authproxy-rimap-host [<no default>] | The remote host to be contacted by the rimap authentication mechanism. The argument can be a hostname (imap.foo.bar) or a dotted-quad IP address (192.168.0.1). The latter is useful if the remote server is multi-homed and has network interfaces that are unreachable from the local IMAP server. The remote host is contacted on the imap service port. A nondefault port can be specified by appending a forward-slash and the port name or number to the host argument. |
authproxy-pam-service [authproxyd] | The service name for PAM authentication. Setting this value to a predefined PAM service allows IMAP and POP users to authenticate with the same credentials used to authenticate via the defined service, i.e., login allows users who can physically log into the machine to be authenticated via authproxyd. |
rc.m-store [start | stop | restart] |
rc.m-store is the recommended method of starting and stopping the message store. The sample of this file is found at etc/md/store. It is strongly recommended that your own rc.m-store script is carefully tested before putting the mailstore into production mode.
rc.m-store automatically starts at boot time and stops at shutdown. For proper operation with Sendmail or other MTA, start M-Store before starting the MTA and stop after shutting down the MTA. Please see your Operating System manual for instructions and the locations of the runtime level control mechanisms.
Table 10-7. rc.m-store Parameters
Parameter | Description |
|---|---|
start | The following steps are required to start the message store. These steps are performed by the storemgr which is executed by the rc.m-store script: |
| 1. Cleanup any files possibly left by the message store in the event of a machine crash. |
| 2. Run msdb_test with recovery to ensure the consistency of the message store database. |
| 3. Start the server components: authproxyd: Generic Authentication server. lmtpd: Local Message Transfer Protocol message delivery server. pop3d: Post Office Protocol mail server. imapd: Internet Message Access Protocol mail server. msdb_checkpoint: Message store database transaction checkpointing daemon. |
| All server components use the default ms.conf M-Store configuration file. |
stop | Stop running the message store by sending the SIGTERM signal to the running components. |
restart | Stop and start the message store. |
/etc/md/store/ms.conf | The default M-Store configuration file. |
/etc/rc.d/init.d/rc.m-store | The location of the bootscript on Linux. |
authproxyd, “Authentication Server (authproxyd) ” in Chapter 11
imapd, “M-Store Message Server (imapd)” in Chapter 11
lmtpd, “LMTP Delivery Server (lmtpd)” in Chapter 11
ms.conf, “Message Store Configuration (ms.conf)”
msdb_checkpoint, “Database Checkpoint Tool (msdb_checkpoint)” in Chapter 12
msdb_test, “Database Test Tool (msdb_test)” in Chapter 12
pop3d, “POP3 Message Service (pop3d)” in Chapter 11
storemgr, “Store Manager (stormgr)”
storemgr [-f config_file] |
storemgr is a daemon process that manages the collection of protocol, authentication and database management server processes that make up the message store. It is the primary control daemon for the store, managing starting, restarting and shutting down the entire message store. Running storemgr starts the store manager, which subsequently starts all of the other store processes. Once started, store processes are monitored and restarted in the event that one of them terminates outside of storemgr control.
storemgr must be run as the superuser and is normally invoked from the rc.m-store boot script. The rc.m-store should be used as the command line interface for performing control operations for the store, rather than using the signal-based control support provided by the store manager.
Option | Description |
|---|---|
-f config_file | Specify an alternate location for the M-Store configuration file. |
storemgr stores its process ID in the file ms-path/run/storemgr.lock, where the ms-path variable is defined in the M-Store configuration file. Sending signals to that process ID will allow you to control various runtime functions in the store.
SIGTERM stops the store. This causes all managed processes to be terminated.
SIGHUP restarts the store. This causes all managed server processes to be stopped and then re-started.
authproxyd, “Authentication Server (authproxyd) ” in Chapter 11
imapd, “M-Store Message Server (imapd)” in Chapter 11
lmtpd, “LMTP Delivery Server (lmtpd)” in Chapter 11
ms.conf, “Message Store Configuration (ms.conf)”
msdb_checkpoint, “Database Checkpoint Tool (msdb_checkpoint)” in Chapter 12
msdb_test, “Database Test Tool (msdb_test)” in Chapter 12
pop3d, “POP3 Message Service (pop3d)” in Chapter 11
rc.m-store, “M-Store rc.m-store Script”
M-Store uses locale specific message tables to store error messages for its various subsystems. The following are the M-Store message tables and their location:
Table 10-9. M-Store Message Tables
Base Path | Extended Path | Message Table |
|---|---|---|
/usr/local/md/ | lib/msg_tab/ | admin_--.msg |
|
| plug_--.msg |
|
| sasl_--.msg |
|
| store_--.msg |
If the file ms-path/etc/nologin exists, imapd will shutdown the connection. The first line of the file will be sent to the client as an [ ALERT] message before the connection is closed. See Chapter 11, “Server Commands” for more details.