This chapter details the runtime files that provide services for M-Store. All of the files discussed here are usually run as daemon processes. Pay close attention the settings presented here as these daemons are the key operating processes for the mailstore.
authproxyd [-v] [-f config_file] |
authproxyd is a daemon process that provides authentication services to the M-Store imapd and pop3d servers. Specifically, it processes LOGIN and AUTHENTICATE PLAIN IMAP4 commands, as well as the USER and PASS POP3 commands.
This server fulfills two roles: isolation of all code requiring superuser privileges into a single process, and to provide proxy authentication services to clients that do not understand SASL based authentication.
authproxyd must be run as the superuser and will change to the runtime-user as defined in the configuration file except when running against a protected authentication database (for example, the shadow mechanism). authproxyd is normally invoked from the storemgr daemon process as part of the set of managed server processes that make up a running message store. All stop and restart operations for authproxyd should be performed using the rc.m-store boot script.
authproxyd will not run if any database files are missing, in such a case a backup containing all database files must be restored.
If authproxyd was invoked by storemgr, then the server cannot be independently shut down, as storemgr will automatically restart it. To shut down the server, you must use the rc.m-store boot script.
Table 11-1. authproxyd Options
Option | Description |
|---|---|
-f config_file | Specify a non-default location for the M-Store configuration file, which in turn determines the path name to the named socket to listen to for connection requests. The socket name is defined as ms-path /ipc/authproxyd |
-v | Display version number and available authentication mechanism on standard error, then exit. |
authproxyd stores its process ID in the file ms_path/run/authproxyd.lock, where the ms-path variable is defined in the M-Store configuration file. Sending signals to that process ID will allow you to control various runtime functions in the server.
SIGTERM - If authproxyd was run standalone, sending SIGTERM to the server will stop it. If authproxyd was invoked by storemgr then sending SIGTERM will cause storemgr to restart it.
authproxyd understands only one client command which must be of the form:
AUTHENTICATE login password\r\n |
authproxyd responds with the following form:
OK [text message] or NO[text message] |
Note that the text message is optional and there are no end-of-line characters on the reply.
/etc/md/store/ms.conf | The default location for the message store configuration file. |
/etc/md/store/ms.sample | The sample M-Store boot script. |
ms-path /ipc/authproxyd | The default named socket. |
ms-path /run/authproxyd.lock | The lock file containing the process id of the running authproxyd process. |
getpwent(*)
getspnam(*)
getuserpw(*)
ms.conf, “Message Store Configuration (ms.conf)” in Chapter 10
msadm_tclsh, “IM-Store Administration Command Interpreter (msadm_tclsh)” in Chapter 12
pam(*)
passwd(*)
sia_authenticate_user(*)
storemgr, “Store Manager (stormgr)” in Chapter 10
Chapter 9, “File and Directory Layouts”
*See your system man pages.
The following options are set in the M-Store configuration file. If an option is not present in the file, its default is assumed.
 | Note: Default values appear in square brackets at the head of the description text. Some options have no default value; these are listed with <no default>. |
Table 11-2. authproxyd Configuration Options
Option | Description |
|---|---|
authproxy-authmech [authdb] | Specify the mechanism used to authenticate plain text logins. |
authproxy-legacy-authmech [no default] | When authentication using authmech fails, authenticate using the legacy-authmech. If the latter succeeds, automatically build an account in the authmech authentication environment using the user name and password information supplied in the authentication request. Future authentications with the same user name and password will succeed with the original authmech. (See “ Account Migration” .) |
authproxy-rimap-host [no default] | The remote host to be contacted by the rimap authentication mechanism. The argument is a host name (imap.foo.bar) or a dotted-quad IP address (192.168.0.1). The latter is useful if the remote server is multi-homed and has network interfaces that are unreachable from the local IMAP server. The remote host is contacted on the imap service port. A non-default port can be specified by appending a forward-slash and the port name or number to the host argument. |
authproxy-pam-service [imap] | The service name for PAM authentication. |
Depending on the facilities provided by your underlying operating system, authproxyd supports one or more authentication mechanisms. The mechanism is selected by the authproxy-authmech configuration variable where the associated value is one of the following:
Table 11-3. authproxy-authmech Configuration Variables
Variable | Description |
|---|---|
authdb | Authenticate via CRAM-MD5 or DIGEST-MD5 against the internal M-Store password database. |
getpwent | Authenticate using the getpwent() library function. Typically this authenticates against the local password file. (See your system's getpwent(3) man page for details.) |
kerberos4 | Authenticate against the local kerberos4 realm. (See caveats regarding this driver in “ Account Migration” .) |
pam (Linux) | Authenticate against the PAM (Pluggable Authentication Module) framework. The module name is given by the authproxy-pam-service configuration option. (See your system's getpwent(3) man page for details.) |
rimap | Forward authentication requests to a remote IMAP server. This driver connects to a remote IMAP server, specified by the authproxy-rimap-host configuration option, and attempts to login (via an IMAP LOGIN command) using the credentials supplied to the local server. If the remote authentication succeeds, the local connection is also considered to be authenticated. The remote connection is closed as soon as the tagged response from the LOGIN command is received from the remote server. |
| The value of the authproxy-rimap-host configuration option, hostname, describes the remote server to forward authentication requests to. The hostname can be a hostname (imap.foo.bar) or a dotted-quad IP address (182.168.0.1). The latter is useful if the remote server is multi-homed and has network interfaces that are unreachable from the local IMAP server. The remote host is contacted on the imap service port. A nondefault port is specified by appending a forward slash and the port name or number to the hostname argument. |
| The authproxy-rimap-host configuration option is mandatory when using the rimap mechanism. |
shadow | Authenticate against the local shadow password file. The exact mechanism is system dependent. authproxyd currently understands the getspnam() and getuserpw() library routines. |
authproxyd can be configured to automatically migrate users from an insecure authentication mechanism (that is, plaintext) to a more secure one (that is, CRAM-MD5). The authproxy-legacy-authmech configuration option specifies a fallback authentication mechanism to be used if the account being authenticated does not exist in the authmech authentication environment. If this fallback authentication succeeds, authproxyd creates an account in the authmech authentication environment using the account name and password provided in the authentication request. For example, a site wanting to migrate account information from a local password file to an authdb account database would invoke authproxyd with a configuration file containing the following:
authproxy-authmech authdb authproxy-legacy-authmech getpwent |
The first time a given account attempts to authenticate using CRAM-MD5 or DIGEST-MD5 the AUTHENTICATE command fails (since the account does not exist in the internal account database), and the client falls back to using an AUTHENTICATE PLAIN or LOGIN command. If this fallback authentication succeeds, authproxyd creates an account in the internal account database, using the account name and password provided in the authentication request. The next time that account attempts to log in to the server it will be able to do so using the native SASL CRAM-MD5 or DIGEST mechanism.
legacy_authmech can specify any supported authentication mechanism, however, the only valid authmech when doing account migration is authdb.
The kerberos4 authentication driver consumes considerable resources. To perform an authentication it must obtain a ticket-granting-ticket from the TGT server on every authentication request. The Kerberos library routines that obtain the TGT also create a local ticket file, on the reasonable assumption that a local ticket file is needed for use by other Kerberos applications. These ticket files are unusable by authproxyd, however, there is no way to prevent their creation. The overhead of accessing these ticket files causes serious performance degradation on busy mail servers. We recommend against using this driver. (Kerberos was never intended to be used in this manner; the best option is to deploy Kerberos-aware clients.)
imapd [-f config_file] |
M-Store is an IMAP4 revision 1 (RFC2060) compliant protocol server interface to the message store. imapd must be run as the superuser and will change to the runtime-user as defined in the configuration file for normal operation. imapd is normally invoked from the storemgr daemon process as part of the set of managed server processes that make up a running message store. All stop and restart operations for imapd should be performed using the rc.m-store boot script.imapd can use SASL to authenticate users. The SASL authentication mechanisms PLAIN and CRAM-MD5 are built in, and other available mechanisms may also be used by placing the appropriate plugin into the M-Store plugin directory executable-base-path/lib/plugins/, where executable-base-path is defined in the M-Store\ configuration file.
Normally, the daemon process is invoked from the rc.m-store boot script.
M-Store\'s imapd supports the following option:
imapd stores its process ID in the file ms-path/run/imapd.lock, where the ms-path variable is defined in the M-Store configuration file. Sending signals to that process id will allow you to control various run time functions in the server.
SIGTERM - If imapd was run standalone, sending SIGTERM to the server will stop it. If imapd was invoked by storemgr then sending SIGTERM will cause storemgr to restart it.
SIGHUP - Dump runtime processing statistics for the server to the ms-path/log/imapd.stats log.
/etc/md/store/ms.conf | The default M-Store configuration file. |
/etc/md/store/rc.m-store.sample | The sample M-Store boot script. |
executable-base-path /lib/plugins/ | The default SASL plugin directory. |
ms-path /run/imapd.lock | The lock file containing the process id of the running imapd process. |
ms-path /ipc/authproxyd | The path of the authproxyd communication socket. |
ms-path /etc/nologin | The path of the imapd shutdown file. |
ms-path /log/imapd.stats | The path of the log file containing the statistics generated on SIGHUP. |
executable-base-path defaults to /usr/local/md |
|
ms-path defaults to /var/md/store |
|
authproxyd, “Authentication Server (authproxyd) ”
ms.conf, “Message Store Configuration (ms.conf)” in Chapter 10
pop3d, “POP3 Message Service (pop3d)”
rc.m-store, “M-Store rc.m-store Script” in Chapter 10
stormgr, “Store Manager (stormgr)” in Chapter 10
Chapter 9, “File and Directory Layouts”
M. Crispin, Internet Message Access Protocol - Version 4rev1, RFC2060
imapd supports the following standards track IMAP4 extensions: ACL ( RFC 2086), LITERAL+ (RFC 2088), NAMESPACE (RFC 2342), QUOTA (RFC 2087), and UIDPLUS (RFC 2359).
The identifiers in access control lists correspond to IMAP4 user names. The user name anyone is reserved as a wildcard entry matching all IMAP4 users on the server. The user name anonymous is also reserved; the server uses this identifier for all anonymous sessions.
imapd allows quotas to be set on the amount of disk storage used on a per-user basis. The SETQUOTA resource limit name is STORAGE, and the resource units are 1024 byte blocks. The GETQUOTA and GETQUOTAROOT commands return the resource usage and limits in units of 1024 byte blocks. The resource value displayed is calculated as int(bytes_used / 1024). Internally, the server uses the exact byte count when determining quota usage. Only server administrators can display and set quotas.
The following non-standard protocol extensions are supported:
If cleartext-login-enable is set to off in the configuration file, the server will include the string X-LOGIN-COMMAND-DISABLED in the capability list. This indicates clients will not issue a LOGIN command. imapd will not run if any database files are missing, in such a case a backup containing all database files must be restored.
If imapd was invoked by storemgr, then the server cannot be independently shut down, as storemgr will automatically restart it. To shut down the server, you must use the rc.m-store boot script. If the file ms-path/etc/nologin exists, imapd will shut down the connection. The first line of the file will be sent to the client as an [ALERT] message before the connection is closed. The ms-path parameter is defined in the M-Store configuration file ms.conf.
imapd can use SASL to authenticate users. The SASL authentication mechanisms PLAIN and CRAM-MD5 are built in, and other available mechanisms may also be used by placing the appropriate plugin into the M-Store plugin directory executable-base-path/lib/plugins/, where executable-base-path is defined in the M-Store configuration file.
User authentication via the IMAP LOGIN command is done by the external authproxyd authentication server.
lmtpd [-f config_file] |
lmtpd is a daemon process that provides a LMTP (RFC2033) message injection interface to the MessagingDirect message store. It provides numerous benefits over deliver, and is the preferred delivery interface between the MTA and the message store.
lmtpd must be run as the superuser and will change to the runtime-user as defined in the configuration file for normal operation. lmtpd is normally invoked from the storemgr daemon process as part of the set of managed server processes that make up a running message store. All stop and restart operations for lmtpd should be performed using the rc.m-store boot script.
By default, lmtpd rejects all messages containing non-ASCII characters in the message headers. To maintain backward compatibility with MUA software that does not properly MIME-encode non-ASCII header data, add the line: allow8bitheaders to the ms.conf file. This line forces lmtpd to accept the message by stripping the high-bit from any non-ASCII characters.
By default, lmtpd delivers to a user's INBOX. To deliver to a specific mailbox, append the mailbox name to the recipient's local name. For example:
rcpt to: joe+important/March2000@foobar.com |
will deliver the message to the mailbox:
user/joe/important/March2000 |
where joe@foobar.com is a valid user in the message store. To deliver to a shared mailbox, append the mailbox name to the lmtp-shared-name name defined in ms.conf.
rcpt to: shared+bugreports@foobar.com |
This method of delivery is known as Plus-Addressing. Plus-Addressing is not a standard, but it does result in a valid RCF822 address.
lmtpd does not (yet) support the LMTP AUTH command. The access permissions on the directory containing the named socket determine who has access to the LMTP server. Any process capable of connecting to the named socket can inject messages into any INBOX in the message store. Only the server runtime user should have access to the named socket directory.
lmtpd will not run if any database files are missing, in such a case a backup containing all database files must be restored. If lmtpd was invoked by storemgr, then the server cannot be independently shut down, as storemgr will automatically restart it. To shut down the server, you must use the rc.m-store boot script.
Option | Description |
|---|---|
-f config_file | Specify a non-default location for the M-Store configuration file, which in turn determines the pathname to the named socket to listen on for connection requests. The socket name is defined as ms-path /ipc/lmtpd. |
lmtpd stores its process ID in the file ms-path/run/lmtpd.lock, where the ms-path variable is defined in the M-Store configuration file. Sending signals to that process ID will allow you to control various runtime functions in the server.
SIGTERM - If lmtpd was run standalone, sending SIGTERM to the server will stop it. If lmtpd was invoked by storemgr then sending SIGTERM will cause storemgr to restart it.
SIGHUP - Dump runtime processing statistics for the server to the ms-path/log/lmtpd.stats log.
The following lmtpd-specific options are set in the M-Store configuration file. If an option is not present in the file, its default is assumed. Default values appear in square brackets at the head of the description text.
lmtp-shared-name [shared] | Specify the local name used to denote shared folders during Plus-Addressing delivery. |
lmtp-enable-overquota-delivery [off] | When enabled, lmtpd will also listen to the named socket ms-path /ipc/lmtpd-oq. All mail delivered through this socket is delivered regardless of a user's quota. The behavior of the default socket is unchanged. |
/etc/md/store/ms.conf | The default M-Store configuration file |
ms-path /ipc/lmtpd | The default named socket. |
ms-path /run/lmtpd.lock | The lock file containing the process ID of the running lmtpd process. |
/etc/md/store/rc.m-store.sample | The sample M-Store boot script. |
ms-path /log/lmtpd.stats | The path of the log file containing the statistics generated on SIGHUP. |
executable-base-path defaults to /usr/local/md |
|
ms-path defaults to /var/md/store on all systems. |
|
pop3d [-f config_file] |
pop3d is a POP3 (RFC1939) protocol server interface to the message store. It is a daemon process and is normally invoked from the rc.mdstore boot script. pop3d must be run as the superuser and will change to the runtime-user as defined in the configuration file for normal operation. pop3d is normally invoked from the storemgr daemon process as part of the set of managed server processes that make up a running message store. All stop and restart operations for pop3d should be performed using the rc.m-store boot script.
Option | Description |
|---|---|
-f config_file | Use M-Store's configuration file config_file instead of the default. |
The POP3 server is only capable of serving the authenticated user's IMAP4 INBOX folder. This is not a bug, it is a restriction of the POP3 protocol. If access to multiple folders are required, use the IMAP4 protocol.
pop3d enforces exclusive access to the user's INBOX folder: a user can have only one POP3 session active at any time. Access to the folder via another POP3 session is denied while the original POP3 session has the maildrop open.
If the file ms-path/etc/nologin exists, pop3d will shut down the connection. The first line of the file will be sent to the client as an [ALERT] message before the connection is closed. The ms-path parameter is defined in M-Store's configuration file ms.conf.
pop3d can use SASL (via APOP) to authenticate users. The mechanisms PLAIN and CRAM-MD5 are built in, and other mechanisms can be used by placing the appropriate plugin into M-Store's plugin directory:
executable-base-path/lib/plugins/ |
where executable-base-path is defined in M-Store's configuration file.
pop3d will not run if any database files are missing. In such a case, a backup containing all database files must be restored.
If pop3d was invoked by storemgr , then the server cannot be independently shut down, as storemgr will automatically restart it. To shut down the server, you must use the rc.m-store boot script.
pop3d stores its process ID in the file ms-path/run/pop3d.lock, where the ms-path variable is defined in the M-Store configuration file. Sending signals to that process ID will allow you to control various runtime functions in the server.
SIGTERM - If pop3d was run standalone, sending SIGTERM to the server will stop it. If pop3d was invoked by storemgr then sending SIGTERM will cause storemgr to restart it.
SIGHUP - Dump runtime processing statistics for the server to the ms-path/log/pop3d.stats log.
The following are the protocols supported by this release of pop3d:
CAPA | The CAPA command lets clients probe the server to discover which POP3 extensions are supported. The CAPA command is experimental; the implementation is subject to change to ensure conformance with the to-be-released POP3 Extensions RFC. |
EXPIRE | The server does not automatically expire messages; an EXPIRE NEVER response is always sent. |
IMPLEMENTATION | The server name and version number are returned with this response. |
PASS | Enter a password after giving the user command. |
PIPELINING | Clients can issue commands while other commands are outstanding. |
RESP-CODES | The server supports the [IN-USE] and [LOGIN-DELAY] extended response codes. |
SASL | If any SASL mechanisms are enabled in M-Store's configuration file they are listed in this response. A SASL response indicates the AUTH command is available. |
TOP | The server supports the TOP command. |
UIDL | The server supports the UIDL command. |
USER | When cleartext-login-enable is turned on in M-Store's configuration file, the server advertises this capability, and the USER and PASS commands are functional. |
/etc/md/store/ms.conf | The default M-Store configuration file. |
/etc/md/store/rc.m-store.sample | The sample M-Store boot script. |
executable-base-path /lib/plugins/ | The default SASL plugin directory. |
ms-path /pic/authproxyd | The path of the authproxyd communication socket. |
ms-path /run/pop3d.lock | The lock file containing the process ID of the running pop3d process. |
ms-path /etc/nologin | The path of the pop3d shutdown file. |
ms-path /log/pop3d.stats | The path of the log file containing the statistics generated on SIGHUP. |
executable-base-path defaults to /usr/local/md |
|
ms-path defaults to /var/md/store |
|
authproxyd, “Authentication Server (authproxyd) ”
imapd, “M-Store Message Server (imapd)”
ms.conf, “Message Store Configuration (ms.conf)” in Chapter 10
rc.m-store, “M-Store rc.m-store Script” in Chapter 10
storemgr, “Store Manager (stormgr)” in Chapter 10
POP3 Authentication Command, RFC1734.
"Post Office Protocol Version 3", RFC1939.