Solved

Cyrus DB errors

Posted on 2004-08-10
5
450 Views
Last Modified: 2013-11-13
Hi

I've done a clean install of WBL, and then manually installed Cyrus IMAP 2.2.3 in the same way I did on a similar server a couple of months ago. I can recall vaguely experiencing similar problems initially on the first server, but cannot for the life of me trace back what I did to resolve the issue.  Everything *seems* to be working properly, ie users can send and receive e-mail, but these db errors are popping up left right and center, so I just want to know if it is something I can ignore safely, or better yet, fix outright.

Aug 10 09:59:20 chaos pop3[32483]: DBERROR: dbenv->open '/var/imap/config/db' failed: Function not implemented
Aug 10 09:59:20 chaos pop3[32483]: DBERROR: init() on berkeley
Aug 10 09:59:23 chaos pop3[32484]: DBERROR db4: unable to initialize mutex: Function not implemented
Aug 10 09:59:23 chaos pop3[32484]: DBERROR db4: /var/imap/config/db/__db.001: unable to initialize environment lock: Function not implemented

Aug 10 10:00:36 chaos lmtpunix[32506]: DBERROR: dbenv->open '/var/imap/config/db' failed: Function not implemented
Aug 10 10:00:36 chaos lmtpunix[32506]: DBERROR: init() on berkeley


Aug 10 10:00:16 chaos ctl_cyrusdb[32485]: DBERROR db4: unable to initialize mutex: Function not implemented
Aug 10 10:00:16 chaos ctl_cyrusdb[32485]: DBERROR db4: /var/imap/config/db/__db.001: unable to initialize environment lock: Function not implemented
Aug 10 10:00:16 chaos ctl_cyrusdb[32485]: DBERROR: dbenv->open '/var/imap/config/db' failed: Function not implemented
Aug 10 10:00:16 chaos ctl_cyrusdb[32485]: DBERROR: init() on berkeley
Aug 10 10:00:16 chaos ctl_cyrusdb[32485]: checkpointing cyrus databases
Aug 10 10:00:16 chaos ctl_cyrusdb[32485]: DBERROR db4: txn_checkpoint interface requires an environment configured for the transaction subsystem
Aug 10 10:00:16 chaos ctl_cyrusdb[32485]: DBERROR: couldn't checkpoint: Invalid argument
Aug 10 10:00:16 chaos ctl_cyrusdb[32485]: DBERROR: sync /var/imap/config/db: cyrusdb error
Aug 10 10:00:16 chaos ctl_cyrusdb[32485]: DBERROR db4: DB_ENV->log_archive interface requires an environment configured for the logging subsystem
Aug 10 10:00:16 chaos ctl_cyrusdb[32485]: DBERROR: error listing log files: Invalid argument
Aug 10 10:00:16 chaos ctl_cyrusdb[32485]: DBERROR: archive /var/imap/config/db: cyrusdb error
Aug 10 10:00:16 chaos ctl_cyrusdb[32485]: done checkpointing cyrus databases



Then, out of curiosity; I saw a couple of "returned" mails on my new system that says somehting like :

Return-Path:  <I[5-]@nuukiemail.com>
Received:  from xxx.xxx.xxx.xxx ([61.76.45.68]) by my.domain.dom (8.12.10/8.12.10) with SMTP id i79D7p5p019161 for <user@someplace.com>; Mon, 9 Aug 2004 15:07:55 +0200
X-Message-Info:  NL/ny+764+ee/N+669/2553178415
Received:  from smtp-daylight.wistful.I[5-]@nuukiemail.com ([61.76.45.68]) by hx0-gp67.I[5-]@nuukiemail.com with Microsoft SMTPSVC(5.0.8273.3981); Mon, 09 Aug 2004 17:38:34 +0400
X-Message-Info:  ZENSV+%ND_LC_CHAR[1-3]653+jxc+D+998/73108575300
Received:  (qmail 66905 invoked by uid 4); Mon, 09 Aug 2004 07:44:34 -0600
Date: Mon, 09 Aug 2004 08:38:34 -0500
Message-Id:  <07103357.85962@I[5-]@nuukiemail.com>
To: <user@someplace.com>
Subject:
MIME-Version:  1.0 (produced by diffusionbyrne 5.3)
Content-Type:  multipart/alternative; boundary="--7326954004200412649"
X-MailScanner-MailScanner-Information:  Please contact the ISP for more information
X-MailScanner-MailScanner:  Found to be clean
X-MailScanner-MailScanner-SpamScore:  sss
X-MailScanner-From:  i[5-]@nuukiemail.com


Now, clearly the Ip "xxx.xxx.xxx.xxx" (xxx.xxx.xxx.xxx = my server IP) in the header is forged, cause this message was definately not sent from my server, however, for some reason sendmail "trusts" this and the subsequent trace of the mail reports a local configuration error for this <I[5-]@nuukiemail.com> address since it had my IP in the headers.

Is there anything I can "tighten" in the sendmail.cf  or some other place to prevent this "injection"?

0
Comment
Question by:psimation
  • 2
  • 2
5 Comments
 
LVL 20

Expert Comment

by:Gns
Comment Utility
For the db4 error(s) this fix regarding pthreads and mutexes might be what you did: http://www.irbs.net/internet/info-cyrus/0305/0465.html

For sendmail advice (as usual:-) we'd best wait for Jim:-):-).
Basically what you'd try to do would be to set up some form of anti-address-spoof system that would just drop messages claimed to be from you. I've got this for Postfix's smtpd conversation, but the header checks are a bit more... troublesome (a question of directions, and where in the message handling process one can do the header checks:-).
Isn't 61.76.45.68 the actual SMTP sender your MTA is having the conversation with?

-- Glenn
0
 
LVL 17

Author Comment

by:psimation
Comment Utility
Hi Glenn
Yes, 61.76.45.68 is the actual IP , but they put my IP infront of that in the place of a FQDN, and that somehow fools sendmail into thinking it's coming from itself...

I will look at the patch, thanks for the help.
0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
> Received:  from xxx.xxx.xxx.xxx ([61.76.45.68])

The xxx.xxx.xxx.xxx is the professed name of the remote MTA and what's inside of the following () is the actual IP and host name if a reverse DNS on the IP is possible. Sendmail neither looks at nor cares what the professed host name is, it's merely there for informational purposes.

Since your mail server accepted this message I'd say that you have "FEATURE(`accept_unresolvable_domains')dnl" in your sendmail.mc. If that feature isn't present your MTA would have rejected the message since neither the envelope sender's domain (nuukiemail.com) nor the real host name of the remote MTA are valid.

When you built 2.2.3 did you build against the WBL copy of the Berkeley DB, or against a locally built copy of same?
0
 
LVL 17

Author Comment

by:psimation
Comment Utility
Hi Jim

I checked the sendmail.mc, there is no option set for accepting unresolvable domains. However, what is stranger still, it does not show that feature at all, ie not uncommented or commented.

I did a stock install against WBL's version of BDB, followed your installation instructions to the letter ( although I found that I had to manually create the subfolders of the /var/imap folder before running the tools/mkimap else I got errors - your instructions does not mention making any sub-folders?). I did run an up2date after install, so it seems that Glenn's link could shed some light ( they mention in one of the comments something about a gcc update, which I remeber was done via up2date, that caused problems on RH9?

Won't you do me a favour and post your sendmail.mc here so I can have something "sane" to compare mine against (I'm still running the "stock" 8.12.10 that comes with WBL/RHEL original install due to the SASL2 probs of later versions...? I'm pretty sure that I might have made some booboo's while re-doing the server, the last couple of weeks have been filled with joyfull 24 hour sessions of rebuilding and transferring domains, so it's quite possible I made some slip-ups.

To come back to the BDB errors, I'm just not very comfortable with the workarounds posted on the comments there ( hacking source rpms of the BDB packages and removing lines mentioning pthreads... sounds Greek to me, so I'm still open for some easier suggestions ;)
0
 
LVL 20

Accepted Solution

by:
Gns earned 125 total points
Comment Utility
> To come back to the BDB errors, I'm just not very comfortable with the workarounds posted on the comments there ( hacking source rpms of the BDB packages and
> removing lines mentioning pthreads... sounds Greek to me, so I'm still open for some easier suggestions ;)
Well, it's at least a way to build from source but still manage it (the BDB "package") via rpm. Editing the spec file just tells what options you'd enable/disable during the build from source->installable objects. It's really rather easier than a straight "build/install from source":-).

-- Glenn
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now