Well, I couldn’t leave Apple to it to be the only one making announcements on new products and features. There is some news here as well, I’m announcing a change as well.

OS X always had it’s own IMAP/POP3 server, called Cyrus, which I considered lacking and I used the Courier product stack which has always helped me a lot. But thanks to some attentive users (yes you James) I was informed that Apple is switching their mail server setup and they are moving to Dovecot.

It seems like Dovecot has become the better IMAP server, here is a comparison chart. From what I’ve read on the web Dovecot is more secure, faster and more IMAP compliant then any other server out there. Now the full details are available on Snow Leopard Server you will read that Dovecot is going to be the standard implementation. Here are some related news items that had spilled the news earlier: AppleInsider and Derek Underwood’s blog.

I’ve been playing with Dovecot for some time now, people following me on Twitter might have read about it already, and it is looking good. New mail notifications are faster than using Courier (almost feels like push mail). Dovecot also has most of the features we need and includes everything we currently used in separate modules from Courier (auth and maildrop). Because Dovecot can also do authentication there is no need for SASL anymore. This all will make the setup a lot simpler.

Also a feature called Sieve in Dovecot will enable server based filtering rules, this will enable server based filtering being managed by the end user.

My current plan is to first write an instruction for installing the basic mail server (postfix + dovecot) to provide the new setup to new users. Next step is writing a migration plan to be able to move current Courier users to Dovecot. Concurrently I will try to add current and new features that are enabled by the usage of Dovecot.

I hope you like the improvements and forgive me for not having a keynote

This week was a mighty busy week for me as many programs got updates and I was still testing MySQL and the upgrade scenarios that are needed for current users. On top of that Apple came with the OS X 10.5.7 upgrade.

I’ve finished testing Postfix 2.6.0 and Courier auth 62.2 and Courier Imap 4.5.0 and I can tell you that you can upgrade safely to the newer version when you want to. I even upgraded my production server in the meantime.

The details on the Postfix upgrade:

• Multi-instance support introduces a new postmulti(1) command to
  create/add/remove/etc. additional Postfix instances. The familiar
  “postfix start” etc. commands now automatically start multiple
  Postfix instances. The good news: nothing changes when you use
  only one Postfix instance. See MULTI_INSTANCE_README for details.
• Multi-instance support required that some files be moved from
  the non-shared $config_directory to the shared $daemon_directory.
  The affected files are postfix-script, postfix-files and post-install.
• TLS (SSL) support was updated for elliptic curve encryption. This
  requires OpenSSL version 0.9.9 or later. The SMTP client no longer
  uses the SSLv2 protocol by default. See TLS_README for details.
• The Milter client now supports all Sendmail 8.14 Milter requests,
  including requests for rejected recipient addresses, and requests
  to replace the envelope sender address. See MILTER_README for
  details.
• Postfix no longer adds (Resent-) From:, Date:, Message-ID: or To:
  headers to email messages with “remote” origins (these are origins
  that don’t match $local_header_rewrite_clients). Adding such
  headers breaks DKIM signatures that explicitly cover non-present
  headers. For compatibility with existing logfile processing
  software, Postfix will log “message-id=<>” for email messages
  that have no Message-Id header.
• Stress-adaptive behavior is now enabled by default. This allows
  the Postfix SMTP server to temporarily reduce time limits and
  error-count limits under conditions of overload, such as a malware
  attack or backscatter flood.

The details on the Courier-Auth upgrade:

• Makefile.am: Compatibility fix for bash 4

The details on the Courier-IMAP upgrade:

• Log more fatal errors on stderr
• GnuTLS: add support for chained certs
• Completely empty MIME entities incorrectly match any SEARCH request.
• Some performance optimizations in header parsing
• Incorrect reference to POP3_STLS in po3pdserver.c – should be POP3_TLS.

I’ve still have some issues in compiling the newly released Maildrop 2.1.0 but I’ll post a new blogpost as soon as that issue gets resolved.

For instructions on how to upgrade Postfix please read Upgrading Postfix.
To upgrade your courier-auth installation read Upgrading Courier-Auth
For instructions on how to upgrade Courier IMAP please read Upgrading Courier IMAP.

Finally, I’ve set myself to it after avery busy week at work. I’ve created a new set of pages to instruct you how to compile Postfix, Courier-Auth and Courier IMAP/POP3 in 64 bits mode. It’s basically setting some extra compiler flags but it takes some trial and error to find out which are the correct ones. Don’t forget you need a 64 bits MySQL installation to get this working otherwise you will get compiler errors.

• Building the Postfix mailserver in 64 bits on Leopard
• Building the Courier Auth library in 64 bits on Leopard
• Building the Courier IMAP/POP3 server in 64 bits on Leopard

The configuration of all the components is not affected by this new compilation method so they stay the same. Next up: DSPAM and Maildrop.

This weekend I’ve added another piece of documentation to solve some of the problems with maildrop. As you might have found out maildrop does not create the directories automatically for delivering the emails when a new user is setup on your system. The postfix virtual delivery mechanism does this perfectly. However, because maildrop is scriptable (also by end users) and is therefore considered a risk in letting it do stuff as root user.

I’ve therefore created a small shell script and a template maildir that will perform all the required tasks automatically. It will read the list of users from the database and will create the directory structure from the template with all the correct permissions.

Read more about the script in the documentation: Creating maildirectories automatically

If someone finds another, better, method. Please let me know.

Sam Varshavchik has released an update on Christmas day (go figure, what a commitment) to the Courier-Auth daemon, this release correct a couple of minor compiler warnings and errors.:

• cryptpassword.c: Fix compiler warnings
• checkpasswordsha1.c: Fix compiler warnings.
• authldaplib.c (auth_ldap_enumerate): Fix typo.

I’ve tested this release without a problem and my production server is running this version at the moment without a problem.

To upgrade your courier-auth installation read “Upgrading Courier-Auth”