Cyrus Logo The Cyrus IMAP server is an electronic mail server software developed by Carnegie Mellon University. As opposed to POP3, IMAP allows you to access your email messages on which ever device you choose. Basically, email messages are stored on the IMAP server. Whenever you check your inbox, your email client contacts the server to connect you with your messages. When you read an email message using IMAP, you aren’t actually downloading or storing it on your computer; instead, you are reading it off of the server.

In this post I will cover installing and configuring the Cyrus IMAP server, managing email accounts and integrating the Cyrus IMAP Server with Sendmail.

Cyrus IMAP Installation & Configuration

As always with FreeBSD, it is very easy to install new software, such as the Cyrus IMAP Server.

pkg install cyrus-imapd25

This pkg install method gives us some information, which may be useful later:

Message from cyrus-imapd25-2.5.7_1:
****************************************************************************

To setup mail spool, modify /usr/local/etc/imapd.conf appropriately,
then run /usr/local/cyrus/bin/mkimap.
To run Cyrus IMAPd from startup, add cyrus_imapd_enable="YES" in your
/etc/rc.conf.

****************************************************************************

As suggested in the output, let us add the service to /etc/rc.conf.

echo 'cyrus_imapd_enable="YES"' >> /etc/rc.conf

Further, we need to alter imapd.conf before running the mkimap command. The directives we are interested in are as follows. Alter these accordingly.

admins: cyrus
sasl_mech_list: cram-md5
tls_server_cert: /usr/local/etc/pki/tls/pbdigital.org/certs/pbdigital.org.crt 
tls_server_key: /usr/local/etc/pki/tls/pbdigital.org/private/pbdigital.org.key
tls_client_ca_file: /usr/local/etc/pki/tls/pbdigital.org/certs/letsencrypt-chain.pem

Now we can run the mkimap command to complete installation.

/usr/local/cyrus/bin/mkimap

Creating The Cyrus Admin Account

In /usr/local/etc/imapd.conf we stipulated in the admins key value, the user cyrus. This user relates to the imap daemon and is not a system user.

Create the cyrus user for imapd with the following command:

saslpasswd2 cyrus

Note: cyrus-sasl` needs to be installed to run saslpasswd2. This was covered in Sendmail With SMTP AUTH - FreeBSD

Creating IMAP Users

To manage IMAP users we use the cyradm program. However, first we will create a local user account:

saslpasswd2 philip
Password: 
Again (for verification): 

Now start the Cyrus Imap server and login as the admin user and where the hostname is the FQDN.

service imapd start
cyradm -u cyrus hostname
Password: 
pbdigital.org>

Create a mailbox for the user philip that we have created from saslpasswd2. The mailbox naming convention requires that the primary mailbox (INBOX) for anyone must be named “user.<userid>“.

pbdigital.org> createmailbox user.philip
pbdigital.org> listmailbox
user.philip (\HasChildren)           user.philip.Sent (\HasNoChildren)    
user.philip.Drafts (\HasNoChildren)  user.philip.Trash (\HasNoChildren)
pbdigital.org> quit

Note, cyrus, the cyradm administrator should not have any mailboxes set up for itself.

Once you have created a mailbox, IMAP is now all setup.

Final Sendmail Configuration

There are two final steps to be configured for Sendmail (running on the same server as IMAP) before IMAP will be fully functional.

First create the file /etc/mail/local-host-names with the following command if it is not already present.

echo "pbdigital.org" > /etc/mail/local-host-names

Secondly, we have to reconfigure Sendmail to use the CyrusV2 Mailer to deliver mail to the IMAP mailboxes.

Append the following to your Sendmail .mc file and rebuild Sendmail from the /etc/mail directory.

echo "define(`confLOCAL_MAILER', `cyrusv2')dnl" >> /etc/mail/mail.pbdigital.org.mc"
echo "MAILER(`cyrusv2')" >> /etc/mail/mail.pbdigital.org.mc"
make
make install restart

A word on certificate permissions

Depending on the permissions of your key you may have to add cyrus to the pki group.

pw groupmod pki -M cyrus

That is all that is necessary to create your IMAP Server. Now you can add accounts to Thunderbird or other Mail User Agents to access the server.

IDLE Socket

If you receive warnings in /var/log/messages in regards to the IDLE socket you will need to uncomment the directive in /usr/local/etc/cyrus.conf.

START {
  # do not delete this entry!
  recover       cmd="ctl_cyrusdb -r"

  # this is only necessary if using idled for IMAP IDLE
  idled         cmd="idled"
}

Wrapping Up

I like the Cyrus IMAPD server as it also features CARD-Dav & CAL-Dav servers, and may in the future post some details on their implementation.

Hopefully you have found this easy to follow and you now have some email accounts setup in your favorite email client.