The Updated post is here.
Click on the menu tab [ IRC ] to go to the site IRC channel. It opens in another window.
The Updated post is here.
Click on the menu tab [ IRC ] to go to the site IRC channel. It opens in another window.
Mac OS X
To check the current limits on your Mac OS X system, run:
launchctl limit maxfiles
maxfiles 65536 65536
ulimit -n returns much the same
The last two columns are the soft and hard limits, respectively. This example was done after the update below.
Adjusting Open File Limits in Yosemite
To adjust open files limits on a system-wide basis in Mac OS X Yosemite, you must create two configuration files. The first is a property list (aka plist) file in /Library/LaunchDaemons/limit.maxfiles.plist that contains the following XML configuration:
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>limit.maxfiles</string> <key>ProgramArguments</key> <array> <string>launchctl</string> <string>limit</string> <string>maxfiles</string> <string>65536</string> <string>65536</string> </array> <key>RunAtLoad</key> <true/> <key>ServiceIPC</key> <false/> </dict> </plist>
This will set the open files limit to 65536. The second plist configuration file should be stored in /Library/LaunchDaemons/limit.maxproc.plist with the following contents:
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple/DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>limit.maxproc</string> <key>ProgramArguments</key> <array> <string>launchctl</string> <string>limit</string> <string>maxproc</string> <string>2048</string> <string>2048</string> </array> <key>RunAtLoad</key> <true /> <key>ServiceIPC</key> <false /> </dict> </plist>
Both plist files must be owned by root:wheel and have permissions -rw-r–r–. This permissions should be in place by default, but you can ensure that they are in place by running sudo chmod 644
In addition to setting these limits at the system level, we recommend setting the at the session level as well by appending the following lines to your bashrc, bashprofile, or analogous file:
ulimit -n 65536 ulimit -u 2048
Like the plist files, your bashrc or similar file should have -rw-r–r– permissions. At this point, you can restart your computer and enter ulimit -n into your terminal. If your system is configured correctly, you should see that maxfiles has been set to 65536.
The best bit of advice I can give you is.
DO NOT install those packages from MacPorts, or HomeBrew etc. They end up in all sorts of non-standard folders and places on your hard drive.
None of the tutorials on the internet, apart from some of mine, refer to OS X installations. They are all Linux etc.
However, the file structure of Yosemite is BSD pretty much, so if you can
sudo make install
all by yourself, then you should do so, carefully selecting the Configure options first, so that Installation goes into the filters where you want it to go, and where the software normally expects to go. For example, postfix and Dovecot normally have their configuration files under /etc – as in /etc/postfix, /etc/dovecot. So on and so on.
If you just blindly install the packages with a “configure, make, make install” they could end up any where.
The same applies to Apache.
These packages can be told to list their options with
from within the the unpacked directly.
./configure –enable-ssl –enable-so
Note: By default the above installs Apache under /usr/local/apache2. If you like to change this location, use –prefix option in the ./configure.
Or, in the case of Dovecot … and NOTE, that this is from a Linux distro. Not mine. DO NOT BLINDLY USE.
sh configure –with-ldap=plugin \
We can’t use ipfw any more, as it’s deprecated. Instead, use pfctl, which unfortunately lacks a nice command line way to tell it to open a port. Instead, you need to:
Open /etc/pf.conf in a text editor.
Add a line like this:
# Open port 8080 for TCP on all interfaces
pass in proto tcp from any to any port 8080
Save the file.
Load the changes (and test them) with:
sudo pfctl -vnf /etc/pf.conf
and you do need to reboot to make the changes “stick”…
If you need to open a udp port, change tcp to udp, if you need both, add a second line. Additional detail can be found in man pf.conf.
Primarily finding out a lot about installing Postfix, Dovecot, MySQL and related items. Most HowTo tutorial around the place are focused on Linux, and OSX is different enough that you will get stuck badly if you try setting up … on your own.
One day I may do the tutorial, but for now, just some of the things I discovered on my journey.
The first thing of note is that 10.10.x doesn’t open your required ports by default. And you can’t open them by the Application firewall available from the GUI.
the ports you need are 110, 995, 143, and 993 – all closed by default. If you are lucky, 25 will be open.
You will have to use pfctl to open them – more on that later.
If these ports aren’t open, chances are, your Mail.app client will not work once you get set up with SSL. You can obtain a FREE – not self generated SSL certificate set from StartSSL. The base level is free, and it’s a valid, signed, recognised certificate. Useable for your www site, and mail.
See unter the Menu Heading Postfix&Dovecot
Just a repository.
make -f Makefile.init dynamicmaps=yes CCARGS='-DHAS_MYSQL -I/usr/local/include/mysql -DUSE_TLS -DHAS_PCRE -I/opt/local/include' 'AUXLIBS=-L/opt/local/lib -lssl -lcrypto' 'AUXLIBS_MYSQL=-L/usr/local/lib -lmysqlclient -lz -lm' 'AUXLIBS_PCRE=-L/opt/local/lib -lpcre' makefiles
Now, can I add SASL.
make -f Makefile.init dynamicmaps=yes CCARGS='-DHAS_MYSQL -I/usr/local/include/mysql -DUSE_TLS -DUSE_SASL_AUTH -DDEF_SERVER_SASL_TYPE=\"dovecot\" -DHAS_PCRE -I/opt/local/include' 'AUXLIBS=-L/opt/local/lib -lssl -lcrypto' 'AUXLIBS_MYSQL=-L/usr/local/lib -lmysqlclient -lz -lm' 'AUXLIBS_PCRE=-L/opt/local/lib -lpcre' makefiles
Yes – it works.
This builds Postfix 3.0.1 and 3.1 with the various options yo see in the CCARGS.
And just for good measure – this one builds it with Cyrus+Dovecot+Mysql+Pcre
make -f Makefile.init dynamicmaps=yes CCARGS='-DHAS_MYSQL -I/usr/local/include/mysql -DUSE_TLS -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/opt/local/include/sasl -DDEF_SERVER_SASL_TYPE=\"dovecot\" -DHAS_PCRE -I/opt/local/include' 'AUXLIBS=-L/opt/local/lib -lsasl2 -lssl -lcrypto' 'AUXLIBS_MYSQL=-L/usr/local/lib -lmysqlclient -lz -lm' 'AUXLIBS_PCRE=-L/opt/local/lib -lpcre' makefiles
and let me tell you – you really need to make sure these lines are exactly ASCII text. Anything else and they won’t work.
If you press [Enter] and you get an > showing. You’ve not got it right ….
This took me Days and Days and Days even to nut out.
Well it looks like I’ve cracked it, with compiling this code.
make -f Makefile.init dynamicmaps=yes CCARGS='-DUSE_TLS -DHAS_PCRE -DUSE_SASL_AUTH -DDEF_SERVER_SASL_TYPE=\"dovecot\" -I/opt/local/include' AUXLIBS='-L/opt/local/lib -lssl -lcrypto' AUXLIBS_PCRE='-L/opt/local/lib -lpcre' makefiles
With help from Viktor, on the postfix mailing list. How very helpful.
I’m running the cutedgesystem’s Mailserve for Yosemite, and copied the main.cf file into /etc/postfix, which is the default postfix directory.
After a lot of experimenting over the last few days with getting the “make” right, I finally did the “sudo make upgrade” thing, and started Mailserve.. the output from mail log is now this.
This is the contents of the Mail Log at /var/log/mail.log, latest entries listed first. The current Postfix version is 3.1-20150330 The current Dovecot version is 2.2.14 This is fetchmail release 6.3.26+SSL. Apr 14 10:32:11 zeus.quantum-radio.net postfix/master: daemon started -- version 3.1-20150330, configuration /usr/local/cutedge/postfix/etc Apr 14 10:32:10 zeus.quantum-radio.net postfix/postfix-script: starting the Postfix mail system Apr 14 10:32:10 zeus.quantum-radio.net postfix: To disable backwards compatibility use "postconf compatibility_level=2" and "postfix reload" Apr 14 10:32:10 zeus.quantum-radio.net postfix: See http://www.postfix.org/COMPATIBILITY_README.html for details Apr 14 10:32:10 zeus.quantum-radio.net postfix: Postfix is running with backwards-compatible default settings
I’m not running fetch mail, it just shows up in the Mailserve log because it’s part of that package. But I don’t have it turned on.
Postfix & Dovecot
I have OS X 10.10.3 on a Mac Mini.
If your installation varies, then probably so will a few other things. For example, your installed version. Check this with
robert$ postconf mail_version
It will return your currently running version. As of 11th April, 2015, the version is 3.0.0, downloadable from here http://www.postfix.org/documentation.html
I’ve done a find on anything postfix, just to check here.
robert$sudo find / -name postfix -print
Ok, download your postfix-3.0.0 into your Downloads directory, and unpack it there. if you DON’T want to over write your existing version of Postfix, just do the make – DO NOT DO “make install”….
Change into that directory.
zeus:~ robert$ cd Downloads/postfix-3.0.0 zeus:postfix-3.0.0 robert$ ls -l zeus:postfix-3.0.0 robert$ make zeus:postfix-3.0.0 robert$ sudo make install Password: ….. ends with this. Accept all defaults unless you REALLY know what you are doing. …. postfix: Postfix is running with backwards-compatible default settings postfix: See http://www.postfix.org/COMPATIBILITY_README.html for details postfix: To disable backwards compatibility use "postconf compatibility_level=2" and "postfix reload" Note: the following files or directories still exist but are no longer part of Postfix: /usr/libexec/postfix/main.cf /usr/libexec/postfix/master.cf zeus:postfix-3.0.0 robert$
Then, when all is done, do
zeus:postfix-3.0.0 robert$ postconf mail_version mail_version = 3.0.0 zeus:postfix-3.0.0 robert$
Next, install Dovecot. A little bit more complex, but not too bad.
============================ check existing paths ===================
zeus:~ robert$ echo $PATH
Download the latest Dovecot sources – from http://dovecot.org/download.html
Go to the instructions. http://wiki2.dovecot.org
Then go to Compiling From Sources here: http://wiki2.dovecot.org/CompilingSource
These are the steps. Compiling can take a fairly long time, so don’t rush it. My Mac Mini has 16GB of RAM and a 7200rpm hdd, and and i7Processor, so it’s fairly fast, but if you have limited RAM, your waiting times may be much longer. It doesn’t matter, just be patient.
When it’s finished – check for ERRORS. There shouldn’t be any if you have the latest Yosemite installed (10.10.3 as of this build)
I’ve unpacked the sources in the download directory, into their own directory called dovecot-2.1.17 (the release I’m using now)
Do the following steps
zeus:dovecot-2.1.17 robert$ ./configure checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... ./install-sh -c -d ............ and so on for many pages of checking and building. With no errors, it should get to here..... ... config.status: creating dovecot-config.in config.status: creating config.h config.status: executing depfiles commands config.status: executing libtool commands Install prefix . : /usr/local File offsets ... : 64bit I/O polling .... : kqueue I/O notifys .... : kqueue SSL ............ : yes (OpenSSL) GSSAPI ......... : no passdbs ........ : static passwd passwd-file pam checkpassword : -shadow -bsdauth -sia -ldap -sql -vpopmail userdbs ........ : static prefetch passwd passwd-file checkpassword : -ldap -sql -vpopmail -nss SQL drivers .... : : -pgsql -mysql -sqlite Full text search : squat : -lucene -solr zeus:dovecot-2.1.17 robert$
============================ end of configure ===========
The first “Make”
$make ...... pages and pages .... ...... finally ....... Making all in wiki make: Nothing to be done for `all'. Making all in example-config Making all in conf.d make: Nothing to be done for `all'. cat ./README.in | sed "s|@exampledir@|/usr/local/share/doc/dovecot/example-config|" > README make: Nothing to be done for `all-am'. zeus:dovecot-2.1.17 robert$
============================= end of make =================
Now, to install it. Still following the instructions…. REMEMBER to do sudo, or it WILL break.
zeus:dovecot-2.1.17 robert$ sudo make install Password: Making install in . /bin/sh ./update-version.sh . . /Applications/Xcode.app/Contents/Developer/usr/bin/make install-exec-hook ././install-sh -c -d /usr/local/lib/dovecot; \ ...... lots of stuff ....... ...... finally it finishes ...... make: Nothing to be done for `install-exec-am'. .././install-sh -c -d '/usr/local/share/doc/dovecot' /usr/bin/install -c -m 644 documentation.txt securecoding.txt thread-refs.txt mkcert.sh dovecot-openssl.cnf solr-schema.xml '/usr/local/share/doc/dovecot' zeus:dovecot-2.1.17 robert$
========================== finished sudo make install ===============
The next bit of the instructions may take some figuring out, and seems to say in the detail, that you can change these users mentioned. Use the dovecot.cf settings shown below.
You’ll need to create two users for Dovecot’s internal use:
dovenull: Used by untrusted imap-login and pop3-login processes (default_login_user setting).
dovecot: Used by slightly more trusted Dovecot processes (default_internal_user setting).
Both of them should also have their own dovenull and dovecot groups. See UserIds for more information.
This bit may or may not be tricky, but you can check if you already have such users
$dscacheutil -q group | grep dove
Don’t worry about this too much for now. If you need to actually add them, the log files will tell you.
Check your install went ok.
zeus:sbin robert$ dovecot –version
If you are doing this from scratch – go now, back to http://wiki2.dovecot.org and read
OSX 10.10.3 now has a slightly different way of adding users and groups from the command line.
These steps should outline it. The command is “dscl” – so do a $man dscl or Google it.
There is some additional info in http://www.greenend.org.uk/rjk/tech/useradd.html this post, but you must replace the ‘/’ with a dot. ‘.’ Otherwise it still seems current.
$sudo dscl . -list /Groups | grep dovecot
In my case, it produces this, havingalready createda dovecot group.
robert$ dovecot 500
If you already have a dovecot group, it will show, otherwise – read carefully
You must pick UID and GID yourself. A command like dscl . -list /Groups PrimaryGroupID will produce a list of groups and their IDs, allowing you to avoid existing ones. UIDs above 500 will appear in the account preferences window; those below 501 will not. I don’t know where this is documented, unfortunately.
Remember to use ‘sudo’
To create a group: where GROUP is for example ‘dovecot’
dscl . -create /Groups/GROUP
dscl . -create /Groups/GROUP PrimaryGroupID GID
dscl . -create /Groups/GROUP Password \*
zeus:users robert$ sudo dscl . -create /Users/dovecot
zeus:users robert$ dscl . -read /Users/dovecot
So now you have uses and groups of dovecot and dovenull
However, my predone configuration files shown later in different post may be all you need.
Check what you have so far.
zeus:bin robert$ ./doveconf -n
You should now have an operational latest version of “postfix” and “dovecot”
But they won’t run yet of their own accord.
That requires a couple of LaunchDaemons, and a fair bit of configuration of various files.
I’ll try and get that in a related post soon.
Continued finally from the original, last year, where the two programs were updated from sources. Yosemite comes with postfix, so really, use that. Just need to install Dovecot.
So, to Postfix:
Everything you need first up will be found in /etc/postfix which means of course that any modification will require you to use the sudo prefix. Don’t su to root user, it’s way too dangerous.
Start with creating some necessary additions to the main.cf file, and creating some postfix databases, or db’s.
Step 1. Edit Postfix config file
Open a terminal and edit the file main.cf
sudo vi /etc/postfix/main.cf
First check Postfix is configured correctly, look for the following lines:
these two lines:
smtp_sasl_security_options = noanonymous
smtp_sasl_mechanism_filter = plain
May or may not be necessary in your setup. IF you are experiencing this error.
(SASL authentication failed; cannot authenticate to server smtp.gmail.com[18.104.22.168]: generic failure)
then you probably do need to add these lines.
mydomain_fallback is now unused I believe.
#mydomain_fallback = localhost mail_owner = _postfix setgid_group = _postdrop
Now add the following lines at the very end of the file:
#Gmail SMTP relayhost=smtp.gmail.com:587 # Enable SASL authentication in the Postfix SMTP client. smtp_sasl_auth_enable=yes smtp_sasl_password_maps=hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_sasl_mechanism_filter = plain # Enable Transport Layer Security (TLS), i.e. SSL. smtp_use_tls=yes smtp_tls_security_level=encrypt tls_random_source=dev:/dev/urandom
This is telling Postfix to use a GMAIL SMTP server with Simple Authentication and Security Layer (SASL). Which will be stored in the path “/etc/postfix/sasl_passwd“. You can use any other SMTP provider (Hotmail, Yahoo, ETC…). You only need to know the SMTP host and port. For example for hotmail you should replace the relayhost for the following:
#Hotmail SMTP relayhost=smtp.live.com:587
Step 2. Create the sasl_passwd file
We need to create the sasl_passwd file with the SMTP credentials
sudo vi /etc/postfix/sasl_passwd
Write the following content and save:
Create the Postfix lookup table from the sasl_passwd file.
sudo postmap /etc/postfix/sasl_passwd
This will create the file sasl_passwd.db
There are other databases that need creating, but we will do those in the next edition, or as we get to them. Most notably “access”, “aliases” and “virtual”.
But hey, lets do these ones now. So we have them ready.
This file contains all of the users and domains that have access to your mail server.
# sample access file 10.0.1 OK email@example.com REJECT losangelesticketlawyers.com REJECT 192.168.0 OK firstname.lastname@example.org OK email@example.com OK firstname.lastname@example.org OK
again, use ‘postmap’ to create the db file. Remember, if you change the text file, rerun this command.
sudo postmap /etc/postfix/access
‘aliases’ is a slightly special case. Read the existing ‘aliases’ file before you try and modify it, and understand what it’s telling you.
For a start, run this,
$ postconf alias_maps alias_maps = hash:/etc/aliases
Which will tell you where it’s expecting to find the aliases file.
Regardless, don’t make any changes to this file just yet, just do the database making thing.
The aliases.db will be created/recreated in /etc/postfix, alongside the aliases text file.
Now, if yo look in /etc for aliases, you should see a link to your new postfix/aliases.db
/etc/aliases -> postfix/aliases and /etc/aliases.db
Be careful with this one – it’s tricky.
# # Sample aliases file. Install in the location as specified by the # output from the command "postconf alias_maps". Typical path names # are /etc/aliases or /etc/mail/aliases.
This means. Run “postconf alias_maps”, move your “aliases” text file to that location, and then run “newaliases” on it.
‘virtual’ tables are also another tricky beast. Read the contents of the original first… way before you make any changes to it.
# DESCRIPTION # The optional virtual(5) alias table rewrites recipient # addresses for all local, all virtual, and all remote mail # destinations. This is unlike the aliases(5) table which # is used only for local(8) delivery. Virtual aliasing is # recursive, and is implemented by the Postfix cleanup(8) # daemon before mail is queued.
Step 3. Restart Postfix
To apply all new changes we have to restart Postfix:
sudo postfix reload
Step 4. Test it!
Let’s send a mail to our own account to be sure everything is working fine:
date | mail -s testing email@example.com
You can check the mail queue and the posible delivery errors using “mailq“
Other useful commands
To clear the mail queue:
sudo postsuper -d ALL
Monitoring the mail logs (Ctrl + C to exit log)
tail -f /var/log/mail.log
Open iTunes to buy and download apps.
Listen on your iPhone/iPod or iPad – easily, no fuss,
iWS can quickly collect weather data from your Weather Display station clientraw.txt file, and display it in a meaningful summary. You can enter other client raw.txt locations in the settings screen, so you can watch weather almost anywhere in the world.
The design is simple, and quick to use. Enter details in the Settings screen, Save it, then go to the Home screen and tap Reload. Within moments there is your weather data.
If you are only watching your weather station, open the app and there it is. If you want to update the information, simply tap Reload. You weather data will be reloaded.
Uses minimum resources as it does not update live, and is so easy to use even kids can do it. It’s made for when you are out and about, and just need a quick look at what’s happening at your Weather Station.
As there are any number of weather stations out there using clientraw.txt files, a Google search will locate a worldwide collection-from where you can check the weather almost anywhere in the world.
Updating internal functions for newer devices.
Bug fixes. Now really designed for use on iPhone 5 and above, and iPad Retina devices. Added a database for holding clientraw.txt URL’s of a range of weather stations around the world that the user can input, making it easier to keep track of stations of interest.
iPhone 4 support is retired.
Compatibility: Requires iOS 7.1 or later. Compatible with iPhone, iPad, and iPod touch. This app is optimised for iPhone 5.