Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

10.4: Enable client POP3/IMAP after upgrade UNIX
If you had Postfix Enabler installed on a 10.3 client system that you have upgraded, you may find that your mail setup no longer works as expected. No surprise here, since Apple has made some under-the-hood changes with Tiger and how it runs start-up items and services. After a bit of digging around, I finally got my mail server for Tiger client working again. Here is what is needed to get it to work again.

Note: this is a fairly long tip since it includes file listings needed, but the process itself should be relatively straight forward.

[robg adds: I haven't tested this one...]

The first four steps check that the upgrade from 10.3.X hasn't deleted or moved the files needed to get this to work. The Tiger-specific details follow at step five and beyond.
  1. First thing to check is that you still have an entry in /etc/hostconfig which says:
    MAILSERVER=-YES-
  2. Check that you still have the Postfix startup item installed. It should be either in /System/Library/Startup Items or more properly, since this is a non-Apple add-in to the system, it should be in /Library/Startup Items. The contents of the Postfix startup item folder should be:
    /Library/Startup Items/Postfix/Postfix
    /Library/Startup Items/Postfix/StartupParameters.plist
    
    Full contents of each of these files is located at the end of this tip.

  3. Make sure that your POP and IMAP binaries are still in place where they were in 10.3. In my case, they should have been in /usr/local/libexec, thus the listing of that directory should be:
    /usr/local/libexec/imapd
    /usr/local/libexec/ipop3d
    
  4. Make sure your postfix configuration is still valid. So all the files in /etc/postfix from the previous installation should still be there, and still valid from the previous installation in 10.3. So far so good, nothing new really for Tiger. Now we get into the new stuff.

  5. Create a few extra files for use by Tiger and its startup processes, so that you can retrieve mail from your working SMTP server. If you only use POP, go to Part A. Likewise, if you only use IMAP, go to Part B. Note that though Apple seems to support the /etc/xinetd.d/ startup sequence for internet daemons in Tiger, I could not get it to work properly with existing stuff, hence the following workaround/solution. You will be creating new files in /Library/LaunchDaemons.

    Part A - POP3 Access
    First file to create is for POP access. Open the terminal and do the following:
     sudo pico /Library/LaunchDaemons/pop3.plist 
    At the following screen, paste in this content. Hit Control-X to quit out of pico and save changes.

    Part B - IMAP Access

    If you are planning on using IMAP, then the following will enable IMAP. In Terminal, type:
     sudo pico /Library/LaunchDaemons/imap3.plist
    
    Paste in this content. Quit out of pico (Control-X) and save changes.

    Part C

    Now that the files are created, they need the correct permissions. Either in the Finder's info box (Command-I) or with Terminal:
     sudo chown root:admin /Library/LaunchDaemons/*
    
    This will change the files' ownership to root and admin.
You're done! Now you've done what is needed to get Tiger Client to support incoming, and outgoing mail through SMTP and POP/IMAP.

Enabling SSL versions of POP3 and IMAP
Note: For simplicity's sake, we have just created the startup instructions just for non-encrypted (non-SSL) POP3 and IMAP connections. The same basic idea applies for POP3S and IMAPS connections except you have to make sure you have the security certificates transferred over as well from your previous installation.

SSL Certificates:
/System/Library/OpenSSL/certs/imapd.pem
/System/Library/OpenSSL/certs/ipop3d.pem
/System/Library/OpenSSL/certs/smtpd.pem
If you want to use SSL-enabled POP/IMAP, the same model plists listed above apply except make sure of the following:

IMAPs

LaunchDaemon file should be created as /Library/LaunchDaemons/imap3s.plist with the following changes from the model IMAP3.plist listed above
<key>Label</key>
      <string>edu.washington.imapds</string>
and the "Listener" part is changed to:
<key>SockServiceName</key>
      <string>imap3s</string>
POP3s
Replace pop3 in the /Library/LaunchDaemons/pop3s.plist with pop3s in both the Label and Listener.

Postfix StartupItems folder listing
As mentioned earlier in this hint, here are the Postfix StartupItem listings:

/Library/StartupItems/Postfix/StartupItems/StartupItems.plist
should read:
{
  Description   = "Postfix mail server";
  Provides      = ("SMTP");
  Requires      = ("Resolver");
  Uses          = ("Network Time", "NFS");
  Preference    = "None";
  Messages =
  {
    start = "Starting Postfix";
    stop  = "Stopping Postfix";
    restart  = "Reloading Postfix Configuration";
  };
}
and the /Library/StartupItems/Postfix/StartupItems/postfix listing should read:
#!/bin/sh

. /etc/rc.common

StartService ()
{
    if [ "${MAILSERVER:=-NO-}" = "-YES-" ]; then
            ConsoleMessage "Starting mail services"
       /usr/sbin/postfix start
    elif [ "${MAILSERVER:=-NO-}" = "-AUTOMATIC-" ]; then
         /usr/sbin/postfix-watch
    fi
}

StopService ()
{
   ConsoleMessage "Stopping Postfix mail services"
       /usr/sbin/postfix stop
        killall -1 postfix-watch 2> /dev/null
}

RestartService ()
{
    if [ "${MAILSERVER:=-NO-}" = "-YES-" ]; then
     ConsoleMessage "Reloading Postfix configuration"
      /usr/sbin/postfix reload
    else
    StopService
    fi
}

RunService "$1"
Permissions for both files should be owner: root and group: admin
    •    
  • Currently 1.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (1 vote cast)
 
[15,431 views]  

10.4: Enable client POP3/IMAP after upgrade | 10 comments | Create New Account
Click here to return to the '10.4: Enable client POP3/IMAP after upgrade' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.4: Enable client POP3/IMAP after upgrade
Authored by: luhmann on May 09, '05 08:40:59PM
You can also use the Tiger version of Postfix Enabler. It is no longer free - but it is worth the small fee for making this a one-click process!!!

[ Reply to This | # ]
Inconsistent Startup file names
Authored by: babbage on May 10, '05 05:52:34PM

In the start of the hint, we're told that the file names / paths are /Library/Startup Items/Postfix/Postfix and /Library/Startup Items/ Postfix/StartupParameters.plist.

In the file listing section of the hint, we're told to edit /Library/StartupItems/Postfix/StartupItems/StartupItems.plist and /Library/StartupItems/Postfix/StartupItems/postfix.

Neither of these quite looks right to me.

Under Panther and earlier, the standard location for system-wide startup items was /Library/StartupItems/Foo. This seems to be deprecated in Tiger, but it still works, so unless you're rewriting things to be totally the Tiger/launchd way, you should continue to use the Panther style naming convention. Therefore, the directory is StartupItems -- without a space in it, and the structure within the directory is two files: an executable program with the same name as the directory, and a StartupParameters.plist file with configuration options. (There can optionally be more stuff under a Resources directory, but this is uncommon; ususally the startup script is just a Bourne shell script with no unusual dependencies.)

Therefore, for this hint, the full path to the files needed to start up things will be as follows: /Library/StartupItems/Postfix/Postfix
/Library/StartupItems/Postfix/StartupParameters.plist


Now, that said, there was already a StartupItem for Postfix under /System/Library/StartupItems/Postfix under Panther. It looks like Tiger has replaced this with /System/Library/LaunchDaemons/org.postfix.master.plist, and as far as I can tell, the only thing you have to do to enable it is to set MAILSERVER=-YES- in your /etc/hostconfig file. That's all I did with my Mac at home, and the Postfix SMTP daemon starts up just fine at boot time. I suspect that you could just totally leave that step out of these instructions and everything will work just fine.

The bigger problem I'm having, and the reason that I'm reading this article to begin with, is that I had to do a clean install (and didn't think to backup my /System tree before doing so) and now IMAP isn't working for me. So far, nothing I've managed has been able to get it to come back to life. I can connect to the IMAP daemon by doing a telnet localhost imap, but I can't connect, and the mail.log just shows a bunch of failed login attempts from user "???" (sic). I found discussion that seems to clarify some things -- in particular, it seems that the authentication mechanism has changed so that the IMAP daemon must use PAM now, when that was optional before -- but I still can't get it to establish a connection.

I'm going to try the steps from this article when I get home, and will post a followup if I get anywhere with it...

---

--
DO NOT LEAVE IT IS NOT REAL

[ Reply to This | # ]

imap fixed; still can't get imaps to work
Authored by: babbage on May 10, '05 06:42:08PM

Okay, it looks like the suggestion in this hint did the trick for getting my IMAP daemon working, at least in non-SSL mode. I'm still trying to get the other half working, but I can at least start using the IMAP server now.

$ sudo cp /etc/pam.d/ftpd /etc/pam.d/imap
$ sudo cp /etc/pam.d/ftpd /etc/pam.d/pop3

I also did the security symlink, but it doesn't seem to have helped:

$ sudo ln -s /usr/include/pam /usr/include/security

I am, admittedly, cargo culting a bit here. When I figure out how to get this working and what had to happen to make it work, I'll come back and write a cleaner version of the steps that were followed.

---

--
DO NOT LEAVE IT IS NOT REAL

[ Reply to This | # ]

imap fixed; still can't get imaps to work
Authored by: babbage on May 11, '05 05:47:20PM

Ahh, I've got it. Once the xinet.d changes have been made, you have to force the daemon to rescan its config file. The easiest way to do this is simply sudo killall -HUP xinetd; after doing this, I've got IMAP/SSL working again. W00t! :-)

---

--
DO NOT LEAVE IT IS NOT REAL

[ Reply to This | # ]

imap fixed; still can't get imaps to work
Authored by: thePervertedMonk on May 13, '05 04:45:10PM

Hey Babbage,

Any chance of you documenting your process, as promised.
Been trolling, hunting and under-the-bridge sitting, since my Tiger upgrade to get my Postfix up and running.

Used to use: Postfix-Enabler before. I'm not cheapo, but the $9.95 just gave me the incentive to try and get it done myself (with macosxhints.com help, of course).

I've been reading several articles, but nothing concrete and comprehensive.

Looking at your success, I hope you can post something soon.

Cheers.

---
/the Perverted Monk
"my rant is my giant exhale... my exasperation at this approximation
of civilization that causes mad denigration in multiple nations"



[ Reply to This | # ]
imap fixed; still can't get imaps to work
Authored by: mpursley on Oct 14, '05 11:43:36AM

Hey Babbage,

My imapd is broken also...

What I did was use passwd on one user in my box to change the password. That change worked fine... for ssh anyway. But now when I `telnet localhost 143` and use "a login <username> <password>" I get denied for the user that I change the password... but all the other users can get in just fine...

[code]
"a login <user1> <unchaged_password>"
a OK [CAPABILITY IMAP4REV1 IDLE NAMESPACE MAILBOX-REFERRALS BINARY UNSELECT SCAN SORT THREAD=REFERENCES THREAD=ORDEREDSUBJECT MULTIAPPEND] User <user1> authenticated

"a login <user2> <new_password>"
a NO LOGIN failed
[/code]


I made the /usr/include/security link and /etc/pam.d/ftpd copies. Didn't seem to help... Any other suggestions?


Thanks,
M@



[ Reply to This | # ]
Inconsistent Startup file names
Authored by: dlhull on May 11, '05 06:15:16PM
It looks like Tiger has replaced this with /System/Library/LaunchDaemons/org.postfix.master.plist, and as far as I can tell, the only thing you have to do to enable it is to set MAILSERVER=-YES- in your /etc/hostconfig file.

Yes, but if you examine that file, you'll see that it calls master with the argument list -e 60 which tells it to exit after 60 seconds. So whenever a new file appears in /var/spool/postfix/maildrop, launchd starts master to process it, but master then shuts down again.



[ Reply to This | # ]
10.4: xinetd wedged!!
Authored by: tinker on Jun 05, '05 12:54:37AM
I've done the above, and I've run into a curious situation. If anyone has any suggestions, I'd appreciate it.

The deal is this: I'm running a brand new installation of UW-IMAP on my server. This worked under 10.3.x, but not under 10.4, in the following way. When I run Mail.app at the console, it syncs perfectly with the IMAP server. When I run Mail.app on a remote machine and log in, however, it syncs up to a certain point and then freezes. Net traffic drops to zero, Mail.app stops updating, and eventually it gives up and all folders for that server go grey.

The curious thing is that I can restart the process by typing

sudo kill -9 `cat /var/run/xinetd.pid`

(To give you a sense of how bad things are, I have this command aliased in my .login file.) The xinetd process dies and restarts itself, and Mail.app starts syncing again, for a little while, and then freezes again. Killing xinetd again buys about 20-30 seconds of additional sync time, then freeze. If I want to sync, I have to play this constant game of sync-freeze-kill-sync-freeze-kill. And it's getting old.

I've managed to replicate this behavior with Thunderbird, unfortunately. Actually, all the gory details of this week-long time-waster are on the Apple discussion boards, for the masochistic or morbidly curious.

I've reached the end of my tether. Something seems to be wedging xinetd, but I can't figure out what it is, and I have no idea how to make it stop. Help!!!

[ Reply to This | # ]
10.4: xinetd wedged!!
Authored by: babbage on Jun 09, '05 12:22:20AM

I keep seeing the same thing, and damn if I know why.

Every time I reboot, I've pretty much got a 50/50 chance that IMAP will be working when the system comes back up. It either all works fine, or it's completely inert: the log file shows no activity, attempts to telnet to the IMAP or IMAPS ports fail, and no mail client gets anywhere.

After a lot of painful trial and error, I've more or less got it narrowed down to something choking with xinetd, but who knows what the problem is. If IMAP is wedged, a quick killall -HUP xinetd does the trick, but I can't for the life of me figure out why this is necessary in the first place, or, more mysteriously, why it works half the time and fails half the time.

For now, my oh-so-elegant solution is to just desperately avoid reboots :-/

---

--
DO NOT LEAVE IT IS NOT REAL

[ Reply to This | # ]

10.4: xinetd wedged!!
Authored by: tinker on Nov 20, '05 07:24:56PM
I've discovered an even more inelegant solution to my mail-freeze program -- add

0-55/5 * * * * launchctl unload /Library/launchdaemons/imap3.plist;launchctl unload /Library/launchdaemons/imaps.plist; launchctl load /Library/launchdaemons/imap3.plist;launchctl load /Library/launchdaemons/imaps.plist

to the root crontab. Whatever is causing this freezing behavior rarely happens within the first five minutes of these daemons' execution....

[ Reply to This | # ]