Archive for the ‘Kerio’ Category

Introducing Splunk: Funny name, serious logging

Thursday, November 15th, 2012

So, my boss says:

“Write an article called ‘Getting Started with Splunk.’”

I reply:

“What, you think I know all this stuff? This really would be a getting started article.”

But here it is and WOW is Splunk cool!

My only experience with Splunk up to a couple days ago was seeing a T-shirt with “Log is my copilot”. I knew it had something to do with gathering log files and making them easier to read and search. In about an hour I had gone to Splunk’s website to research the product, downloaded and installed it, and started viewing logs from my own system. The Splunk folks have made getting their product into their customer’s hands easy and getting started even easier.

What is Splunk?

Simply put, Splunk can gather just about any kind of data that goes into a log (system logs, website metrics, etc.) into one place and make viewing that data easy. It’s accessed via web browser so it’s accessible on any computer or mobile device such as an iPad.

What do I need to run Splunk?

Practically any common operating system today can run Splunk: Mac OS X, Linux, Windows, FreeBSD and more.

How much does Splunk cost?

Don’t worry about that right now. Download and install the free version. It takes minutes to install and is a no-brainer. Let’s get started.

Getting Splunk

IT managers and directors may be interested in watching the introductory and business case videos with the corporate speak (“operational intelligence” anyone?) and company endorsements. Techs will be interested in getting started. Right on their home page is a big green Free Download button. Go there, click it and locate the downloader for your OS of choice. I downloaded the Mac OS X 10.7 installer to test (and installed it on OS X 10.8 without any issues).

Splunk home

This does require a sign-up to create an account. It takes less than a minute to complete. After submitting the information the 100 MB download begins right away.

While waiting for the download…

When the download is on its way the Splunk folks kindly redirect to a page with some short videos to watch while waiting. Watch this first one called Getting data into Splunk. It’s only a few minutes and this is the first thing to do after getting into Splunk.

Installing and starting Splunk

The download arrives as a double-clickable Apple Installer package. Double-click and install it. Toward the end it opens a simple TextEdit window with instructions for how to start, stop and access the newly installed Splunk site.

Install done

Files are installed in /Applications/splunk and resemble a UNIX file system.

Splunk application folder

Open the Terminal application found in /Applications/Utilities and run the command /Applications/splunk/bin/splunk start. If this is the first time running Splunk it prompts to accept its license agreement. Tap the spacebar to scroll through and read the agreement or type “q” to quit and agree to the license.


Accepting the agreement continues to start Splunk where it displays some brief setup messages.

Starting Splunk

The setup then provides the local HTTP address for the newly installed Splunk site. Open this in a web browser to get to the login screen. The first login requires that the administrator account password be reset.

Splunk login

Following along with the Getting data into Splunk video, Splunk will need some information. Mac OS X stores its own log files. Let’s point to those.

Click the Add Data link to begin.

New Splunk home

Since Mac OS X’s log files are local to the machine, click A file or directory of files.

Add files

Click Next to specify local files.

Add local logs

This opens a window that exposes not only Mac OS X’s visible folders but its invisible folders as well. Browse to /var/log/system.log and click the Select button.

Browse logs folder

For now, opt to skip previewing the log file and click Continue.

Path to system.log

Now, let’s opt to monitor not only the system.log file but the entire /var/log folder containing dozens of other log files as well. Note that Splunk can watch rotated and zipped log files too. Click Save to finish adding logs.

Add /var/log folder

Let’s start searching!

Succes, start searching

The Search window initially displays a list of all logs Splunk is monitoring. To narrow the search change the time filter drop down menu to Last 60 minutes. This will make the results a little easier to see on a system that’s only been running a short while.

Last 24 hours

Now, search for install*. Splunk will only search for the word “install” without providing the asterisk as a wildcard character. Splunk supports not only wildcard searches but booleans, parentheses, quotes, etc. It will return every instance recorded in the logs that matches the search criteria. It also creates an interactive bar chart along the top of the page to indicate the number of occurrences found for the search at particular times.

Search for install

To further refine the search, Option+click most any word in the log entries below and Splunk will automatically add the necessary syntax to remove an item. In this case the install* search returned installinstaller and installd. Option+clicking installd changed the search criteria to install* NOT installd.

Modified search

Now what?

Continue exploring the videos to understand Splunk’s possibilities and take advantage of its Splunk Tutorial, which is available online as well as in PDF format for offline viewing. They do a great job leading users through setup and creating reports.

Still asking about price? Good.

The free version remains free but doesn’t include many features that really make it sing such as monitoring and alerts, multiple user accounts and support beyond the Splunk website. Cost depends primarily on the amount of data you want to suck into Splunk and have it watch. It’s not cheap but for an enterprise needing to meet certain service level requirements it beats browsing through multiple servers trying to find the right log with the right information.

FYI, putting together this 1,000-word article probably took me 10 times longer than performing the Splunk install itself and beginning to learn it. It’s really well-done and easy to use. Splunk makes getting started simple.

Kerio Beta Released

Wednesday, November 11th, 2009

The next version of Kerio, Kerio Connect, has now gone into Beta. The most impressive addition is the ability to have multiple servers, which will help to scale Kerio further both in terms of geography and in terms of total user count. For more on the update:

As Kerio 7 continues to move forward in development, we look forward to seeing how the other new features perform and work with our customers to develop strategies for the newly supported features. If you were thinking about Kerio, but the scalability was a barrier for you in the past, then contact us now and we can work with you to determine if Kerio is a good fit for your organization and if so, develop a strategy for integration!

Using kmsrecover to Restore Kerio Backups

Monday, September 28th, 2009

Using KMSrecover to restore a mailserver/user
Using this command will overwrite the existing config and modify the message store, which is why you need another machine for this, with adequate HD space.

[ ] Install KMS locally on your computer (skip wizard)
[ ] Rename your laptops volumes name to the same as where the KMS store lives
(e.g Mail Server HD or Server HD or Macintosh HD)
[ ] Copy KMS backups to external drive and plug into laptop.
[ ] Navigate to mail server path in terminal or DOS.
Mac: /usr/local/kerio/mailserver
PC: C:\Program Files\KerioMailServer
[ ] Start the recovery
Mac: ./kmsrecover |
For full recovery point to backup location.
./kmsrecover /Volumes/backup
For specific recovery, use filename
./kmsrecover /Volumes/backup/
PC kmsrecover |
For full recovery point to backup location.
kmsrecover E:\backup
For specific recovery, use filename
kmsrecover E:\backup\
Warning: If the parameter contains a space in a directory name, it must be closed in quotes. kmsrecover “E:\backup 2”

Restoring Kerio Mail Server Data Without Using KMS Restore

Tuesday, September 8th, 2009

This article will cover the WHY and the HOW of restoring mail files without using the KMS recover tool 

WHY would you not want to use the KMS recover tool.
1. The KMS recover tools requires that you stop the KMS in order to restore. This is an interruption in a live mail server which can bring a company to a halt. We do not always have the opportunity to wait until off-time to restore important data.
2. The KMS tool has the ability to restore specific folder, will overwrite said folder. For example if Julia asks me to restore all the message in her in box before September second, restoring that INBOX using KMS recover for September second would erase the entire contents of that inbox and replace it with the contents of september second. This is not always what is desired.

How to do this properly.

1. isolate and decompress the archive zip file for the client. This is often the most time consuming part of the restore. Especially if there are quite a number of zip files to look through. I suggest you install some sort of client to look at the zip contents. I suggest the zip quick look plug in found at:

Without such a utility you will need to de compress as many zip files as it takes to isolate the user folder in question. It is important to know that if the user account is over 1 GB the backup process will split it between multiple zip files.

2. Once we have isolated the files to be restored we copy these files to the Archive directory as indicated in the Administrative Console under the Archive and Backup tab. Once these files are copied to the Archive directory KMS will index it so it will become available to the Mail Admin web interface

3. log into the mail admin web interface. Expand the Archive folder and you should see a listing for the files you copied to the archive folder.

4. Now we need to get these files into the target folder. This can be accomplished several ways;
A. the easiest way to restore these files is when you have the password for the user in question. If this is the case you can access the web interface for that user. In the Admin account create a public folder of the time required. A mail folder for mail, a contact folder if you are transferring contacts, or a calendar folder for transferring calendar items. Right click on the new public folder and change the access rights so the admin account and the user account in question both have administrative rights. Once this public folder has been created copy the files from the archive folder to the public folder. Usually by right clicking on the archive folder and choosing “Move or Copy all” and choosing the public folder for the destination. Once that copy process is done you can log into the web interface for the account in question and proceed to copy the messages out of the public folder to the folder in their account.

This will give you the option to see what messages are there so you don’t over write them.

repeat this process as necessary to restore the message to the folders required.

B. If you don’t have the password to the user account. You can still accomplish a lot but it will require the use of the terminal on the mail server. I would suggest you try your best to get the mail password for the account or change the mail password for the account to grant you access. If you cannot get the password or it would really be bad to change the password you can proceed in the following manner.

It is important that the actual message copying take place in the web interface. This is so kerio can properly name the messages and that the index files are correct.

In the Admin web interface create a new folder named temp_restore. This folder will be empty with nothing important. At this point you will need ssh access to the mail server and grant yourself root access. Navigate to the mail store directory and to the account of the person you are going to restore message for. Use the ditto command to copy the contents of the target restore folder ( in this example the inbox of Renee ) to the temp_restore.

When you refresh your web interface for the mail Admin, temp_restore will gain all of the properties of the Renee’s inbox. You can proceed to copy the files form your archive folder to this temp_restore. This will preserve message numbers and index files. Once the copy is complete you can return to the terminal and reverse the direction of the copy. This will maker Julia’s inbox the same as your temp_restore.

This method is trickier with the inbox as it is possible that message have come in during the time you would making the copies. Other folders are not quite so sensitive to this process.

This process can be time consuming but it is sometimes best to work slowly without stopping the mail server for everyone

Hosting Your Mail Store on a Non Booted Volume Using Kerio Mail Server

Monday, September 7th, 2009

There is a bug in KMS when the mail store is on the root level of a non boot volume.

When the path to the mail store volume exactly matches the mount point for the hard drive. KMS cannot determine whether the volume is properly mounted or not. This leads to the creation of a folder in the /Volumes directory that causes the mount point of the intended drive to have the number 1 appended to its name.

for example if your second internal drive is named KERIO_DATA, the full path to the drive is /Volumes/KERIO_DATA

if the path to the mail store is indicated at /Volumes/KERIO_DATA in the administrative console KMS will not be able to test whether the drive is mounted or not.

It should now be considered best practices to create a folder within the drive called mailstore such that the full path to the mail store is now /Volumes/KERIO_DATA/mailstore

This will allow KMS to test whether that path is valid before the mailserver daemon starts.

How to Fix It
If you come across a scenario where this mount point problem has come about.
you will see in the /Volumes folder

/Volumes/KERIO_DATA and /Volumes/KERIO_DATA1

Since kerio works on path names it will ignore /Volumes/KERIO_DATA1 and work with /Volumes/KERIO_DATA

to fix this

1. Stop KMS
2. Move /Volumes/KERIO_DATA to another location. This is a folder and can me moved.
3. Unmount /Volumes/KERIO_DATA1 so neither KERIO_DATA nor KERIO_DATA1 are present.
4. Remount the drive so that it properly mounts as /Volumes/KERIO_DATA
5. Start KMS

What about the messages that were received during the time that KMS was working with that folder?

You can’t just move those message files into the current mail store. Each folder contains numerically listed mail messages in hexadecimal naming convention.
If you just copy the messages you can overwrite existing messages. In addition the status.fld file indicate what is the next safe file name for a mail message.

If these are out of sync it will take hours for the KMS to catch up.

The best practice is to locate the mail archive folder as indicated in the admin console. Move this erroneously created mailstore folder into the Archive folder.
This folder structure will then be available to the Admin user account web interface. This will allow the admin to access all aspects of the mailstore including contacts and calendar items.

You will then need to move the messages, contacts and calendars to the appropriate users. This precise technique for restoring these items is more fully covered in my next article. Kerio Mail server How to restore items without using the kmsrestore application

Using LCR for Exchange 2007 Disaster Recovery

Thursday, April 16th, 2009

Local Continuous Replication (LCR) is a high availability feature built into Exchange Server 2007.  LCR allows admins to create and maintain a replica of a storage group to a SAN or DAS volume.  This can be anything from a NetApp to an inexpensive jump drive or even a removable sled. In Exchange 2007, log file sizes have been increased, and those logs are copied to the LCR location (known as log shipping) and then used to “replay” data into the replica database (aka change propagation).

LCR can be used to reduce the recovery time in disaster recovery scenarios for the whole database, instead of restoring a database you can simply mount the replica.  However, this is not to be used for day-to-day mailbox recovery, message restores, etc.  It’s there to end those horrific eseutil /rebuild and eseutil /defrag scenarios.  Given the sizes that Exchange environments are able to get in Exchange 2003 R2 and Exchange 2007, this alone is worth the drive space used.

Like with many other things in Windows, LCR can be configured using a wizard.  The Local Continuous Backup wizard (I know, it should be the LCR wizard) can be accessed using the Exchange Management Console.  From here, browse to the storage group you would like to replicate and then click on the Enable Local Continuous Backup button.  The wizard will then ask you for the path to back up to and allow you to set a schedule.  Once done, the changes will replicate, but the initial copy will not.  This is known as seeding and will require a little PowerShell to get going.  Using the name of the Storage Group (in this example “First Storage Group”) you will stop LCR, manually update the seed, then start it again, commands respectively being:

Suspend-StorageGroupCopy –identity “First Storage Group”

Update-StorageGroupCopy –identity “First StorageGroup”

Resume-StorageGroupCopy –identity “First StorageGroup”

Now that your database is seeded, click on the Storage Group in the Exchange Management Console and you should see Healthy listed in the Copy Status column for the database you’re using LCR with.  Loop through this process with all of your databases and you’ll have a nice disaster recovery option to use next time you would have instead done a time consuming defrag of the database.

Kerio Mail Server 6.6 and IMAP

Friday, February 27th, 2009

Update 6.6 introduced many updates to Kerio, one of those updates changes how IMAP reacts to deleted items.

Typically, when an item is deleted from an IMAP client, that item has a strike through to show that it has been deleted. To further delete this item, you must purge or expunge the deleted items to completely remove them.

The 6.6 update changed the way Kerio reacts to deletions by completely deleting the item for good. No moving to deleted items, no warning, just a hard delete.

This can be changed, but it must be done globally. It cannot be done on a per user basis.

Login to the mail server
Stop the mail server
sudo or su
go to /usr/local/kerio/mailserver
edit mailserver.cfg
change 1
to 0

When I spoke to Kerio Tech Support, they said that this change was done due to overwhelming requests by the customers. They acknowledged that this goes against the RFC. KMS 6.7 should move the deleted items to the deleted folder instead of trashing them completely.

Preventing Vacation Response Loops for Distribution Groups in Kerio

Monday, January 26th, 2009

When messages are sent to a Distribution Group, and a user in that group has a vacation Auto-reply set up, Kerio will respond to the group address, and the auto-reply will be triggered again, and a loop results.

In order to avoid this, another mail filter is required. To set this up:

1) Log into Kerio Web Mail, and click on Settings, and then Mail Filters
2) Click “New” to add a new rule.
3) In the Conditions pane, check the box for “Where the recipient address (To or CC line) contains
4) In the Actions pane, check the box for “Stop processing more rules”
5) In the Rule Description pane, click the underlined value (in this case ‘contains”’), and enter the name of the distribution group (for instance,
6) Name the rule something descriptive, and click “OK” to save the rule.
7) In the Mail Filters window, single-click on the rule you just created, and click the “Move Up” button until that rule is above any other rules that would cause messages to be sent to the group. In most cases, you should just move it to the top.

Step 7 is important – if this rule is below your Out Of Office rule, it will trigger too late.

Installing Kerio 6 on Windows Server 2008 and Bind to Active Directory

Friday, December 5th, 2008

****Ensure that Active Directory is already configured on the server as Kerio LDAP and SLDAP ports will clash with AD’s port settings if the server also acts as a Domain Controller****

Kerio MailServer Setup and Install

* Download Kerio MailServer install file from Kerio’s website -

* Run the install file and click ‘Next’ on the Wizard’s welcome screen

* In the following dialog, all important updates since the last version of Kerio MailServer are listed. Continue by clicking on ‘Next’

* On the next page, review the license agreement then click ‘Next’ to continue

* There will be the choice of doing a ‘Complete’ install (recommended) or a ‘Custom’ install.
The custom install allows you to select which components are installed but they are all essential besides the foreign-language packs.
Once install type has been specified, click ‘Next to continue

* In the next step, select the directory where Kerio MailServer will be installed and click ‘Next’. The default location is C:\Program Files\Kerio\

* Next, there will be an option to enable automatic startup of Kerio MailServer once installation has been completed (”Start Mail Server Engine service after installation finishes). Recommended that this is selected

* After the installation has completed, click ‘Next’. The Wizard then displays a screen where basic server parameters can be set

* Specify the name of the primary domain and domain name that resolves to the IP address of the server that Kerio MailServer is being installed on (A record should have already been created in DNS for mail) in the ‘Domain’ and ‘Hostname’ text fields. Click ‘Next’ to continue

* On the next page, specify the settings for the Administrator account (username, password, and confirm password). Click on ‘Next’ to continue

* Select a location, for the Store Directory, that has sufficient space for growth, then click ‘Next’

* Once the configuration Wizard has been completed, save the installation settings by clicking ‘Finish’
Kerio MailServer Engine, running as a service, will be started immediately after the installation is complete

Binding Kerio to AD

* Click Start > All Programs > Kerio > Administration Console

* Enter administration credentials that were specified during Kerio MailServer setup

* On the left-side navigation pane, go to ‘Services’

* Click on the properties on the main screen for LDAP and SLDAP and change the ports to 390 for LDAP and 637 for SLDAP. Click ‘Apply’ to save the changes and ensure that the services have started

* Download the Kerio Active Directory Extension from the Kerio website and run the install (no wizard will show up)

* Once the install is complete, to create a new user, click Start > Administrative Tools > Active Directory Users and Computers

* Go through the usual steps to create a new user and during the setup there will be a screen to create a Kerio email account for the new user

* To add existing users to Kerio, navigate to the ‘Users’ window in the Kerio Administration Console (under ‘Domain Settings’), then click on ‘Import’ on the bottom right then ‘Import from directory service’ on the floating window.
Select the Active Directory type from the drop-down then enter the administration credentials for Active Directory. This will provide a screen with all AD users that can then be imported.

Configure ClamAV on a Kerio Mail Server

Wednesday, May 28th, 2008

As of KMS 6.1 , Kerio introduced clamAV support. This works by communicating with any clamd deamon via the localhost on port 3310. While clamAV can be downloaded via some package untils such as macports and fink, but it compiles fine from source on Mac OS X and so that is the preferred method.

To compile the source , you will need the Mac OS X Developer tools ( Actually just gcc ) which are available from the Mac OS X Installer CD and ( Apple ID required )

Once downloaded/Installed, you can download the clamAV source(Latest stable release) from
File is typically a .gz which Safari will auto expand. The resulting tar file can be double clicked on to expand ( alternatively you can use tar -xzf /path/to/clamav-*.tar.gz or tar -xf /path/to/clamav-*.tar )

Once expanded you need to create a terminal session at that folder (i.e. cd /path/to/folder ) or “cd” and drag and drop the folder to automatically fill in the path. Verify you are in the right folder by typing “pwd”

# Next you must configure clamAV for the compile operation, and then install

CFLAGS=”-O0″ ./configure && make install


LogFile /var/log/clamav.log
LogTime yes
LogSyslog yes
LocalSocket /tmp/clamd
TCPSocket 3310
MaxDirectoryRecursion 15
ScanOLE2 yes
ScanMail yes
ScanArchive yes
ClamukoScanOnOpen yes
ClamukoScanOnClose yes
ClamukoScanOnExec yes
ClamukoIncludePath /Users


LogSyslog yes
PidFile /var/run/
DatabaseOwner clamav
NotifyClamd /usr/local/etc/clamd.conf







. /etc/rc.common

StartService ()
ConsoleMessage “Starting ClamAV”
exec /usr/local/sbin/clamd

StopService ()
ConsoleMessage “Stopping ClamAV”
/usr/bin/killall clamd

RestartService ()
ConsoleMessage “Restarting ClamAV”

RunService “$1″


Decription = “ClamAV”;
Provides = (“ClamAV”);
OrderPreference = “Early”;
Messages =
start = “Starting ClamAV”;
stop = “Stopping ClamAV”;

Using cmpindex4 to Fix Kerio Status and Index Files

Friday, May 9th, 2008

This is a BASH(shell) script deployed on a few select client systems, it is not installed by default. To use it you must upload the script to the server using any method available such as ARD’s copy command, scp/sftp or as a last resort cut and paste via ARD (if the ARD UDP ports have not been opened on the host).
If you do cut and past to recreate the file, make sure to use a command line editor such as nano or vi ( or just use TextEdit with (Format ->Make Plain text Selected). The scripts creator suggests you place it in the mailstore directory (which could need to be done as root) i.e.
sudo cp ~/Desktop/cmpindex* /usr/local/kerio/mailserver/store/mail/
chmod +x usr/local/kerio/mailserver/store/mail/cmpindex*

Once installed the general use is fairly simple, the script does a line count on any index.fld (or status.fld ) file passed to it, i.e:
sudo /usr/local/kerio/mailserver/store/mail/cmpindex4 /path/to/mailserver/store/mail/

Alternatively using the preferred method you can use find command in conjunction with the cmpindex to search for all index.fld files in the mailstore, while this takes longer , it will yield a more complete fix for all index and status files having issues.
sudo -s
cd /usr/local/kerio/mailserver/store/mail/
find . -name index.fld -exec ./cmpindex4 {} \;

The scripts behavior is to compare the line numbers in the index.fld and status files and either correct the mistakes in size by recreating the file ( in the case of the status files ) or to rename the index.fld to index.bad automatically(which is picked up by the built in kerio reindex tool ) . The script will output the names of the files affected.The script uses the BASH shell, and thus will be default only work on *nix and Mac OS X Systems, however you can use it under cygwin on windows with the following commands installed sed,rm,touch,mv,perl,awk,grep. The script was created by a Kerio engineer and could use some rewriting but is generally solid.

Starting and Stopping Kerio Mail Server From the Command Line

Friday, May 2nd, 2008

Windows Server 2003:
Verify the KerioMailServer process “mailserver.exe” is running.
tasklist /svc | find /i “Kerio”

This command will also return the process id of the mailserver.
If the mailserver process is not listed you can query if its stopped by using:
sc queryEx KerioMailServer

If the process is stopped you can see if it shutdown successfully by examining the WIN32_EXIT_CODE
This value should normally be 0 if the process exited normally.

To stop the Kerio mailserver Process you can use:
sc stop KerioMailServer

To start the Kerio mailserver Process you can use:
sc start KerioMailServer

If the Kerio process will not stop, you can at last resort before a reboot try a task kill:
taskkill /f /im mailserver.exe

to restart the service:
(wait 3-5 seconds before hitting any key to continue -which will [re]start the service).
sc stop KerioMailServer & pause & sc start KerioMailServer

Mac OS X v10.4
Verify the KerioMailServer process “mailserver” is running.

ps -awx | grep mailserve[r]

This command will also return the process id of the mailserver.
if the mailserver process is not listed you can attempt a start by using:

To stop the Kerio mailserver Process you can use:
sudo SystemStarter stop KerioMailServer

If the Kerio process will not stop, you can as last resort before a reboot try a KILL signal:
sudo launchctl unload ‘/Library/LaunchDaemons/com.kerio.watchkms.plist’
killall -9 mailserver
Remember to reload the com.kerio.watchkms when your ready to [re]start the service in lieu of just using “SystemStarter start…”
sudo launchctl load ‘/Library/LaunchDaemons/com.kerio.watchkms.plist’

To start the Kerio mailserver Process (Normally) you can use:
sudo SystemStarter start KerioMailServer

to restart:
sudo /Library/StartupItems/KerioMailServer/KerioMailServer restart

Mac OS X v10.5
Verify the KerioMailServer process “mailserver” is running.
This command will also return the process id of the mailserver.
ps -awx | grep mailserve[r]

To stop:
sudo launchctl unload ‘/Library/LaunchDaemons/com.kerio.watchkms.plist’
sudo /usr/local/kerio/mailserver/KerioMailServer stop

If the Kerio process will not stop, you can as last resort before a reboot try a KILL signal:
sudo launchctl unload ‘/Library/LaunchDaemons/com.kerio.watchkms.plist’
killall -9 mailserver

To start:
sudo launchctl load ‘/Library/LaunchDaemons/com.kerio.watchkms.plist’

To restart:
sudo /usr/local/kerio/mailserver/KerioMailServer restart

Configure the Maximum LDAP Connections in Kerio Mail Server

Friday, November 30th, 2007

1. Stop the Kerio Engine

2. Navigate to C:\Program Files\Kerio\MailServer\mailserver.cfg (sudo nano /usr/local/kerio/mailserver/mailserver.cfg on a Mac) and open the mailserver.cfg

3. Make a Copy of this file as a backup

4. Do a find for “ConnectionLimit”

5. Modify the following line:32

The default limit is 32.

6. After making the change, save the file and restart the mailserver engine.

Leopard Server: CalDAV Event Formatting

Thursday, October 25th, 2007

A key aspect of any groupware solution is the ability to share calendars. Leopard server brings the long-awaited ability to share calendars to the Mac OS X Server platform. Leopard uses CalDAV as the back end protocol for Calendar sharing. CalDAV is currently supported by Facebook, Novell Evolution, Zimbra, Drupal, Microsoft Exchange, Kerio and now Mac OS X Server.

CalDAV looks at each event as an HTTP resource, giving users the ability to view events in a web browser. Each event is stored in the iCalendar format.

A typical event in the iCalendar format: BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Apple Calendar//Calendar1//Charles Edge BEGIN:VTODO DTSTAMP:19980130T134500Z SEQUENCE:2 ATTENDEE; DUE:19980415T235959 STATUS:NEEDS-ACTION SUMMARY:Random Music File BEGIN:VALARM ACTION:AUDIO TRIGGER:19980403T120000 ATTACH;FMTTYPE=audio/basic: files/file.mp3 REPEAT:3 DURATION:PT1H END:VALARM END:VTODO END:VCALENDAR Parsing this data can help you to imbed data from Leopard Server into your 3rd party web services. One difference between CalDAV events in Mac OS X Server and other types of event handlers is how they are presented over the wire. For example, Kerio, a popular Mac-based groupware solution presents CalDAV in the form of an ICS file so it can be viewed through iCal in pre-Leopard computers.

318 Kerio Migration Article

Saturday, June 16th, 2007

Article about 318 on, focusing on a project we did integrating Kerio to replace Microsoft Exchange, giving our client the ability to centralize all of their server assets into an Open Directory environment while still using MAPI to provide groupware components to their user base, have handheld devices that sync with their Calendar/Mail/Contacts and of course, use the standard Exchange features of mail, etc. Good stuff:

Converting a Kerio Mail Server Calendar to a Standard .ics File

Thursday, June 14th, 2007

While you can view a Kerio MailServer calendar in iCal by subscribing to the Kerio Mailserver URL, sometimes it may be necessary to get ahold of an actual .ICS calendar file for the account you are working with. Kerio MailServer itself does not store .ICS files, but rather generates them on the fly. This poses a problem if you need access to a real file type.

To get an .ICS file for a Kerio MailServer account, perform the following shell script.

sudo curl -u username:password > /Users/username/Documents/CalendarName.ics
chmod 777 /Users/username/Documents/CalendarName.ics

This example script would grab the datastream from Kerio and store it in your local documents folder. If you need the data to be constantly up-to-date, setup a crontab with an appropriate interval to update your data.

Converting Kerio Mail Server Contact Objects to vCards from Command Line/Scripts

Friday, June 8th, 2007

Kerio MailServer stores all contact items as individual *.eml files. Sometimes you may which to save these items as vCards for use in Address Book or another contact management application.

In order to grab all contacts from a particular user’s Kerio MailServer store and export them to another folder as vCards, you can use the following shell script.

# 1. Define the user’s contacts directory in the Kerio MailServer store.
# is the email domain.
# username is the Kerio Mailserver account.
# 2. Define user account who will own the exported files
# For example: use www if exported to a website or your shortname if using on your local machine.
#3. Define Directory to store the exported files
# For Example: Your local documents folder
# 4. Grab .eml objects and convert
# First make a temporary directory
mkdir -p “$VCARDS/temp”
# Copy eml objects to temporary directory
cp *.eml “$VCARDS/temp”
# Loop over contacts and convert
cd “$VCARDS/temp”
for vcard in *.eml
sed -e ‘s/.$// ; 1,/^$/ d’ <$vcard | iconv -f UTF8 -t MACROMAN > “$VCARDS/${vcard/%eml/vcf}”
#Change permissions and remove temp directory
rm -rf “$VCARDS/temp”
chown -R $OWNER “$VCARDS”

Troubleshooting Mailflow issues using SMTP

Sunday, June 11th, 2006

How is your mail server? Is it up and running? Is it an open relay? Will it accept messages? Let’s find out!

First we’re going to use Network Utility to find the name of the mail server. To do this, open Network Utility, click on lookup and then type the domain name in the provided field. Select Mailbox Exchange as the type of lookup and then hit enter. You’ll then see the name or IP address of the server. Now you know the mail server, even if you only knew the domain before. So, go to the command line and type telnet followed by the name of the target server.

In this example we’re going to use Using C: as the data that you type into the fields and S: as the response from the server. In this case, the server will respond with a banner telling you what kind of server it is provided that the SMTP engine is active on the target server (this can work even if you can’t ping the server).
> C: telnet 25.
> S: 220 ESMTP KMS

Now that we know the server is active let’s say hi, using our domain name (a common anti-spam requirement). We’ll do this by using the following command
> S: 250 Hello
Now that we’ve shaken hands with the server and established that we are going to speak the mail server language, let’s tell it which of the email addresses that we’re going to send mail to the target server from using the MAIL FROM: command. This is very helpful when trying to troubleshoot mail flow issues, such as those that are caused by anti-spam engines.
> S: 250 Ok

Provided that you get a 250 ok then you will be good to send mail to the target server, so let’s tell it who we are sending a message to. This step is very helpful for verifying that an email address exists on the target server.
> S: 250 Ok

Now that the target server has accepted the task of sending an email from you to the user you want to send an email to. To do this, we’re going to type out an email message in server speak, but first we’re going to tell it that this is what we want to do by typing DATA:
> S: 354 End data with .

Once you receive the 354 code, you are good to type the text of your email. In this case, we’re going to start with a subject followed by the from and the to, all going into the message header that will be seen by the client computer. Next we’re going to hit the return key an extra time to indicate that we’re placing message body into the email. Then we’re going to type some text and finally to signify the end of the message, we’re going to leave a single line with a . in it.
> C: Subject: test message
> C: From:
> C: To:
> C:
> C: Hello,
> C: This is a test.
> C: Goodbye.
> C: .
> S: 250 Ok: queued as 12345

If the response is a 250 OK then you have sent the message. So you can type QUIT to exit the session you have with the server.
> S: 221 Bye

Now that we’ve sent an email, it’s good to explain that an open relay will allow anyone to send mail through your target server. In other words, in our above server speak, just swap out the email address with one that you know for a fact that doesn’t exist. If your server will relay email from a random email address whose server you are not using then you will be able to verify that the server is an open relay and figure out why the server is getting blacklisted (if it’s a server getting blacklisted).

Anyway, I hope this helps everyone in troubleshooting mail flow issues, and gets everyone speaking mail-server speak a little more fluenty. :)

Netscape Email on Windows

Monday, December 30th, 2002

Netscape email, if it becomes corrupted, may be fixed by the following.
-Open the preferences for mail and find the directory/folder in which email is stored
-Close Netscape completely
-Navigate to the appropriate directory/folder and rename inbox to inbox.old and delete inbox.msf
-Delete both trash and trash.msf
-Open Netscape and the email program (Netscape Mail or Netscape Messenger)
-Close Netscape completely again
-Navigate to the appropriate directory/folder and rename inbox.old to inbox (no extension)
-Open Netscape email and see if it worked
-If it didn’t (according to Netscape support), a virus has corrupted the inbox

As an aside…
Netscape 6 does not have an export feature for either the address book or email. You can export the address book if you upgrade to Netscape 7. Email is in a proprietary format and cannot be imported or moved into Outlook or Outlook Express. (This also according to the helpful Netscape phone support jerk, I mean ass, I mean person who I talked with).

BTW, this was on a Windows machnine, so it could be a moot point on Apple.