Zum Inhalt springen
Deutsch

gromox(7)

Dieser Inhalt ist noch nicht in deiner Sprache verfügbar.

gromox — Overview of the Gromox groupware server

Gromox is a groupware server capable of serving as a replacement for Microsoft Exchange. Connectivity options include RPC/HTTP (Outlook Anywhere), IMAP, POP3, an SMTP-speaking LDA, and a PHP module with a Z-MAPI function subset.

Gromox relies on other components to provide a sensibly complete mail system, such as Postfix as a mail transfer agent, and grommunio-admin for user management. A web interface is available with grommunio-web. The grommunio distribution ships these essentials and has a ready-to-run installation of Gromox. system.

Gromox documentation consists of at least a dozen manual pages ("manpages") on its individual components. We have grouped these according to their principal function.

  • gromox(7) — This page, an overview of the Gromox groupware server.

  • mapi(7gx) — Definition for "Messaging Application Programming Interface"

  • gromox-selinux(5) — SELinux policy for Gromox

  • exchange_emsmdb(4gx) — Handler for the Wire Format Protocol (Outlook/Exchange RPCs) and Remote Operations Protocol

  • exchange_nsp(4gx) — Handler for the Name Service Provider Interface Protocol

  • exchange_rfr(4gx) — Handler for the Address Book Name Service Provider Interface Referral Protocol

  • ews(4gx) — Handler for Exchange Web Services requests

  • mh_emsmdb(4gx) — Handler for MAPIHTTP-wrapped EMSMDB requests

  • mh_nsp(4gx) — Handler for MAPIHTTP-wrapped NSPI requests

The following is a list of programs that no longer exist. It is intended solely to capture keyword searches within the documentation for said obsolete/removed commands.

  • gromox-mt2exm: renamed to gromox-import
  • mapi(4gx) — PHP module providing MAPI functions

Program configuration files reside within /etc/gromox. The format for .cfg files is: one "key=value" pair per line. Empty lines are ignored, as are lines beginning with a '#' character. Lines can have a maximum length of 1024. Each key=value line is logically split at the equals sign, and whitespace is trimmed around key and value. Comments at the end of a value are not supported. Escape sequences are not supported. Each config key is one of four types of how the config file reader should apply an early generalized transform:

  • A quantity, e.g. bytes for a buffer, a limit on the number of users, etc. With 1-unit granularity. See section "Quantity syntax" below.

  • A time span, e.g. a duration or maximum lifetime for some object, with 1s or 1ns granularity (whatever the program code wants for any particular key). See section "Time span syntax" below.

  • Boolean value. The empty string, the strings "no", "off", "false", and a string that completely parses as "0" via strtoul, is interpreted as false, with everything else considered true.

  • Untransformed string.

The format for .ini files is: one "key=value" pair per line. Empty lines are ignored, as are lines beginning with a ';' character. Only used by some ailing PHP code. No generalized transforms.

Many programs have a config_file_path directive with which the search path for further config files can be specified. For example, http(8gx) defaults to config_file_path=/etc/gromox/http:/etc/gromox, so the mysql_adaptor(4gx) component as loaded by http will first try /etc/gromox/http/mysql_adaptor.cfg, then /etc/gromox/mysql_adaptor.cfg. This allows having one file that is shared between multiple programs as well as being able to override on a per program-basis.

A list of components and the config files they potentially use.

  • User information is held in a MariaDB/MySQL database. This database can be accessed by multiple Gromox servers, and so enables distributed Gromox operation. The MariaDB system itself provides the necessary utilities for distributing or replicating this database.

  • Per-user e-mail messages are stored in a SQLite database (e.g. /var/lib/gromox/user/m1/1/1/exchange.sqlite3), as is a message index (e.g. /var/lib/gromox/user/m1/1/1/midb.sqlite3). These are normally only used by one system, but can be shared through network filesystems provided that file locking is properly implemented in the filesystem driver. Normal file mechanisms can be used to backup or transfer the database to another Gromox host.

Gromox exclusively uses the AF_INET6 socket family with the Berkeley/BSD/POSIX socket API. What this means is that, whenever an IP address is logged, it will have the form specified in RFC 4291 §2.2/§2.5.5. Furthermore, whenever some configuration file directive (field) requires an IP address (i.e. you cannot or do not want to use a hostname), the RFC 4291 form must be used for both IPv6 and IPv4.

  • /usr/share/gromox/cpid.txt: mapping between character set IDs and names

  • /usr/share/gromox/folder_names.txt: Translations for essential folders in a message store.

  • /usr/share/gromox/lang_charset.txt: mapping from language code to character set

  • /usr/share/gromox/lcid.txt: mapping between locale IDs and names

  • /usr/share/gromox/mime_extension.txt: mapping between file extensiosn and MIME types

  • /var/lib/gromox: basic root directory of all variadic data for Gromox

  • /var/lib/gromox/queue: directory for delivery-queue(8) temporary files

  • /var/lib/gromox/user/account@domain: individual mailbox container
    The directory name/path has only few requirements. The users.maildir column in the gromox MariaDB/MySQL database needs to reflect that location. Some user management tools generate extra directory levels, e.g. /user/m1/1/0.

  • .../a@d/exmdb/exchange.sqlite3: mail store with almost everything (no mail bodies)

  • .../a@d/cid/: attachments and message bodies (PR_BODY, PR_HTML, PR_RTF_COMPRESSED).

  • .../a@d/eml/mid_string: RFC5322 representation for a message.
    mid_string has no required form. Typically, there is timestamp.seqid.hostname which represents EMLs captured by delivery(8gx) on ingestion, and timestamp.seqid.midb for EMLs generated by midb(8gx) out of MAPI messages.

  • .../a@d/ext/mid_string: Digest for the RFC5322 file.
    This JSON-encoded file contains e.g. indexing information for individual MIME parts of the RFC5322 representation. Generated by midb(8gx).

Daemons emit a mostly consistent log messages on authentication failures that can be matched with (PCRE):

/rhost=\(\S+)?\\S* user=(\S+) .*(auth|login.*|logon) rejected:/

Operation texts can be "HTTP auth rejected" (http), "zs_logon rejected" (zcore), "zs_logon_token rejected" (zcore), "LOGIN phase0 rejected" (imap), "LOGIN phase1 rejected" (imap), "LOGIN phase2 rejeceted" (imap), "login rejected" (pop3).

The syntax for strings that are parsed to obtain some kind of number may have one SI unit prefix letter affixed to the number to select a power-of-1024(!) multiplier. Formally,

quantum := number [letter]

# "number" can be whatever strtol(3) accepts. If a period is detected, parsing switches to strtod(3).

letter := 'k' | 'M' | 'G' | 'T' | 'P' | 'E' | 'Z' | 'Y' | 'R' | 'Q'

Examples: 4k is 4*1024^1 = 4096, 1.5M is 1.5*1024^2 = 1572864.

Note: This syntax specifies no unit, nor unit symbols. Whether "4k" means 4096 bytes, 4096 nibbles or 4096 users depends on the enclosing context (e.g. configuration directive) that uses this syntax.

The syntax for strings that are to be interpreted as a duration, period/interval must be of the form:

duration := quantum [ quantum ]*

quantum := number unit

# "number" can be whatever strtol(3) accepts. If a period is detected, parsing switches to strtod(3).

unit := "ns" | "nsec" | "µs" | "µsec" | "ms" | "msec" | "s" | "sec" | "second" | "seconds" | "min" | "minute" | "minutes" | "h" | "hour" | "hours" | "d" | "day" | "days" | "week" | "weeks" | "month" | "months" | "y" | "year" | "years"

Whitespace is ignored whereever it appears (so use as much as you need). Quanta with the same unit may be used; they are simply added together. Per this syntax, numbers can be positive or negative, integral or fractional (be mindful of precision limits of computers' floating-point math). Unit names must be used as specified; any other names, especially non-English ones, are not accepted. In places where program code does not care about subsecond accuracy, time spans will have the subsecond parts truncated, i.e. "1.5s" becomes 1.0 seconds, and "1.5min" stays the 90 seconds that it is.

Examples: 1d1h1m1s, 3.5 hours, 1 hour 1 hour (2 hours), 1 hour 60 minutes (2 hours)

Note that Gromox may impose additional restrictions on specific configuration directives after the basic parse to enforce certain minimum and maximum values.