archiveopteryx(7) Archiveopteryx Documentation archiveopteryx(7)NAME
Overview of Archiveopteryx.
SYNOPSIS
/etc/init.d/archiveopteryx {start,stop}
/usr/local/etc/archiveopteryx/*.conf
DESCRIPTION
Archiveopteryx is a mail server system optimised for long-term storage
and heavy access. It comprises a set of server programs that provide
access to mail stored in a relational database (PostgreSQL).
GETTING STARTED
The following five steps should suffice to install Archiveopteryx. If
they don't, or if anything is unclear, more detailed instructions are
available at http://archiveopteryx.org/installation
1. Install Archiveopteryx
Usually, this is as simple as:
apt-get install archiveopteryx (on Debian)
pkg install archiveopteryx (on FreeBSD)
http://archiveopteryx.org/installation explains what to do in other
cases.
Use
/usr/local/libexec/aox/archiveopteryx start
to start Archiveopteryx using the default configuration from
archiveopteryx.conf, which tries hard to be sensible.
2. Add a user
Run
aox add user name password address@domain
to create a username and password.
3. Inject some test mail
You can use deliver(8) to inject some mail you already have.
This command injects all the messages from a berkeley mbox file:
formail -s deliver yourname@domain < mbox
4. Check that you can read mail
The mail you just delivered is in your inbox, and you can read it with
any IMAP or POP3 client.
5. Configure your MTA
The normal way to deliver mail from your MTA into Archiveopteryx is via
LMTP. By default, Archiveopteryx listens on 127.0.0.1 port 2026.
On aox.org we describe how to configure some common MTAs to work with
Archiveopteryx. See e.g. http://archiveopteryx.org/postfix for
postfix(1).
ARCHITECTURE
Archiveopteryx consists of a number of frontend servers, each of which
uses backend servers:
RDBMS The RDBMS is where all the mail is stored. At present only
PostgreSQL is supported.
logd The log server is an internal server which filters log entries
so useful messages are logged while noise is suppressed.
Each server is described more fully in its own man page: logd(8),
postgres(1) and archiveopteryx(8) for the frontend server, which serves
IMAP, POP3, LMTP and/or SMTP and perhaps webmail.
Normally, there is one logd(8) process running. In addition there will
be at least one postgres(1) and one archiveopteryx(8) process.
The servers use TCP to communicate internally, so they can be
distributed across a server cluster. Generally, one host will run the
database backend, one host (perhaps the same) will run logd(8) and as
many as required will run frontends.
The man pages for each server explain the use and configuration of
each. See archiveopteryx.conf(5) for more about configuring
Archiveopteryx in general.
SECURITY
All Archiveopteryx servers run in chroot directories.
The user-facing servers run in a special jail directory. They have
neither read nor write access to this directory.
logd(8) runs chrooted to another directories. All of the servers close
all open files at startup and drop root privileges. By default they run
as user aox, group aox, although these names can be changed using
archiveopteryx.conf(5).
The servers check that they lose prvileges as expected, and refuse to
start if they're too privileged.
Note that logd(8) must have permission to create the logfile.
MAIL STORAGE
Archiveopteryx does not store mail in the RFC-822 format. It parses
each message upon delivery, and stores a normalized representation,
optimized for fast and reliable search and categorization.
This offers the following advantages, among others:
Performance
One example: Each address is stored exactly once, as Unicode and
with RFC-2047 encoding undone. Finding all messages sent from/to
a given name is extremely fast, because only a single SQL SELECT
is necessary, and it accesses just two small tables.
Long-term Stability
Archiveopteryx handles today's common syntax problems and stores
the correct form in the database. Because of that, the mail
reader which looks at old mail in the year 2020 will not need to
be bug compatible with today's version of Microsoft Outlook.
Scalability and Flexibility
Only the database size limits Archiveopteryx's capacity. Many
other servers limit individual folders to 2GB (or less), or
cannot support more than a few thousand subfolders/messages in a
folder. With Archiveopteryx, you don't need to invent
workarounds for such artificial limitations.
Robustness
Because mail is stored normalized and parsed, large attachments
are generally stored only once, and mail parsing exploits are
rendered harmless before reaching the MUA. A movie clip sent to
a hundred recipients is not a problem, because it's stored just
once.
LICENSING
Archiveopteryx is available under the PostgreSQL License.
DEFAULTS
The configurable file and directory names in this build are as follows:
SBINDIR
(where servers live) is /usr/local/sbin.
BINDIR (where other executables live) is /usr/local/bin.
INITDIR
(where the startup script lives) is /usr/local/etc/rc.d.
MANDIR (where manpages live) is /usr/local/man.
PIDFILEDIR
(where pidfiles live) is /var/run/aox.
LIBDIR (where supporting files live) is /usr/local/libexec/aox.
JAILDIR
(the working directory of the user-facing servers) is
/var/db/aox/jail, and can be overridden using the jail-directory
variable in archiveopteryx.conf(5).
CONFIGDIR
(where the configuration files live) is
/usr/local/etc/archiveopteryx.
LOGFILE
(the full name of the logfile) is syslog/mail, and can be
overridden using the logfile variable in archiveopteryx.conf(5).
These variables can be changed only by editing the file Jamsettings and
recompiling Archiveopteryx. Jamsettings also contains some variables
used only during compilation and/or installation, and some which
provide defaults for archiveopteryx.conf(5) settings.
FILES
/usr/local/etc/archiveopteryx/archiveopteryx.conf
contains the Archiveopteryx configuration.
/usr/local/libexec/aox/automatic-key.pem
contains a private key and self-signed certificate used by
openssl(3).
AUTHOR
The Archiveopteryx Developers, info@aox.org.
VERSION
This man page covers Archiveopteryx version 3.2.0, released 2014-03-10,
http://archiveopteryx.org/3.2.0
SEE ALSOarchiveopteryx(8), archiveopteryx.conf(5), deliver(8), logd(8),
http://archiveopteryx.org
aox.org 2014-03-10 archiveopteryx(7)
