Manual Page: archiveopteryx.8

NAME

Overview of Archiveopteryx.

SYNOPSIS

/etc/init.d/archiveopteryx {start,stop}

/usr/local/archiveopteryx/*.conf

DESCRIPTION

Archiveopteryx is a mail server system optimised for long-term storage and heavy access. It comprises a set of server programs that provide access to mail stored in a relational database (PostgreSQL).

GETTING STARTED

The following five steps should suffice to install Archiveopteryx. If they don't, or if anything is unclear, more detailed instructions are available at http://archiveopteryx.org/installation

1. Install Archiveopteryx

Usually, this is as simple as:

apt-get install archiveopteryx (on Debian)
portinstall archiveopteryx (on FreeBSD)

http://archiveopteryx.org/installation explains what to do in other cases.

Use

/usr/local/archiveopteryx/lib/archiveopteryx start

to start Archiveopteryx using the default configuration from archiveopteryx.conf, which tries hard to be sensible.

2. Add a user

Run

aox add user name password address@domain

to create a username and password.

3. Inject some test mail

You can use deliver(8) to inject some mail you already have.

This command injects all the messages from a berkeley mbox file:

formail -s deliver yourname@domain < mbox

4. Check that you can read mail

The mail you just delivered is in your inbox, and you can read it with any IMAP or POP3 client.

5. Configure your MTA

The normal way to deliver mail from your MTA into Archiveopteryx is via LMTP. By default, Archiveopteryx listens on 127.0.0.1 port 2026.

On aox.org we describe how to configure some common MTAs to work with Archiveopteryx. See e.g. http://archiveopteryx.org/postfix for postfix(1).

ARCHITECTURE

Archiveopteryx consists of a number of frontend servers, each of which uses backend servers:

RDBMS

The RDBMS is where all the mail is stored. At present only PostgreSQL is supported.

logd

The log server is an internal server which filters log entries so useful messages are logged while noise is suppressed.

Each server is described more fully in its own man page: logd(8), postgres(1) and archiveopteryx(8) for the frontend server, which serves IMAP, POP3, LMTP and/or SMTP and perhaps webmail.

Normally, there is one logd(8) process running. In addition there will be at least one postgres(1) and one archiveopteryx(8) process.

The servers use TCP to communicate internally, so they can be distributed across a server cluster. Generally, one host will run the database backend, one host (perhaps the same) will run logd(8) and as many as required will run frontends.

The man pages for each server explain the use and configuration of each. See archiveopteryx.conf(5) for more about configuring Archiveopteryx in general.

SECURITY

All Archiveopteryx servers run in chroot directories.

The user-facing servers run in a special jail directory. They have neither read nor write access to this directory.

logd(8) runs chrooted to another directories. All of the servers close all open files at startup and drop root privileges. By default they run as user aox, group aox, although these names can be changed using archiveopteryx.conf(5).

The servers check that they lose prvileges as expected, and refuse to start if they're too privileged.

Note that logd(8) must have permission to create the logfile.

MAIL STORAGE

Archiveopteryx does not store mail in the RFC-822 format. It parses each message upon delivery, and stores a normalized representation, optimized for fast and reliable search and categorization.

This offers the following advantages, among others:

Performance

One example: Each address is stored exactly once, as Unicode and with RFC-2047 encoding undone. Finding all messages sent from/to a given name is extremely fast, because only a single SQL SELECT is necessary, and it accesses just two small tables.

Long-term Stability

Archiveopteryx handles today's common syntax problems and stores the correct form in the database. Because of that, the mail reader which looks at old mail in the year 2020 will not need to be bug compatible with today's version of Microsoft Outlook.

Scalability and Flexibility

Only the database size limits Archiveopteryx's capacity. Many other servers limit individual folders to 2GB (or less), or cannot support more than a few thousand subfolders/messages in a folder. With Archiveopteryx, you don't need to invent workarounds for such artificial limitations.

Robustness

Because mail is stored normalized and parsed, large attachments are generally stored only once, and mail parsing exploits are rendered harmless before reaching the MUA. A movie clip sent to a hundred recipients is not a problem, because it's stored just once.

LICENSING

Archiveopteryx is available under two licences, namely the OSL 3.0 license and a commercial software license.

The OSL 3.0 (see http://archiveopteryx.org/opensource) is a fairly restrictive open source license similar to the more well-known GNU licenses. It includes a disclaimer of responsibility.

Our commercial license offers more flexibility than the OSL and a full warranty. There are also extra services. Contact info@aox.org for more details, or see http://archiveopteryx.org/commercial

DEFAULTS

The configurable file and directory names in this build are as follows:

SBINDIR

(where servers live) is /usr/local/archiveopteryx/sbin.

BINDIR

(where other executables live) is /usr/local/archiveopteryx/bin.

INITDIR

(where the startup script lives) is /usr/local/archiveopteryx/lib.

MANDIR

(where manpages live) is /usr/local/archiveopteryx/man.

PIDFILEDIR

(where pidfiles live) is /usr/local/archiveopteryx/lib/pidfiles.

LIBDIR

(where supporting files live) is /usr/local/archiveopteryx/lib.

JAILDIR

(the working directory of the user-facing servers) is /usr/local/archiveopteryx/jail, and can be overridden using the jail-directory variable in archiveopteryx.conf(5).

CONFIGDIR

(where the configuration files live) is /usr/local/archiveopteryx.

LOGFILE

(the full name of the logfile) is syslog/mail, and can be overridden using the logfile variable in archiveopteryx.conf(5).

These variables can be changed only by editing the file Jamsettings and recompiling Archiveopteryx. Jamsettings also contains some variables used only during compilation and/or installation, and some which provide defaults for archiveopteryx.conf(5) settings.

FILES

/usr/local/archiveopteryx/archiveopteryx.conf

contains the Archiveopteryx configuration.

/usr/local/archiveopteryx/lib/automatic-key.pem

contains a private key and self-signed certificate used by openssl(3).

AUTHOR

The Archiveopteryx Developers, info@aox.org.

VERSION

This man page covers Archiveopteryx version 3.1.3, released 2010-03-10, http://archiveopteryx.org/3.1.3

SEE ALSO

archiveopteryx(8), archiveopteryx.conf(5), deliver(8), logd(8), http://archiveopteryx.org