Overview of Archiveopteryx.
Archiveopteryx is a mail server system optimised for long-term storage and heavy access. It comprises a set of server programs that provide access to mail stored in a relational database (PostgreSQL).
The following five steps should suffice to install Archiveopteryx. If they don't, or if anything is unclear, more detailed instructions are available at https://archiveopteryx.org/installation
Usually, this is as simple as:
apt-get install archiveopteryx
portinstall archiveopteryx (on FreeBSD)
https://archiveopteryx.org/installation explains what to do in other cases.
to start Archiveopteryx using the default configuration from archiveopteryx.conf, which tries hard to be sensible.
aox add user name password address@domain
to create a username and password.
You can use deliver(8) to inject some mail you already have.
This command injects all the messages from a berkeley mbox file:
formail -s deliver yourname@domain < mbox
The mail you just delivered is in your inbox, and you can read it with any IMAP or POP3 client.
The normal way to deliver mail from your MTA into Archiveopteryx is via LMTP. By default, Archiveopteryx listens on 127.0.0.1 port 2026.
On aox.org we describe how to configure some common MTAs to work with Archiveopteryx. See e.g. https://archiveopteryx.org/postfix for postfix(1).
Archiveopteryx consists of a number of frontend servers, each of which uses backend servers:
The RDBMS is where all the mail is stored. At present only PostgreSQL is supported.
The log server is an internal server which filters log entries so useful messages are logged while noise is suppressed.
The servers use TCP to communicate internally, so they can be distributed across a server cluster. Generally, one host will run the database backend, one host (perhaps the same) will run logd(8) and as many as required will run frontends.
The man pages for each server explain the use and configuration of each. See archiveopteryx.conf(5) for more about configuring Archiveopteryx in general.
All Archiveopteryx servers run in chroot directories.
The user-facing servers run in a special jail directory. They have neither read nor write access to this directory.
logd(8) runs chrooted to another directories. All of the servers close all open files at startup and drop root privileges. By default they run as user aox, group aox, although these names can be changed using archiveopteryx.conf(5).
The servers check that they lose prvileges as expected, and refuse to start if they're too privileged.
Archiveopteryx does not store mail in the RFC-822 format. It parses each message upon delivery, and stores a normalized representation, optimized for fast and reliable search and categorization.
This offers the following advantages, among others:
One example: Each address is stored exactly once, as Unicode and with RFC-2047 encoding undone. Finding all messages sent from/to a given name is extremely fast, because only a single SQL SELECT is necessary, and it accesses just two small tables.
Archiveopteryx handles today's common syntax problems and stores the correct form in the database. Because of that, the mail reader which looks at old mail in the year 2020 will not need to be bug compatible with today's version of Microsoft Outlook.
Scalability and Flexibility
Only the database size limits Archiveopteryx's capacity. Many other servers limit individual folders to 2GB (or less), or cannot support more than a few thousand subfolders/messages in a folder. With Archiveopteryx, you don't need to invent workarounds for such artificial limitations.
Because mail is stored normalized and parsed, large attachments are generally stored only once, and mail parsing exploits are rendered harmless before reaching the MUA. A movie clip sent to a hundred recipients is not a problem, because it's stored just once.
Archiveopteryx is available under two licences, namely the OSL 3.0 license and a commercial software license.
The OSL 3.0 (see https://archiveopteryx.org/opensource) is a fairly restrictive open source license similar to the more well-known GNU licenses. It includes a disclaimer of responsibility.
Our commercial license offers more flexibility than the OSL and a full warranty. There are also extra services. Contact firstname.lastname@example.org for more details, or see https://archiveopteryx.org/commercial
The configurable file and directory names in this build are as follows:
(where servers live) is /usr/local/archiveopteryx/sbin.
(where other executables live) is /usr/local/archiveopteryx/bin.
(where the startup script lives) is /usr/local/archiveopteryx/lib.
(where manpages live) is /usr/local/archiveopteryx/man.
(where pidfiles live) is /usr/local/archiveopteryx/lib/pidfiles.
(where supporting files live) is /usr/local/archiveopteryx/lib.
(where the configuration files live) is /usr/local/archiveopteryx.
These variables can be changed only by editing the file Jamsettings and recompiling Archiveopteryx. Jamsettings also contains some variables used only during compilation and/or installation, and some which provide defaults for archiveopteryx.conf(5) settings.
contains the Archiveopteryx configuration.
contains a private key and self-signed certificate used by openssl(3).
The Archiveopteryx Developers, email@example.com.
This man page covers Archiveopteryx version 3.1.3, released 2010-03-10, https://archiveopteryx.org/3.1.3