My choice is Cyrus, that is part of the Kolab set of software, so if l will go for Kolab in the future, at least I'm acquainted with it.

Let's start the installation and the setup!

Become root.

# apt-get install cyrus21-imapd cyrus21-common cyrus21-admin cyrus21-client sasl-bin sasl2-bin 
Installing cyrus21-imapd...The installer asks something I've not understood about an search address... I just pressed Enter.

The installer also created the user cyrus that is in the (automatically created) group sasl, that is the “owner” of all cyrus files. At the end with ps -A you can find the new processes: cyrmaster and notifyd.

The real problem in setting up Cyrus is the authentication, just because it's not trivial and I'm a newbie, with limited knowledge about what I'm doing.

Cyrus can use different SASL (Simple Authentication and Security Layer) mechanisms, the default being sasldb (it stores usernames and passwords in the SASL secrets file sasldb), but also getpwent, kerberos4, kerberos5, PAM, rimap, shadow and LDAP are supported.

Since I don't want to define users/passwords different than the ones that access my Linux® box I choose then “shadow” mechanism so Cyrus will use Linux® passwords for authenticate.

To do so we have to tell sasl to use saslauthd as password authentication method, and then setup saslauthd to use “shadow” (or “getpwent”) as the authentication mechanism.

OK, let's start!

As root, change the Linux password of cyrus user:

# passwd cyrus

Enter the password you like (and you will remember) we will use for this example “cyrus” as the cyrus administrator password.

# vi /etc/imapd.conf

sasl_pwcheck_method: saslauthd instead of the default auxprop

remove the # remark from the line:

#admins: cyrus

this way you can administer cyrus logging in as cyrus user (what a fantasy I have!)

# vi /etc/default/saslauthd

Uncomment the line:

# START=yes

(otherwise the saslauthd will not start at boot time, even if referenced in some /etc/rcx.d!)

and instead of MECHANISMS="pam" put MECHANISMS="shadow" this way at the boot a saslauthd -a shadow will be executed.

Once exited from your editor, restart sasl and cyrus.

To test IMAP:

 su cyrus
$ imtest -m login -p imap localhost

You are prompted for the cyrus (user) password, so enter it.

If the user cyrus is correctly authenticated, the following lines will appear:

S: L01 OK User logged in
Authenticated.

To exit type . logout (i.e. dot space “logout”)

Now add a user named groupware and set a password for it, using your usual system tools. It should be in an unprivileged group such as nobody and does not require a login shell or a home directory.

Now I have to create the user and an IMAP in cyrus also:

# cyradm --user cyrus localhost
after entering the password for the admin user cyrus, you get the prompt localhost>
localhost> cm user.groupware
localhost> lm lists the mailbox only just created
user.groupware (\HasNoChildren))
localhost> quit

You can type help for a list of available commands.

You can check what has happened with:

# ls -l /var/spool/cyrus/mail/g/user/groupware
total 12
-rw------- 1 cyrus mail          4 Oct 29 20:55 cyrus.cache
-rw------- 1 cyrus mail 155 Oct 29 20:55 cyrus.header
-rw------- 1 cyrus mail 76 Oct 29 20:55 cyrus.index

Now you should be able to connect with an IMAP client as the groupware user and see the INBOX.