mail server
TRANSCRIPT
Debian – Install and Configure Postfix, Dovecot IMAP/POP3 Server, Fetchmail Mail Retrieval, Procmail Mail Filter, Amavis, Spamassassin Mail Filter, Clam Anti Virus, Freepops, SquirrelMail
2010.01.09
Note : - Change IP Address with Your IP - Change debian with Your Hostname - Change linux.vmw with Your Domain - Change debian.linux.vmw with Your FQDN Hostname - Change /bkup with Your Directory - Change **** with Your Password
1. Backup and Edit IP Address Configuration File cp /etc/network/interfaces /bkup/interfaces.ori sudo vim /etc/network/interfaces
allow-hotplug eth0auto eth0iface eth0 inet staticaddress192.168.44.9netmask 255.255.255.0gateway192.168.44.2network 192.168.44.0broadcast192.168.44.255allow-hotplug eth1auto eth1iface eth1 inet
staticaddress 18.18.18.9netmask255.255.255.0gateway 192.168.44.2network18.18.18.0broadcast 18.18.18.255allow-hotplug eth2auto eth2iface
eth2 inet staticaddress 88.88.88.9netmask255.255.255.0gateway 192.168.44.2network88.88.88.0broadcast 88.88.88.255
2. Backup and Edit Hostname File Configuration
cp /etc/hostname /bkup/hostname.ori
sudo vim /etc/hostname
debian.linux.vmw
3. Backup and Edit Host Addresses Configuration
cp /etc/hosts /bkup/hosts.ori
sudo vim /etc/hosts
127.0.0.1localhost127.0.1.1 debian.linux.vmwdebian192.168.44.9 debian.linux.vmw debian18.18.18.9debian.linux.vmw debian88.88.88.9 debian.linux.vmwdebian
4. Backup and Edit Host Resolve Addresses Configuration
cp /etc/resolv.conf /bkup/resolv.conf.ori
sudo vim /etc/resolv.conf
domain linux.vmwsearch linux.vmwnameserver 192.168.44.2
5. Reboot the Machine
sudo reboot
6. Update and Install Packages
sudo apt-get update
sudo apt-get install postfix postfix-tls dovecot-imapd dovecot-pop3d dovecot-common fetchmail procmail amavisd-new spamassassin clamav clamav-base clamav-freshclam clamav-daemon freepops squirrelmail apache2 php5 php5-cgi php5-cli php5-common libapache2-mod-php5 libnet-dns-perl libmail-spf-query-perl pyzor razor arj bzip2 cabextract cpio file gzip nomarch pax unzip zip zoo sasl2-bin libsasl2-modules
7. Postfix Initialize Configuration
OK
Internet Site
System mail name : linux.vmw
8. Backup and Activate Spam Assassin
cp /etc/default/spamassassin /bkup/spamassassin.ori
sudo vim /etc/default/spamassassin
ENABLED=1
9. Backup and Edit Spam Assassin
cp /etc/spamassassin/local.cf /bkup/local.cf.ori
sudo vim /etc/spamassassin/local.cf
rewrite_header Subject [SPAM]report_safe 2
10. Add clamav user to the amavis group and vice versa
sudo adduser clamav amavis
sudo adduser amavis clamav
11. Backup and Activate Spam and Anti Virus Detection
cp /etc/amavis/conf.d/15-content_filter_mode /bkup/15-content_filter_mode.ori
sudo vim /etc/amavis/conf.d/15-content_filter_mode
@bypass_virus_checks_maps = ( \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);@bypass_spam_checks_maps = ( \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
12. Backup and Edit Spam Mail Configuration
cp /etc/amavis/conf.d/20-debian_defaults /bkup/20-debian_defaults.ori
sudo vim /etc/amavis/conf.d/20-debian_defaults
$final_spam_destiny = D_DISCARD;
13. Backup and Edit User Domain Configuration
cp /etc/amavis/conf.d/50-user /bkup/50-user.ori
sudo vim /etc/amavis/conf.d/50-user
@local_domains_acl = ( ".$mydomain" );
14. Backup and Edit Main Postfix Configuration
cp /etc/postfix/main.cf /bkup/main.cf.ori
sudo vim /etc/postfix/main.cf
1. Add
mydomain = linux.vmwvirtual_alias_maps =content_filter = smtp-amavis:[127.0.0.1]:10024home_mailbox = Maildir/inet_protocols = allsmtpd_sasl_path = private/auth-clientsmtpd_sasl_local_domain = $mydomainsmtpd_sasl_security_options = noanonymoussmtpd_sasl_auth_enable = yesbroken_sasl_auth_clients = yessmtpd_sasl_password_maps = hash:/etc/postfix/saslpasswdsmtpd_always_send_ehlo = yessmtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,check_policy_service inet:127.0.0.1:10023smtpd_sasl_authenticated_header = yessmtpd_tls_auth_only = nosmtpd_tls_note_starttls_offer = yessmtp_tls_note_starttls_offer = yessmtpd_tls_CAfile = /etc/postfix/ssl/cacert.pemsmtpd_tls_loglevel = 1smtpd_tls_received_header = yessmtpd_tls_session_cache_timeout = 3600stls_random_source = dev:/dev/urandom
2. Edit
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crtsmtpd_tls_key_file = /etc/postfix/ssl/smtpd.keyrelayhost = [smtp.gmail.com]:587mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.44.0/24 18.18.18.0/24 88.88.88.0/24
15. Backup and Edit Master Postfix Configuration
cp /etc/postfix/master.cf /bkup/master.cf.ori
sudo vim /etc/postfix/master.cf
pickup fifo n - - 60 1 pickup -o content_filter= -o receive_override_options=no_header_body_checkssmtp-amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
16. Add SMTP Credential
sudo vim /etc/postfix/saslpasswd
[smtp.gmail.com]:587 [email protected]:*****
17. Hash /etc/postfix/saslpasswd
sudo postmap /etc/postfix/saslpasswd
18. Edit Postfix SASL
sudo vim /etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthdmech_list: plain login
19. Create Certificate for TLS Postfix 1. Create STMP TLS Key
sudo mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
sudo openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
Enter pass phrase for smtpd.key: *****
Verifying – Enter pass phrase for smtpd.key: *****
2. Create SMTP CSR
sudo chmod 600 smtpd.key
sudo openssl req -new -key smtpd.key -out smtpd.csr
Enter pass phrase for smtpd.key: *****
Country Name (2 letter code) [AU]:ID
State or Province Name (full name) [Some-State]:Jakarta
Locality Name (eg, city) []:Jakarta
Organization Name (eg, company) [Internet Widgits Pty Ltd]:debian
Organizational Unit Name (eg, section) []:debian
Common Name (eg, YOUR name) []:debian.linux.vmw
Email Address []:[email protected]
A challenge password []:*****
An optional company name []:debian
3. Create Sign Key Expiration Date
sudo openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
Enter pass phrase for smtpd.key: *****
4. Create Open SSL RSA
sudo openssl rsa -in smtpd.key -out smtpd.key.unencrypted
Enter pass phrase for smtpd.key: *****
5. Create SSL to PEM CA Certificate
sudo mv -f smtpd.key.unencrypted smtpd.key
sudo openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
Enter PEM pass phrase: *****
Verifying – Enter PEM pass phrase: *****
Country Name (2 letter code) [AU]:ID
State or Province Name (full name) [Some-State]:Jakarta
Locality Name (eg, city) []:Jakarta
Organization Name (eg, company) [Internet Widgits Pty Ltd]:debian
Organizational Unit Name (eg, section) []:debian
Common Name (eg, YOUR name) []:debian.linux.vmw
Email Address []:[email protected]
20. Edit Procmail sudo vim /etc/procmailrc
DROPPRIVS=yes:0fw| /usr/bin/spamc:0* ^X-Spam-Status: Yes$HOME/spam
21. Backup and Edit Dovecot Configuration
cp /etc/dovecot/dovecot.conf /bkup/dovecot.conf.ori sudo vim /etc/dovecot/dovecot.conf
protocols = imap imaps pop3 pop3sdisable_plaintext_auth = nossl_disable = nomail_debug = yesauth_debug = yesauth_debug_passwords = yesauth default {mechanisms = plain loginpassdb pam {}userdb passwd {}socket listen {client {path = /var/spool/postfix/private/authmode = 0660user = postfixgroup = postfix}}}
22. Backup and Edit SASL Authentification Configuration
cp /etc/default/saslauthd /bkup/saslauthd.ori
sudo vim /etc/default/saslauthd
START=yes
23. Add Postfix User to SASL Group
sudo adduser postfix sasl
24. Backup and Enable SquirrelMail on Apache Configuration
cp /etc/apache2/apache2.conf /bkup/apache2.conf.ori
sudo vim /etc/apache2/apache2.conf
Include /etc/squirrelmail/apache.conf
25. Create User Fetchmail sudo vim /home/sugizo/.fetchmailrc
poll pop.gmail.com proto pop3 port 995 user "steve.van.christie" pass "*****" is sugizo fetchall sslpoll pop3.live.com proto pop3 port 995 user "[email protected]" pass "*****" is sugizo fetchall sslpoll pop.mail.yahoo.com proto pop3 port 110 user "steve_van_christie" pass "*****" is sugizo fetchallpoll pop.aol.com proto pop3 port 110 user "[email protected]" pass "*****" is sugizo fetchallpoll pop.mail.yahoo.co.jp proto pop3 user "stevevanchristie" pass "*****" is sugizo fetchallpoll pop.aol.com proto pop3 user "[email protected]" pass "*****" is sugizo fetchallpoll pop.icqmail.com proto pop3 user "[email protected]" pass "*****" is sugizo fetchallpoll imap.mail.ovi.com proto imap port 993 user "[email protected]" pass "*****" is sugizo fetchall sslpoll localhost proto pop3 port 2000 user "[email protected]" pass "*****" is sugizo fetchall
26. Backup and Edit PHP Configuration File
cp /etc/php5/apache2/php.ini /bkup/php.ini.ori sudo vim /etc/php5/apache2/php.ini
post_max_size = 32Mupload_max_filesize = 32Mextension=msql.so
27. Backup and Edit Apache Configuration
cp /etc/apache2/apache2.conf /bkup/apache2.conf.ori sudo vim /etc/apache2/apache2.conf
ServerAdmin [email protected] debian.linux.vmw
28. Restart Mail Service
sudo /etc/init.d/spamassassin restart
sudo /etc/init.d/amavis restart
sudo /etc/init.d/clamav-daemon restart
sudo /etc/init.d/clamav-freshclam restart
sudo /etc/init.d/postfix restart
sudo /etc/init.d/dovecot restart
sudo /etc/init.d/saslauthd restart
sudo /etc/init.d/freepops restart
sudo /etc/init.d/apache2 restart
sudo /etc/init.d/fetchmail restart
29. Update Clam Anti Virus sudo freshclam
30. Test Squirrelmail
Open Your Browser Type : http://debian/squirrelmail
or http://192.168.44.9/squirrelmail
31. Test SMTP
telnet localhost 25
ehlo localhost
quit
32. Test IMAP
telnet localhost 143
0 logout
33. Test POP3
telnet localhost 110
quit
34. Test Amavis
telnet localhost 10024
ehlo localhost
quit
This tutorial describes how to set up a mail server where Postfix is the SMTP service, and Dovecot provides IMAP and POP services. The users are virtual and user information is stored in a MySQL database.
Pre-Configuration Requirements:1. Hostname cnode1.rnd.pk with IP address (172.16.4.80) to eth0. (You can assign an IP address and hostname of your choice.)
2. Create an alias eth0:0. Assign IP address (172.16.4.81). (You can assign an IP address of your choice.)
3. Make entries of your hostname and IP in /etc/hosts . In my case my /etc/hosts file shows
127.0.0.1 localhost.localdomain localhost172.16.4.80 cnode1.rnd cnode1172.16.4.81 mail.rnd mail
Installation Of Required Packages:We need the following packages for our mail server to be installed:
dovecot-0.99.11-8.EL4 (with database support), postfix-2.2.10-1.1.el4.centos.mysql (with database support) and squirrelmail.
1. First install dovecot. If you install postfix before dovecot, then dovecot will not be installed on your system because of packages conflicts.
yum install -y dovecot
This will install dovecot along with dependencies (mysql and postgresql).
2. Then install postfix (with mysql support) and and mysql-server-5 from centosplus repos.
yum --enablerepo=centosplus install postfix mysql-server
yum install -y squirrelmail
This will install postfix along with dependencies mysql-5 and postgresql. Our installation section is complete now. Moving to our next section i.e. Configuration.
Configuration:
SMTP-AUTH/TLSFirst we configure SMTP-AUTH and TLS. For this edit /usr/lib/sasl2/smtpd.conf with your favorite editor.
vi /usr/lib/sasl2/smtpd.conf
and make changes as given below.
pwcheck_method: saslauthdmech_list: plain loginCreate directories, then private key and lastly the certificate.
mkdir -p /etc/ssl/mycompany/mailserver/
cd /etc/ssl/mycompany/mailserver/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
Private keys and certificates have been created. Later on we will tell postfix to use them.
MySQL:We will now create a database named mail, for this we will issue commands given below; our first step will be to set a password for the administrative user.
mysqladmin -u root password newpassword
Replace newpassword phrase with your password. We will use user "mail" in our case for all database related operations. (Select Update and Insert into Database.)
mysql -u root -p
Enter the password and you will be at the MySQL prompt (mysql>)
CREATE DATABASE mail;
Give all privileges on mail to user mail.
GRANT ALL PRIVILEGES ON mail.* TO 'mail'@'localhost' IDENTIFIED BY 'mail';
FLUSH PRIVILEGES;
quit
Set password for mail user. This will be done by the following statement.
msqladmin -u mail password newpassword
Then we will create the necessary tables for our new database (mail) that contains domains, users, aliases and mailboxes information.
mysql -u mail -p
After giving the password you will be at the MySQL prompt.
show databases;
It will show all databases, including our "mail" database. We will use "mail".
USE mail;
1. Create the domain table.
CREATE TABLE domain ( domain varchar(255) NOT NULL default '', description varchar(255) NOT NULL default '', aliases int(10) NOT NULL default '0', mailboxes int(10) NOT NULL default '0', maxquota int(10) NOT NULL default '0', transport varchar(255) default NULL, backupmx tinyint(1) NOT NULL default '0', created datetime NOT NULL default '0000-00-00 00:00:00', modified datetime NOT NULL default '0000-00-00 00:00:00', active tinyint(1) NOT NULL default '1', PRIMARY KEY (domain), KEY domain (domain) ) TYPE=MyISAM COMMENT=' Virtual Domains';
2. Second most important table is mailbox, so create mailbox.
CREATE TABLE mailbox ( username varchar(255) NOT NULL default '', password varchar(255) NOT NULL default '', name varchar(255) NOT NULL default '', maildir varchar(255) NOT NULL default '', quota int(10) NOT NULL default '0', domain varchar(255) NOT NULL default '', created datetime NOT NULL default '0000-00-00 00:00:00', modified datetime NOT NULL default '0000-00-00 00:00:00', active tinyint(1) NOT NULL default '1', PRIMARY KEY (username), KEY username (username) ) TYPE=MyISAM COMMENT='Virtual Mailboxes';
3. Create the alias table.
CREATE TABLE alias ( address varchar(255) NOT NULL default '', goto text NOT NULL, domain varchar(255) NOT NULL default '', created datetime NOT NULL default '0000-00-00 00:00:00', modified datetime NOT NULL default '0000-00-00 00:00:00', active tinyint(1) NOT NULL default '1', PRIMARY KEY (address), KEY address (address) ) TYPE=MyISAM COMMENT='Virtual Aliases';
We have created the necessary tables, so quit MySQL.
quit
Postfix MySQL:Postfix needs to know where and how it can look up all mailbox related information. For this purpose we will create the following files under /etc/postfix. Recent versions of Postfix may use that instead of the other statements, and in that case, just comment all lines out, and un-comment the last one.
1. Create file mysql_virtual_alias_maps.cf for forwarding emails from one email address to another
vi /etc/postfix/mysql_virtual_alias_maps.cf
user = mailpassword = mailhosts = localhostdbname = mailtable = aliasselect_field = gotowhere_field = addressadditional_conditions = and active = '1'#query = SELECT goto FROM alias WHERE address='%s' AND active = '1'2. Create file mysql_virtual_domains_maps.cf, for the virtual domains mapping. Virtual domains are queried using information provided in this file.
vi /etc/postfix/mysql_virtual_domains_maps.cf
user = mailpassword = mailhosts = localhostdbname = mailtable = domainselect_field = domainwhere_field = domainadditional_conditions = and backupmx = '0' and active = '1'#query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '0' AND active = '1'3. Create the file mysql_virtual_mailbox_maps.cf. Which is usually the mapping of email addresses to the location of the user's mailbox on your hard disk. If you saved incoming email to the hard disk using Postfix' built-in virtual delivery agent then it would be queried to find out the mailbox path.
vi /etc/postfix/mysql_virtual_mailbox_maps.cf
user = mailpassword = mailhosts = localhostdbname = mailtable = mailboxselect_field = CONCAT(domain,'/',maildir)where_field = usernameadditional_conditions = and active = '1'#query = SELECT CONCAT(domain,'/',maildir) FROM mailbox WHERE username='%s' AND active = '1'4. Lastly create file mysql_virtual_mailbox_limit_maps.cf which will be used for mapping users mailboxes quota limit.
vi /etc/postfix/mysql_virtual_mailbox_limit_maps.cf
user = mailpassword = mailhosts = localhostdbname = mailtable = mailboxselect_field = quotawhere_field = usernameadditional_conditions = and active = '1'#query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1'
Postfix:In the Postfix configuration section we will edit the main.cf file located in configuration directory of postfix (/etc/postfix), to enter some basic information necessary for Postfix.
mv /etc/postfix/main.cf /etc/postfix/main.cf.orig
vi /etc/postfix/main.cf
############## Postfix###############smtpd_banner = $myhostnamebiff = noappend_dot_mydomain = norelayhost =mynetworks = 172.16.4.81inet_interfaces = 172.16.4.81mailbox_size_limit = 0recipient_delimiter = +alias_database = hash:/etc/postfix/aliasesalias_maps = $alias_databasemyhostname = cnode1.rndmydomain = rndmyorigin = $myhostnamemydestination = $myhostname, localhost.$mydomain, $transport_mapsmail_spool_directory = /var/spool/maildebug_peer_level = 2debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5disable_vrfy_command = noreadme_directory = /usr/share/doc/postfix-2.2.10/README_FILESsample_directory = /usr/share/doc/postfix-2.2.10/samplessendmail_path = /usr/sbin/sendmailhtml_directory = nosetgid_group = postdropcommand_directory = /usr/sbinmanpage_directory = /usr/share/mandaemon_directory = /usr/libexec/postfixnewaliases_path = /usr/bin/newaliasesmailq_path = /usr/bin/mailqqueue_directory = /var/spool/postfixmail_owner = postfixunknown_local_recipient_reject_code = 450####################postfix section ends here###############
Postfix Virtual user information:Again we will edit main.cf file to add support for virtual users. The “virtual_minimum_uid” and “virtual_uid_maps” point to user id 150 in my case, which is a user I created specifically for handling virtual mail. It uses the standard “mail” group with the default gid 12. So first create the user by issuing the useradd command or adduser.
useradd -r -u 150 -g mail -d /var/vmail -s /sbin/nologin -c “Virtual mailbox” vmail
chmod 770 /var/vmail/
chown vmail:mail /var/vmail
vi /etc/postfix/main.cf
#######################Virtual Domains Users and mailboxes###############virtual_mailbox_domains = mysql:$config_directory/mysql_virtual_domains_maps.cfvirtual_mailbox_base = /var/vmailvirtual_mailbox_maps = mysql:$config_directory/mysql_virtual_mailbox_maps.cfvirtual_alias_maps = mysql:$config_directory/mysql_virtual_alias_maps.cfvirtual_minimum_uid = 150virtual_uid_maps = static:150virtual_gid_maps = static:12##############################Virtual section of main.cf ends##############
Postfix SASL/TLS authentication:Finally we will again edit main.cf file to enable SASL/TLS authentication. Previously we created some certificates, we will use them here to secure mail server.
vi /etc/postfix.main.cf
#################### SASL/TLS Authentication#################################SASL PART#########smtpd_sasl_auth_enable = yessmtpd_sasl_security_options = noanonymousbroken_sasl_auth_clients = yessmtpd_sasl_local_domain =smtpd_recipient_restriction = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination######TLS PART###########smptpd_tls_cert_file = /etc/ssl/rnd/mailserver/smtpd.crtsmtpd_tls_key_file = /etc/ssl/rnd/mailserver/smtpd.keysmtpd_tls_CAfile = /etc/ssl/rnd/mailserver/cacert.pemsmtp_tls_auth_only = nosmtp_use_tls = yessmtpd_use_tls = yessmtpd_tls_received_header = nosmtp_tls_note_starttls_offer = yessmtpd_tls_loglevel = 1tls_random_source = dev:/dev/urandomsmtpd_tls_session_cache_timeout = 3600ssmtpd_tls_recieved_header = yes###########################SASL/TLS Authentication ends here#############
For my convenience I have divided main.cf in three sections { Postfix, virtual-Domains-Users-and-mailboxes, SASL/TLS-Authentication}. SASL/TLS-Authentication is further divided into ( SASL-PART and TLS-PART). To show you each section and their parameters I have edited the same file thrice. Now copy the /etc/aliases and /etc/aliases.db to /etc/postfix/ and run newaliases.
cp /etc/aliases* /etc/postfix/
newaliases
Dovecot IMAP and POP: Let us configure Dovecot which provides both a POP3 and an IMAP service. The configuration file for Dovecot is /etc/dovecot.conf. We will rename it to dovecot.conf.orig, and create our own. To handle virtual users with dovecot we will create the file /etc/dovecot-mysql.conf
vi /etc/dovecot-mysql.conf
######dove-mysql.conf should look like this##########db_host = 127.0.0.1db_port = 3306db = maildb_user = maildb_passwd = maildb_client_flags = 0default_pass_scheme = PLAINpassword_query = SELECT password FROM mailbox WHERE username = '%u'user_query = SELECT '/var/vmail/%d/%n' as home, 'maildir:/var/vmail/%d/%n' as mail, 150 AS uid, 12 AS gid, concat('dirsize:storage=',quota) AS quota FROM mailbox WHERE username ='%u' AND active ='1'####################ends here####################Now moving to configure dovecot.conf, to authenticate virtual user using mysql_auth method. Keep this thing in mind that normal Linux users can't login to mail-server. Because we haven't enabled Pam-authentication method in our dovecot configuration. Also first_valid_uid and last_valid_uid are set to 150, which means only the user with uid 150 will be able to log in. Pop3 and pop3s protocols are made available.
mv /etc/dovecot.conf /etc/dovecot.conf.orig
vi /etc/dovecot.conf
##############dovecot configured to work with virtual users############base_dir = /var/run/dovecot/protocols = imap pop3 imaps pop3simap_listen = [::]pop3_listen = [::]login_dir = /var/run/dovecot-loginlogin = imaplogin = pop3default_mail_env = mbox:/var/vmail/%d/%nmbox_locks = fcntllog_timestamp = "%Y-%m-%d %H:%M:%S "log_path = /var/log/maillogmail_extra_groups = mail
first_valid_uid = 150last_valid_uid = 150maildir_copy_with_hardlinks = yesauth = mysql_authauth_userdb = mysql /etc/dovecot-mysql.confauth_passdb = mysql /etc/dovecot-mysql.conf####################################ends here######################After this we will set the ownership and access rights on /etc/dovecot-mysql.conf.
chmod 600 /etc/dovecot/*.conf
chown vmail /etc/dovecot/*.conf
Squirrelmail configuration: Go to squirrelmail config directory and run config.pl.
cd /usr/share/squirrelmail/config/
/conf.pl
It will show some selection like this:
SquirrelMail Configuration : Read: config.php (1.4.0) ---------------------------------------------------------
Main Menu --
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages
D. Set pre-defined settings for specific IMAP servers
C.Turn color on
S Save data
Q Quit Command >>
At the command prompt type 1 and set Organization Preferences. Here my settings are shown. You can choose your own.
1. Organization Name : R&D Dept.
2. Organization Logo : ../images/sm_logo.png
3. Org. Logo Width/Height : (308/111)
4. Organization Title : Research & Developement
5. Signout Page : http://mail.rnd
6. Top Frame : _top
7. Provider link : http://mail.rnd
8. Provider name : R&D
Save your settings and return to the main menu. Now at the command prompt type 2, and in server settings menu provide information.
>>Command 2 mine is shown below.
1. Domain : mail.rnd
2. Invert Time : false
3. Sendmail or SMTP : SMTP
A. Update IMAP Settings : mail.rnd:143 (uw)
B. Update SMTP Settings : mail.rnd:25
Configuring squirrelmail is very easy as it is menu driven. Hope you will do it yourself.
HTTP Section: To start using the mailserver web front end we will edit file /etc/httpd/conf/httpd.conf.
vi /etc/httpd/conf/httpd.conf
And append the statements given below to it.
<VirtualHost 172.16.4.81:80>DocumentRoot /usr/share/squirrelmailServerName mail.rnd</VirtualHost>Save the configuration and exit.
Creating Virtual users and domains:Now we will create virtual domains and virtual users in our mail database.
mysql -u mail -p
Enter the password and you will be at the mysql> prompt.
USE mail;
First create a virtual domain in the domain table (mail.rnd) using the command given below.
INSERT INTO domain (domain,description,aliases,mailboxes,maxquota,transport,backupmx,active) VALUES ('mail.rnd','Virtual domain','10','10', '0','virtual', '0','1');
Now create two virtual users in the mailbox table. I have created ([email protected] & [email protected]) as usernames for mike and john.
INSERT INTO mailbox (username,password,name,maildir,quota,domain,active) VALUES ('[email protected]','mypassword', 'John Smith ','john/', '0','mail.rnd','1');
INSERT INTO mailbox (username,password,name,maildir,quota,domain,active) VALUES ('[email protected]','mypassword', 'Mike Tyson','mike/', '0','mail.rnd','1');
quit
Now that we have created virtual users and virtual domain, we want to test our mail server by logging in and sending mail from one user account to another. So let's start Dovecot, Postfix, MySQL and webserver daemons. Also we want that they should start themselves on next reboot. For this we issue following commands.
chkconfig –level 235 mysqld on
chkconfig –level 235 saslauthd on
chkconfig –level 235 postfix on
chkconfig –level 235 dovecot on
chkconfig –level 235 httpd on
/etc/init.d/saslauthd start
/etc/init.d/mysqld start
/etc/init.d/postfix start
/etc/init.d/dovecot start
/etc/init.d/httpd start
Finally fire-up the browser and go to http://mail.rnd and enter the username and password and then click on Login. And enjoy playing with your mailserver.
phpMyAdmin: phpMyAdmin is a powerful and easy to use frontend for MySQL. The rpm of phpMyAdmin exists in the DAG repository. Go and add DAG repository. And install phpmyadmin and php-mysql if not already installed.
yum install -y phpmyadmin php-mysql
After this fire up a browser and enter http://127.0.0.1 in the address bar. Enter the user name and password and start using it. /etc/httpd/conf.d/phpmyadmin.conf has the information to locate phpmyadmin. If it fails you can create a virual alias in /etc/httpd/conf/httpd.conf file by editing it.
vi /etc/httpd/conf/httpd.conf
<VirtualHost 127.0.0.1>DocumentRoot /usr/share/phpmyadminServerName localhost.localdomin</VirtualHost>Enjoy using phpMyAdmin for creating users, domain and aliases.
Postfix Mailserver Virtual dengan Authentikasi User Mysql Debian Etch
Postfix Mailserver Virtual dengan Authentikasi User Mysql Debian Etch
Filed under: Linux, Network by ujangawaludin — 3 Comments June 23, 2008
Ini adalah tugas Pertamaku saat menjadi Network Engineer di Perusahaan dimana aku bekerja sekarang, agak ribet siih tapi untungnya ada mbah google yang bantu. langsung aja ya pren
Inastall Debian Etch
1. Edit sourcelist : /etc/apt/sourcelist
deb http://kambing.vlsm.org/debian/ stable main contrib non-free
deb http://kambing.vlsm.org/debian-security/ stable/updates main contrib non-free
2. jalankan line berikut untuk melengkapi instalasi yang error
aptitude -y install postfix-mysql mysql-server-5.0 dovecot-pop3d dovecot-imapd amavisd-new libclass-dbi-mysql-perl spamassassin clamav-daemon cpio arj zoo nomarch lzop cabextract pax lha unrar openssl squirrelmail phpmyadmin libapache2-mod-php5 php5-mysql telnet mutt mailman postgrey
3. masuk ke http://localhost/phpmyadmin lewat browser create database mailserver dan masukkan dump file mailserver atau sql berikut:
GRANT SELECT ON mailserver.*
TO mailuser@localhost
IDENTIFIED BY ‘password′;
CREATE TABLE `virtual_domains` (
id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(50) NOT NULL
) ENGINE = InnoDB;
CREATE TABLE `virtual_users` (
id int(11) NOT NULL AUTO_INCREMENT PRIMARY KEY,
domain_id INT(11) NOT NULL,
user VARCHAR(40) NOT NULL,
password VARCHAR(32) NOT NULL,
CONSTRAINT UNIQUE_EMAIL UNIQUE (domain_id,user),
FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE
) ENGINE = InnoDB;
CREATE TABLE `virtual_aliases` (
id int(11) NOT NULL AUTO_INCREMENT PRIMARY KEY,
domain_id INT(11) NOT NULL,
source VARCHAR(20) NOT NULL,
destination VARCHAR(80) NOT NULL,
FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE
) ENGINE = InnoDB;
CREATE VIEW view_users AS
SELECT CONCAT(virtual_users.user, ‘@’, virtual_domains.name) AS email,
virtual_users.password
FROM virtual_users
LEFT JOIN virtual_domains ON virtual_users.domain_id=virtual_domains.id;
CREATE VIEW view_aliases AS
SELECT CONCAT(virtual_aliases.source, ‘@’, virtual_domains.name) AS email,
destination
FROM virtual_aliases
LEFT JOIN virtual_domains ON virtual_aliases.domain_id=virtual_domains.id;
4. Buat database mapping
isikan pada file /etc/postfix/mysql-virtual-mailbox-domains.cf
user = mailuser
password = password
hosts = 127.0.0.1
dbname = mailserver
query = SELECT 1 FROM virtual_domains WHERE name=’%s’
isikan pada file /etc/postfix/mysql-virtual-mailbox-maps.cf
user = mailuser
password = password
hosts = 127.0.0.1
dbname = mailserver
query = SELECT 1 FROM view_users WHERE email=’%s’
isikan pada file /etc/postfix/mysql-virtual-alias-maps.cf
user = mailuser
password = password
hosts = 127.0.0.1
dbname = mailserver
query = SELECT destination FROM view_aliases WHERE email=’%s’
isikan pada file /etc/postfix/mysql-email2email.cf
user = mailuser
password = password
hosts = 127.0.0.1
dbname = mailserver
query = SELECT email FROM view_users WHERE email=’%s’
postconf -e virtual_mailbox_domains=mysql:/etc/postfix/mysql-virtual-mailbox-domains.cfpostconf -e virtual_mailbox_maps=mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
postconf -e virtual_alias_maps=mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/postfix/mysql-email2email.cfpostconf -e virtual_transport=dovecotpostconf -e dovecot_destination_recipient_limit=1postconf -e virtual_uid_maps=static:5000postconf -e virtual_gid_maps=static:5000groupadd -g 5000 vmailuseradd -g vmail -u 5000 vmail -d /home/vmail -mchgrp postfix /etc/postfix/mysql-*.cfchmod u=rw,g=r,o= /etc/postfix/mysql-*.cf5. edit file pada /etc/postfix/master.cfdovecot unix – n n – - pipeflags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
6. Configure Dovecote file /etc/dovecote/dovecote.confprotocols = imap imaps pop3 pop3sdisable_plaintext_auth = nolog_timestamp = “%Y-%m-%d %H:%M:%S ”mail_location = maildir:/home/vmail/%d/%nmail_extra_groups = mailnamespace private {separator = .prefix = INBOX.inbox = yes}protocol imap {}protocol pop3 {pop3_uidl_format = %08Xu%08Xv}protocol lda {log_path = /home/vmail/dovecot-deliver.logauth_socket_path = /var/run/dovecot/auth-masterpostmaster_address = [email protected]_plugins = cmusieveglobal_script_path = /home/vmail/globalsieverc}auth default {mechanisms = plain loginpassdb sql {args = /etc/dovecot/dovecot-sql.conf}userdb passwd {}userdb static {args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes}socket listen {master {path = /var/run/dovecot/auth-master
mode = 0600user = vmail}client {path = /var/spool/postfix/private/authmode = 0660user = postfixgroup = postfix}}}dict {}plugin {}
7. isi file /etc/dovecot/dovecot-sql.confdriver = mysqlconnect = host=127.0.0.1 dbname=mailserver user=mailuser password=passworddefault_pass_scheme = PLAIN-MD5password_query = SELECT email as user, password FROM view_users WHERE email=’%u’;8. restart dovecote /etc/init.d/dovecot restart9. ubah group dan privilegechgrp vmail /etc/dovecot/dovecot.confchmod g+r /etc/dovecot/dovecot.conf10. setting Amavis edit file /etc/amavis/conf.d/15-content_filter_mode uncomment @bypass_…11. tambahkan pada file /etc/spamassassin/local.cfbayes_auto_expire 012. start amavis /etc/init.d/amavis restart13. tambahkan konfigurasi postfixpostconf -e content_filter=smtp-amavis:[127.0.0.1]:10024postconf -e receive_override_options=no_address_mappings14. tambahkan pada file /etc/postfix/master.cfsmtp-amavis unix – - n – 2 smtp-o smtp_data_done_timeout=1200-o smtp_send_xforward_command=yes-o disable_dns_lookups=yes-o max_use=20
127.0.0.1:10025 inet n – - – - smtpd-o content_filter=-o local_recipient_maps=-o relay_recipient_maps=-o smtpd_restriction_classes=-o smtpd_delay_reject=no-o smtpd_client_restrictions=permit_mynetworks,reject-o smtpd_helo_restrictions=-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject-o smtpd_data_restrictions=reject_unauth_pipelining-o smtpd_end_of_data_restrictions=-o mynetworks=127.0.0.0/8-o smtpd_error_sleep_time=0-o smtpd_soft_error_limit=1001-o smtpd_hard_error_limit=1000-o smtpd_client_connection_count_limit=0-o smtpd_client_connection_rate_limit=0-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks-o local_header_rewrite_clients=15. create user amavis dan restart serviceadduser clamav amavis/etc/init.d/clamav-daemon restartchmod o= /etc/amavis/conf.d/50-user16. konfigure squirrelmailln -s /etc/squirrelmail/apache.conf /etc/apache2/conf.d/squirrelmail.confapache2ctl restartsquirrelmail-configure –> set pop3 & imap server dengan hostname
17. setting Postgrey dan limit pada file /etc/postfix/main.cfrelayhost = (smtp provider)mynetworks = 192.168.0..0./24 (lan)
smtpd_client_restrictions =permit_mynetworkspermit_sasl_authenticatedreject_unauth_pipelining
hopcount_limit = 10000delay_notice_recipient = [email protected]_notice_recipient = [email protected]_notice_recipient = [email protected]_notice_recipient = [email protected]_message_recipient_limit = 50000default_process_limit = 100000default_destination_recipient_limit = 20default_destination_concurrency_limit = 1000luser_relay = [email protected]
message_size_limit = 2048000header_size_limit = 2048bounce_size_limit = 500000line_length_limit = 2048000
18. restart postfix /etc/init.d/postfix restart
Setting Multiple Domain Mail Server Menggunakan POSTFIX + DOVECOT + CYRUS-SASL + MYSQL
Saya percaya, akan ada saat dimana setting mail server di linux semudah instalasi MS Exchange Server di windows. Tapi saat itu bukan hari ini …
Instalasi aplikasi di server linux memang memiliki kesulitan tersendiri. Kalau pun kita sudah “pernah”, pas dicoba 1x lagi pada distro yang berbeda atau walau cuma beda versi, belum tentu hasilnya sama.
Pertama kali saya melakukan instalasi mail server adalah 2 tahun lalu saya melakukan instalasi mail server diatas OS Linux Fedora 9, cara mudahnya adalah dengan cara copas dari berbagai tutorial yang saya termukan di internet. Alhasil, setelah 1 minggu usah, punya juga mail server. Sekarang, saya coba lagi melakukan yang sama pada Fedora 14. Cara praktisnya adalah copas konfigurasi server lama ke server baru. Tapi ternyata … memang tidak semudah yang dikira. Beberapa perbedaan versi pada aplikasi yang dipakai menjadikannya perlu ada adaptasi agar konfigurasi lama yang saya pakai bisa digunakan kembali.
Berikut adalah beberapa catatan yang saya buat pada saat melakukan konfigurasi Mail Server dengan Multiple Domain (Virtual Domain) di Linux.
Jika Anda pernah melakukan instalasi email server menggunakan MS Exchange Server, semuanya mudah. 1 program untuk seluruh keperluan. Berbeda dengan Linux, Mail Server terdiri dari program yang terpisah. Dengan demikian, untuk bisa memahaminya tentunya harus mengetahui fungsi masing-masing program yang digunakan.
Berikut adalah spesifikasi Mail Server yang saya buat:Dibuat diatas OS Linux Fedora 14.Mail server terdiri dari POSTFIX, Dovecot, Cyrus-SASL, MySQL.Virtual domail: example.com & example2.comMengirim email menggunakan authentikasi PLAIN (artinya password tidak di enkripsi)authentikasi POP & IMAP menggunakan LOGIN PLAIN (artinya password tidak di enkripsi)
POSTFIXPOSTFIX adalah program yang berfungsi menerima dan mengirim email.instalasi modul yang diperlukan untuk POSTFIX adalah:yum install postfix
berikut adalah initial setting untuk POSTFIX yang saya gunakan (file: /etc/postfix/main.cf)
# uncomment for debugging if neededsoft_bounce=yesdebug_peer_level = 99debug_peer_list = 127.0.0.1
# postfix mainmail_owner = postfixsetgid_group = postdropdelay_warning_time = 4
# postfix pathshtml_directory = nocommand_directory = /usr/sbindaemon_directory = /usr/libexec/postfixqueue_directory = /var/spool/postfixsendmail_path = /usr/sbin/sendmail.postfixnewaliases_path = /usr/bin/newaliases.postfixmailq_path = /usr/bin/mailq.postfixmanpage_directory = /usr/share/man
# network settingsinet_interfaces = allmydomain = example.commyhostname = host.example.commydestination = $myhostname localhost.$mydomainmynetworks = 127.0.0.0/8, 119.235.30.174/32mynetworks_style = subnetmyorigin = example.comrelay_domains = example2.com #virtual domain
# mail deliveryrecipient_delimiter = +
# mappingsalias_maps = mysql:/etc/postfix/mysql-aliases.cf
# virtual setupvirtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cfvirtual_gid_maps = static:89virtual_mailbox_base = /home/vmailvirtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domains_maps.cfvirtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cfvirtual_minimum_uid = 89 #UID user postfix. lihat di file /etc/groupvirtual_transport = virtualvirtual_uid_maps = static:89 #UID user postfix. lihat di file /etc/group
# debuggingdebug_peer_level = 5debugger_command =PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/binxxgdb $daemon_directory/$process_name $process_id & sleep 5
# authenticationsmtpd_sasl_auth_enable = yessmtpd_sasl_security_options = noanonymoussmtpd_sasl_local_domain = $myhostnamebroken_sasl_auth_clients = yes
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_invalid_hostnamesmtpd_sender_restrictions = reject_unknown_sender_domainsmtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination,reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain,reject_unverified_sender, reject_unverified_recipient
smtpd_helo_required = yesunknown_local_recipient_reject_code = 550
disable_vrfy_command = yessmtpd_data_restrictions = reject_unauth_pipeliningmessage_size_limit = 12582912
Seperti yang saya ungkapkan sebelumnya, ini adalah initial setup. Artinya konfigurasi “asal jalan”. Untuk keamanan, tentunya konfigurasi tersebut harus di tweak lagi.
informasi yang menghubungkan antara POSTFIX dengan mysql diletakan pada file *.cnf. Isi dari file-file tersebut adalah sebagai berikut:/etc/postfix/mysql-aliases.cfuser = postfixpassword = mypassworddbname = postfixtable = postfix_aliasselect_field = destinationwhere_field = aliashosts = localhost
/etc/postfix/mysql-virtual_alias_maps.cfhosts = localhostuser = postfixpassword = mypassworddbname = postfixtable = aliasselect_field = gotowhere_field = address
/etc/postfix/mysql-virtual_domains_maps.cfhosts = localhostuser = postfixpassword = buburayamdbname = postfixtable = domainselect_field = domainwhere_field = domainadditional_conditions = and backupmx = '0' and active = '1'
/etc/postfix/mysql-virtual_mailbox_maps.cfhosts = localhostuser = postfixpassword = buburayamdbname = postfixtable = mailboxselect_field = maildirwhere_field = username
MySQLAda banyak cara bagaimana Anda menyimpan data username & password. Namun untuk kali ini, saya memilih menggunakan MySQL.instalasi modul yang diperlukan untuk MySQL adalah:yum install mysql mysql-server
Buat database yang akan digunakan menggunakan SQL berikut:
CREATE TABLE IF NOT EXISTS `admin` (`username` varchar(255) NOT NULL DEFAULT '',
`password` varchar(255) NOT NULL DEFAULT '',`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',`active` tinyint(1) NOT NULL DEFAULT '1',PRIMARY KEY (`username`));
CREATE TABLE IF NOT EXISTS `alias` (`address` varchar(255) NOT NULL DEFAULT '',`goto` text NOT NULL,`domain` varchar(255) NOT NULL DEFAULT '',`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',`active` tinyint(1) NOT NULL DEFAULT '1',PRIMARY KEY (`address`));
CREATE TABLE IF NOT EXISTS `alias_domain` (`alias_domain` varchar(255) NOT NULL DEFAULT '',`target_domain` varchar(255) NOT NULL DEFAULT '',`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',`active` tinyint(1) NOT NULL DEFAULT '1',PRIMARY KEY (`alias_domain`),KEY `active` (`active`),KEY `target_domain` (`target_domain`)) ;
CREATE TABLE IF NOT EXISTS `config` (`id` int(11) NOT NULL AUTO_INCREMENT,`name` varchar(20) NOT NULL DEFAULT '',`value` varchar(20) NOT NULL DEFAULT '',PRIMARY KEY (`id`),UNIQUE KEY `name` (`name`)) AUTO_INCREMENT=1 ;
CREATE TABLE IF NOT EXISTS `domain` (`domain` varchar(255) NOT NULL DEFAULT '',`description` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,`aliases` int(10) NOT NULL DEFAULT '0',`mailboxes` int(10) NOT NULL DEFAULT '0',`maxquota` bigint(20) NOT NULL DEFAULT '0',`quota` bigint(20) NOT NULL DEFAULT '0',`transport` varchar(255) DEFAULT NULL,`backupmx` tinyint(1) NOT NULL DEFAULT '0',`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',`active` tinyint(1) NOT NULL DEFAULT '1',PRIMARY KEY (`domain`));
CREATE TABLE IF NOT EXISTS `domain_admins` (`username` varchar(255) NOT NULL DEFAULT '',`domain` varchar(255) NOT NULL DEFAULT '',`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',`active` tinyint(1) NOT NULL DEFAULT '1',KEY `username` (`username`));
CREATE TABLE IF NOT EXISTS `fetchmail` (`id` int(11) unsigned NOT NULL AUTO_INCREMENT,`mailbox` varchar(255) NOT NULL DEFAULT '',`src_server` varchar(255) NOT NULL DEFAULT '',`src_auth` enum('password','kerberos_v5','kerberos','kerberos_v4','gssapi','cram-md5','otp','ntlm','msn','ssh','any') DEFAULT NULL,`src_user` varchar(255) NOT NULL DEFAULT '',`src_password` varchar(255) NOT NULL DEFAULT '',`src_folder` varchar(255) NOT NULL DEFAULT '',`poll_time` int(11) unsigned NOT NULL DEFAULT '10',`fetchall` tinyint(1) unsigned NOT NULL DEFAULT '0',`keep` tinyint(1) unsigned NOT NULL DEFAULT '0',`protocol` enum('POP3','IMAP','POP2','ETRN','AUTO') DEFAULT NULL,`ssl` tinyint(1) unsigned NOT NULL DEFAULT '0',`extra_options` text,`returned_text` text,`mda` varchar(255) NOT NULL DEFAULT '',`date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,PRIMARY KEY (`id`)) AUTO_INCREMENT=1 ;
CREATE TABLE IF NOT EXISTS `log` (`timestamp` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',`username` varchar(255) NOT NULL DEFAULT '',`domain` varchar(255) NOT NULL DEFAULT '',`action` varchar(255) NOT NULL DEFAULT '',`data` varchar(255) NOT NULL DEFAULT '',KEY `timestamp` (`timestamp`));
CREATE TABLE IF NOT EXISTS `mailbox` (`username` varchar(255) COLLATE utf8_unicode_ci NOT NULL,`password` varchar(255) COLLATE utf8_unicode_ci NOT NULL,`name` varchar(255) COLLATE utf8_unicode_ci NOT NULL,`maildir` varchar(255) COLLATE utf8_unicode_ci NOT NULL,`quota` bigint(20) NOT NULL DEFAULT '0',`domain` varchar(255) COLLATE utf8_unicode_ci NOT NULL,`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',`passwd_expire` char(1) COLLATE utf8_unicode_ci NOT NULL,`active` tinyint(1) NOT NULL DEFAULT '1',PRIMARY KEY (`username`));
CREATE TABLE IF NOT EXISTS `postfix_alias` (`destination` varchar(50) DEFAULT NULL,`alias` varchar(50) DEFAULT NULL);
CREATE TABLE IF NOT EXISTS `vacation` (`email` varchar(255) NOT NULL DEFAULT '',`subject` varchar(255) NOT NULL DEFAULT '',`body` text NOT NULL,`cache` text NOT NULL,`domain` varchar(255) NOT NULL DEFAULT '',`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',`active` tinyint(1) NOT NULL DEFAULT '1',PRIMARY KEY (`email`),
KEY `email` (`email`));
DovecotPOSTFIX hanya bertugas menerima dan mengirim. Sedangkan program yang melayani aplikasi email client lewat protokol IMAP & POP (seperti MS Outlook, Mozilla Thunderbird atau SquirellMail) ditangani oleh Dovecot.instalasi modul yang diperlukan untuk Dovecot adalah:yum install dovecot dovecot-mysql
konfigurasi untuk dovecot (saya menggunakan versi 2) terletak di dalam file /etc/dovecot/dovecot.conf, dan dari file tersebut load file lain yang ada di /etc/dovecot/conf.d. Namun untuk penyerderhanaan, saya membuatnya menjadi 1 file di /etc/dovecot/dovecot.conf dengan isi sebagai berikut:
# 2.0.9: /etc/dovecot/dovecot.conf# OS: Linux 2.6.35.6-45.fc14.x86_64 x86_64 Fedora release 14 (Laughlin) ext3first_valid_uid = 89log_path = /var/log/dovecot
disable_plaintext_auth = no
#debug option#mail_debug = yes#auth_debug_passwords=yes#auth_debug=yes#auth_verbose = yes#auth_verbose_passwords=plain#verbose_ssl = yes
mail_location = maildir:/home/vmail/%d/%nprotocols = pop3 imapssl_cert =
Dovecot pun perlu sambungan untuk membaca informasi user yang tersimpan di MySQL. Konfigurasi untuk koneksi ke MySQL bisa dilihat di /etc/dovecot/dovecot-mysql.conf
driver = mysqlconnect = host=localhost dbname=postfix user=postfix password=mypassworddefault_pass_scheme = PLAIN
password_query = SELECT password FROM mailbox WHERE username = '%u'user_query = SELECT maildir, 89 AS uid, 89 AS gid FROM mailbox WHERE username = '%u'
Cyrus-SASLKhusus untuk keperluan autentikasi (memeriksa apakah user yang login via Dovecot atau POSTFIX adalah user yang valid) digunakan program Cyrus-SASL.instalasi modul yang diperlukan untuk Cyrus-SASL adalah:yum install cyrus-sasl cyrus-sasl-mysql cyrus-sasl-plain pam_mysql
pastikan /etc/sasl2/smtpd.conf seperti berikut:pwcheck_method: saslauthdmech_list: plain login
set konfigurasi /etc/pam.d/smtpauth required pam_mysql.so user=postfix passwd=mypassword host=localhost db=postfix table=mailbox usercolumn=username passwdcolumn=passwordaccount sufficient pam_mysql.so user=postfix passwd=mypassword host=localhost db=postfix table=mailbox usercolumn=username passwdcolumn=password
untuk keperluan Virtual Domain, pastikan Cyrus memeriksa realm pada saat memeriksa user. Hal ini ditentukan oleh 2 file konfigurasi:/etc/init.d/saslauthd pastikan memiliki baris:PARAMS="${PARAMS} -a ${MECHANISMS} -r"
/etc/sysconfig/saslauthd pastikan menambahkan “-r” pada FLAGSOCKETDIR=/var/run/saslauthdMECH=pamFLAGS=-r
Coba restart MySQL, POSTFIX, Dovecot, dan Cyrus-SASL. … And see what happen!
Saya belum bisa menuliskan step by step yang lengkap untuk proses setting ini. Tapi, mungkin Anda coba merujuk ke beberapa link berikut ini.