On Wednesday 10 November 2010 07:33:02 DJ Lucas wrote: >... > I've been using Dovecot for quite a while and am quite happy with it. > Been meaning to add it to the book but not on the priority list ATM. Not > sure how Courier-IMAP stacks up (esp for 995) but it is still pretty > popular following Postfix Users list. Dovecot is very nice in that it > also provides a SASL server implementation (single configuration for > SASL with both Postfix and Dovecot). Haven't used Cyrus SASL for server > in a long time, however, it is still needed for SASL client with Postfix > (auth smarthost for instance). > > -- DJ Lucas
Hi, long time ago, i have setup a Courier-IMAP, -SASL and MailDrop installation. In combination with FetchMail and PostFix its quite useful and work very stable and reliable. That times, i wrote a HowTo for that. An online version you can find also at http://www.mueller-trepl.de/node/22 . The fact that I refer to my old RS/6000 shows that it must be somewhat of three or four years old now, but that installation (in the meanwhile migrated to a fanless x86) still works well. --- IMAP-Server This HowTo is about how to create a mailing infrastructure from scratch. The idea was that multiple clients can read and write mails. Formerly, i had one laptop shared with my hole family which often leads to some kind of trouble when i rebuild a new LFS system on it (see http://www.linuxfromscratch.org/) or when some mails disappeared when i cleaned my home directory. So I decided to buy another laptop, built a full blown LFS/BLFS (incl. KDE, digicam, k3b, Audacity, OpenOffice and others) on it and hand this laptop over to have my own one for me alone. The next issue was to setup the mailing infrastructure that she could send/receive her mails and i can send/receive mine - but also having some accounts shared. My old RS/6000 (which I borrowed for an infinite time from the company I use to work for) seems to be a good choice to use for that project since it is the internet gateway and webserver already. Ok, it is no good style to put gateway, firewall, webserver, mailserver, fileserver and such all on one maschine, but I simply do not have so much computers that I could set up some kind of demilitarized zones or so. Well, hopefully my iptable setup is good enough. What I liked to have (and got) was a central IMAP server, a simple user management, an option to collect mails from mailboxes somewhere out in the internet and of course, a mail server here to receive mails sent to my domain. Prerequisites I assume that there a running Linux system (LFS?). Things depends on others, I do not need to tell you that a glibc should be installed. But what I know is that we definitely will make use of Berkeley-DB and of the OpenSSL-library. But BDB should be installed anyway (at least in LFS it is, optional in BLFS) and OpenSSL is always a good idea to have it around. This are the packages you need to download: * http://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.22.tar.gz * http://www.mirrorspace.org/postfix/official/postfix-2.4.6.tar.gz * http://mesh.dl.sourceforge.net/sourceforge/courier/courier- authlib-0.60.... * http://mesh.dl.sourceforge.net/sourceforge/courier/maildrop-2.0.4.tar.bz2 * http://mesh.dl.sourceforge.net/sourceforge/courier/courier- imapd-4.3.0.t... If you don't have expect installed, courier-authlib complains about missing it and therefore disabling the option of changing passwords in webmail. So you may want to setup expect first. * http://expect.nist.gov/old/expect-5.43.0.tar.gz * http://www.linuxfromscratch.org/patches/blfs/svn/expect-5.43.0- spawn-2.p... Setup Mailserver 1. Install Cyrus-SASL This packages is used by much other packages, especially KDE, but also for Postfix. The later one is quite important for our project. Without SASL support, Postfix will not be able to send out mails using your mail providers SMTP-server where you may have to logon first. Follow the instructions to install Cyrus-SASL as they are in the BLFS- book. At time of writing this, there was version 2.1.22 in use. Do not forget to adjust the parameter to the -a switch in the startup script of the package. I used "shadow" for that. Read more about this in the Cyrus-SASL hint of Randy McMurchy. 2. Install Postfix I used Postfix version 2.4.6 in difference to the BLFS book. There is no specific reason for that except that the version the book uses is a bit outdated. I used the same instructions to build Postfix as the are in the book. Note that especially the modification of the CCARGS/AUXLIBS environment variables according to TLS/SASL needs to be added. In the /etc/postfix/main.cf I set myhostname = my.internet.domain mynetworks = 192.168.1.0/24, 127.0.0.0/8 alias_maps = hash:/etc/aliases In order to allow Postfix to logon to your mail providers server, SASL now becomes used # SMTP with SASL-Authentification smtp_sasl_auth_enable = yes # The passwords are in file /etc/postfix/smtp_auth smtp_sasl_password_maps = hash:/etc/postfix/smtp_auth # Additional options: Don't use anonymous logon smtp_sasl_security_options = noanonymous # Here is the mail server of the provider relayhost = providers.mailserver.tld The file /etc/postfix/smtp_auth is formatted like providers.mailserver.tld accountname:password other.mailserver.domain anotheracct:otherpassword ... Whenever you have modified that file or when you have actually created it, run postmap /etc/postfix/smtp_auth to create the /etc/postfix/smtp_auth.db which than is used by Postfix. Set both file permissions to 600 because in both files are passwords in clear text: chmod 600 /etc/postfix/smtp_auth{,.db} Don't forget to (re)start the mail server. Setup IMAP Server Personally i felt a bit more comfortable with the Courier-IMAP that with others. Therefore, I'll describe the Courier IMAP tools which consists of three separate packages. First setup a system user who will own several files by executing the following command: groupadd -g 34 courier useradd -c "Courier IMAP Server" -d /srv/imapd -g courier \ -s /bin/bash -u 34 courier In addition to what follows, read the documentation at http://www.courier-mta.org/authlib/README_authlib.html#authuserdb http://www.courier-mta.org/imap/documentation.html 1. Install courier-authlib This package is used to handle the user accounts and the permissions within the IMAP service. Just remember to setup expect. A how to you can find at the BLFS project. ./configure --prefix=/usr --sysconfdir=/etc/courier \ --with-mailuser=courier --with-mailgroup=courier && make && make install && make install-configure && install -m755 courier-authlib.sysvinit /etc/rc.d/init.d/authdaemond && sed -i "s;var/lock/subsys/;var/lock/;g" /etc/rc.d/init.d/authdaemond && ln -sf ../init.d/authdaemond /etc/rc.d/rc0.d/K26authdaemond && ln -sf ../init.d/authdaemond /etc/rc.d/rc1.d/K26authdaemond && ln -sf ../init.d/authdaemond /etc/rc.d/rc2.d/K26authdaemond && ln -sf ../init.d/authdaemond /etc/rc.d/rc3.d/S34authdaemond && ln -sf ../init.d/authdaemond /etc/rc.d/rc4.d/S34authdaemond && ln -sf ../init.d/authdaemond /etc/rc.d/rc5.d/S34authdaemond && ln -sf ../init.d/authdaemond /etc/rc.d/rc6.d/K26authdaemond Create the directory where the mailboxes will be stored: mkdir /srv/imapd && chown courier:courier /srv/imapd Create the userdb stubb file touch /etc/courier/authlib/userdb && chown courier:courier /etc/courier/authlib/userdb && chmod 700 /etc/courier/authlib/userdb 2. Install maildrop The maildrop package takes the mails received by Postfix and stores them in the IMAP mailboxes. In the /etc/postfix/main.cf I set mailbox_command = /usr/bin/maildrop virtual_transport = maildrop mailbox_transport = maildrop virtual_uid_maps = static:34 virtual_gid_maps = static:34 virtual_mailbox_base = /srv/imapd virtual_mailbox_maps = hash:/etc/postfix/virtual Build and install maildrop by using the following commands: ./configure --prefix=/usr --sysconfdir=/etc/courier \ --with-db=db --enable-maildrop-uid=courier \ --enable-maildrop-gid=courier --with-etcdir=/etc/courier && make && make install && make install-man Setup a minimal maildrop configuration: cat > /etc/courier/maildroprc <<"EOF" # Begin /etc/courier/maildroprc # Set the default Maildir DEFAULT=$HOME/Maildir/ logfile "/var/log/maildrop.log" # End /etc/courier/maildroprc EOF fi && touch /var/log/maildrop.log && chown courier:courier /var/log/maildrop.log Maildrop is a quite interesting part in the hole construction since this is the one which can drop incoming mail to different Mailboxes AND different IMAP folders. This all is rule based. 3. Install imapd The documentation wants us to have the configuration and the built done by an unprivileged user. First, change all the files to be owned by this unprivileged user: chown -R courier:courier ./* && Next I set up the configuration option in a variable CFG="--prefix=/usr \ --sysconfdir=/etc/courier \ --with-db=db \ --with-piddir=/var/run \ --with-userdb=/etc/courier/authlib/userdb \ --with-mailuser=courier \ --with-mailgroup=courier" Note that the option "--with-userdb" points to the database file we created above while installing courier-authlib. Now run the configure script and the build as non-root su courier -c "./configure $CFG" && su courier -c "make" Install the binaries make install && make install-configure and the bootscripts install -m755 courier-imap.sysvinit /etc/rc.d/init.d/imapd && sed -i "s;var/lock/subsys/;var/lock/;g" /etc/rc.d/init.d/imapd && ln -sf ../init.d/imapd /etc/rc.d/rc0.d/K25imapd && ln -sf ../init.d/imapd /etc/rc.d/rc1.d/K25imapd && ln -sf ../init.d/imapd /etc/rc.d/rc2.d/K25imapd && ln -sf ../init.d/imapd /etc/rc.d/rc3.d/S35imapd && ln -sf ../init.d/imapd /etc/rc.d/rc4.d/S35imapd && ln -sf ../init.d/imapd /etc/rc.d/rc5.d/S35imapd && ln -sf ../init.d/imapd /etc/rc.d/rc6.d/K25imapd by default, the services of pop3 and imapd are not started. At least the IMAP service is that where this document is about - so enable them by modifying the configuration files: sed -i "s/^IMAPDSTART=NO$/IMAPDSTART=YES/" /etc/courier/imapd && sed -i "s/^POP3DSTART=NO$/POP3DSTART=YES/" /etc/courier/pop3d Setup initial user accounts pw2userdb | grep "courier" >> /etc/courier/authlib/userdb You now may want to add a first test imap account: userdb "[email protected]" set home=/srv/imapd/test uid=34 gid=34 Set the password for the account echo "test01" | userdbpw -md5 | \ userdb "[email protected]" set systempw Take all modifications to account makeuserdb Create the mailbox su courier -c "mkdir /srv/imapd/test" su courier -c "maildirmake -S /srv/imapd/test/Maildir" Tell Postfix that there is a virtual account echo "[email protected] test" >>/etc/postfix/virtual postmap /etc/postfix/virtual -- Thomas -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
