Cheap VPS & Xen Server


Residential Proxy Network - Hourly & Monthly Packages

How To Configure ISP Mail Server With Virtual Users/Domains On Centos 5.0 Using Postfix, Dovecot, MySQL, phpMyAdmin, TLS/SSL


Babaraleem, the original author of How To configure ISP Mail Server With Virtual Users/Domain On Centos 4.5 Using Postifix, Dovecot, MySQL, phpMyAdmin, TLS/SSL.
url: http://www.Kreationnext.com/virtual-users-and-domains-postfix-dovecot-mysql-centos4.5

I decided to update and add extra information on a tutorial I found online by Babaraleem to further assist Postfix newbie’s. I experienced a difficult time following up on an out of date howto, when setting up my own mail server. I spent a long time troubleshooting, googling and reading other tutorials and documentation on postfix. The final results is this howto.

You may find out that most tutorials/howto’s found online contain very limited information on how to verity and test your server configuration, you will have to look for another documentation to know how to test your server. I hope the information gathered in this howto will be helpful.

This howto will explain how to go about setting up an email server on Centos 5 using Postfix, Dovecot, RoundCube, Virtual Users/Domain and phpAdmin. I have also done a similar setup on Fedora Core 6. My best advice is to set this up first on a workstation and test it thoroughly before setting up on a server and going live with it!

This howto does not go into much detail, if you are looking for a full explanation of what is going on then read the documentation for each program. This is merely a step by step guide to get you up and running. You may use apt / yum to install software.

The content of this howto is broken down in three phases, compiling/installation, configuring and verifying your configuration.

 

Pre-Configuration Requirements:

1. Hostname mail.example.co.tz with IP address (192.168.49.81) to eth0. (You can assign an IP address and hostname of your choice.)
2. Create an alias eth0:0. Assign IP address (192.168.49.81). (You can assign an IP address of your choice.)
3. Make entries of your hostname and IP in /etc/hosts . In my case my /etc/hosts file shows

127.0.0.1 localhost.localdomain localhost
192.168.49.80 dns.example.co.tz dns
192.168.49.81 mail.example.co.tz mail

 

Installation Of Required Packages:

We need the following packages to be installed: Cyrus-sasl for SMTP AUTH

Description: The basic SMTP protocol does not provide a mechanism to authenticate users. Since email envelope addresses are so easy to fake, you can’t know who is sending mail to your server unless you have a reliable means to authenticate clients. To allow mail relay privileges on your server, you need assurance that senders are who they claim to be, and you cannot rely on the senders’ email addresses as identification. In this section, we look at installing and verify packpages for the Simple Authentication and Security Layer (SASL) as a means to control mail relaying and generally to identify who is using your mail server.

yum -y install cyrus*

Below packages will be installed.

rpm -qa | grep cyrus

cyrus-sasl-sql-2.1.22-4
cyrus-sasl-2.1.22-4
cyrus-sasl-devel-2.1.22-4
cyrus-sasl-md5-2.1.22-4
cyrus-sasl-ntlm-2.1.22-4
cyrus-sasl-ldap-2.1.22-4
cyrus-sasl-plain-2.1.22-4
cyrus-sasl-gssapi-2.1.22-4
cyrus-sasl-lib-2.1.22-4

We need at least the following packages installed in order to make Cyrus-SASL and Postfix work and Postfix get what it needs to when it has to compile with SASL support:

cyrus-sasl-2.1.22-4
cyrus-sasl-authd-2.1.22-4
cyrus-sasl-devel-2.1.22-4

Then you have to choose at least one of the following mechanisms to use when authenticating users:

cyrus-sasl-gssapi-2.1.22-4
cyrus-sasl-md5-2.1.22-4
cyrus-sasl-plain-2.1.22-4

 

Installing openssl used for TLS support

Description:

TLS (formerly SSL) stands for Transport Layer Security. Once this layer is established, it encrypts the communication between two hosts. If we use SMTP AUTH and the mechanisms PLAIN or LOGIN usernames and passwords are sent plaintext over the internet. This means that anyone could sniff the communication and read the passwords. If you don’t want this – which I’m sure you don’t – you can use TLS to help.

yum install -y openssl openssl-devel mod_ssl

Verify the required packages are installed.

rpm -qa | grep openssl

openssl097a-0.9.7a-9
openssl-0.9.8b-15.fc6
mod_ssl-2.2.6-1.fc6
openssl-perl-0.9.8b-15.fc6
openssl-devel-0.9.8b-15.fc6

 

Install dovecot

If you install postfix before dovecot, then dovecot will not be installed on your system because of packages conflicts.

Description:

Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like systems, written with security primarily in mind. This will install dovecot along with dependencies (mysql and postgresql).

yum install -y dovecot

 

Download, compile and install postfix with MySQL, TLS and SASL support (+LDAP).

Description: I am assuming you already know what postfix is hence, won’t explain what it is.

Unzipping postfix:

tar zxvf postfix-2.5.2.tar.gz

Change directory to postfix root directory:

cd postfix-2.5.2/

Compiling postfix with MySQL, TLS, SASL support:

NOTE: You need to have db4-packages installed.

make makefiles \
CCARGS=’-DUSE_SASL_AUTH -DHAS_SSL -DHAS_MYSQL -DHAS_LDAP -DUSE_CYRUS \
-I/usr/include/sasl -I/usr/include/openssl \
-I/usr/include/mysql -I/usr/include’ \
AUXLIBS=’-L/usr/lib -L/usr/lib/openssl/engines \
-L/usr/lib/mysql -L/usr/lib \
-lsasl2 -lcrypto -lssl -lmysqlclient -lz -lm -lldap -llber \
-Wl,-rpath /usr/lib/mysql -Wl,-rpath /usr/lib \
-Wl,-rpath /usr/lib/openssl/engines’

make install

NOTE: See Appendix A for further explanation on complier arguments.

We will verify if features were compiled with postfix shortly.

Configuration:

SMTP-AUTH/TLS

First we configure SMTP-AUTH and TLS. For this edit /usr/lib/sasl2/smtpd.conf with your favorite editor.

vi /usr/lib/sasl2/smtpd.conf

and make changes as given below.

pwcheck_method: saslauthd
mech_list: plain login

Create directories, then private key and lastly the certificate.

mkdir -p /etc/postfix/ssl/mailserver
cd /etc/postfix/ssl/mailserver
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

Private keys and certificates have been created. Later on we will tell postfix to use them.

 

MySQL:

We will now create a database named mail, for this we will issue commands given below;

mysql -u root -p

Enter the password and you will be at the MySQL prompt (mysql>).

CREATE DATABASE mail;

Give all privileges on mail to user mail.

GRANT ALL PRIVILEGES ON mail.* TO ‘mail’@’localhost’ IDENTIFIED BY ‘mail’;
FLUSH PRIVILEGES;
quit

Set password for mail user. This will be done by the following statement.

mysqladmin -u mail password newpassword

Then we will create the necessary tables for our new database (mail) that contains domains, users, aliases and mailboxes information.

mysql -u mail -p

After giving the password you will be at the MySQL prompt.

show databases;

It will show all databases, including our “mail” database. We will use “mail”.

USE mail;

1. Create the domain table.

CREATE TABLE domain ( domain varchar(255) NOT NULL default ”, description varchar(255) NOT NULL default ”, aliases int(10) NOT NULL default ‘0’, mailboxes int(10) NOT NULL default ‘0’, maxquota int(10) NOT NULL default ‘0’, transport varchar(255) default NULL, backupmx tinyint(1) NOT NULL default ‘0’, created datetime NOT NULL default ‘0000-00-00 00:00:00’, modified datetime NOT NULL default ‘0000-00-00 00:00:00’, active tinyint(1) NOT NULL default ‘1’, PRIMARY KEY (domain), KEY domain (domain) ) TYPE=MyISAM COMMENT=’ Virtual Domains’;

2. Second most important table is mailbox, so create mailbox.

CREATE TABLE mailbox ( username varchar(255) NOT NULL default ”, password varchar(255) NOT NULL default ”, name varchar(255) NOT NULL default ”, maildir varchar(255) NOT NULL default ”, quota int(10) NOT NULL default ‘0’, domain varchar(255) NOT NULL default ”, created datetime NOT NULL default ‘0000-00-00 00:00:00’, modified datetime NOT NULL default ‘0000-00-00 00:00:00’, active tinyint(1) NOT NULL default ‘1’, PRIMARY KEY (username), KEY username (username) ) TYPE=MyISAM COMMENT=’Virtual Mailboxes’;

3. Create the alias table.

CREATE TABLE alias ( address varchar(255) NOT NULL default ”, goto text NOT NULL, domain varchar(255) NOT NULL default ”, created datetime NOT NULL default ‘0000-00-00 00:00:00’, modified datetime NOT NULL default ‘0000-00-00 00:00:00’, active tinyint(1) NOT NULL default ‘1’, PRIMARY KEY (address), KEY address (address) ) TYPE=MyISAM COMMENT=’Virtual Aliases’;

We have created the necessary tables, so quit MySQL.

quit

 

Postfix MySQL:

Postfix needs to know where and how it can look up all mailbox related information. For this purpose we will create the following files under /etc/postfix. Recent versions of Postfix may use that instead of the other statements, and in that case, just comment all lines out, and un-comment the last one.

1. Create file mysql_virtual_alias_maps.cf for forwarding emails from one email address to another.

vi /etc/postfix/mysql_virtual_alias_maps.cf

user = mail
password = mail
hosts = localhost
dbname = mail
table = alias
select_field = goto
where_field = address
additional_conditions = and active = '1'
#query = SELECT goto FROM alias WHERE address='%s' AND active = '1'

2. Create file mysql_virtual_domains_maps.cf, for the virtual domains mapping. Virtual domains are queried using information provided in this file.

vi /etc/postfix/mysql_virtual_domains_maps.cf

user = mail
password = mail
hosts = localhost
dbname = mail
table = domain
select_field = domain
where_field = domain
additional_conditions = and backupmx = '0' and active = '1'
#query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '0' AND active = '1'

3. Create the file mysql_virtual_mailbox_maps.cf. Which is usually the mapping of email addresses to the location of the user’s mailbox on your hard disk. If you saved incoming email to the hard disk using Postfix’ built-in virtual delivery agent then it would be queried to find out the mailbox path.

vi /etc/postfix/mysql_virtual_mailbox_maps.cf

user = mail
password = mail
hosts = localhost
dbname = mail
table = mailbox
select_field = CONCAT(domain,'/',maildir)
where_field = username
additional_conditions = and active = '1'
#query = SELECT CONCAT(domain,'/',maildir) FROM mailbox WHERE username='%s' AND active = '1'

4. Lastly create file mysql_virtual_mailbox_limit_maps.cf which will be used for mapping users mailboxes quota limit.

vi /etc/postfix/mysql_virtual_mailbox_limit_maps.cf

user = mail
password = mail
hosts = localhost
dbname = mail
table = mailbox
select_field = quota
where_field = username
additional_conditions = and active = '1'
#query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1'

5. Give the mysql_virtual files appropriate ownership and permission.

chown root:postfix *.cf
chmod 644 *.cf

 

Postfix:

In the Postfix configuration section we will edit the main.cf file located in configuration directory of postfix (/etc/postfix), to enter some basic information necessary for Postfix.

mv /etc/postfix/main.cf /etc/postfix/main.cf.orig
vi /etc/postfix/main.cf

############## Postfix###############
#Date Modified 17th June 2008
#-------------------------------------------------------
smtpd_banner = $myhostname
biff = no
append_dot_mydomain = no
relayhost =
mynetworks = 192.168.49.0/24
inet_interfaces = 192.168.49.81
mailbox_size_limit = 0
recipient_delimiter = +
alias_database = hash:/etc/postfix/aliases
alias_maps = $alias_database
myhostname = example.co.tz
mydomain = rnd
myorigin = $myhostname
mydestination = $myhostname, localhost.$mydomain, $transport_maps
mail_spool_directory = /var/spool/mail
debug_peer_level = 2
debugger_command =
  PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
  xxgdb $daemon_directory/$process_name $process_id & sleep 5
disable_vrfy_command = no
readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES
sample_directory = /usr/share/doc/postfix-2.2.10/samples
sendmail_path = /usr/sbin/sendmail
html_directory = no
setgid_group = postdrop
command_directory = /usr/sbin
manpage_directory = /usr/share/man
daemon_directory = /usr/libexec/postfix
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
queue_directory = /var/spool/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 450
####################postfix section ends here###############

 

Postfix Virtual user information:

Again we will edit main.cf file to add support for virtual users. The “virtual_minimum_uid” and “virtual_uid_maps” point to user id 150 in my case, which is a user I created specifically for handling virtual mail. It uses the standard “mail” group with the default gid 12. So first create the user by issuing the useradd command or adduser.

useradd -r -u 150 -g mail -d /var/vmail -s /sbin/nologin -c “Virtual mailbox” vmail
chmod 770 /var/vmail/ (create the directory if doesn’t exit)
chown vmail:mail /var/vmail
vi /etc/postfix/main.cf

#######################Virtual Domains Users and mailboxes###############
virtual_mailbox_domains = mysql:$config_directory/mysql_virtual_domains_maps.cf
virtual_mailbox_base = /var/vmail
virtual_mailbox_maps = mysql:$config_directory/mysql_virtual_mailbox_maps.cf
virtual_alias_maps = mysql:$config_directory/mysql_virtual_alias_maps.cf
virtual_minimum_uid = 150
virtual_uid_maps = static:150
virtual_gid_maps = static:12
##############################Virtual section of main.cf ends##############

 

Postfix SASL/TLS authentication:

Finally we will again edit main.cf file to enable SASL/TLS authentication. Previously we created some certificates, we will use them here to secure mail server.

vi /etc/postfix.main.cf

#################### SASL/TLS Authentication###########################
######SASL PART#########
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain =
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
######TLS PART###########
smptpd_tls_cert_file = /etc/postfix/ssl/mailserver/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/mailserver/smtpd.key
smtpd_tls_CAfile = /etc/postfix/ssl/mailserver/cacert.pem
smtp_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_received_header = no
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
tls_random_source = dev:/dev/urandom
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_recieved_header = yes
###########################SASL/TLS Authentication ends here#############

For my convenience I have divided main.cf in three sections { Postfix, virtual-Domains-Users-and-mailboxes, SASL/TLS-Authentication}. SASL/TLS-Authentication is further divided into ( SASL-PART and TLS-PART). To show you each section and their parameters I have edited the same file thrice. Now copy the /etc/aliases and /etc/aliases.db to /etc/postfix/ and run newaliases.

cp /etc/aliases* /etc/postfix/
newaliases

 

Dovecot v1.x IMAP and POP:

Let us configure Dovecot which provides both a POP3 and an IMAP service. The configuration file for Dovecot is /etc/dovecot.conf. We’ll back up the original file to dovecot.conf.orig, and amend the running file to our needs. To handle virtual users with dovecot we will create the file /etc/dovecot-mysql.conf.

vi /etc/dovecot-mysql.conf

######dovecot-mysql.conf should look like this##########
# NOTE: '\' line splitting is used only for readability, currently Dovecot doesn't support it
# The mysqld.sock socket may be in different locations in different systems
driver = mysql
default_pass_scheme = plain
#connect = host=/var/run/mysqld/mysqld.sock dbname=mail user=root password=default
# Alternatively you can connect to localhost as well:
connect = host=localhost dbname=mail user=mail password=mail
password_query = SELECT password FROM mailbox WHERE username = '%u'
user_query = SELECT '/var/vmail/%d/%n' as home, 'maildir:/var/vmail/%d/%n' as mail, 150 AS uid, 12 AS gid, concat('dirsize:storage=',quota) AS quota FROM mailbox WHERE username ='%u' AND active ='1'
####################ends here####################

Now moving to configure dovecot.conf, to authenticate virtual user using mysql_auth method. Keep this thing in mind that normal Linux users can’t login to mail-server. Because we haven’t enabled Pam-authentication method in our dovecot configuration. Also first_valid_uid and last_valid_uid are set to 150, which means only the user with uid 150 will be able to log in. Pop3 and pop3s protocols are made available.

cp -p /etc/dovecot.conf /etc/dovecot.conf.orig
vi /etc/dovecot.conf

(Only edit the following lines)

##############dovecot configured to work with virtual users############
base_dir = /var/run/dovecot/
protocols = imap pop3 imaps pop3s
listen = [::]
login_dir = /var/run/dovecot-login
mail_location = mbox:/var/vmail/%d/%n
mbox_read_locks = fcntl
log_timestamp = "%Y-%m-%d %H:%M:%S "
log_path = /var/log/maillog
mail_extra_groups = mail
first_valid_uid = 150
last_valid_uid = 150
maildir_copy_with_hardlinks = yes
userdb sql {
args = /etc/dovecot-mysql.conf
}
passdb sql {
args = /etc/dovecot-mysql.conf
}
####################################ends here######################

After this we will set the ownership and access rights on /etc/dovecot-mysql.conf.

chmod 600 /etc/dovecot/*.conf
chown vmail /etc/dovecot/*.conf

 

Roundcube Installation & Configuration:

Based on INSTALLATION NOTES (Roundcube)

1. Decompress and put this folder somewhere inside your document root (/var/www/html/mail)
2. Make sure that the following directories (and the files within) are writable by the webserver

– /temp
– /logs
3. Create a new database and a database user for RoundCube (see DATABASE SETUP)
4. Point your browser to http://url-to-roundcube/installer/
5. Follow the instructions of the install script (or see MANUAL CONFINGURATION)
6. After creating and testing the configuration, remove the installer directory
7. Done!

DATABASE SETUP

* MySQL 4.1.x/5.x

For MySQL version 4.1 and up, it’s recommended to create the database for RoundCube with utf-8 charset. Here’s an example of the init procedure:

mysql -u root -p

CREATE DATABASE roundcubemail DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost IDENTIFIED BY ‘password’;
quit

mysql -u mail -p roundcubemail < SQL/mysql5.initial.sql

Note: ‘password’ is the master password for the roundcube user. It is strongly recommended you replace this with a more secure password. Please keep in mind: You need to specify this password later in ‘config/db.inc.php’.

 

HTTP Section:

To start using the mailserver web front end we will edit file /etc/httpd/conf/httpd.conf.

vi /etc/httpd/conf/httpd.conf

And append the statements given below to it.

#Front end mail access using roundcube
<VirtualHost *:80>
  DocumentRoot /var/www/html/mail
  ServerName mail.example.co.tz
</VirtualHost>

Save the configuration and exit.

 

Creating Virtual users and domains:

1. Now we will create virtual domains and virtual users in our mail database.

mysql -u mail -p

2. Enter the password and you will be at the mysql> prompt.

USE mail;

3. First create a virtual domain in the domain table (example.co.tz) using the command given below.

INSERT INTO domain (domain,description,aliases,mailboxes,maxquota,transport,backupmx,active) VALUES (‘example.co.tz’,’Virtual domain’,’10’,’10’, ‘0’,’virtual’, ‘0’,’1′);

4. Now create two virtual users in the mailbox table. I have created (kiiza@example.co.tz & hoboka@example.co.tz) as usernames for kiiza and hoboka.

INSERT INTO mailbox (username,password,name,maildir,quota,domain,active) VALUES (‘hoboka@example.co.tz’,’mwamaLis’, ‘Hoboka Mwamakunge ‘,’hoboka/’, ‘0’,’example.co.tz’,’1′);
INSERT INTO mailbox (username,password,name,maildir,quota,domain,active) VALUES (‘kiiza@example.co.tz’,’gekman’, ‘Kiiza Mutungi’,’kiiza/’, ‘0’,’example.co.tz’,’1′);
quit

Now that we have created virtual users and virtual domain, we want to test our mail server by logging in and sending mail from one user account to another. So let’s start Dovecot, Postfix, MySQL and webserver daemons. Also we want that they should start themselves on next reboot. For this we issue following commands.

chkconfig -level 235 mysqld on
chkconfig -level 235 saslauthd on
chkconfig -level 235 postfix on
chkconfig -level 235 dovecot on
chkconfig -level 235 httpd on
/etc/init.d/saslauthd start
/etc/init.d/mysqld start
/etc/init.d/postfix start
/etc/init.d/dovecot start
/etc/init.d/httpd start

Testing and verifying your configuration:

Check for Postfix MySQL support

postconf -m

btree
cidr
environ
hash
ldap
mysql
nis
proxy
regexp
static
unix

If MySQL doesn’t appear, check you installation and recompile postfix again.

 

Check for Postfix SMTP AUTH Support

telnet mail.example.co.tz 25

(S: = server, C: = client):

S: 220 mail.example.co.tz ESMTP Postfix
C: EHLO example.co.tz
S: 250-mail.example.co.tz
S: 250-PIPELINING
S: 250-SIZE 10240000
S: 250-VRFY
S: 250-ETRN
S: 250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5 GSSAPI
S: 250-AUTH=PLAIN LOGIN DIGEST-MD5 CRAM-MD5 GSSAPI

S: 250-XVERP
S: 250 8BITMIME
C: quit

Notice the two new lines?

250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5 GSSAPI
250-AUTH=PLAIN LOGIN DIGEST-MD5 CRAM-MD5 GSSAPI

These are the lines that Postfix issues when it offers the use of SMTP AUTH.

 

Check Postfix for TLS support

telnet mail.example.co.tz 25

This section applies for both NON-RPM and RPM installation.

In our HOWTO the smtpd daemon is in /usr/libexec/postfix/. So we do the following at the command line:

ldd /usr/libexec/postfix/smtpd

libsasl.so.7 => /usr/lib/libsasl.so.7 (0x4001e000)
libssl.so.2 => /lib/libssl.so.2 (0x4002a000)
libcrypto.so.2 => /lib/libcrypto.so.2 (0x40057000)
libdb-3.2.so => /lib/libdb-3.2.so (0x4011a000)
libnsl.so.1 => /lib/libnsl.so.1 (0x401c1000)
libresolv.so.2 => /lib/libresolv.so.2 (0x401d7000)
libgdbm.so.2 => /usr/lib/libgdbm.so.2 (0x401ea000)
libc.so.6 => /lib/i686/libc.so.6 (0x401f1000)
libdl.so.2 => /lib/libdl.so.2 (0x4032c000)
libcrypt.so.1 => /lib/libcrypt.so.1 (0x40330000)
libpam.so.0 => /lib/libpam.so.0 (0x4035d000)
libgssapi_krb5.so.2 => /usr/kerberos/lib/libgssapi_krb5.so.2 (0x40365000)
libkrb5.so.3 => /usr/kerberos/lib/libkrb5.so.3 (0x40378000)
libk5crypto.so.3 => /usr/kerberos/lib/libk5crypto.so.3 (0x403d1000)
libcom_err.so.3 => /usr/kerberos/lib/libcom_err.so.3 (0x403e2000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)

The smtpd daemon supports TLS. If you cannot find the libssl in the output you either built Postfix with static libraries or building Postfix with TLS didn’t work. In this case you’ll have to reconfigure your Postfix SOURCE, recompile or rebuild it, backup the data in /etc/postfix/ and reinstall the newly compiled Postfix binaries.

Next we will check if we can initiate a TLS session. We telnet to the server and check, if the string STARTTLS shows up when Postfix advertises it’s capabilities. Then we simply type in STARTTLS and wait for Postfix to respond that it is ready to start TLS. This is how our successful telnet session should look like:

telnet mail.example.co.tz 25

S: 220 mail.example.co.tz ESMTP Postfix (1.1.5)
C: EHLO example.co.tz
S: 250-mail.example.co.tz
S: 250-PIPELINING
S: 250-SIZE 10240000
S: 250-VRFY
S: 250-ETRN
S: 250-STARTTLS – -TLS support
S: 250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5 GSSAPI
S: 250-AUTH=PLAIN LOGIN DIGEST-MD5 CRAM-MD5 GSSAPI
S: 250-XVERP
S: 250 8BITMIME
C: STARTTLS
S: 220 Ready to start TLS

 

Sending a test mail from local machine

First we will verify that we are able to send mail on localhost to user test. This is the simpliest testcase that we have. If we succeed we will move on sending mails to test from a Mail client that does not run on our Postfix server.

mail hoboka@example.co.tz

Subject: Test from localhost
Test #1
.
Cc:
[root@example.co.tz]#

 

Check for delivery of test mail on local machine

Telnet to pop3 to view if postfix delivered your mail:

telnet example.co.tz pop3

Trying 192.168.49.81…
Connected to mail.example.co.tz (192.168.49.81).
Escape character is ‘^]’.
+OK Dovecot ready.
user hoboka@imesh.co.tz
+OK
pass mwamaLis
+OK Logged in.
list
+OK 1 messages:
1 429
.
retr 1
+OK 429 octets
Return-Path: <user@mail.example.co.tz>
X-Original-To: user@mail.example.co.tz
Delivered-To: hoboka@example.co.tz
Received: by mail.example.co.tz (Postfix, from userid 500)
id 74408C0AC6; Thu, 19 Jun 2008 10:47:52 +0300 (EAT)
To: hoboka@example.co.tz
Subject: Test from local
Message-Id: <20080619074752.74408C0AC6@mail.example.co.tz>
Date: Thu, 19 Jun 2008 10:47:52 +0300 (EAT)
From: user@mail.example.co.tz (User)

Test #1
.
]^

[user@example.co.tz]$

View Appendix B for further testing test cases.

Finally fire-up the browser and go to http://mail.example.co.tz and enter the username and password and then click on Login. And enjoy playing with your mailserver.

 

phpMyAdmin Installation & Configuration:

PhpMyAdmin is a utility written in PHP which is intended to aid in the administration of a MySQL server, either locally, or over the WWW. It is maintained through the hard work and dedication of the folks at the phpMyAdmin project, and is currently available in 47 different languages.

 

Installation:

Download and extract phpMyAdmin package. Let’s move the file to where we need it and change the name to something easier;

mv phpMyAdmin-2.11.6-english /var/www/html/phpadmin

Change directory to phpadmin root directory:

cd phpadmin/

Now, what we need to do is rename and edit the config.sample.inc.php file so it works with your setup.

cp -p config.sample.inc.php config.inc.php

So using vi, or whatever your favorite editor happens to be, open config.inc.php, find the following lines, and edit them as appropriate for your setup;

vi config.inc.php

Edit the following lines:

Enter this line with a password like word or phrase; example:

$cfg['blowfish_secret'] = 'bongo';

$cfg['Servers'][$i]['controluser'] = 'pma'; --MySQL username
$cfg['Servers'][$i]['controlpass'] = 'pmapass'; --MySQL password

Save and exit the file.

Create a virual alias in /etc/httpd/conf/httpd.conf by appending the following lines.

vi /etc/httpd/conf/httpd.conf

Alias /phpadmin /var/www/html/phpadmin
<Directory /var/www/html/phpadmin>
  Order allow,deny
  Allow from all
</Directory>

After this fire up a browser and enter http://127.0.0.1/phpadmin in the address bar. Enter the user name and password and start using it. Enjoy using phpMyAdmin for creating users, domain and aliases.

Appendix A:

Compiler options:

Options that Postfix needs in its Makefile are defined in environment variables such as CCARGS.
CCARGS: Provides additional arguments to the compiler. If your compiler allows special options or your supporting files are not located in default directories, indicate those options with this variable. The standard location for header files is the /usr/include directory. If your header files are located somewhere else, you have to tell the compiler where to look for them. The -I compiler option is used to specify additional directories where the compiler might find header files.

CCARGS=’-I/usr/local/include/’

Use additional -I options for each additional directory the compiler should search.

Postfix uses conditional compilation during its build, depending on which libraries or other resources are available on your system. It defines certain macros based on what it discovers about your system or based on options you have selected. The -D option provides a way to define macros at the time you compile Postfix. Add-on packages for Postfix require that you define a particular macro to tell Postfix to include it when building.

For example, if you want to include support for MySQL, you define the HAS_MYSQL macro:

CCARGS=’-DHAS_MYSQL’

Linker options are set in the AUXLIBS variable. After Postfix has compiled the object files, it links them together with required libraries into executable files. The standard location for system libraries is /usr/lib. To tell the linker to search additional directories for libraries, use the -L option:

AUXLIBS=’-L/usr/local/lib’

You must also tell the linker which specific libraries to link in. The -l option is used to name specific libraries. The library files must be in a standard location or a directory indicated with the -L option. Library archive files are named starting with lib, followed by their name, followed by the extension, which is normally .a for static libraries and .so or .sl for shared objects or shared libraries. When you use the -l option, you leave off the initial lib and the extension of the library file. To link with the MySQL client library for example, where the library file is called libmysqlclient.a, the -l option is specified as follows:

AUXLIBS=’-L/usr/local/lib -lmysqlclient

 

Appendix B

Delivering mail to a remote user (Relaying)

We telnet mail.example.co.tz 25. From a remote machine, telnet to 192.168.49.81 port 25. On a successful connection, postfix will come up and greats us with its smtpd banner. (If you fail to connect, check your firewall tables rules or if postfix is running.) Once connected, run the following commands.

(S: = server, C: = client):

S: 220 mail.example.co.tz ESMTP Postfix
C: EHLO example.co.tz
S: 250-mail.example.co.tz
S: 250-PIPELINING
S: 250-SIZE 10240000
S: 250-VRFY
S: 250-ETRN
S: 250-XVERP
S: 250 8BITMIME
C: mail from:<noah@domain.co.tz>
S: 250 Ok
C: rcpt to:<hoboka@example.co.tz>
S: 250 Ok
C: data
S: 354 End data with <CR><LF>.<CR><LF>
C: Testmail relaying mail from noah@domain.co.tz to hoboka@example.co.tz
C: Test #3
C: .
S: 250 Ok: queued as 84BA64078A
C: quit
S: 221 Bye

Comments

comments