/[gentoo]/xml/htdocs/doc/en/virt-mail-howto.xml
Gentoo

Diff of /xml/htdocs/doc/en/virt-mail-howto.xml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.44 Revision 1.45
1<?xml version='1.0' encoding='UTF-8'?> 1<?xml version='1.0' encoding='UTF-8'?>
2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/virt-mail-howto.xml,v 1.44 2005/05/23 16:09:09 swift Exp $ --> 2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/virt-mail-howto.xml,v 1.45 2005/05/29 16:12:29 swift Exp $ -->
3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> 3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
4 4
5<guide link="/doc/en/virt-mail-howto.xml"> 5<guide link="/doc/en/virt-mail-howto.xml">
6<title>Virtual Mailhosting System with Postfix Guide</title> 6<title>Virtual Mailhosting System with Postfix Guide</title>
7 7
8<author title="Author"> 8<author title="Author">
9 <mail link="antifa@gentoo.org">Ken Nowack</mail> 9 <mail link="antifa@gentoo.org">Ken Nowack</mail>
10</author> 10</author>
11<author title="Author"> 11<author title="Author">
12 <mail link="ezra@revoltltd.org">Ezra Gorman</mail> 12 <mail link="ezra@revoltltd.org">Ezra Gorman</mail>
13</author> 13</author>
14<author title="Editor"> 14<author title="Editor">
15 <mail link="klasikahl@gentoo.org">Zack Gilburd</mail> 15 <mail link="klasikahl@gentoo.org">Zack Gilburd</mail>
16</author> 16</author>
17<author title="Editor">
18 <mail link="seather@scygro.za.net">Scygro</mail>
19</author>
17 20
18<abstract> 21<abstract>
19This document details how to create a virtual mailhosting system based upon 22This document details how to create a virtual mailhosting system based upon
20postfix, mysql, courier-imap, and cyrus-sasl. 23postfix, mysql, courier-imap, and cyrus-sasl.
21</abstract> 24</abstract>
22 25
23<version>1.0.21</version> 26<version>1.0.22</version>
24<date>2005-05-23</date> 27<date>2005-05-29</date>
25 28
26<!-- 29<!--
27Contents 30Contents
28 31
29I. Introduction 32I. Introduction
30II. Postfix Basics 33II. Postfix Basics
31III. Courier-imap 34III. Courier-imap
32IV. Cyrus-sasl 35IV. Cyrus-sasl
33V. SSL Certificates for Postfix and Apache 36V. SSL Certificates for Postfix and Apache
34VI. Adding SSL and SASL support to Postfix 37VI. Adding SSL and SASL support to Postfix
35VII. MySQL 38VII. MySQL
36VIII. Apache and phpMyAdmin 39VIII. Apache and phpMyAdmin
37IX. The vmail user 40IX. The vmail user
38X. Configuring MySQL Authentication and vhosts 41X. Configuring MySQL Authentication and vhosts
39XI. Squirrelmail 42XI. Squirrelmail
72users that don't require shell accounts, has domain specific user names, can 75users that don't require shell accounts, has domain specific user names, can
73authenticate web, imap, smtp, and pop3 clients against a single database, 76authenticate web, imap, smtp, and pop3 clients against a single database,
74utilizes ssl for transport layer security, has a web interface, can handle 77utilizes ssl for transport layer security, has a web interface, can handle
75mailing lists for any domain on the machine, and is controlled by a nice, 78mailing lists for any domain on the machine, and is controlled by a nice,
76central and easy mysql database. 79central and easy mysql database.
77</p> 80</p>
78 81
79<p> 82<p>
80There are quite a variety of ways to go about setting up a virtual mailhosting 83There are quite a variety of ways to go about setting up a virtual mailhosting
81system. With so may options, another may be the best choice for your specific 84system. With so may options, another may be the best choice for your specific
82needs. Consider investigating <uri>http://www.qmail.org/</uri> and 85needs. Consider investigating <uri>http://www.qmail.org/</uri> and
83<uri>http://www.exim.org/</uri> to explore your options. 86<uri>http://www.exim.org/</uri> to explore your options.
84</p> 87</p>
85 88
86<p> 89<p>
87The following packages are used in this setup: apache, courier-imap, pam_mysql, 90The following packages are used in this setup: apache, courier-imap, courier-authlib
88postfix, mod_php, phpmyadmin, squirrelmail, cyrus-sasl, mysql, php, and 91postfix, mod_php, phpmyadmin, squirrelmail, cyrus-sasl, mysql, php, and
89mailman. 92mailman.
90</p> 93</p>
91 94
92<p> 95<p>
93Make sure to turn on the following USE variables in <path>/etc/make.conf</path> 96Make sure to turn on the following USE variables in <path>/etc/make.conf</path>
94before compiling the packages: <c>USE="mysql pam-mysql imap libwww maildir 97before compiling the packages: <c>USE="mysql imap libwww maildir
95sasl ssl"</c>. Otherwise you will most likely have to recompile things to 98sasl ssl"</c>. Otherwise you will most likely have to recompile things to
96get the support you need for all the protocols. Further, it's a good idea to 99get the support you need for all the protocols. Further, it's a good idea to
97turn off any other mail and network variables, like ipv6. 100turn off any other mail and network variables, like ipv6.
98</p> 101</p>
99 102
100<impo> 103<impo>
101This howto was written for postfix-2.0.x. If you are using postfix &lt; 2 some 104This howto was written for postfix-2.0.x. If you are using postfix &lt; 2 some
102of the variables in this document will be different. It is recommended that you 105of the variables in this document will be different. It is recommended that you
103upgrade. Some other packages included in this howto are version sensitive as 106upgrade. Some other packages included in this howto are version sensitive as
104well. You are advised to read the documentation included with packages if you 107well. You are advised to read the documentation included with packages if you
105run into issues with this. 108run into issues with this.
106</impo> 109</impo>
107 110
108<impo> 111<impo>
109This document uses apache-1.3.x. Apache-2 has been marked stable in portage. 112This document uses apache-1.3.x. Apache-2 has been marked stable in portage.
203 206
204<note> 207<note>
205I strongly recommend that you verify this basic postfix setup is functioning 208I strongly recommend that you verify this basic postfix setup is functioning
206before you progress to the next step of the howto. 209before you progress to the next step of the howto.
207</note> 210</note>
208 211
209</body> 212</body>
210</section> 213</section>
211</chapter> 214</chapter>
212 215
213<chapter> 216<chapter>
214<title>Courier-imap</title> 217<title>Courier-imap</title>
215<section> 218<section>
216<body> 219<body>
217 220
218<pre caption="Install courier-imap"> 221<pre caption="Install courier-imap and courier-authlib">
219# <i>emerge courier-imap</i> 222# <i>emerge courier-imap courier-authlib</i>
220</pre> 223</pre>
221 224
222<pre caption="Courier-imap configuration"> 225<pre caption="Courier-imap configuration">
223# <i>cd /etc/courier-imap</i> 226# <i>cd /etc/courier-imap</i>
224<comment>(If you want to use the ssl capabilities of courier-imap or pop3, 227<comment>(If you want to use the ssl capabilities of courier-imap or pop3,
225you'll need to create certs for this purpose. 228you'll need to create certs for this purpose.
226This step is recommended. If you do not want to use ssl, skip this step.)</comment> 229This step is recommended. If you do not want to use ssl, skip this step.)</comment>
227 230
228# <i>nano -w pop3d.cnf</i> 231# <i>nano -w pop3d.cnf</i>
229# <i>nano -w imapd.cnf</i> 232# <i>nano -w imapd.cnf</i>
230<comment>(Change the C, ST, L, CN, and email parameters to match your server.)</comment> 233<comment>(Change the C, ST, L, CN, and email parameters to match your server.)</comment>
231 234
232# <i>mkpop3dcert</i> 235# <i>mkpop3dcert</i>
233# <i>mkimapdcert</i> 236# <i>mkimapdcert</i>
234</pre> 237</pre>
247running. Again, please verify that what we've installed already works before 250running. Again, please verify that what we've installed already works before
248progressing. 251progressing.
249</p> 252</p>
250 253
251</body> 254</body>
252</section> 255</section>
253</chapter> 256</chapter>
254 257
255<chapter> 258<chapter>
256<title>Cyrus-sasl</title> 259<title>Cyrus-sasl</title>
257<section> 260<section>
258<body> 261<body>
259 262
260<p> 263<p>
261Next we're going to install cyrus-sasl. Sasl is going to play the role of 264Next we're going to install cyrus-sasl. Sasl is going to play the role of
262actually passing your auth variables to pam, which will in turn pass that 265actually passing your auth variables to courier-auth, which will in turn pass that
263information to mysql for authentication of smtp users. For this howto, we'll 266information to mysql for authentication of smtp users. For this howto, we'll
264not even try to verify that sasl is working until mysql is set up and contains 267not even try to verify that sasl is working until mysql is set up and contains
265a test user. Which is fine since we'll be authenticating against mysql in the 268a test user. Which is fine since we'll be authenticating against mysql in the
266end anyway. 269end anyway.
267</p> 270</p>
268 271
269<pre caption="Configuring and installing the cyrus-sasl ebuild"> 272<pre caption="Configuring and installing the cyrus-sasl ebuild">
270# <i>emerge cyrus-sasl</i> 273# <i>emerge cyrus-sasl</i>
271</pre> 274</pre>
272 275
273<p> 276<p>
274Next, edit <path>/etc/sasl2/smtpd.conf</path>. 277Next, edit <path>/etc/sasl2/smtpd.conf</path>.
275</p> 278</p>
276 279
277<pre caption="Starting sasl"> 280<pre caption="Starting sasl">
278# <i>nano -w /etc/sasl2/smtpd.conf</i> 281# <i>nano -w /etc/sasl2/smtpd.conf</i>
279mech_list: PLAIN LOGIN 282mech_list: PLAIN LOGIN
280pwcheck_method: saslauthd 283pwcheck_method: saslauthd
281# <i>nano -w /etc/conf.d/saslauthd</i> 284# <i>nano -w /etc/conf.d/saslauthd</i>
282SASLAUTHD_OPTS="${SASLAUTH_MECH} -a pam -r" 285SASLAUTHD_OPTS="${SASLAUTH_MECH} -a rimap -r"
286SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -O localhost"
283# <i>/etc/init.d/saslauthd start</i> 287# <i>/etc/init.d/saslauthd start</i>
284</pre> 288</pre>
285 289
286</body> 290</body>
287</section> 291</section>
288</chapter> 292</chapter>
289 293
290<chapter> 294<chapter>
291<title>SSL Certs for Postfix and Apache</title> 295<title>SSL Certs for Postfix and Apache</title>
292<section> 296<section>
293<body> 297<body>
294 298
295<p> 299<p>
296Next we're going to make a set of ssl certificates for postfix and apache. 300Next we're going to make a set of ssl certificates for postfix and apache.
297</p> 301</p>
638</section> 642</section>
639</chapter> 643</chapter>
640 644
641<chapter> 645<chapter>
642<title>Configuring MySQL Authentication and vhosts</title> 646<title>Configuring MySQL Authentication and vhosts</title>
643<section> 647<section>
644<body> 648<body>
645 649
646<p> 650<p>
647Next we'll reconfigure our authentication to use the mailsql database in 651Next we'll reconfigure our authentication to use the mailsql database in
648courier-imap and postfix. In all of the following examples, replace 652courier-imap and postfix. In all of the following examples, replace
649<c>$password</c> with the password you set for the mailsql mysql user. 653<c>$password</c> with the password you set for the mailsql mysql user.
650</p> 654</p>
651 655
652<pre caption="Configuring authentication"> 656<pre caption="Configuring authentication">
653# <i>emerge pam_mysql</i>
654# <i>nano -w /etc/pam.d/smtp</i>
655<comment>(Comment out the existing auth lines and add the following as shown.)</comment>
656
657#auth required /lib/security/pam_stack.so service=system-auth
658#account required /lib/security/pam_stack.so service=system-auth
659
660auth optional pam_mysql.so host=localhost db=mailsql user=mailsql \
661 passwd=$password table=users usercolumn=email passwdcolumn=clear crypt=0
662account required pam_mysql.so host=localhost db=mailsql user=mailsql \
663 passwd=$password table=users usercolumn=email passwdcolumn=clear crypt=0
664
665</pre>
666
667<p>
668Next, we need to edit courier's authentication config's.
669</p>
670
671<pre caption="Configuring authentication">
672# <i>nano -w /etc/courier-imap/authdaemonrc</i> 657# <i>nano -w /etc/courier/authlib/authdaemonrc</i>
673authmodulelist="authmysql authpam" 658authmodulelist="authmysql authpam"
674 659
675# <i>nano -w /etc/courier-imap/authdaemond.conf</i>
676AUTHDAEMOND="authdaemond.mysql"
677
678# <i>nano -w /etc/courier-imap/authmysqlrc</i> 660# <i>nano -w /etc/courier/authlib/authmysqlrc</i>
679MYSQL_SERVER localhost 661MYSQL_SERVER localhost
680MYSQL_USERNAME mailsql 662MYSQL_USERNAME mailsql
681MYSQL_PASSWORD $password 663MYSQL_PASSWORD $password
682MYSQL_DATABASE mailsql 664MYSQL_DATABASE mailsql
683MYSQL_USER_TABLE users 665MYSQL_USER_TABLE users
684<comment>(Make sure the following line is commented out since we're storing plaintext.)</comment> 666<comment>(Make sure the following line is commented out since we're storing plaintext.)</comment>
685#MYSQL_CRYPT_PWFIELD crypt 667#MYSQL_CRYPT_PWFIELD crypt
686MYSQL_CLEAR_PWFIELD clear 668MYSQL_CLEAR_PWFIELD clear
687MYSQL_UID_FIELD uid 669MYSQL_UID_FIELD uid
688MYSQL_GID_FIELD gid 670MYSQL_GID_FIELD gid
689MYSQL_LOGIN_FIELD email 671MYSQL_LOGIN_FIELD email
690MYSQL_HOME_FIELD homedir 672MYSQL_HOME_FIELD homedir
691MYSQL_NAME_FIELD name 673MYSQL_NAME_FIELD name
692MYSQL_MAILDIR_FIELD maildir 674MYSQL_MAILDIR_FIELD maildir
693 675
Legend:
Removed from v.1.44  
changed lines
  Added in v.1.45
  ViewVC Help
Powered by ViewVC 1.1.13