/[gentoo]/xml/htdocs/doc/en/virt-mail-howto.xml
Gentoo

Diff of /xml/htdocs/doc/en/virt-mail-howto.xml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.4 Revision 1.8
8<author title="Author" > 8<author title="Author" >
9<mail link="ezra@kickasskungfu.com" >Ezra Gorman</mail> 9<mail link="ezra@kickasskungfu.com" >Ezra Gorman</mail>
10</author> 10</author>
11<abstract>This document details how to create a virtual mailhosting system based upon postfix, mysql, courier-imap, and cyrus-sasl. </abstract> 11<abstract>This document details how to create a virtual mailhosting system based upon postfix, mysql, courier-imap, and cyrus-sasl. </abstract>
12<version>1.0</version> 12<version>1.0</version>
13<date>07 Jan 2003</date> 13<date>30 April 2003</date>
14<!-- 14<!--
15 15
16Contents 16Contents
17 17
18I. Introduction 18I. Introduction
35<title>Introduction</title> 35<title>Introduction</title>
36<body> 36<body>
37<p>For most gentoo users, a simple mail client and fetchmail will do. However, if you're hosting a domain with your system, you'll need a full blown MTA (Mail Transfer Agent). And if you're hosting multiple domains, then you'll definitely need something more robust to handle all of the email for your users. This system was designed to be an elegant solution to that problem.</p> 37<p>For most gentoo users, a simple mail client and fetchmail will do. However, if you're hosting a domain with your system, you'll need a full blown MTA (Mail Transfer Agent). And if you're hosting multiple domains, then you'll definitely need something more robust to handle all of the email for your users. This system was designed to be an elegant solution to that problem.</p>
38<p>A virtual mail system needs to be able to handle email for numerous domains with multiple users over a variety of interfaces. This presents some issues that must be dealt with. For instance, what if you have two users on different domains that want the same user name? If you are providing imap access and smtp-auth, how do combine the various authentication daemons into a single system? How do you provide security for the numerous components that comprise the system? How do you manage it all?</p> 38<p>A virtual mail system needs to be able to handle email for numerous domains with multiple users over a variety of interfaces. This presents some issues that must be dealt with. For instance, what if you have two users on different domains that want the same user name? If you are providing imap access and smtp-auth, how do combine the various authentication daemons into a single system? How do you provide security for the numerous components that comprise the system? How do you manage it all?</p>
39<p>This howto will show you how to set up with a mail system capable of handling mail for as many domains as your hardware can handle, supports virtual mail users that don't require shell accounts, has domain specific user names, can authenticate web, imap, smtp, and pop3 clients against a single database, utilizes ssl for transport layer security, has a web interface, can handle mailing lists for any domain on the machine, and is controlled by a nice, central and easy mysql database. </p> 39<p>This howto will show you how to set up with a mail system capable of handling mail for as many domains as your hardware can handle, supports virtual mail users that don't require shell accounts, has domain specific user names, can authenticate web, imap, smtp, and pop3 clients against a single database, utilizes ssl for transport layer security, has a web interface, can handle mailing lists for any domain on the machine, and is controlled by a nice, central and easy mysql database. </p>
40<p>There are quite a variety of ways to go about setting up a virtual mailhosting system. With so may options, another may be the best choice for your specific needs. Consider investigating <uri>http://www.qmail.org</uri> and <uri>http://www.exim.org</uri> to explore your options. </p> 40<p>There are quite a variety of ways to go about setting up a virtual mailhosting system. With so may options, another may be the best choice for your specific needs. Consider investigating <uri>http://www.qmail.org/</uri> and <uri>http://www.exim.org/</uri> to explore your options. </p>
41<p>The following packages are used in this setup: 41<p>The following packages are used in this setup:
42 42
43 apache, courier-imap, pam_mysql, postfix, mod_php, mod_ssl, phpmyadmin, squirrelmail, cyrus-sasl, mysql, php, and mailman.</p> 43 apache, courier-imap, pam_mysql, postfix, mod_php, mod_ssl, phpmyadmin, squirrelmail, cyrus-sasl, mysql, php, and mailman.</p>
44<p>Make sure to turn on the following USE variables in <path>/etc/make.conf</path> before compiling the packages: <c>USE=&quot;mysql imap libwww maildir sasl ssl&quot;</c>. Otherwise you will most likely have to recompile things to get the support you need for all the protocols. Further, it's a good idea to turn off any other mail and network variables, like ipv6.</p> 44<p>Make sure to turn on the following USE variables in <path>/etc/make.conf</path> before compiling the packages: <c>USE=&quot;mysql imap libwww maildir sasl ssl&quot;</c>. Otherwise you will most likely have to recompile things to get the support you need for all the protocols. Further, it's a good idea to turn off any other mail and network variables, like ipv6.</p>
45<impo>This howto was written for postfix-2.0.x. If you are using postfix &lt; 2 some of the variables in this document will be different. It is reccommended that you upgrade. Some other packages included in this howto are version sensitive as well. You are advised to read the documentation included with packages if you run into issues with this.</impo> 45<impo>This howto was written for postfix-2.0.x. If you are using postfix &lt; 2 some of the variables in this document will be different. It is recommended that you upgrade. Some other packages included in this howto are version sensitive as well. You are advised to read the documentation included with packages if you run into issues with this.</impo>
46<impo>You need a domain name to run a public mail server, or at least an MX record for a domain. Ideally you would have control of at least two domains to take advantage of your new virtual domain functionality.</impo> 46<impo>You need a domain name to run a public mail server, or at least an MX record for a domain. Ideally you would have control of at least two domains to take advantage of your new virtual domain functionality.</impo>
47<impo>Make sure <path>/etc/hostname</path> is set to the right hostname for your mail server. Verify your hostname is set correctly with <c>hostname</c>. Also verify that there are no conflicting entries in <path>/etc/hosts</path>.</impo> 47<impo>Make sure <path>/etc/hostname</path> is set to the right hostname for your mail server. Verify your hostname is set correctly with <c>hostname</c>. Also verify that there are no conflicting entries in <path>/etc/hosts</path>.</impo>
48<note>It is recommended that you read this entire document and familiarize yourself with all the steps before attempting the install. If you run into problems with any of the steps, check the troubleshooting guide at the end of this document. Also, not all the referenced packages are necessary, this set up is very flexible. For instance, if you do not desire a web interface, feel free to skip the squirrelmail section.</note> 48<note>It is recommended that you read this entire document and familiarize yourself with all the steps before attempting the install. If you run into problems with any of the steps, check the troubleshooting guide at the end of this document. Also, not all the referenced packages are necessary, this set up is very flexible. For instance, if you do not desire a web interface, feel free to skip the squirrelmail section.</note>
49</body> 49</body>
50</chapter> 50</chapter>
158<chapter> 158<chapter>
159<title>SSL Certs for Postfix and Apache</title> 159<title>SSL Certs for Postfix and Apache</title>
160<body> 160<body>
161<p>Next we're going to make a set of ssl certificates for postfix and apache.</p> 161<p>Next we're going to make a set of ssl certificates for postfix and apache.</p>
162<pre> 162<pre>
163 # <i>cd /usr/lib/ssl/</i> 163 # <i>cd /etc/ssl/</i>
164 # <i>nano -w openssl.cnf</i> 164 # <i>nano -w openssl.cnf</i>
165<codenote>Change the following default values for your domain:</codenote> 165<codenote>Change the following default values for your domain:</codenote>
166 166
167 countryName_default 167 countryName_default
168 stateOrProvinceName_default 168 stateOrProvinceName_default
225<codenote>mangled by postfix and be unable to auth.</codenote> 225<codenote>mangled by postfix and be unable to auth.</codenote>
226 226
227 smtpd_recipient_restrictions = 227 smtpd_recipient_restrictions =
228 permit_sasl_authenticated, 228 permit_sasl_authenticated,
229 permit_mynetworks, 229 permit_mynetworks,
230 reject_unath_destination 230 reject_unauth_destination
231 231
232 232
233 smtpd_use_tls = yes 233 smtpd_use_tls = yes
234 #smtpd_tls_auth_only = yes 234 #smtpd_tls_auth_only = yes
235 smtpd_tls_key_file = /etc/postfix/newreq.pem 235 smtpd_tls_key_file = /etc/postfix/newreq.pem
540 virtual_mailbox_domains = 540 virtual_mailbox_domains =
541 virt-bar.com, 541 virt-bar.com,
542 $other-virtual-domain.com 542 $other-virtual-domain.com
543 543
544 virtual_minimum_uid = 1000 544 virtual_minimum_uid = 1000
545 virtual_gid_maps = static: $vmail-gid 545 virtual_gid_maps = static:$vmail-gid
546 virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf 546 virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf
547 virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf 547 virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf
548 virtual_uid_maps = static: $vmail-uid 548 virtual_uid_maps = static:$vmail-uid
549 virtual_mailbox_base = / 549 virtual_mailbox_base = /
550 #virtual_mailbox_limit = 550 #virtual_mailbox_limit =
551 </pre> 551 </pre>
552<p>As of Postfix 2.0.x, there were a number of significant changes over the 1.1.x release. Notably the transport, virtual-gid, and virtual-uid tables are no longer necessary. The tables are still included if you wish to use them.</p> 552<p>As of Postfix 2.0.x, there were a number of significant changes over the 1.1.x release. Notably the transport, virtual-gid, and virtual-uid tables are no longer necessary. The tables are still included if you wish to use them.</p>
553<note>It is recommended tha you read VIRTUAL_README included with the postfix doc's for more information.</note> 553<note>It is recommended tha you read VIRTUAL_README included with the postfix doc's for more information.</note>
573</body> 573</body>
574</chapter> 574</chapter>
575<chapter> 575<chapter>
576<title>Mailman</title> 576<title>Mailman</title>
577<body> 577<body>
578<p>Last step: mailman. The new version of mailman has very nice virtual domain support, which is why I use it, not to mention it's really a great package. To get this package installed and working correclty for virtual domains is going to require a bit of hacking. I really reccommend reading all of the mailman documentation, including README.POSTFIX.gz, to understand what's being done here.</p> 578<p>Last step: mailman. The new version of mailman has very nice virtual domain support, which is why I use it, not to mention it's really a great package. To get this package installed and working correctly for virtual domains is going to require a bit of hacking. I really recommend reading all of the mailman documentation, including README.POSTFIX.gz, to understand what's being done here.</p>
579<pre caption="/usr/portage/net-mail/mailman/mailman-$ver.ebuild"> 579<pre caption="/usr/portage/net-mail/mailman/mailman-$ver.ebuild">
580 # <i>nano -w /usr/portage/net-mail/mailman/mailman-$ver.ebuild</i> 580 # <i>nano -w /usr/portage/net-mail/mailman/mailman-$ver.ebuild</i>
581 MAILGID="280" 581 MAILGID="280"
582 <codenote>Set MAILGID to the mailman group instead of nobody</codenote> 582 <codenote>Set MAILGID to the mailman group instead of nobody</codenote>
583 <codenote>This is needed for postfix integration</codenote> 583 <codenote>This is needed for postfix integration</codenote>
586 # <i>emerge mailman</i> 586 # <i>emerge mailman</i>
587<codenote>This package is currently masked as well, so you'll need to unmask it or give </codenote> 587<codenote>This package is currently masked as well, so you'll need to unmask it or give </codenote>
588<codenote>emerge an explicit path to the ebuild. Once it's installed, follow the directions</codenote> 588<codenote>emerge an explicit path to the ebuild. Once it's installed, follow the directions</codenote>
589<codenote>in the README.gentoo.gz</codenote> 589<codenote>in the README.gentoo.gz</codenote>
590 590
591 # <i>nano -w /usr/share/doc/mailman-$ver/README.gentoo.gz</i> 591 # <i>zless /usr/share/doc/mailman-$ver/README.gentoo.gz</i>
592</pre> 592</pre>
593<pre caption="mailman config: mm_cfg.py"> 593<pre caption="mailman config: mm_cfg.py">
594 # <i>nano -w /var/mailman/Mailman/mm_cfg.py</i> 594 # <i>nano -w /var/mailman/Mailman/mm_cfg.py</i>
595 MTA = "Postfix" 595 MTA = "Postfix"
596 POSTFIX_STYLE_VIRTUAL_DOMAINS = ['virt-domain.com', 'virt.domain2.com'] 596 POSTFIX_STYLE_VIRTUAL_DOMAINS = ['virt-domain.com', 'virt.domain2.com']

Legend:
Removed from v.1.4  
changed lines
  Added in v.1.8

  ViewVC Help
Powered by ViewVC 1.1.20