/[gentoo]/xml/htdocs/doc/en/virt-mail-howto.xml

Diff of /xml/htdocs/doc/en/virt-mail-howto.xml

Parent Directory | Revision Log | View Patch Patch

Revision 1.43		Revision 1.50
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/virt-mail-howto.xml,v 1.43 2005/03/25 15:00:25 swift Exp $ -->	2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/virt-mail-howto.xml,v 1.50 2006/04/09 07:42:45 fox2mike Exp $ -->
3	<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">	3	<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
4		4
5	<guide link="/doc/en/virt-mail-howto.xml">	5	<guide link="/doc/en/virt-mail-howto.xml">
6	<title>Virtual Mailhosting System with Postfix Guide</title>	6	<title>Virtual Mailhosting System with Postfix Guide</title>
7		7
…		…
12	<mail link="ezra@revoltltd.org">Ezra Gorman</mail>	12	<mail link="ezra@revoltltd.org">Ezra Gorman</mail>
13	</author>	13	</author>
14	<author title="Editor">	14	<author title="Editor">
15	<mail link="klasikahl@gentoo.org">Zack Gilburd</mail>	15	<mail link="klasikahl@gentoo.org">Zack Gilburd</mail>
16	</author>	16	</author>
		17	<author title="Editor">
		18	<mail link="seather@scygro.za.net">Scygro</mail>
		19	</author>
17		20
18	<abstract>	21	<abstract>
19	This document details how to create a virtual mailhosting system based upon	22	This document details how to create a virtual mailhosting system based upon
20	postfix, mysql, courier-imap, and cyrus-sasl.	23	postfix, mysql, courier-imap, and cyrus-sasl.
21	</abstract>	24	</abstract>
22		25
23	<version>1.0.20</version>	26	<version>1.0.27</version>
24	<date>2005-03-25</date>	27	<date>2006-04-09</date>
25		28
26	<!--	29	<!--
27	Contents	30	Contents
28		31
29	I. Introduction	32	I. Introduction
…		…
82	needs. Consider investigating <uri>http://www.qmail.org/</uri> and	85	needs. Consider investigating <uri>http://www.qmail.org/</uri> and
83	<uri>http://www.exim.org/</uri> to explore your options.	86	<uri>http://www.exim.org/</uri> to explore your options.
84	</p>	87	</p>
85		88
86	<p>	89	<p>
87	The following packages are used in this setup: apache, courier-imap, pam_mysql,	90	The following packages are used in this setup: apache, courier-imap, courier-authlib
88	postfix, mod_php, phpmyadmin, squirrelmail, cyrus-sasl, mysql, php, and	91	postfix, mod_php, phpmyadmin, squirrelmail, cyrus-sasl, mysql, php, and
89	mailman.	92	mailman.
90	</p>	93	</p>
91		94
92	<p>	95	<p>
93	Make sure to turn on the following USE variables in <path>/etc/make.conf</path>	96	Make sure to turn on the following USE variables in <path>/etc/make.conf</path>
94	before compiling the packages: <c>USE="mysql pam-mysql imap libwww maildir	97	before compiling the packages: <c>USE="mysql imap libwww maildir
95	sasl ssl"</c>. Otherwise you will most likely have to recompile things to	98	sasl ssl"</c>. Otherwise you will most likely have to recompile things to
96	get the support you need for all the protocols. Further, it's a good idea to	99	get the support you need for all the protocols. Further, it's a good idea to
97	turn off any other mail and network variables, like ipv6.	100	turn off any other mail and network variables, like ipv6.
98	</p>	101	</p>
99		102
…		…
213	<chapter>	216	<chapter>
214	<title>Courier-imap</title>	217	<title>Courier-imap</title>
215	<section>	218	<section>
216	<body>	219	<body>
217		220
218	<pre caption="Install courier-imap">	221	<pre caption="Install courier-imap and courier-authlib">
219	# <i>emerge courier-imap</i>	222	# <i>emerge courier-imap courier-authlib</i>
220	</pre>	223	</pre>
221		224
222	<pre caption="Courier-imap configuration">	225	<pre caption="Courier-imap configuration">
223	# <i>cd /etc/courier-imap</i>	226	# <i>cd /etc/courier-imap</i>
224	<comment>(If you want to use the ssl capabilities of courier-imap or pop3,	227	<comment>(If you want to use the ssl capabilities of courier-imap or pop3,
…		…
257	<section>	260	<section>
258	<body>	261	<body>
259		262
260	<p>	263	<p>
261	Next we're going to install cyrus-sasl. Sasl is going to play the role of	264	Next we're going to install cyrus-sasl. Sasl is going to play the role of
262	actually passing your auth variables to pam, which will in turn pass that	265	actually passing your auth variables to courier-auth, which will in turn pass that
263	information to mysql for authentication of smtp users. For this howto, we'll	266	information to mysql for authentication of smtp users. For this howto, we'll
264	not even try to verify that sasl is working until mysql is set up and contains	267	not even try to verify that sasl is working until mysql is set up and contains
265	a test user. Which is fine since we'll be authenticating against mysql in the	268	a test user. Which is fine since we'll be authenticating against mysql in the
266	end anyway.	269	end anyway.
267	</p>	270	</p>
…		…
277	<pre caption="Starting sasl">	280	<pre caption="Starting sasl">
278	# <i>nano -w /etc/sasl2/smtpd.conf</i>	281	# <i>nano -w /etc/sasl2/smtpd.conf</i>
279	mech_list: PLAIN LOGIN	282	mech_list: PLAIN LOGIN
280	pwcheck_method: saslauthd	283	pwcheck_method: saslauthd
281	# <i>nano -w /etc/conf.d/saslauthd</i>	284	# <i>nano -w /etc/conf.d/saslauthd</i>
282	SASLAUTHD_OPTS="${SASLAUTH_MECH} -a pam -r"	285	SASLAUTHD_OPTS="${SASLAUTH_MECH} -a rimap -r"
		286	SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -O localhost"
283	# <i>/etc/init.d/saslauthd start</i>	287	# <i>/etc/init.d/saslauthd start</i>
284	</pre>	288	</pre>
285		289
286	</body>	290	</body>
287	</section>	291	</section>
…		…
373	permit_sasl_authenticated,	377	permit_sasl_authenticated,
374	permit_mynetworks,	378	permit_mynetworks,
375	reject_unauth_destination	379	reject_unauth_destination
376		380
377		381
		382	<comment>(The next two options enable outgoing encryption.)</comment>
		383	smtp_use_tls = yes
		384	smtp_tls_note_starttls_offer = yes
378	smtpd_use_tls = yes	385	smtpd_use_tls = yes
379	#smtpd_tls_auth_only = yes	386	#smtpd_tls_auth_only = yes
380	smtpd_tls_key_file = /etc/postfix/newreq.pem	387	smtpd_tls_key_file = /etc/postfix/newreq.pem
381	smtpd_tls_cert_file = /etc/postfix/newcert.pem	388	smtpd_tls_cert_file = /etc/postfix/newcert.pem
382	smtpd_tls_CAfile = /etc/postfix/cacert.pem	389	smtpd_tls_CAfile = /etc/postfix/cacert.pem
…		…
455	# <i>mysql -u root -p mysql</i>	462	# <i>mysql -u root -p mysql</i>
456	mysql> <i>GRANT SELECT,INSERT,UPDATE,DELETE</i>	463	mysql> <i>GRANT SELECT,INSERT,UPDATE,DELETE</i>
457	-> <i>ON mailsql.*</i>	464	-> <i>ON mailsql.*</i>
458	-> <i>TO mailsql@localhost</i>	465	-> <i>TO mailsql@localhost</i>
459	-> <i>IDENTIFIED BY '$password';</i>	466	-> <i>IDENTIFIED BY '$password';</i>
		467	Query OK, 0 rows affected (0.02 sec)
460		468
461	-> <i>quit</i>	469	mysql> <i>FLUSH PRIVILEGES;</i>
		470	Query OK, 0 rows affected (0.00 sec)
		471
		472	mysql> <i>quit</i>
462	<comment>(Verify that the new mailsql user can connect to the mysql server.)</comment>	473	<comment>(Verify that the new mailsql user can connect to the mysql server.)</comment>
463		474
464	# <i>mysql -u mailsql -p mailsql</i>	475	# <i>mysql -u mailsql -p mailsql</i>
465	</pre>	476	</pre>
466		477
…		…
648	courier-imap and postfix. In all of the following examples, replace	659	courier-imap and postfix. In all of the following examples, replace
649	<c>$password</c> with the password you set for the mailsql mysql user.	660	<c>$password</c> with the password you set for the mailsql mysql user.
650	</p>	661	</p>
651		662
652	<pre caption="Configuring authentication">	663	<pre caption="Configuring authentication">
653	# <i>emerge pam_mysql</i>
654	# <i>nano -w /etc/pam.d/smtp</i>
655	<comment>(Comment out the existing auth lines and add the following as shown.)</comment>
656
657	#auth required /lib/security/pam_stack.so service=system-auth
658	#account required /lib/security/pam_stack.so service=system-auth
659
660	auth optional pam_mysql.so host=localhost db=mailsql user=mailsql \
661	passwd=$password table=users usercolumn=email passwdcolumn=clear crypt=0
662	account required pam_mysql.so host=localhost db=mailsql user=mailsql \
663	passwd=$password table=users usercolumn=email passwdcolumn=clear crypt=0
664
665	</pre>
666
667	<p>
668	Next, we need to edit courier's authentication config's.
669	</p>
670
671	<pre caption="Configuring authentication">
672	# <i>nano -w /etc/courier-imap/authdaemonrc</i>	664	# <i>nano -w /etc/courier/authlib/authdaemonrc</i>
673	authmodulelist="authmysql authpam"	665	authmodulelist="authmysql authpam"
674		666
675	# <i>nano -w /etc/courier-imap/authdaemond.conf</i>
676	AUTHDAEMOND="authdaemond.mysql"
677
678	# <i>nano -w /etc/courier-imap/authmysqlrc</i>	667	# <i>nano -w /etc/courier/authlib/authmysqlrc</i>
679	MYSQL_SERVER localhost	668	MYSQL_SERVER localhost
680	MYSQL_USERNAME mailsql	669	MYSQL_USERNAME mailsql
681	MYSQL_PASSWORD $password	670	MYSQL_PASSWORD $password
682	MYSQL_DATABASE mailsql	671	MYSQL_DATABASE mailsql
683	MYSQL_USER_TABLE users	672	MYSQL_USER_TABLE users
…		…
689	MYSQL_LOGIN_FIELD email	678	MYSQL_LOGIN_FIELD email
690	MYSQL_HOME_FIELD homedir	679	MYSQL_HOME_FIELD homedir
691	MYSQL_NAME_FIELD name	680	MYSQL_NAME_FIELD name
692	MYSQL_MAILDIR_FIELD maildir	681	MYSQL_MAILDIR_FIELD maildir
693		682
694	# <i>/etc/init.d/authdaemond restart</i>	683	# <i>/etc/init.d/courier-authlib restart</i>
695	# <i>/etc/init.d/saslauthd restart</i>	684	# <i>/etc/init.d/saslauthd restart</i>
696	</pre>	685	</pre>
697		686
698	<p>	687	<p>
699	We're almost there I promise! Next, set up the rest of the necessary config's	688	We're almost there I promise! Next, set up the rest of the necessary config's
…		…
895	</p>	884	</p>
896		885
897	<p>	886	<p>
898	One further note, current versions of mailman install to /usr/local/mailman. If	887	One further note, current versions of mailman install to /usr/local/mailman. If
899	you're like me and wish to change the default install location, it can be	888	you're like me and wish to change the default install location, it can be
900	overridden in the ebuild filoe by changing the INSTALLDIR variable.	889	overridden in the ebuild file by changing the INSTALLDIR variable.
901	</p>
902
903	<pre caption="/usr/portage/net-mail/mailman/mailman-$ver.ebuild">
904	# <i>nano -w /usr/portage/net-mail/mailman/mailman-$ver.ebuild</i>
905	MAILGID="280"
906	<comment>(Set MAILGID to the mailman group instead of nobody
907	This is needed for postfix integration.)</comment>
908	</pre>	890	</p>
909		891
910	<pre caption="Install mailman">	892	<pre caption="Install mailman">
911	# <i>emerge mailman</i>	893	# <i>emerge mailman</i>
912	<comment>(This package is currently masked as well, so you'll need to unmask it or give
913	emerge an explicit path to the ebuild. Once it's installed, follow the directions
914	in the README.gentoo.gz except do not add your aliases to /etc/mail/aliases.
915	We will instead be linking the entire alias db into postfix.)</comment>
916
917	# <i>zless /usr/share/doc/mailman-$ver/README.gentoo.gz</i>
918	</pre>	894	</pre>
919		895
920	<pre caption="Setting defaults: Mailman/Defaults.py">	896	<pre caption="Setting defaults: Mailman/Defaults.py">
921	# <i> nano -w /var/mailman/Mailman/Defaults.py</i>	897	# <i> nano -w /var/mailman/Mailman/Defaults.py</i>
922	<comment>(Change the values below to reflect your primary domain, virtuals will be set next.)</comment>	898	<comment>(Change the values below to reflect your primary domain, virtuals will be set next.)</comment>

 Legend:



Removed from v.1.43
 


changed lines


 
Added in v.1.50
 Legend:



Removed from v.1.43
 


changed lines


 
Added in v.1.50
-Removed from v.1.43
+Added in v.1.50

	ViewVC Help
Powered by ViewVC 1.1.20