/[gentoo]/xml/htdocs/doc/en/virt-mail-howto.xml
Gentoo

Diff of /xml/htdocs/doc/en/virt-mail-howto.xml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.44 Revision 1.50
1<?xml version='1.0' encoding='UTF-8'?> 1<?xml version='1.0' encoding='UTF-8'?>
2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/virt-mail-howto.xml,v 1.44 2005/05/23 16:09:09 swift Exp $ --> 2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/virt-mail-howto.xml,v 1.50 2006/04/09 07:42:45 fox2mike Exp $ -->
3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> 3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
4 4
5<guide link="/doc/en/virt-mail-howto.xml"> 5<guide link="/doc/en/virt-mail-howto.xml">
6<title>Virtual Mailhosting System with Postfix Guide</title> 6<title>Virtual Mailhosting System with Postfix Guide</title>
7 7
12 <mail link="ezra@revoltltd.org">Ezra Gorman</mail> 12 <mail link="ezra@revoltltd.org">Ezra Gorman</mail>
13</author> 13</author>
14<author title="Editor"> 14<author title="Editor">
15 <mail link="klasikahl@gentoo.org">Zack Gilburd</mail> 15 <mail link="klasikahl@gentoo.org">Zack Gilburd</mail>
16</author> 16</author>
17<author title="Editor">
18 <mail link="seather@scygro.za.net">Scygro</mail>
19</author>
17 20
18<abstract> 21<abstract>
19This document details how to create a virtual mailhosting system based upon 22This document details how to create a virtual mailhosting system based upon
20postfix, mysql, courier-imap, and cyrus-sasl. 23postfix, mysql, courier-imap, and cyrus-sasl.
21</abstract> 24</abstract>
22 25
23<version>1.0.21</version> 26<version>1.0.27</version>
24<date>2005-05-23</date> 27<date>2006-04-09</date>
25 28
26<!-- 29<!--
27Contents 30Contents
28 31
29I. Introduction 32I. Introduction
82needs. Consider investigating <uri>http://www.qmail.org/</uri> and 85needs. Consider investigating <uri>http://www.qmail.org/</uri> and
83<uri>http://www.exim.org/</uri> to explore your options. 86<uri>http://www.exim.org/</uri> to explore your options.
84</p> 87</p>
85 88
86<p> 89<p>
87The following packages are used in this setup: apache, courier-imap, pam_mysql, 90The following packages are used in this setup: apache, courier-imap, courier-authlib
88postfix, mod_php, phpmyadmin, squirrelmail, cyrus-sasl, mysql, php, and 91postfix, mod_php, phpmyadmin, squirrelmail, cyrus-sasl, mysql, php, and
89mailman. 92mailman.
90</p> 93</p>
91 94
92<p> 95<p>
93Make sure to turn on the following USE variables in <path>/etc/make.conf</path> 96Make sure to turn on the following USE variables in <path>/etc/make.conf</path>
94before compiling the packages: <c>USE="mysql pam-mysql imap libwww maildir 97before compiling the packages: <c>USE="mysql imap libwww maildir
95sasl ssl"</c>. Otherwise you will most likely have to recompile things to 98sasl ssl"</c>. Otherwise you will most likely have to recompile things to
96get the support you need for all the protocols. Further, it's a good idea to 99get the support you need for all the protocols. Further, it's a good idea to
97turn off any other mail and network variables, like ipv6. 100turn off any other mail and network variables, like ipv6.
98</p> 101</p>
99 102
213<chapter> 216<chapter>
214<title>Courier-imap</title> 217<title>Courier-imap</title>
215<section> 218<section>
216<body> 219<body>
217 220
218<pre caption="Install courier-imap"> 221<pre caption="Install courier-imap and courier-authlib">
219# <i>emerge courier-imap</i> 222# <i>emerge courier-imap courier-authlib</i>
220</pre> 223</pre>
221 224
222<pre caption="Courier-imap configuration"> 225<pre caption="Courier-imap configuration">
223# <i>cd /etc/courier-imap</i> 226# <i>cd /etc/courier-imap</i>
224<comment>(If you want to use the ssl capabilities of courier-imap or pop3, 227<comment>(If you want to use the ssl capabilities of courier-imap or pop3,
257<section> 260<section>
258<body> 261<body>
259 262
260<p> 263<p>
261Next we're going to install cyrus-sasl. Sasl is going to play the role of 264Next we're going to install cyrus-sasl. Sasl is going to play the role of
262actually passing your auth variables to pam, which will in turn pass that 265actually passing your auth variables to courier-auth, which will in turn pass that
263information to mysql for authentication of smtp users. For this howto, we'll 266information to mysql for authentication of smtp users. For this howto, we'll
264not even try to verify that sasl is working until mysql is set up and contains 267not even try to verify that sasl is working until mysql is set up and contains
265a test user. Which is fine since we'll be authenticating against mysql in the 268a test user. Which is fine since we'll be authenticating against mysql in the
266end anyway. 269end anyway.
267</p> 270</p>
277<pre caption="Starting sasl"> 280<pre caption="Starting sasl">
278# <i>nano -w /etc/sasl2/smtpd.conf</i> 281# <i>nano -w /etc/sasl2/smtpd.conf</i>
279mech_list: PLAIN LOGIN 282mech_list: PLAIN LOGIN
280pwcheck_method: saslauthd 283pwcheck_method: saslauthd
281# <i>nano -w /etc/conf.d/saslauthd</i> 284# <i>nano -w /etc/conf.d/saslauthd</i>
282SASLAUTHD_OPTS="${SASLAUTH_MECH} -a pam -r" 285SASLAUTHD_OPTS="${SASLAUTH_MECH} -a rimap -r"
286SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -O localhost"
283# <i>/etc/init.d/saslauthd start</i> 287# <i>/etc/init.d/saslauthd start</i>
284</pre> 288</pre>
285 289
286</body> 290</body>
287</section> 291</section>
373 permit_sasl_authenticated, 377 permit_sasl_authenticated,
374 permit_mynetworks, 378 permit_mynetworks,
375 reject_unauth_destination 379 reject_unauth_destination
376 380
377 381
382<comment>(The next two options enable outgoing encryption.)</comment>
383smtp_use_tls = yes
384smtp_tls_note_starttls_offer = yes
378smtpd_use_tls = yes 385smtpd_use_tls = yes
379#smtpd_tls_auth_only = yes 386#smtpd_tls_auth_only = yes
380smtpd_tls_key_file = /etc/postfix/newreq.pem 387smtpd_tls_key_file = /etc/postfix/newreq.pem
381smtpd_tls_cert_file = /etc/postfix/newcert.pem 388smtpd_tls_cert_file = /etc/postfix/newcert.pem
382smtpd_tls_CAfile = /etc/postfix/cacert.pem 389smtpd_tls_CAfile = /etc/postfix/cacert.pem
455# <i>mysql -u root -p mysql</i> 462# <i>mysql -u root -p mysql</i>
456mysql> <i>GRANT SELECT,INSERT,UPDATE,DELETE</i> 463mysql> <i>GRANT SELECT,INSERT,UPDATE,DELETE</i>
457 -> <i>ON mailsql.*</i> 464 -> <i>ON mailsql.*</i>
458 -> <i>TO mailsql@localhost</i> 465 -> <i>TO mailsql@localhost</i>
459 -> <i>IDENTIFIED BY '$password';</i> 466 -> <i>IDENTIFIED BY '$password';</i>
467Query OK, 0 rows affected (0.02 sec)
460 468
461 -> <i>quit</i> 469mysql> <i>FLUSH PRIVILEGES;</i>
470Query OK, 0 rows affected (0.00 sec)
471
472mysql> <i>quit</i>
462<comment>(Verify that the new mailsql user can connect to the mysql server.)</comment> 473<comment>(Verify that the new mailsql user can connect to the mysql server.)</comment>
463 474
464# <i>mysql -u mailsql -p mailsql</i> 475# <i>mysql -u mailsql -p mailsql</i>
465</pre> 476</pre>
466 477
648courier-imap and postfix. In all of the following examples, replace 659courier-imap and postfix. In all of the following examples, replace
649<c>$password</c> with the password you set for the mailsql mysql user. 660<c>$password</c> with the password you set for the mailsql mysql user.
650</p> 661</p>
651 662
652<pre caption="Configuring authentication"> 663<pre caption="Configuring authentication">
653# <i>emerge pam_mysql</i>
654# <i>nano -w /etc/pam.d/smtp</i>
655<comment>(Comment out the existing auth lines and add the following as shown.)</comment>
656
657#auth required /lib/security/pam_stack.so service=system-auth
658#account required /lib/security/pam_stack.so service=system-auth
659
660auth optional pam_mysql.so host=localhost db=mailsql user=mailsql \
661 passwd=$password table=users usercolumn=email passwdcolumn=clear crypt=0
662account required pam_mysql.so host=localhost db=mailsql user=mailsql \
663 passwd=$password table=users usercolumn=email passwdcolumn=clear crypt=0
664
665</pre>
666
667<p>
668Next, we need to edit courier's authentication config's.
669</p>
670
671<pre caption="Configuring authentication">
672# <i>nano -w /etc/courier-imap/authdaemonrc</i> 664# <i>nano -w /etc/courier/authlib/authdaemonrc</i>
673authmodulelist="authmysql authpam" 665authmodulelist="authmysql authpam"
674 666
675# <i>nano -w /etc/courier-imap/authdaemond.conf</i>
676AUTHDAEMOND="authdaemond.mysql"
677
678# <i>nano -w /etc/courier-imap/authmysqlrc</i> 667# <i>nano -w /etc/courier/authlib/authmysqlrc</i>
679MYSQL_SERVER localhost 668MYSQL_SERVER localhost
680MYSQL_USERNAME mailsql 669MYSQL_USERNAME mailsql
681MYSQL_PASSWORD $password 670MYSQL_PASSWORD $password
682MYSQL_DATABASE mailsql 671MYSQL_DATABASE mailsql
683MYSQL_USER_TABLE users 672MYSQL_USER_TABLE users
895</p> 884</p>
896 885
897<p> 886<p>
898One further note, current versions of mailman install to /usr/local/mailman. If 887One further note, current versions of mailman install to /usr/local/mailman. If
899you're like me and wish to change the default install location, it can be 888you're like me and wish to change the default install location, it can be
900overridden in the ebuild filoe by changing the INSTALLDIR variable. 889overridden in the ebuild file by changing the INSTALLDIR variable.
901</p>
902
903<pre caption="/usr/portage/net-mail/mailman/mailman-$ver.ebuild">
904# <i>nano -w /usr/portage/net-mail/mailman/mailman-$ver.ebuild</i>
905MAILGID="280"
906<comment>(Set MAILGID to the mailman group instead of nobody
907This is needed for postfix integration.)</comment>
908</pre> 890</p>
909 891
910<pre caption="Install mailman"> 892<pre caption="Install mailman">
911# <i>emerge mailman</i> 893# <i>emerge mailman</i>
912<comment>(This package is currently masked as well, so you'll need to unmask it or give
913emerge an explicit path to the ebuild. Once it's installed, follow the directions
914in the README.gentoo.gz *except* do not add your aliases to /etc/mail/aliases.
915We will instead be linking the entire alias db into postfix.)</comment>
916
917# <i>zless /usr/share/doc/mailman-$ver/README.gentoo.gz</i>
918</pre> 894</pre>
919 895
920<pre caption="Setting defaults: Mailman/Defaults.py"> 896<pre caption="Setting defaults: Mailman/Defaults.py">
921# <i> nano -w /var/mailman/Mailman/Defaults.py</i> 897# <i> nano -w /var/mailman/Mailman/Defaults.py</i>
922<comment>(Change the values below to reflect your primary domain, virtuals will be set next.)</comment> 898<comment>(Change the values below to reflect your primary domain, virtuals will be set next.)</comment>

Legend:
Removed from v.1.44  
changed lines
  Added in v.1.50

  ViewVC Help
Powered by ViewVC 1.1.20