/[gentoo]/xml/htdocs/doc/en/virt-mail-howto.xml

Diff of /xml/htdocs/doc/en/virt-mail-howto.xml

Parent Directory | Revision Log | View Patch Patch

Revision 1.49		Revision 1.60
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/virt-mail-howto.xml,v 1.49 2006/03/13 19:39:44 nightmorph Exp $ -->	2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/virt-mail-howto.xml,v 1.60 2008/09/28 20:29:25 nightmorph Exp $ -->
3	<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">	3	<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
4		4
5	<guide link="/doc/en/virt-mail-howto.xml">	5	<guide link="/doc/en/virt-mail-howto.xml">
6	<title>Virtual Mailhosting System with Postfix Guide</title>	6	<title>Virtual Mailhosting System with Postfix Guide</title>
7		7
…		…
15	<mail link="klasikahl@gentoo.org">Zack Gilburd</mail>	15	<mail link="klasikahl@gentoo.org">Zack Gilburd</mail>
16	</author>	16	</author>
17	<author title="Editor">	17	<author title="Editor">
18	<mail link="seather@scygro.za.net">Scygro</mail>	18	<mail link="seather@scygro.za.net">Scygro</mail>
19	</author>	19	</author>
		20	<author title="Editor">
		21	<mail link="swift@gentoo.org">Sven Vermeulen</mail>
		22	</author>
20		23
21	<abstract>	24	<abstract>
22	This document details how to create a virtual mailhosting system based upon	25	This document details how to create a virtual mailhosting system based upon
23	postfix, mysql, courier-imap, and cyrus-sasl.	26	postfix, mysql, courier-imap, and cyrus-sasl.
24	</abstract>	27	</abstract>
25		28
26	<version>1.0.26</version>	29	<version>1.7</version>
27	<date>2006-03-13</date>	30	<date>2008-09-28</date>
28
29	<!--
30	Contents
31
32	I. Introduction
33	II. Postfix Basics
34	III. Courier-imap
35	IV. Cyrus-sasl
36	V. SSL Certificates for Postfix and Apache
37	VI. Adding SSL and SASL support to Postfix
38	VII. MySQL
39	VIII. Apache and phpMyAdmin
40	IX. The vmail user
41	X. Configuring MySQL Authentication and vhosts
42	XI. Squirrelmail
43	XII. Mailman
44	XIII. Content Filtering and Anti-Virus
45	XIV. Wrap Up
46	XV. Troubleshooting
47	-->
48		31
49	<chapter>	32	<chapter>
50	<title>Introduction</title>	33	<title>Introduction</title>
51	<section>	34	<section>
52	<body>	35	<body>
53		36
54	<p>	37	<p>
55	For most gentoo users, a simple mail client and fetchmail will do. However, if	38	For most Gentoo users, a simple mail client and fetchmail will do. However, if
56	you're hosting a domain with your system, you'll need a full blown MTA (Mail	39	you're hosting a domain with your system, you'll need a full blown MTA (Mail
57	Transfer Agent). And if you're hosting multiple domains, then you'll definitely	40	Transfer Agent). And if you're hosting multiple domains, then you'll definitely
58	need something more robust to handle all of the email for your users. This	41	need something more robust to handle all of the email for your users. This
59	system was designed to be an elegant solution to that problem.	42	system was designed to be an elegant solution to that problem.
60	</p>	43	</p>
…		…
85	needs. Consider investigating <uri>http://www.qmail.org/</uri> and	68	needs. Consider investigating <uri>http://www.qmail.org/</uri> and
86	<uri>http://www.exim.org/</uri> to explore your options.	69	<uri>http://www.exim.org/</uri> to explore your options.
87	</p>	70	</p>
88		71
89	<p>	72	<p>
90	The following packages are used in this setup: apache, courier-imap, courier-authlib	73	The following packages are used in this setup: apache, courier-imap,
91	postfix, mod_php, phpmyadmin, squirrelmail, cyrus-sasl, mysql, php, and	74	courier-authlib postfix, mod_php, phpmyadmin, squirrelmail, cyrus-sasl, mysql,
92	mailman.	75	php, and mailman.
93	</p>	76	</p>
94		77
95	<p>	78	<p>
96	Make sure to turn on the following USE variables in <path>/etc/make.conf</path>	79	Make sure to turn on the following USE variables in <path>/etc/make.conf</path>
97	before compiling the packages: <c>USE="mysql imap libwww maildir	80	before compiling the packages: <c>USE="mysql imap libwww maildir
…		…
99	get the support you need for all the protocols. Further, it's a good idea to	82	get the support you need for all the protocols. Further, it's a good idea to
100	turn off any other mail and network variables, like ipv6.	83	turn off any other mail and network variables, like ipv6.
101	</p>	84	</p>
102		85
103	<impo>	86	<impo>
104	This howto was written for postfix-2.0.x. If you are using postfix < 2 some
105	of the variables in this document will be different. It is recommended that you
106	upgrade. Some other packages included in this howto are version sensitive as
107	well. You are advised to read the documentation included with packages if you
108	run into issues with this.
109	</impo>
110
111	<impo>
112	This document uses apache-1.3.x. Apache-2 has been marked stable in portage.
113	However there are still a number of issues with php integration. Until php
114	support in apache-2.0.x is marked stable, this guide will continue to use the
115	1.3.x version.
116	</impo>
117
118	<impo>
119	You need a domain name to run a public mail server, or at least an MX record	87	You need a domain name to run a public mail server, or at least an MX record
120	for a domain. Ideally you would have control of at least two domains to take	88	for a domain. Ideally you would have control of at least two domains to take
121	advantage of your new virtual domain functionality.	89	advantage of your new virtual domain functionality.
122	</impo>	90	</impo>
123		91
124	<impo>	92	<impo>
125	Make sure <path>/etc/hostname</path> is set to the right hostname for your mail	93	Make sure <path>/etc/conf.d/hostname</path> is set to the right hostname for
126	server. Verify your hostname is set correctly with <c>hostname</c>. Also	94	your mail server. You can apply any changes you make to this file by running
127	verify that there are no conflicting entries in <path>/etc/hosts</path>.	95	<c>/etc/init.d/hostname restart</c>. Verify your hostname is set correctly with
		96	<c>hostname</c>. Also verify that there are no conflicting entries in
		97	<path>/etc/hosts</path>.
128	</impo>	98	</impo>
129		99
130	<note>	100	<note>
131	It is recommended that you read this entire document and familiarize yourself	101	It is recommended that you read this entire document and familiarize yourself
132	with all the steps before attempting the install. If you run into problems with	102	with all the steps before attempting the install. If you run into problems with
…		…
149	# <i>emerge postfix</i>	119	# <i>emerge postfix</i>
150	</pre>	120	</pre>
151		121
152	<warn>	122	<warn>
153	Verify that you have not installed any other MTA, such as ssmtp, exim, or	123	Verify that you have not installed any other MTA, such as ssmtp, exim, or
154	qmail, or you will surely have BIG problems.	124	netqmail, or you will surely have BIG problems.
155	</warn>	125	</warn>
156		126
157	<p>	127	<p>
158	After postfix is installed, it's time to configure it. Change the following	128	After postfix is installed, it's time to configure it. Change the following
159	options in <path>/etc/postfix/main.cf</path>:	129	options in <path>/etc/postfix/main.cf</path>. Remember to replace
		130	<c>$variables</c> with your own names.
160	</p>	131	</p>
161		132
162	<pre caption="/etc/postfix/main.cf">	133	<pre caption="/etc/postfix/main.cf">
163	myhostname = $host.domain.name	134	myhostname = $host.domain.name
164	mydomain = $domain.name	135	mydomain = $domain.name
…		…
191		162
192	<pre caption="Starting postfix for the first time">	163	<pre caption="Starting postfix for the first time">
193	# <i>/usr/bin/newaliases</i>	164	# <i>/usr/bin/newaliases</i>
194	<comment>(This will install the new aliases. You only need to do this	165	<comment>(This will install the new aliases. You only need to do this
195	when you update or install aliases.)</comment>	166	when you update or install aliases.)</comment>
196		167
197	# <i>/etc/init.d/postfix start</i>	168	# <i>/etc/init.d/postfix start</i>
198	</pre>	169	</pre>
199		170
200	<p>	171	<p>
201	Now that postfix is running, fire up your favorite console mail client and send	172	Now that postfix is running, fire up your favorite console mail client and send
…		…
243	# <i>/etc/init.d/courier-pop3d-ssl start</i>	214	# <i>/etc/init.d/courier-pop3d-ssl start</i>
244	</pre>	215	</pre>
245		216
246	<p>	217	<p>
247	Start up your favorite mail client and verify that all connections you've	218	Start up your favorite mail client and verify that all connections you've
248	started work for receiving and sending mail. Now that the basics work, we're	219	started work for receiving and sending mail. Of course, you won't be able to log
249	going to do a whole bunch of stuff at once to get the rest of the system	220	on to any of the services because authentication hasn't been configured yet, but
250	running. Again, please verify that what we've installed already works before	221	it is wise to check if the connections themselves work or not.
251	progressing.	222	</p>
		223
		224	<p>
		225	Now that the basics work, we're going to do a whole bunch of stuff at once to
		226	get the rest of the system running. Again, please verify that what we've
		227	installed already works before progressing.
252	</p>	228	</p>
253		229
254	</body>	230	</body>
255	</section>	231	</section>
256	</chapter>	232	</chapter>
…		…
260	<section>	236	<section>
261	<body>	237	<body>
262		238
263	<p>	239	<p>
264	Next we're going to install cyrus-sasl. Sasl is going to play the role of	240	Next we're going to install cyrus-sasl. Sasl is going to play the role of
265	actually passing your auth variables to courier-auth, which will in turn pass that	241	actually passing your auth variables to courier-auth, which will in turn pass
266	information to mysql for authentication of smtp users. For this howto, we'll	242	that information to mysql for authentication of smtp users. For this howto,
267	not even try to verify that sasl is working until mysql is set up and contains	243	we'll not even try to verify that sasl is working until mysql is set up and
268	a test user. Which is fine since we'll be authenticating against mysql in the	244	contains a test user. Which is fine since we'll be authenticating against
269	end anyway.	245	mysql in the end anyway.
270	</p>	246	</p>
271		247
272	<pre caption="Configuring and installing the cyrus-sasl ebuild">	248	<pre caption="Configuring and installing the cyrus-sasl ebuild">
273	# <i>emerge cyrus-sasl</i>	249	# <i>emerge cyrus-sasl</i>
274	</pre>	250	</pre>
…		…
313	emailAddress_default.	289	emailAddress_default.
314		290
315	<comment>(If the variables are not already present, just add them in a sensible place.)</comment>	291	<comment>(If the variables are not already present, just add them in a sensible place.)</comment>
316		292
317	# <i>cd misc</i>	293	# <i>cd misc</i>
318	# <i>nano -w CA.pl</i>	294	# <i>./CA.pl -newreq-nodes</i>
319	<comment>(We need to add -nodes to the # create a certificate and
320	#create a certificate request code in order to let our new ssl
321	certs be loaded without a password. Otherwise when you
322	reboot your ssl certs will not be available.)</comment>
323
324	# create a certificate
325	system ("$REQ -new -nodes -x509 -keyout newreq.pem -out newreq.pem $DAYS");
326
327	# create a certificate request
328	system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS");
329
330	# <i>./CA.pl -newca</i>	295	# <i>./CA.pl -newca</i>
331	# <i>./CA.pl -newreq</i>
332	# <i>./CA.pl -sign</i>	296	# <i>./CA.pl -sign</i>
333	# <i>cp newcert.pem /etc/postfix</i>	297	# <i>cp newcert.pem /etc/postfix</i>
334	# <i>cp newreq.pem /etc/postfix</i>	298	# <i>cp newkey.pem /etc/postfix</i>
335	# <i>cp demoCA/cacert.pem /etc/postfix</i>	299	# <i>cp demoCA/cacert.pem /etc/postfix</i>
336	<comment>(Now we do the same thing for apache.)</comment>	300	<comment>(Now we do the same thing for apache.)</comment>
337		301
338	# <i>openssl req -new > new.cert.csr</i>	302	# <i>openssl req -new > new.cert.csr</i>
339	# <i>openssl rsa -in privkey.pem -out new.cert.key</i>	303	# <i>openssl rsa -in privkey.pem -out new.cert.key</i>
…		…
372	smtpd_sasl_local_domain appends a domain name to clients using	336	smtpd_sasl_local_domain appends a domain name to clients using
373	smtp-auth. Make sure it's blank or your user names will get	337	smtp-auth. Make sure it's blank or your user names will get
374	mangled by postfix and be unable to auth.)</comment>	338	mangled by postfix and be unable to auth.)</comment>
375		339
376	smtpd_recipient_restrictions =	340	smtpd_recipient_restrictions =
377	permit_sasl_authenticated,	341	permit_sasl_authenticated,
378	permit_mynetworks,	342	permit_mynetworks,
379	reject_unauth_destination	343	reject_unauth_destination
380
381		344
382	<comment>(The next two options enable outgoing encryption.)</comment>	345	<comment>(The next two options enable outgoing encryption.)</comment>
383	smtp_use_tls = yes	346	smtp_use_tls = yes
384	smtp_tls_note_starttls_offer = yes	347	smtp_tls_note_starttls_offer = yes
385	smtpd_use_tls = yes	348	smtpd_use_tls = yes
386	#smtpd_tls_auth_only = yes	349	#smtpd_tls_auth_only = yes
387	smtpd_tls_key_file = /etc/postfix/newreq.pem	350	smtpd_tls_key_file = /etc/postfix/newkey.pem
388	smtpd_tls_cert_file = /etc/postfix/newcert.pem	351	smtpd_tls_cert_file = /etc/postfix/newcert.pem
389	smtpd_tls_CAfile = /etc/postfix/cacert.pem	352	smtpd_tls_CAfile = /etc/postfix/cacert.pem
390	smtpd_tls_loglevel = 3	353	smtpd_tls_loglevel = 3
391	smtpd_tls_received_header = yes	354	smtpd_tls_received_header = yes
392	smtpd_tls_session_cache_timeout = 3600s	355	smtpd_tls_session_cache_timeout = 3600s
…		…
398	# <i>postfix reload</i>	361	# <i>postfix reload</i>
399	</pre>	362	</pre>
400		363
401	<p>	364	<p>
402	Now we're going to verify that the config's we added were picked up by postfix.	365	Now we're going to verify that the config's we added were picked up by postfix.
		366	For this we are going to use <c>telnet</c> (provided by for instance
		367	<c>net-misc/netkit-telnetd</c>) although you can also use <c>nc</c> (provided by
		368	<c>net-analyzer/netcat</c>):
403	</p>	369	</p>
404		370
405	<pre caption="Verifying sasl and tls support">	371	<pre caption="Verifying sasl and tls support">
406	# <i>telnet localhost 25</i>	372	# <i>telnet localhost 25</i>
407		373
…		…
435	</body>	401	</body>
436	</section>	402	</section>
437	</chapter>	403	</chapter>
438		404
439	<chapter>	405	<chapter>
		406	<title>The vmail user</title>
		407	<section>
		408	<body>
		409
		410	<p>
		411	Before we set up our virtual mailhosting environment, we create a functional
		412	user under which the virtual mailboxes will be hosted. For clarity's sake we
		413	will call this <e>vmail</e>:
		414	</p>
		415
		416	<pre caption="Adding the vmail user">
		417	# <i>adduser -d /home/vmail -s /bin/false -m vmail</i>
		418	</pre>
		419
		420	<p>
		421	So now you've set up the vmail account. You can create multiple accounts if you
		422	want (to keep some structure in your set of virtual mail accounts). The user id,
		423	group id and home dirs are referenced in the MySQL tables.
		424	</p>
		425
		426	<p>
		427	Next to the user account we also need to create the location where the mailboxes
		428	will reside:
		429	</p>
		430
		431	<pre caption="Creating mailboxes">
		432	# <i>mkdir -p /home/vmail/virt-domain.com/foo</i>
		433	# <i>chown -R vmail:vmail /home/vmail/virt-domain.com</i>
		434	# <i>maildirmake /home/vmail/virt-domain.com/foo/.maildir</i>
		435	</pre>
		436
		437	</body>
		438	</section>
		439	</chapter>
		440
		441	<chapter>
440	<title>MySQL</title>	442	<title>MySQL</title>
441	<section>	443	<section>
442	<body>	444	<body>
443		445
444	<p>	446	<p>
…		…
450	<pre caption="Installing and configuring MySQL">	452	<pre caption="Installing and configuring MySQL">
451	# <i>emerge mysql</i>	453	# <i>emerge mysql</i>
452		454
453	# <i>/usr/bin/mysql_install_db</i>	455	# <i>/usr/bin/mysql_install_db</i>
454	<comment>(After this command runs follow the onscreen directions	456	<comment>(After this command runs follow the onscreen directions
455	for adding a root password with mysql,	457	for adding a root password with mysql, otherwise your db will
456	not mysqladmin, otherwise your db will be wide open.)</comment>	458	be wide open.)</comment>
457		459
458	# <i>/etc/init.d/mysql start</i>	460	# <i>/etc/init.d/mysql start</i>
459	# <i>mysqladmin -u root -p create mailsql</i>	461	# <i>mysqladmin -u root -p create mailsql</i>
460	# <i>mysql -u root -p mailsql < genericmailsql.sql</i>	462	# <i>mysql -u root -p mailsql < genericmailsql.sql</i>
461
462	# <i>mysql -u root -p mysql</i>	463	# <i>mysql -u root -p mysql</i>
463	mysql> <i>GRANT SELECT,INSERT,UPDATE,DELETE</i>	464	mysql> <i>GRANT SELECT,INSERT,UPDATE,DELETE</i>
464	-> <i>ON mailsql.*</i>	465	-> <i>ON mailsql.*</i>
465	-> <i>TO mailsql@localhost</i>	466	-> <i>TO mailsql@localhost</i>
466	-> <i>IDENTIFIED BY '$password';</i>	467	-> <i>IDENTIFIED BY '$password';</i>
467	Query OK, 0 rows affected (0.02 sec)	468	Query OK, 0 rows affected (0.02 sec)
468		469
469	mysql> <i>FLUSH PRIVILEGES;</i>	470	mysql> <i>FLUSH PRIVILEGES;</i>
470	Query OK, 0 rows affected (0.00 sec)	471	Query OK, 0 rows affected (0.00 sec)
471		472
…		…
490	<li>users - all user account information</li>	491	<li>users - all user account information</li>
491	<li>virtual - virtual domain email alias maps</li>	492	<li>virtual - virtual domain email alias maps</li>
492	</ul>	493	</ul>
493		494
494	<pre caption="alias table sample">	495	<pre caption="alias table sample">
495	id alias destination	496	id alias destination
496	1 root foo@bar.com	497	1 root foo@bar.com
497	2 postmaster foo@bar.com	498	2 postmaster foo@bar.com
498	</pre>	499	</pre>
499		500
500	<pre caption="user table sample">	501	<pre caption="user table sample">
501	<comment>(Line wrapped for clarity.)</comment>	502	<comment>(Line wrapped for clarity.)</comment>
502	id email clear name uid gid homedir \	503	id email clear name uid gid homedir \
503	maildir quota postfix	504	maildir quota postfix
504	10 foo@virt-bar.org $password realname virtid virtid /home/vmail \	505	10 foo@virt-domain.com $password realname virtid virtid /home/vmail \
505	/home/vmail/virt-bar.org/foo/.maildir/ y	506	/home/vmail/virt-domain.com/foo/.maildir/ y
506	13 foo@bar.com $password realname localid localid /home/foo \	507	13 foo@bar.com $password realname localid localid /home/foo \
507	/home/foo/.maildir/ y	508	/home/foo/.maildir/ y
508	</pre>	509	</pre>
509		510
510	<p>	511	<p>
511	The values of the <c>virtid</c> uid and gid should be those of the <c>vmail</c>	512	The values of the <c>virtid</c> uid and gid should be those of the <c>vmail</c>
512	user and group.	513	user and group.
513	</p>	514	</p>
514		515
515	<pre caption="transport table sample">	516	<pre caption="transport table sample">
516	id domain destination	517	id domain destination
517	1 bar.com local:	518	1 bar.com local:
518	2 virt-bar.org virtual:	519	2 virt-domain.com virtual:
519	</pre>	520	</pre>
520		521
521	<pre caption="virtual table sample">	522	<pre caption="virtual table sample">
522	id email destination	523	id email destination
523	3 root@virt-bar.org other@email.address	524	3 root@virt-domain.com other@email.address
524	</pre>	525	</pre>
525		526
526	</body>	527	</body>
527	</section>	528	</section>
528	</chapter>	529	</chapter>
…		…
536	Next we'll set up apache and add an interface to interact with the database	537	Next we'll set up apache and add an interface to interact with the database
537	more easily.	538	more easily.
538	</p>	539	</p>
539		540
540	<pre caption="Setting up apache and phpmyadmin">	541	<pre caption="Setting up apache and phpmyadmin">
541	# <i>emerge apache mod_php phpmyadmin</i>	542	# <i>emerge apache phpmyadmin</i>
542	</pre>	543	</pre>
543		544
544	<p>	545	<p>
545	There are plenty of guides out there about how to set up apache with php. Like	546	There are plenty of guides out there about how to set up apache with php,
546	this one: <uri>http://www.linuxguruz.org/z.php?id=31</uri>. There are also	547	including guides provided by the <uri link="/proj/en/php/">Gentoo PHP
		548	Project</uri>. There are also numerous posts on
547	numerous posts on <uri>http://forums.gentoo.org</uri> detailing how to solve	549	<uri>http://forums.gentoo.org</uri> detailing how to solve problems with the
548	problems with the installation (search for 'apache php'). So, that said, I'm	550	installation. So, that said, we're not going to cover it here. Set up the
549	not going to cover it here. Set up the apache and php installs, then continue	551	apache and php installs, then continue with this howto. Now, a word for the
550	with this howto. Now, a word for the wise: .htaccess the directory that you put	552	wise: .htaccess the directory that you put phpmyadmin in. If you do not do this,
551	phpmyadmin in. If you do not do this, search engine spiders will come along and	553	search engine spiders will come along and index the page which in turn will mean
552	index the page which in turn will mean that anyone will be able to find your	554	that anyone will be able to find your phpmyadmin page via google and in turn be
553	phpmyadmin page via google and in turn be able to come change your database	555	able to come change your database however they want which is <e>BAD!</e> There
554	however they want which is <e>BAD!</e> There are many howtos on this	556	are many howtos on this including:
555	including: <uri>http://www.csoft.net/docs/micro/htaccess.html.en</uri>.	557	<uri>http://www.csoft.net/docs/micro/htaccess.html.en</uri>.
556	</p>	558	</p>
557		559
558	<p>	560	<p>
559	Now we're going to install the Apache certificates we made previously. The	561	Now we're going to install the Apache certificates we made previously. The
560	Apache-SSL directives that you need to use the resulting cert are:	562	Apache-SSL directives that you need to use the resulting cert are:
…		…
564	<li>SSLCertificateFile /path/to/certs/new.cert.cert</li>	566	<li>SSLCertificateFile /path/to/certs/new.cert.cert</li>
565	<li>SSLCertificateKeyFile /path/to/certs/new.cert.key</li>	567	<li>SSLCertificateKeyFile /path/to/certs/new.cert.key</li>
566	</ul>	568	</ul>
567		569
568	<pre caption="Install Apache SSL certificates">	570	<pre caption="Install Apache SSL certificates">
569	# <i>cp /etc/ssl/misc/new.cert.cert /etc/apache/conf/ssl/</i>	571	# <i>cp /etc/ssl/misc/new.cert.cert /etc/apache2/ssl/</i>
570	# <i>cp /etc/ssl/misc/new.cert.key /etc/apache/conf/ssl/</i>	572	# <i>cp /etc/ssl/misc/new.cert.key /etc/apache2/ssl/</i>
571	# <i>nano -w /etc/apache/conf/vhosts/ssl.default-vhost.conf</i>	573	# <i>cd /etc/apache2/vhosts.d</i>
		574	<comment>(Check if you have an ssl-vhost template already.
		575	Copy that one instead of the default_vhost if that is the case)</comment>
		576	# <i>cp 00_default_vhost.conf ssl-vhost.conf</i>
		577	# <i>nano -w ssl-vhost.conf</i>
572		578
573	<comment>(Change the following parameters)</comment>	579	<comment>(Change the following parameters)</comment>
		580	NameVirtualHost host.domain.name:443
574		581
		582	<VirtualHost host.domain.name:443>
575	ServerName host.domain.name	583	ServerName host.domain.name
576	ServerAdmin your@email.address	584	ServerAdmin your@email.address
		585
		586	DocumentRoot "/var/www/localhost/htdocs/phpmyadmin";
		587	<Directory "/var/www/localhost/htdocs/phpmyadmin">
		588	...
		589	</Directory>
		590
577	SSLCertificateFile /etc/apache/conf/ssl/new.cert.cert	591	SSLCertificateFile /etc/apache2/ssl/new.cert.cert
578	SSLCertificateKeyFile /etc/apache/conf/ssl/new.cert.key	592	SSLCertificateKeyFile /etc/apache2/ssl/new.cert.key
		593	SSLEngine on
		594	...
		595	</VirtualHost>
579		596
		597	# <i>nano -w /etc/conf.d/apache2</i>
		598	<comment>(Add -D SSL -D PHP5 to the APACHE2_OPTS)</comment>
		599
580	# <i>/etc/init.d/apache restart</i>	600	# <i>/etc/init.d/apache2 restart</i>
581	</pre>	601	</pre>
582
583	<note>
584	If you have an existing apache install, you'll likely have to perform a full
585	server reboot to install your new certificates. Check your logs to verify
586	apache restarted successfully.
587	</note>
588		602
589	<p>	603	<p>
590	Next, configure phpMyAdmin.	604	Next, configure phpMyAdmin.
591	</p>	605	</p>
592		606
593	<pre caption="Configuring phpMyAdmin">	607	<pre caption="Configuring phpMyAdmin">
594	# <i>nano -w /var/www/localhost/htdocs/phpmyadmin/config.inc.php</i>	608	# <i>cd /var/www/localhost/htdocs/phpmyadmin</i>
		609	# <i>cp config.sample.inc.php config.inc.php</i>
		610	# <i>nano -w config.inc.php</i>
595	<comment>(Change the following parameters.)</comment>	611	<comment>(Change the following parameters.)</comment>
		612	$cfg['blowfish_secret'] = 'someverysecretpassphraze';
596		613
597	$cfg['Servers'][$i]['host'] = 'localhost'; // MySQL hostname	614	$cfg['Servers'][$i]['host'] = 'localhost'; // MySQL hostname
598	$cfg['Servers'][$i]['controluser'] = 'mailsql'; // MySQL control user settings	615	$cfg['Servers'][$i]['controluser'] = 'mailsql'; // MySQL control user settings
599	// (this user must have read-only	616	// (this user must have read-only
600	$cfg['Servers'][$i]['controlpass'] = '$password'; // access to the "mysql/user"	617	$cfg['Servers'][$i]['controlpass'] = '$password'; // access to the "mysql/user"
…		…
607	Now enter the phpmyadmin page and browse the tables. You'll want to add in your	624	Now enter the phpmyadmin page and browse the tables. You'll want to add in your
608	local aliases, edit your user table to add a test user, and change your	625	local aliases, edit your user table to add a test user, and change your
609	transport table to add information about your domains. The default values	626	transport table to add information about your domains. The default values
610	supplied with the dumpfile should be a sufficient guide to what values need to	627	supplied with the dumpfile should be a sufficient guide to what values need to
611	go where. Make sure that if you put information in the database that it is	628	go where. Make sure that if you put information in the database that it is
612	accurate. For instance, make sure the local users home dir exists and that the	629	accurate. For instance, make sure the local user's home dir exists and that the
613	correct uid/gid values are in place. The maildirs should be created	630	correct uid/gid values are in place. The maildirs should be created
614	automatically by postfix when the user receives their first email. So, in	631	automatically by postfix when the user receives their first email. So, in
615	general, it's a good idea to send a "Welcome" mail to a new user	632	general, it's a good idea to send a "Welcome" mail to a new user after you
616	after you setup their account to make sure the .maildir gets created.	633	setup their account to make sure the .maildir gets created.
617	</p>
618
619	</body>
620	</section>
621	</chapter>
622
623	<chapter>
624	<title>The vmail user</title>
625	<section>
626	<body>
627
628	<p>
629	At this point you may be wondering what user and directory to use for virtual
630	mail users, and rightly so. Let's set that up.
631	</p>
632
633	<pre caption="Adding the vmail user">
634	# <i>adduser -d /home/vmail -s /bin/false vmail</i>
635	# <i>uid=`cat /etc/passwd \| grep vmail \| cut -f 3 -d :`</i>
636	# <i>groupadd -g $uid vmail</i>
637	# <i>mkdir /home/vmail</i>
638	# <i>chown vmail: /home/vmail</i>
639	</pre>
640
641	<p>
642	So now when you're setting up vmail accounts, use the vmail uid, gid, and
643	homedir. When you're setting up local accounts, use that users uid, gid, and
644	homedir. We've been meaning to create a php admin page for this setup but
645	haven't gotten around to it yet, as phpmyadmin generally works fine for us.
646	</p>	634	</p>
647		635
648	</body>	636	</body>
649	</section>	637	</section>
650	</chapter>	638	</chapter>
…		…
683	# <i>/etc/init.d/courier-authlib restart</i>	671	# <i>/etc/init.d/courier-authlib restart</i>
684	# <i>/etc/init.d/saslauthd restart</i>	672	# <i>/etc/init.d/saslauthd restart</i>
685	</pre>	673	</pre>
686		674
687	<p>	675	<p>
688	We're almost there I promise! Next, set up the rest of the necessary config's	676	We're almost there, I promise! Next, set up the rest of the necessary configs
689	for postfix to interract with the database for all it's other transport needs.	677	for postfix to interract with the database for all its other transport needs.
		678	Remember to replace each value with the name of your own user, user id,
		679	password, alias, email address, and so on.
690	</p>	680	</p>
691		681
692	<pre caption="/etc/postfix/mysql-aliases.cf">	682	<pre caption="/etc/postfix/mysql-aliases.cf">
693	# <i>nano -w /etc/postfix/mysql-aliases.cf</i>	683	# <i>nano -w /etc/postfix/mysql-aliases.cf</i>
694	# mysql-aliases.cf	684	# mysql-aliases.cf
695		685
696	user = mailsql	686	user = mailsql
697	password = $password	687	password = $password
698	dbname = mailsql	688	dbname = mailsql
699	table = alias	689	table = alias
700	select_field = destination	690	select_field = destination
701	where_field = alias	691	where_field = alias
702	hosts = unix:/var/run/mysqld/mysqld.sock	692	hosts = unix:/var/run/mysqld/mysqld.sock
703	</pre>	693	</pre>
704		694
705	<pre caption="/etc/postfix/mysql-relocated.cf">	695	<pre caption="/etc/postfix/mysql-relocated.cf">
706	# <i>nano -w /etc/postfix/mysql-relocated.cf</i>	696	# <i>nano -w /etc/postfix/mysql-relocated.cf</i>
707	# mysql-relocated.cf	697	# mysql-relocated.cf
708		698
709	user = mailsql	699	user = mailsql
710	password = $password	700	password = $password
711	dbname = mailsql	701	dbname = mailsql
712	table = relocated	702	table = relocated
713	select_field = destination	703	select_field = destination
714	where_field = email	704	where_field = email
715	hosts = unix:/var/run/mysqld/mysqld.sock	705	hosts = unix:/var/run/mysqld/mysqld.sock
716	</pre>	706	</pre>
717		707
718	<pre caption="/etc/postfix/mysql-transport.cf (optional)">	708	<pre caption="/etc/postfix/mysql-transport.cf (optional)">
719	# <i>nano -w /etc/postfix/mysql-transport.cf</i>	709	# <i>nano -w /etc/postfix/mysql-transport.cf</i>
720	# mysql-transport.cf	710	# mysql-transport.cf
721		711
722	user = mailsql	712	user = mailsql
723	password = $password	713	password = $password
724	dbname = mailsql	714	dbname = mailsql
725	table = transport	715	table = transport
726	select_field = destination	716	select_field = destination
727	where_field = domain	717	where_field = domain
728	hosts = unix:/var/run/mysqld/mysqld.sock	718	hosts = unix:/var/run/mysqld/mysqld.sock
729	</pre>	719	</pre>
730		720
731	<pre caption="/etc/postfix/mysql-virtual-gid.cf (optional)">	721	<pre caption="/etc/postfix/mysql-virtual-gid.cf (optional)">
732	# <i>nano -w /etc/postfix/mysql-virtual-gid.cf</i>	722	# <i>nano -w /etc/postfix/mysql-virtual-gid.cf</i>
733	#myql-virtual-gid.cf	723	# mysql-virtual-gid.cf
734		724
735	user = mailsql	725	user = mailsql
736	password = $password	726	password = $password
737	dbname = mailsql	727	dbname = mailsql
738	table = users	728	table = users
739	select_field = gid	729	select_field = gid
740	where_field = email	730	where_field = email
741	additional_conditions = and postfix = 'y'	731	additional_conditions = and postfix = 'y'
742	hosts = unix:/var/run/mysqld/mysqld.sock	732	hosts = unix:/var/run/mysqld/mysqld.sock
743	</pre>	733	</pre>
744		734
745	<pre caption="/etc/postfix/mysql-virtual-maps.cf">	735	<pre caption="/etc/postfix/mysql-virtual-maps.cf">
746	# <i>nano -w /etc/postfix/mysql-virtual-maps.cf</i>	736	# <i>nano -w /etc/postfix/mysql-virtual-maps.cf</i>
747	#myql-virtual-maps.cf	737	# mysql-virtual-maps.cf
748		738
749	user = mailsql	739	user = mailsql
750	password = $password	740	password = $password
751	dbname = mailsql	741	dbname = mailsql
752	table = users	742	table = users
753	select_field = maildir	743	select_field = maildir
754	where_field = email	744	where_field = email
755	additional_conditions = and postfix = 'y'	745	additional_conditions = and postfix = 'y'
756	hosts = unix:/var/run/mysqld/mysqld.sock	746	hosts = unix:/var/run/mysqld/mysqld.sock
757	</pre>	747	</pre>
758		748
759	<pre caption="/etc/postfix/mysql-virtual-uid.cf (optional)">	749	<pre caption="/etc/postfix/mysql-virtual-uid.cf (optional)">
…		…
763	user = mailsql	753	user = mailsql
764	password = $password	754	password = $password
765	dbname = mailsql	755	dbname = mailsql
766	table = users	756	table = users
767	select_field = uid	757	select_field = uid
768	where_field = email	758	where_field = email
769	additional_conditions = and postfix = 'y'	759	additional_conditions = and postfix = 'y'
770	hosts = unix:/var/run/mysqld/mysqld.sock	760	hosts = unix:/var/run/mysqld/mysqld.sock
771	</pre>	761	</pre>
772		762
773	<pre caption="/etc/postfix/mysql-virtual.cf">	763	<pre caption="/etc/postfix/mysql-virtual.cf">
774	# <i>nano -w /etc/postfix/mysql-virtual.cf</i>	764	# <i>nano -w /etc/postfix/mysql-virtual.cf</i>
775	# mysql-virtual.cf	765	# mysql-virtual.cf
776		766
777	user = mailsql	767	user = mailsql
778	password = $password	768	password = $password
779	dbname = mailsql	769	dbname = mailsql
780	table = virtual	770	table = virtual
781	select_field = destination	771	select_field = destination
782	where_field = email	772	where_field = email
783	hosts = unix:/var/run/mysqld/mysqld.sock	773	hosts = unix:/var/run/mysqld/mysqld.sock
784	</pre>	774	</pre>
785		775
786	<p>	776	<p>
787	Lastly, edit <path>/etc/postfix/main.cf</path> one more time.	777	Lastly, edit <path>/etc/postfix/main.cf</path> one more time.
788	</p>	778	</p>
789		779
790	<pre caption="/etc/postfix/main.cf">	780	<pre caption="/etc/postfix/main.cf">
791	# <i>nano -w /etc/postfix/main.cf</i>	781	# <i>nano -w /etc/postfix/main.cf</i>
		782	<comment>(Ensure that there are no other alias_maps definitions)</comment>
792	alias_maps = mysql:/etc/postfix/mysql-aliases.cf	783	alias_maps = mysql:/etc/postfix/mysql-aliases.cf
793	relocated_maps = mysql:/etc/postfix/mysql-relocated.cf	784	relocated_maps = mysql:/etc/postfix/mysql-relocated.cf
794		785
795	local_transport = local	786	local_transport = local
796	local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname	787	local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname
797		788
798	virtual_transport = virtual	789	virtual_transport = virtual
799	virtual_mailbox_domains =	790	<comment>(The domains listed by the mydestination should not be listed in
800	virt-bar.com,	791	the virtual_mailbox_domains parameter)</comment>
801	$other-virtual-domain.com	792	virtual_mailbox_domains = virt-domain.com, $other-virtual-domain.com
802		793
803	virtual_minimum_uid = 1000	794	virtual_minimum_uid = 1000
		795	<comment>(Substitute $vmail-gid with the GID of the vmail group)</comment>
804	virtual_gid_maps = static:$vmail-gid	796	virtual_gid_maps = static:$vmail-gid
805	virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf	797	virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf
806	virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf	798	virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf
		799	<comment>(Substitute $vmail-uid with the UID of the vmail user)</comment>
807	virtual_uid_maps = static:$vmail-uid	800	virtual_uid_maps = static:$vmail-uid
808	virtual_mailbox_base = /	801	virtual_mailbox_base = /
809	#virtual_mailbox_limit =	802	#virtual_mailbox_limit =
810	</pre>	803	</pre>
811		804
…		…
881	to require a bit of hacking. I really recommend reading all of the mailman	874	to require a bit of hacking. I really recommend reading all of the mailman
882	documentation, including README.POSTFIX.gz, to understand what's being done	875	documentation, including README.POSTFIX.gz, to understand what's being done
883	here.	876	here.
884	</p>	877	</p>
885		878
886	<p>
887	One further note, current versions of mailman install to /usr/local/mailman. If
888	you're like me and wish to change the default install location, it can be
889	overridden in the ebuild filoe by changing the INSTALLDIR variable.
890	</p>
891
892	<pre caption="Install mailman">	879	<pre caption="Install mailman">
893	# <i>emerge mailman</i>	880	# <i>emerge mailman</i>
894	<comment>(This package is currently masked as well, so you'll need to unmask it or give
895	emerge an explicit path to the ebuild. Once it's installed, follow the directions
896	in the README.gentoo.gz except do not add your aliases to /etc/mail/aliases.
897	We will instead be linking the entire alias db into postfix.)</comment>
898
899	# <i>zless /usr/share/doc/mailman-$ver/README.gentoo.gz</i>
900	</pre>	881	</pre>
901		882
902	<pre caption="Setting defaults: Mailman/Defaults.py">	883	<pre caption="Setting defaults: Mailman/Defaults.py">
903	# <i> nano -w /var/mailman/Mailman/Defaults.py</i>	884	# <i> nano -w /usr/local/mailman/Mailman/Defaults.py</i>
904	<comment>(Change the values below to reflect your primary domain, virtuals will be set next.)</comment>	885	<comment>(Change the values below to reflect your primary domain, virtuals will be set next.)</comment>
905	DEFAULT_EMAIL_HOST = 'domain.com'	886	DEFAULT_EMAIL_HOST = 'domain.com'
906	DEFAULT_URL_HOST = 'www.domain.com'	887	DEFAULT_URL_HOST = 'www.domain.com'
907	</pre>	888	</pre>
908		889
909	<pre caption="mailman config: mm_cfg.py">	890	<pre caption="mailman config: mm_cfg.py">
910	# <i>nano -w /var/mailman/Mailman/mm_cfg.py</i>	891	# <i>nano -w /usr/local/mailman/Mailman/mm_cfg.py</i>
911	MTA = "Postfix"	892	MTA = "Postfix"
912	POSTFIX_STYLE_VIRTUAL_DOMAINS = ['virt-domain.com', 'virt.domain2.com']	893	POSTFIX_STYLE_VIRTUAL_DOMAINS = ['virt-domain.com', 'virt.domain2.com']
913	add_virtualhost('www.virt.domain.com', 'virt.domain.com')	894	add_virtualhost('www.virt.domain.com', 'virt.domain.com')
914	add_virtualhost('www.virt.domain2.com', 'virt.domain2.com')	895	add_virtualhost('www.virt.domain2.com', 'virt.domain2.com')
915	<comment>(This is required for your virtual domains for mailman to function.)</comment>	896	<comment>(This is required for your virtual domains for mailman to function.)</comment>
916	</pre>	897	</pre>
917		898
918	<pre caption="And last but not least">	899	<pre caption="And last but not least">
919	<comment>(Once that's finished, add your first list.)</comment>	900	<comment>(Once that's finished, add your first list.)</comment>
920		901
921	# <i>su mailman</i>	902	# <i>su mailman</i>
922	# <i>cd ~</i>	903	# <i>cd ~</i>
923	# <i>bin/newlist test</i>	904	# <i>./bin/newlist --urlhost='www.virt-domain.com' --emailhost='virt-domain.com' test</i>
924	Enter the email of the person running the list: <i>your@email.address</i>	905	Enter the email of the person running the list: <i>your@email.address</i>
925	Initial test password:	906	Initial test password:
926	Hit enter to continue with test owner notification...	907	Hit enter to continue with test owner notification...
927	<comment>(Virtual domain lists may be specified with	908	<comment>(Virtual domain lists may also be specified with
928	list@domain.com style list names.)</comment>	909	list@domain.com style list names.)</comment>
929	# <i>bin/genaliases</i>	910	# <i>./bin/genaliases</i>
930	<comment>(Now that your aliases have been generated,	911	<comment>(Now that your aliases have been generated,
931	verify that they were added successfully.)</comment>	912	verify that they were added successfully.)</comment>
932		913
933	# <i>nano -w data/aliases</i>	914	# <i>nano -w data/aliases</i>
934	# STANZA START: test	915	# STANZA START: test
935	# CREATED:	916	# CREATED:
936	test: "\|/var/mailman/mail/mailman post test"	917	test: "\|/usr/local/mailman/mail/mailman post test"
937	test-admin: "\|/var/mailman/mail/mailman admin test"	918	test-admin: "\|/usr/local/mailman/mail/mailman admin test"
938	test-bounces: "\|/var/mailman/mail/mailman bounces test"	919	test-bounces: "\|/usr/local/mailman/mail/mailman bounces test"
939	test-confirm: "\|/var/mailman/mail/mailman confirm test"	920	test-confirm: "\|/usr/local/mailman/mail/mailman confirm test"
940	test-join: "\|/var/mailman/mail/mailman join test"	921	test-join: "\|/usr/local/mailman/mail/mailman join test"
941	test-leave: "\|/var/mailman/mail/mailman leave test"	922	test-leave: "\|/usr/local/mailman/mail/mailman leave test"
942	test-owner: "\|/var/mailman/mail/mailman owner test"	923	test-owner: "\|/usr/local/mailman/mail/mailman owner test"
943	test-request: "\|/var/mailman/mail/mailman request test"	924	test-request: "\|/usr/local/mailman/mail/mailman request test"
944	test-subscribe: "\|/var/mailman/mail/mailman subscribe test"	925	test-subscribe: "\|/usr/local/mailman/mail/mailman subscribe test"
945	test-unsubscribe: "\|/var/mailman/mail/mailman unsubscribe test"	926	test-unsubscribe: "\|/usr/local/mailman/mail/mailman unsubscribe test"
946	# STANZA END: test	927	# STANZA END: test
		928
		929	<comment>(Create the required mailman list)</comment>
		930	# <i>./bin/newlist mailman</i>
		931	# <i>./bin/genaliases</i>
		932
		933	<comment>(Return to the root user)</comment>
		934	# <i>exit</i>
947		935
948	# <i>/etc/init.d/mailman start</i>	936	# <i>/etc/init.d/mailman start</i>
949	# <i>rc-update add mailman default</i>	937	# <i>rc-update add mailman default</i>
950	<comment>(To start mailman at once and on every reboot.)</comment>	938	<comment>(To start mailman at once and on every reboot.)</comment>
951	</pre>	939	</pre>
…		…
955	owner_request_special = no	943	owner_request_special = no
956	recipient_delimiter = +	944	recipient_delimiter = +
957	<comment>(Read README.POSTFIX.gz for details on this.)</comment>	945	<comment>(Read README.POSTFIX.gz for details on this.)</comment>
958		946
959	alias_maps =	947	alias_maps =
960	hash:/var/mailman/data/aliases,	948	hash:/usr/local/mailman/data/aliases,
961	mysql:/etc/postfix/mysql-aliases.cf	949	mysql:/etc/postfix/mysql-aliases.cf
962		950
963	virtual_alias_maps =	951	virtual_alias_maps =
964	hash:/var/mailman/data/virtual-mailman,	952	hash:/usr/local/mailman/data/virtual-mailman,
965	mysql:/etc/postfix/mysql-virtual.cf	953	mysql:/etc/postfix/mysql-virtual.cf
966	<comment>(This adds mailman alias file support to postfix	954	<comment>(This adds mailman alias file support to postfix
967	You may of course use the mysql tables for this,	955	You may of course use the mysql tables for this,
968	but I hate doing that by hand. Also, if you are not	956	but I hate doing that by hand. Also, if you are not
969	using virtual domains, adding the virtual alias maps	957	using virtual domains, adding the virtual alias maps
970	to postfix may cause problems, be warned.)</comment>	958	to postfix may cause problems, be warned.)</comment>
…		…
1090	sure it's using the current version. Some of the components will dump their	1078	sure it's using the current version. Some of the components will dump their
1091	current config's to you, like postfix.	1079	current config's to you, like postfix.
1092	</p>	1080	</p>
1093		1081
1094	<pre caption="Some services can dump their current config">	1082	<pre caption="Some services can dump their current config">
1095	# <i>apachectl fullstatus</i> (needs lynx installed)	1083	# <i>apache2ctl fullstatus</i> (needs lynx installed)
1096	# <i>apachectl configtest</i> (checks config sanity)	1084	# <i>apache2ctl configtest</i> (checks config sanity)
1097	# <i>postconf -n</i> (will tell you exactly what param's postfix is using)	1085	# <i>postconf -n</i> (will tell you exactly what param's postfix is using)
1098	# <i>/etc/init.d/$service restart</i>	1086	# <i>/etc/init.d/$service restart</i>
1099	</pre>	1087	</pre>
1100		1088
1101	</body>	1089	</body>
…		…
1115		1103
1116	<pre caption="Checking the logs">	1104	<pre caption="Checking the logs">
1117	# <i>kill -USR1 `ps -C metalog -o pid=`</i>(to turn off metalog buffering)	1105	# <i>kill -USR1 `ps -C metalog -o pid=`</i>(to turn off metalog buffering)
1118	# <i>nano -w /var/log/mail/current</i>	1106	# <i>nano -w /var/log/mail/current</i>
1119	# <i>cat /var/log/mysql/mysql.log</i>	1107	# <i>cat /var/log/mysql/mysql.log</i>
1120	# <i>tail /var/log/apache/error_log</i>	1108	# <i>tail /var/log/apache2/error_log</i>
1121	</pre>	1109	</pre>
1122		1110
1123	<p>	1111	<p>
1124	You may also find the debug_peer parameters in main.cf helpful. Setting these	1112	You may also find the debug_peer parameters in main.cf helpful. Setting these
1125	will increase log output over just verbose mode.	1113	will increase log output over just verbose mode.
…		…
1208	<li>	1196	<li>
1209	<uri>http://www.google.com/</uri> - If all else fails, there's always	1197	<uri>http://www.google.com/</uri> - If all else fails, there's always
1210	google, which has never failed me	1198	google, which has never failed me
1211	</li>	1199	</li>
1212	<li>	1200	<li>
1213	I also spend a lot of time on irc.freenode.net #gentoo. Irc is a great	1201	I also spend a lot of time on <uri
1214	place to go for help.	1202	link="irc://irc.gentoo.org/gentoo">#gentoo</uri>. IRC is a great place to go
		1203	for help.
1215	</li>	1204	</li>
1216	</ul>	1205	</ul>
1217		1206
1218	</body>	1207	</body>
1219	</section>	1208	</section>

 Legend:



Removed from v.1.49
 


changed lines


 
Added in v.1.60
 Legend:



Removed from v.1.49
 


changed lines


 
Added in v.1.60
-Removed from v.1.49
+Added in v.1.60

	ViewVC Help
Powered by ViewVC 1.1.20