/[gentoo]/xml/htdocs/doc/en/virt-mail-howto.xml
Gentoo

Diff of /xml/htdocs/doc/en/virt-mail-howto.xml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.8 Revision 1.9
1<?xml version = '1.0' encoding = 'UTF-8'?> 1<?xml version = '1.0' encoding = 'UTF-8'?>
2<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?> 2<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?>
3<guide link=" /doc/en/virt-mail-howto.xml" > 3<guide link=" /doc/en/virt-mail-howto.xml" >
4<title>Virtual Mailhosting System Guide</title> 4<title>Virtual Mailhosting System Guide</title>
5<author title="Author" > 5<author title="Author" >
6<mail link="ken@kickasskungfu.com" >Ken Nowack</mail> 6<mail link="antifa@gentoo.org" >Ken Nowack</mail>
7</author> 7</author>
8<author title="Author" > 8<author title="Author" >
9<mail link="ezra@kickasskungfu.com" >Ezra Gorman</mail> 9<mail link="ezra@revoltltd.org" >Ezra Gorman</mail>
10</author> 10</author>
11<abstract>This document details how to create a virtual mailhosting system based upon postfix, mysql, courier-imap, and cyrus-sasl. </abstract> 11<abstract>This document details how to create a virtual mailhosting system based upon postfix, mysql, courier-imap, and cyrus-sasl. </abstract>
12<version>1.0</version> 12<version>1.0</version>
13<date>30 April 2003</date> 13<date>30 April 2003</date>
14<!-- 14<!--
116<chapter> 116<chapter>
117<title>Cyrus-sasl</title> 117<title>Cyrus-sasl</title>
118<body> 118<body>
119<p>Next we're going to install cyrus-sasl. Sasl is going to play the role of actually passing your auth variables to pam, which will in turn pass that information to mysql for authentication of smtp users. For this howto, we'll not even try to verify that sasl is working until mysql is set up and contains a test user. Which is fine since we'll be authenticating against mysql in the end anyway.</p> 119<p>Next we're going to install cyrus-sasl. Sasl is going to play the role of actually passing your auth variables to pam, which will in turn pass that information to mysql for authentication of smtp users. For this howto, we'll not even try to verify that sasl is working until mysql is set up and contains a test user. Which is fine since we'll be authenticating against mysql in the end anyway.</p>
120<note>Now for some reason, sasl will not play nicely with pam against the shadow file. I banged my head against this problem for, well, a long time. If anyone knows why sasl will not auth against the shadow file in its current gentoo incarnation, please <mail link="ken@kickasskungfu.com" >email me</mail> as I'd love to hear a solution to this.</note> 120<note>Now for some reason, sasl will not play nicely with pam against the shadow file. I banged my head against this problem for, well, a long time. If anyone knows why sasl will not auth against the shadow file in its current gentoo incarnation, please <mail link="ken@kickasskungfu.com" >email me</mail> as I'd love to hear a solution to this.</note>
121<p>Just to get sasl installed is going to require a bit of hacking. Open up the ebuild file and change the configure flags to disable digest and cram. Here's why: mail clients will try to authenticate against the <e>first</e> method presented to it, usually cram-md5. Since we're not going to set that up, cram authentication will fail and most clients will not by default try another method. This is mostly due to the way mail clients are currently put together. So we're going to disable auth methods we're not using in order to not confuse the clients out there.</p>
122<pre caption="Configuring and installing the cyrus-sasl ebuild" > 121<pre caption="Configuring and installing the cyrus-sasl ebuild" >
123 # <i>cd /usr/portage/dev-libs/cyrus-sasl</i>
124 # <i>nano -w cyrus-sasl.$currentversion.ebuild</i>
125<codenote>Disable digest and cram as show below.</codenote>
126
127 econf \
128 --with-saslauthd=/var/lib/sasl2 \
129 --with-pwcheck=/var/lib/sasl2 \
130 --with-configdir=/etc/sasl2 \
131 --with-openssl \
132 --with-plugindir=/usr/lib/sasl2 \
133 --with-dbpath=/etc/sasl2/sasldb2 \
134 --with-des \
135 --with-rc4 \
136 --disable-krb4 \
137 --with-gnu-ld \
138 --enable-shared \
139 --disable-sample \
140 --enable-login \
141 --disable-cram \
142 --disable-digest \
143 ${myconf} || die &quot;bad ./configure&quot;
144
145 # <i>USE='-ldap -mysql' emerge cyrus-sasl</i> 122 # <i>USE='-ldap -mysql' emerge cyrus-sasl</i>
146<codenote>We don't have ldap and we're not using sasl's mysql capabilities </codenote> 123<codenote>We don't have ldap and we're not using sasl's mysql capabilities </codenote>
147<codenote>so we need to turn them off for this build.</codenote> 124<codenote>so we need to turn them off for this build.</codenote>
148</pre> 125</pre>
149<p>Next, edit <path>/var/lib/sasl2/smtp.conf</path>.</p> 126<p>Next, edit <path>/var/lib/sasl2/smtp.conf</path>.</p>
150<pre caption="Starting sasl" > 127<pre caption="Starting sasl" >
151 # <i>nano -w /var/lib/sasl2/smtp.conf</i> 128 # <i>nano -w /var/lib/sasl2/smtp.conf</i>
152 pwcheck_method: saslauthd 129 pwcheck_method: saslauthd
153 130 mech_list: LOGIN PLAIN
131<codenote>It's important to turn off auth mehtods we are not using.</codenote>
132<codenote>They cause problems for some mail clients.</codenote>
154 # <i>/etc/init.d/saslauthd start</i> 133 # <i>/etc/init.d/saslauthd start</i>
155</pre> 134</pre>
156</body> 135</body>
157</chapter> 136</chapter>
158<chapter> 137<chapter>
258 250-PIPELINING 237 250-PIPELINING
259 250-SIZE 10240000 238 250-SIZE 10240000
260 250-VRFY 239 250-VRFY
261 250-ETRN 240 250-ETRN
262 250-STARTTLS 241 250-STARTTLS
263 250-AUTH LOGIN PLAIN OTP 242 250-AUTH LOGIN PLAIN
264 250-AUTH=LOGIN PLAIN OTP 243 250-AUTH=LOGIN PLAIN
265 250-XVERP 244 250-XVERP
266 250 8BITMIME 245 250 8BITMIME
267 <i>^]</i> 246 <i>^]</i>
268 telnet> <i>quit</i> 247 telnet> <i>quit</i>
269</pre> 248</pre>
653<p> You should now be able to setup mailing lists for any domain on your box. Last note on this, make sure you run all mailman commands as the user mailman (<c>su mailman</c>) or else the permissions will be wrong and you'll have to fix them. Read the mailman doc's for more information on setting up and managing mailman lists.</p> 632<p> You should now be able to setup mailing lists for any domain on your box. Last note on this, make sure you run all mailman commands as the user mailman (<c>su mailman</c>) or else the permissions will be wrong and you'll have to fix them. Read the mailman doc's for more information on setting up and managing mailman lists.</p>
654</body> 633</body>
655</chapter> 634</chapter>
656<chapter> 635<chapter>
657<title>Content Filtering and Anti-Virus</title> 636<title>Content Filtering and Anti-Virus</title>
658<body><p>Coming soon...</p></body> 637<body><p>Coming soon...it would be done already but I need some perl help and testing to make it so. If you'd like to volunteer for that, please email me.</p></body>
659</chapter> 638</chapter>
660<chapter> 639<chapter>
661<title>Wrap Up</title> 640<title>Wrap Up</title>
662<body> 641<body>
663<p>Ok, you're all set, edit <path>/etc/postfix/master.cf</path> and turn off verbose mode for production use. You'll probably also want to add the services to your startup routine to make sure everything comes back up on a reboot. Make sure to add all the services you're using - apache, mysql, saslauthd, postfix, courier-imapd, courier-imapd-ssl, courier-pop3d, and courier-pop3d-ssl are all up to your decision on what access you want to provide. I generally have all the services enabled.</p> 642<p>Ok, you're all set, edit <path>/etc/postfix/master.cf</path> and turn off verbose mode for production use. You'll probably also want to add the services to your startup routine to make sure everything comes back up on a reboot. Make sure to add all the services you're using - apache, mysql, saslauthd, postfix, courier-imapd, courier-imapd-ssl, courier-pop3d, and courier-pop3d-ssl are all up to your decision on what access you want to provide. I generally have all the services enabled.</p>

Legend:
Removed from v.1.8  
changed lines
  Added in v.1.9

  ViewVC Help
Powered by ViewVC 1.1.20