edoceo

How To: Postfix Installation & Configuration Virtual Mailbox

This document describes a configuration of Gentoo Linux that is designed to be a functional ISP email server. It starts of describing how to get the necessary packages (Postfix,SASL2,Courier-IMAP,PosrgreSQL) working together. Additionally installation of SquirrelMail is discussed to give web based mail features.

Features

Besides the high level of quality, reliability and standard compliance these packages provide one also gets:

  • Centralized login across all packages
  • Maildir stored messages
  • Support for multiple domains, ISP style
  • Web Access to email

Installing Postfix, SASL2, Dovecot and Sqlite

If you're not on Gentoo this might be complicated, for Gentoo do this:

root@mail # emerge -av postfix
mail-mta/postfix-2.10.0  USE="berkdb -cdb -doc dovecot-sasl* -hardened ldap -ldap-bind -mbox -memcached -mysql -nis -pam -postgres sasl (-selinux) sqlite* ssl -vda"

System Configuration

This configuration requires a user to own the database and all the virtual domains that will receive mail.

# the user nuntius
root@mail # groupadd nuntius
root@mail # useradd -g nuntius nuntius
# This wil be the base directory for all domains and addresses
root@mail # mkdir /var/spool/nuntius
root@mail # chown nuntius:nuntius /var/spool/nuntius

PostgreSQL Setup and Configuration

PostgreSQL will need database and one table to contain the mailbox information. Also the configuration files postgresql.conf, pg_hba.conf will need to be edited.

Make the Database

root@mail # psql -U postgres template1
template1=# create user nuntius;
template1=# create database nuntius with owner nuntius;
template1=# \c nuntius nuntius
nuntius=> CREATE TABLE mailbox (
    id serial NOT NULL,
    username character varying(64) NOT NULL,
    "domain" character varying(64) NOT NULL,
    "password" character varying(64),
    maildir character varying(256),
    alias character varying(32)
);

PostgreSQL Configuration Files

Changes are made to postgresql.conf and pg_hba.conf, the outputs are below in unified diff output. log_statement is set to true for now to see the outputs and debug the setup, remove this when done!

# postgresql.conf
log_statement = true

# pg_hba.conf
local nuntius nuntius      trust

Now start PostgreSQL with /etc/init.d/postgresql start.

SASL2 Setup and Configuration

Sasl will need to know how to authorize users, edit /etc/sasl2/smtpd.conf to read as follows.

root@mail # cat /etc/sasl2/smtpd.conf
# Nuntius Configuration
pwcheck_method: auxprop
mech_list: PLAIN CRAM-MD5 DIGEST-MD5 LOGIN
allowanonymouslogin: no
allowplaintext: no

sasl_auxprop_plugin: sql

sql_engine: pgsql
# Leave commented out to use the unix socket
#sql_hostnames: localhost
sql_database: nuntius
sql_user: nuntius
# Not present means no password
#sql_passwd:
sql_select: SELECT password FROM mailbox WHERE username = '%u' AND domain = '%r'

Gentoo also places the startup information for saslauthd in to /etc/conf.d/saslauthd, change it to read like this:

SASLAUTHD_OPTS="-a pam"

Postfix Setup and Configuration

On Gentoo all the postfix configuration is stored in /etc/postfix. Three files must be made to describe the configuration to use PostgreSQL. main.cf is modified to use these files.

Edit /etc/mail/alias properly and create these auxiliary configuration files as indicated.

root@mail # cat /etc/postfix/virtual_domains.cf
# Virtual domain config to use postgresql backend
user = nuntius
password =
dbname = nuntius
table = mailbox
select_field = domain
where_field = domain

root@mail # cat /etc/postfix/virtual_mailbox.cf
# Virtual mailbox config to use postgresql backend
user = nuntius
password =
dbname = nuntius
table = mailbox
select_field = maildir
where_field = username

root@mail # cat /etc/postfix/virtual_alias.cf
# Virtual alias config using postgresql backend
user = nuntius
password =
dbname = nuntius
table = mailbox
select_field = alias
where_field = username

Postfix must now be configured to use the files, edit main.cf as follows. Only additions to the configuration are listed, the reader must use their best judgement for other configuration parameters in this file.

The ids of the nuntius user and group will need to be known, 1000 and 407 are for example only.

root@mail # id nuntius
uid=1000(nuntius) gid=407(nuntius) groups=407(nuntius)
# /etc/postfix/main.cf changes
# Changes these three once live
debug_peer_level = 3
debug_peer_list = 192.168.42.0/24
debugger_command = /usr/bin/strace -Ff -p $process_id -s 128 >/tmp/strace.smtpd 2>&1 & sleep 5

mail_spool_directory = /var/spool/nuntius
mydomain = edoceo.com
myhostname = nuntius.edoceo.com

show_user_unknown_table_name = no

# PostgreSQL Stuffs
virtual_transport = virtual
virtual_uid_maps = static:1000
virtual_gid_maps = static:407
virtual_mailbox_base = /var/spool/nuntius
virtual_mailbox_domains = pgsql:/etc/postfix/virtual_domains.cf
virtual_mailbox_maps = pgsql:/etc/postfix/virtual_mailbox.cf
virtual_alias_maps = pgsql:/etc/postfix/virtual_alias.cf

# SASL2 Configuration
broken_sasl_auth_clients = no
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = edoceo.com
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd

Now say postalias hash:/etc/mail/aliases to update the alias database and then /etc/init.d/postfix start to startup postfix.

# Mail Mail Dirs
mkdir /var/spool/nuntius/edoceo.com
maildirmake /var/spool/nuntius/edoceo.com/busby
chown -R nuntius:nuntius /var/spool/nuntius/edoceo.com

Courier IMAP Configuration

# /etc/courier-imap/authdaemonrc
authmodulelist="authpgsql"

# /etc/courier-imap/authpgsqlrc
PGSQL_HOST           /tmp
PGSQL_PORT           5432
PGSQL_USERNAME       nuntius
PGSQL_PASSWORD
PGSQL_DATABASE       nuntius
# Fields
PGSQL_USER_TABLE     mailbox
PGSQL_CLEAR_PWFIELD  password
PGSQL_LOGIN_FIELD    username || '@' || domain
PGSQL_MAILDIR_FIELD  maildir
# Makes postgres select a constant
PGSQL_UID_FIELD      1000
PGSQL_GID_FIELD      407
PGSQL_HOME_FIELD     '/var/spool/nuntius/'

Adding SquirrelMail

Emerge SquirrelMail to install this nifty package to allow users to have web mail! How can you not! SquirrelMail is so easy to setup, a few simple configuration changes and it's running.

nuntius root # cat /etc/make.conf |grep USE
USE="-* crypt pam perl php postgres sasl ssl xml xml2"
nuntius root # emerge squirrelmail

After this installs you'll need to need to configure SquirrelMail. Edit /var/www/localhost/htdocs/squirrelmail/config/config.php like below.

// Used edoceo.com for us, holds multiple domains, this is only default
$domian = 'domain.com'
// Like to use local sendmail
$useSendmail = true;
$sendmail_path = '/usr/sbin/sendmail';
// If using SMTP and it is a different box say so here
$smtpServerAddress = 'localhost';
$smtpPort = 25;

We wanted to have the SquirrelMail right at the root of the server so we had to adjust Apache2 as follows.

# from /etc/conf.d/apache2
APACHE2_OPTS="-D PHP4"

# from /etc/apache2/conf/apache2.conf
DocumentRoot /var/www/localhost/htdocs/squirrelmail

And that is that.

See Also

Change Log
  • 2006-10-16 - Updated configuration information, merged Anti-UCE/SPAM into here
  • 2005-01-04 - Renamed to Nuntius Basic from Gentoo Postfix+SASL... /djb
  • 2004-12-12 - Created, first Nuntius server online /djb

Loading Comments from Disqus...