This document describes a configuration of Gentoo Linux that is designed to be a functional ISP email server. It starts of describing how to get the necessary packages (Postfix,SASL2,Courier-IMAP,PosrgreSQL) working together. Additionally installation of SquirrelMail is discussed to give web based mail features.
Features
Besides the high level of quality, reliability and standard compliance these packages provide one also gets:
- Centralized login across all packages
- Maildir stored messages
- Support for multiple domains, ISP style
- Web Access to email
Installing Postfix, SASL2, Dovecot and Sqlite
If you're not on Gentoo this might be complicated, for Gentoo do this:
root@mail # emerge -av postfix mail-mta/postfix-2.10.0 USE="berkdb -cdb -doc dovecot-sasl* -hardened ldap -ldap-bind -mbox -memcached -mysql -nis -pam -postgres sasl (-selinux) sqlite* ssl -vda"
System Configuration
This configuration requires a user to own the database and all the virtual domains that will receive mail.
# the user nuntius root@mail # groupadd nuntius root@mail # useradd -g nuntius nuntius # This wil be the base directory for all domains and addresses root@mail # mkdir /var/spool/nuntius root@mail # chown nuntius:nuntius /var/spool/nuntius
PostgreSQL Setup and Configuration
PostgreSQL will need database and one table to contain the mailbox information.
Also the configuration files postgresql.conf, pg_hba.conf will need to be edited.
Make the Database
root@mail # psql -U postgres template1
template1=# create user nuntius;
template1=# create database nuntius with owner nuntius;
template1=# \c nuntius nuntius
nuntius=> CREATE TABLE mailbox (
id serial NOT NULL,
username character varying(64) NOT NULL,
"domain" character varying(64) NOT NULL,
"password" character varying(64),
maildir character varying(256),
alias character varying(32)
);
PostgreSQL Configuration Files
Changes are made to postgresql.conf and pg_hba.conf, the outputs are below in unified diff output. log_statement is set to true for now to see the outputs and debug the setup, remove this when done!
# postgresql.conf log_statement = true # pg_hba.conf local nuntius nuntius trust
Now start PostgreSQL with /etc/init.d/postgresql start.
SASL2 Setup and Configuration
Sasl will need to know how to authorize users, edit /etc/sasl2/smtpd.conf to read as follows.
root@mail # cat /etc/sasl2/smtpd.conf # Nuntius Configuration pwcheck_method: auxprop mech_list: PLAIN CRAM-MD5 DIGEST-MD5 LOGIN allowanonymouslogin: no allowplaintext: no sasl_auxprop_plugin: sql sql_engine: pgsql # Leave commented out to use the unix socket #sql_hostnames: localhost sql_database: nuntius sql_user: nuntius # Not present means no password #sql_passwd: sql_select: SELECT password FROM mailbox WHERE username = '%u' AND domain = '%r'
Gentoo also places the startup information for saslauthd in to /etc/conf.d/saslauthd, change it to read like this:
SASLAUTHD_OPTS="-a pam"
Postfix Setup and Configuration
On Gentoo all the postfix configuration is stored in /etc/postfix.
Three files must be made to describe the configuration to use PostgreSQL.
main.cf is modified to use these files.
Edit /etc/mail/alias properly and create these auxiliary configuration files as indicated.
root@mail # cat /etc/postfix/virtual_domains.cf # Virtual domain config to use postgresql backend user = nuntius password = dbname = nuntius table = mailbox select_field = domain where_field = domain root@mail # cat /etc/postfix/virtual_mailbox.cf # Virtual mailbox config to use postgresql backend user = nuntius password = dbname = nuntius table = mailbox select_field = maildir where_field = username root@mail # cat /etc/postfix/virtual_alias.cf # Virtual alias config using postgresql backend user = nuntius password = dbname = nuntius table = mailbox select_field = alias where_field = username
Postfix must now be configured to use the files, edit main.cf as follows. Only additions to the configuration are listed, the reader must use their best judgement for other configuration parameters in this file.
The ids of the nuntius user and group will need to be known, 1000 and 407 are for example only.
root@mail # id nuntius uid=1000(nuntius) gid=407(nuntius) groups=407(nuntius)
# /etc/postfix/main.cf changes # Changes these three once live debug_peer_level = 3 debug_peer_list = 192.168.42.0/24 debugger_command = /usr/bin/strace -Ff -p $process_id -s 128 >/tmp/strace.smtpd 2>&1 & sleep 5 mail_spool_directory = /var/spool/nuntius mydomain = edoceo.com myhostname = nuntius.edoceo.com show_user_unknown_table_name = no # PostgreSQL Stuffs virtual_transport = virtual virtual_uid_maps = static:1000 virtual_gid_maps = static:407 virtual_mailbox_base = /var/spool/nuntius virtual_mailbox_domains = pgsql:/etc/postfix/virtual_domains.cf virtual_mailbox_maps = pgsql:/etc/postfix/virtual_mailbox.cf virtual_alias_maps = pgsql:/etc/postfix/virtual_alias.cf # SASL2 Configuration broken_sasl_auth_clients = no smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = edoceo.com smtpd_sasl_security_options = noanonymous smtpd_sasl_application_name = smtpd
Now say postalias hash:/etc/mail/aliases to update the alias database and then /etc/init.d/postfix start to startup postfix.
# Mail Mail Dirs mkdir /var/spool/nuntius/edoceo.com maildirmake /var/spool/nuntius/edoceo.com/busby chown -R nuntius:nuntius /var/spool/nuntius/edoceo.com
Courier IMAP Configuration
# /etc/courier-imap/authdaemonrc authmodulelist="authpgsql" # /etc/courier-imap/authpgsqlrc PGSQL_HOST /tmp PGSQL_PORT 5432 PGSQL_USERNAME nuntius PGSQL_PASSWORD PGSQL_DATABASE nuntius # Fields PGSQL_USER_TABLE mailbox PGSQL_CLEAR_PWFIELD password PGSQL_LOGIN_FIELD username || '@' || domain PGSQL_MAILDIR_FIELD maildir # Makes postgres select a constant PGSQL_UID_FIELD 1000 PGSQL_GID_FIELD 407 PGSQL_HOME_FIELD '/var/spool/nuntius/'
Adding SquirrelMail
Emerge SquirrelMail to install this nifty package to allow users to have web mail! How can you not! SquirrelMail is so easy to setup, a few simple configuration changes and it's running.
nuntius root # cat /etc/make.conf |grep USE USE="-* crypt pam perl php postgres sasl ssl xml xml2" nuntius root # emerge squirrelmail
After this installs you'll need to need to configure SquirrelMail. Edit /var/www/localhost/htdocs/squirrelmail/config/config.php like below.
// Used edoceo.com for us, holds multiple domains, this is only default $domian = 'domain.com' // Like to use local sendmail $useSendmail = true; $sendmail_path = '/usr/sbin/sendmail'; // If using SMTP and it is a different box say so here $smtpServerAddress = 'localhost'; $smtpPort = 25;
We wanted to have the SquirrelMail right at the root of the server so we had to adjust Apache2 as follows.
# from /etc/conf.d/apache2 APACHE2_OPTS="-D PHP4" # from /etc/apache2/conf/apache2.conf DocumentRoot /var/www/localhost/htdocs/squirrelmail
And that is that.
See Also
- Postfix with Cyrus SASL2 - How to configure this at a basic level
- Postfix Spam Filtering
- How To: OpenDKIM - Use OpenDKIM for better email integrity
- BACKSCATTER_README
- Postfix - SMTP services
- Carnegie Mellon SASL - aka Cyrus SASL
- Courier IMAP - POP3 and IMAP services
- PostgreSQL - the database backend
- Postfix+SASL2+Courier-IMAP+QUOTA+PostgreSQL HOW-TO - in Portugese
- Postfix RelayHost
- Postfix SMTP AUTH (and TLS) HOWTO - for RedHat
- RFCs 821, 822, 1123, 1869, 1891, 1892, 1893, 1894, 1985, 2034, 2045, 2142, 2476, 2554 - Email related RFCs
Change Log
- 2006-10-16 - Updated configuration information, merged Anti-UCE/SPAM into here
- 2005-01-04 - Renamed to Nuntius Basic from Gentoo Postfix+SASL... /djb
- 2004-12-12 - Created, first Nuntius server online /djb