http://www.houseoflinux.com/e-mail/postfix-dovecot-mysql-squirrelmail-on-centos-5-5-32-64-bits
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
ab@linux-ab:~> ssh-copy-id -i ~/.ssh/id_rsa.pub root@109.123.122.82
ab@linux-ab:~> ssh root@109.123.122.82
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[root@mail ~]# netstat -nap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:199 0.0.0.0:* LISTEN 747/snmpd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 759/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 844/master
Postfix is working
[root@mail ~]# yum list installed | grep postfix
postfix.x86_64 2:2.6.6-2.2.el6_1 @updates
To make sure thaty Postfix was installed with MySQL support, run the command:
[root@mail ~]# postconf -m
btree
cidr
environ
hash
ldap
mysql
nis
pcre
proxy
regexp
static
unix
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[root@mail ~]# yum update -y
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Change hostname
[root@mail ~]# vi /etc/sysconfig/network
NETWORKING=”yes”
NETWORKING_IPV6=”no”
HOSTNAME=”mail.borys.pp.ua”
GATEWAY=”109.123.122.1″
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Installing
Add EPEL repository: (needed for squirrelmail)
[root@mail ~]# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm
[root@mail ~]# yum install mysql mysql-server httpd php php-mysql wget dovecot dovecot-mysql php-mbstring php-imap
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Installing MYSQL
[root@mail ~]# /etc/init.d/mysqld start
[root@mail ~]# /usr/bin/mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we’ll need the current
password for the root user. If you’ve just installed MySQL, and
you haven’t set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on…
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
… Success!
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
… Success!
Normally, root should only be allowed to connect from ‘localhost’. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y
… Success!
By default, MySQL comes with a database named ‘test’ that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
– Dropping test database…
… Success!
– Removing privileges on test database…
… Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
… Success!
Cleaning up…
All done! If you’ve completed all of the above steps, your MySQL
installation should now be secure.
Thanks for using MySQL!
[root@mail ~]# mysql -u root -pkntET864
Welcome to the MySQL monitor. Commands end with ; or \g.
Server version: 5.1.61 Source distribution
Then, follow the steps in the MySQL shell:
mysql> CREATE DATABASE mail;
Query OK, 1 row affected (0.00 sec)
mysql> GRANT ALL PRIVILEGES ON mail.* TO ‘mail’@’localhost’ IDENTIFIED BY ‘mail’;
Query OK, 0 rows affected (0.00 sec)
mysql> quit
Bye
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[root@mail ~]# mysql -u mail -pmail
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 19
Server version: 5.1.61 Source distribution
Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.
mysql> show databases;
+——————–+
| Database |
+——————–+
| information_schema |
| mail |
+——————–+
2 rows in set (0.00 sec)
mysql> quit
Bye
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Let’s create the aliases in httpd.conf so that we can use webmail and postfixadmin.
root@mail ~]# vi /etc/httpd/conf/httpd.conf
### WEBMAIL ###
Alias /squirrelmail /usr/share/squirrelmail/
<Directory /usr/share/squirrelmail/>
Options Indexes
AllowOverride none
DirectoryIndex index.php
Order allow,deny
allow from all
</Directory>
### POSTFIX ADMIN ###
Alias /postfixadmin /usr/share/postfixadmin/
<Directory /usr/share/postfixadmin/>
Options Indexes
AllowOverride none
DirectoryIndex index.php
Order allow,deny
allow from all
</Directory>
restart apache:
[root@mail ~]# /etc/init.d/httpd restart
Stopping httpd: [FAILED]
Starting httpd: httpd: Could not reliably determine the server’s fully qualified domain name, using mail.borys.pp.ua for ServerName
[ OK ]
Solution:
[root@mail ~]# vi /etc/httpd/conf/httpd.conf
ServerName borys.pp.ua
[root@mail ~]# /etc/init.d/httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Postfix
[root@mail ~]# vi /etc/postfix/main.cf
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
myhostname = mail.borys.pp.ua
mydomain = borys.pp.ua
myorigin = $myhostname
inet_interfaces = $myhostname, localhost
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain —закоментувати якщо використовуємо віртуальні домени
unknown_local_recipient_reject_code = 550
mynetworks_style = host
mynetworks = 109.123.122.0/24, 127.0.0.0/8
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.6.6/samples
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Adding VMAIL users and MySQL files.
+++++++++++++++++++++++++++++++++++++++
Let’s create VMail, which will be responsible for the delivery:
[root@mail ~]# useradd vmail -r -u 150 -g mail -d /var/vmail -s /sbin/nologin
[root@mail ~]# mkdir /var/vmail
[root@mail ~]# chmod 770 /var/vmail/
[root@mail ~]# chown vmail:mail /var/vmail/
————————————————
To create the MySQL configuration files that Postfix can “communicate” with it, follow these steps:
————————————————
[root@mail ~]# cd /etc/postfix
[root@mail postfix]# vi mysql_virtual_alias_maps.cf
——————–
user = mail
password = mail
hosts = localhost
dbname = mail
table = alias
select_field = goto
where_field = address
additional_conditions = and active = ‘1’
#query = SELECT goto FROM alias WHERE address=’%s’ AND active = ‘1’
——————–
[root@mail postfix]# vi mysql_virtual_domains_maps.cf
——————–
user = mail
password = mail
hosts = localhost
dbname = mail
table = domain
select_field = domain
where_field = domain
additional_conditions = and backupmx = ‘0’ and active = ‘1’
#query = SELECT domain FROM domain WHERE domain=’%s’ AND backupmx = ‘0’ AND active = ‘1’
———————
[root@mail postfix]# vi mysql_virtual_mailbox_limit_maps.cf
———————
user = mail
password = mail
hosts = localhost
dbname = mail
table = mailbox
select_field = quota
where_field = username
additional_conditions = and active = ‘1’
#query = SELECT quota FROM mailbox WHERE username=’%s’ AND active = ‘1’
———————-
[root@mail postfix]# vi mysql_virtual_mailbox_maps.cf
———————-
user = mail
password = mail
hosts = localhost
dbname = mail
table = mailbox
select_field = CONCAT(domain,’/’,maildir)
where_field = username
additional_conditions = and active = ‘1’
#query = SELECT CONCAT(domain,’/’,maildir) FROM mailbox WHERE username=’%s’ AND active = ‘1’
———————-
Edit /etc/postfix/master.cf and add the following
## DOVECOT ##
dovecot unix – n n – – pipe
flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d $(recipient)
[root@mail postfix]# vi /etc/postfix/master.cf
———————-
## DOVECOT ##
dovecot unix – n n – – pipe
flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d $(recipient)
———————–
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Configuring the dovecot:
++++++++++++++++++++++++++
[root@mail postfix]# yum install dovecot
[root@mail postfix]# mv /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf_old
[root@mail postfix]# vi /etc/dovecot/dovecot.conf
————————–
## Base Directory ##
base_dir = /var/run/dovecot/
## Protocols that he will run ##
protocols = imap imaps pop3 pop3s
log_timestamp = ‘%Y-%m-%d %H:%M:%S ‘
syslog_facility = mail
## SSL data ##
ssl_listen = localhost
ssl_cert_file = /etc/postfix/mail-cert.pem
ssl_key_file = /etc/postfix/mail-key.pem
ssl_parameters_regenerate = 168
verbose_ssl = no
mail_location = maildir:/var/vmail/%d/%u
mail_access_groups = mail
mail_debug = no
first_valid_uid = 150
last_valid_uid = 150
maildir_copy_with_hardlinks = yes
protocol imap {
}
protocol pop3 {
# Login executable location.
login_executable = /usr/libexec/dovecot/pop3-login
mail_executable = /usr/libexec/dovecot/pop3
pop3_uidl_format = %08Xu%08Xv
}
protocol lda {
sendmail_path = /usr/lib/sendmail
auth_socket_path = /var/run/dovecot/auth-master
}
auth_verbose = no
auth_debug = no
auth default {
mechanisms = plain
passdb pam {
}
passdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
userdb passwd {
}
userdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0600
user = vmail
group = mail
}
client {
path = /var/run/dovecot/auth-client
mode = 0660
user = vmail
group = mail
}
}
}
dict {
}
plugin {
}
——————————–
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Now let’s create the dovecot dovecot-sql.conf to communicate with MySQL
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[root@mail postfix]# vi /etc/dovecot/dovecot-sql.conf
———————————
driver = mysql
connect = host=localhost dbname=mail user=mail password=mail
# The new name for MD5 is MD5-CRYPT so you might need to change this depending on version
default_pass_scheme = MD5
# Get the mailbox
user_query = SELECT ‘/var/vmail/%d/%n’ as home, ‘maildir:/var/vmail/%d/%n’ as mail, 150 AS uid, 12 AS gid, concat(‘dirsize:storage=’, quota) AS quota FROM mailbox WHERE username = ‘%u’ AND active = ‘1’
# Get the password
password_query = SELECT username as user, password, ‘/var/vmail/%d/%n’ as userdb_home, ‘maildir:/var/vmail/%d/%n’ as userdb_mail, 150 as userdb_uid, 12 as userdb_gid FROM mailbox WHERE username = ‘%u’ AND active = ‘1’
# If using client certificates for authentication, comment the above
———————————-
[root@mail postfix]# chmod 600 /etc/dovecot/dovecot.conf (? 644)
[root@mail postfix]# chmod 600 /etc/dovecot/dovecot-sql.conf
[root@mail postfix]# chown vmail /etc/dovecot/dovecot.conf (vmail:mail ?)
[root@mail postfix]# chown vmail /etc/dovecot/dovecot-sql.conf
*********************************************************************
[root@mail borys.pp.ua]# ls -la /etc/dovecot/
total 24
drwxr-xr-x 3 root root 4096 Dec 30 21:32 .
drwxr-xr-x 64 root root 4096 Dec 28 23:00 ..
drwxr-xr-x 2 root root 4096 Dec 26 15:09 conf.d
-rw——- 1 vmail root 1213 Dec 28 21:27 dovecot.conf
-rw-r–r– 1 root root 3455 Dec 30 2010 dovecot.conf_old
-rw——- 1 vmail root 719 Dec 26 15:29 dovecot-sql.conf
it works
+++++++++++++++++++++++++++++++++++++++++++++++++++++
Let’s install the postfix admin: http://sourceforge.net/projects/postfixadmin/files/postfixadmin/ – latest version
+++++++++++++++++++++++++++++++++++++++++++++++++++++
[root@mail postfix]# cd ~
[root@mail ~]# mkdir postfixadmin
[root@mail ~]# cd postfixadmin/
[root@mail postfixadmin]# wget http://sourceforge.net/projects/postfixadmin/files/postfixadmin/postfixadmin-2.3.5/postfixadmin-2.3.5.tar.gz/download
[root@mail postfixadmin]# tar -zxvf postfixadmin-2.3.5.tar.gz
[root@mail postfixadmin]# mv postfixadmin-2.3.5 /usr/share/postfixadmin
[root@mail postfixadmin]# cd /usr/share/postfixadmin
[root@mail postfixadmin]# vi config.inc.php
And change the following fields:
————————————
$CONF[‘configured’] = true;
$CONF[‘database_type’] = ‘mysql’;
$CONF[‘database_host’] = ‘localhost’;
$CONF[‘database_user’] = ‘mail’;
$CONF[‘database_password’] = ‘mail’;
$CONF[‘database_name’] = ‘mail’;
$CONF[‘database_prefix’] = ”;
————————————
Now go to http://109.123.122.82/postfixadmin/setup.php and configure it.
Change setup password
kntET864
If you want to use the password you entered as setup password, edit config.inc.php and set
$CONF[‘setup_password’] = ‘eb8fcd9a00b5d24e6d28aee85e50bc2c:63d7e5a7359b0fc02fcbda262b24224c96cf4765’;
Admin has been added! -Don’t forget to add admin email
(admin@borys.pp.ua)
kntET864
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
Check selinux
[root@mail postfixadmin]# vi /etc/selinux/config
————————————
SELINUX=disabled
————————————–
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Check Iptabes
————————————-
[root@mail postfixadmin]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
—————————————–
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Login to postfixadmin as admin@borys.pp.ua and password kntET864 and add mail domain.
http://borys.pp.ua/postfixadmin/login.php
Domain list >> New Domain >> borys.pp.ua
Add default mail aliases: yes
Creating first email account:
Virtual list >> Add Mailbox >> ab
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Configuring and Customizing SquirrelMail
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[root@mail postfixadmin]# yum install squirrelmail
[root@mail postfixadmin]# /usr/share/squirrelmail/config/conf.pl
——————————————
2. Server Settings
Domain name borys.pp.ua
D select dovecot
Save and quit
——————————————sq
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Generating SSL, tips and conclusion
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[root@mail postfixadmin]# cd /etc/postfix/
[root@mail postfix]# openssl genrsa 1024 > mail-key.pem
Generating RSA private key, 1024 bit long modulus
……………….++++++
……++++++
e is 65537 (0x10001)
[root@mail postfix]# chmod 400 mail-key.pem
[root@mail postfix]# openssl req -new -x509 -nodes -sha1 -days 365 -key mail-key.pem > mail-cert.pem
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [XX]:UA
State or Province Name (full name) []:Lviv
Locality Name (eg, city) [Default City]:Lviv
Organization Name (eg, company) [Default Company Ltd]:Borys Ltd
Organizational Unit Name (eg, section) []:vps
Common Name (eg, your name or your server’s hostname) []:borys.pp.ua
Email Address []:admin@borys.pp.ua
[root@mail postfix]# /etc/init.d/dovecot restart
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Error:
Aug 16 22:29:33 mail postfix/smtpd[1127]: NOQUEUE: reject: RCPT from demohost.pp.ua[174.127.127.173]: 554 5.7.1 <admin@borys.pp.ua>: Relay access denied; from=<ab@demohost.pp.ua> to=<admin@borys.pp.ua> proto=ESMTP helo=<demohost.pp.ua>
Aug 16 22:29:44 mail postfix/smtpd[1127]: disconnect from demohost.pp.ua[174.127.127.173]
Aug 16 22:32:07 mail dovecot: pop3-login: Aborted login (tried to use disabled plaintext auth): rip=174.127.127.173, lip=109.123.122.82
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Error:
http://109.123.122.82/squirrelmail/
You don’t have permission to access /squirrelmail on this server.
Error.log: [Sat Aug 18 14:39:21 2012] [error] [client 194.44.160.178] Options FollowSymLinks or SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbidden: /usr/share/squirrelmail/index.php
Solution:
The http doesn’t support ssl connections. Enable it, or:
[root@mail ~]# vi /etc/httpd/conf.d/squirrelmail.conf and comment following lines:
#
# SquirrelMail is a webmail package written in PHP.
#
Alias /webmail /usr/share/squirrelmail
<Directory “/usr/share/squirrelmail/plugins/squirrelspell/modules”>
Deny from all
</Directory>
# this section makes squirrelmail use https connections only, for this you
# need to have mod_ssl installed. If you want to use unsecure http
# connections, just remove this section:
#<Directory /usr/share/squirrelmail>
# RewriteEngine on
# RewriteCond %{HTTPS} !=on
# RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
#</Directory>
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Error:
<ab@borys.pp.ua>: host mail.borys.pp.ua[109.123.122.82] said: 554 5.7.1
<ab@borys.pp.ua>: Relay access denied (in reply to RCPT TO command)
Solution:
This is happening because Postfix is receiving e-mail for a domain for which it doesn’t expect to handle mail. Add the domains to the mydestination parameter in /etc/postfix/main.cf:
mydestination = domain.com, domain2.com, domain3.com
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Error: The mail system
<ab@borys.pp.ua>: unknown user: “ab”
Solution:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Error:
Dec 28 23:12:12 mail postfix/virtual[8922]: DFD8F42077: to=<andy@borys.pp.ua>, relay=virtual, delay=499, delays=498/0.05/0/0.03, dsn=4.2.0, status=deferred (maildir delivery failed: create maildir file /var/vmail/borys.pp.ua/andy@borys.pp.ua/tmp/1356736332.P8922.mail.borys.pp.ua: Permission denied)
Solution:
Check
# vi /etc/postfix/main.cf
virtual_transport = virtual
change to
virtual_transport = dovecot
or:
[root@mail var]# vi /etc/postfix/main.cf
and change
virtual_minimum_uid = 150
virtual_uid_maps = static:150
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Error:
http://109.123.122.82/squirrelmail/
Forbidden
You don’t have permission to access /squirrelmail/ on this server.
Solution:
[root@mail html]# yum install mod_ssl
See above
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Error:
Mailserver can send email, but can’t receive. There are no errors in the error.log.
Check /var/vmail/domainname directory. If you see two similar mailboxes, first only name, second – name@domainname, it means that you have bad transport in postfix configuration.
Solution:
# vi /etc/postfix/main.cf
virtual_transport = virtual
change to
virtual_transport = dovecot
Recreate domain via postfixadmin. Should work.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
