Skip to content
This repository was archived by the owner on Dec 28, 2018. It is now read-only.

How ToInstallon Debian Etch

Jump to bottom
hggh edited this page Sep 14, 2010 · 1 revision

You need the following packages from etch:

  • postfix
  • postfix-mysql
  • courier-authlib
  • courier-authlib-mysql
  • courier-imap
  • courier-pop (if you want POP3 also)
  • courier-maildrop
  • mysql-server-5.0
  • spamassassin
  • spamc
  • bogofilter (if you want to use bogofilter also)
  • archivemail (if you want to use mailarchive feature not ready yet)
  • fetchmail (if you want to use fetchmail feature)
  • amavisd-new
  • php5-imap
  • php5-mysql
  • php-pear
  • php-db
  • php-net-checkip
  • libapache2-mod-php5
  • apache2-mpm-prefork
  • libsasl2-modules
  • libsasl2
  • sasl2-bin
  • libdbd-mysql-perl
  • libdbi-perl
  • clamav-freshclam
  • clamav-daemon
  • php5-mhash
  • libemail-simple-perl
  • libemail-find-perl
  • libconfig-general-perl
  • libproc-pid-file-perl

You need the following packages from pear.php.net:

HowTo use this manual

I only list here changes in the configuration files.
This are only the parameters that the system needs. On my Mailserver there are many more options.
But this is not my job to explain here how to configure an perfect mailserver, because an perfect mailserver does not exists. For more information please read the developer documentation from the program!

Warning

This installation documentation is only for the version 0.04 and higher.

Databasesetup and Databaseusers

First you have to create the database, I call it mail_system. After this please insert the database dump into the new database.

You can find the dump file in your downloaded tarball or in the SVN.

For secuity reasons, you should use different databaseusers with different permissions to access the mail_system database.

Databaseusers:

  • for the webinterface
  • username: mail_web
  • all permissions to all tables
  • for the backendscripts
  • username: mail_backend
  • all permissions to all tables
  • for courier and postfix
  • username: mail_sys
  • SELECT permissions to mail_system.users’’, ‘’mail_system.domains’’ and ’’mail_system.forwardings
  • for Spamd to fetch the settings from the users
  • username: mail_spam
  • SELECT permissions to mail_system.spamassassin
  • for Amavis to check if the domain is local
  • username: mail_amavis
  • SELECT permissions to mail_system.domains

Useraccount for the mailboxes

You need one systemaccount and systemgroup that owns all maildirs from all users.

I prefer the username: vmail’’ (userid: *5000’’’) and the group ’’vmail’’ (groupid: ’5000*).

Homedirectory of the user vmail’’ is ’’/home/vmail within this directory the systems saves all mails.

The maildata from the user [email protected] can be found in: /home/vmail/foo.com/bar/Maildir


groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /home/vmail -m

Useraccount for Spamd

I have created an extra user for the Spamd. For secuity reasons is better if Spamd run not as user root!

Therefor I have created an user spammer that owns the Spamd process.

Install the webinterface

For the webinterface you need:

  • includes/
  • templates/
  • web/
  • smarty/
  • root.php

For security you should only allow your webserver to open the web/ directory.

I prefer the following setup:

Copy all files to /usr/local/cpves_webinterface/.
Than create an Alias in your webserver configuration, for Apache:


Alias /mailadmin /usr/local/cpves_webinterface/web/

Don’t forget to copy the includes/config.inc.default.php_’ to ’_includes/config.inc.php and customize the file.

The first user in the System is:

  • Username: admin
  • Password: mail

Install the backendscripts

The Perlscripts in the system_scripts/‘’ directory need to be executable. Customize the ’’mail_config.conf also!

The configuration file (mail_config.default.conf) for the backendscripts should copied to /etc/cpves/mail_config.conf’’. I suggest you to copy the ‘’config.inc.php’’ to ‘’/etc/cpves/’’ and create an symbolic link to the ’’includes/ directory.

The following scripts have to run as cronjob by the owner of the mailboxes (vmail): (default place for these scriptes: /usr/local/cpves/)

  • create_mailboxes.pl (run every 2- 5 minutes)
  • create_mailfilters.pl (run every 2- 5 minutes)
  • delete_mailbox.pl (run every 5-10 minutes)
  • create_fetchmail.pl (run every 10-15 minutes)
  • create_mailbox_size.pl (run every night)

The following scripts have to run as cronjob by root: (default place for these scriptes: /usr/local/cpves/)

  • sa_learn.pl (run every night at 00:00)

=h4. delete_mailbox.pl=

The script delete_mailbox.pl’’ needs an additional directory. You can configure it at the ‘’mail_config.conf’‘. Per default it is ’’/home/vmail_safe.

Please create this directory, and chown it to your vmail user.

Configure SASL2

file: /etc/postfix/sasl/smtpd.conf


pwcheck_method: saslauthd
auxprop_plugin: saslauthd
saslauthd_path: /var/run/saslauthd/mux
mech_list: plain login

file: /etc/default/saslauthd


START=yes
MECHANISMS="rimap"
OPTIONS="-m /var/spool/postfix/var/run/saslauthd/ -O 127.0.0.1 -r"

Configure Spamassassin (Spamd)

file: _ /etc/default/spamassassin_


ENABLED=1
OPTIONS="--create-prefs --max-children 5 --helper-home-dir -q -x -u spammer"

file: /etc/spamassassin/local.cf


report_safe 0
use_bayes 1
bayes_auto_learn 0
use_razor2              0
use_dcc                 0
use_pyzor               0
score SPF_PASS          0
score SPF_NEUTRAL       0
score SPF_FAIL          0
score SPF_SOFTFAIL      0
score SPF_HELO_PASS     0
score SPF_HELO_NEUTRAL  0
score SPF_HELO_FAIL     0
score SPF_HELO_SOFTFAIL 0

user_scores_dsn         DBI:mysql:mail_system:localhost

user_scores_sql_username        mail_spam

user_scores_sql_password        password

user_scores_sql_custom_query    SELECT preference, value FROM spamassassin WHERE username CONCAT ORDER BY username ASC

Configure CourierAuthlib
file: /etc/courier/authmysqlrc

MYSQL_SERVER            localhost
MYSQL_USERNAME          mail_sys
MYSQL_PASSWORD          password

MYSQL_DATABASE mail_system

MYSQL_USER_TABLE users

MYSQL_CRYPT_PWFIELD cpasswd
MYSQL_NAME_FIELD full_name

MYSQL_HOME_FIELD CONCAT,‘/’,SUBSTRING_INDEX(email,‘@’,1),‘/’)

MYSQL_UID_FIELD 5000
MYSQL_GID_FIELD 5000

MYSQL_LOGIN_FIELD email

MYSQL_AUXOPTIONS_FIELD CONCAT,“,disablepop3=”,if(p_pop3=0,1,0),“,disablewebmail=”,if(p_webmail=0,1,0))

MYSQL_WHERE_CLAUSE access=‘1’

file: /etc/courier/authdaemonrc


authmodulelist="authmysql"

Configure Postfix

file: /etc/postfix/main.cf


###E-Mail filter:
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,reject_unauth_destination

smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated


###SASL:

smtpd_sasl_auth_enable = yes

smtpd_sasl_security_options = noanonymous

smtpd_sasl_local_domain =

smtp_sasl_auth_enable = no

broken_sasl_auth_clients = yes


###Mysql:

alias_maps = mysql:/etc/postfix/mysql-virtual_forwardings.cf mysql:/etc/postfix/mysql-virtual_email2email.cf

virtual_alias_domains =

virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_forwardings.cf mysql:/etc/postfix/mysql-virtual_email2email.cf

virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domains.cf

virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailboxes.cf


#Maildrop as MDA

virtual_transport = maildrop

maildrop_destination_recipient_limit = 1

maildrop_destination_concurrency_limit = 1

file: /etc/postfix/mysql-virtual_mailboxes.cf


user = mail_sys
password = password
dbname = mail_system
table = users
select_field = CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')
where_field = email
hosts = 127.0.0.1

file: /etc/postfix/mysql-virtual_domains.cf


user = mail_sys
password = password
dbname = mail_system
table = domains
select_field = 'virtual'
where_field = dnsname
additional_conditions '1'
hosts = 127.0.0.1

file: /etc/postfix/mysql-virtual_email2email.cf


user = mail_sys
password = password
dbname = mail_system
table = users
select_field = email
where_field = email
additional_conditions '1'
hosts = 127.0.0.1

file: /etc/postfix/mysql-virtual_forwardings.cf


user = mail_sys
password = password
dbname = mail_system
table = forwardings
select_field = eto
where_field = efrom
hosts = 127.0.0.1

file /etc/postfix/master.cf


smtp      inet  n       -       y       -       -       smtpd

smtps     inet  n       –       n       –       –       smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes


maildrop  unix  –       n       n       –       –       pipe

  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}


amavis unix – - – - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes


127.0.0.1:10025 inet n – - – - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_bin_address=127.0.0.1

Configure Amavisd-new

You have to disable the Spamassassin in Amavisd because the MailSystem uses maildrop and Spamd.

You can disable Spamassassin in the Amavis configuration file /etc/amavis/conf.d/15-content_filter_mode.

Add the following lines to the /etc/amavis/conf.d/20-debian_defaults configuration file:

file: /etc/amavis/conf.d/20-debian_defaults


@lookup_sql_dsn = ( [ 'DBI:mysql:mail_system', 'mail_amavis', 'password' ] );
$sql_select_policy = 'SELECT "Y" as local FROM domains WHERE CONCAT("@",dnsname) IN (%k)';

You have to tag your virus information messages send by amavisd-new.

file: ’’/etc/amavis/en_US/template-virus-recipient.txt


Message-ID: <VR%i@%h>
X-Virus: CpVES

Please add the line X-Virus: CpVES after the line above. So maildrop can filter this mail.

more docs for other fetaures

Clone this wiki locally