Progetto

Generale

Profilo

EnPostfixAdminInst » Cronologia » Versione 3

Versione 2 (Amministratore Truelite, 01-10-2009 14:29) → Versione 3/26 (Amministratore Truelite, 01-10-2009 15:46)

[[TracNav(EnTOC)]] 

 == A mail server with Postfixadmin, Postfix and Dovecot on Debian Lenny == 

 This HOWTO will explain the installation and configuration of a full featured mail server using Postfix as SMTP server, Dovecot as POP/IMAP server and Postfixadmin as management interface. As Postfixadmin need a database to maintain account and domain informations we will use MySQL (but also PostgresSQL or SQLite can be used). All the configurations were done on a Debian Lenny system. 

 === Postfixadmin Installation === 

 Postfixadmin is distributed as Debian package directly by the maintainer, but we need to download just the {{{.deb}}} file from [http://sourceforge.net/project/showfiles.php?group_id=191583&package_id=225300 here] because there is no repository. Before installing it we will need to install some dependencies (a web server, and because we want to use it on a standalone server, also a database server). We choose to use Apache as web server and MySQL as database server, so we will need to install their packages and also the other Postfixadmin dependencies; this can be done the Debian way with the command: 
 {{{ 
 aptitude install dbconfig-common wwwconfig-common    \ 
       libapache2-mod-php5 php5 php5-imap php5-mysql \ 
       mysql-client mysql-server postfix-mysql 
 }}} 
 and we will also have to answer to the ordinary setup questions made by ''debconf''; we can just accept the default values, but we will have to give a password for the default MySQL {{{root}}} administrative account. 

 Before installing the Postfixadmin {{{.deb}}} file we will also need to create a dedicated database and a database account to manage it; we can do this with the following commands: 
 {{{ 
 mysqladmin -u root -p create postfixadmin 
 mysql -u root -p 
 mysql> grant create, select, insert, update, delete, lock, index, alter, drop  
              on postfixadmin.* to 'postfixadmin'@'localhost'  
              identified by 'secretandcomplexpassword'; 
 mysql> flush privileges; 
 mysql> \q 
 }}} 
 (they will ask for the {{{root}}} account password that was given in the previous step). After this we can install the {{{.deb}}} file with: 
 {{{ 
 dpkg -i postfixadmin_*.deb  
 }}} 

 There are two possible choices for Postfixadmin: the 2.2 stable version and the new 2.3 release candidate; this last one supports more features and is almost production ready. If you use the 2.2 stable version you will need to modify the following lines of the {{{/etc/postfixadmin/config.inc.php}}} file to setup the access to the previously created database: 
 {{{ 
 $CONF['configured'] = true; 
 ... 
 $CONF['database_type'] = 'mysql'; 
 $CONF['database_host'] = 'localhost'; 
 $CONF['database_user'] = 'postfixadmin'; 
 $CONF['database_password'] = 'secretandcomplexpassword'; 
 $CONF['database_name'] = 'postfixadmin'; 
 }}} 

 If instead you use the 2.3 development version, having {{{dbconfig-common}}} e {{{wwwconfig-common}}} installed,    the previous step of the database creation is managed by the package itself and it is no more needed. Also the database access configuration inside {{{/etc/postfixadmin/config.inc.php}}} is automatically done by ''debconf'', so all is needed is to give to ''debconf'' the password of the MySQL {{{root}}} user that you setup at the beginning, and then answer to the ''debconf'' questions about the password used for the Postfixadmin dedicated database user. 

 After this we you can proceed to populate the database, this will should be done by using Postfixadmin itself, using the following link in a your browser (we (you can use the same link for database upgrade with new Postfixadmin version or to reset the Postfixadmin superuser password): 
 {{{ 
 http://MY.POSTFIXADMIN.SERVER.IP/postfixadmin/setup.php 
 }}} 

 Up 
 up to 2.2 version this PHP script should be run once, and then the removed after its use. With use; with the 2.3 version when using it is used for the first time it would ask you for a setup password, and then print printing an hashed value that must be you will need to put inside {{{/etc/postfixadmin/config.inc.php}}}; the browser will show {{{/etc/postfixadmin/config.inc.php}}} file, modifying the line that should replace this one: following line: 
 {{{ 
 $CONF['setup_password'] = 'changeme'; 
 }}} 

 With 
 with this modification done we can you will need to re-execute the script going back to {{{http://MY.POSTFIXADMIN.SERVER.IP/postfixadmin/setup.php}}}; this time you can use give the setup password to create an administrative the superuser Postfixadmin account having full access to all management functions. It should be noted functions: take note that like all Postfixadmin accounts account this also this one should be given in the form of an email address (i.e. something (something like {{{admin@mydomain.it}}}). 

 To check that this initial setup has been completed successfully we you can see if everything is working fine going to the {{{http://MY.POSTFIXADMIN.SERVER.IP/postfixadmin}}} address and address, logging in using the superuser account we you just created.    After this check we you can proceed doing some more specific configuration; pass to the following steps; the first one is to put proper references to our your main domain in the web interface; this can be done with the following commands: with: 
 {{{ 
 cd /etc/postfixadmin/ 
 mv config.inc.php config.inc.php.orig 
 sed -e 's/change-this-to-your.domain.tld/mydomain.it/g' config.inc.php.orig > config.inc.php 
 }}} 
 and to be sure then we can check the file to see if be sure that all link to web pages are correct (they will be always something like  
 {{{http://mydomain.it}}}). 

 An important The second step is to configure the mailbox pathname that will be used by both Postfix and Dovecot, pathname, we choose to map an email account like {{{username@mydomain.it}}}) to a mailbox pathname like {{{mydomain.it/username}}}, to do this we have to put the following configuration values in the {{{/etc/postfixadmin/config.inc.php}}} file: 
 {{{ 
 $CONF['domain_path'] = 'YES'; 
 $CONF['domain_in_mailbox'] = 'NO'; 
 }}} 

 Then if you want to enable quotas we will you need to modify also the following line: 
 {{{ 
 $CONF['quota'] = 'YES'; 
 }}} 
 and if you want to enable the {{{vacation}}} support we you will need to modify the following lines: 
 {{{ 
 $CONF['vacation'] = 'YES'; 
 $CONF['vacation_domain'] = 'autoreply.mydomain.it' 
 }}} 
 where {{{autoreplay.mydomain.it}}} is the domain used by Postfix to manage {{{vacation}}} email (we'll look at this in the following).   

    Other configuration lines that can be modified are the following: 
 {{{ 
 $CONF['default_language'] = 'it'; 
 $CONF['min_password_length'] = 6; 
 $CONF['aliases'] = '50'; 
 $CONF['mailboxes'] = '50'; 
 $CONF['maxquota'] = '50'; 
 }}} 
 respectively to setup the web interface language, a minimum length for the accounts password, and the default values for limit on number of alias, mailbox and megabytes for the quota. These last three will be proposed by the management interface when creating a new quota given to each domain (a 0 (0 means no limit). 

 If you install the 2.3 version there is a new simplified management for to have the same aliases on more domains; this need more database queries and a modified Postfix configuration, so is better to disable it; this can be done with the following line: it with: 
 {{{ 
 $CONF['alias_domain'] = 'NO'; 
 }}} 


 === Postfix configuration === 

 Having setup Postfixadmin to manage account and domain data inside MySQL, we We need then now to configure tell Postfix to use Postfixadmin data for email account and domains, the same data. The first step is to create a base directory where to put all mailboxes; for the mailboxes, and we will also need a system user that will own all the files. We So after checking that there is enough space on the choosen filesystem we can do this with the following commands: 
 {{{ 
 mkdir /var/mail/vmail 
 useradd -d /var/mail/vmail vmail 
 chown vmail:vmail /var/mail/vmail/ 
 chmod o-xr /var/mail/vmail/ 
 }}} 

 Then we need to tell Postfix to use the account informations stored in the database for its virtual mailbox management; mailbox; this can be done adding the following lines to {{{/etc/postfix/main.cf}}}: 
 {{{ 
 virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf 
 virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf 
 virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf 
 virtual_mailbox_base = /var/mail/vmail 
 virtual_minimum_uid = 106 
 virtual_transport = virtual 
 virtual_uid_maps = static:106 
 virtual_gid_maps = static:61 
 }}} 
 where 106 e 61 are the numeric uid and gid for the {{{vmail}}} user (these number can be different in each system so you have to check them yourself with something like {{{getent passwd|grep vmail}}}). 

 Then we need to create all the {{{mysql_*}}} files with the configuration to tell Postfix how to access to the database to get stored information; the    information it needs. The first file, one, {{{mysql_virtual_alias_maps.cf}}}, configure is for the access to the aliases definitions and it should be something like: 
 {{{ 
 user = postfixadmin 
 password = secretandcomplexpassword 
 hosts = localhost 
 dbname = postfixadmin 
 query = SELECT goto FROM alias WHERE address='%s' AND active = 1 
 }}} 
 the second file, one, {{{mysql_virtual_domains_maps.cf}}}, configure is for the access to the domain definitions, and it should be something like: 
 {{{ 
 user = postfixadmin 
 password = secretandcomplexpassword 
 hosts = localhost 
 dbname = postfixadmin 
 query = SELECT domain FROM domain WHERE domain='%s' and backupmx = '0' and active = '1' 
 }}} 
 the third file, one, {{{mysql_virtual_mailbox_maps.cf}}}, configure is for the access to the mailbox pathname, and it should be something like: 
 {{{ 
 user = postfixadmin 
 password = secretandcomplexpassword 
 hosts = localhost 
 dbname = postfixadmin 
 query = SELECT maildir FROM mailbox WHERE username='%s' AND active = 1 
 }}} 

 If we also want need to use Postfixadmin to manage secondary mail server we will need to add to {{{/etc/postfix/main.cf}}} the following line: using Postfixadmin    {{{main.cf}}} di Postfix la riga: 
 {{{ 
 relay_domains = $mydestination, proxy:mysql:/etc/postfix/mysql_relay_domains_maps.cf 
 }}} 
 where dove in {{{mysql_relay_domains_maps.cf}}} should be something like: dovrà essere qualcosa del tipo: 
 {{{ 
 user = postfixadmin 
 password = secretandcomplexpassword passsegretaedifficile 
 hosts = localhost 
 dbname = postfixadmin 
 query = SELECT domain FROM domain WHERE domain='%s' and backupmx = '1' and active = '1' 
 }}} 

 === Postfix Uso di vacation configuration === 

 If we want to manage Se si è scelto di usare {{{vacation}}} trough Postfixadmin message we need some additional Postfix configurations. As first step we need a system user dedicated to the automatic answer management with the lowest possible privileges; we can create it with the following commands: la configurazione diventa leggermente più complessa, anzitutto si deve creare un utente apposito per la gestione dei delle risposte automatiche, questo lo si può fare con i seguenti comandi che assicurano che l'utente abbia i minimi privilegi: 
 {{{ 
 groupadd -g 65501 vacation 
 useradd -g 65501 -u 65501 -c Vacation -s /sbin/nologin -d /nonexistent vacation 
 }}} 
 then we will need a dopo di che si dovrà creare una directory for temporary files accessible only for this user, we can create it with the following commands: ad accesso esclusivo di questo utente dove saranno mantenuti anche i suoi file temporanei, questo si fa con i comandi: 
 {{{ 
 mkdir /var/spool/vacation 
 chown -R vacation.vacation /var/spool/vacation 
 chmod o-xr /var/spool/vacation  
 }}} 

 The second step is to setup the vacation script, we need copy it (it's distributed with Postfixadmin) in the previous directory, this can be done with the following commands: 
 infine si dovrà copiare lo script perl fornito con [http://postfixadmin.sourceforge.net/ PostfixAdmin] nella suddetta directory e renderlo eseguibile: 
 {{{ 
 cd /usr/share/doc/postfixadmin/examples/VIRTUAL_VACATION/ 
 zcat vacation.pl.gz > /var/spool/vacation/vacation.pl 
 chmod 700 /var/spool/vacation/vacation.pl 
 }}} 
 to make the script work we will also need some perl modules; these can be installed with the command: per farlo funzionare sono però necessari una serie di moduli per il perl, che si dovranno installare con: 
 {{{ 
 aptitude install libemail-valid-perl libmime-encwords-perl libmime-perl \ 
          libmail-sender-perl liblog-log4perl-perl 
 }}} 
 last we will need to setup the inoltre si dovranno modificare le prime righe dello script to access to the dove sono impostate le credenziali di accesso al database, this can be done modifying the following lines at the beginning of it (we must use the same values used in the Postfixadmin configuration): con qualcosa del genere: 
 {{{ 
 our $db_type = 'mysql'; 
 our $db_host = 'localhost'; 
 our $db_username = 'postfixadmin'; 
 our $db_password = 'secretandcomplexpassword'; 'passsegretaedifficile'; 
 our $db_name       = 'postfixadmin'; 

 our $vacation_domain = 'autoreply.mydomain.it'; 'autoreply.miodominio.it'; 
 }}} 

 The last step is the Postfix configuration; we will need to setup Occorre poi eseguire una configurazione ulteriore di Postfix, anzitutto occorre definire un nuovo tipo di trasporto ad uso di vacation, aggiungendo le righe seguenti a new transport for {{{vacation}}}, so we need to add to {{{/etc/postfix/master.cf}}} the following lines: {{{/etc/postfix/master.cf}}}: 
 {{{ 
 vacation      unix    -         n         n         -         -         pipe 
   flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f ${sender} -- ${recipient} 
 }}} 
 and the we will need to use this transport for all mail directed to the special {{{autoreply.mydomain.it}}} domain, so first we need to put in {{{/etc/postfix/transport}}} the following line: dopo di che si dovrà utilizzarlo per il trasporto delle email indirizzate ad {{{autoreply.miodominio.it}}}, definendo dentro {{{/etc/postfix/transport}}}: 
 {{{ 
 autoreply.mydomain.it autoreply.miodominio.it         vacation: 
 }}} 
 and then add to {{{/etc/postfix/main.cf}}} the following line: ed infine aggiungere a {{{/etc/postfix/main.cf}}}: 
 {{{ 
 transport_maps = hash:/etc/postfix/transport 
 }}} 
 this done we can tell fatto questo si dovrà fare usare a Postfix to use the new configuration with the following commands: la nuova configurazione con: 
 {{{ 
 postmap /etc/postfix/transport 
 postfix reload 
 }}} 


 === Configurare Dovecot configuration per Postfixadmin === 

 To make emails available to usera we well need a POP/IMAP server, we choose to use Per l'accesso alla posta mantenuta da Postfixadmin è necessario un server IMAP, vedremo allora come configurare Dovecot che fornisce comunque anche l'accesso con POP, ed il tutto sia in chiaro che con cifratura sotto SSL.    Si inizi anzitutto con l'installare le varie componenti di Dovecot, so we will need to install it with: questo si fa al solito con: 
 {{{ 
 aptitude install dovecot-imapd dovecot-pop3d 
 }}} 

 Then we will need to tell Dovecot where to find the email and how to authenticate user. The first step is to modify the default configuration to access to the 
 la configurazione di base dovrà essere modificata anzitutto per il fatto che la posta deve essere trovate in delle maildir a partire dalla directory {{{/var/mail/vmail}}} directory as the user {{{vmail}}}, this can be done putting the following lines ed acceduta con l'utente    {{{vmail}}} creato in precedenza, nel nostro caso questo comporta la modifica delle seguenti righe de file di configurazione principale che è {{{/etc/dovecot/dovecot.conf}}}: 
 {{{ 
 mail_location = maildir:/var/mail/vmail/%d/%n 
 mail_privileged_group = vmail 
 first_valid_uid = 106 
 }}} 
 where (dove 106 is the {{{vmail}}} uid (as before this could be). è l'uid dell'utente {{{vmail}}}).  

 Occorre poi disabilitare l'autenticazione sugli utenti locali (via PAM) ed utilizzare i dati di MySQL, questo comporta la sostituzione delle direttive {{{userdb}}} e {{{passdb}}} che fan riferimento a PAM con le seguenti che indicano il file da usare per i parametri di accesso al database: 
 {{{ 
   passdb sql { 
     args = /etc/dovecot/dovecot-mysql.conf 
   } 
   userdb sql { 
     args = /etc/dovecot/dovecot-mysql.conf 
   } 
 }}} 
 ed infine dovremo inserire nel file {{{/etc/dovecot/dovecot-mysql.conf}}} le necessarie configurazioni per l'accesso al database ed ai relativi dati, con un contenuto del tipo di: 
 {{{ 
 driver = mysql 
 connect = host=localhost dbname=postfixadmin user=postfixadmin password=passsegretaedifficile client_flags=0 
 default_pass_scheme = MD5 
 user_query = SELECT maildir, 106 AS uid, 61 AS gid FROM mailbox WHERE username = '%u' 
 password_query = SELECT password FROM mailbox WHERE username = '%u' AND active = '1'  
 }}} 
 (dove 106 e 61 sono uid e gid dell'utente {{{vmail}}}).