Results tagged “fedora” from muse

Setting up a lightweight mail server

|

This document is based on the following documents:

This document describes the process of setting up a mail server on Fedora 10. The mail server uses dovecot for authentication and postfix for mail delivery. Postfix Admin is used to manage virtual domains and virtual users. Roundcube Mail is used for user to access their email accounts online. Of course everything depends on apache server and mysql.

Software packages used (dependencies not listed here): httpd, mysql, mysql-server, php, php-mysql, postfix, dovecot

Notable dependencies: php-imap, dovecot-mysql

Roundcube Mail have a lot dependencies, such as php-xml, php-xmlrpc and etc.

Configure Apache Server

# nano /etc/httpd/conf/httpd.conf

In order to reduce the memory usage and make our server more efficient, change the following:

Timeout 20
KeepAlive On
MaxKeepAliveRequests 200
KeepAliveTimeout 4
<IfModule prefork.c>
StartServers	   1
MinSpareServers    1
MaxSpareServers    5
ServerLimit	  50
MaxClients  	  50
MaxRequestsPerChild  2000
</IfModule>

We don't want indexing at all:

<Directory />
    Options -Indexes
    AllowOverride None
</Directory>

Now we are ready to start the server:

# service httpd start

Configure MySQL

After installing mysql, we must change the root password first:

# mysqladmin -u root password  'yourpassword'

Now we manage mysql databases using root login:

# mysqladmin -u root -p

If we are running tight on memory we should use small config file for mysql. And we would want to skip innodb and bdb too.

# cp /usr/share/mysql/my-small.cnf /etc/my.cnf

Now we are ready to start mysql server:

# service mysqld start

Configure Postfix Admin

The reason why we setup postfix admin first is because postfix gets the list of virutal users from mysql database, which can be easily edited by postfix admin. Remember that postfix admin uses innoDB (edit /etc/my.cnf accordingly)

Move into the directory you want to put postfix admin at.

# cd /var/www/html/

Get the latest release from SVN:

# svn co https://postfixadmin.svn.sourceforge.net/svnroot/postfixadmin/trunk postfixadmin 

Create a new user for postfix admin and grant access to mysql:

mysql> CREATE USER 'postfix'@'localhost' IDENTIFIED BY 'password';
mysql> GRANT ALL PRIVILEGES ON postfix.* to 'postfix'@'localhost';

Edit config.inc.php.

# nano config.inc.php

Edit the following:

$CONF['configured'] = true;
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfix';
$CONF['database_password'] = 'password';
$CONF['database_name'] = 'postfix';
$CONF['database_prefix'] = '';

And other things you may want to replace with your own.

Now we're ready to setup postfix admin. Go to http://localhost/postfixadmin/setup.php

Follow the instructions on that page. Fairly straight forward.

Configure Directories And Users

At this point we should think about where and how we are going to store mails and manage user accounts. Obviously in this case we will be using mysql, but there are other options too. Now let's create a user that will be used for all virtual users to login and store their mails.

# mkdir -p /home/vmail
# useradd -r -u 5000 -g mail -d /var/vmail -s /sbin/nologin -c "Virtual mailbox" vmail
# chown vmail.mail /home/vmail

Configure Dovecot

Now edit dovecot config file at /etc/dovecot.conf. I prefer nano.

SSL setup:

protocols = imap pop3 imaps pop3s
listen = *
ssl_listen = 
ssl_disable = no
ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem
ssl_key_file = /etc/pki/dovecot/private/dovecot.pem

Set the local user dovecot will use.

mail_location = maildir:/home/vmail/%u
first_valid_uid = 5000
last_valid_uid = 5000
first_valid_gid = 12
last_valid_gid = 12

Settings for protocols.

protocol imap {
  mail_plugins = quota imap_quota trash expire
  imap_client_workarounds = outlook-idle delay-newmail
}
protocol pop3 {  
  pop3_uidl_format = %08Xu%08Xv
  mail_plugins = quota expire
  pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}

Authentication settings so that dovecot and postfix can work together:

auth_executable = /usr/libexec/dovecot/dovecot-auth
auth_worker_max_count = 30
auth default {
  mechanisms = plain login
  passdb sql {
    args = /etc/dovecot/sql.conf
  }
  userdb sql {
    args = /etc/dovecot/sql.conf
  }
  user = nobody
  count = 1
  socket listen {
    master {
      path = /var/run/dovecot/auth-master
       mode = 0600
       user = vmail
    }
    client {
      path = /var/spool/postfix/private/auth
      mode = 0660
      user = postfix
      group = mail
    }
  }
}

Settings for plugins:

plugin {
  quota = maildir:User quota
  quota_rule = *:storage=1048576
  quota_rule2 = Trash:storage=102400
  trash = /etc/dovecot/trash.conf
}

Now create the files used in dovecot.conf. First create sql.conf, it's used to read username and password information from the postfix admin database. Basically the file just contains 2 SQL query for dovecot to execute.

Remember to change the database, username and password according to your setup.

driver = mysql
connect = host=localhost dbname=postfix user=dovecot password=password
default_pass_scheme = md5-crypt

user_query = SELECT '/home/vmail/%u' as home, 'maildir:/home/vmail/%u' as mail, 5000 AS uid, 12 AS gid, concat('*:storage=', quota, 'M') AS quota_rule FROM mailbox WHERE username = '%u' AND active = '1'

password_query = SELECT username as user, password, '/home/vmail/%u' as userdb_home, 'maildir:/home/vmail/%u' as userdb_mail, 5000 as userdb_uid, 12 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1'

Create trash.conf.

1 Spam
2 Trash

There are lots of tutorials on generating SSL certificates, so I'm not going to repeat the whole process here. You can run the command below and set postfix to use the same ones:

# openssl req -new -x509 -nodes -out /etc/pki/dovecot/certs/dovecot.pem -keyout /etc/pki/dovecot/private/dovecot.pem -days 3650

Creating your own CA (for postfix):

# openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

Configure Postfix

Ok, here is my postfix setup:

broken_sasl_auth_clients = yes
home_mailbox = Maildir/
invalid_hostname_reject_code = 554
mail_owner = postfix
multi_recipient_bounce_reject_code = 554
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
myhostname = mail.example.com
mynetworks = 127.0.0.0/8
non_fqdn_reject_code = 554
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.5.6/README_FILES
relay_domains_reject_code = 554
sendmail_path = /usr/sbin/sendmail.postfix
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, check_helo_access hash:/etc/postfix/helo_access, permit
smtpd_recipient_restrictions = reject_invalid_hostname,            reject_unknown_recipient_domain, reject_unauth_pipelining, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_rbl_client cbl.abuseat.org, reject_rbl_client rabl.nuclearelephant.com, reject_rbl_client bl.spamcop.net, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = 
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem
smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
unknown_local_recipient_reject_code = 554
unknown_relay_recipient_reject_code = 554
unknown_virtual_alias_reject_code = 554
unknown_virtual_mailbox_reject_code = 554
unverified_recipient_reject_code = 554
unverified_sender_reject_code = 554
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:12
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 5000
virtual_uid_maps = static:5000

Now let's create the sql query files for postfix.

Create mysql_virtual_alias_maps.cf

user = postfix
password = password
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address

Create mysql_virtual_domains_maps.cf

user = postfix
password = password
hosts = localhost
dbname = postfix
table = domain
select_field = domain
where_field = domain
additional_conditions = and backupmx = '0' and active = '1'

mysql_virtual_mailbox_maps.cf

user = postfix
password = password
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username

To enable smtpds for outgoing mail server, you need to edit /etc/postfix/master.cf. Just uncomment the following lines:

smtps     inet  n       -       n       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING

Then add the following at the end of the file for dovecot to deliver mails into users' inboxes:

# Dovecot LDA
dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d ${recipient}

Configure RoundCube Mail

First, install all the dependencies that roundcube mail need.

To begin the setup, just browse to http://localhost/roundcubemail/ and follow the instructions there. However, there are certain things need to be edited manually after the 2 configuration files are generated. Since we're using Maildir style inbox, we want to let RoundCube Mail know that.

$rcmail_config['imap_root'] = 'INBOX';
$rcmail_config['imap_delimiter'] = '.';

And set this too so that RoundCube Mail creates all the necessary folders for us:

$rcmail_config['create_default_folders'] = TRUE;

Install Postfix Admin Patch for RoundCube Mail

Download the patch here

RCPFA patches roundcube mail so that it can modify the database that Postfix Admin uses. Extract rcpfa to the root directory of roundcube mail. Then move into the rcpfa directory.

# chmod +x INSTALL.TXT
# ./INSTALL.TXT

Then edit the config files of roundcube mail to change database login info.

That's it.

Fedora on MacBook Pro

|

Because of all the computer network related stuff I have been doing I decided to install a Linux OS on my macbook pro 1,2.

Tried Ubuntu first but it didn't work out very well. Upon the first startup I was able to connect to wifi and install updates. However, after updating the system and rebooting, I lost network manager and the ability to connect to wifi. I've no idea what I did to deserve this, so ended with installing Ubuntu again. This time was even worse, I couldn't even login because the keyboard and trackpad didn't work.

Basically I just gave up getting Ubuntu to work on my MBP. Fedora, however, worked very well and I must admit I really like the blue color scheme. It's cool.

Installing Fedora was quite smooth and uneventful. Although I hesitated when I realized I had to move the free space (partitioned by Boot Camp) to another sequence, but that doesn't matter. After installation I had to tweak the system for trackpad, but that's all. Everything works and I'm truly happy with Fedora.

Now come to the OS part, I don't really care about the difference between yum and apt-get, although apt-get seems to get me more packages than yum could. What I did not get at the beginning is that libraries like libnet and libpcap have a development version and another version which does NOT contain header files. Well, doing yum groupinstall "development tools" is obviously not enough.

Managing fonts on Linux is a pain in the ass, even with FontMatrix. Typographers should stick to Mac OS at all circumstances, believe me.

I'm not quite sure why Fedora doesn't come with Tomboy preinstalled, but it's a really neat software and I currently use it as an equivalent of DEVONthink on Linux, besides all my note-taking apps on the web.

A note about the virtual console on Linux, I think it's brilliant. Mac OS should definitely implement something like this, because this multiple-desktop concept, aka Spaces, is downright stupid compared the multiple-console concept. Plus, isn't it cool to copy and paste using just mouse buttons (um, using a mouse)?

Update: Read up on this guide for a detailed, step-by-step, explanation on how to get Fedora 10 working on your MBP.

I downloaded F10-i686-Live.iso and burned it onto a CD. Used Boot Camp to create a partition for Fedora, because I'm lazy. The compensation is that you will see Windows instead of Fedora, and you have to press Alt every time upon booting to select Fedora. Do not alter the size of free space created by Boot Camp, I think there will be some undesirable consequences if you did.