Herramientas de usuario
servidores:mail:mail_system_debian_wheezy
Diferencias
Muestra las diferencias entre dos versiones de la página.
| Ambos lados, revisión anterior Revisión previa Próxima revisión | Revisión previa | ||
|
servidores:mail:mail_system_debian_wheezy [2012/09/05 10:20] fmolinuevo [Cyrus IMAP] |
servidores:mail:mail_system_debian_wheezy [2014/01/10 22:59] (actual) fmolinuevo [SSL/TLS] |
||
|---|---|---|---|
| Línea 1: | Línea 1: | ||
| - | ====== Installing a Mail System on Ubuntu Hardy with Postfix, Cyrus and Amavisd-new plus Horde ====== | + | ====== Installing a Mail System on Debian Wheezy with Postfix, Cyrus and Amavisd-new plus Horde 4 ====== |
| - | //Adaptado por Félix Molinuevo, [[fmsi>|FMSI Sistemas de Informática]]// | + | //Adaptado por Félix Molinuevo, [[fmsi>|FMSI Sistemas de Informática]]// **:::** //Actualizado: **20131031**// |
| ===== Introduction ===== | ===== Introduction ===== | ||
| Línea 22: | Línea 22: | ||
| * [[http://asg.web.cmu.edu/cyrus/imapd/|Cyrus-IMAP]] (IMAP and SIEVE server) | * [[http://asg.web.cmu.edu/cyrus/imapd/|Cyrus-IMAP]] (IMAP and SIEVE server) | ||
| * [[http://httpd.apache.org|Apache]] (For webmail) | * [[http://httpd.apache.org|Apache]] (For webmail) | ||
| - | * [[http://www.squirrelmail.org|SquirrelMail]] (Webmail system) | + | * [[http://www.horde.org/apps/groupware|Horde]] (Webmail and Groupware) |
| - | * Plugins for SquirrelMail: [[http://email.uoa.gr/projects/squirrelmail/avelsieve.php|AvelSIEVE]] (SIEVE script creator for Squirrelmail) | + | |
| ===== Installation ===== | ===== Installation ===== | ||
| Línea 95: | Línea 95: | ||
| mount /var/spool/postfix/var/run/cyrus | mount /var/spool/postfix/var/run/cyrus | ||
| </code> | </code> | ||
| + | |||
| + | **Because now in Wheezy /var/run is a soft link to /run, and this directory is a tmpfs, you must add these two lines to /etc/rc.local for mounting those directories at boot time** (more info in https://wiki.debian.org/ReleaseGoals/RunDirectory). | ||
| The same location is now accessable outside the chroot at /var/run/saslauthd and inside the chroot at /var/spool/postfix/var/run/saslauthd (which postfix sees as /var/run/saslauthd). This avoids editing the saslauthd init script, messing with dpkg, and creating symbolic links. The only visible side effect is an extra listing from the ''df'' command which doesn't know that the bind mount isn't an actual separate disk. | The same location is now accessable outside the chroot at /var/run/saslauthd and inside the chroot at /var/spool/postfix/var/run/saslauthd (which postfix sees as /var/run/saslauthd). This avoids editing the saslauthd init script, messing with dpkg, and creating symbolic links. The only visible side effect is an extra listing from the ''df'' command which doesn't know that the bind mount isn't an actual separate disk. | ||
| Línea 184: | Línea 186: | ||
| ./CA.pl -newca</code> | ./CA.pl -newca</code> | ||
| - | Answer the questions as they come with reasonable information. The value for CN (Common Name) should be the hostname of the server that the certificates will be used on. | + | Answer the questions as they come with reasonable information. **The value for CN (Common Name) should be the hostname of the server** that the certificates will be used on. |
| Now make the server certificate request. | Now make the server certificate request. | ||
| Línea 286: | Línea 288: | ||
| saslpasswd2 -c cyrus | saslpasswd2 -c cyrus | ||
| - | Now add an IMAP user. Usernames are prefaced with ''user.'', followed by the login name of the user. For a user account jimmy, the mailbox would be named ''user.jimmy''. | + | Now add an IMAP user. Usernames are prefaced with "user.", followed by the login name of the user. For a user account jimmy, the mailbox would be named "user.jimmy". |
| Log into the cyrus admin tool and create a new mail user to match a local delivery name that postfix knows. Do this for each local account that receives mail, or postfix will throw errors. | Log into the cyrus admin tool and create a new mail user to match a local delivery name that postfix knows. Do this for each local account that receives mail, or postfix will throw errors. | ||
| Línea 323: | Línea 325: | ||
| <code>dpkg-statoverride --force --update --add cyrus lmtp 750 /var/run/cyrus/socket | <code>dpkg-statoverride --force --update --add cyrus lmtp 750 /var/run/cyrus/socket | ||
| /etc/init.d/postfix restart | /etc/init.d/postfix restart | ||
| - | /etc/init.d/cyrus2.2 restart</code> | + | /etc/init.d/cyrus-imapd restart</code> |
| Cyrus should now be linked to Postfix. All mail from Postfix will be handed off to the Cyrus server for delivery. This will fail if Postfix tries to deliver mail for a user Cyrus doesn't know about, so make sure that when new users are added to the mail system that the corresponding mailboxes are also added with cyradm. | Cyrus should now be linked to Postfix. All mail from Postfix will be handed off to the Cyrus server for delivery. This will fail if Postfix tries to deliver mail for a user Cyrus doesn't know about, so make sure that when new users are added to the mail system that the corresponding mailboxes are also added with cyradm. | ||
| Línea 364: | Línea 366: | ||
| duplicatesuppression: no | duplicatesuppression: no | ||
| + | |||
| + | === Mensajes en log "fetching user_deny" === | ||
| + | |||
| + | The new version 2.4 of Cyrus IMAN in Debian Wheezy insert a entry in syslog every time it try to access user_deny.db so log became full of such messages. To avoid filling logs, you can create a file called /etc/rsyslog.d/cyrus-imapd.conf with the following line inside: | ||
| + | |||
| + | if $programname == 'cyrus' and $msg contains_i 'fetching user_deny' then ~ | ||
| + | |||
| + | When it's done, restart rsyslog daemon. | ||
| ===== Spam and virus fitering ===== | ===== Spam and virus fitering ===== | ||
| Línea 376: | Línea 386: | ||
| ==== ClamAV ==== | ==== ClamAV ==== | ||
| - | aptitude install rar unrar lha arj unzoo zip unzip bzip2 gzip cpio file lzop nomarch cabextract ripole \ | + | aptitude install rar unrar arj zip unzip bzip2 gzip cpio file lzop nomarch cabextract ripole \ |
| rpm pax p7zip zoo ncompress | rpm pax p7zip zoo ncompress | ||
| aptitude install clamav clamav-base clamav-daemon clamav-freshclam clamav-docs | aptitude install clamav clamav-base clamav-daemon clamav-freshclam clamav-docs | ||
| Línea 509: | Línea 519: | ||
| ===== Extra Software ===== | ===== Extra Software ===== | ||
| - | In addition to basic mail service, it is also possible to provide webmail service using the SquirrelMail package, spam filtering with SpamAssassin, and server-side mail filtering with SIEVE. | + | In addition to basic mail service, it is also possible to provide webmail service using the Horde Groupware Webmail, spam filtering with SpamAssassin, and virus filtering with ClamAV. |
| + | |||
| + | ==== Apache ==== | ||
| + | |||
| + | //Note: these steps could vary from some server to another. For example, you could configure Apache using [[https://doc.fmsistemas.com/servidores:apache:apache_dynamicvhosts|dynamic virtual hosts]]// | ||
| - | ==== Webmail ==== | ||
| To use webmail, first set up Apache if it is not already working. To install Apache: | To use webmail, first set up Apache if it is not already working. To install Apache: | ||
| Línea 541: | Línea 554: | ||
| /etc/init.d/apache2 force-reload | /etc/init.d/apache2 force-reload | ||
| - | Now that Apache is up and running, install the SquirrelMail package. | + | ==== Horde Groupware Webmail ==== |
| - | + | ||
| - | aptitude install squirrelmail | + | |
| - | + | ||
| - | Run the configuration for SquirrelMail and adjust the settings for your system. | + | |
| - | + | ||
| - | squirrelmail-configure | + | |
| - | The configuration is quite straightforward. Once that is done try logging into the newly created squirrelmail site (The line ''Include /etc/squirrelmail/apache.conf'' may need to be added to /etc/apache2/apache2.conf). If you can log in to the site then SM is up and running. | + | Horde Groupware Webmail 4 is a really powerful groupware application, including webmail. To install it, you should follow the install guide (see bibliography) |
| - | ==== SIEVE Filters ==== | + | This is a quick and simple recipe perhaps not enough for every server: |
| - | SIEVE is a simple yet powerful way to filter mail on the server side. In this setup it is part of the Cyrus IMAP server package, and runs on port 2000. I waited this long to introduce it, because I find the nicest way to build sieve scripts is with the AvelSIEVE plugin for SquirrelMail. First download the plugin from the SquirrelMail site and untar in in the SquirrelMail plugins folder. Copy the sample configuration to the real file and edit it to your configuration. If you're like me you didn't have to change anything. | + | |
| - | Run the SquirrelMail configure script again and select plugins to view the list of available plugins. Type the number of the avelsieve plugin to enable it. Save your prefs and exit, and go back to your SquirrelMail web page to test it. | + | First, in php.ini for Apache, change the following: |
| - | Click on the new filters link on the top bar. If you get an error about connecting, check /etc/cyrus.conf. If you get a connection refused error test sieve using sivtest. If you can connect to localhost but not your machines dns name, you'll have to edit that config file to fix the problem. I removed the "localhost" parameter from the sieve init line. | + | <code>date.timezone = America/Argentina/Buenos_Aires</code> |
| - | If you get a dialog that will let you add a new rule, congratulations. You're set. I usually create rules based on the X-Spam-Flag header to move mail to INBOX.Junk, and a few others to move mailing lists to their respective folders. Always make sure you save your rules before you leave the page though, or they will not take effect. | + | - Install PEAR |
| + | - Install MySQL, and configure a database and user for Horde: <code> | ||
| + | # mysql -u root -p | ||
| + | CREATE DATABASE horde; | ||
| + | GRANT ALL ON horde.* TO horde@localhost IDENTIFIED BY 'PASSWORD'; | ||
| + | FLUSH PRIVILEGES;</code> | ||
| + | - Register Horde PEAR channel: <code> | ||
| + | pear channel-discover pear.horde.org</code> | ||
| + | - Set Horde installation directory: <code> | ||
| + | pear install horde/horde_role | ||
| + | pear run-scripts horde/horde_role</code> | ||
| + | - Install Horde Groupware Webmail Edition: <code> | ||
| + | pear install -a -B horde/webmail</code> | ||
| + | - Run installation script: <code> | ||
| + | webmail-install</code> | ||
| + | - Test Horde Groupware Webmail Edition: <code> | ||
| + | http://your-server/horde/test.php</code> | ||
| - | The nice thing about the sieve filters is that even though I set them up through squirrelmail, they run at the IMAP server level, and all mail you get through IMAP is filtered according to your rules. | ||
| ===== Conclusion ===== | ===== Conclusion ===== | ||
| Línea 584: | Línea 605: | ||
| -Cyrus Twiki: http://cyrusimap.web.cmu.edu/twiki/bin/view/Cyrus/WebHome | -Cyrus Twiki: http://cyrusimap.web.cmu.edu/twiki/bin/view/Cyrus/WebHome | ||
| -How to set up a mail server on a GNU/Linux system: http://flurdy.com/docs/postfix/ | -How to set up a mail server on a GNU/Linux system: http://flurdy.com/docs/postfix/ | ||
| + | -Horde Webmail Install Guide: http://www.horde.org/apps/webmail/docs/INSTALL | ||
servidores/mail/mail_system_debian_wheezy.1346851237.txt.gz · Última modificación: 2012/09/05 10:20 por fmolinuevo
Herramientas de la página
Excepto donde se indique lo contrario, el contenido de este wiki esta bajo la siguiente licencia: CC Attribution-Noncommercial-Share Alike 4.0 International
