View Single Post
  #2   (View Single Post)  
Old 7th May 2008
hamba hamba is offline
Fdisk Soldier
 
Join Date: Apr 2008
Posts: 71
Default

And we have still more todo



If all looks good go to your Postfixadmin page
In a browser type in http://www.example.com/postfixadmin/setup.php and follow the on screen instructions. After your done go and remove the setup.php file
Code:
# rm /usr/local/www/postfixadmin/setup.php
Now go back to the postfixadmin page and login
After you've loged in go to the New Domain page and create your mail domain.
Then go and create an email account for yourself
If all goes as planned you will see the domain and email accounts if you go to "/usr/local/virtual"
Code:
# ls -alh /usr/local/virtual
drwx------  49 postfix postfix  1.3K 2008-01-19 15:04 example.com
# ls -alh /usr/local/virtual/example.com
drwx------  49 postfix postfix  1.3K 2008-01-19 15:04 you
drwx------  49 postfix postfix  1.3K 2008-01-19 15:04 me
drwx------  49 postfix postfix  1.3K 2008-01-19 15:04 someone
Next thing to do is getting webmail up and running, I'm using Squirrelmail because there is a nice plugin for postfixadmin so that users can set there out of office replies and change there password.
I'm using the squirrelmail-dev version from the ports tree
Code:
# cd /usr/ports/mail/squirrelmail-devel; make install clean

'After the installation you need to go and edit Apache to add Squirrelmail'
# vim vim /usr/local/etc/apache22/extra/httpd-autoindex.conf
Alias /sqmail "/usr/local/www/squirrelmail-devel/"

<Directory "/usr/local/www/squirrelmail-devel/">
    Options all -Indexes MultiViews
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>
Next go and configure Squirrelmail
Code:
# /usr/local/www/squirrelmail-devel/configure

Press "2" for "Server Settings" and me the following changes
Server Settings

General
-------
1.  Domain                 : example.com
2.  Invert Time            : false
3.  Sendmail or SMTP       : SMTP

A.  Update IMAP Settings   : mail.example.com:993 (dovecot)
B.  Update SMTP Settings   : mail.example.com:25

Press "a" for editing the "imap settings"
IMAP Settings
--------------
4.  IMAP Server            : mail.example.com
5.  IMAP Port              : 993
6.  Authentication type    : login
7.  Secure IMAP (TLS)      : 1
8.  Server software        : dovecot
9.  Delimiter              : detect

Press "b" for editing the "smtp settings"
SMTP Settings
-------------
4.   SMTP Server           : 10.0.100.111
5.   SMTP Port             : 25
6.   POP before SMTP       : false
7.   SMTP Authentication   : none
8.   Secure SMTP (TLS)     : 0
9.   Header encryption key :

Press "s" to save the changes and then "r" to return to the main config page
Press "3" to change the "Folder Defaults"
Folder Defaults
1.  Default Folder Prefix         :
2.  Show Folder Prefix Option     : false
3.  Trash Folder                  : Trash
4.  Sent Folder                   : Sent
5.  Drafts Folder                 : Drafts
6.  By default, move to trash     : true
7.  By default, move to sent      : true
8.  By default, save as draft     : true
9.  List Special Folders First    : true
10. Show Special Folders Color    : true
11. Auto Expunge                  : true
12. Default Sub. of INBOX         : false
13. Show 'Contain Sub.' Option    : false
14. Default Unseen Notify         : 2
15. Default Unseen Type           : 1
16. Auto Create Special Folders   : true
17. Folder Delete Bypasses Trash  : false
18. Enable /NoSelect folder fix   : false

Press "s" to save the changes and then "r" to return to the main config page
Press "4" to change to "General Options"
1.  Data Directory              : /var/spool/squirrelmail/pref/
2.  Attachment Directory        : /var/spool/squirrelmail/attach/
3.  Directory Hash Level        : 0
4.  Default Left Size           : 150
5.  Usernames in Lowercase      : true
6.  Allow use of priority       : true
7.  Hide SM attributions        : false
8.  Allow use of receipts       : true
9.  Allow editing of identity   : true
    Allow editing of name       : true
    Remove username from header : false
10. Disable server thread sort  : false
11. Disable server-side sorting : false
12. Allow server charset search : true
13. Allow advanced search       : 2
14. PHP session name            : SQMSESSID
15. Time zone configuration     : 0

Press "s" to save the changes and then "r" to return to the main config page
Press "9" to change the database settings
Database
1.  DSN for Address Book   : mysql://sqmail:Ch@ngeMe@localhost/squirrelmail
2.  Table for Address Book : address

3.  DSN for Preferences    : mysql://sqmail:Ch@ngeMe@localhost/squirrelmail
4.  Table for Preferences  : userprefs
5.  Field for username     : user (128)
6.  Field for prefs key    : prefkey (64)
7.  Field for prefs value  : prefval (65536)

8.  DSN for Global Address Book            : mysql://sqmail:Ch@ngeMe@localhost/squirrelmail
9.  Table for Global Address Book          : global_abook
10. Allow writing into Global Address Book : false
11. Allow listing of Global Address Book   : true

Press "q" to quit and save the changes
Now go and create the database and tables for Squirrelmail
Code:
# mysql -u root -p
mysql> CREATE DATABASE squirrelmail;
mysql> USE mysql;
mysql> GRANT ALL ON squirrelmail.* TO 'sqmail'@'localhost' IDENTIFIED BY 'Ch@ngeMe';
mysql> FLUSH PRIVILEGES;
mysql> USE squirrelmail;
mysql> CREATE TABLE address (
       owner varchar(128) DEFAULT '' NOT NULL,
       nickname varchar(16) DEFAULT '' NOT NULL,
       firstname varchar(128) DEFAULT '' NOT NULL,
       lastname varchar(128) DEFAULT '' NOT NULL,
       email varchar(128) DEFAULT '' NOT NULL,
       label varchar(255),
       PRIMARY KEY (owner,nickname),
       KEY firstname (firstname,lastname)
       );
mysql> CREATE TABLE global_abook (
       owner varchar(128) DEFAULT '' NOT NULL,
       nickname varchar(16) DEFAULT '' NOT NULL,
       firstname varchar(128) DEFAULT '' NOT NULL,
       lastname varchar(128) DEFAULT '' NOT NULL,
       email varchar(128) DEFAULT '' NOT NULL,
       label varchar(255),
       PRIMARY KEY (owner,nickname),
       KEY firstname (firstname,lastname)
       );
mysql> CREATE TABLE userprefs (
       user varchar(128) DEFAULT '' NOT NULL,
       prefkey varchar(64) DEFAULT '' NOT NULL,
       prefval BLOB DEFAULT '' NOT NULL,
       PRIMARY KEY (user,prefkey)
       );
mysql> exit;
Next go and download the postfixadmin plugin for squirrelmail and copy it into your squirrelmail/plugins directory
Make the needed changes in the postfixadmin plugin config file.
After all that is done go to "/usr/local/www/squirrelmail-devel/configure" press "8" and then the number next to the postfixadmin plugin to enable it
Now login to Squirrelmail and go to the options page and test the password change and out of office response

By now you should have a fully working email server witha nice webmail interface for your users.

After all this is working and you have no problems you can go and install SpamAssassin and ClamAV
First install SpamAssassin from ports
Code:
# cd /usr/ports/mail/p5-Mail-SpamAssassin/; make install clean
NOTE: make sure that "AS_ROOT", "SSL", "MYSQL" and "RAZOR" are selected

Create a user that will use SpamAssassin
Code:
# pw groupadd vscan
# pw useradd -n vscan -c Amavisd\ User -d /var/amavisd -g vscan -m
# passwd vscan
Edit the "/usr/local/etc/mail/spamassassin/local.cf" file
Code:
# vim /usr/local/etc/mail/spamassassin/local.cf
rewrite_header Subject *****SPAM*****
report_safe 1
report_contact you@example.com

use_bayes 1
bayes_store_module                  Mail::SpamAssassin::BayesStore::MySQL
bayes_sql_dsn                       DBI:mysql:spamassassin:localhost
bayes_sql_username                  vscan
bayes_sql_password                  ChangeMe
bayes_sql_override_username         vscan
bayes_auto_learn                    1
bayes_auto_learn_threshold_nonspam  -0.001
bayes_auto_learn_threshold_spam     10.0
bayes_use_hapaxes                   1
bayes_ignore_header                 ReSent-Date
bayes_ignore_header                 ReSent-From
bayes_ignore_header                 ReSent-Message-ID
bayes_ignore_header                 ReSent-Subject
bayes_ignore_header                 ReSent-To
bayes_ignore_header                 Resent-Date
bayes_ignore_header                 Resent-From
bayes_ignore_header                 Resent-Message-ID
bayes_ignore_header                 Resent-Subject
bayes_ignore_header                 Resent-To
bayes_ignore_header                 X-Received-From-IP
bayes_ignore_header                 X-Virus-Scanned
bayes_ignore_header                 X-Spam-Status
bayes_ignore_header                 X-Spam-Level
bayes_ignore_header                 X-Sender
bayes_ignore_header                 X-Mailer

user_scores_dsn                 DBI:mysql:spamassassin:localhost
user_scores_sql_username        vscan
user_scores_sql_password        ChangeMe
user_scores_sql_custom_query    SELECT preference, value FROM userpref WHERE username = _USERNAME_ OR username = '@GLOBAL' OR username = '@~'||_DOMAIN_ ORDER BY username ASC

auto_whitelist_factory          Mail::SpamAssassin::SQLBasedAddrList
user_awl_dsn                    DBI:mysql:spamassassin:localhost
user_awl_sql_username           vscan
user_awl_sql_password           ChangeMe
user_awl_sql_table              awl

skip_rbl_checks                     0
rbl_timeout                         10
dns_available                       yes

use_razor2                          1
razor_timeout                       10

fold_headers                        1
Configure RAZOR for reporting
Code:
# su - vscan
# razor-admin -d -create
# razor-admin -register (Simply follow the steps to create your own username/password.)
Next add this to your "/etc/rc.conf" file
Code:
# vim /etc/rc.conf
spamd_enable="YES"
spamd_flags="--daemonize --sql-config --nouser-config --username=nobody"
Install ClamAV
Code:
# cd /usr/ports/security/clamav; make install clean
# cd /usr/ports/security/clamsmtp; make install clean
And then add this to your "/etc/rc.conf" file
Code:
# vim /etc/rc.conf
clamav_freshclam_enable="YES"
clamav_clamd_enable="YES"
clamsmtpd_enable="YES"
Now start SpamAssassin and ClamAV
Code:
# /usr/local/etc/rc.d/sa-spamd start
# /usr/local/etc/rc.d/clamav-clamd start
# /usr/local/etc/rc.d/clamav-freshclam start
# /usr/local/etc/rc.d/clamsmtpd start
We still have to create the database for Spamassassin
Code:
# mysql -u root -p
mysql> CREATE DATABASE spamassassin;
mysql> USE mysql;
mysql> GRANT ALL ON spamassassin.* TO 'vscan'@'localhost' IDENTIFIED BY 'ChangeMe';
mysql> FLUSH PRIVILEGES;
mysql> USE spamassassin;
mysql> CREATE TABLE userpref (
       username varchar(100) NOT NULL default '',
       preference varchar(30) NOT NULL default '',
       value varchar(100) NOT NULL default '',
       prefid int(11) NOT NULL auto_increment,
       PRIMARY KEY  (prefid),
       KEY username (username)
       ) TYPE=MyISAM;
mysql> CREATE TABLE awl (
       username varchar(100) NOT NULL default '',
       email varchar(200) NOT NULL default '',
       ip varchar(10) NOT NULL default '',
       count int(11) default '0',
       totscore float default '0',
       PRIMARY KEY  (username,email,ip)
       ) TYPE=MyISAM;
mysql> CREATE TABLE bayes_expire (
       id int(11) NOT NULL default '0',
       runtime int(11) NOT NULL default '0',
       KEY bayes_expire_idx1 (id)
       ) TYPE=MyISAM;

mysql> CREATE TABLE bayes_global_vars (
       variable varchar(30) NOT NULL default '',
       value varchar(200) NOT NULL default '',
       PRIMARY KEY  (variable)
       ) TYPE=MyISAM;

mysql> INSERT INTO bayes_global_vars VALUES ('VERSION','3');

mysql> CREATE TABLE bayes_seen (
       id int(11) NOT NULL default '0',
       msgid varchar(200) binary NOT NULL default '',
       flag char(1) NOT NULL default '',
       PRIMARY KEY  (id,msgid)
       ) TYPE=MyISAM;

mysql> CREATE TABLE bayes_token (
       id int(11) NOT NULL default '0',
       token char(5) NOT NULL default '',
       spam_count int(11) NOT NULL default '0',
       ham_count int(11) NOT NULL default '0',
       atime int(11) NOT NULL default '0',
       PRIMARY KEY  (id, token),
       INDEX bayes_token_idx1 (token),
       INDEX bayes_token_idx2 (id, atime)
       ) TYPE=MyISAM;

mysql> CREATE TABLE bayes_vars (
       id int(11) NOT NULL AUTO_INCREMENT,
       username varchar(200) NOT NULL default '',
       spam_count int(11) NOT NULL default '0',
       ham_count int(11) NOT NULL default '0',
       token_count int(11) NOT NULL default '0',
       last_expire int(11) NOT NULL default '0',
       last_atime_delta int(11) NOT NULL default '0',
       last_expire_reduce int(11) NOT NULL default '0',
       oldest_token_age int(11) NOT NULL default '2147483647',
       newest_token_age int(11) NOT NULL default '0',
       PRIMARY KEY  (id),
       UNIQUE bayes_vars_idx1 (username)
       ) TYPE=MyISAM;

mysql> INSERT INTO userpref (username,preference,value) VALUES ('$GLOBAL','required_hits','5.0');
mysql> INSERT INTO userpref (username,preference,value) VALUES ('$GLOBAL','report_safe','1');
mysql> INSERT INTO userpref (username,preference,value) VALUES ('$GLOBAL','use_bayes','1');
mysql> INSERT INTO userpref (username,preference,value) VALUES ('$GLOBAL','use_dcc','1');
mysql> INSERT INTO userpref (username,preference,value) VALUES ('%example.com','required_hits','4.5');
mysql> INSERT INTO userpref (username,preference,value) VALUES ('%example.com','report_safe','1');
mysql> INSERT INTO userpref (username,preference,value) VALUES ('%example.com','use_bayes','1');
mysql> INSERT INTO userpref (username,preference,value) VALUES ('%example.com','use_dcc','1');
mysql> exit;
Now test is by runing this from the command line
Code:
# echo -e "From: user\nTo:user\Subject: Test\n\n" | spamc -u '$GLOBAL'
Received: from localhost by mail.example.com
        with SpamAssassin (version 3.2.4);
        Thu, 24 Jan 2008 13:12:27 +0000
Subject: *****SPAM*****
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on scurvy.violetlan.net
X-Spam-Level: ********
X-Spam-Status: Yes, score=8.9 required=5.0 tests=EMPTY_MESSAGE,MISSING_DATE,
        MISSING_HB_SEP,MISSING_HEADERS,MISSING_MID,MISSING_SUBJECT,NO_HEADERS_MESSAGE,
        NO_RECEIVED,NO_RELAYS,TVD_SPACE_RATIO autolearn=no version=3.2.4
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_47988EBB.C05C05B1"

# echo -e "From: user\nTo:user\Subject: Test\n\n" | spamc -u '%example.com'
Received: from localhost by scurvy.violetlan.net
        with SpamAssassin (version 3.2.4);
        Thu, 24 Jan 2008 13:15:12 +0000
Subject: *****SPAM*****
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on scurvy.violetlan.net
X-Spam-Level: ********
X-Spam-Status: Yes, score=8.9 required=4.5 tests=EMPTY_MESSAGE,MISSING_DATE,
        MISSING_HB_SEP,MISSING_HEADERS,MISSING_MID,MISSING_SUBJECT,NO_HEADERS_MESSAGE,
        NO_RECEIVED,NO_RELAYS,TVD_SPACE_RATIO autolearn=no version=3.2.4
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_47988F60.614EB132"
You also need to add this little script into your crontab to clean out the old awl table in MySQL
Create the file
Code:
# touch /usr/local/etc/awl-trim.sh
# touch /usr/local/etc/awl-trim.sql
# vim /usr/local/etc/awl-trim.sh
#!/bin/sh
/usr/local/bin/mysql -uvscan -pChangeMe < /usr/local/etc/awl-trim.sql
exit 0

# vim /usr/local/etc/awl-trim.sql
USE spamassassin;
DELETE FROM awl WHERE count="1";
Then go and create a cronjob with the following in it
Code:
# vim /etc/crontab
## spamassassin
0   1   *   *   6   root    /usr/local/etc/awl-trim.sh
Now go to the Squirrelmail home page and download the SaSQL plugin and install it, this will give your users the possibility to change there SpamAssassin settings.
That should be it, if all went well then you should have a email server that uses TLS and filtering viruses and spam.

I finaly got maildrop working so here is how to get it set up. So here is how I got it working.

First thing we will do is create a user that will use maildrop from with in postfix
Code:
# pw groupadd mailgrp
# adduser
create a user called "mailusr" as you would normally do for a standard system user. Leave the shell at /bin/sh because we will use it to test maildrop later
At the group option for the mailusr tell it to use mailgrp

Next install maildrop from the ports
Code:
# cd /usr/ports/mail/maildrop/
# make NO_MAILWRAPPER=yes WITH_AUTHLIB=yes MAILDROP_TRUSTED_USERS="root mailusr postfix" install clean
Courier Authlib will come up with a options screen make sure that you have MySQL selected
Now go and edit "authdaemonrc" and "authmysqlrc"
Code:
# vim /usr/local/etc/authlib/authdaemonrc
authmodulelist="authmysql"
The rest can stay as it is

Now go and edit "authmysqlrc", it is very important that you keep the tabes in this file
Code:
# vim /usr/local/etc/authlib/authmysqlrc
MYSQL_SERVER        localhost
MYSQL_USERNAME      postfix
MYSQL_PASSWORD      ch@ngeMe
MYSQL_SOCKET        /tmp/mysql.sock
MYSQL_OPT       0
MYSQL_DATABASE      postfix
MYSQL_USER_TABLE    mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_CLEAR_PWFIELD password
MYSQL_UID_FIELD     '125'
MYSQL_GID_FIELD     '125'
MYSQL_LOGIN_FIELD   username
MYSQL_HOME_FIELD    '/usr/local/virtual'
MYSQL_NAME_FIELD    name
MYSQL_MAILDIR_FIELD maildir
Next go and fix some of the permissions that is wrongly set, we need to make these changes to get maildrop to work for the mailusr.
Code:
# cd /var/run/
# chmod 755 authdaemond
# chmod +s /usr/local/bin/maildrop
# cd /usr/local/virtual/
# touch /usr/local/virtual/.mailfilter
# chmod 600 /usr/local/virtual/.mailfilter
# mkdir /usr/local/virtual/mailfilters
# chmod 700 /usr/local/virtual/mailfilters
# chown -R postfix:postfix /usr/local/virtual/.mailfilter /usr/local/virtual/mailfilters
Add this to your /etc/rc.conf file
Code:
# vim /etc/rc.conf
courier_authdaemond_enable="YES"
and then start courier-authlib
Code:
# /usr/local/etc/rc.d/courier-authdaemond start
Look in your maillog for any errors

Last edited by hamba; 7th May 2008 at 12:08 PM.
Reply With Quote