Installation of Qmail + Vpopmail + Courier Imap + Horde/imp + QmailAdmin + vQregister
by bilke (bilke@bsd.org.yu)
1. Introduction
The freemail is fully rely on qmail's virtual domain/users and Maildir
feature ( better alternative to tradicional UNIX mbox which is used by sendmail).
Qmail is a secure, reliable, efficient, simple message transfer agent. Qmail's
virtual domains and virtual ( non /etc/passwd ) users are managed by vpopmail
package wich work in konjuction with qmail. Qmail and vopopmail are kern of
system. Other programs are imap server which deliver mail to clients (courier
imap), and horde/imp which is used as web interface for reding/writeing mails.
Usernames, passwords Maildir paths and quotas are keeped in mysql databases.
Administration od users/domains can be done from CLI ( vpopmail ) or from web
using qmailadmin package ( set of fast cgi programs that are written in C ).
2. Qmail
a. Description & Features
Qmail is an Internet Mail Transfer Agent (MTA) for UNIX-like operating systems.
It's a drop-in replacement for the Sendmail system provided with UNIX operating
systems. Qmail uses the Simple Mail Transfer Protocol (SMTP) to exchange
messages with MTA's on other systems.
There are planty of resasons for using qmail insted of tradicional sendmail:
- Security: qmail is clean written and desingned for high security.
When sendmail was written Internet was more friendlier place than
it's today. Everyone knew everyone else and ther was no need to desing
program for high security.
- Reliable: qmail's straight-paper-path philosophy guarantees that a
message, once accepted into the system, will never be lost. qmail also
optionally supports maildir, a new, super-reliable user mailbox format.
Maildirs, unlike mbox files won't be corrupted if the system crashes
during delivery.
- Efficient: On a Pentium under BSD/OS, qmail can easily sustain
200.000 local messages per day---that's separate messages injected and
delivered to mailboxes in a real test! Although remote deliveries are
inherently limited by the slowness of DNS and SMTP, qmail overlaps 20
simultaneous deliveries by default, so it zooms quickly through mailing
lists.
- Simple: Qmail is vastly smaller than any other Internet MTA.
- Compatibilty: Qmail is can be fully replacment for sendmail.
It have sendmail interface, mbox mail delivering, .forward forwarding
etc ... Qmail can do everything what sendmail can do and much more.
b. Installation
On this system qmail should be installed in tradicional /var/qmail path
with default options.
Before installations /var/qmail dir should be made and qmail system users and groups
should be added:
# mkdir /var/qmail
# groupadd nofiles
# useradd -g nofiles -d /var/qmail/alias alias
# useradd -g nofiles -d /var/qmail qmaild
# useradd -g nofiles -d /var/qmail qmaill
# useradd -g nofiles -d /var/qmail qmailp
# groupadd qmail
# useradd -g qmail -d /var/qmail qmailq
# useradd -g qmail -d /var/qmail qmailr
# useradd -g qmail -d /var/qmail qmails
Next thing to do is to start make, configure and installation of start script:
# make setup check
# ./config
# cd ~alias && touch .qmail-postmaster .qmail-mailer-daemon .qmail-root
# chmod 644 ~alias/.qmail*
# cp /var/qmail/boot/maildir /var/qmail/rc
After installation of qmail, sendmail should be turned off and qmail's
replacment for sendmail should be linked instead of original sendmail
executable. First kill sendmail
# killall sendmail
Then flush all messages from /var/spool/mqueue
# /var/(lib|sendmail)/sendmail -q
Finaly replace sendmail with qmail replacment:
# cd /usr/lib && mv sendmail sendmail.OLD && ln -sf /var/qmail/bin/sendmail .
If you want automaticaly qmail starting upon machine restart
( you want that :o) add
/var/qmail/rc to /etc/rc.d/rc.local or simmilar start script.
n.b. if you want that qmail accept network connections check ucspi-tcp section
3. ucspi-tcp
a. Description & Features
Ucspi-tcp is very good replacement for classic inetd (ineterner super daemon).
It was made by D. J. Bernstein ( creator of qmail ) special for qmail, but it
can be used for other network daemons too.
b. Installation
Compile and install package by running make and make setup check in src dir.
# make
As root, install the ucspi-tcp programs under /usr/local:
# make setup check
Start now qmail-smtpd form ucspi-tcp tools with folowing command:
/usr/local/bin/softlimit -m 2000000 \
/usr/local/bin/tcpserver -v -R -l 0 -x /etc/tcp.smtp.cdb -c 20 \
-u `id -u qmaild` -g `id -g qmaild` 0 smtp \
/var/qmail/bin/qmail-smtpd 2>&1
Also don't forget to add this line to startup script ( /etc/rc.d/rc.local )
or simmilar.
4. Vpopmail
a. Description & Features
Vpopmail if GPL software package which provide easy way to manage qmail's
virtual users and domains.
- Support for 1 to 23 million virtual email domains using a "grow as it
goes" balenced directory tree.
- Support for 1 to 23 million email users per domain using the same
balenced tree structure.
- Automates all qmail configurations into handy and scriptable command
line programs and documented API library calls.
- Automates Unix user/group/other permissioning of directories and files.
- Supports authenticated relay control of your qmail smtp server.
- Virtual email file/directories can be assigned to any user/group or do
the default vpopmail/vchkpw 89/89
- Supports name or IP based virtual domains
- ...
b. Installation
First we make vpopmail home dir and add vpopmail user and group:
# mkdir /usr/local/vpopmail
# groupadd -g 89 vchkpw
# useradd -g vchkpw -u 89 -d /usr/local/vpopmail vpopmail
Vpopmail will be installed with mysql support, so before make one must
edit vmysql.h file in root src dir and set all varibles ( mysql server, database,
mysql username and mysql password ).
# vi vmysql.h
Edit folowing preprocessor directive:
#define MYSQL_SERVER "localhost"
#define MYSQL_USER "root"
#define MYSQL_PASSWD "****"
Vpopmail have to be installed with folowing switches:
# ./configure \
--enable-mysql=y \
--enable-mysql-logging=y \
--enable-qmaildir=/var/qmail \
--enable-tcprules-bin=/usr/local/bin/tcprules \
--enable-tcpserver-file=/usr/local/vpopmail/etc/tcp.smtp \
--enable-defaultquota=10000000 \
--enable-logging=y \
--enable-apop=n \
--enable-roaming-users=y \
--enable-relay-clear-minutes=30 \
--enable-clear-passwd=n \
--prefix=/usr/local/vpopmail
Then do make and make install[-strip]
# make
# make install-strip
After installation new domains can be added with:
# /usr/local/vpopmail/bin/vadddomain somedomain.tld
New users can be added with:
# /usr/local/vpopmail/bin/vadduser someuser@somedomain.tld
5. Courier IMAP
a. Description & Features
Courier-IMAP is a server that provides IMAP access to Maildirs. This IMAP server does NOT
handle traditional mailbox files (/var/spool/mail, and derivatives), it was written for
the specific purpose of providing IMAP access to Maildirs.
- Extremely small footprint. On x86, Courier-IMAP's main daemon is a fraction of the size
of the UW-IMAP server, and has a greatly reduced memory footprint.
- Abstract authentication modules. Authentication of login userid and password is wrapped
up into a completely stand-alone module. Several modules are provided to authenticate using
the traditional password/shadow files, via the PAM library, from a table on a MySQL server,
or from an LDAP server (requires MySQL or OpenLDAP). An experimental authentication module for
PostgreSQL is also available. You can also write your own custom userid/password validation
program. A "custom" authentication module is included, which authenticates absolutely nothing.
Add your own code to it in order to implement a site-specific authentication mechanism.
- Virtual mailboxes. The userdb authentication module uses either a GBDM or DB database to
map arbitrary userids to maildirs. Perl scripts are included to manage this database. There's
also an authentication module that implements the vpopmail virtual mailbox implementation.
- Ability to restrict the maximum number of IMAP logins, and the maximum number of logins from
the same IP address. This will prevent denial-of-service attacks where the attacker attempts to
overload the server with multiple login connections.
- Shared folders. With additional server-side setup, folders can be shared between groups of accounts.
b. Installation
$ ./configure \
--without-authldap \
--without-authshadow \
--without-authcram \
--sysconfdir=/usr/local/etc/courier-imap \
--with-userdb=/usr/local/etc/userdb \
--datadir=/usr/local/share/courier-imap \
--libexecdir=/usr/local/libexec/courier-imap \
--enable-workarounds-for-imap-client-bugs \
--disable-root-check \
--without-authvchkpw \
--without-authpgsql \
--with-authpam \
--prefix=/usr/local \
--with-authchangepwdir=/usr/local/libexec/courier-imap/authlib \
--with-db=db \
--with-makedatprog='/usr/local/libexec/courier-imap/makedatprog' \
--with-mailuser=root \
--without-socks \
--with-authchangepwdir=/var/tmp/dev/null
$ make
$ su root
# make install-strip
# make install-configure
After installation configuration files should be created and setuped.
# cd /usr/local/etc/courier-imap
# cp <filename>.dist <filename>
edit variable authmodulelist to value "authmysql", and variable version to value "authdaemond.mysql"
# vi authdaemonrc
edit mysql server name, username, passwd, port, db name, table name, and column names.
# vi authmysqlrc
start authdaemond.mysql and courier-imap with
# /usr/local/libexec/courier-imap/authlib/authdaemond.mysql start
# /usr/local/libexec/courier-imap/imapd.rc start
Add previous two lines to /etc/rc.d/rc.local if you want autostart of
imapd and authdaemon upon restart of machine.
6. Horde/imp
a. Description & Features
horde
The Horde Project is a group of developers who write Web applications
using the Horde Application Framework, itself a product of the
Project. The Horde Application Framework is written in PHP, and provides the
common tools a Web application requires: classes for dealing with
preferences, compression, browser detection, connection tracking,
MIME, and more.
imp
IMP is the Internet Messaging Program (formerly, among other things,
the IMAP webMail Program), a PHP-based webmail system and a component
of the Horde project. IMP is the most mature of the Horde components,
and is the most widely deployed (thus far!). IMP, once installed,
accesses mail over IMAP, thus requiring little to no special
preparations on the server on which mail is stored.IMP offers most of
the features users have come to expect from their
conventional mail programs, including attachments, spell-check,
address books, multiple folders, and multiple-language support.
b. Installation
horde
prerequisites
Horde/imp require folowing applications in order to work
configuring
Unpack and rename horde package in apache document root.
# cd /usr/local/apache/htdocs
# tar zxvf /path/to/horde-2.0.tar.gz
# mv horde-2.0 horde
Next thing to do is to make mysql database, mysql horde user and table(s).
Edit password in that line to some hard-to-hack password. Save file and run mysql client
# vi +23 horde/scripts/db/mysql_create.sql
# mysql --user=root --password=MySQL-root-password < \
horde/scripts/db/mysql_create.sql
Now we need to configure php in horde/config
# cd horde/config
# for file in *.dist; do cp $file `basename $file .dist`; done
edit all configuration files. Documenation for all options can be found
in each of those files.
Some hode files contain usenames and passwds for mysql db, and we need to
change user, group and permisions for them.
chown root:www horde/config/*
chmod 0440 horde/config/*
imp
prerequisites
Imp is built on horde framework and requires horde in order to work.
configuring
Unpack imp in horder directory
cd /usr/local/apache/htdocs/horde
tar zxvf /path/to/imp-3.0.tar.gz
mv imp-3.0 imp
First we need to register imp application in horde. Registration for
application in horde is in config/registry.php. Uncomment the stanza
for IMP.
# vi horde/config/registry.php
If you don't want to login twice ( once in horde, once in imp )
uncoment folowing lines near top of registry.php file.
$this->registry['auth']['login'] = 'imp';
$this->registry['auth']['logout'] = 'imp';
Now we need to configure php in imp/config
# cd imp/config
# for file in *.dist; do cp $file `basename $file .dist`; done
edit all configuration files. Documenation for all options can be found
in each of those files.
7. QmailAdmin
a. Description & Features
QmailAdmin is a free software package that provides a web interface for
managing a qmail system with virtual domains. A version is available now
for use with the vpopmail program. It provides admin for adding/deleting
users, Aliases, Forwards, Mailing lists and Autoresponders. Version 0.40
features automatic International language support via the users language
settings on their browser.
b. Installation
Unpack qmailadmin package, configure, make and make install
# ./configure \
--enable-htmldir=/usr/local/apache/htdocs/ \
--enable-cgibindir=/usr/local/apache/cgi-bin/qmailadmin \
--with-htmllibdir=/usr/local/share/qmailadmin \
--enable-cgipath=/cgi-bin/qmailadmin/qmailadmin \
--enable-ezmlmidx=n \
--prefix=/usr/local
# make
# make install-strip
8. vQregister
a. Description & Features
vQregister is a CGI which allows new email users to signup on your
system. It is extremely configurable, and has many methods of operation.
Features:
-
An extensive array of features, which replace, and surpass the
previous vQsignup
-
Configurable to allow random generation of passwords, which are
emailed to users.
-
Redirect your users (ie, SqWebmail) after the signup process is
complete.
-
Fully templacized HTML, and email output.
-
Written in good ol' C.
b. Installation
Unpack vqregister, edit Makefile and setup variables, do make and
make install.
# vi Makefile
# make
# make install
Configure vqregister by editing /usr/local/apache/cgi-bin/vqregister/vqregister.conf
# vi /usr/local/apache/cgi-bin/vqregister/vqregister.conf
9. Final step
After installation of freemail system, restart machine just to be shure
that everythin will be started automaticaly.
|