27 March 2006

Virtual Mailhosting with Postfix and Mysql

Hi
i am writing you virtual mailhosting with postfix and mysql. Follow
it is in Gentoo Linux

  • Make sure to turn on the following USE variables in /etc/make.conf before compiling the packages: USE="mysql imap libwww maildir sasl ssl"
  • emerge postfix
  • /etc/postfix/main.cf
myhostname = deepak.deepak.blr
mydomain = deepak.blr
inet_interfaces = al l
mydestination = $myhostname, localhost.$mydomain $mydomain
mynetworks = subnet
home_mailbox = .maildir/
local_destination_concurrency_limit = 2
default_destination_concurrency_limit = 10

  • /etc/postfix/master.cf
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (50)
#
=========================================================
(Just add the "-v" after the smtpd in the following line)
smtp inet n - n - - smtpd -v

  • /etc/mail/aliases
add new aliases.
root: support@deepak.net

  • /usr/bin/newaliases
  • /etc/init.d/postfix start
emerge courier-imap courier-authlib
  • cd /etc/courier-imap
  • nano -w pop3d.cnf
  • nano -w imapd.cnf
Change the C, ST, L, CN, and email parameters to match your server.)

  • mkpop3dcert
  • mkimapdcert
  • /etc/init.d/courier-imapd start
  • /etc/init.d/courier-imapd-ssl start
  • /etc/init.d/courier-pop3d start
  • /etc/init.d/courier-pop3d-ssl start
  • emerge cyrus-sasl
  • nano -w /etc/sasl2/smtpd.conf
mech_list: PLAIN LOGIN
pwcheck_method: saslauthd
  • nano -w /etc/conf.d/saslauthd
SASLAUTHD_OPTS="${SASLAUTH_MECH} -a rimap -r"
SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -O localhost"
  • /etc/init.d/saslauthd start
  • cd /etc/ssl/
  • nano -w openssl.cnf
  • cd /misc
  • nano -w CA.pl
  • create a certificate
system ("$REQ -new -nodes -x509 -keyout newreq.pem -out newreq.pem $DAYS");
  • create a certificate request
system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS");

  • ./CA.pl -newca
  • ./CA.pl -newreq
  • ./CA.pl -sign
  • cp newcert.pem /etc/postfix
  • cp newreq.pem /etc/postfix
  • cp demoCA/cacert.pem /etc/postfix
  • openssl req -new > new.cert.csr
  • openssl rsa -in privkey.pem -out new.cert.key
  • openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 365
  • nano -w /etc/postfix/main.cf
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain =
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtp_tls_note_starttls_offer = yes
smtpd_use_tls = yes
#smtpd_tls_auth_only = yes
smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

  • postfix reload
OUTPUT WILL BE
telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 deepak.net ESMTP Postfix
EHLO deepak.net
250-deepak.net
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-XVERP
250 8BITMIME
^]
telnet> quit
  • emerge mysql
  • /usr/bin/mysql_install_db
  • /etc/init.d/mysql start
  • mysqladmin -u root -p create mailsql
  • mysql -u root -p mailsql <>
  • mysql -u root -p mysql
  • mysql> GRANT SELECT,INSERT,UPDATE,DELETE ON mailsql.*TO mailsql@localhost IDENTIFIED BY '$password';
  • Query OK, 0 rows affected (0.02 sec)
  • mysql> FLUSH PRIVILEGES;
  • Query OK, 0 rows affected (0.00 sec)
  • mysql> quit
  • (Verify that the new mailsql user can connect to the mysql server.)
  • mysql -u mailsql -p mailsql
  • add vmail user
  • adduser -d /home/vmail -s /bin/false vmail
  • uid=`cat /etc/passwd | grep vmail | cut -f 3 -d :`
  • groupadd -g $uid vmail
  • mkdir /home/vmail
  • chown vmail: /home/vmail
  • nano -w /etc/courier/authlib/authdaemonrc
authmodulelist="authmysql authpam"
  • nano -w /etc/courier/authlib/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME mailsql
MYSQL_PASSWORD $password
MYSQL_DATABASE mailsql
MYSQL_USER_TABLE users
( Make sure the following line is commented out since we're storing plaintext.)
#MYSQL_CRYPT_PWFIELD crypt
MYSQL_CLEAR_PWFIELD clear
MYSQL_UID_FIELD uid
MYSQL_GID_FIELD gid
MYSQL_LOGIN_FIELD email
MYSQL_HOME_FIELD homedir
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD maildir
  • /etc/init.d/courier-authlib restart
  • /etc/init.d/saslauthd restart
  • nano -w /etc/postfix/mysql-aliases.cf
# mysql-aliases.cf
user = mailsql
password = $password
dbname = mailsql
table = alias
select_field = destination
where_field = alias
hosts = unix:/var/run/mysqld/mysqld.sock
  • nano -w /etc/postfix/mysql-relocated.cf
mysql-relocated.cf
user = mailsql
password = $password
dbname = mailsql
table = relocated
select_field = destination
where_field = email
hosts = unix:/var/run/mysqld/mysqld.sock

  • nano -w /etc/postfix/mysql-transport.cf
mysql-transport.cf
user = mailsql
password = $password
dbname = mailsql
table = transport
select_field = destination
where_field = domain
hosts = unix:/var/run/mysqld/mysqld.sock
  • nano -w /etc/postfix/mysql-virtual-gid.cf
myql-virtual-gid.cf
user = mailsql
password = $password
dbname = mailsql
table = users
select_field = gid
where_field = email
additional_conditions = and postfix = 'y'
hosts = unix:/var/run/mysqld/mysqld.sock

  • nano -w /etc/postfix/mysql-virtual-maps.cf
#myql-virtual-maps.cf
user = mailsql
password = $password
dbname = mailsql
table = users
select_field = maildir
where_field = email
additional_conditions = and postfix = 'y'
hosts = unix:/var/run/mysqld/mysqld.sock
  • nano -w /etc/postfix/mysql-virtual-uid.cf
# mysql-virtual-uid.cf
user = mailsql
password = $password
dbname = mailsql
table = users
select_field = uid
where_field = email
additional_conditions = and postfix = 'y'
hosts = unix:/var/run/mysqld/mysqld.sock
  • nano -w /etc/postfix/mysql-virtual.cf
# mysql-virtual.cf
user = mailsql
password = $password
dbname = mailsql
table = virtual
select_field = destination
where_field = email
hosts = unix:/var/run/mysqld/mysqld.s
  • nano -w /etc/postfix/main.cf
alias_maps = mysql:/etc/postfix/mysql-aliases.cf
relocated_maps = mysql:/etc/postfix/mysql-relocated.cf
local_transport = local
local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname
virtual_transport = virtual
virtual_mailbox_domains =deepak.blr
virtual_minimum_uid = 1000
virtual_gid_maps = static:$vmail-gid
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf
virtual_uid_maps = static:$vmail-uid
virtual_mailbox_base = /
#virtual_mailbox_limit =

  • chmod 640 /etc/postfix/mysql-*.cf
  • chgrp postfix /etc/postfix/mysql-*.cf
  • postfix reload
And Have Fun..........

Apenguin

No comments: