virtual_users_and_domains_with_postfix__courier_and_mysql__fedora_8____howtoforge_-_linux_howtos_and_tutorials...

8/7/2019 Virtual_Users_And_Domains_With_Postfix__Courier_And_MySQL__Fedora_8____HowtoForge_-_Linux_Howtos_and_Tuto

1/12

Virtualization Poll

Options For This Howto

VMware Images:

V irtual Users A nd

Domains With

Postfix, Courier

A nd MySQL

(Fedora 8) (990.6

MB) (11 /15

/2007)

V Mware I mage

Import Guide

Lis t of all VMware

Images

Free Support

Paid Support

Navigation

Howtos

Linux

CentOS

Debian

Fedora

Kernel

Mandriva

PCLinuxOS

SuSE

Ubuntu

Apache

BackupControl Panels

Virtual Users And Domains With Postfix, Courier A... http://www.howtoforge.com/virtual-users-and-domai...

1 of 12 11/30/09 12:06


2/12

DNS

Desktop

Email

A nti-Spam/V irusPostfix

Procmail

Sendmail

FT P

High-Availability

Lighttpd

Monitoring

MySQL

Programming

C/C++

PHP

Samba

Security

A nti-Spam/V irus

V irtualization

Other

FreeBSD

Commercial

Mini-Howtos

Forums

Contribute

Subscription

Login

Site Map/RSS Feeds

User loginUsername:

Password:

Remember Me?

C reate a new acc ount

Request new pass word

Ads by Google

Free Domains

Linux OS

Install Linux

Good Domains

Who's onlineThere are currently 9 users and 2763 guests online.


2 of 12 11/30/09 12:06


3/12

HowtoForge ForumsSell Cvv Good and

fresh, pleasepurchase my :X

sell C vv Good and

fresh, please

purchase my :X

how to run

inotifywait

background

Restarting O penBSD

Secure Shell

server sshd

Linux ldap bind

windows ad

Ldap from windows

to linux

postfix/squirrelma

il with plugin ...

Godaddy and

Nameservers

How to Run a V ideo

at the start

unattended?

Local Testing

Server Setup

NewsDistro Review: OpenSUSE 11 .2

KDE Community Forums A nnounce the C ontinuation of Klass room

DRM C hange Continues To C ause Debate

The Perfect Desktop - Fedora 12 i686 (GNO ME )

Stream music wireless ely using PulseAudio s erver

Music A lbum Covers A nd Picture Previews A s Folder Thumbnails In Nautilus

Linux Mint 8 final released

Finding files and documents with Recoll

When Open Source M eets C losed Minds

Strange Ideas A bout Freedom of Speech

more

Recent commentsboot problem after install php5 pakage

14 hours 53 min ago

Thanks man

15 hours 10 s ec ago

squiremail not working15 hours 25 min ago


3 of 12 11/30/09 12:06


4/12


5/12

Do you like HowtoForge? Please consider supporting us by becoming a

subscriber.Submitted by falko (Contact Author) (Forums) on Sun, 2007-11-18 18:00. ::

Anti-Spam/Virus | Fedora | PostfixRobust Dedicated Servers

Enterprise hosting solutions 24/7

pro support, great promoswww.ayksolutions.com

OsiriX PRO

with FDA-clea rance and suppo rt

RSNA North Building #8903www.aycan.com

PostgreSQL Solutions

PostgreSQL Training, Support

Re plication, High-Availabilitywww.postgresql-support.de


5 of 12 11/30/09 12:06


6/12

tweet

0

V ersion 1.0A uthor: Falko T imme

Last edited 11 /14 /20 07

This tutorial is Copyright (c) 2007 by Falko Timme. I t is derived from a tutorial from Chris toph Haas which

you can find athttp://workaround.org . You are free to use this tutorial under the Creative Commons license

2.5 or any later version.

This document desc ribes how to install a mail server based on Postfix that is based on virtual users

and domains, i.e. users and domains that are in a M ySQ L database. I'll als o demonstrate the

installation and configuration of Courier (Courier-P O P3, Courier-IM A P ), so that C ourier can

authenticate against the same MySQ L database Pos tfix uses .

The resulting Pos tfix server is capable ofSMTP-AUTH and TLS and quota (quota is not built into

Postfix by default, I'l l show how to patch your Pos tfix appropriately). P asswords are stored in

encrypted form in the databas e (most doc uments I found were dealing with plain text pas swords

which is a s ecurity risk). In addition to that, this tutorial covers the installation ofAmavisd,

SpamAssassin and ClamAV so that emails will be s canned for spam and viruses.

The advantage of such a "virtual" setup (virtual users and domains in a M ySQ L database) is that it is

far more performant than a setup that is bas ed on "real" s ys tem users . With this virtual se tup your

mail server can handle thousands of domains and users . Besides, it is easier to administrate because

you only have to deal with the MySQ L database when you add new users /domains or edit existing

ones . No more postmap commands to c reate db files , no more reloading of Postfix, etc. For the

administration of the MySQ L database you c an use web based tools like phpMyA dmin which will also

be installed in this howto. The third advantage is that users have an email address as user name

(instead of a user name + an email address ) which is eas ier to understand and keep in mind.

This tutorial is based on Fedora 8 (i38 6). You should already have set up a basic Fedora sys tem, as

desc ribed here: http://www.howtoforge.com/fedora-8- server-lamp-email- dns- ftp-ispc onfig and

http://www.howtoforge.com/fedora-8- server-lamp-email-dns- ftp-ispc onfig-p2. Plus , you should make

sure that the firewall is off (at leas t for now) and that SELinux is disabled (this is important!), as shown

in the chapters s ix and seven on http://www.howtoforge.com/fedora-8-server-lamp-email-dns-ftp-

ispconfig-p3.

This howto is meant as a practical guide; it does not c over the theoretical backgrounds. They are

treated in a lot o f other documents in the web.

This doc ument comes without warranty of any kind! I want to say that this is not the only way of

setting up such a sys tem. There are many ways of achieving this goal but this is the way I take. I do

not issue any guarantee that this will work for you!

O ur hostname in this example is server1.example.com, and it has the IP address 192.168.0.100, so we

change /etc/hosts as follows:

vi /etc/hosts


6 of 12 11/30/09 12:06


7/12

# Do not remove the following line, or various program# that require network functionality will fail.

127.0.0.1 localhost.localdomain localhos192.168.0.100 server1.example.com server1::1 localhost6.localdomain6 localhost6

First we import the GP G keys for software packages:

rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*

Then we update our existing packages on the sys tem:

yum update

Now we ins tall s ome software that we need later on:

yum groupinstall 'Development Tools'

yum groupinstall 'Development Libraries'


7 of 12 11/30/09 12:06


8/12

This c an all be ins talled with one single c ommand (including the packages we need to build C ourier-

IMAP):

yum install ntp httpd mysql-server php php-mysql php-mbstring rpm-build gcc mysql-developenssl-devel cyrus-sasl-devel pkgconfig zlib-devel phpMyAdmin pcre-devel openldap-devel

postgresql-devel expect libtool-ltdl-devel openldap-servers libtool gdbm-devel pam-devel

gamin-devel

Unfortunately there are no rpm packages for Courier-IM A P , C ourier-A uthlib, and Maildrop, therefore

we have to ins tall them as des cribed in this tutorial: How To I nstall c ourier-imap, courier-authlib,

A nd maildrop O n Fedora, RedHat, CentO S

We have to get the Pos tfix source rpm, patch it with the quota patch, build a new Postfix rpm package

and install it.

cd /usr/src

wget http://ftp-stud.fht-esslingen.de/pub/Mirrors/fedora/linux/releases/8/Fedora/source/SRPMS

/postfix-2.4.5-2.fc8.src.rpm

rpm -ivh postfix-2.4.5-2.fc8.src.rpm

The las t command will show some warnings that you can ignore:

warning: user kojibuilder does not exist - using root

warning: group kojibuilder does not exist - using root

cd /usr/src/redhat/SOURCES

wget http://vda.sourceforge.net/VDA/postfix-2.4.5-vda-ng.patch.gz

gunzip postfix-2.4.5-vda-ng.patch.gz

cd /usr/src/redhat/SPECS/

Now we must edit the file postfix.spec:

vi postfix.spec

Change %define MYSQL 0 to %define MYSQL 1, add Patch0: postfix-2.4.5-vda-ng.patch to the # Patches

s tanza, and finally add %patch0 -p1 -b .vda-ngto the %setup -qstanza:


8 of 12 11/30/09 12:06


9/12

[...]%define MYSQL 1

[...]# Patches

Patch0: postfix-2.4.5-vda-ng.patchPatch1: postfix-2.1.1-config.patchPatch3: postfix-alternatives.patchPatch6: postfix-2.1.1-obsolete.patchPatch7: postfix-2.1.5-aliases.patchPatch8: postfix-large-fs.patchPatch9: postfix-2.4.0-cyrus.patchPatch10: postfix-2.4.5-open_define.patch[...]

Then we build our new Pos tfix rpm package with quota and MySQ L s upport:

rpmbuild -ba postfix.spec

You will s ee lots of warnings like these that you c an ignore:

msg.h:12:1: warning: "/*" within comment






O ur Postfix rpm package is created in /usr/src/redhat/RPMS/i386, so we go there:

cd /usr/src/redhat/RPMS/i386

The command

ls -l

shows you the available packages:

[root@server1 i386]# ls -l

total 11604

-rw-r--r-- 1 root root 3899179 2007-11-13 22:26 postfix-2.4.5-2.fc8.i386.rpm

-rw-r--r-- 1 root root 7907114 2007-11-13 22:26 postfix-debuginfo-2.4.5-2.fc8.i386.rpm

-rw-r--r-- 1 root root 50804 2007-11-13 22:26 postfix-pflogsumm-2.4.5-2.fc8.i386.rpm

[root@server1 i386]#

P ick the Postfix package and install it like this:

rpm -ivh postfix-2.4.5-2.fc8.i386.rpm

(In cas e you have problems c reating the Pos tfix rpm package, you can download mine from here.)


9 of 12 11/30/09 12:06


10/12

Start MySQ L:

chkconfig --levels 235 mysqld on

/etc/init.d/mysqld start

Then set passwords for the MySQ L root account:

mysqladmin -u root password yourrootsqlpassword

mysqladmin -h server1.example.com -u root password yourrootsqlpassword

Now we configure phpMyA dmin. We change the Apac he configuration so that phpMyA dmin allows

connections not just from localhos t (by commenting out the

stanza):

vi /etc/httpd/conf.d/phpMyAdmin.conf

# phpMyAdmin - Web based MySQL browser written in php## Allows only localhost by default## But allowing phpMyAdmin to anyone other than localho# dangerous unless properly secured by SSL

Alias /phpMyAdmin /usr/share/phpMyAdmin

## order deny,allow# deny from all# allow from 127.0.0.1#

Then we c reate the sys tem startup links for Apache and start it:

chkconfig --levels 235 httpd on

/etc/init.d/httpd start

Now you can direct your browser to http://server1.example.com/phpMyAdmin/or http://192.168.0.100

/phpMyAdmin/and log in with the user name root and your new root MySQ L pas sword.


10 of 12 11/30/09 12:06


11/12

This page is licensed under a C reative Commons Lic ense.

add comment | view as pdf| print: this | al l page(s) |

V irtual Users A nd Domains With Postfix, C ourier And MySQ L (Fedora C ore 5 )

V irtual Users A nd Domains With Postfix, C ourier And MySQ L (Debian Etch)

V irtual Users A nd Domains With Postfix, C ourier And MySQ L (Ubuntu 6.10 E dgy Eft)

Please do not use the comment function to ask for help! I f you need help, please use ourforum.

Comments w ill be publis hed after adminis trator approval.

selinuxSubmitted by Slawek (not registered) on Wed, 2008-09-17 09:16.

You don't have to disable selinux !

I found help here:

http://wiki.centos.org/HowTos/SELinux

I had problems during configure postfix + mysql + courier-imap

(elements: postfix_virtual_t , courier_authdaemon_t , postfix_smtpd_t)

You do have to analyze logs: /var/log/messages and /var/log/audit/audit.logYou have to make sure, that it isn't file permision problem.

You have to make sure, that it isn't selinux file context problem.

after problem occurs check logs:

tail /var/log/messages

and find:

setroubleshoot: SELinux is preventing xxxx () .... For complete SELinux messages. run sealert -l

e.g. = postfix_virtual_t

1.

create selinux policy module:

grep /var/log/audit/audit.log | audit2allow -M

e.g.

grep postfix_virtual_t /var/log/audit/audit.log | audit2allow -M postfixvirtualit creates two files .te (text version of module), .pp (module)

2.

display and check .te file

e.g.

cat postfixvirtual.te

3.

if it is ok load module:

semodule -i postfixvirtual.pp

4.

test if it works, if not go back to step 1 and repeat (I had to do 3 times for every element)5.

reply | view as pdf

cyrus-sasl missingSubmitted by jpieper (registered user) on Wed, 2008-08-27 19:19.


11 of 12 11/30/09 12:06


12/12

I also needed to install cyrus-sasl:

yum -y install cyrus-sasl

It wasnt installed before and isnt present in paragraph 3 of this article.

reply | view as pdf

Sponsored Links: Unified Communications: Thoughts, Strategies and Predictions

Join the discussion.

www.seamlessenterprise.com

IP Convergence

Integrate your wireless and wireline networks.

Learn how from the experts at Sprint.


Wireless & Wireline Integration

Thoughts, strategies and solutions: join the discussion


Unified Communications 2009

Join the Discussion. Now.


Red Hat Virtual Experience - a free virtual event. Dec. 9th

Howtos | Mini-Howtos | Forums | News | Search| Contribute | Subscription

Site Map/RSS Feeds | Advertise | Contact | Disclaimer | Imprint

Copyright 2009 HowtoForge - Linux Howtos and Tutorials

All Rights Reserved.


12 of 12 11/30/09 12:06

virtual_users_and_domains_with_postfix__courier_and_mysql__fedora_8____howtoforge_-_linux_howtos_and_tutorials...

Documents