websites used

http://switch.richard5.net/isp-in-a-box-v2/setting-up-maildrop/
http://workaround.org/articles/ispmail-etch/#checking-the-logs
This document describes how to install a mail server based on Postfix that is based on virtual users and domains, i.e. users and domains that are in a MySQL database. I'll also demonstrate the installation and configuration of Courier (Courier-POP3, Courier-IMAP), so that Courier can authenticate against the same MySQL database Postfix uses.

The resulting Postfix server is capable of SMTP-AUTH and TLS and quota (quota is not built into Postfix by default, I'll show how to patch your Postfix appropriately). Passwords are stored in encrypted form in the database (most documents I found were dealing with plain text passwords which is a security risk). In addition to that, this tutorial covers the installation of Amavisd, SpamAssassin and ClamAV so that emails will be scanned for spam and viruses. And also postfixadmin to manage the domains.



1.rpm -ivh http://www.thatfleminggent.com/packages/fedora/5/i386/enlartenment-release-1.1-2.fc5.mf.noarch.rpm



2.vi /etc/yum.repos.d/enlartenment.repo
we must set enabled to 1

3.rpm --import http://www.thatfleminggent.com/RPM-GPG-KEY.mf




4.This can all be installed with one single command

yum install ntp httpd mysql-server php php-mysql php-mbstring rpm-build gcc mysql-devel openssl-develcyrus-sasl-devel pkgconfig zlib-devel maildrop courier-imap courier-authlib-mysql phpmyadmin pcre-developenldap-devel


5. Apply Quota Patch To Postfix

We have to get the Postfix source rpm, patch it with the quota patch, build a new Postfix rpm package and install it.

cd /usr/src

wgethttp://ftp-stud.fht-esslingen.de/pub/Mirrors/fedora/linux/core/5/source/SRPMS/postfix-2.2.8-1.2.src.rpm


rpm -ivh postfix-2.2.8-1.2.src.rpm

cd /usr/src/redhat/SOURCES

wget http://web.onda.com.br/nadal/postfix/VDA/postfix-2.2.8-vda.patch.gz


gunzip postfix-2.2.8-vda.patch.gz

cd /usr/src/redhat/SPECS/

Now we must edit the file postfix.spec:

vi postfix.spec

[...]
%define MYSQL 1
[...]
# Patches

Patch0: postfix-2.2.8-vda.patch
Patch1: postfix-2.1.1-config.patch
Patch3: postfix-alternatives.patch
Patch4: postfix-hostname-fqdn.patch
Patch6: postfix-2.1.1-obsolete.patch
Patch7: postfix-2.1.5-aliases.patch
Patch8: postfix-large-fs.patch
Patch9: postfix-2.2.5-cyrus.patch
[...]
%setup -q
# Apply obligatory patches
%patch0 -p1 -b .vda
%patch1 -p1 -b .config
%patch3 -p1 -b .alternatives
%patch4 -p1 -b .postfix-hostname-fqdn
%patch6 -p1 -b .obsolete
%patch7 -p1 -b .aliases
%patch8 -p1 -b .large-fs
%patch9 -p1 -b .cyrus
[...]

rpmbuild -ba postfix.spec

cd /usr/src/redhat/RPMS/i386

rpm -ivh postfix-2.2.8-1.2.i386.rpm

6. Set MySQL Passwords And Configure phpMyAdmin

chkconfig --levels 235 mysqld on

/etc/init.d/mysqld start

Then set passwords for the MySQL root account

mysqladmin -u root password yourrootsqlpassword


7. Now we configure phpMyAdmin. Create /usr/share/phpmyadmin/config.inc.php:

vi /usr/share/phpmyadmin/config.inc.php

<?php
$cfg[PmaAbsoluteUri] = 'http://192.168.0.100/phpmyadmin/';
$i=0;
$i++;
$cfg['Servers'][$i]['auth_type'] = 'http';
?>


7.1Then we change the Apache configuration so that phpMyAdmin allows connections not just from localhost:

vi /etc/httpd/conf.d/phpmyadmin.conf

Alias /phpmyadmin/ "/usr/share/phpmyadmin/"
#<Location "/phpmyadmin/">
# Order allow,deny
# Allow from 127.0.0.1
#</Location>

8. Then we create the system startup links for Apache and start it:
chkconfig --levels 235 httpd on
/etc/init.d/httpd start

9.Create The MySQL Database For Postfix/Courier

9.1SET MYSQL PASSWORD

mysql> use mysql;
mysql> update user set password=Password(' 1234 ') where user='root';
mysql> flush privileges;
mysql>\q

9.2Now again, Change to the MySQL database administration and add the postfix user and password:

USE mysql;
INSERT INTO user (Host, User, Password) VALUES ('localhost','postfix',password('postfix'));
INSERT INTO db (Host, Db, User, Select_priv) VALUES ('localhost','postfix','postfix','Y');

9.3 Add the Postfix admin user and password:

INSERT INTO user (Host, User, Password) VALUES ('localhost','postfixadmin',password('postfixadmin'));
INSERT INTO db (Host, Db, User, Select_priv, Insert_priv, Update_priv, Delete_priv) VALUES ('localhost', 'postfix', 'postfixadmin', 'Y', 'Y', 'Y', 'Y');

9.4 Setup the rights for the just created users:

FLUSH PRIVILEGES;
GRANT USAGE ON postfix.* TO postfix@localhost;
GRANT SELECT, INSERT, DELETE, UPDATE ON postfix.* TO postfix@localhost;
GRANT USAGE ON postfix.* TO postfixadmin@localhost;
GRANT SELECT, INSERT, DELETE, UPDATE ON postfix.* TO postfixadmin@localhost;

9.5 Next, create the database that we will use for the user administration:

CREATE DATABASE postfix;

USE postfix;


A) Now we can create the tables, first the table for the administrators:

CREATE TABLE admin (
username varchar(255) NOT NULL default '',
password varchar(255) NOT NULL default '',
created datetime NOT NULL default '0000-00-00 00:00:00',
modified datetime NOT NULL default '0000-00-00 00:00:00',
active tinyint(1) NOT NULL default '1',
PRIMARY KEY (username),
KEY username (username)
) TYPE=MyISAM COMMENT='Postfix Admin - Virtual Admins';


B) Then the table for the 'alias' administration, or which external e-mail address is routed to which mailbox.

CREATE TABLE alias (
address varchar(255) NOT NULL default '',
goto text NOT NULL,
domain varchar(255) NOT NULL default '',
created datetime NOT NULL default '0000-00-00 00:00:00',
modified datetime NOT NULL default '0000-00-00 00:00:00',
active tinyint(1) NOT NULL default '1',
PRIMARY KEY (address),
KEY address (address)
) TYPE=MyISAM COMMENT='Postfix Admin - Virtual Aliases';

C) The table for the domains we are going to administer is next:

CREATE TABLE domain (
domain varchar(255) NOT NULL default '',
description varchar(255) NOT NULL default '',
aliases int(10) NOT NULL default '0',
mailboxes int(10) NOT NULL default '0',
maxquota int(10) NOT NULL default '0',
transport varchar(255) default NULL,
backupmx tinyint(1) NOT NULL default '0',
created datetime NOT NULL default '0000-00-00 00:00:00',
modified datetime NOT NULL default '0000-00-00 00:00:00',
active tinyint(1) NOT NULL default '1',
PRIMARY KEY (domain),
KEY domain (domain)
) TYPE=MyISAM COMMENT='Postfix Admin - Virtual Domains';

D) The table for the domain administrators if you want to use them.

CREATE TABLE domain_admins (
username varchar(255) NOT NULL default '',
domain varchar(255) NOT NULL default '',
created datetime NOT NULL default '0000-00-00 00:00:00',
active tinyint(1) NOT NULL default '1',
KEY username (username)
) TYPE=MyISAM COMMENT='Postfix Admin - Domain Admins';

E)A table where the changes will be logged is very useful if some users report problems and you want to find out what has been done.

CREATE TABLE log (
timestamp datetime NOT NULL default '0000-00-00 00:00:00',
username varchar(255) NOT NULL default '',
domain varchar(255) NOT NULL default '',
action varchar(255) NOT NULL default '',
data varchar(255) NOT NULL default '',
KEY timestamp (timestamp)
) TYPE=MyISAM COMMENT='Postfix Admin - Log';

F) The table structure for the actual mailboxes.

CREATE TABLE mailbox (
username varchar(255) NOT NULL default '',
password varchar(255) NOT NULL default '',
name varchar(255) NOT NULL default '',
maildir varchar(255) NOT NULL default '',
quota int(10) NOT NULL default '0',
domain varchar(255) NOT NULL default '',
created datetime NOT NULL default '0000-00-00 00:00:00',
modified datetime NOT NULL default '0000-00-00 00:00:00',
active tinyint(1) NOT NULL default '1',
PRIMARY KEY (username),
KEY username (username)
) TYPE=MyISAM COMMENT='Postfix Admin - Virtual Mailboxes';


G) When someone wants to send a reply when he is temporary unable to get to his mail.

CREATE TABLE vacation (
email varchar(255) NOT NULL default '',
subject varchar(255) NOT NULL default '',
body text NOT NULL,
cache text NOT NULL,
domain varchar(255) NOT NULL default '',
created datetime NOT NULL default '0000-00-00 00:00:00',
active tinyint(1) NOT NULL default '1',
PRIMARY KEY (email),
KEY email (email)
) TYPE=MyISAM COMMENT='Postfix Admin - Virtual Vacation';


10. configure postfix

Now we have to tell Postfix where it can find all the information in the database. Therefore we have to create six text files.

A) vi /etc/postfix/mysql_virtual_alias_maps.cf

user = postfix
password = postfix
hosts = 127.0.0.1
dbname = postfix
query = SELECT goto FROM alias WHERE address='%s' AND active = 1

B) vi /etc/postfix/mysql_virtual_domains_maps.cf

user = postfix
password = postfix
hosts = 127.0.0.1
dbname = postfix
query = SELECT domain FROM domain WHERE domain='%s'
#optional query to use when relaying for backup MX
#query = SELECT domain FROM domain WHERE domain='%s' and backupmx = '0' and active = '1'

C) vi /etc/postfix/mysql_virtual_mailbox_maps.cf

user = postfix
password = postfix
hosts = 127.0.0.1
dbname = postfix
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = 1


chmod o= /etc/postfix/mysql_virtual_*.cf

chgrp postfix /etc/postfix/mysql_virtual_*.cf

11. Now we create a user and group called vmail with the home directory /home/vmail. This is where all mail boxes will be stored.

groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /home/vmail -m

chown -R vmail:vmail /home/vmail

chmod 771 /home/vmail


12. Now we configure /etc/postfix/main.cf

main.cf
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
# The hostname is preferably the hostname you get from your ISP.
# Otherwise take the one from your primary domain
myhostname = server.isp-domain.tld
# Let this point to your primary registered domain
mydomain = domain.tld
# receive mail on all network interfaces.
inet_interfaces = all
# reject all mail for unknown users.
unknown_local_recipient_reject_code = 550
debug_peer_level = 2
#
# my additions for the virtual domain administration
# to use the MySQL database.
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /usr/local/virtual/
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 5000
virtual_transport = virtual ========================================> or ===> vmail
virtual_uid_maps = static:5000
#
# The settings for the SASL authentication using the autdaemon.
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,
reject_rbl_client list.dsbl.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client sbl-xbl.spamhaus.org

enable_server_options = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_use_pw_server = yes
smtpd_pw_server_security_options = plain,login,cram-md5
server_enabled = 1
#
# OPTIONAL PART
smtpd_helo_required = yes
disable_vrfy_command = yes
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_etrn_restrictions = reject
##############################################
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
postconf -e smtpd_use_tls = yes
postconf -e 'smtpd_tls_cert_file = /etc/postfix/smtpd.cert'
postconf -e 'smtpd_tls_key_file = /etc/postfix/smtpd.key'



13.Afterwards we create the SSL certificate that is needed for TLS:

cd /etc/postfix

openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509

chmod o= /etc/postfix/smtpd.key

14.Configure Saslauthd

Edit /usr/lib/sasl2/smtpd.conf. It should look like this:

vi /usr/lib/sasl2/smtpd.conf

pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/spool/authdaemon/socket


15. Then turn off Sendmail and start Postfix, saslauthd, and courier-authlib:

chmod 755 /var/spool/authdaemon
chkconfig --levels 235 courier-authlib on
/etc/init.d/courier-authlib start

chkconfig --levels 235 sendmail off
chkconfig --levels 235 postfix on
chkconfig --levels 235 saslauthd on
/etc/init.d/sendmail stop
/etc/init.d/postfix start
/etc/init.d/saslauthd start

16.Configure Courier:
Now we have to tell Courier that it should authenticate against our MySQL database. First, edit /etc/authlib/authdaemonrc and change the value of authmodulelist so that it reads

vi /etc/authlib/authdaemonrc

[...]
authmodulelist="authmysql"
[...]


vi /etc/authlib/authmysqlrc

MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix

# if you used the MySQL package from Server Logistics use the
# following settings otherwise check your MySQL installation.
MYSQL_SOCKET /private/tmp/mysql.sock
MYSQL_PORT 3306

# The name of the MySQL database we will use:
MYSQL_DATABASE postfix

# the table in the database with the users
MYSQL_USER_TABLE mailbox

# which field in the table has the password
MYSQL_CRYPT_PWFIELD password

# the numerical userid of the postfix account
MYSQL_UID_FIELD '5000'

#the numerical groupid of the postfix account
MYSQL_GID_FIELD '5000'

# the username as defined in the table mailbox
MYSQL_LOGIN_FIELD username

# the location of the mailboxes on the server
# Please change this is you are going to use a different location.
MYSQL_HOME_FIELD '/home/vmail'

# The user's name (optional)
MYSQL_NAME_FIELD name

# The location where the user mailbox is defined in the table.
MYSQL_MAILDIR_FIELD maildir


17. Then restart Courier:

chkconfig --levels 235 courier-imap on

/etc/init.d/courier-authlib restart

/etc/init.d/courier-imap restart

18. Next step is configuring the IMAP part of our mail server.

vi /usr/lib/courier-imap/etc/imapd

Change the last line in the file from:

MAILDIRPATH=Maildir

into

MAILDIRPATH=/home/vmail/ ==============================> see that you put the "/" at the end


18. Installing and configuring Postfix Admin

cd /var/www/html

wget http://nchc.dl.sourceforge.net/sourceforge/postfixadmin/postfixadmin-2.1.0.tgz


tar xzvf postfixadmin-2.1.0.tgz

mv postfixadmin-2.1.0 postfixadmin

chown -R apache:apache /var/www/html/postfixadmin

cd /var/www/html/postfixadmin
chmod 640 *.php *.css
cd /var/www/html/postfixadmin/admin/
chmod 640 *.php .ht*
cd /var/www/html/postfixadmin/images/
chmod 640 *.gif *.png
cd /var/www/html/postfixadmin/languages/
chmod 640 *.lang
cd /var/www/html/postfixadmin/templates/
chmod 640 *.tpl
cd /var/www/html/postfixadmin/users/
chmod 640 *.php


cd /var/www/html/postfixadmin

cp config.inc.php.sample config.inc.php

cd /var/www/html/postfixadmin


// the location of the files:
$CONF['postfix_admin_url'] = '/postfixadmin/admin';
$CONF['postfix_admin_path'] = '/Library/Apache2/htdocs/postfixadmin/admin';

// how to connect to the database
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfixadmin';
$CONF['database_password'] = 'postfixadmin';
$CONF['database_name'] = 'postfix';
$CONF['database_prefix'] = '';

// your administrator e-mail address
$CONF['admin_email'] = 'postmaster@yourmaindomain.tld';

// The default aliases that need to be created for all domains.
$CONF['default_aliases'] = array (
'abuse' => 'abuse@yourmaindomain.tld',
'hostmaster' => 'hostmaster@yourmaindomain.tld',
'postmaster' => 'postmaster@yourmaindomain.tld',
'webmaster' => 'webmaster@yourmaindomain.tld'
);

// to get a mailbox structure like /domain/user
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';


now you should be able to view http://192.168.0.242/postfixadmin


set up will check your system

then,

rename the setup.php and motd-motd-admin.txt

[root@server3 postfixadmin]# mv setup.php setup.php.orig
[root@server3 postfixadmin]# mv motd-motd-admin.txt motd-users.txt
[root@server3 postfixadmin]# mv motd-motd-admin.txt motd-users.txt
[root@server3 postfixadmin]# mv motd-admin.txt motd-admin.txt.orig


18 .1---> Installing Squirrelmail
Now that we have postfix running with IMAP, we can install a webmail client to make mail accessible via a web browser.

1. First of all, make sure some rendition of PHP 4 is installed.
Rpm –q php

2. Make sure you have PHP uploads turned ON. Here's the line you will want to check/edit:
file_uploads = On

That's it for the PHP setup.

Now let's download Squirrelmail... to cd /download/

Tar –zxvf squirrelmail-1.4.10a.tar.gz

Cd squirrelmail-1.4.10a
Mv squirrelmail-1.4.10a webmail

mkdir /var/sqattachements

chown -R apache:apache /var/sqattachements

cd webmail

chown -R apache:apache data (or whatever user apache runs as)

cd config

./conf.pl

This will run the Squirrelmail setup script which will allow you to customize the installation as well as set your server settings.

Bellow is the normal setting
General
-------
1. Domain :192.168.0.243
2. Invert Time : false
3. Sendmail or SMTP : SMTP
IMAP Settings
--------------
4. IMAP Server : localhost
5. IMAP Port : 143
6. Authentication type : login
7. Secure IMAP (TLS) : false
8. Server software : other
9. Delimiter : detect
SMTP Settings
-------------
4. SMTP Server : localhost
5. SMTP Port : 25
6. POP before SMTP : false
7. SMTP Authentication : login
8. Secure SMTP (TLS) : false

Once you've configured Squirrelmail to your liking, it's time to configure Apache to serve our new webmail interface

Vi http.conf

<VirtualHost 192.168.0.243:80>
ServerName mail.mydomain.com
ServerAlias mail.*
ServerAdmin postmaster@mydomain.com
DocumentRoot /var/www/html/webmail
</VirtualHost>

Ok, now that Apache is all configured, let's test the new webmail interface...

http://www.yourdomain.com/webmail

or

http://192.168.0.243/webmail


19. Install Amavisd-new, SpamAssassin And ClamAV

19.1 yum install amavisd-new spamassassin clamav clamav-data clamav-server clamav-update unzip bzip2 unrar

19.2 vi /etc/amavisd/amavisd.conf

A .( add the following lines )

########################
$mydomain = 'localhost';
########################
#$mydomain = 'example.com'; # a convenient default


B. Change
$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent

to
########################
$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 4.0; # add 'spam detected' headers at that level
$sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
########################

C. change
# @lookup_sql_dsn =
# ( ['DBI:mysql:database=postfix;host=127.0.0.1;port=3306', 'user1', 'passwd1'],
# ['DBI:mysql:database=mail;host=host2', 'username2', 'password2'],
# ["DBI:SQLite:dbname=$MYHOME/sql/mail_prefs.sqlite", '', ''] );
# @storage_sql_dsn = @lookup_sql_dsn; # none, same, or separate database

to

# @lookup_sql_dsn =
# ( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user1', 'passwd1'],
# ['DBI:mysql:database=mail;host=host2', 'username2', 'password2'],
# ["DBI:SQLite:dbname=$MYHOME/sql/mail_prefs.sqlite", '', ''] );

########################
@lookup_sql_dsn =
( ['DBI:mysql:database=postfix;host=127.0.0.1;port=3306', 'postfixadmin', 'postfixadmin'] );

$sql_select_policy = 'SELECT "Y" as local FROM domain WHERE CONCAT("@",domain) IN (%k)';

$sql_select_white_black_list = undef; # undef disables SQL white/blacklisting

$recipient_delimiter = '+'; # (default is '+')

$replace_existing_extension = 1; # (default is false)

$localpart_is_case_sensitive = 0; # (default is false)
########################

# @storage_sql_dsn = @lookup_sql_dsn; # none, same, or separate


D. Change
# $recipient_delimiter = '+'; # undef disables address extensions altogether
# when enabling addr extensions do also Postfix/main.cf: recipient_delimiter=+

to
########################
$recipient_delimiter = undef; # undef disables address extensions altogether
# when enabling addr extensions do also Postfix/main.cf: recipient_delimiter=+
########################



E.Change
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_BOUNCE;
$final_spam_destiny = D_DISCARD;
$final_bad_header_destiny = D_BOUNCE;

to
########################
$final_virus_destiny = D_REJECT;
$final_banned_destiny = D_REJECT;
$final_spam_destiny = D_PASS;
$final_bad_header_destiny = D_PASS;
########################

20. When we installed ClamAV, a cron job got installed that tries to update the ClamAV virus database every three hours. But this works only if we enable it in /etc/sysconfig/freshclam and /etc/freshclam.conf:

vi /etc/sysconfig/freshclam

we need to add the "#" at the begginin of the last line

21. vi /etc/freshclam.conf

we ned to add the # symbol next to example

22. Now let's create the system startup links for ClamAV and amavisd-new, update ClamAV's virus signature database, and start both services:

chkconfig --levels 235 amavisd on
chkconfig --levels 235 clamd.amavisd on
/usr/bin/freshclam
/etc/init.d/amavisd start
/etc/init.d/clamd.amavisd start

23.Now we have to configure Postfix to pipe incoming email through amavisd-new

postconf -e 'content_filter = amavis:[127.0.0.1]:10024'
postconf -e 'receive_override_options = no_address_mappings'

24.Afterwards append the following lines to /etc/postfix/master.cf:

vi /etc/postfix/master.cf

amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes

127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_bind_address=127.0.0.1

restart psotfix

/etc/init.d/postfix restart


25. Install Razor, Pyzor And DCC And Configure SpamAssassin

yum install perl-Razor-Agent pyzor

25. 1 Then initialize both services

chmod -R a+rX /usr/share/doc/pyzor-0.4.0 /usr/bin/pyzor /usr/bin/pyzord
chmod -R a+rX /usr/lib/python2.4/site-packages/pyzor
su -m amavis -c 'pyzor --homedir /var/spool/amavisd discover'
su -m amavis -c 'razor-admin -home=/var/spool/amavisd -create'
su -m amavis -c 'razor-admin -home=/var/spool/amavisd -register'

25.2 Then we install DCC as follows:
cd /tmp
wget http://www.dcc-servers.net/dcc/source/dcc-dccproc.tar.Z

tar xzvf dcc-dccproc.tar.Z
cd dcc-dccproc-1.3.42
./configure --with-uid=amavis
make
make install
chown -R amavis:amavis /var/dcc
ln -s /var/dcc/libexec/dccifd /usr/local/bin/dccifd

25.3 Now we have to tell SpamAssassin to use these three programs. Edit /etc/mail/spamassassin/local.cf so that it looks like this:
vi /etc/mail/spamassassin/local.cf

the file shoulf look like follows:
##########################################################
# These values can be overridden by editing ~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details)

# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.

#required_hits 5
#report_safe 0
#rewrite_header Subject [SPAM]

# dcc
use_dcc 1
dcc_path /usr/local/bin/dccproc
dcc_add_header 1
dcc_dccifd_path /usr/local/bin/dccifd

#pyzor
use_pyzor 1
pyzor_path /usr/bin/pyzor
pyzor_add_header 1

#razor
use_razor2 1
razor_config /var/spool/amavisd/razor-agent.conf

#bayes
use_bayes 1
use_bayes_rules 1
bayes_auto_learn 1
############################################################

25.4 /etc/init.d/amavisd restart


26.Now I want to insert some custom rulesets that can be found on the internet into SpamAssassin. I have tested those rulesets, and they make spam filtering a lot more effective. Create the file /usr/local/sbin/sa_rules_update.sh:

vi /usr/local/sbin/sa_rules_update.sh

#!/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/71_sare_redirect_pre3.0.0.cf -O 71_sare_redirect_pre3.0.0.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_bayes_poison_nxm.cf -O 70_sare_bayes_poison_nxm.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html.cf -O 70_sare_html.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html4.cf -O 70_sare_html4.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html_x30.cf -O 70_sare_html_x30.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header0.cf -O 70_sare_header0.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header3.cf -O 70_sare_header3.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header_x30.cf -O 70_sare_header_x30.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_specific.cf -O 70_sare_specific.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_adult.cf -O 70_sare_adult.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/72_sare_bml_post25x.cf -O 72_sare_bml_post25x.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_sare_fraud_post25x.cf -O 99_sare_fraud_post25x.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_spoof.cf -O 70_sare_spoof.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_random.cf -O 70_sare_random.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_oem.cf -O 70_sare_oem.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj0.cf -O 70_sare_genlsubj0.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj3.cf -O 70_sare_genlsubj3.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj_x30.cf -O 70_sare_genlsubj_x30.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_unsub.cf -O 70_sare_unsub.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_uri.cf -O 70_sare_uri.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://mywebpages.comcast.net/mkettler/sa/antidrug.cf -O antidrug.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.timj.co.uk/linux/bogus-virus-warnings.cf -O bogus-virus-warnings.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.yackley.org/sa-rules/evilnumbers.cf -O evilnumbers.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.stearns.org/sa-blacklist/random.current.cf -O random.current.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_body.cf -O 88_FVGT_body.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_rawbody.cf -O 88_FVGT_rawbody.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_subject.cf -O 88_FVGT_subject.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_headers.cf -O 88_FVGT_headers.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_uri.cf -O 88_FVGT_uri.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_DomainDigits.cf -O 99_FVGT_DomainDigits.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_Tripwire.cf -O 99_FVGT_Tripwire.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_meta.cf -O 99_FVGT_meta.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.nospamtoday.com/download/mime_validate.cf -O mime_validate.cf &> /dev/null

/etc/init.d/amavis restart &> /dev/null

exit 0



26.1 Make the script executable:

chmod 755 /usr/local/sbin/sa_rules_update.sh

26.2. Then run that script once, it will fetch those rulesets and insert them into SpamAssassin

usr/local/sbin/sa_rules_update.sh

26.3 We create a cron job so that those rulesets will be updated regularly. Run

crontab -e

23 4 */2 * * /usr/local/sbin/sa_rules_update.sh &> /dev/null

(This will update the rulesets every second day at 4.23h.)


27.Quota Exceedance Notifications

If you want to get notifications about all the email accounts that are over quota, then do this

cd /usr/local/sbin/
wget http://puuhis.net/vhcs/quota.txt

mv quota.txt quota_notify
chmod 755 quota_notify

Open /usr/local/sbin/quota_notify and edit the variables at the top

my $POSTFIX_CF = "/etc/postfix/main.cf";
my $MAILPROG = "/usr/sbin/sendmail -t";
my $WARNPERCENT = 80;
my @POSTMASTERS = ('postmaster@isp.tld');
my $CONAME = 'ISP.tld';
my $COADDR = 'postmaster@isp.tld';
my $SUADDR = 'postmaster@isp.tld';
my $MAIL_REPORT = 1;
my $MAIL_WARNING = 1;

crontab -e

0 0 * * * /usr/local/sbin/quota_notify &> /dev/null



your done !!!!!

##############################################################################################
squirrelmail : instruction for storing address book and user preference in mysql database
###############################################################################################
On sites with many users you might want to store your user data in a database instead of in files. SquirrelMail can be configured to do this.
Creating the database
First you need to create a database and a database user with access to SELECT, INSERT, UPDATE, and DELETE in that database. For MySQL you would normally do something like:
mysql> CREATE DATABASE squirrelmail;
mysql> GRANT select,insert,update,delete ON squirrelmail.* TO root@localhost IDENTIFIED BY 'agnello'

Storing address books in the database
Create a table for the address books. The table structure should be similar to this for MySQL:
CREATE TABLE address (
owner varchar(128) DEFAULT '' NOT NULL,
nickname varchar(16) DEFAULT '' NOT NULL,
firstname varchar(128) DEFAULT '' NOT NULL,
lastname varchar(128) DEFAULT '' NOT NULL,
email varchar(128) DEFAULT '' NOT NULL,
label varchar(255),
PRIMARY KEY (owner,nickname),
KEY firstname (firstname,lastname)
);


Create a table for the preferences. The table structure should be similar to this for MySQL:
CREATE TABLE userprefs (
user varchar(128) DEFAULT '' NOT NULL,
prefkey varchar(64) DEFAULT '' NOT NULL,
prefval BLOB DEFAULT '' NOT NULL,
PRIMARY KEY (user,prefkey)
);


Create a table for the preferences. The table structure should be similar to this for MySQL

CREATE TABLE global_abook (
owner varchar(128) DEFAULT '' NOT NULL,
nickname varchar(16) DEFAULT '' NOT NULL,
firstname varchar(128) DEFAULT '' NOT NULL,
lastname varchar(128) DEFAULT '' NOT NULL,
email varchar(128) DEFAULT '' NOT NULL,
label varchar(255),
PRIMARY KEY (owner,nickname),
KEY firstname (firstname,lastname)
);

quit;

Constructing a data source name ( DSN) -----> this is done by running the ./conf.pl ------> choose the 9th option
your 9th option should look like this after editing
Database
1. DSN for Address Book : mysql://root:agnello@localhost/squirrelmail
2. Table for Address Book : address

3. DSN for Preferences : mysql://root:agnello@localhost/squirrelmail
4. Table for Preferences : userprefs
5. Field for username : user
6. Field for prefs key : prefkey
7. Field for prefs value : prefval

8. DSN for Global Address Book : mysql://root:agnello@localhost/squirrelmail
9. Table for Global Address Book : global_abook
10. Allow writing into Global Address Book : false
11. Allow listing of Global Address Book : false

R Return to Main Menu
C Turn color on
S Save data
Q Quit

your done !!!



######################################################################
testing
#####################################################################

[root@server3 postfixadmin]# postmap -q "quali.co.in"
mysql:/etc/postfix/mysql_virtual_domains_maps.cf ( enter)
quali.co.in =====> this is the resulth i get

root@server3 postfixadmin]# postmap -q "agnello@quali.co.in"
mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf ( enter )
quali.co.in/agnello/========> this is the resulth i get


[root@server3 postfixadmin]# telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
+OK Hello there.
user name@quali.co.in
+OK Password required.
pass name
-ERR chdir quali.co.in/agnello/ failed
Connection closed by foreign host.


################### ERRORS #############################################
1. I you get an error of not able to telnet to remote interface we would need to look at the inet_interfaces setting in /etc/postfix/main.cf

2. the service that runs spamassisn is spamd




##### Default values #####
$db = "squirrelmail";
$abook_table = "address";
$pref_table = "userprefs";
$dbtype = 'mysql';
##### ##### #####--

ftp site for postfix

ftp://mirror.cbn.net.id/pub/postfix-release/official/

--

SET MYSQL PASSWORD

SET MYSQL PASSWORD

mysql> use mysql;
mysql> update user set password=Password(' 1234 ') where user='root';
mysql> flush privileges;
mysql>\q



--

error: 'Access denied for user 'root'@'localhost' (using password: YES)'

if you get the following error ""error: 'Access denied for user 'root'@'localhost' (using password: YES)'"
 
Then
 
log to mysql
 
mysql -u root ( enter )
 
then do 
 
mysqladmin -u root create [database file name ] ( enter) 
 

--

Installing and configuring Postfix Admin

Here we'll describe what to do to install the Postfix Admin package and what to do to solve the bugs we encountered.

First you need to download the software package from the Postfix Admin site, I'm using and basing these instructions on version 2.1.0. Don't use the installation guide that comes with the installation package as some of the steps you have already performed and might conflict with other parts of the installation.

Extract the package into the directory /var/www/httpd, that is if you used the installation package from Server Logistics we've discussed earlier. Otherwise extract it in the document root for your apache installation.

For ease of use you can rename the directory postfixadmin-2.1.0 to just postfixadmin or create a symbolic link to that directory as follows:

ln -s /var/www/httpd/postfixadmin-2.1.0 /var/www/httpd/postfixadmin

Because you will enter the database user and password in the configuration files located in this directory it will be a lot safer if you change ownership and the permissions.

chown -R www:www /var/www/httpd/postfixadmin-2.1.0

cd /var/www/httpd/postfixadmin-2.1.0
chmod 640 *.php *.css
cd /var/www/httpd/postfixadmin-2.1.0/admin/
chmod 640 *.php .ht*
cd /var/www/httpd/postfixadmin-2.1.0/images/
chmod 640 *.gif *.png
cd /var/www/httpd/postfixadmin- 2.1.0/languages/
chmod 640 *.lang
cd /var/www/httpd/postfixadmin-2.1.0/templates/
chmod 640 *.tpl
cd /var/www/httpd/postfixadmin-2.1.0/users/
chmod 640 *.php


When you've done this you are ready to create the configuration file. Copy the file config.inc.php.sample in the directory /var/www/httpd/postfixadmin to config.inc.php to get a starting point. Then edit the file config.inc.php and change following items:

// the location of the files:
$CONF['postfix_admin_url'] = '/postfixadmin/admin';
$CONF['postfix_admin_path'] = '/var/www/httpd/postfixadmin/admin';

// how to connect to the database
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfixadmin';
$CONF['database_password'] = 'postfixadmin';
$CONF['database_name'] = 'postfix';
$CONF['database_prefix'] = '';

// your administrator e-mail address
$CONF['admin_email'] = 'postmaster@yourmaindomain.tld';

// The default aliases that need to be created for all domains.
$CONF['default_aliases'] = array (
'abuse' => 'abuse@yourmaindomain.tld' ,
'hostmaster' => 'hostmaster@yourmaindomain.tld',
'postmaster' => 'postmaster@yourmaindomain.tld',
'webmaster' => 'webmaster@yourmaindomain.tld'
);

// to get a mailbox structure like /domain/user
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';

Next, to secure the overall admin module you need to edit the file .htaccess in the directory /var/www/httpd/postfixadmin/admin. Change the line

AuthUserFile /usr/local/www/<domain.tld>/admin/.htpasswd
into this:
AuthUserFile /var/www/httpd/postfixadmin/admin/.htpasswd

You need to do the final step by starting up your favourite browser and point it to http://localhost/postfixadmin/. Click on the setup link for the final step, it will do a test and checkup. After you got it working remove the setup.php file from the directory /var/www/httpd/postfixadmin or rename it to keep your server safe.

You can then go into http://localhost/postfixadmin/admin/ to administrate your users and domain admins. Please note that the default user and password for this is admin/admin and that that is defined in the .htpasswd file in the directory /var/www/httpd/postfixadmin/admin. To change the default password you can go into the directory /var/www/httpd/postfixadmin/admin as root and type the following command:

htpasswd -c .htpasswd admin

You then will be asked to type the new password twice, if you did that correctly the password has changed.


--

installing Mysql --- from source

Download from here  ftp://ftp.mysql.com/pub/mysql/

# cd /usr/local/src
#wget -c http://mysql.he.net/Downloads/MySQL-4.0/mysql-5.0.24.tar.gz

Create mysql user and group
#groupadd mysql
#useradd -g mysql mysql

Unpack mysql archive
# tar -zxf mysql-5.0.24.tar.gz
#cd mysql-4.0.24/

Configure mysql with /usr/local/mysql base directory
#./configure --prefix=/usr/local/mysql
Build source files
#make
Install compiled files to the directory specified in prefix
#make install
Mysql uses a configuration file to determine some parameters on startup. It must be modified depending on your machine's capacity. Copy mysql configuration file and startup script for a medium sized system to /etc/my.cnf .  Read my-*.cnf files for your own system on the untarred location of MySQL. Those files allow you to chose which file to use for your system.
#mkdir /etc/mysql/
#cp support-files/my-medium.cnf /etc/mysql/my.cnf
#cp support-files/mysql.server /etc/init.d/
#chmod 755 /etc/init.d/mysql.server

Go to base directory and create MySQL grant tables with mysql user (If this MySQL is your second
MySQL installation in your linux, defaults-file variable can be set to your new conf file)

#cd /usr/local/mysql
#bin/mysql_install_db --user=mysql

Change ownership of binaries to root and ownership of data directory to mysql user
#chown -R root  .
#chown -R mysql var
#chgrp -R mysql .

Introduce new libraries to our Linux
#echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
#ldconfig Start MySQL daemon
#/etc/init.d/mysql.server start

Connect to the MySQL server and give mysql root password. Since, there is no default root password
Please pay attention to this part, I have seen many who don't give any root password to their servers.

#/usr/local/mysql/bin/mysql -u root


--
Warm Regards

mysql ftp site ----GOOD

ftp://ftp.mysql.com/pub/mysql/

--

Other Articles

Enter your email address: