This manual is deprecated. Please visit https://groupoffice.readthedocs.io for the latest documentation.

Difference between revisions of "Mailserver"

From Group-Office Groupware and CRM Documentation
Jump to: navigation, search
(Setup Dovecot)
Line 1: Line 1:
You can create a mailserver with Group-Office. It uses:
+
Group-Office can work well with any existing mail environment that support IMAP.
 +
 
 +
But to use some very interesting integrated features like:
 +
 
 +
#Automatic mailbox creation when you create a Group-Office user. This will also immediately setup the account in Group-Office. The password of Group-Office and the mailbox will stay in sync.
 +
#Vacation auto response
 +
#Complete postfix user and domain management module in Group-Office
 +
 
 +
The mailserver for Group-Office is built from widely used and stable software:
  
 
#Group-Office module called postfixadmin
 
#Group-Office module called postfixadmin

Revision as of 08:44, 27 February 2009

Group-Office can work well with any existing mail environment that support IMAP.

But to use some very interesting integrated features like:

  1. Automatic mailbox creation when you create a Group-Office user. This will also immediately setup the account in Group-Office. The password of Group-Office and the mailbox will stay in sync.
  2. Vacation auto response
  3. Complete postfix user and domain management module in Group-Office

The mailserver for Group-Office is built from widely used and stable software:

  1. Group-Office module called postfixadmin
  2. Postfix
  3. Dovecot
  4. MySQL
  5. spamassassin
  6. vacation script

I've written a tutorial about how to install this on Debian 5. It should work on other Linux distributions too but I never tested it.

Install all the necessary software on the server

On Debian you can do:

apt-get install php5 php5-mysql php5-imap php5-gd php5-cli php5-curl apache2 postfix postfix-mysql mysql-server mysql-client phpmyadmin subversion dovecot-imapd libemail-valid-perl libmail-sendmail-perl spamassassin spamc zip tnef libwbxml2-utils sudo openssl pyzor razor rsync mailutils libmime-charset-perl libmime-encwords-perl

You can install a Debian 5 base system and run this command. This will install all packages that are required for Group-Office and the mailserver.

Install Group-Office

Follow the installation instructions that come with Group-Office

Install postfixadmin module

Copy the "postfixadmin" folder in the "modules" folder of Group-Office. Go to Admin menu -> modules and install it.

Edit the Group-Office config.php file and add:

$config['postfixadmin_autoreply_domain']="autoreply.example.com";

Make sure the domain matches with the vacation transport of postfix you will add later.

Configure postfix

Postfix must be configured to use MySQL:

The following variables in main.cf. Start with filling some basic info:

# postconf -e 'myhostname = mx-1.example.com'
# postconf -e 'smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)'
# postconf -e 'biff = no'
# postconf -e 'append_dot_mydomain = no'
# postconf -e 'myorigin = example.com'
# postconf -e 'mydestination = $myhostname, localhost, locahost.localdomain'
# postconf -e 'mynetworks = 127.0.0.0/8'
# postconf -e 'recipient_delimiter = +'
# postconf -e 'inet_interfaces = all'
# postconf -e 'proxy_read_maps = $local_recipient_maps $mydestination \
    $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps \
    $virtual_mailbox_domains $relay_recipient_maps $relay_domains \
    $canonical_maps $sender_canonical_maps $recipient_canonical_maps \
    $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps' 
    
# postconf -e 'smtpd_recipient_restrictions = \
	permit_mynetworks, \
	reject_unauth_destination, \
	reject_rbl_client zen.spamhaus.org, \
	reject_rbl_client list.dsbl.org, \
	permit'
# postconf -e 'message_size_limit=52428800'
# postconf -e 'mailbox_size_limit=0'

Now configure it for Virtual users in MySQL:

# postconf -e 'virtual_alias_domains ='
# postconf -e 'virtual_alias_maps = proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf'
# postconf -e 'virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf'
# postconf -e 'virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf'
# postconf -e 'virtual_mailbox_base = /vmail'
# postconf -e 'virtual_minimum_uid = 150'
# postconf -e 'virtual_uid_maps = static:150'
# postconf -e 'virtual_gid_maps = static:8'
# postconf -e 'virtual_create_maildirsize = yes'
# postconf -e 'virtual_mailbox_extended = yes'
# postconf -e 'virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf'
# postconf -e 'virtual_mailbox_limit_override = yes'
# postconf -e 'virtual_maildir_limit_message = "The user you are trying to reach has exceeded their quota."'
# postconf -e 'virtual_overquota_bounce = yes'
# postconf -e 'transport_maps = proxy:mysql:/etc/postfix/mysql_virtual_transports.cf'
# postconf -e 'relay_domains = proxy:mysql:/etc/postfix/mysql_relay_domains_maps.cf'

We will use Dovecot delivery:

# postconf -e 'virtual_transport=dovecot'
# postconf -e 'dovecot_destination_recipient_limit=1'
# postconf -e 'transport_maps = hash:/etc/postfix/transport'
# postconf -e 'smtpd_data_restrictions = reject_unauth_pipelining, reject_multi_recipient_bounce, permit'
# postconf -e 'vacation_destination_recipient_limit = 1'

Create the transport db:

# cd /etc/postfix
# postmap transport

Postfix was installed with MySQL support, but that doesn't mean it already knows how to use our database. It needs to be provided with various SQL-query information for each type of table in our database. This information is stored in the MySQL files defined in the main.cf file:

/etc/postfix/mysql_virtual_alias_maps.cf

user = vmail_user
password = vmail_user_password
hosts = localhost
dbname = groupoffice
table = pa_aliases
select_field = goto
where_field = address
additional_conditions = and active = '1'

/etc/postfix/mysql_virtual_domains_maps.cf

user = vmail_user
password = vmail_user_password
hosts = localhost
dbname = groupoffice
table = pa_domains
select_field = domain
where_field = domain
additional_conditions = and backupmx = '0' and active = '1'

/etc/postfix/mysql_virtual_mailbox_limit_maps.cf

user = vmail_user
password = vmail_user_password
hosts = localhost
dbname = groupoffice
table = pa_mailboxes
select_field = quota
where_field = username
additional_conditions = and active = '1'

/etc/postfix/mysql_virtual_mailbox_maps.cf

user = vmail_user
password = vmail_user_password
hosts = localhost
dbname = groupoffice
table = pa_mailboxes
select_field = maildir
where_field = username
additional_conditions = and active = '1'

/etc/postfix/mysql_virtual_transports.cf

user = vmail_user
password = vmail_user_password
hosts = localhost
dbname = groupoffice
table = pa_domains
select_field = transport
where_field = domain
additional_conditions = and active = '1'

/etc/postfix/mysql_relay_domains_maps.cf

user = vmail_user
password = vmail_user_password
hosts = localhost
dbname = groupoffice
table = pa_domains
select_field = domain
where_field = domain
additional_conditions = and backupmx = '1' and active = '1'


Add the mail user:

# useradd -r -u 150 -g mail -d /var/vmail -s /sbin/nologin -c "Virtual Mailbox" vmail
# mkdir /vmail
# chmod 770 /vmail/
# chown vmail:mail /vmail/

Edit postfix master.cf:

Alter the first line with the smtp service:

smtp      inet  n       -       -       -       -       smtpd
	-o content_filter=spamassassin

After that line add:

spamassassin unix -     n       n       -       -       pipe
	user=spamd argv=/usr/bin/spamc -f -e
	/usr/sbin/sendmail -oi -f ${sender} ${recipient}
dovecot   unix  -       n       n       -       -       pipe
    flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -d ${recipient}

At the interfaces to non-Postfix software add:

vacation    unix  -       n       n       -       -       pipe
  flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f ${sender} -- ${recipient}

Setup spamassasin

# groupadd -g 5001 spamd
# useradd -u 5001 -g spamd -s /sbin/nologin -d /var/lib/spamassassin spamd
# mkdir /var/lib/spamassassin
# chown spamd:spamd /var/lib/spamassassin

To start the server in /etc/default/spamassassin set

ENABLED=1

You can tweak Spamassassin yourself in /etc/spamassassin/local.cf

Setup vacation

The vacation script is a Perl script that will handle automtic replies when a user is out of office.

Copy scripts/vacation.pl to /var/spool/vacation/vacation.pl and edit the database connection properties.

# mkdir /var/spool/vacation
# useradd -r -d /var/spool/vmail -s /sbin/nologin -c "Virtual vacation" vacation

# chown -R vacation:vacation /var/spool/vacation/
# chmod 700 /var/spool/vacation/
# chmod 750 /var/spool/vacation/vacation.pl
# touch /var/log/vacation.log /var/log/vacation-debug.log
# chown vacation:vacation /var/log/vacation*

create /etc/postfix/transport. Make sure the domain matches the postfixadmin_autoreply_domain you configured in the Group-Office config.php file before.

autoreply.example.com vacation:

Setup Dovecot

Dovecot is a fast IMAP deamon and it can also check user quota and filter Spam to the spam folder. Change / Add these values to /etc/dovecot.conf:

#Enable IMAP and IMAPS
protocols = imap imaps 

#Listen on all IP addresses
listen = *

#configure the location of our virtual mailboxes
mail_location = maildir:/vmail/%d/%u

# Group to enable temporarily for privileged operations. Currently this is
# used only for creating mbox dotlock files when creation fails for INBOX.
# Typically this is set to "mail" to give access to /var/mail.
#mail_privileged_group =
mail_privileged_group = mail

# Grant access to these supplementary groups for mail processes. Typically
# these are used to set up access to shared mailboxes. Note that it may be
# dangerous to set these if users can create symlinks (e.g. if "mail" group is
# set here, ln -s /var/mail ~/mail/var could allow a user to delete others'
# mailboxes, or ln -s /secret/shared/box ~/mail/mybox would allow reading it).
mail_access_groups = mail

# Valid UID range for users, defaults to 500 and above. This is mostly
# to make sure that users can't log in as daemons or other system users.
# Note that denying root logins is hardcoded to dovecot binary and can't
# be done even if first_valid_uid is set to 0.
first_valid_uid = 150
last_valid_uid = 150


Inside the protocol imap { } section change:

mail_plugins = quota imap_quota

Inside the protocol lda { } section change:

postmaster_address = postmaster@intermesh.nl
mail_plugin_dir = /usr/lib/dovecot/modules/lda
mail_plugins = cmusieve quota
#the globalsieverc script will filter spam messages to the Spam folder 
global_script_path = /var/vmail/globalsieverc

Inside auth default { } section change:

auth default {
 mechanisms = plain
 passdb sql {
	 args = /etc/dovecot/dovecot-sql.conf
 }
 userdb sql {
	 args = /etc/dovecot/dovecot-sql.conf
 }
 user = nobody
 socket listen {
	 master {
	 path = /var/run/dovecot/auth-master
	 mode = 0660
	 user = vmail
	 group = mail
 }
 	client {
	 path = /var/spool/postfix/private/auth
	 mode = 0660
	 user = postfix
	 group = postfix
	}
}
plugin {
  quota = maildir:storage=512000
}

Also comment out the passdb pam section or you will get a very slow Dovecot connection!


/etc/postfix/dovecot-sql.conf:

driver = mysql
connect = host=localhost dbname=groupoffice user=vmail_user password=vmail_user_pass
default_pass_scheme = PLAIN-MD5
user_query = SELECT '/vmail/%d/%n' AS home, 'maildir:/vmail/%d/%n' AS mail, 150 AS uid, 8 AS gid, CONCAT('maildir:storage=', quota) AS quota FROM pa_mailboxes WHERE username = '%u' AND active = '1'
password_query = SELECT username AS user, password, '/vmail/%d/%n' AS userdb_home, 'maildir:/vmail/%d/%n' AS userdb_mail, 150 AS userdb_uid, 8 AS userdb_gid FROM pa_mailboxes WHERE username = '%u' AND active = '1'

Create globalsieverc script:

# mkdir /var/vmail/

Edit /var/vmail/globalsieverc:

require "fileinto";
if exists "X-Spam-Flag" {
  fileinto "Spam";
}

Set correct permissions:

# chown vmail:mail -R /var/vmail

Now it should work! Restart Postfix, Spamassassin and Dovecot and start testing!

Login to Group-Office and add a Domain and mailbox. Now go to the e-mail module and add an e-mail account:

E-mail -> Settings -> Accounts -> Add

Enter:

Host: localhost User: user@example.com Pass: The password you set

Now send a test mail!

Optionally install the serverclient

The serverclient module for Group-Office can automatically create new mailboxes when you create a new user. Install the module and add the following to the Group-Office config.php file:

Note: If you have multiple Group-Office installations and one to manage Postfix. You can add these values to: /etc/groupoffice/globalconfig.inc.php. All Group-Office installations will use these values then. You probably want to configure the serverclient_domains per installation in thier config.php files.

#GO will connect to this installation to add a mailbox
$config['serverclient_server_url']='http://localhost/groupoffice/';
#The admin account of GO. Remember to change the password here too if you change it.
$config['serverclient_username']='administrator';
$config['serverclient_password']='somepass';

#comma separated list of mailbox domains
$config['serverclient_domains']='intermeshdev.nl';

#The email account properties that will be added for the user
$config['serverclient_mbroot'] = '';
$config['serverclient_use_ssl'] = '0';
$config['serverclient_novalidate_cert'] = '0';
$config['serverclient_type']='imap';
$config['serverclient_host']='localhost';
$config['serverclient_port']=143;
$config['serverclient_smtp_host']='localhost';
$config['serverclient_smtp_port']=25;
$config['serverclient_smtp_encryption']='';
$config['serverclient_smtp_username']='';
$config['serverclient_smtp_password']='';

The module will connect using curl functions so the php5 curl extension is required for this to work.

Links to other tutorials

More tutorials about Virtual Mail with postfix:

http://www.howtoforge.com/postfix_mysql_dovecot_dspam_clamav_postgrey_rbl_debian_etch

http://postfix.wiki.xs4all.nl/index.php?title=Virtual_Users_and_Domains_with_Courier-IMAP_and_MySQL

http://wiki.dovecot.org/HowTo/DovecotLDAPostfixAdminMySQL