This manual is deprecated. Please visit https://groupoffice.readthedocs.io for the latest documentation. |
Difference between revisions of "Mailserver"
(→Setup Dovecot) |
|||
Line 1: | Line 1: | ||
− | + | Group-Office can work well with any existing mail environment that support IMAP. | |
+ | |||
+ | But to use some very interesting integrated features like: | ||
+ | |||
+ | #Automatic mailbox creation when you create a Group-Office user. This will also immediately setup the account in Group-Office. The password of Group-Office and the mailbox will stay in sync. | ||
+ | #Vacation auto response | ||
+ | #Complete postfix user and domain management module in Group-Office | ||
+ | |||
+ | The mailserver for Group-Office is built from widely used and stable software: | ||
#Group-Office module called postfixadmin | #Group-Office module called postfixadmin |
Revision as of 08:44, 27 February 2009
Group-Office can work well with any existing mail environment that support IMAP.
But to use some very interesting integrated features like:
- Automatic mailbox creation when you create a Group-Office user. This will also immediately setup the account in Group-Office. The password of Group-Office and the mailbox will stay in sync.
- Vacation auto response
- Complete postfix user and domain management module in Group-Office
The mailserver for Group-Office is built from widely used and stable software:
- Group-Office module called postfixadmin
- Postfix
- Dovecot
- MySQL
- spamassassin
- vacation script
I've written a tutorial about how to install this on Debian 5. It should work on other Linux distributions too but I never tested it.
Contents
Install all the necessary software on the server
On Debian you can do:
apt-get install php5 php5-mysql php5-imap php5-gd php5-cli php5-curl apache2 postfix postfix-mysql mysql-server mysql-client phpmyadmin subversion dovecot-imapd libemail-valid-perl libmail-sendmail-perl spamassassin spamc zip tnef libwbxml2-utils sudo openssl pyzor razor rsync mailutils libmime-charset-perl libmime-encwords-perl
You can install a Debian 5 base system and run this command. This will install all packages that are required for Group-Office and the mailserver.
Install Group-Office
Follow the installation instructions that come with Group-Office
Install postfixadmin module
Copy the "postfixadmin" folder in the "modules" folder of Group-Office. Go to Admin menu -> modules and install it.
Edit the Group-Office config.php file and add:
$config['postfixadmin_autoreply_domain']="autoreply.example.com";
Make sure the domain matches with the vacation transport of postfix you will add later.
Configure postfix
Postfix must be configured to use MySQL:
The following variables in main.cf. Start with filling some basic info:
# postconf -e 'myhostname = mx-1.example.com' # postconf -e 'smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)' # postconf -e 'biff = no' # postconf -e 'append_dot_mydomain = no' # postconf -e 'myorigin = example.com' # postconf -e 'mydestination = $myhostname, localhost, locahost.localdomain' # postconf -e 'mynetworks = 127.0.0.0/8' # postconf -e 'recipient_delimiter = +' # postconf -e 'inet_interfaces = all' # postconf -e 'proxy_read_maps = $local_recipient_maps $mydestination \ $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps \ $virtual_mailbox_domains $relay_recipient_maps $relay_domains \ $canonical_maps $sender_canonical_maps $recipient_canonical_maps \ $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps' # postconf -e 'smtpd_recipient_restrictions = \ permit_mynetworks, \ reject_unauth_destination, \ reject_rbl_client zen.spamhaus.org, \ reject_rbl_client list.dsbl.org, \ permit' # postconf -e 'message_size_limit=52428800' # postconf -e 'mailbox_size_limit=0'
Now configure it for Virtual users in MySQL:
# postconf -e 'virtual_alias_domains =' # postconf -e 'virtual_alias_maps = proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf' # postconf -e 'virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf' # postconf -e 'virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf' # postconf -e 'virtual_mailbox_base = /vmail' # postconf -e 'virtual_minimum_uid = 150' # postconf -e 'virtual_uid_maps = static:150' # postconf -e 'virtual_gid_maps = static:8' # postconf -e 'virtual_create_maildirsize = yes' # postconf -e 'virtual_mailbox_extended = yes' # postconf -e 'virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf' # postconf -e 'virtual_mailbox_limit_override = yes' # postconf -e 'virtual_maildir_limit_message = "The user you are trying to reach has exceeded their quota."' # postconf -e 'virtual_overquota_bounce = yes' # postconf -e 'transport_maps = proxy:mysql:/etc/postfix/mysql_virtual_transports.cf' # postconf -e 'relay_domains = proxy:mysql:/etc/postfix/mysql_relay_domains_maps.cf'
We will use Dovecot delivery:
# postconf -e 'virtual_transport=dovecot' # postconf -e 'dovecot_destination_recipient_limit=1' # postconf -e 'transport_maps = hash:/etc/postfix/transport' # postconf -e 'smtpd_data_restrictions = reject_unauth_pipelining, reject_multi_recipient_bounce, permit' # postconf -e 'vacation_destination_recipient_limit = 1'
Create the transport db:
# cd /etc/postfix # postmap transport
Postfix was installed with MySQL support, but that doesn't mean it already knows how to use our database. It needs to be provided with various SQL-query information for each type of table in our database. This information is stored in the MySQL files defined in the main.cf file:
/etc/postfix/mysql_virtual_alias_maps.cf
user = vmail_user password = vmail_user_password hosts = localhost dbname = groupoffice table = pa_aliases select_field = goto where_field = address additional_conditions = and active = '1'
/etc/postfix/mysql_virtual_domains_maps.cf
user = vmail_user password = vmail_user_password hosts = localhost dbname = groupoffice table = pa_domains select_field = domain where_field = domain additional_conditions = and backupmx = '0' and active = '1'
/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
user = vmail_user password = vmail_user_password hosts = localhost dbname = groupoffice table = pa_mailboxes select_field = quota where_field = username additional_conditions = and active = '1'
/etc/postfix/mysql_virtual_mailbox_maps.cf
user = vmail_user password = vmail_user_password hosts = localhost dbname = groupoffice table = pa_mailboxes select_field = maildir where_field = username additional_conditions = and active = '1'
/etc/postfix/mysql_virtual_transports.cf
user = vmail_user password = vmail_user_password hosts = localhost dbname = groupoffice table = pa_domains select_field = transport where_field = domain additional_conditions = and active = '1'
/etc/postfix/mysql_relay_domains_maps.cf
user = vmail_user password = vmail_user_password hosts = localhost dbname = groupoffice table = pa_domains select_field = domain where_field = domain additional_conditions = and backupmx = '1' and active = '1'
Add the mail user:
# useradd -r -u 150 -g mail -d /var/vmail -s /sbin/nologin -c "Virtual Mailbox" vmail # mkdir /vmail # chmod 770 /vmail/ # chown vmail:mail /vmail/
Edit postfix master.cf:
Alter the first line with the smtp service:
smtp inet n - - - - smtpd -o content_filter=spamassassin
After that line add:
spamassassin unix - n n - - pipe user=spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient} dovecot unix - n n - - pipe flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -d ${recipient}
At the interfaces to non-Postfix software add:
vacation unix - n n - - pipe flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f ${sender} -- ${recipient}
Setup spamassasin
# groupadd -g 5001 spamd # useradd -u 5001 -g spamd -s /sbin/nologin -d /var/lib/spamassassin spamd # mkdir /var/lib/spamassassin # chown spamd:spamd /var/lib/spamassassin
To start the server in /etc/default/spamassassin set
ENABLED=1
You can tweak Spamassassin yourself in /etc/spamassassin/local.cf
Setup vacation
The vacation script is a Perl script that will handle automtic replies when a user is out of office.
Copy scripts/vacation.pl to /var/spool/vacation/vacation.pl and edit the database connection properties.
# mkdir /var/spool/vacation # useradd -r -d /var/spool/vmail -s /sbin/nologin -c "Virtual vacation" vacation # chown -R vacation:vacation /var/spool/vacation/ # chmod 700 /var/spool/vacation/ # chmod 750 /var/spool/vacation/vacation.pl # touch /var/log/vacation.log /var/log/vacation-debug.log # chown vacation:vacation /var/log/vacation*
create /etc/postfix/transport. Make sure the domain matches the postfixadmin_autoreply_domain you configured in the Group-Office config.php file before.
autoreply.example.com vacation:
Setup Dovecot
Dovecot is a fast IMAP deamon and it can also check user quota and filter Spam to the spam folder. Change / Add these values to /etc/dovecot.conf:
#Enable IMAP and IMAPS protocols = imap imaps #Listen on all IP addresses listen = * #configure the location of our virtual mailboxes mail_location = maildir:/vmail/%d/%u # Group to enable temporarily for privileged operations. Currently this is # used only for creating mbox dotlock files when creation fails for INBOX. # Typically this is set to "mail" to give access to /var/mail. #mail_privileged_group = mail_privileged_group = mail # Grant access to these supplementary groups for mail processes. Typically # these are used to set up access to shared mailboxes. Note that it may be # dangerous to set these if users can create symlinks (e.g. if "mail" group is # set here, ln -s /var/mail ~/mail/var could allow a user to delete others' # mailboxes, or ln -s /secret/shared/box ~/mail/mybox would allow reading it). mail_access_groups = mail # Valid UID range for users, defaults to 500 and above. This is mostly # to make sure that users can't log in as daemons or other system users. # Note that denying root logins is hardcoded to dovecot binary and can't # be done even if first_valid_uid is set to 0. first_valid_uid = 150 last_valid_uid = 150 Inside the protocol imap { } section change: mail_plugins = quota imap_quota Inside the protocol lda { } section change: postmaster_address = postmaster@intermesh.nl mail_plugin_dir = /usr/lib/dovecot/modules/lda mail_plugins = cmusieve quota #the globalsieverc script will filter spam messages to the Spam folder global_script_path = /var/vmail/globalsieverc Inside auth default { } section change: auth default { mechanisms = plain passdb sql { args = /etc/dovecot/dovecot-sql.conf } userdb sql { args = /etc/dovecot/dovecot-sql.conf } user = nobody socket listen { master { path = /var/run/dovecot/auth-master mode = 0660 user = vmail group = mail } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } plugin { quota = maildir:storage=512000 }
Also comment out the passdb pam section or you will get a very slow Dovecot connection!
/etc/postfix/dovecot-sql.conf:
driver = mysql connect = host=localhost dbname=groupoffice user=vmail_user password=vmail_user_pass default_pass_scheme = PLAIN-MD5 user_query = SELECT '/vmail/%d/%n' AS home, 'maildir:/vmail/%d/%n' AS mail, 150 AS uid, 8 AS gid, CONCAT('maildir:storage=', quota) AS quota FROM pa_mailboxes WHERE username = '%u' AND active = '1' password_query = SELECT username AS user, password, '/vmail/%d/%n' AS userdb_home, 'maildir:/vmail/%d/%n' AS userdb_mail, 150 AS userdb_uid, 8 AS userdb_gid FROM pa_mailboxes WHERE username = '%u' AND active = '1'
Create globalsieverc script:
# mkdir /var/vmail/
Edit /var/vmail/globalsieverc:
require "fileinto"; if exists "X-Spam-Flag" { fileinto "Spam"; }
Set correct permissions:
# chown vmail:mail -R /var/vmail
Now it should work! Restart Postfix, Spamassassin and Dovecot and start testing!
Login to Group-Office and add a Domain and mailbox. Now go to the e-mail module and add an e-mail account:
E-mail -> Settings -> Accounts -> Add
Enter:
Host: localhost User: user@example.com Pass: The password you set
Now send a test mail!
Optionally install the serverclient
The serverclient module for Group-Office can automatically create new mailboxes when you create a new user. Install the module and add the following to the Group-Office config.php file:
Note: If you have multiple Group-Office installations and one to manage Postfix. You can add these values to: /etc/groupoffice/globalconfig.inc.php. All Group-Office installations will use these values then. You probably want to configure the serverclient_domains per installation in thier config.php files.
#GO will connect to this installation to add a mailbox $config['serverclient_server_url']='http://localhost/groupoffice/'; #The admin account of GO. Remember to change the password here too if you change it. $config['serverclient_username']='administrator'; $config['serverclient_password']='somepass'; #comma separated list of mailbox domains $config['serverclient_domains']='intermeshdev.nl'; #The email account properties that will be added for the user $config['serverclient_mbroot'] = ''; $config['serverclient_use_ssl'] = '0'; $config['serverclient_novalidate_cert'] = '0'; $config['serverclient_type']='imap'; $config['serverclient_host']='localhost'; $config['serverclient_port']=143; $config['serverclient_smtp_host']='localhost'; $config['serverclient_smtp_port']=25; $config['serverclient_smtp_encryption']=''; $config['serverclient_smtp_username']=''; $config['serverclient_smtp_password']='';
The module will connect using curl functions so the php5 curl extension is required for this to work.
Links to other tutorials
More tutorials about Virtual Mail with postfix:
http://www.howtoforge.com/postfix_mysql_dovecot_dspam_clamav_postgrey_rbl_debian_etch
http://postfix.wiki.xs4all.nl/index.php?title=Virtual_Users_and_Domains_with_Courier-IMAP_and_MySQL