| This manual is deprecated. Please visit https://groupoffice.readthedocs.io for the latest documentation. |
Mailserver
You can create a mailserver with Group-Office. It uses:
- Group-Office module called postfixadmin
- Postfix
- Dovecot
- MySQL
- spamassassin
- vacation script
I've written a tutorial about how to install this on Debian 5. It should work on other Linux distributions too but I never tested it.
Contents
Install all the necessary software on the server
On Debian you can do:
apt-get install php5 php5-mysql php5-imap php5-gd php5-cli php5-curl apache2 postfix postfix-mysql mysql-server mysql-client phpmyadmin subversion dovecot-imapd libemail-valid-perl libmail-sendmail-perl spamassassin spamc zip tnef libwbxml2-utils sudo openssl pyzor razor rsync mailutils libmime-charset-perl libmime-encwords-perl
You can install a Debian 5 base system and run this command. This will install all packages that are required for Group-Office and the mailserver.
Install Group-Office
Follow the installation instructions that come with Group-Office
Install postfixadmin module
Copy the "postfixadmin" folder in the "modules" folder of Group-Office. Go to Admin menu -> modules and install it.
Edit the Group-Office config.php file and add:
$config['postfixadmin_autoreply_domain']="autoreply.example.com";
Make sure the domain matches with the vacation transport of postfix you will add later.
Configure postfix
Postfix must be configured to use MySQL:
The following variables in main.cf. Start with filling some basic info:
# postconf -e 'myhostname = mx-1.example.com'
# postconf -e 'smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)'
# postconf -e 'biff = no'
# postconf -e 'append_dot_mydomain = no'
# postconf -e 'myorigin = example.com'
# postconf -e 'mydestination = $myhostname, localhost, locahost.localdomain'
# postconf -e 'mynetworks = 127.0.0.0/8'
# postconf -e 'recipient_delimiter = +'
# postconf -e 'inet_interfaces = all'
# postconf -e 'proxy_read_maps = $local_recipient_maps $mydestination \
$virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps \
$virtual_mailbox_domains $relay_recipient_maps $relay_domains \
$canonical_maps $sender_canonical_maps $recipient_canonical_maps \
$relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps'
# postconf -e 'smtpd_recipient_restrictions = \
permit_mynetworks, \
reject_unauth_destination, \
reject_rbl_client zen.spamhaus.org, \
reject_rbl_client list.dsbl.org, \
permit'
# postconf -e 'message_size_limit=52428800'
# postconf -e 'mailbox_size_limit=0'
Now configure it for Virtual users in MySQL:
# postconf -e 'virtual_alias_domains =' # postconf -e 'virtual_alias_maps = proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf' # postconf -e 'virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf' # postconf -e 'virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf' # postconf -e 'virtual_mailbox_base = /vmail' # postconf -e 'virtual_minimum_uid = 150' # postconf -e 'virtual_uid_maps = static:150' # postconf -e 'virtual_gid_maps = static:8' # postconf -e 'virtual_create_maildirsize = yes' # postconf -e 'virtual_mailbox_extended = yes' # postconf -e 'virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf' # postconf -e 'virtual_mailbox_limit_override = yes' # postconf -e 'virtual_maildir_limit_message = "The user you are trying to reach has exceeded their quota."' # postconf -e 'virtual_overquota_bounce = yes' # postconf -e 'transport_maps = proxy:mysql:/etc/postfix/mysql_virtual_transports.cf' # postconf -e 'relay_domains = proxy:mysql:/etc/postfix/mysql_relay_domains_maps.cf'
We will use Dovecot delivery:
# postconf -e 'virtual_transport=dovecot' # postconf -e 'dovecot_destination_recipient_limit=1' # postconf -e 'transport_maps = hash:/etc/postfix/transport' # postconf -e 'smtpd_data_restrictions = reject_unauth_pipelining, reject_multi_recipient_bounce, permit' # postconf -e 'vacation_destination_recipient_limit = 1'
Postfix was installed with MySQL support, but that doesn't mean it already knows how to use our database. It needs to be provided with various SQL-query information for each type of table in our database. This information is stored in the MySQL files defined in the main.cf file:
/etc/postfix/mysql_virtual_alias_maps.cf
user = vmail_user password = vmail_user_password hosts = localhost dbname = groupoffice table = pa_aliases select_field = goto where_field = address additional_conditions = and active = '1'
/etc/postfix/mysql_virtual_domains_maps.cf
user = vmail_user password = vmail_user_password hosts = localhost dbname = groupoffice table = pa_domains select_field = domain where_field = domain additional_conditions = and backupmx = '0' and active = '1'
/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
user = vmail_user password = vmail_user_password hosts = localhost dbname = groupoffice table = pa_mailboxes select_field = quota where_field = username additional_conditions = and active = '1'
/etc/postfix/mysql_virtual_mailbox_maps.cf
user = vmail_user password = vmail_user_password hosts = localhost dbname = groupoffice table = pa_mailboxes select_field = maildir where_field = username additional_conditions = and active = '1'
/etc/postfix/mysql_virtual_transports.cf
user = vmail_user password = vmail_user_password hosts = localhost dbname = groupoffice table = pa_domains select_field = transport where_field = domain additional_conditions = and active = '1'
/etc/postfix/mysql_relay_domains_maps.cf
user = vmail_user password = vmail_user_password hosts = localhost dbname = groupoffice table = pa_domains select_field = domain where_field = domain additional_conditions = and backupmx = '1' and active = '1'
Add the mail user:
# useradd -r -u 150 -g mail -d /var/vmail -s /sbin/nologin -c "Virtual Mailbox" vmail # mkdir /vmail # chmod 770 /vmail/ # chown vmail:mail /vmail/
Edit postfix master.cf:
Alter the first line with the smtp service:
smtp inet n - - - - smtpd -o content_filter=spamassassin
After that line add:
spamassassin unix - n n - - pipe
user=spamd argv=/usr/bin/spamc -f -e
/usr/sbin/sendmail -oi -f ${sender} ${recipient}
dovecot unix - n n - - pipe
flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -d ${recipient}
At the interfaces to non-Postfix software add:
vacation unix - n n - - pipe
flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f ${sender} -- ${recipient}
Setup spamassasin
# groupadd -g 5001 spamd # useradd -u 5001 -g spamd -s /sbin/nologin -d /var/lib/spamassassin spamd # mkdir /var/lib/spamassassin # chown spamd:spamd /var/lib/spamassassin
/etc/spamassassin/local.cf
# rewrite_header Subject *****SPAM*****
# report_safe 1
# trusted_networks 212.17.35.
# lock_method flock
# How many hits before a message is considered spam.
required_hits 4.0
# Text to prepend to subject if rewrite_subject is used
rewrite_subject 0
#rewrite_header Subject ***SPAM***
# Encapsulate spam in an attachment
report_safe 0
# Enable the Bayes system
use_bayes 1
# Enable Bayes auto-learning
bayes_auto_learn 1
bayes_path /home/spamd/
bayes_file_mode 0666
# Enable or disable network checks
skip_rbl_checks 0
use_razor2 1
use_dcc 1
use_pyzor 1
dns_available yes
## Optional Score Increases
score DCC_CHECK 4.000
score SPF_FAIL 10.000
score SPF_HELO_FAIL 10.000
score RAZOR2_CHECK 2.500
score BAYES_99 4.300
score BAYES_90 3.500
score BAYES_80 3.000
# Added by jsu2
# refer to http://flakshack.com/anti-spam/wiki/index.php?page=Testing
body LOCAL_TEST1 /myspamtest12341234/
describe LOCAL_TEST1 This is a unique phrase to trigger a positive score
score LOCAL_TEST1 50
urirhssub URIBL_BLACK multi.uribl.com. A 2
body URIBL_BLACK eval:check_uridnsbl('URIBL_BLACK')
describe URIBL_BLACK Contains an URL listed in the URIBL blacklist
tflags URIBL_BLACK net
score URIBL_BLACK 3.0
urirhssub URIBL_GREY multi.uribl.com. A 4
body URIBL_GREY eval:check_uridnsbl('URIBL_GREY')
describe URIBL_GREY Contains an URL listed in the URIBL greylist
tflags URIBL_GREY net
score URIBL_GREY 0.25
To start the server in /etc/default/spamassassin set
ENABLED=1
Setup vacation
Copy scripts/vacation.pl to /var/spool/vacation
# mkdir /var/spool/vacation # useradd -r -d /var/spool/vmail -s /sbin/nologin -c "Virtual vacation" vacation # chown -R vacation:vacation /var/spool/vacation/ # chmod 700 /var/spool/vacation/ # chmod 750 /var/spool/vacation/vacation.pl # touch /var/log/vacation.log /var/log/vacation-debug.log # chown vacation:vacation /var/log/vacation*
create /etc/postfix/transport. Make sure the domain matches the postfixadmin_autoreply_domain you configured in the Group-Office config.php file before.
autoreply.example.com vacation:
Setup Dovecot
Dovecot will check user quota and will filter Spam to the spam folder. Change / Add these values to /etc/dovecot.conf:
#Enable IMAP and IMAPS
protocols = imap imaps
#Listen on all IP addresses
listen = *
#configure the location of our virtual mailboxes
mail_location = maildir:/vmail/%d/%u
# Group to enable temporarily for privileged operations. Currently this is
# used only for creating mbox dotlock files when creation fails for INBOX.
# Typically this is set to "mail" to give access to /var/mail.
#mail_privileged_group =
mail_privileged_group = mail
# Grant access to these supplementary groups for mail processes. Typically
# these are used to set up access to shared mailboxes. Note that it may be
# dangerous to set these if users can create symlinks (e.g. if "mail" group is
# set here, ln -s /var/mail ~/mail/var could allow a user to delete others'
# mailboxes, or ln -s /secret/shared/box ~/mail/mybox would allow reading it).
mail_access_groups = mail
# Valid UID range for users, defaults to 500 and above. This is mostly
# to make sure that users can't log in as daemons or other system users.
# Note that denying root logins is hardcoded to dovecot binary and can't
# be done even if first_valid_uid is set to 0.
first_valid_uid = 150
last_valid_uid = 150
Inside the protocol imap { } section change:
mail_plugins = quota imap_quota
Inside the protocol lda { } section change:
postmaster_address = postmaster@intermesh.nl
mail_plugin_dir = /usr/lib/dovecot/modules/lda
mail_plugins = cmusieve quota
#the globalsieverc script will filter spam messages to the Spam folder
global_script_path = /var/vmail/globalsieverc
Inside auth default { } section change:
auth default {
mechanisms = plain
passdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
userdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
user = nobody
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0660
user = vmail
group = mail
}
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
plugin {
quota = maildir:storage=512000
}
Also comment out the passdb pam section or you will get a very slow Dovecot connection!
/etc/postfix/dovecot-sql.conf:
driver = mysql
connect = host=localhost dbname=groupoffice user=vmail_user password=vmail_user_pass
default_pass_scheme = PLAIN-MD5
user_query = SELECT '/vmail/%d/%n' AS home, 'maildir:/vmail/%d/%n' AS mail, 150 AS uid, 8 AS gid, CONCAT('maildir:storage=', quota) AS quota FROM pa_mailboxes WHERE username = '%u' AND active = '1'
password_query = SELECT username AS user, password, '/vmail/%d/%n' AS userdb_home, 'maildir:/vmail/%d/%n' AS userdb_mail, 150 AS userdb_uid, 8 AS userdb_gid FROM pa_mailboxes WHERE username = '%u' AND active = '1'
Create globalsieverc script:
# mkdir /var/vmail/
Edit /var/vmail/globalsieverc:
require "fileinto";
if exists "X-Spam-Flag" {
fileinto "Spam";
}
Set correct permissions:
# chown vmail:mail -R /var/vmail
Now it should work! Restart Postfix, Spamassassin and Dovecot and start testing!
More tutorials about Virtual Mail with postfix:
http://www.howtoforge.com/postfix_mysql_dovecot_dspam_clamav_postgrey_rbl_debian_etch
http://postfix.wiki.xs4all.nl/index.php?title=Virtual_Users_and_Domains_with_Courier-IMAP_and_MySQL
