18 July 2005

PostFix + AMaViS/SpamAssassin + ClamAV + Dovecot + TWIG == simple virtual mailboxes with webmail

This is mostly a cheat-sheet for my own reference, it’s not much harder than using a wordprocessor and for some reason Google picks up Blogger posts really quickly. (-:

For the onlookers: the traditional way of doing things on UNIXishes is to bind everything to the system users, so each user has a directory in /home/$USER, a mailbox in /var/spool/mail/$USER (or similar), a matching Samba login bound to their UID, and so on. This can be made incredibly flexible though PAM, but in this case I didn’t want to associate mailboxes with normal logins. So...

urpmi postfix postgrey amavisd-new clamd dovecot postgresql-server apache-mod_php twig

All software fetched and installed, bah crackey this Linux shore is hard t’use! Debian advocates might like to try s/urpmi/apt-get install/ and some of your directories might be a little different, but the rest of this should work out more or less OK. Where you see “domain.com.au”, replace it with your own domain, and “yourblah” is a hint to insert your own “blah” at this point.

groupadd -g 423 virtualmail
useradd -c 'Virtual Mailboxes' -g 423 -g 423 virtualmail
mkdir -p /var/spool/virtualmail/domain.com.au
chown -R virtualmail:virtualmail /var/spool/virtualmail
service clamd restart

(edit any amavis settings (/etc/amavisd/amavisd.conf) that matter to you here, if you strike trouble set logging to 5 and use “amavisd foreground” to see what’s going on)
service amavisd restart
cd /etc/postfix
vi main.cf
and add:

myhostname spamtrap.domain.com.au
myorigin = $mydomain
inet_interfaces = all
smtpd_helo_required = yes
smtpd_helo_restrictions =
  reject_invalid_hostname,
  reject_unknown_hostname,
  reject_non_fqdn_hostname
smtpd_sender_restrictions =
  reject_unknown_sender_domain,
  reject_non_fqdn_sender
smtpd_recipient_restrictions =
  reject_non_fqdn_sender,
  reject_unknown_recipient_domain,
  reject_unauth_pipelining,
  reject_non_fqdn_recipient,
  permit_mynetworks,
  reject_unauth_destination,
  permit
virtual_mailbox_domains = hash:/etc/postfix/virtual_mailbox_domains
virtual_mailbox_base = /var/spool/virtualmail
virtual_mailbox_maps = hash:/etc/postfix/virtual_mailbox_maps
virtual_uid_maps = static:423
virtual_gid_maps = static:423

vi virtual_mailbox_domains and add:

domain.com.au   VIRTUAL
vi virtual_mailbox_maps and add:
postmaster@domain.com.au   domain.com.au/postmaster/
abuse@domain.com.au   domain.com.au/postmaster/
youraddress@domain.com.au   domain.com.au/yourmailbox/

postmap virtual_mailbox_maps
postmap virtual_mailbox_domains
service postfix restart

At this point, inbound email should wind up in the appropriate box. Check /var/log/mail/info and look at the files which should appear in /var/spool/virtualmail/domain.com.au/*/cur/ as mail arrives. We are now halfway home.

vi /etc/dovecot.users and add:

postmaster:{plain}yourpassword:423:423::/var/spool/virtualmail/domain.com.au/postmaster
youruser:{plain}yourpassword:423:423::/var/spool/virtualmail/domain.com.au/yourmailbox

chown 423:423 /etc/dovecot.users
chmod go-rwx /etc/dovecot.users
vi /etc/dovecot.conf
and add or change:

protocols = imap imaps pop3 pop3s
imap_listen = [::]
pop3_listen = [::]
first_valid_uid = 423
last_valid_uid = 423
first_valid_gid = 423
last_valid_gid = 423
valid_chroot_dirs = /var/spool/virtualmail:/home/virtualmail:/var/lib/dovecot
default_mail_env = maildir:%h/:INBOX=/var/spool/virtualmail/%d/%n/:INDEX=%h/.imapidx
auth_mechanisms = plain digest-md5
auth_userdb = passwd-file /etc/dovecot.users
auth_passdb = passwd-file /etc/dovecot.users
auth_user = virtualmail

service dovecot restart

(at this point, you should be able to fetch email from the server by POP3 or IMAP, all that’s missing now is webmail)

service postgresql restart
su - postgres
createdb twig
createuser -P twig

(type password twice)
sed -e s/nobody/twig/g twig.sql
psql twig
\i twig.sql
\q
cd /var/www/html/twig/config
vi dbconfig.inc.php3
and change:

sqlusername to twig
sqlpassword to the password you gave to createuser
defaultdb to twig
sqltype to pgsql-new

service httpd restart

In theory y’all’re done. Point a browser at http://hostname/twig/ and enjoy. The server also does IMAP and POP3 directly.

2 comments:

Anonymous said...

Who knows where to download XRumer 5.0 Palladium?
Help, please. All recommend this program to effectively advertise on the Internet, this is the best program!

okt said...

Isn't it true that since your dovecot logins do not have the Domain part, you can't use %d in maildir_location ?

Great concise guide by the way. Needs a slight update for the new dovecot config.