Skip to main content

PostFix + AMaViS/SpamAssassin + ClamAV + Dovecot + TWIG == simple virtual mailboxes with webmail

This is mostly a cheat-sheet for my own reference, it’s not much harder than using a wordprocessor and for some reason Google picks up Blogger posts really quickly. (-:

For the onlookers: the traditional way of doing things on UNIXishes is to bind everything to the system users, so each user has a directory in /home/$USER, a mailbox in /var/spool/mail/$USER (or similar), a matching Samba login bound to their UID, and so on. This can be made incredibly flexible though PAM, but in this case I didn’t want to associate mailboxes with normal logins. So...

urpmi postfix postgrey amavisd-new clamd dovecot postgresql-server apache-mod_php twig

All software fetched and installed, bah crackey this Linux shore is hard t’use! Debian advocates might like to try s/urpmi/apt-get install/ and some of your directories might be a little different, but the rest of this should work out more or less OK. Where you see “domain.com.au”, replace it with your own domain, and “yourblah” is a hint to insert your own “blah” at this point.

groupadd -g 423 virtualmail
useradd -c 'Virtual Mailboxes' -g 423 -g 423 virtualmail
mkdir -p /var/spool/virtualmail/domain.com.au
chown -R virtualmail:virtualmail /var/spool/virtualmail
service clamd restart
(edit any amavis settings (/etc/amavisd/amavisd.conf) that matter to you here, if you strike trouble set logging to 5 and use “amavisd foreground” to see what’s going on)
service amavisd restart
cd /etc/postfix
vi main.cf and add:

myhostname spamtrap.domain.com.au
myorigin = $mydomain
inet_interfaces = all
smtpd_helo_required = yes
smtpd_helo_restrictions =
  reject_invalid_hostname,
  reject_unknown_hostname,
  reject_non_fqdn_hostname
smtpd_sender_restrictions =
  reject_unknown_sender_domain,
  reject_non_fqdn_sender
smtpd_recipient_restrictions =
  reject_non_fqdn_sender,
  reject_unknown_recipient_domain,
  reject_unauth_pipelining,
  reject_non_fqdn_recipient,
  permit_mynetworks,
  reject_unauth_destination,
  permit
virtual_mailbox_domains = hash:/etc/postfix/virtual_mailbox_domains
virtual_mailbox_base = /var/spool/virtualmail
virtual_mailbox_maps = hash:/etc/postfix/virtual_mailbox_maps
virtual_uid_maps = static:423
virtual_gid_maps = static:423

vi virtual_mailbox_domains and add:

domain.com.au   VIRTUAL
vi virtual_mailbox_maps and add:
postmaster@domain.com.au   domain.com.au/postmaster/
abuse@domain.com.au   domain.com.au/postmaster/
youraddress@domain.com.au   domain.com.au/yourmailbox/

postmap virtual_mailbox_maps
postmap virtual_mailbox_domains
service postfix restart

At this point, inbound email should wind up in the appropriate box. Check /var/log/mail/info and look at the files which should appear in /var/spool/virtualmail/domain.com.au/*/cur/ as mail arrives. We are now halfway home.

vi /etc/dovecot.users and add:

postmaster:{plain}yourpassword:423:423::/var/spool/virtualmail/domain.com.au/postmaster
youruser:{plain}yourpassword:423:423::/var/spool/virtualmail/domain.com.au/yourmailbox

chown 423:423 /etc/dovecot.users
chmod go-rwx /etc/dovecot.users
vi /etc/dovecot.conf and add or change:

protocols = imap imaps pop3 pop3s
imap_listen = [::]
pop3_listen = [::]
first_valid_uid = 423
last_valid_uid = 423
first_valid_gid = 423
last_valid_gid = 423
valid_chroot_dirs = /var/spool/virtualmail:/home/virtualmail:/var/lib/dovecot
default_mail_env = maildir:%h/:INBOX=/var/spool/virtualmail/%d/%n/:INDEX=%h/.imapidx
auth_mechanisms = plain digest-md5
auth_userdb = passwd-file /etc/dovecot.users
auth_passdb = passwd-file /etc/dovecot.users
auth_user = virtualmail

service dovecot restart

(at this point, you should be able to fetch email from the server by POP3 or IMAP, all that’s missing now is webmail)

service postgresql restart
su - postgres
createdb twig
createuser -P twig
(type password twice)
sed -e s/nobody/twig/g twig.sql
psql twig
\i twig.sql
\q
cd /var/www/html/twig/config
vi dbconfig.inc.php3 and change:

sqlusername to twig
sqlpassword to the password you gave to createuser
defaultdb to twig
sqltype to pgsql-new

service httpd restart

In theory y’all’re done. Point a browser at http://hostname/twig/ and enjoy. The server also does IMAP and POP3 directly.

Comments

Anonymous said…
Who knows where to download XRumer 5.0 Palladium?
Help, please. All recommend this program to effectively advertise on the Internet, this is the best program!
18 November, 2009 03:19
okt said…
Isn't it true that since your dovecot logins do not have the Domain part, you can't use %d in maildir_location ?

Great concise guide by the way. Needs a slight update for the new dovecot config.
31 December, 2009 04:48
Post a Comment

Popular posts from this blog

new life for an old (FTX) PSU, improved life for one human

the LEDs on this 5m strip happen to emit light centred on a red that does unexpectedly helpful things to (and surprisingly deeply within) a human routinely exposed to it. it has been soldered to a Molex connector, plugged into a TFX power supply from a (retired: the MoBo is cactus) Small Form Factor PC, the assorted PSU connectors (and loose end from the strip) have been taped over. the LED strip cost $10.24 including postage, the rest cost $0, the PSU is running at 12½% of capacity, consumes less power than a laptop plug-pack despite running a fan. trial runs begin today.
Post a Comment
Read more

every-application-is-part-of-a-toolkit at work

I have a LibreOffice Impress slideshow that I wish to turn into a narrated video. 1. export the slideshow as PNG images (if that is partially broken — as at now — at higher resolutions, Export Directly as PDF then use ‘pdftoppm’ (from the poppler-utils package) to do the same). 2. write a small C program (63 lines including comments) to display those images one at a time, writing a config file entry for Imagination (default transition: ‘cross fade’) based on when the image-viewer application (‘display,’ from the GraphicsMagick suite) is closed on each one; run that, read each image aloud, then close each image in turn. 3. run ‘Imagination’ over the config file to produce a silent MP4 video with the correct timings. 4. run ‘Audacity’ to record speech while using ‘SMPlayer’ to display the silent video, then export that recording as a WAV file. 4a. optionally, use ‘TiMIDIty’ to convert a non-copyright-encumbered MIDI tune to WAV, then import that and blend it with the speech (as a quiet b...
1 comment
Read more

boundaries

pushing the actual boundaries of the physical (not extremes, the boundaries themselves) can often remove barriers not otherwise perceived. one can then often resolve an issue itself, rather than merely stonewalling at the physical consequences of the issue.
Post a Comment
Read more