diff options
Diffstat (limited to 'stories/projects/elektropost.rst')
-rw-r--r-- | stories/projects/elektropost.rst | 197 |
1 files changed, 197 insertions, 0 deletions
diff --git a/stories/projects/elektropost.rst b/stories/projects/elektropost.rst new file mode 100644 index 0000000..b8ad9d1 --- /dev/null +++ b/stories/projects/elektropost.rst | |||
@@ -0,0 +1,197 @@ | |||
1 | .. link: | ||
2 | .. description: is an ongoing mail server and webmail frontend project, documented to be set up on a FreeBSD jail and instanced on elektropost.org. | ||
3 | .. tags: project | ||
4 | .. date: 2014/02/01 19:10:08 | ||
5 | .. title: elektropost | ||
6 | .. subtitle: a FreeBSD jail based mail server project. | ||
7 | .. slug: ../arts/software/elektropost/index | ||
8 | .. prio: 750 | ||
9 | |||
10 | .. contents:: | ||
11 | :depth: 1 | ||
12 | :class: ezjail-toc | ||
13 | |||
14 | ---- | ||
15 | |||
16 | Overview | ||
17 | ======== | ||
18 | |||
19 | `Here is a raw sketch </epost.pdf>`_ of how the elektropost setup works. | ||
20 | |||
21 | Send feedback to `erdgeist <mailto:erdgeist@erdgeist.org>`_. | ||
22 | |||
23 | ---- | ||
24 | |||
25 | Install qmail | ||
26 | ============= | ||
27 | |||
28 | * ``make patch`` in /usr/ports/mail/qmail-tls, choose SMTP_AUTH_PATCH, BIG_TODO_PATCH, BIG_CONCURRENCY_PATCH, DISCBOUNCES_PATCH and SPF_PATCH, keep RCDLINK | ||
29 | * apply patch http://erdgeist.org/arts/software/Code/elektropost/validrcptto.cdb.patch.new to qmail-tls/work/qmail-1.03 | ||
30 | * apply patch http://erdgeist.org/arts/software/Code/elektropost/qmail-smtpd.c.privacy.patch to qmail-tls/work/qmail-1.03 | ||
31 | * ``make install`` in /usr/ports/mail/qmail-tls | ||
32 | * add "QMAIL_SLAVEPORT=tls" in /etc/make.conf | ||
33 | |||
34 | ---- | ||
35 | |||
36 | Configure qmail | ||
37 | =============== | ||
38 | |||
39 | * In /var/qmail/control check/edit all files | ||
40 | * create a servercert.pem. On elektropost this one is used for lighty and dovecot as well, YMMV | ||
41 | * install http://erdgeist.org/arts/software/Code/elektropost/tcp.smtp to /etc/tcp.smtp and alter it accordingly to your needs, ie fix/insert to "cat /etc/tcp.smtp | tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp" | ||
42 | |||
43 | * for this you will need to ``make install`` in /usr/ports/sysutils/ucspi-tcp | ||
44 | * select SSL, leave MAN checked | ||
45 | * ``ln -s /var/qmail/boot/qmail-smtpd.rcNG /usr/local/etc/rc.d/qmail-smtpd`` | ||
46 | * ``ln -s /var/qmail/boot/maildir /usr/local/etc/rc.d/qmail`` | ||
47 | * ``echo 'qmailsmtpd_enable="YES"' >> /etc/rc.conf`` | ||
48 | * ``echo 'qmailsmtpd_checkpassword="/usr/local/vpopmail/bin/vchkpw"' >> /etc/rc.conf`` | ||
49 | |||
50 | ---- | ||
51 | |||
52 | Install vpopmail | ||
53 | ================ | ||
54 | |||
55 | * ``make install`` in /usr/ports/mail/vpopmail | ||
56 | * Use default options for ucspi-tcp | ||
57 | * ``chown vpopmail:vchkpw /usr/local/vpopmail`` | ||
58 | * ``chmod u+s ~vpopmail/bin/vchkpw`` | ||
59 | * ``pw user mod vpopmail -s /bin/sh`` | ||
60 | |||
61 | ---- | ||
62 | |||
63 | Configure vpopmail | ||
64 | ================== | ||
65 | |||
66 | * ``echo elektropost.org > /usr/local/vpopmail/etc/defaultdomain`` | ||
67 | |||
68 | ---- | ||
69 | |||
70 | Install dovecot | ||
71 | =============== | ||
72 | |||
73 | * ``make install`` in /usr/ports/mail/dovecot | ||
74 | * choose option VPOPMAIL, keep the rest (maybe disable IPV6) | ||
75 | * ``echo 'dovecot_enable="YES"' >> /etc/rc.conf`` | ||
76 | |||
77 | ---- | ||
78 | |||
79 | Configure dovecot | ||
80 | ================= | ||
81 | |||
82 | * ``cp /usr/local/etc/dovecot-example.conf /usr/local/etc/dovecot.conf`` | ||
83 | * Change: protocols = imap imaps pop3s | ||
84 | * Change: listen = and ssl_listen = to match your ip addresses | ||
85 | * Change: ssl_cert_file = /var/qmail/control/servercert.pem | ||
86 | * Change: ssl_key_file = /var/qmail/control/servercert.pem | ||
87 | * Change: mail_location = maildir:%h/Maildir | ||
88 | * Change: first_valid_uid = 1 | ||
89 | * Change: first_valid_gid = 1 | ||
90 | * Change: max_mail_processes = 1024 | ||
91 | * Change: auth_username_format = %Ln@%Ld | ||
92 | * Change: #passdb pam { and #} if you do not have local user mail | ||
93 | * Change: #userdb passwd { and #} if you do not have local user mail | ||
94 | * Change: userdb vpopmail { and } to use vpopmail's vchkpw | ||
95 | |||
96 | ---- | ||
97 | |||
98 | Install lighty | ||
99 | ============== | ||
100 | |||
101 | * ``make install`` in /usr/ports/www/lighttpd | ||
102 | * ``echo 'lighttpd_enable="YES"' >> /etc/rc.conf`` | ||
103 | |||
104 | ---- | ||
105 | |||
106 | Configure lighty | ||
107 | ================ | ||
108 | |||
109 | * ``cp /usr/local/etc/lighttpd.conf.sample /usr/local/etc/lighttpd.conf`` | ||
110 | * Change: "mod_fastcgi", | ||
111 | * Change: server.document-root = "/usr/local/www/squirrelmail/" | ||
112 | * Change: server.port = 443 | ||
113 | * Change:: | ||
114 | |||
115 | cgi.assign = ( ".pl" => "/usr/bin/perl", | ||
116 | ".cgi" => "/usr/bin/perl", | ||
117 | "/cgi-bin/qmailadmin" => "", | ||
118 | "/ezmlm-cgi" => "" ) | ||
119 | |||
120 | * Change: ssl.engine = "enable" | ||
121 | * Change: ssl.pemfile = "/var/qmail/control/servercert.pem" | ||
122 | * To inform users to use https, put a document to /usr/local/www/data/index.html and add:: | ||
123 | |||
124 | #compatibility | ||
125 | $SERVER["socket"] == "<insert your ip address>:80" { | ||
126 | ssl.engine = "disable" | ||
127 | server.name = "<your fqdn>" | ||
128 | server.document-root = "/usr/local/www/data" | ||
129 | } | ||
130 | |||
131 | ---- | ||
132 | |||
133 | Install squirrelmail | ||
134 | ==================== | ||
135 | * ``make install`` in /usr/ports/mail/squirrelmail | ||
136 | * Use default options for php5 | ||
137 | * Follow the instructions squirrelmail port prints out | ||
138 | |||
139 | ---- | ||
140 | |||
141 | Install qmailadmin / ezmlm-idx | ||
142 | ============================== | ||
143 | |||
144 | * ``make install WITH_SPAM_DETECTION=TRUE SPAM_COMMAND="| /usr/local/bin/spamc -f | /usr/local/bin/maildrop" CGIBINDIR=www/squirrelmail/cgi-bin CGIBINSUBDIR= WEBDATADIR=www/squirrelmail WEBDATASUBDIR=qmailadmin in /usr/ports/mail/qmailadmin`` | ||
145 | * Use default options for ezmlm-idx | ||
146 | |||
147 | ---- | ||
148 | |||
149 | Install qmailadmin plugin for squirrelmail | ||
150 | ========================================== | ||
151 | |||
152 | * ``make install`` in /usr/ports/mail/squirrelmail-qmailadmin_login-plugin | ||
153 | |||
154 | ---- | ||
155 | |||
156 | Install maildrop | ||
157 | ================ | ||
158 | |||
159 | * ``make install`` in /usr/ports/mail/maildrop | ||
160 | |||
161 | ---- | ||
162 | |||
163 | Install the maildrop spam sort magic | ||
164 | ==================================== | ||
165 | |||
166 | * install http://erdgeist.org/arts/software/Code/elektropost/maildroprc to /usr/local/etc/maildroprc | ||
167 | |||
168 | ---- | ||
169 | |||
170 | Install spamassassin | ||
171 | ==================== | ||
172 | |||
173 | * ``make install`` in /usr/ports/mail/p5-Mail-SpamAssassin, keep SPAMC, SSL, uncheck all others | ||
174 | * ``echo '-d 192.168.0.2' > /usr/local/etc/mail/spamassassin/spamc.conf`` | ||
175 | |||
176 | ---- | ||
177 | |||
178 | Install the Valid RCPTTO checking stuff | ||
179 | ======================================= | ||
180 | |||
181 | * install http://erdgeist.org/arts/software/Code/elektropost/mkvalidrcptto to /usr/local/vpopmail/bin/mkvalidrcptto | ||
182 | * ``chmod +x /usr/local/vpopmail/bin/mkvalidrcptto`` | ||
183 | * ``cpan install CDB_File`` to help perl understand cdb files | ||
184 | * ``make install`` in /usr/ports/databases/cdb/ | ||
185 | * Add a script to your crontab (e.g. /usr/local/vpopmail/etc/tidymail.sh) that contains:: | ||
186 | |||
187 | /usr/local/vpopmail/bin/mkvalidrcptto | /usr/local/bin/cdbmake-12 /var/qmail/control/validrcptto.cdb /tmp/validrcptto.tmp | ||
188 | |||
189 | ---- | ||
190 | |||
191 | Install the auto trash-pruning script | ||
192 | ===================================== | ||
193 | |||
194 | * Add a script to your crontab (e.g. /usr/local/bin/prune-trash.sh) that contains:: | ||
195 | |||
196 | find -E /usr/local/vpopmail/domains/ -type f -iregex "^.*/maildir/.*\.(junk|trash|spam)(\.[^/]+)?/(new|cur|tmp)/.*$" -mmin +86400 -delete | ||
197 | |||