1 files changed, 197 insertions, 0 deletions
diff --git a/stories/projects/elektropost.rst b/stories/projects/elektropost.rst
new file mode 100644
index 0000000..b8ad9d1
--- /dev/null
+++ b/stories/projects/elektropost.rst
@@ -0,0 +1,197 @@
+.. link:
+.. description: is an ongoing mail server and webmail frontend project, documented to be set up on a FreeBSD jail and instanced on elektropost.org.
+.. tags: project
+.. date: 2014/02/01 19:10:08
+.. title: elektropost
+.. subtitle: a FreeBSD jail based mail server project.
+.. slug: ../arts/software/elektropost/index
+.. prio: 750
+.. contents::
+  :depth: 1
+  :class: ezjail-toc
+----
+Overview
+========
+`Here is a raw sketch </epost.pdf>`_ of how the elektropost setup works.
+Send feedback to `erdgeist <mailto:erdgeist@erdgeist.org>`_.
+----
+Install qmail
+=============
+* ``make patch`` in /usr/ports/mail/qmail-tls, choose SMTP_AUTH_PATCH, BIG_TODO_PATCH, BIG_CONCURRENCY_PATCH, DISCBOUNCES_PATCH and SPF_PATCH, keep RCDLINK
+* apply patch http://erdgeist.org/arts/software/Code/elektropost/validrcptto.cdb.patch.new to qmail-tls/work/qmail-1.03
+* apply patch http://erdgeist.org/arts/software/Code/elektropost/qmail-smtpd.c.privacy.patch to qmail-tls/work/qmail-1.03
+* ``make install`` in /usr/ports/mail/qmail-tls
+* add "QMAIL_SLAVEPORT=tls" in /etc/make.conf
+----
+Configure qmail
+===============
+* In /var/qmail/control check/edit all files
+* create a servercert.pem. On elektropost this one is used for lighty and dovecot as well, YMMV
+* install http://erdgeist.org/arts/software/Code/elektropost/tcp.smtp to /etc/tcp.smtp and alter it accordingly to your needs, ie fix/insert to "cat /etc/tcp.smtp | tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp"
+  * for this you will need to ``make install`` in /usr/ports/sysutils/ucspi-tcp
+  * select SSL, leave MAN checked
+* ``ln -s /var/qmail/boot/qmail-smtpd.rcNG /usr/local/etc/rc.d/qmail-smtpd``
+* ``ln -s /var/qmail/boot/maildir /usr/local/etc/rc.d/qmail``
+* ``echo 'qmailsmtpd_enable="YES"' >> /etc/rc.conf``
+* ``echo 'qmailsmtpd_checkpassword="/usr/local/vpopmail/bin/vchkpw"' >> /etc/rc.conf``
+----
+Install vpopmail
+================
+* ``make install`` in /usr/ports/mail/vpopmail
+* Use default options for ucspi-tcp
+* ``chown vpopmail:vchkpw /usr/local/vpopmail``
+* ``chmod u+s ~vpopmail/bin/vchkpw``
+* ``pw user mod vpopmail -s /bin/sh``
+----
+Configure vpopmail
+==================
+* ``echo elektropost.org > /usr/local/vpopmail/etc/defaultdomain``
+----
+Install dovecot
+===============
+* ``make install`` in /usr/ports/mail/dovecot
+* choose option VPOPMAIL, keep the rest (maybe disable IPV6)
+* ``echo 'dovecot_enable="YES"' >> /etc/rc.conf``
+----
+Configure dovecot
+=================
+* ``cp /usr/local/etc/dovecot-example.conf /usr/local/etc/dovecot.conf``
+* Change: protocols = imap imaps pop3s
+* Change: listen = and ssl_listen = to match your ip addresses
+* Change: ssl_cert_file = /var/qmail/control/servercert.pem
+* Change: ssl_key_file = /var/qmail/control/servercert.pem
+* Change: mail_location = maildir:%h/Maildir
+* Change: first_valid_uid = 1
+* Change: first_valid_gid = 1
+* Change: max_mail_processes = 1024
+* Change: auth_username_format = %Ln@%Ld
+* Change: #passdb pam { and #} if you do not have local user mail
+* Change: #userdb passwd { and #} if you do not have local user mail
+* Change: userdb vpopmail { and } to use vpopmail's vchkpw
+----
+Install lighty
+==============
+* ``make install`` in /usr/ports/www/lighttpd
+* ``echo 'lighttpd_enable="YES"' >> /etc/rc.conf``
+----
+Configure lighty
+================
+* ``cp /usr/local/etc/lighttpd.conf.sample /usr/local/etc/lighttpd.conf``
+* Change: "mod_fastcgi",
+* Change: server.document-root = "/usr/local/www/squirrelmail/"
+* Change: server.port = 443
+* Change::
+    cgi.assign                 = ( ".pl"  => "/usr/bin/perl",
+                                   ".cgi" => "/usr/bin/perl",
+                                   "/cgi-bin/qmailadmin" => "",
+                                   "/ezmlm-cgi" => "" )
+* Change: ssl.engine = "enable"
+* Change: ssl.pemfile = "/var/qmail/control/servercert.pem"
+* To inform users to use https, put a document to /usr/local/www/data/index.html and add::
+   #compatibility
+   $SERVER["socket"] == "<insert your ip address>:80" {
+      ssl.engine                  = "disable"
+      server.name                 = "<your fqdn>"
+      server.document-root        = "/usr/local/www/data"
+   }
+----
+Install squirrelmail
+====================
+* ``make install`` in /usr/ports/mail/squirrelmail
+* Use default options for php5
+* Follow the instructions squirrelmail port prints out
+----
+Install qmailadmin / ezmlm-idx
+==============================
+* ``make install WITH_SPAM_DETECTION=TRUE SPAM_COMMAND="| /usr/local/bin/spamc -f | /usr/local/bin/maildrop" CGIBINDIR=www/squirrelmail/cgi-bin CGIBINSUBDIR= WEBDATADIR=www/squirrelmail WEBDATASUBDIR=qmailadmin in /usr/ports/mail/qmailadmin``
+* Use default options for ezmlm-idx
+----
+Install qmailadmin plugin for squirrelmail
+==========================================
+* ``make install`` in /usr/ports/mail/squirrelmail-qmailadmin_login-plugin
+----
+Install maildrop
+================
+* ``make install`` in /usr/ports/mail/maildrop
+----
+Install the maildrop spam sort magic
+====================================
+* install http://erdgeist.org/arts/software/Code/elektropost/maildroprc to /usr/local/etc/maildroprc
+----
+Install spamassassin
+====================
+* ``make install`` in /usr/ports/mail/p5-Mail-SpamAssassin, keep SPAMC, SSL, uncheck all others
+* ``echo '-d 192.168.0.2' > /usr/local/etc/mail/spamassassin/spamc.conf``
+----
+Install the Valid RCPTTO checking stuff
+=======================================
+* install http://erdgeist.org/arts/software/Code/elektropost/mkvalidrcptto to /usr/local/vpopmail/bin/mkvalidrcptto
+* ``chmod +x /usr/local/vpopmail/bin/mkvalidrcptto``
+* ``cpan install CDB_File`` to help perl understand cdb files
+* ``make install`` in /usr/ports/databases/cdb/
+* Add a script to your crontab (e.g. /usr/local/vpopmail/etc/tidymail.sh) that contains::
+   /usr/local/vpopmail/bin/mkvalidrcptto | /usr/local/bin/cdbmake-12 /var/qmail/control/validrcptto.cdb /tmp/validrcptto.tmp
+----
+Install the auto trash-pruning script
+=====================================
+* Add a script to your crontab (e.g. /usr/local/bin/prune-trash.sh) that contains::
+   find -E /usr/local/vpopmail/domains/ -type f -iregex "^.*/maildir/.*\.(junk|trash|spam)(\.[^/]+)?/(new|cur|tmp)/.*$" -mmin +86400 -delete

diff --git a/stories/projects/elektropost.rst b/stories/projects/elektropost.rst new file mode 100644 index 0000000..b8ad9d1 --- /dev/null +++ b/stories/projects/elektropost.rst
@@ -0,0 +1,197 @@
	1	.. link:
	2	.. description: is an ongoing mail server and webmail frontend project, documented to be set up on a FreeBSD jail and instanced on elektropost.org.
	3	.. tags: project
	4	.. date: 2014/02/01 19:10:08
	5	.. title: elektropost
	6	.. subtitle: a FreeBSD jail based mail server project.
	7	.. slug: ../arts/software/elektropost/index
	8	.. prio: 750
	9
	10	.. contents::
	11	:depth: 1
	12	:class: ezjail-toc
	13
	14	----
	15
	16	Overview
	17	========
	18
	19	`Here is a raw sketch </epost.pdf>`_ of how the elektropost setup works.
	20
	21	Send feedback to `erdgeist <mailto:erdgeist@erdgeist.org>`_.
	22
	23	----
	24
	25	Install qmail
	26	=============
	27
	28	* ``make patch`` in /usr/ports/mail/qmail-tls, choose SMTP_AUTH_PATCH, BIG_TODO_PATCH, BIG_CONCURRENCY_PATCH, DISCBOUNCES_PATCH and SPF_PATCH, keep RCDLINK
	29	* apply patch http://erdgeist.org/arts/software/Code/elektropost/validrcptto.cdb.patch.new to qmail-tls/work/qmail-1.03
	30	* apply patch http://erdgeist.org/arts/software/Code/elektropost/qmail-smtpd.c.privacy.patch to qmail-tls/work/qmail-1.03
	31	* ``make install`` in /usr/ports/mail/qmail-tls
	32	* add "QMAIL_SLAVEPORT=tls" in /etc/make.conf
	33
	34	----
	35
	36	Configure qmail
	37	===============
	38
	39	* In /var/qmail/control check/edit all files
	40	* create a servercert.pem. On elektropost this one is used for lighty and dovecot as well, YMMV
	41	* install http://erdgeist.org/arts/software/Code/elektropost/tcp.smtp to /etc/tcp.smtp and alter it accordingly to your needs, ie fix/insert to "cat /etc/tcp.smtp \| tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp"
	42
	43	* for this you will need to ``make install`` in /usr/ports/sysutils/ucspi-tcp
	44	* select SSL, leave MAN checked
	45	* ``ln -s /var/qmail/boot/qmail-smtpd.rcNG /usr/local/etc/rc.d/qmail-smtpd``
	46	* ``ln -s /var/qmail/boot/maildir /usr/local/etc/rc.d/qmail``
	47	* ``echo 'qmailsmtpd_enable="YES"' >> /etc/rc.conf``
	48	* ``echo 'qmailsmtpd_checkpassword="/usr/local/vpopmail/bin/vchkpw"' >> /etc/rc.conf``
	49
	50	----
	51
	52	Install vpopmail
	53	================
	54
	55	* ``make install`` in /usr/ports/mail/vpopmail
	56	* Use default options for ucspi-tcp
	57	* ``chown vpopmail:vchkpw /usr/local/vpopmail``
	58	* ``chmod u+s ~vpopmail/bin/vchkpw``
	59	* ``pw user mod vpopmail -s /bin/sh``
	60
	61	----
	62
	63	Configure vpopmail
	64	==================
	65
	66	* ``echo elektropost.org > /usr/local/vpopmail/etc/defaultdomain``
	67
	68	----
	69
	70	Install dovecot
	71	===============
	72
	73	* ``make install`` in /usr/ports/mail/dovecot
	74	* choose option VPOPMAIL, keep the rest (maybe disable IPV6)
	75	* ``echo 'dovecot_enable="YES"' >> /etc/rc.conf``
	76
	77	----
	78
	79	Configure dovecot
	80	=================
	81
	82	* ``cp /usr/local/etc/dovecot-example.conf /usr/local/etc/dovecot.conf``
	83	* Change: protocols = imap imaps pop3s
	84	* Change: listen = and ssl_listen = to match your ip addresses
	85	* Change: ssl_cert_file = /var/qmail/control/servercert.pem
	86	* Change: ssl_key_file = /var/qmail/control/servercert.pem
	87	* Change: mail_location = maildir:%h/Maildir
	88	* Change: first_valid_uid = 1
	89	* Change: first_valid_gid = 1
	90	* Change: max_mail_processes = 1024
	91	* Change: auth_username_format = %Ln@%Ld
	92	* Change: #passdb pam { and #} if you do not have local user mail
	93	* Change: #userdb passwd { and #} if you do not have local user mail
	94	* Change: userdb vpopmail { and } to use vpopmail's vchkpw
	95
	96	----
	97
	98	Install lighty
	99	==============
	100
	101	* ``make install`` in /usr/ports/www/lighttpd
	102	* ``echo 'lighttpd_enable="YES"' >> /etc/rc.conf``
	103
	104	----
	105
	106	Configure lighty
	107	================
	108
	109	* ``cp /usr/local/etc/lighttpd.conf.sample /usr/local/etc/lighttpd.conf``
	110	* Change: "mod_fastcgi",
	111	* Change: server.document-root = "/usr/local/www/squirrelmail/"
	112	* Change: server.port = 443
	113	* Change::
	114
	115	cgi.assign = ( ".pl" => "/usr/bin/perl",
	116	".cgi" => "/usr/bin/perl",
	117	"/cgi-bin/qmailadmin" => "",
	118	"/ezmlm-cgi" => "" )
	119
	120	* Change: ssl.engine = "enable"
	121	* Change: ssl.pemfile = "/var/qmail/control/servercert.pem"
	122	* To inform users to use https, put a document to /usr/local/www/data/index.html and add::
	123
	124	#compatibility
	125	$SERVER["socket"] == "<insert your ip address>:80" {
	126	ssl.engine = "disable"
	127	server.name = "<your fqdn>"
	128	server.document-root = "/usr/local/www/data"
	129	}
	130
	131	----
	132
	133	Install squirrelmail
	134	====================
	135	* ``make install`` in /usr/ports/mail/squirrelmail
	136	* Use default options for php5
	137	* Follow the instructions squirrelmail port prints out
	138
	139	----
	140
	141	Install qmailadmin / ezmlm-idx
	142	==============================
	143
	144	* ``make install WITH_SPAM_DETECTION=TRUE SPAM_COMMAND="\| /usr/local/bin/spamc -f \| /usr/local/bin/maildrop" CGIBINDIR=www/squirrelmail/cgi-bin CGIBINSUBDIR= WEBDATADIR=www/squirrelmail WEBDATASUBDIR=qmailadmin in /usr/ports/mail/qmailadmin``
	145	* Use default options for ezmlm-idx
	146
	147	----
	148
	149	Install qmailadmin plugin for squirrelmail
	150	==========================================
	151
	152	* ``make install`` in /usr/ports/mail/squirrelmail-qmailadmin_login-plugin
	153
	154	----
	155
	156	Install maildrop
	157	================
	158
	159	* ``make install`` in /usr/ports/mail/maildrop
	160
	161	----
	162
	163	Install the maildrop spam sort magic
	164	====================================
	165
	166	* install http://erdgeist.org/arts/software/Code/elektropost/maildroprc to /usr/local/etc/maildroprc
	167
	168	----
	169
	170	Install spamassassin
	171	====================
	172
	173	* ``make install`` in /usr/ports/mail/p5-Mail-SpamAssassin, keep SPAMC, SSL, uncheck all others
	174	* ``echo '-d 192.168.0.2' > /usr/local/etc/mail/spamassassin/spamc.conf``
	175
	176	----
	177
	178	Install the Valid RCPTTO checking stuff
	179	=======================================
	180
	181	* install http://erdgeist.org/arts/software/Code/elektropost/mkvalidrcptto to /usr/local/vpopmail/bin/mkvalidrcptto
	182	* ``chmod +x /usr/local/vpopmail/bin/mkvalidrcptto``
	183	* ``cpan install CDB_File`` to help perl understand cdb files
	184	* ``make install`` in /usr/ports/databases/cdb/
	185	* Add a script to your crontab (e.g. /usr/local/vpopmail/etc/tidymail.sh) that contains::
	186
	187	/usr/local/vpopmail/bin/mkvalidrcptto \| /usr/local/bin/cdbmake-12 /var/qmail/control/validrcptto.cdb /tmp/validrcptto.tmp
	188
	189	----
	190
	191	Install the auto trash-pruning script
	192	=====================================
	193
	194	* Add a script to your crontab (e.g. /usr/local/bin/prune-trash.sh) that contains::
	195
	196	find -E /usr/local/vpopmail/domains/ -type f -iregex "^./maildir/.\.(junk\|trash\|spam)(\.[^/]+)?/(new\|cur\|tmp)/.*$" -mmin +86400 -delete
	197