From 23f0e1561767dd8a396188e317bae5920d171ea8 Mon Sep 17 00:00:00 2001
From: erdgeist <erdgeist@bauklotz.local>
Date: Sun, 16 Aug 2015 16:38:25 +0200
Subject: Initial import of my nikola website

---
 stories/projects/elektropost.rst | 197 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 197 insertions(+)
 create mode 100644 stories/projects/elektropost.rst

(limited to 'stories/projects/elektropost.rst')

diff --git a/stories/projects/elektropost.rst b/stories/projects/elektropost.rst
new file mode 100644
index 0000000..b8ad9d1
--- /dev/null
+++ b/stories/projects/elektropost.rst
@@ -0,0 +1,197 @@
+.. link:
+.. description: is an ongoing mail server and webmail frontend project, documented to be set up on a FreeBSD jail and instanced on elektropost.org.
+.. tags: project
+.. date: 2014/02/01 19:10:08
+.. title: elektropost
+.. subtitle: a FreeBSD jail based mail server project.
+.. slug: ../arts/software/elektropost/index
+.. prio: 750
+
+.. contents::
+  :depth: 1
+  :class: ezjail-toc
+
+----
+
+Overview
+========
+
+`Here is a raw sketch </epost.pdf>`_ of how the elektropost setup works.
+
+Send feedback to `erdgeist <mailto:erdgeist@erdgeist.org>`_.
+
+----
+
+Install qmail
+=============
+
+* ``make patch`` in /usr/ports/mail/qmail-tls, choose SMTP_AUTH_PATCH, BIG_TODO_PATCH, BIG_CONCURRENCY_PATCH, DISCBOUNCES_PATCH and SPF_PATCH, keep RCDLINK
+* apply patch http://erdgeist.org/arts/software/Code/elektropost/validrcptto.cdb.patch.new to qmail-tls/work/qmail-1.03
+* apply patch http://erdgeist.org/arts/software/Code/elektropost/qmail-smtpd.c.privacy.patch to qmail-tls/work/qmail-1.03
+* ``make install`` in /usr/ports/mail/qmail-tls
+* add "QMAIL_SLAVEPORT=tls" in /etc/make.conf
+
+----
+
+Configure qmail
+===============
+
+* In /var/qmail/control check/edit all files
+* create a servercert.pem. On elektropost this one is used for lighty and dovecot as well, YMMV
+* install http://erdgeist.org/arts/software/Code/elektropost/tcp.smtp to /etc/tcp.smtp and alter it accordingly to your needs, ie fix/insert to "cat /etc/tcp.smtp | tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp"
+
+  * for this you will need to ``make install`` in /usr/ports/sysutils/ucspi-tcp
+  * select SSL, leave MAN checked
+* ``ln -s /var/qmail/boot/qmail-smtpd.rcNG /usr/local/etc/rc.d/qmail-smtpd``
+* ``ln -s /var/qmail/boot/maildir /usr/local/etc/rc.d/qmail``
+* ``echo 'qmailsmtpd_enable="YES"' >> /etc/rc.conf``
+* ``echo 'qmailsmtpd_checkpassword="/usr/local/vpopmail/bin/vchkpw"' >> /etc/rc.conf``
+
+----
+
+Install vpopmail
+================
+
+* ``make install`` in /usr/ports/mail/vpopmail
+* Use default options for ucspi-tcp
+* ``chown vpopmail:vchkpw /usr/local/vpopmail``
+* ``chmod u+s ~vpopmail/bin/vchkpw``
+* ``pw user mod vpopmail -s /bin/sh``
+
+----
+
+Configure vpopmail
+==================
+
+* ``echo elektropost.org > /usr/local/vpopmail/etc/defaultdomain``
+
+----
+
+Install dovecot
+===============
+
+* ``make install`` in /usr/ports/mail/dovecot
+* choose option VPOPMAIL, keep the rest (maybe disable IPV6)
+* ``echo 'dovecot_enable="YES"' >> /etc/rc.conf``
+
+----
+
+Configure dovecot
+=================
+
+* ``cp /usr/local/etc/dovecot-example.conf /usr/local/etc/dovecot.conf``
+* Change: protocols = imap imaps pop3s
+* Change: listen = and ssl_listen = to match your ip addresses
+* Change: ssl_cert_file = /var/qmail/control/servercert.pem
+* Change: ssl_key_file = /var/qmail/control/servercert.pem
+* Change: mail_location = maildir:%h/Maildir
+* Change: first_valid_uid = 1
+* Change: first_valid_gid = 1
+* Change: max_mail_processes = 1024
+* Change: auth_username_format = %Ln@%Ld
+* Change: #passdb pam { and #} if you do not have local user mail
+* Change: #userdb passwd { and #} if you do not have local user mail
+* Change: userdb vpopmail { and } to use vpopmail's vchkpw
+
+----
+
+Install lighty
+==============
+
+* ``make install`` in /usr/ports/www/lighttpd
+* ``echo 'lighttpd_enable="YES"' >> /etc/rc.conf``
+
+----
+
+Configure lighty
+================
+
+* ``cp /usr/local/etc/lighttpd.conf.sample /usr/local/etc/lighttpd.conf``
+* Change: "mod_fastcgi",
+* Change: server.document-root = "/usr/local/www/squirrelmail/"
+* Change: server.port = 443
+* Change::
+
+    cgi.assign                 = ( ".pl"  => "/usr/bin/perl",
+                                   ".cgi" => "/usr/bin/perl",
+                                   "/cgi-bin/qmailadmin" => "",
+                                   "/ezmlm-cgi" => "" )
+
+* Change: ssl.engine = "enable"
+* Change: ssl.pemfile = "/var/qmail/control/servercert.pem"
+* To inform users to use https, put a document to /usr/local/www/data/index.html and add::
+
+   #compatibility
+   $SERVER["socket"] == "<insert your ip address>:80" {
+      ssl.engine                  = "disable"
+      server.name                 = "<your fqdn>"
+      server.document-root        = "/usr/local/www/data"
+   }
+
+----
+
+Install squirrelmail
+====================
+* ``make install`` in /usr/ports/mail/squirrelmail
+* Use default options for php5
+* Follow the instructions squirrelmail port prints out
+
+----
+
+Install qmailadmin / ezmlm-idx
+==============================
+
+* ``make install WITH_SPAM_DETECTION=TRUE SPAM_COMMAND="| /usr/local/bin/spamc -f | /usr/local/bin/maildrop" CGIBINDIR=www/squirrelmail/cgi-bin CGIBINSUBDIR= WEBDATADIR=www/squirrelmail WEBDATASUBDIR=qmailadmin in /usr/ports/mail/qmailadmin``
+* Use default options for ezmlm-idx
+
+----
+
+Install qmailadmin plugin for squirrelmail
+==========================================
+
+* ``make install`` in /usr/ports/mail/squirrelmail-qmailadmin_login-plugin
+
+----
+
+Install maildrop
+================
+
+* ``make install`` in /usr/ports/mail/maildrop
+
+----
+
+Install the maildrop spam sort magic
+====================================
+
+* install http://erdgeist.org/arts/software/Code/elektropost/maildroprc to /usr/local/etc/maildroprc
+
+----
+
+Install spamassassin
+====================
+
+* ``make install`` in /usr/ports/mail/p5-Mail-SpamAssassin, keep SPAMC, SSL, uncheck all others
+* ``echo '-d 192.168.0.2' > /usr/local/etc/mail/spamassassin/spamc.conf``
+
+----
+
+Install the Valid RCPTTO checking stuff
+=======================================
+
+* install http://erdgeist.org/arts/software/Code/elektropost/mkvalidrcptto to /usr/local/vpopmail/bin/mkvalidrcptto
+* ``chmod +x /usr/local/vpopmail/bin/mkvalidrcptto``
+* ``cpan install CDB_File`` to help perl understand cdb files
+* ``make install`` in /usr/ports/databases/cdb/
+* Add a script to your crontab (e.g. /usr/local/vpopmail/etc/tidymail.sh) that contains::
+
+   /usr/local/vpopmail/bin/mkvalidrcptto | /usr/local/bin/cdbmake-12 /var/qmail/control/validrcptto.cdb /tmp/validrcptto.tmp
+
+----
+
+Install the auto trash-pruning script
+=====================================
+
+* Add a script to your crontab (e.g. /usr/local/bin/prune-trash.sh) that contains::
+
+   find -E /usr/local/vpopmail/domains/ -type f -iregex "^.*/maildir/.*\.(junk|trash|spam)(\.[^/]+)?/(new|cur|tmp)/.*$" -mmin +86400 -delete
+
-- 
cgit v1.2.3