forked from vexim/vexim2
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathREADME
350 lines (294 loc) · 15.6 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
Virtual Exim 2
README AND INSTALL GUIDE
========================
Thanks for picking the Virtual Exim package, for your virtual mail hosting
needs! :-)
This document provides a basic guide on how to get Virtual Exim working on your
system. In this guide, I assume that you have *a little* knowledge of both MySQL
and Exim.
Before we go into any details, I'd like to thanks Philip Hazel and the Exim
developers for a fine product.
I would also like to thanks the postmasters at various domains for letting me
play havoc with their mail while I set this up :-)
Finally, a special note of thanks to Dan Bernstein for his Qmail MTA.
Dan, thank you for educating me how mail delivery really shouldn't be
done, on the Internet.
The Virtual Exim project currently lives on GitHub:
https://github.com/avleen/vexim2
And its mailing list/Google group is available at:
https://groups.google.com/group/vexim
Installation steps for each component:
NOTE FOR UPGRADING:
If you are upgrading from a previous version of Virtual Exim, you'll find
additional notes marked 'UPGRADING' in some sections. If and when you do,
follow these notes.
DISTRIBUTION-SPECIFIC NOTES:
Some sections may contain distribution or OS-specific notes. You'll find them
after an appropriate prefix, such as 'DEBIAN' or 'FREEBSD' where appropriate.
PARTS:
Prerequisites
Files and Apache
System user
Databases and authentication
Exim configuration
Site Admin
Virtual Domains
Mailman
Mail storage and Delivery
POP3 and IMAP daemons (separate to this software)
Prerequisites:
The following packages must be installed on your system, for Virtual Exim to
work. If you don't have any of these packages already installed, please refer
to the documentation provided with your operating system on how to install
each package:
* Exim v4 with MySQL or PostgreSQL support (tested on v4.1x/4.2x/4.7x)
* MySQL (tested on v5.1.x) or PostgreSQL
* Apache or other HTTP server (Tested on Apache v2.2.x)
* PHP v5 (tested on v5.3.x) with at least the following extensions:
- PDO
- pdo_mysql or pdo_pgsql
- imap
- gettext
- iconv
The following packages provide optional functionality:
* Mailman – to have mailing lists
* ClamAV – for scanning e-mail for viruses
* SpamAssassin – for scanning e-mail from spam
VExim might work with older (or newer) versions of these packages, but you may
have to perform some adaptation work to achieve that. In any case, you are
welcome to file bugs and/or provide patches on GitHub.
UPGRADING: If you are upgrading from VExim 1.x, the following packages will
help you to perform automatic database schema migration. They will only be
needed during the upgrade and can be removed later:
* Perl + DBI module + DBD-mysql (you would need DBD-Pg to migrate
a PostgreSQL database, but PostreSQL migration is not implemented
in the migration script)
DEBIAN: The following command line installs all the required packages
(this is assuming you're going with MySQL setup):
# apt-get install apache2 exim4-daemon-heavy mysql-server libapache2-mod-php5 php5-mysql php5-imap
If you want your mail server to scan messages for viruses and spam, you will
have to install a few more packages:
# apt-get install clamav-daemon clamav-freshclam sa-exim spamassassin
System user:
You should create a new user account to whom the virtual mailboxes will
belong. Since you do not want anyone to be able to login using that account,
you should also disable logging in for that user. Here are the command lines
to do that. This manual assumes you want to have your virtual mailboxes in
/var/spool/vexim. If you want them elsewhere, adjust the commands. After
the user and group are created, find their uid and gid using the last command
and memorize these values:
# useradd -r -m -U -s /bin/false -d /var/spool/vexim vexim
# id vexim
FREEBSD: Instead of the commands above, you should probably use the following:
# pw useradd vexim -u 1,100 -g "" -d /var/spool/vexim -m -s /nonexistant
# id vexim
DEBIAN: Use the following command instead:
# adduser --system --home /var/spool/vexim --disabled-password --disabled-login --group vexim
Databases and authentication:
When creating the databases you have two options. You can either use
the SQL command files, or the perl script.
If you are creating new databases, I *HIGHLY* recommend you use the
SQL command files. They are much simpler.
However, if you are migrating from Virtual Exim 1.x to 2.x, you will
need to use the perl script to migrate the data.
IMPORTANT NOTE: if you have a database called "vexim" in MySQL or PostgreSQL,
you should back it up first. The SQL command files assume that the database
with that name does not exist and has to be created. You can edit the files
to use a different database name, but you are still strongly advised to make
a backup of the "vexim" database – just in case.
MySQL:
This ditribution contains a file "vexim2/setup/mysql.sql". This file
provides the database schema used by vexim. You will have to import it into
MySQL, but before that, some changes must be made to this file in order
for it to work.
Open this file in a text editor and look for the word "CHANGE". You will
find the following two lines not far from the top (lines 15-16):
uid smallint(5) unsigned NOT NULL default 'CHANGE',
gid smallint(5) unsigned NOT NULL default 'CHANGE',
Replace "CHANGE" with the uid and gid of your freshly created "vexim" user
(see the System user step). This will be the default user to own mailbox
files for new domains.
Further below you will find the following section:
--
-- Privileges:
--
GRANT SELECT,INSERT,DELETE,UPDATE ON `vexim`.* to "vexim"@"localhost"
IDENTIFIED BY 'CHANGE';
FLUSH PRIVILEGES;
Replace the word "CHANGE" with a secure password - It will be used both by
the Exim MTA and the web interface to access the database.
If the crypt() function on your system produces DES hashes, you will also
have to uncomment the appropriate lines, as noted by the comments, at the
end of mysql.sql.
With the necessary changes made, you should run the following command line
to initialize the database:
# mysql -u root -p < vexim2/setup/mysql.sql
PGSQL:
The code has been tested by several users to work with Virtual Exim,
and we try our best to make sure it always will. Unfortunately I
don't have much PostgreSQL knowledge to support it fully. A database
schema for it is included however, as setup/pgsql.sql to help you
set up the database. Make sure to adjust it similarly as per MySQL
instructions above.
UPGRADING:
If you are upgrading your installation you will need to use the perl
script. Executing it as:
# create_db.pl --act=migratemysql --dbtype=mysql --uid=90 --gid=90 --mailstore=/usr/local/mail
should work fine. Replace 'uid', 'gid' and 'mailstore' values with the ones
you have from the "System user" step.
Files and Apache:
In this distribution is a directory called 'vexim'.
You have two options:
1) Copy this directory into your current DocumentRoot for your
domain, and optionally rename the directory.
2) Set up a new VirtualHost and point the DocumentRoot to the vexim
directory.
Both should work equally well.
After copying the 'vexim' directory, you should edit file 'variables.php',
which you'll find in is subdirectory called 'config'. Change the following
values defined in that file:
* $sqlpass – to the vexim database user's password which you chose while
editing 'mysql.sql' in the "Databases and authentication" step.
* $uid, $gid and $mailroot to the values you have from the "System user" step.
* If your system uses DES passwords, change '$cryptscheme' to "des".
Other, less interesting options are documented in the comments of that file.
Feel free to explore them as well.
Exim configuration:
NOTE: the configuration files supplied here are really old and should be
revised. You probably should NOT really use them as-is, instead just
look at them for inspiration. Actually, that file, as it is now, likely
will not even work!
An example Exim 'configure' file, has been included with this distribution as
'docs/configure'. Copy this to the location Exim expects its configuration
file to be on your installation. You will also need to copy docs/vexim* to
/usr/local/etc/exim/. The following lines are important and will have to be
edited if you are using this configure, or copied to your own configure file:
MAILMAN_HOME=/usr/local/mailman
MAILMAN_WRAP=MAILMAN_HOME/mail/mailman
*** Edit these if your mailman is in a different location.
----------
MAILMAN_USER=mailnull
MAILMAN_GROUP=mail
*** These need to match the username and group under which exim runs
----------
primary_hostname=mail.example.org
*** Change this to the name of your server.
----------
# If you are using MySQL, uncomment the following two lines:
#VIRTUAL_DOMAINS = SELECT DISTINCT CONCAT(domain, ' : ') FROM domains type = 'local'
#RELAY_DOMAINS = SELECT DISTINCT CONCAT(domain, ' : ') FROM domains type = 'relay'
-----
# If you are using PGSQL, uncomment the following four lines:
#VIRTUAL_DOMAINS = SELECT DISTINCT domain || ' : ' FROM domains WHERE type = 'local'
#RELAY_DOMAINS = SELECT DISTINCT domain || ' : ' FROM domains WHERE type = 'relay'
*** Depending on the database type you are using, you will need to
uncomment the appropriate lines in the config, to enable lookups.
----------
domainlist local_domains = @ : example.org : ${lookup mysql{VIRTUAL_DOMAINS}} : ${lookup mysql{ALIAS_DOMAINS}}
domainlist relay_to_domains = ${lookup mysql{RELAY_DOMAINS}}
hostlist relay_from_hosts = localhost : @ : 192.168.0.0/24
trusted_users = avleen:www
*** These control which domains you accept mail for and deliver locally
(local_domains), which domains you accept mail for and deliver remotely
(relay_to_domains), which IP addresses are allowed to send mail to any
domain (relay_from_hosts) and which system users are considered trusted
(trusted_users). More on these options – in Exim documentation.
----------
exim_user = mailnull
exim_group = mail
*** Specify here, the username and group under which Exim runs. This
combination is also that under which mailman must run in order to
work.
----------
# av_scanner = clamd:/tmp/clamd
# spamd_address = 127.0.0.1 783
*** If you want to use either Anti-Virus scanning, or SpamAssassin, you
will need to uncomment the appropriate line here.
----------
#hide mysql_servers = localhost::(/tmp/mysql.sock)/vexim/vexim/CHANGE
*** This line configures database connectivity. You need to
uncomment it and change the word 'CHANGE', to the password you will
use for the 'vexim' database user, which we will set up in the next
part.
Also it is assumed that the mysql domain socket is /tmp/mysql.sock,
which is where the FreeBSD port puts it. Other installations put it
in /var/tmp, /usr/lib, or any number of other places. If yours isn't
/tmp/mysql.sock, you will need to set this.
----------
ACL's
*** We have split all of the ACL's into separate files, to make
managing them easier. Please review the ACL section of the configure
file. If there are ACL's you would rather not have executed, please
comment out the '.include' line that references them, or edit the
ACL file directly and comment them out.
DEBIAN:
Typically, Debian setups use split Exim configuration with some Debconf
magic. This manual will assume that you are familiar with it. If not, you
should refer to the Debian documentation on Exim.
To get the virtual mailboxes to work, copy the contents of
docs/debian-conf.d/ to /etc/exim4/conf.d/ and change the MySQL password
in .../main/00_vexim_listmacrosdefs. You may also want to review the ACL's
in docs/vexim-acl-*.conf and selectively copy and paste their contents to
the files provided by Debian in conf.d. By the way, some of these ACL's are
already implemented by Debian, so you might just need to enable them by
defining certain macros as described in Debian manual.
This manual does not cover enabling ClamAV and SpamAssassin in Exin in
Debian. Please look this up elsewhere. By the way, the author of this part
never bothered to set up Vexim in such a way that Debian would take into
account the status of the various user flag (on_av, on_spamassassin etc)
for each user. In his setup, these flags have no effect, and all messages
are checked for spam and viruses.
Stefan Tomanek has a nice writeup about using Vexim in Debian, but that
article does not cover all aspects, is a bit outdated, and most of if has
been incorporated (and improved!) into this document anyway. You can find
it at http://stefans.datenbruch.de/rootserver/vexim.shtml.
Site Admin:
In order to add and delete domains from the database, you need to have
a "site admin". This user can create the initial postmaster users for
the individual domains.
The default username and password for the siteadmin, are:
Username: siteadmin
Domain value: (blank)
Password: CHANGE
The password is case sensitive. You are strongly advised to log in and change
it as soon as you get a chance. :-)
Virtual Domains:
Virtual Exim can now control which local domains Exim accepts mail
for and which domains it relays mail for. The features are controlled
by the siteadmin, and domains can be easily added/removed from the
siteadmin pages. Local domains can also be enabled/disabled on the
fly, but relay domains are always enabled.
Mailman:
Mailman needs to be installed if you want to use mailing lists. The
default location is assumed to be /usr/local/mailman. If this is not
the location of your installation, edit Exim's configure file, and
change the paths where ever 'mailman' is mentioned, and do the same in
vexim/config/variables.php
Mail storage and Delivery:
The mysql configuration assumes that mail will be stored in
/usr/local/mail/domain.com/username/Maildir. If you want to change the
path from '/usr/local/mail/', you need to edit the file:
vexim/config/variables.php
and change 'mailroot' to the correct path. Don't forget the / at the
end.
POP3 and IMAP daemons:
There are many POP3 and IMAP daemons available today. Few of them are
good, and fewer of those like MySQL. Some that we have found that work
are:
POP3 Only: Qpopper
IMAP and/or POP3: The Courier-IMAP package or Dovecot
Instructions for installing these have been included in this tarball
in the following files:
Qpopper: docs/clients/qpop-mysql.txt
Courier-IMAP: docs/clients/freebsd-courierimap.txt (FreeBSD HOWTO)
Dovecot: docs/clients/dovecot.txt
These documents are pretty clear and you should be able to use them as
a template when compiling from source on most Unixes. Just remember
the switches on 'configure' scripts for enabling mysql support :-)
Instructions for configuring Cyrus and Cyrus IMAP are also available. However, we have not tested
these so cannot guarantee they work. If you have success or problems with these instructions,
please let us know!
Cyrus: docs/clients/cyrus.txt
UPGRADING: If you are upgrading, you will need to update your configs
for your POP/IMAP daemons, as the database layout has changed. You
should be able to follow the above instructions without problem.