5
Howto: Installasi mailserver dengan postfix and courier menggunakan authentikasi mysql
Tutorial ini menjelaskan Step by Step tentang cara membuat mailserver dg virtual domain
(domain email tidak harus selalu sama dg domain komputer yang sesungguhnya)
denganberbasiskan postfix dan courier dg memanfaatkan mysql sebagai penyimpan data
username & password bagi tiap2 user. Berikut ini yang harus anda lakukan.
Step 2: Membuat user, database, dan tabel yang diperlukan pada mysql
Tambahkan database dan tabel-tabel baru pada mysql anda sebagai berikut
sakarotul:~# mysql -u root -p
password:
mysql>CREATE DATABASE mail;
mysql>CREATE USER ‘mailadmin’@’localhost’ identified by ‘passwordanda’;
mysql>USE mail;
mysql>CREATE TABLE domains (
domain varchar(50) NOT NULL,
PRIMARY KEY (domain) )
TYPE=MyISAM;
mysql>CREATE TABLE forwardings (
source varchar(80) NOT NULL,
destination TEXT NOT NULL,
PRIMARY KEY (source) )
TYPE=MyISAM;
mysql>CREATE TABLE users (
email varchar(80) NOT NULL,
password varchar(20) NOT NULL,
PRIMARY KEY (email) )
TYPE=MyISAM;
mysql>GRANT all ON mail.* TO ‘mailadmin’@’localhost’;
Testing…
Restart service postfix, dan cobalah untuk mengakses port 25 dengan telnet
sakarotul:~# /etc/init.d/postfix restart
sakarotul:~# postfix check
Jika tidak muncul suatu pesan kesalahan, berarti anda sukses…….
sakarotul:~# telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.localdomain.
Escape character is ‘^]’.
220 mail.lqman.org ESMTP Postfix (Debian/GNU)
Jika muncul sebagaimana tulisan diatas, berarti postfix anda sudah berjalan lancar…
Tekanlah tombol Ctrl+] lalu ketik quit untuk keluar dari sesi telnet,
Ambilah napas dalam-dalam, dan lanjutkan perjuangan
@ IN MX 5 mail.lqman.org.
mail IN A 10.122.1.22
IP-Address 10.122.1.22 hanya sebagai contoh saja, ubahlah sesuai dg IP-Address yg anda
inginkan. Kemudian untuk mencoba pengiriman email dari smtp server anda, lakukan telnet
pada localhost 25
sakarotul:~# telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.localdomain.
Escape character is ‘^]’.
220 mail.lqman.org ESMTP Postfix (Debian/GNU)
Kemudian secara interaktif (pada mode telnet) berikan perintah spt dibawah ini :
Anda : ehlo virtual.test
Server : 250-mailtest
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250-AUTH=LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250 8BITMIME
Anda : mail from:admin@lqman.org
Server : 250 Ok
Anda : rcpt to:user@lqman.org
Server : 250 Ok
Anda : data
Server : 354 End data with .
Anda : Subject:Just for test
This is a test email
. (tanda titik)
Server : 250 Ok: queued as ABC1D1C123
Anda : quit
Server : 221 BYE
Jika respon server seperti tulisan diatas, berarti email dari admin@lqman.org kepada
user@lqman.org sudah masuk ke dalam antrian untuk segera dikirimkan oleh postfix (SMTP
server).
Lihatlah pada log file yang berada pada /var/log/mail.info :
sakarotul:~# tail -f /var/log/mail/info | ccze
Pasti akan kita lihat bagin seperti dibawah ini :
Jul 24 21:48:28 myserver postfix/smtpd[9119]: connect from myserver[127.0.0.1]
Jul 24 21:48:48 myserver postfix/smtpd[9119]: F2C1B47BD: client=myserver[127.0.0.1]
Jul 24 21:48:52 myserver postfix/cleanup[9144]: F2C1B47BD: message-id=
Jul 24 21:48:52 myserver postfix/qmgr[9117]: F2C1B47BD: from=, size=313, nrcpt=1
(queue active)
Jul 24 21:48:52 myserver postfix/virtual[9148]: F2C1B47BD: to=, relay=virtual, delay=10,
status=sent (delivered to maildir)
Jika anda melihat “status=sent (delivered to maildir)” maka email yang anda kirimkan sudah
berhasil dikirimkan ke dalam Maildir user yang bersangkutan (user@lqman.org). Jalankan
perintah find untuk melihat seluruh file dan direktori yang ada dibawah direktori
“/home/mail”.
sakarotul:~# find /home/mail
/home/mail/
/home/mail/lqman.org
/home/mail/lqman.org/user
/home/mail/lqman.org/user/cur
/home/mail/lqman.org/user/new
/home/mail/lqman.org/user/new/1170803794.V805I1c1fbM98807.bajoel
/home/mail/lqman.org/user/new/1170803833.V805I1c1feM87660.bajoel
/home/mail/lqman.org/user/tmp
Semuanya berjalan Lancar? Bagus.. Sebagai langkah terakhir, anda harus mencoba login
pada email baru nada melalui tampilan web yg telah disediakan oleh squirrelmail. Pada
percobaan ini, username yang bisa digunakan adalah “user@lqman.org” dengan password
“user”
Kemudian save opsi tersebut dg cara menekan tombol “s”, lalu keluar dari configurasi dg
menekan tombol “q”.
Step 11: Menjadikan webmail kita sebagai VirtualHost baru
Buatlah file baru pada konfigurasi webserver anda (pada tutorial ini dipakai webserver
apache2)
sakarotul:~# touch /etc/apache2/sites/available/squirrelmail
Kemudian tambahkan baris-baris dibawah ini :
NameVirtualHost 10.122.1.22:80
ServerAdmin admin@lqman.org
ServerName mail.lqman.org
DocumentRoot /usr/share/squirrelmail
Options FollowSymLinks
AllowOverride None
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
Setelah itu, buatlah symbolic link ke direktori /etc/apache2/sites-enable/ dengan cara :
sakarotul:~# ln -s /etc/apache2/sites-available/squirrelmail.conf /etc/apache/sites-
enable/001squirrelmail.conf
Lalu cek konfigurasi apache2 dg syntax :
sakarotul:~# apache2ctl configtest
dan jika muncul tulisan Syntax OK, maka restart-lah apache2 dg :
sakarotul:~# apache2ctl restart
Postfix and Courier Installation using MySQL
Page
Discussion
View source
History
Contents
[hide]
1 Introduction
2 Requirements
3 Pre-Installation
4 Install Postfix, Courier and Saslauthd
5 Apply Quota Patch To Postfix
6 Prevent APT from upgrading Postfix
7 Create The MySQL Database For Postfix/Courier
o 7.1 MySQL Database Structure
8 Configure Postfix
9 Configure Saslauthd
10 Configure Courier
11 Quota Notifications
12 Testing Postfix
13 Adding to the Database
o 13.1 Forwarding Options
o 13.2 Transport Options
14 References
Introduction
This HOWTO describes how to install a mail server, using Postfix, that is based on virtual
users and domains - i.e. users and domains that are stored in a MySQL database. We'll also
cover the installation and configuration of Courier (Courier-POP3, Courier-IMAP), so that
Courier can authenticate against the same MySQL database that Postfix uses.
The resulting Postfix server is capable of SMTP-AUTH and quota. Quota is not built into
Postfix but we'll patch your Postfix appropriately and prevent apt from upgrading and
breaking Postfix in the future. Passwords are stored in encrypted form in the database.
This HOWTO is meant as a practical guide which I used to setup my own system. It does not
cover the theoretical backgrounds as they are treated in a lot of other documents available on
the web.
Requirements
A Debian Etch base installation - Installation HOWTO here.
A working version of MySQL, phpMyAdmin and PHP - Installation HOWTO here.
Root access to your server.
Pre-Installation
Before proceeding to install, update the necessary packages in Debian with these commands.
apt-get update
apt-get upgrade
Ensure that the above command is run in one line (i.e. don't break it up)!
We have to get the Postfix sources, patch it with the quota patch, build new Postfix .deb
packages and install those .deb packages:
NB: Run the above command in one line i.e. don't break it up.
cd /usr/src
apt-get source postfix
wget http://vda.sourceforge.net/VDA/postfix-2.3.4-vda.patch.gz
gunzip postfix-2.3.4-vda.patch.gz
cd postfix-2.3.4
patch -p1 < ../postfix-2.3.4-vda.patch.gz
dpkg-buildpackage
cd ..
dpkg -i postfix_2.3.4-3_i386.deb
dpkg -i postfix-mysql_2.3.4-3_i386.deb
vim /etc/apt/preferences
Package: postfix
Pin: version 2.3.4
Pin-Priority: 1001
Package: postfix-mysql
Pin: version 2.3.4
Pin-Priority: 1001
Package: postfix-dev
Pin: version 2.3.4
Pin-Priority: 1001
apt-get update
apt-get upgrade
mysql -u root -p
In the MySQL shell, we create the user mail_admin with the passwort mail_admin_password
(replace it with your own password) who has SELECT, INSERT, UPDATE and DELETE
privileges on the mail database. This user will be used by Postfix and Courier to connect to
the mail database:
Still in the MySQL shell, we create the tables that Postfix and Courier need:
USE mail;
CREATE TABLE domains (
domain varchar(50) NOT NULL,
PRIMARY KEY (domain) )
TYPE=MyISAM;
CREATE TABLE forwardings (
source varchar(80) NOT NULL,
destination TEXT NOT NULL,
PRIMARY KEY (source) )
TYPE=MyISAM;
CREATE TABLE users (
email varchar(80) NOT NULL,
password varchar(20) NOT NULL,
quota INT(10) DEFAULT '10485760',
PRIMARY KEY (email)
) TYPE=MyISAM;
CREATE TABLE transport (
domain varchar(128) NOT NULL default ,
transport varchar(128) NOT NULL default ,
UNIQUE KEY domain (domain)
) TYPE=MyISAM;
quit;
The domains table will store each virtual domain that Postfix should receive emails for (e.g.
example.com).
domain
example.com
The forwardings table is for aliasing one email address to another, e.g. forward emails for
info@example.com to sales@example.com.
source destination
info@example.com sales@example.com
The users table stores all virtual users (i.e. email addresses, because the email address and
user name is the same) and passwords (in encrypted form!) and a quota value for each mail
box (in this example the default value is 10485760 bytes which means 10MB).
The transport table is optional and is for advanced users. It allows us to forward mails for
single users, whole domains or all mails to another server. For example,
domain transport
example.com smtp:[1.2.3.4]
would forward all emails for example.com via the smtp protocol to the server with the IP
address 1.2.3.4 (the square brackets [] mean "do not make a lookup of the MX DNS record"
(which makes sense for IP addresses...). If you use a fully qualified domain name (FQDN)
instead you would not use the square brackets.).
Configure Postfix
Now we have to tell Postfix where it can find all the information in the database. Therefore
we have to create six text files. You will notice that I tell Postfix to connect to MySQL on the
IP address 127.0.0.1 instead of localhost. This is because Postfix is running in a chroot jail
and does not have access to the MySQL socket which it would try to connect if I told Postfix
to use localhost. If I use 127.0.0.1 Postfix uses TCP networking to connect to MySQL which
is no problem even in a chroot jail (the alternative would be to move the MySQL socket into
the chroot jail which causes some other problems).
bind-address = 127.0.0.1
so that MySQL allows connections on 127.0.0.1 (restart MySQL if you have to make changes
to /etc/mysql/my.cnf).
/etc/postfix/mysql-virtual_domains.cf
user = mail_admin
password = mail_admin_password
dbname = mail
table = domains
select_field = 'virtual'
where_field = domain
hosts = 127.0.0.1
/etc/postfix/mysql-virtual_forwardings.cf
user = mail_admin
password = mail_admin_password
dbname = mail
table = forwardings
select_field = destination
where_field = source
hosts = 127.0.0.1
/etc/postfix/mysql-virtual_mailboxes.cf
user = mail_admin
password = mail_admin_password
dbname = mail
table = users
select_field = CONCAT(SUBSTRING_INDEX(email,'@',-
1),'/',SUBSTRING_INDEX(email,'@',1),'/')
where_field = email
hosts = 127.0.0.1
/etc/postfix/mysql-virtual_email2email.cf
user = mail_admin
password = mail_admin_password
dbname = mail
table = users
select_field = email
where_field = email
hosts = 127.0.0.1
/etc/postfix/mysql-virtual_transports.cf
user = mail_admin
password = mail_admin_password
dbname = mail
table = transport
select_field = transport
where_field = domain
hosts = 127.0.0.1
/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
user = mail_admin
password = mail_admin_password
dbname = mail
table = users
select_field = quota
where_field = email
hosts = 127.0.0.1
chmod o= /etc/postfix/mysql-virtual_*.cf
chgrp postfix /etc/postfix/mysql-virtual_*.cf
Now we create a user and group called vmail with the home directory /home/vmail. This is
where all mail boxes will be stored.
groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /home/vmail -m
Next we do some Postfix configuration. Ensure that you replace server1.example.com below
with your own server name otherwise Postfix will not work properly!
Configure Saslauthd
mkdir -p /var/spool/postfix/var/run/saslauthd
Edit /etc/default/saslauthd. Remove the # in front of START=yes and add the line
PARAMS="-m /var/spool/postfix/var/run/saslauthd -r". The file should then look like this:
We must also edit /etc/init.d/saslauthd and change the location of saslauthd's PID file. Change
the value of PIDFILE to /var/spool/postfix/var/run/${NAME}/saslauthd.pid:
PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"
Then create the file /etc/pam.d/smtp. It should contain only the following two lines (be sure
to fill in your correct database details):
Next create the file /etc/postfix/sasl/smtpd.conf remembering to replace the mysql password
with your own. It should look like this:
pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true
auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: mail_admin
sql_passwd: mail_admin_password
sql_database: mail
sql_select: select password from users where email = '%u'
/etc/init.d/postfix restart
postfix check
/etc/init.d/saslauthd restart
Configure Courier
Now we have to tell Courier that it should authenticate against our MySQL database. First,
edit /etc/courier/authdaemonrc and change the value of authmodulelist so that it reads:
authmodulelist="authmysql"
Then edit /etc/courier/authmysqlrc. It should look like this (again, make sure to fill in the
correct database details):
MYSQL_SERVER localhost
MYSQL_USERNAME mail_admin
MYSQL_PASSWORD mail_admin_password
MYSQL_PORT 0
MYSQL_DATABASE mail
MYSQL_USER_TABLE users
MYSQL_CRYPT_PWFIELD password
#MYSQL_CLEAR_PWFIELD password
MYSQL_UID_FIELD 5000
MYSQL_GID_FIELD 5000
MYSQL_LOGIN_FIELD email
MYSQL_HOME_FIELD "/home/vmail"
MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,'@',-
1),'/',SUBSTRING_INDEX(email,'@',1),'/')
#MYSQL_NAME_FIELD
MYSQL_QUOTA_FIELD quota
/etc/init.d/courier-authdaemon restart
/etc/init.d/courier-imap restart
/etc/init.d/courier-imap-ssl restart
/etc/init.d/courier-pop restart
/etc/init.d/courier-pop-ssl restart
By running:
you can see if your POP3 server is working correctly. It should give back +OK Hello there.
(Type quit to get back to the Linux shell.)
Quota Notifications
If you want to get notifications about all the email accounts that are over quota, then do this:
cd /usr/local/sbin/
wget http://puuhis.net/vhcs/quota.txt
mv quota.txt quota_notify
chmod 755 quota_notify
my $POSTFIX_CF = "/etc/postfix/main.cf";
my $MAILPROG = "/usr/sbin/sendmail -t";
my $WARNPERCENT = 80;
my @POSTMASTERS = ('postmaster@example.com');
my $CONAME = 'ISP.tld';
my $COADDR = 'postmaster@example.com';
my $SUADDR = 'postmaster@example.com';
my $MAIL_REPORT = 1;
my $MAIL_WARNING = 1;
crontab -e
telnet localhost 25
After you have established the connection to your postfix mail server type
ehlo localhost
mysql -u root -p
USE mail;
At a minimum you have to create entries in the domain and user tables:
To add entries into the other two tables you would do the following:
quit;
Forwarding Options
Transport Options
Please keep in mind that the order of entries in the transport table is important! The entries
will be followed from the top to the bottom.
Important: Postfix uses a caching mechanism for the transports, therefore it might take a
while until you changes in the transport table take effect. If you want them to take effect
immediately, run
postfix reload