wget http://www.qmailrocks.org/downloads/qmailrocks.tar.gz
tar -zxvf qmailrocks.tar.gz
cd /downloads/qmailrocks/scripts/install/
./qmr_install_linux-s1.script
--> /var/qmail
--> users and groups
--> /usr/src/qmail
--> untars qmail and ucspi-tcp in /usr/src/qmail
--> untars daemontools in /package
--> /var/log/qmail
--> creates dir qmail-send qmail-smtpd qmail-pop3d under /var/log/qmail
--> /var/qmail/supervise
--> qmail-smtpd/log qmail-send/log qmail-pop3d/log
cd /downloads/qmailrocks/scripts/util/
./qmail_big_patches.script
--> jumbo patches for qmail
=========================
BUILD QMAIL
=========================
hostname --fqdn
cd /usr/src/qmail/qmail-1.03
make man && make setup check
--> populates /var/qmail
./config-fast linux.box.com
--> populates /var/qmail/control
=========================
build ucspi-tcp
=========================
cd /usr/src/qmail/ucspi-tcp-0.88/
patch < /downloads/qmailrocks/patches/ucspi-tcp-0.88.errno.patch
output: patching file error.h
make && make setup check
=========================
build daemontools.
=========================
cd /package/admin/daemontools-0.76/src
patch < /downloads/qmailrocks/patches/daemontools-0.76.errno.patch
output: patching file error.h
cd /package/admin/daemontools-0.76
package/install
/command/svscanboot
svscan /service
========================
Autoresponder
========================
cd /downloads/qmailrocks
tar zxvf autorespond-2.0.5.tar.gz
cd autorespond-2.0.5
make && make install
========================
Vpopmail
========================
cd /downloads/qmailrocks
tar zxvf vpopmail-5.4.13.tar.gz
cd vpopmail-5.4.13
./configure --enable-logging=p
make && make install-strip
========================
Vqadmin
========================
cd /downloads/qmailrocks
tar zxvf vqadmin-2.3.6.tar.gz
cd vqadmin-2.3.6
./configure --enable-cgibindir=/var/www/cgi-bin --enable-htmldir=/var/www/html
make && make install-strip
mkdir /var/www/cgi-bin/vqadmin
httpd.conf
-------------------------------------------------------
deny from all
Options ExecCGI
AllowOverride AuthConfig
Order deny,allow
vi /var/www/cgi-bin/vqadmin/.htaccess
-------------------------------------------------------
AuthType Basic
AuthUserFile /var/www/vqadmin.passwd
AuthName vQadmin
require valid-user
satisfy any
htpasswd -c /var/www/vqadmin.passwd admin
chmod 644 /var/www/vqadmin.passwd
chown vpopmail:vchkpw /var/www/cgi-bin/vqadmin/vqadmin.cgi
http://10.5.1.100/cgi-bin/vqadmin/vqadmin.cgi
/home/vpopmail/bin/vadddomain anecho.net
========================
Maildrop
========================
cd /downloads/qmailrocks
tar zxvf maildrop-1.6.3.tar.gz
cd maildrop-1.6.3
./configure --prefix=/usr/local --exec-prefix=/usr/local --enable-maildrop-uid=root --enable-maildrop-gid=vchkpw --enable-maildirquota
make && make install-strip && make install-man
========================
Qmailadmin
========================
cd /downloads/qmailrocks
tar zxvf qmailadmin-1.2.9.tar.gz
cd qmailadmin-1.2.9
./configure --enable-cgibindir=/var/www/cgi-bin --enable-htmldir=/var/www/html
make && make install-strip
http://10.5.1.100/cgi-bin/qmailadmin
fpostmaster account and password for the domain that you created a while back using Vqadmin
========================
Finalizing Qmail
========================
/downloads/qmailrocks/scripts/finalize/linux/finalize_linux.script
vi /var/qmail/supervise/qmail-pop3d/run
change "mail.example.com" to linux.box.com
vi /var/qmail/supervise/qmail-smtpd/run
change "mail.example.com" to linux.box.com
qmailctl stop
echo '127.:allow,RELAYCLIENT=""' >> /etc/tcp.smtp
qmailctl cdb
-----------------------
system aliases
-----------------------
echo mailadm > /var/qmail/alias/.qmail-root
echo mailadm > /var/qmail/alias/.qmail-postmaster
echo mailadm > /var/qmail/alias/.qmail-mailer-daemon
ln -s /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-anonymous
chmod 644 /var/qmail/alias/.qmail*
=========================
Disabling Sendmail
=========================
service sendmail stop
mv /usr/lib/sendmail /usr/lib/sendmail.old
mv /usr/sbin/sendmail /usr/sbin/sendmail.old
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
=========================
Starting qmail
=========================
- checking the installation
/downloads/qmailrocks/scripts/util/qmr_inst_check
you should get "congratulations" message
qmailctl start
=========================
Courier-imap/imaps
=========================
Courier-imap along with Courierpassd, Courier-authlib
Courier IMAP authentication with "vchkpw"
Courierpassd is a utility that allows users to change their mailbox passwords remotely.
-----------------------
courier-authlib
-----------------------
cd /downloads/qmailrocks/
tar jxvf courier-authlib-0.55.tar.bz2
cd courier-authlib-0.55
./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw --without-authldap --without-authmysql --disable-root-check --with-ssl --with-authchangepwdir=/usr/local/libexec/authlib --with-redhat
make && make check
make install-strip && make install-configure
vi /etc/rc.local
Add the following line:
/usr/local/sbin/authdaemond start
-----------------------
Courier IMAP
-----------------------
cd /downloads/qmailrocks/
tar jxvf courier-imap-4.0.2.tar.bz2
useradd lino
chown -R lino:root courier-imap-4.0.2
cd /downloads/qmailrocks/courier-imap-4.0.2
su lino
./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw --without-authldap --without-authmysql --disable-root-check --with-ssl --with-authchangepwdir=/usr/local/libexec/authlib --with-redhat
make && make check
Now we will exit out of our NON-ROOT USER and go back to being root...
exit
make install-strip && make install-configure
==>
-----------------------
SSL certificate for the IMAP-SSL server
-----------------------
vi /usr/local/etc/imapd.cnf
emailAddress=postmaser@linux.box.com
/usr/local/sbin/mkimapdcert
--> it creates /usr/local/share/imapd.pem
vi /usr/local/etc/imapd
IMAPDSTART=YES
vi /usr/local/etc/imapd-ssl
IMAPDSSLSTART=YES
TLS_CERTFILE=/usr/local/share/imapd.pem
vi /usr/local/etc/authlib/authdaemonrc
# Comment out this line
# authmodulelist="authuserdb authpam authcustom authvchkpw"
# copy the below line
authmodulelist="authvchkpw"
cp /usr/local/libexec/imapd.rc /etc/rc.d/init.d/imap
cp /usr/local/libexec/imapd-ssl.rc /etc/rc.d/init.d/imaps
Now let's start up Authdaemond, IMAP and IMAPS.
/usr/local/sbin/authdaemond stop
/usr/local/sbin/authdaemond start
/etc/rc.d/init.d/imap stop
/etc/rc.d/init.d/imaps stop
/etc/rc.d/init.d/imap start
/etc/rc.d/init.d/imaps start
If you run
# nmap localhost
you should see both 143 and 993 now open and listening.
Now let's test it...
# telnet localhost 143
a login madunix@box.com madunix
a OK LOGIN Ok. (successful login!)
a logout
you can configure a mail client such as Outlook to test both the IMAP and IMAP-SSL connetion to your server.
------------------------------
Courierpassd
------------------------------
Note: Courierpassd will require that port 106 be open to at least local traffic (traffic from 127.0.0.1)
# cd /downloads/qmailrocks
# tar zxvf courierpassd-1.1.0-RC1.tar.gz
# cd courierpassd-1.1.0-RC1
# ./configure
==>
# make && make install
We are going to configure Xinetd to run courierpassd.
# cd /etc/xinetd.d
# vi courierpassd
service courierpassd
{
port = 106
socket_type = stream
protocol = tcp
user = root
server = /usr/local/sbin/courierpassd
server_args = -s imap
wait = no
only_from = 127.0.0.1
instances = 4
disable = no
}
# vi /etc/services
courierpassd 106/tcp #for /etc/xinetd.d/courierpassd
# /etc/rc.d/init.d/xinetd restart
# telnet localhost 106
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
200 courierpassd v0.30 hello, who are you?
user madunix@box.com
200 Your password please.
pass madunix
200 Your new password please.
newpass n0uresh
200 Password changed, thank-you.
quit
200 Bye.
Connection closed by foreign host.
------------------------------
Squirrelmail
------------------------------
--> check whether PHP is installed
# cd /var/www/html
# vi test.php
phpinfo();
?>
http://10.5.1.100/test.php
search for these options:
--enable-track-vars
--enable-force-cgi-redirect
--with-gettext
--with-mysql
vi /etc/php.ini
# search for this string
file_uploads = On
# rpm -evv squirrelmail
# cd /downloads/qmailrocks
# tar -jxvf squirrelmail-1.4.8.tar.bz2
# mv squirrelmail-1.4.8 webmail
# mkdir /var/sqattachements
# chown -R apache:apache /var/sqattachements
# cd webmail
# chown -R apache:apache data
# cd config
# ./conf.pl
--> For 2. Server Settings
Command>> 2
1. Domain : 10.5.1.100
2. Invert Time : false
3. Sendmail or SMTP : SMTP
--> For IMAP settings
Command>> A
4. IMAP Server : localhost
5. IMAP Port : 143
6. Authentication type : login
7. Secure IMAP (TLS) : false
8. Server software : other
9. Delimiter : detect
--> B. Update SMTP Settings
Command>> B
4. SMTP Server : localhost
5. SMTP Port : 25
6. POP before SMTP : false
7. SMTP Authentication : login
8. Secure SMTP (TLS) : false
--> Save data
Command >> S
# mv webmail/ /var/www/html
# http://10.5.1.100/webmail
--> download change_password plugin from squirrelmail.org
# tar -zxvf change_pass-2.7-1.4.x.tar.gz
# cd /var/www/html/webmail/plugins
# cp -r /downloads/qmailrocks/change_pass .
# cd /var/www/html/webmail/config
# ./conf.pl
Choose the option for "plugins".
--> add plugin "change_pass"
=======================
Checking/Installing Perl Modules
=======================
You will need these Perl Modules to work for Spamassassin and Qmail-Scanner
Digest::SHA1
Digest::HMAC
Net::DNS
Time::HiRes
HTML::Tagset
HTML::Parser
Pod::Usage
Parse::Syslog
Statistics::Distributions
You will also need these other packages:
perl-suidperl
unzip
How do I know if my server has these perl modules?
/downloads/qmailrocks/scripts/util/check_perlmods.script
==========================
Clam Anti Virus
==========================
cd /downloads/qmailrocks/
rpm -Uvh clamav-0.87-1.i386.rpm
rpm -Uvh clamav-devel-0.87-1.i386.rpm
# vi /etc/clamd.conf
LogFile /var/log/clamav/clamd.log
"LogTime" - should be uncommmented.
"LogSyslog" - should be uncommented.
#User clamav --> Comment it out, add the below
User qscand
"ScanMail" - should be uncommented.
Now we are going to create the qscand user that ClamAV
# useradd -c "Qmail-Scanner Account" -s /bin/false qscand
# chown -R qscand:qscand /var/log/clamav/
# /etc/init.d/clamd stop
# /etc/init.d/clamd start
--> Update with the latest virus definiations
# touch /var/log/clamav/clam-update.log
# chown -R qscand:qscand /var/log/clamav/
# /usr/bin/freshclam -l /var/log/clamav/clam-update.log
ClamAV update process started at Sun Oct 24 23:36:22 2004
main.cvd is up to date (version: 27, sigs: 23982, f-level: 2, builder: tomek)
daily.cvd is up to date (version: 549, sigs: 1583, f-level: 3, builder: ccordes)
--> run update of virus definitions at 1:25 am
# crontab -e
25 1 * * * /usr/bin/freshclam --quiet -l /var/log/clamav/freshclam.log
--. Clam AV quarantines the e-mail in /var/spool/qmailscan/quarantine
--> Clamd runs on port 3310
==================
Spamassassin
==================
--> Spamassassin utilizes port 783
# rpm -e spamassassin
# cd /downloads/qmailrocks/perlmods/rpms/
# rpm -Uvh perl-Mail-SpamAssassin-3.0.2-1.i386.rpm
--> Now let's install the Spamassassin RPMs
# cd /downloads/qmailrocks/
# rpm -Uvh spamassassin-3.0.2-1.i386.rpm
# rpm -Uvh --nodeps spamassassin-tools-3.0.2-1.i386.rpm
# groupadd spamd
# useradd -g spamd -s /home/spamd spamd
# vi /etc/sysconfig/spamassassin
SPAMDOPTIONS="-x -u spamd -H /home/spamd -d"
# vi /etc/mail/spamassassin/local.cf
required_hits 5
# /etc/rc.d/init.d/spamassassin start
# ps aux | grep spamd
# chkconfig --level 35 clamd on
# chkconfig --level 35 spamassassin on
====================================
qmail-scanner w/qms-analog
====================================
. Qms-analog incorporated the widely used qmail-scanner-st patch but it also adds some cool reporting functionality as well which we will utilize later in this installation guide
# cd /downloads/qmailrocks
# tar zxvf qmail-scanner-1.25.tgz
# tar zxvf qms-analog-0.4.2.tar.gz
# cd qms-analog-0.4.2
# make all
# cp qmail-scanner-1.25-st-qms-20050219.patch /downloads/qmailrocks/qmail-scanner-1.25/
# cd /downloads/qmailrocks/qmail-scanner-1.25
# patch -p1 qmail-scanner-1.25-st-qms-20050219.patch
No comments:
Post a Comment