Virtual Mail And Jabber Server (xmpp) With iRedMail And Ejabberd On Ubuntu 9.10

Want to support HowtoForge? Become a subscriber!
 
Submitted by eddiechen (Contact Author) (Forums) on Mon, 2010-03-29 16:34. :: Ubuntu

Virtual Mail And Jabber Server (xmpp) With iRedMail And Ejabberd On Ubuntu 9.10

iRedMail is a shell script that lets you quickly deploy a full-featured mail solution in less than 2 minutes. Since iRedMail 0.5, it supports CentOS 5.x, Debian 5.x, Ubuntu 8.04, 9.04 and 9.10 (both i386 and x86_64). iRedMail supports both OpenLDAP and MySQL as backends for storing virtual domains and users.

This tutorial shows you how to integrate Ejabberd into iredmail's ldap backend on Ubuntu 9.10, passwords will be stored in ldap and you can change the password through webmail.

This tutorial is based on Ubuntu 9.10, so I suggest set up a minimum Ubuntu 9.10 system, install iredmail 0.60 and choose openldap as the backend, as shown in these tutorials:

Thanks to yrjc2004 for sharing and helping.

 

1 Install Ejabberd

Install ejabberd:

apt-get install ejabberd

 

2 Find cn=vmail password

The vmail password was randomly created during iredmail install. You can find the password in /etc/postfix/ldap_virtual_mailbox_domains.cf:

cat /etc/postfix/ldap_virtual_mailbox_domains.cf

bind_dn         = cn=vmail,dc=example,dc=com
bind_pw         = KxR6AAj2EutXjhcRcK2AHPWCqiA3Ym #cn=vmail password

 

3 Configure ejabberd

Ejabberd's configuration files are written in Erlang syntax, which might be difficult to comprehend. Thankfully, the modifications we need to make are relatively minor and straightforward. The main ejabberd configuration file is located at /etc/ejabberd/ejabberd.cfg. We'll cover each relevant option in turn.

In Erlang, comments begin with the % sign.

Edit /etc/ejabberd/ejabberd.cfg.

Setting admin and domain, now we set www@example.com as admin.

%% Admin user
{acl, admin, {user, "www", "example.com"}}.
%% Hostname
{hosts, ["example.com"]}.

Comment the line, Auth not use internal.

%%{auth_method, internal}. 

Add the below at the bottom.

%%% Authenticate against LDAP.
{auth_method, ldap}.
{ldap_servers, ["127.0.0.1"]}.
%%% {ldap_encrypt, tls}.
{ldap_port, 389}.
{ldap_base, "o=domains,dc=example,dc=com"}.
{ldap_rootdn, "cn=vmail,dc=example,dc=com"}.
{ldap_password, "KxR6AAj2EutXjhcRcK2AHPWCqiA3Ym"}.  #cn=vmail password
%%% Enable both normal mail user and mail admin.
{ldap_filter, "(&(objectClass=mailUser)(accountStatus=active)(enabledService=jabber))"}.
{ldap_uids, [{"mail", "%u@%d"}]}.

Start ejabberd and check the status:

# /etc/init.d/ejabberd start

Starting jabber server: ejabberd.

# ejabberdctl status

Node ejabberd@u910 is started. Status: started
ejabberd is running

 

4 Enable jabber service for mail user

Use phpLDAPadmin or other tools to add sample LDAP attributes and values for existing mail users.

Log into phpLDAPadmin:cn=manager,dc=example,dc=com


Find the existing mail user www@example.com:


Enable the jabber service for the user www@example.com:


5 Configure iptables

Standard ports:

5222 Main client port
5223 Obsolete secure jabber port
5269 Server to server port
5280 Web administration

vi /etc/default/iptables

# http/https, smtp/smtps, pop3/pop3s, imap/imaps, ssh
-A INPUT -p tcp -m multiport --dport 80,443,25,465,110,995,143,993,587,465,22,5222,5223,5269,5280 -j ACCEPT # <-- Add 5222 5223 5269 5280

Restart the iptables service:

/etc/init.d/iptables restart

 

6 Web Access Admin Console

Now you can access http://192.168.1.10:5280/admin/

Log in as the ejabberd web admin; we have set www@example.com as the admin for the ejabberd server:

This is how it looks after the login:

Check the virtual host user:

You cannot create a user in webadmin. If you want to create a user, you first need to add the user in iRedAdmin, then enable the jabber service for the user in phpldapadmin.

If you want to add the second virtual domain, you first need to create a new domain in iRedAdmin, then modify /etc/ejabberd/ejabberd.cfg.

%% Hostname 
{hosts, ["example.com","test.com"]}. 

Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.