Virtual Users And Domains With Postfix, Courier And MySQL (Ubuntu 6.06 LTS)

Want to support HowtoForge? Become a subscriber!
 
Submitted by volksman (Contact Author) (Forums) on Thu, 2008-01-10 12:38. :: Anti-Spam/Virus | Ubuntu | Postfix

Virtual Users And Domains With Postfix, Courier And MySQL (Ubuntu 6.06 LTS)

This tutorial is derived from a tutorial from Christoph Haas which you can find at http://workaround.org. You are free to use this tutorial under the Creative Commons license 2.5 or any later version.

This document describes how to install a mail server based on Postfix that is based on virtual users and domains, i.e. users and domains that are in a MySQL database. I'll also demonstrate the installation and configuration of Courier (Courier-POP3, Courier- IMAP), so that Courier can authenticate against the same MySQL database Postfix uses.

The resulting Postfix server is capable of SMTP-AUTH and TLS and quota (quota is not built into Postfix by default, I'll show how to patch your Postfix appropriately). Passwords are stored in encrypted form in the database (most documents I found were dealing with plain text passwords which is a security risk).

The advantage of such a "virtual" setup (virtual users and domains in a MySQL database) is that it is far more performant than a setup that is based on "real" system users. With this virtual setup your mail server can handle thousands of domains and users. Besides, it is easier to administrate because you only have to deal with the MySQL database when you add new users/domains or edit existing ones. No more postmap commands to create db files, no more reloading of Postfix, etc. For the administration of the MySQL database you can use web based tools like phpMyAdmin which will also be installed in this howto. The third advantage is that users have an email address as user name (instead of a user name + an email address) which is easier to understand and keep in mind.

 

1 Preliminary Note

This tutorial is based on Ubuntu 6.06 LTS Server base install (IE not LAMP).

 

2 Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin

To install Postfix, Courier, Saslauthd, MySQL, and phpMyAdmin, we simply run

apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authmysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl phpmyadmin apache2 libapache2-mod-php5 php5 php5-mysql

You will be asked a few questions:

Create directories for web-based administration ? <-- No
General type of mail configuration: <-- Internet Site
System mail name: <-- server1.example.com

 

3 Apply The Quota Patch To Postfix

We have to get the Postfix sources, patch it with the quota patch, build new Postfix .deb packages and install those .deb packages:

apt-get install build-essential dpkg-dev fakeroot debhelper libgdbm-dev libldap2-dev libpcre3-dev libssl-dev libsasl2-dev postgresql-dev po-debconf dpatch libdb4.3-dev libmysqlclient15-dev postgresql-dev libdb4.3-dev tinycdb libcdb-dev

cd /usr/src
apt-get source postfix

(Make sure you use the correct Postfix version in the following commands. I have Postfix 2.4.5 installed. You can find out your Postfix version by running

postconf -d | grep mail_version

The output should look like this:

root@server1:~# postconf -d | grep mail_version
mail_version = 2.4.5
milter_macro_v = $mail_name $mail_version
root@server1:~#

)

wget http://vda.sourceforge.net/VDA/postfix-2.4.5-vda-ng.patch.gz
gunzip postfix-2.4.5-vda-ng.patch.gz
cd postfix-2.4.5
patch -p1 < ../postfix-2.4.5-vda-ng.patch
dpkg-buildpackage

You might see a warning like this at the end of the dpkg-buildpackage command:

(WARNING: Failed to sign .dsc and .changes file)

You can ignore this message.

Now we go one directory up, that's where the new .deb packages have been created:

cd ..

The command

ls -l

shows you the available packages:

root@server1:/usr/src# ls -la
total 5400
drwxrwsr-x 3 root src 4096 2007-11-14 13:15 .
drwxr-xr-x 11 root root 4096 2007-11-14 13:02 ..
drwxr-xr-x 19 1001 root 4096 2007-11-14 13:15 postfix-2.4.5
-rw-r--r-- 1 root src 226965 2007-11-14 13:13 postfix_2.4.5-3build1~dapper1.diff.gz
-rw-r--r-- 1 root src 673 2007-11-14 13:13 postfix_2.4.5-3build1~dapper1.dsc
-rw-r--r-- 1 root src 1826 2007-11-14 13:15 postfix_2.4.5-3build1~dapper1_i386.changes
-rw-r--r-- 1 root src 1093064 2007-11-14 13:15 postfix_2.4.5-3build1~dapper1_i386.deb
-rw-r--r-- 1 root src 2934634 2007-08-03 13:53 postfix_2.4.5.orig.tar.gz
-rw-r--r-- 1 root src 57055 2007-08-01 19:13 postfix-2.4.5-vdang.patch
-rw-r--r-- 1 root src 40218 2007-11-14 13:15 postfix-cdb_2.4.5-3build1~dapper1_i386.deb
-rw-r--r-- 1 root src 131728 2007-11-14 13:15 postfix-dev_2.4.5-3build1~dapper1_all.deb
-rw-r--r-- 1 root src 820058 2007-11-14 13:15 postfix-doc_2.4.5-3build1~dapper1_all.deb
-rw-r--r-- 1 root src 44012 2007-11-14 13:15 postfix-ldap_2.4.5-3build1~dapper1_i386.deb
-rw-r--r-- 1 root src 39496 2007-11-14 13:15 postfix-mysql_2.4.5-3build1~dapper1_i386.deb
-rw-r--r-- 1 root src 39306 2007-11-14 13:15 postfix-pcre_2.4.5-3build1~dapper1_i386.deb
-rw-r--r-- 1 root src 39600 2007-11-14 13:15 postfix-pgsql_2.4.5-3build1~dapper1_i386.deb

Pick the postfix and postfix-mysql packages and install them like this:

dpkg -i postfix_2.4.5-3build1~dapper1_i386.deb
dpkg -i postfix-mysql_2.4.5-3build1~dapper1_i386.deb

 

4 Create The MySQL Database For Postfix/Courier

First we need to set the root mysql password for security:

/etc/init.d/mysql reset-password

Now we create a database called mail:

mysqladmin -u root -p create mail

Next, we go to the MySQL shell:

mysql -u root -p

On the mySQL shell, we create the user mail_admin with the password ‘mail_admin_password’ (you can use this password for ease of setup as I will use it for the rest of this howto, however you can use any password you want just remember to change it where necessary) who has SELECT,INSERT,UPDATE,DELETE privileges on the mail database. This user will be used by Postfix and Courier to connect to the mail database:

GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO 'mail_admin'@'localhost' IDENTIFIED BY 'mail_admin_password';
GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO 'mail_admin'@'localhost.localdomain' IDENTIFIED BY 'mail_admin_password';
FLUSH PRIVILEGES;

Still on the MySQL shell, we create the tables Postfix and Courier need:

USE mail;

CREATE TABLE domains (
domain varchar(50) NOT NULL,
PRIMARY KEY (domain) )
TYPE=MyISAM;

CREATE TABLE forwardings (
source varchar(80) NOT NULL,
destination TEXT NOT NULL,
PRIMARY KEY (source) )
TYPE=MyISAM;

CREATE TABLE users (
email varchar(80) NOT NULL,
password varchar(20) NOT NULL,
quota INT(10) DEFAULT '10485760',
PRIMARY KEY (email)
) TYPE=MyISAM;

CREATE TABLE transport (
domain varchar(128) NOT NULL default '',
transport varchar(128) NOT NULL default '',
UNIQUE KEY domain (domain)
) TYPE=MyISAM;

quit;

As you may have noticed, with the quit; command we have left the MySQL shell and are back on the Linux shell.

The domains table will store each virtual domain that Postfix should receive emails for (e.g. example.com).

domain
example.com

The forwardings table is for aliasing one email address to another, e.g. forward emails for info@example.com to sales@example.com.

source destination
info@example.com sales@example.com

The users table stores all virtual users (i.e. email addresses, because the email address and user name is the same) and passwords (in encrypted form!) and a quota value for each mail box (in this example the default value is 10485760 bytes which means 10MB).

email password quota
sales@example.com No9.E4skNvGa. ("secret" in encrypted form) 10485760

The transport table is optional, it is for advanced users. It allows to forward mails for single users, whole domains or all mails to another server. For example,

domain transport
example.com smtp:[1.2.3.4]

would forward all emails for example.com via the smtp protocol to the server with the IP address 1.2.3.4 (the square brackets [] mean "do not make a lookup of the MX DNS record" (which makes sense for IP addresses...). If you use a fully qualified domain name (FQDN) instead you would not use the square brackets.).

BTW, (I'm assuming that the IP address of your mail server system is 192.168.0.100) you can access phpMyAdmin over http://192.168.0.100/phpmyadmin/ in a browser and log in as mail_admin. Then you can have a look at the database. Later on you can use phpMyAdmin to administrate your mail server.


Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.