Mail Server Setup With Exim, MySQL, Cyrus-Imapd, Horde Webmail On Centos 5.1 - Page 3

IMP Configuration

  • Create imp base configuration /usr/share/horde/imp/config/conf.php
    <?php
    $conf['utils']['spellchecker'] = '/usr/bin/aspell';
    $conf['utils']['gnupg'] = '/usr/bin/gpg';
    $conf['utils']['gnupg_keyserver'] = array('pgp.mit.edu');
    $conf['utils']['gnupg_timeout'] = '10';
    $conf['utils']['openssl_cafile'] = '/etc/pki/tls/certs';
    $conf['utils']['openssl_binary'] = '/usr/bin/openssl';
    $conf['menu']['apps'] = array('ingo', 'kronolith', 'passwd', 'turba');
    $conf['user']['select_sentmail_folder'] = false;
    $conf['user']['allow_resume_all_in_drafts'] = true;
    $conf['user']['allow_folders'] = true;
    $conf['user']['allow_resume_all'] = false;
    $conf['user']['allow_view_source'] = true;
    $conf['user']['alternate_login'] = false;
    $conf['user']['redirect_on_logout'] = false;
    $conf['server']['change_server'] = false;
    $conf['server']['change_port'] = false;
    $conf['server']['change_protocol'] = false;
    $conf['server']['change_smtphost'] = false;
    $conf['server']['change_smtpport'] = false;
    $conf['server']['server_list'] = 'none';
    $conf['server']['sort_limit'] = '0';
    $conf['server']['cache_folders'] = false;
    $conf['server']['cache_msgbody'] = true;
    $conf['mailbox']['show_attachments'] = false;
    $conf['mailbox']['show_preview'] = false;
    $conf['mailbox']['show_xpriority'] = false;
    $conf['fetchmail']['show_account_colors'] = false;
    $conf['fetchmail']['size_limit'] = '4000000';
    $conf['msgsettings']['filtering']['words'] = './config/filter.txt';
    $conf['msgsettings']['filtering']['replacement'] = '****';
    $conf['spam']['reporting'] = false;
    $conf['notspam']['reporting'] = false;
    $conf['msg']['prepend_header'] = true;
    $conf['msg']['append_trailer'] = true;
    $conf['compose']['allow_cc'] = true;
    $conf['compose']['allow_bcc'] = true;
    $conf['compose']['allow_receipts'] = true;
    $conf['compose']['special_characters'] = true;
    $conf['compose']['use_vfs'] = false;
    $conf['compose']['link_attachments'] = false;
    $conf['compose']['add_maildomain_to_unexpandable'] = false;
    $conf['compose']['attach_size_limit'] = '0';
    $conf['compose']['attach_count_limit'] = '0';
    $conf['hooks']['vinfo'] = false;
    $conf['hooks']['signature'] = false;
    $conf['hooks']['trailer'] = false;
    $conf['hooks']['fetchmail_filter'] = false;
    $conf['hooks']['mbox_redirect'] = false;
    $conf['hooks']['mbox_icon'] = false;
    $conf['hooks']['spam_bounce'] = false;
    $conf['maillog']['use_maillog'] = true;
    $conf['tasklist']['use_tasklist'] = true;
    $conf['notepad']['use_notepad'] = true;
    
  • Create IMP servers configuration /usr/share/horde/imp/config/servers.php (remove all others) with content below
    <?php
    $servers['cyrus'] = array(
        'name' => 'localserver',
        'server' => 'localhost',
        'hordeauth' => 'full',
        'protocol' => 'imap/notls',
        'port' => 143,
        'maildomain' => '',
        'smtphost' => 'localhost',
        'smtpport' => 25,
        'realm' => '',
        'preferred' => '',
        'admin' => array(
            'params' => array(
                'login' => 'cyrus',
                'password' => '',
                'userhierarchy' => 'user.',
                'protocol' => 'imap/notls',
                'hostspec' => 'localhost',
                'port' => 143
            )
        ),
        'quota' => array(
            'driver' => 'cyrus',
            'params' => array(),
        ),
        'acl' => array(
            'driver' => 'rfc2086',
        ),
    );
    
  • Prevent compose window from being a popup, edit /usr/share/horde/imp/config/prefs.php and change the variable $_prefs['compose_window'] to look like below
    $_prefs['compose_popup'] = array(
        'value' => 0,
        'locked' => true,
        'shared' => true,
        'type' => 'checkbox',
        'desc' => _("Compose messages in a separate window?"));
    

 

Kronolith Configuration

  • Create kronolith base configuration /usr/share/horde/kronolith/config/conf.php
    <?php
    $conf['calendar']['params']['table'] = 'kronolith_events';
    $conf['calendar']['params']['driverconfig'] = 'horde';
    $conf['calendar']['driver'] = 'sql';
    $conf['storage']['params']['table'] = 'kronolith_storage';
    $conf['storage']['params']['driverconfig'] = 'horde';
    $conf['storage']['driver'] = 'sql';
    $conf['metadata']['keywords'] = false;
    $conf['reminder']['server_name'] = 'home.topdog-software.com';
    $conf['reminder']['from_addr'] = '[email protected]';
    $conf['autoshare']['shareperms'] = 'none';
    $conf['menu']['print'] = true;
    $conf['menu']['import_export'] = true;
    $conf['menu']['apps'] = array('imp', 'ingo', 'kronolith', 'turba');
    

 

Turba Configuration

  • Configure the turba base configuration /usr/share/horde/turba/config/conf.php
    <?php
    $conf['menu']['apps'] = array('imp', 'kronolith', 'turba');
    $conf['storage']['driver'] = 'prefs';
    $conf['storage']['maxblacklist'] = 0;
    $conf['storage']['maxwhitelist'] = 0;
    $conf['rules']['userheader'] = true;
    $conf['rules']['usefolderapi'] = true;
    

 

Ingo Configuration

  • Configure the ingo base configuration /usr/share/horde/ingo/config/conf.php
    <?php
    $conf['menu']['apps'] = array('imp', 'kronolith', 'turba');
    $conf['storage']['driver'] = 'prefs';
    $conf['storage']['maxblacklist'] = 0;
    $conf['storage']['maxwhitelist'] = 0;
    $conf['rules']['userheader'] = true;
    $conf['rules']['usefolderapi'] = true
    
  • Configure the ingo backend to use timsieved in /usr/share/horde/ingo/config/backends.php (remove all other backends)
    <?php
    $backends['sieve'] = array(
        'driver' => 'timsieved',
        'preferred' => 'localhost',
        'hordeauth' => 'full',
        'params' => array(
            'hostspec' => 'localhost',
            'logintype' => 'PLAIN',
            'usetls' => true,
            'port' => 2000,
            'scriptname' => 'ingo',
        ),
        'script' => 'sieve',
        'scriptparams' => array()
    );
    

 

Passwd Configuration

  • Configure the passwd base configuration /usr/share/horde/passwd/config/conf.php
    <?php
    $conf['menu']['apps'] = array('imp', 'ingo', 'kronolith', 'turba');
    $conf['backend']['backend_list'] = 'hidden';
    $conf['user']['change'] = true;
    $conf['user']['refused'] = array('root', 'bin', 'daemon', 'adm', 'lp', 'shutdown',
    'halt', 'uucp', 'ftp', 'anonymous', 'nobody', 'httpd', 'operator', 'guest', 'diginext', 'bind', 'cyrus', 'courier', 'games', 'kmem', 'mailnull', 'man', 'mysql', 'news', 'postfix', 'sshd', 'tty', 'www');
    $conf['password']['strengthtests'] = false;
    $conf['hooks']['full_name'] = true;
    $conf['hooks']['default_username'] = false;
    $conf['hooks']['username'] = false;
    $conf['hooks']['userdn'] = false;
    
  • Configure the passwd back end to use the horde mysql database in /usr/share/horde/passwd/config/backends.php (remove all others)
    <?php
    $backends['hordesql'] = array (
        'name' => 'Horde Authentication',
        'preferred' => '',
        'password policy' => array(
            'minLength' => 5,
            'maxLength' => 8,
            'maxSpace' => 0,
            'minUpper' => 1,
            'minLower' => 1,
            'minNumeric' => 1,
            'minSymbols' => 1
        ),
        'driver' => 'sql',
        'params' => array_merge($conf['sql'],
                                array('table' => 'horde_users',
                                      'user_col' => 'user_uid',
                                      'pass_col' => 'user_pass',
                                      'show_encryption' => false)),
    );
    

 

Secure Horde Installation

  • Secure the horde installation

    chown apache:root -R /usr/share/horde/config
    chown apache:root -R /usr/share/horde/*/config
    chmod -R go-rwx /usr/share/horde/config
    chmod -R go-rwx /usr/share/horde/*/config
    chown -R root:root /usr/share/horde/scripts
    chown -R root:root /usr/share/horde/*/scripts
    chmod -R go-rwx /usr/share/horde/scripts
    chmod -R go-rwx /usr/share/horde/*/scripts
    chmod a-rwx /usr/share/horde/test.php
    chmod a-rwx /usr/share/horde/*/test.php
    find /usr/share/horde/ -iname readme -exec rm -f {} ;
    find /usr/share/horde/ -iname todo -exec rm -vf {} ;
    find /usr/share/horde/ -iname license -exec rm -vf {} ;
    find /usr/share/horde/ -iname copying -exec rm -vf {} ;
    find /usr/share/horde/ -iname docs -exec rm -vrf {} ;

 

Configure Cyrus-imapd

The cyrus-imapd system will have virtual hosting enabled, sieve scripts, quota's set to 10MB, auto creation (& auto subscription) of the mailbox with these folders (INBOX,sent-mail,drafts,spam,trash). Authentication of users will take place aganist the Mysql database via SASL using the saslauthd daemon.

  • Create the configuration /etc/imapd.conf with the following content
    configdirectory: /var/lib/imap
    servername: TDS-IMAP/POP3
    partition-default: /var/spool/imap
    virtdomains: on
    defaultdomain: localhost.localdomain
    admins: [email protected]
    postmaster: [email protected]
    quotawarn: 85
    lmtp_over_quota_perm_failure: 1
    lmtp_strict_quota: 1
    autocreatequota: 10240
    createonpost: 1
    autocreateinboxfolders: sent-mail|drafts|spam|trash
    autosubscribeinboxfolders: sent-mail|drafts|spam|trash
    autocreate_sieve_script: /etc/default_sieve
    autocreate_sieve_compiledscript: /etc/default_sieve_script.bc
    sievedir: /var/lib/imap/sieve
    md5_dir: /var/lib/imap/md5
    #sievenotifier: sms
    #sendsms: /usr/bin/mysmsprog
    sendmail: /usr/sbin/sendmail
    hashimapspool: true
    sasl_pwcheck_method: saslauthd
    sasl_mech_list: PLAIN
    allowplainwithouttls: 0
    tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
    tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
    tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
    loglevel: info
    
  • Create the configuration /etc/cyrus.conf with the following content
    START {
      # do not delete this entry!
      recover       cmd="ctl_cyrusdb -r"
      # this is only necessary if using idled for IMAP IDLE
      idled         cmd="idled"
      # replication
      # syncclient       cmd="/usr/lib/cyrus-imapd/sync_client -r"
    }
    # UNIX sockets start with a slash and are put into /var/lib/imap/sockets
    SERVICES {
      # add or remove based on preferences
      imap          cmd="imapd" listen="imap" prefork=1 proto=tcp maxchild=100 maxfds=1000 provide_uuid=1
    #  imaps                cmd="imapd -s" listen="imaps" prefork=1
      pop3          cmd="pop3d" listen="pop3" prefork=1 proto=tcp maxchild=100 maxfds=1000 provide_uuid=1
    #  pop3s                cmd="pop3d -s" listen="pop3s" prefork=1
      sieve         cmd="timsieved" listen="localhost:sieve" prefork=0 proto=tcp maxfds=1000 provide_uuid=1
      # these are only necessary if receiving/exporting usenet via NNTP
    #  nntp         cmd="nntpd" listen="nntp" prefork=3
    #  nntps                cmd="nntpd -s" listen="nntps" prefork=1
      #fud
      # fud           cmd="fud" listen="fud" prefork=1 proto="udp"
      # at least one LMTP is required for delivery
    #  lmtp         cmd="lmtpd" listen="lmtp" prefork=0
      lmtpunix      cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1 maxfds=1000 provide_uuid=1
      # this is only necessary if using notifications
      notify        cmd="notifyd" listen="/var/lib/imap/socket/notify" proto="udp" prefork=1
      # replication
    }
    EVENTS {
      # this is required
      checkpoint    cmd="ctl_cyrusdb -c" period=30 maxfds=1000
      # this is only necessary if using duplicate delivery suppression,
      # Sieve or NNTP
      delprune      cmd="cyr_expire -E 3" at=0400
      # this is only necessary if caching TLS sessions
      #tlsprune     cmd="tls_prune" at=0400
      squat         cmd="squatter"  period=30
    }
    
Share this page:

0 Comment(s)