The Perfect Server - CentOS 6.2 x86_64 With Apache2 [ISPConfig 3] - Page 4

10 Install Courier-IMAP, Courier-Authlib, And Maildrop

Unfortunately there are no rpm packages for Courier-IMAP, Courier-Authlib, and Maildrop, therefore we have to build them ourselves.

First remove Dovecot (CentOS 6.2 comes with Dovecot 2.x; unfortunately, ISPConfig 3 supports Dovecot 1.2.x, but not 2.x):

yum remove dovecot dovecot-mysql

Then install the prerequisites that we need to build Courier rpm packages:

yum install rpm-build gcc mysql-devel openssl-devel cyrus-sasl-devel pkgconfig zlib-devel pcre-devel openldap-devel postgresql-devel expect libtool-ltdl-devel openldap-servers libtool gdbm-devel pam-devel gamin-devel libidn-devel

RPM packages should not be built as root; courier-imap will even refuse to compile if it detects that the compilation is run as the root user. Therefore we create a normal user account now (falko in this example) and give him a password:

useradd -m -s /bin/bash falko
passwd falko

We will need the sudo command later on so that the user falko can compile and install the rpm packages. But first, we must allow falko to run all commands using sudo:

Run

visudo

In the file that opens there's a line root ALL=(ALL) ALL. Add a similar line for falko just below that line:

[...]
## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
falko   ALL=(ALL)       ALL
[...]

Now we are ready to build our rpm package. First become the user falko:

su falko

Next we create our build environment:

mkdir $HOME/rpm
mkdir $HOME/rpm/SOURCES
mkdir $HOME/rpm/SPECS
mkdir $HOME/rpm/BUILD
mkdir $HOME/rpm/BUILDROOT
mkdir $HOME/rpm/SRPMS
mkdir $HOME/rpm/RPMS
mkdir $HOME/rpm/RPMS/i386
mkdir $HOME/rpm/RPMS/x86_64

echo "%_topdir $HOME/rpm" >> $HOME/.rpmmacros

Now we create a downloads directory and download the source files from http://www.courier-mta.org/download.php:

mkdir $HOME/downloads
cd $HOME/downloads

wget https://sourceforge.net/projects/courier/files/authlib/0.63.0/courier-authlib-0.63.0.tar.bz2/download
wget https://sourceforge.net/projects/courier/files/imap/4.9.3/courier-imap-4.9.3.tar.bz2/download
wget https://sourceforge.net/projects/courier/files/maildrop/2.5.5/maildrop-2.5.5.tar.bz2/download

(Please note that I use Courier-IMAP 4.9.3 here instead of the newer 4.10.0 because 4.10.0 depends on systemctl which exists for Fedora, but not for CentOS.)

Now (still in $HOME/downloads) we can build courier-authlib:

sudo rpmbuild -ta courier-authlib-0.63.0.tar.bz2

After the build process, the rpm packages can be found in /root/rpmbuild/RPMS/x86_64 (/root/rpmbuild/RPMS/i686 if you are on an i686 system). The command

sudo ls -l /root/rpmbuild/RPMS/x86_64

shows you the available rpm packages:

[falko@server1 downloads]$ sudo ls -l /root/rpmbuild/RPMS/x86_64
total 528
-rw-r--r-- 1 root root 124008 Dec 16 01:10 courier-authlib-0.63.0-1.el6.x86_64.rpm
-rw-r--r-- 1 root root 270860 Dec 16 01:10 courier-authlib-debuginfo-0.63.0-1.el6.x86_64.rpm
-rw-r--r-- 1 root root  35072 Dec 16 01:10 courier-authlib-devel-0.63.0-1.el6.x86_64.rpm
-rw-r--r-- 1 root root  17368 Dec 16 01:10 courier-authlib-ldap-0.63.0-1.el6.x86_64.rpm
-rw-r--r-- 1 root root  13928 Dec 16 01:10 courier-authlib-mysql-0.63.0-1.el6.x86_64.rpm
-rw-r--r-- 1 root root  13076 Dec 16 01:10 courier-authlib-pgsql-0.63.0-1.el6.x86_64.rpm
-rw-r--r-- 1 root root   8312 Dec 16 01:10 courier-authlib-pipe-0.63.0-1.el6.x86_64.rpm
-rw-r--r-- 1 root root  34064 Dec 16 01:10 courier-authlib-userdb-0.63.0-1.el6.x86_64.rpm
[falko@server1 downloads]$

Select the ones you want to install, and install them like this:

sudo rpm -ivh /root/rpmbuild/RPMS/x86_64/courier-authlib-0.63.0-1.el6.x86_64.rpm /root/rpmbuild/RPMS/x86_64/courier-authlib-mysql-0.63.0-1.el6.x86_64.rpm /root/rpmbuild/RPMS/x86_64/courier-authlib-devel-0.63.0-1.el6.x86_64.rpm

Now we go back to our downloads directory:

cd $HOME/downloads

Run the following commands to create required directories/change directory permissions (because otherwise the build process for Courier-Imap will fail):

sudo mkdir -p /var/cache/ccache/tmp
sudo chmod o+rwx /var/cache/ccache/
sudo chmod 777 /var/cache/ccache/tmp

Now run rpmbuild again, this time without sudo, otherwise the compilation will fail because it was run as root:

rpmbuild -ta courier-imap-4.9.3.tar.bz2

After the build process, the rpm packages can be found in $HOME/rpm/RPMS/x86_64 ($HOME/rpm/RPMS/i686 if you are on an i686 system):

cd $HOME/rpm/RPMS/x86_64

The command

ls -l

shows you the available rpm packages:

[falko@server1 x86_64]$ ls -l
total 1116
-rw-rw-r-- 1 falko falko 331908 Dec 16 01:33 courier-imap-4.9.3-1.x86_64.rpm
-rw-rw-r-- 1 falko falko 800864 Dec 16 01:33 courier-imap-debuginfo-4.9.3-1.x86_64.rpm
[falko@server1 x86_64]$

You can install courier-imap like this:

sudo rpm -ivh courier-imap-4.9.3-1.x86_64.rpm

Now we go back to our downloads directory:

cd $HOME/downloads

and run rpmbuild again, this time to build a maildrop package:

sudo rpmbuild -ta maildrop-2.5.5.tar.bz2

After the build process, the rpm packages can be found in /root/rpmbuild/RPMS/x86_64 (/root/rpmbuild/RPMS/i686 if you are on an i686 system). The command

sudo ls -l /root/rpmbuild/RPMS/x86_64

shows you the available rpm packages:

[falko@server1 downloads]$ sudo ls -l /root/rpmbuild/RPMS/x86_64
total 1712
-rw-r--r-- 1 root root 124008 Dec 16 01:10 courier-authlib-0.63.0-1.el6.x86_64.rpm
-rw-r--r-- 1 root root 270860 Dec 16 01:10 courier-authlib-debuginfo-0.63.0-1.el6.x86_64.rpm
-rw-r--r-- 1 root root  35072 Dec 16 01:10 courier-authlib-devel-0.63.0-1.el6.x86_64.rpm
-rw-r--r-- 1 root root  17368 Dec 16 01:10 courier-authlib-ldap-0.63.0-1.el6.x86_64.rpm
-rw-r--r-- 1 root root  13928 Dec 16 01:10 courier-authlib-mysql-0.63.0-1.el6.x86_64.rpm
-rw-r--r-- 1 root root  13076 Dec 16 01:10 courier-authlib-pgsql-0.63.0-1.el6.x86_64.rpm
-rw-r--r-- 1 root root   8312 Dec 16 01:10 courier-authlib-pipe-0.63.0-1.el6.x86_64.rpm
-rw-r--r-- 1 root root  34064 Dec 16 01:10 courier-authlib-userdb-0.63.0-1.el6.x86_64.rpm
-rw-r--r-- 1 root root 286480 Dec 16 01:40 maildrop-2.5.5-1.x86_64.rpm
-rw-r--r-- 1 root root 751376 Dec 16 01:40 maildrop-debuginfo-2.5.5-1.x86_64.rpm
-rw-r--r-- 1 root root 102104 Dec 16 01:40 maildrop-devel-2.5.5-1.x86_64.rpm
-rw-r--r-- 1 root root  65940 Dec 16 01:40 maildrop-man-2.5.5-1.x86_64.rpm
[falko@server1 downloads]$

You can now install maildrop like this:

sudo rpm -ivh /root/rpmbuild/RPMS/x86_64/maildrop-2.5.5-1.x86_64.rpm

After you have compiled and installed all needed packages, you can become root again by typing

exit

Now start Courier-IMAP/-POP3 as follows:

/etc/init.d/courier-imap start

 

11 Install Postfix

Postfix can be installed as follows:

yum install postfix

Then turn off Sendmail and start Postfix and MySQL:

chkconfig --levels 235 mysqld on
/etc/init.d/mysqld start

chkconfig --levels 235 sendmail off
chkconfig --levels 235 postfix on
/etc/init.d/sendmail stop
/etc/init.d/postfix restart

 

12 Install Getmail

Getmail can be installed as follows:

yum install getmail

 

13 Set MySQL Passwords And Configure phpMyAdmin

Set passwords for the MySQL root account:

mysql_secure_installation

[root@server1 tmp]# mysql_secure_installation




NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!


In order to log into MySQL to secure it, we'll need the current
password for the root user.  If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Set root password? [Y/n]
 <-- ENTER
New password: <-- yourrootsqlpassword
Re-enter new password: <-- yourrootsqlpassword
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n]
 <-- ENTER
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n]
 <-- ENTER
 ... Success!

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n]
 <-- ENTER
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n]
 <-- ENTER
 ... Success!

Cleaning up...



All done!  If you've completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!


[root@server1 tmp]#

Now we configure phpMyAdmin. We change the Apache configuration so that phpMyAdmin allows connections not just from localhost (by commenting out the <Directory "/usr/share/phpmyadmin"> stanza):

vi /etc/httpd/conf.d/phpmyadmin.conf

#
#  Web application to manage MySQL
#

#<Directory "/usr/share/phpmyadmin">
#  Order Deny,Allow
#  Deny from all
#  Allow from 127.0.0.1
#</Directory>

Alias /phpmyadmin /usr/share/phpmyadmin
Alias /phpMyAdmin /usr/share/phpmyadmin
Alias /mysqladmin /usr/share/phpmyadmin

Next we change the authentication in phpMyAdmin from cookie to http:

vi /usr/share/phpmyadmin/config.inc.php

[...]
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'http';
[...]

Then we create the system startup links for Apache and start it:

chkconfig --levels 235 httpd on
/etc/init.d/httpd start

Now you can direct your browser to http://server1.example.com/phpmyadmin/ or http://192.168.0.100/phpmyadmin/ and log in with the user name root and your new root MySQL password.

Share this page:

31 Comment(s)

Add comment

Comments

From: Elton at: 2012-01-25 15:21:47

I'm trying to use your tutorial, but there are a lot of diferences between what I read here and what I found into CentOS 6.2

 For example, I don't have anymore system-config-* command files :(

From: Deunan Knute at: 2012-02-01 04:49:14

You may need to separately install them, if you chose Minimal Install

Try this -

yum install system-config-network-tui system-config-firewall-tui

From: PlanetMaster at: 2012-02-01 23:46:00

Great tutorial, just migrated from cPanel and Apache and I am very happy with the performance and financial savings. I had the issue with courier-imap install but building from source fixed that.


Thanks!

From: Nubbyless at: 2012-02-14 00:17:39

Would be great to have this as a script with minimal user input but i dont have the knowledge to do it

From: D-Spayre at: 2012-03-18 02:24:23

Hi,


I did a fresh install and when trying to access ISPconfig I'm just getting a White Screen.


Would that have to do with PHP 5.3.3?


Thanks

From: damaster at: 2014-05-15 12:51:15

YES..... Very important step..... thanks for this tip :)

From: at: 2013-01-16 20:16:03

I am installing a fresh CentOS 6.3 instead of 6.2 following this guide.   The order of installation windows is a bit different for a 6.3 install than 6.2 but most of the information in the steps still apply.  Here is one big difference which gave me tons of frustration on my previous 6.3 install following this guide that I have discovered an easy solution during installation for:

Where the guide says:

"Next we do the partitioning. Select Replace Existing Linux System(s). This will give you a small /boot partition and a large / partition which is fine for our purposes:"

Problem: This isn't true in 6.3, instead, this will give you a large /home partition and a small / partition and a very small /boot partition.  The problem is that for a server we want a large / partition (technically a large /var partition but I just like to make the whole / partition large because its quick & easy)

Solution: Make sure you check the box on the bottom: "Review and modify partitioning layout" before clicking next.  On the next screen, simply swap the size on the / and the /home partitions and you're all set. Make sure to set the /home partition to the / partition size first to free up the resources.

Important: If you don't do this now then you will need to boot from the OS disk later in order to modify the / partition, so best to do it now and save yourself the hassle of running out of room in your /var/www folder later.

From: at: 2013-01-16 21:51:37

If you're like me and completely missed the button to setup your network when setting your server host name during installation, then there are some additional steps to take that may save you some time that I learned the hard way.  I'm installing CentOS 6.3 by the way:

Problem: Even after using system-config-network, the eth0 card won't automatically connect nor will it be set to automatically connect on boot unless you've set these options during install.

Solution:  First use system-config-network as described in the guide to set both the Device Configuration and the DNS Configuration.  After that use the command:

vi /etc/sysconfig/network-scripts/ifcfg-eth0

and update the following settings:


NM_CONTROLLED=yes
ONBOOT=yes
BOOTPROTO=static

Then do a:

reboot

Then run a:

ifconfig

and all should be well to continue with the guide!   Cheers to us button skippers!

 

From: Anonymous at: 2012-02-21 01:05:48


wget http://download.fedora.redhat.com/pub/epel/6/i386/epel-release-6-5.noarch.rpm is now at  wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-5.noarch.rpm



 


From: nikitux at: 2012-02-01 19:20:30

A little Trick for add line priority=10 with sed (only  on enabled repository)

 sed -i -e '/enabled=1/a priority=10'  /etc/yum.repos.d/epel.repo

 

 

 

From: DPO at: 2012-05-11 15:07:17

as reported here:
https://bugzilla.redhat.com/show_bug.cgi?id=820360


6.5 link is obsolete
http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm

You can use the new version 6.6

http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-6.noarch.rpm

hope this can help D.

From: at: 2012-05-20 00:33:04

the wget command in step seven that references http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-5.noarch.rpm needs to be changed to  http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-6.noarch.rpm.

From: Patricio at: 2012-05-29 09:51:56

Step 7 (fail wget epel-relase-6-5)

wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm

rpm -Uvh epel-release-6-7.noarch.rpm

From: at: 2012-06-09 20:39:22

cd /tmp

wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-7.noarch.rpm

rpm -ivh epel-release-6-7.noarch.rpm

 Worked for me on CentOS 6.2 i386 flavor.

From: Donald at: 2013-01-17 02:10:33

Another release:

 wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm 

Is the new hotness.

From: Ramin at: 2012-02-18 10:02:05

In my case the 
https://sourceforge.net didn't work. removing "s" from the https worked fine.

From: Chris at: 2012-03-03 23:17:20

This installs the 2.11 version of phpMyAdmin. 'yum install phpMyAdmin' will grab one from the 3.4 branch, but it's still outdated a bit. I'd recommend getting the latest 3.4 version from http://www.phpmyadmin.net and install from source.

From: Anonymous at: 2012-03-27 00:32:27

Looks like it grabs 3.4.9-1 now, however in the step

vi /etc/httpd/conf.d/phpmyadmin.conf 

You now have to put in vi /etc/httpd/conf.d/phpMyAdmin.conf and the next step it changed to vi /usr/share/phpMyAdmin/config.sample.inc.php 

From: Gabrym at: 2012-04-30 21:35:38

smtp not work properly

I mast install cyrus-sasl-plain:


yum install cyrus-sasl-plain
service saslauthd stop
service postfix stop
service saslauthd start
service postfix start
chkconfig --levels 235 saslauthd on

From: Jay at: 2012-06-20 15:15:07

Step 10 start courier-imap on my CentOS 32bit failed.



I needed to use as root:



/usr/lib/courier-imap/libexec/imapd.rc start


Because:



/etc/init.d/courier-imap

was not found

From: polcrito at: 2012-07-12 23:18:42

Follow the entire manual and I have almost everything working, just something I fail, teams can only send emails blackberry can not receive them, add the blackberry to my_networks networks in / etc / postfix / main.cf ..... any of you have any idea of my fault .. if we use mail clients pc or iphone everything envua and receive, only blackberry that gives me this fault ..,. appreciate your comments .... att ... native pol

From: at: 2012-06-10 00:01:23

Step 15 php-xcache doesn't install.

 Had to follow instructions here to install and configure it.

http://www.howtoforge.com/integrating-xcache-into-php5-fedora-13-centos-5.5-and-apache2

 

From: Chris at: 2012-06-30 21:45:41

STEP 14:

 [root@s2 ~]# chkconfig --levels 235 clamd.amavisd on
error reading information on service clamd.amavisd: No such file or directory

 [root@s2 ~]# /etc/init.d/clamd.amavisd start
-bash: /etc/init.d/clamd.amavisd: No such file or directory

??? Anybody has idea???

From: ali firdaus at: 2012-07-05 10:12:05

Make sure install EPEL Packet.  Install the EPEL package using the command below.

rpm -Uvh http://bit.ly/KANG3P

It's work for me.

From: Anonymous at: 2012-07-03 19:20:15

Check repository settings. Make sure you install from below repositories:

Installed Packages
amavisd-new.noarch          2.6.4-2.el6           @epel
clamav.x86_64               0.97.3-3.el6          @epel
clamd.x86_64                0.97.3-3.el6          @epel
spamassassin.x86_64         3.3.1-2.el6           @base
Available Packages
clamav.i686                 0.97.3-3.el6          epel

From: ShadowMerlin at: 2013-06-21 20:28:05

mod_ruby is no longer at modruby.net (unless it's now completely in Japanese).

Change that line to wget http://ftp.riken.go.jp/pub/FreeBSD/distfiles/ruby/mod_ruby-1.3.0.tar.gz

From: Brian at: 2012-04-12 09:15:29

Great tutorial!
Even this linux nono did it with this great tutorial.

 

From: Anonymous at: 2012-07-07 09:29:37

I agree I have never used any form of linux before and was a great set of instructions!
very well put together tutorial.
also learned a lot during the install.

Would be great if anyone knows of a tutorial or guide to fully secure and lock down the server after the install, remove vunralbilities etc...


Great work

From: Anonymous at: 2012-07-21 23:38:03

This is the best tutorial I've ever discovered! Thank you so much!    I had only 2 issues during the process:

 1.) service named start

This hung for several minutes so I spent about 2 hours trying to debug.  Bind requires using /dev/random to create a key the first time its run, which can take a very long time depending on your system.  Just let it run until its done, it will eventually finish.

 

2.) I installed mailman exactly as the tutorial says, and used wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz to install ISPConfig 3, however, mailman wasn't detected during the install php script.   Not a big deal for me for now I guess, but I'm not sure what happened.

From: daro at: 2012-10-10 11:27:20

The best ever tutorial online.

I start to prefer Linux Command Lines after this Great Tutorial; and I will never go to automatic applications such as Webmin and Virtualmin which produce lots of bugs causing me to be stuck with them for two weeks until I found this brilliant perfect VPS server.

I am at the final stage of Squirrelmail configuration, and seems to be working fine at moment.

Cheers

From: IPVS at: 2012-12-14 01:56:24

I'm baffled.. I spent 3 hours installing IPSConfig3.  It went perfect.    It then installed ISPConfig , noted Installation Completed.   And within 5 seconds, the system went dead.   I couldn't ping it... Nothing.   I powered the system off, then powered it back on maintaining a ping to it... As soon as it was ping-able, I ssh'ed into it... and it went completely dead again within 5 seconds... ????

See the ouptut for the last part of the install...  I'm completely baffled on where to go from here???

 Thanks,

 

Tim

 

 

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
writing RSA key
Configuring DBServer
Installing ISPConfig crontab
no crontab for root
no crontab for getmail
Restarting services ...
Stopping mysqld:                                           [  OK  ]
Starting mysqld:                                           [  OK  ]
Shutting down postfix:                                     [  OK  ]
Starting postfix:                                          [  OK  ]
Stopping saslauthd:                                        [FAILED]
Starting saslauthd:                                        [  OK  ]
Shutting down amavisd: Daemon [16405] terminated by SIGTERM
                                                           [  OK  ]
amavisd stopped
Starting amavisd:                                          [  OK  ]

Stopping clamd.amavisd:                                    [  OK  ]
Starting clamd.amavisd:                                    [  OK  ]
Stopping Courier authentication services: authdaemond
Starting Courier authentication services: authdaemond
Stopping Courier-IMAP server: imap imap-ssl pop3 pop3-ssl
Starting Courier-IMAP server: imap imap-ssl pop3 pop3-ssl
Stopping Courier-IMAP server: imap imap-ssl pop3 pop3-ssl
Starting Courier-IMAP server: imap imap-ssl pop3 pop3-ssl
Stopping Courier-IMAP server: imap imap-ssl pop3 pop3-ssl
Starting Courier-IMAP server: imap imap-ssl pop3 pop3-ssl
Stopping Courier-IMAP server: imap imap-ssl pop3 pop3-ssl
Starting Courier-IMAP server: imap imap-ssl pop3 pop3-ssl
Stopping httpd:                                            [  OK  ]
[Thu Dec 13 16:28:00 2012] [warn] NameVirtualHost *:80 has no VirtualHosts
Starting httpd:                                            [  OK  ]
Stopping pure-ftpd:                                        [  OK  ]
Starting pure-ftpd:                                        [  OK  ]
Installation completed.
16:28:03-root@Web1:/tmp/ispconfig3_install/install#Write failed: Broken pipe
16:30:12-tim@tim-ipvsinc-com:~#