The Perfect Server - OpenSUSE 11.4 x86_64 [ISPConfig 3] - Page 4

8 Install Postfix, Dovecot, MySQL

We need to install Python 2.7 in this chapter, but it conflicts with the package patterns-openSUSE-minimal_base. Therefore we must uninstall that package first. To do so, start YaST:


In YaST, go to Software > Software Management:

Type patterns-openSUSE-minimal_base in the Search field and press ENTER. The package should be listed as installed (i) in the main window. Mark the package and press the ENTER key until there's a minus (-) sign in front of the package (the minus stands for uninstall), then hit [Accept]:

As a replacment for the package, some other packages need to be installed. Accept the selection by hitting [OK]:

Leave YaST afterwards.

Next r un

yast2 -i postfix postfix-mysql mysql mysql-community-server mysql-client libmysqlclient-devel dovecot12 dovecot12-backend-mysql pwgen cron python

Open /etc/postfix/

vi /etc/postfix/

... and uncomment the following line:

tlsmgr    unix  -       -       n       1000?   1       tlsmgr

Create the following symlink:

ln -s /usr/lib64/dovecot/modules /usr/lib/dovecot

Start MySQL, Postfix, and Dovecot and enable the services to be started at boot time.

chkconfig -f --add mysql
/etc/init.d/mysql start

chkconfig --add postfix
/etc/init.d/postfix start

chkconfig --add dovecot
/etc/init.d/dovecot start

You might see the following Dovecot warning which you can safely ignore:

Starting dovecot Warning: There is no way to login to this server: disable_plaintext_auth=yes, ssl=no, no non-plaintext auth mechanisms.
If you have trouble with authentication failures,
enable auth_debug setting. See
This message goes away after the first successful login.

Now I install the getmail rpm package which is not available from the OpenSUSE main repositories.

zypper install

To secure the MySQL installation, run:


Now you will be asked several questions:

server1:~ # mysql_secure_installation


In order to log into MySQL to secure it, we'll need the current
password for the root user.  If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Set root password? [Y/n]
 <-- Y
New password: <-- yourrootsqlpassword
Re-enter new password: <-- yourrootsqlpassword
Password updated successfully!
Reloading privilege tables..
 ... Success!

By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n]
 <-- Y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n]
 <-- Y
 ... Success!

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n]
 <-- Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n]
 <-- Y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!

server1:~ #

Now your MySQL setup should be secured.


9 Amavisd-new, Spamassassin And Clamav

Install Amavisd-new, Spamassassin and Clamav antivirus. Run

yast2 -i amavisd-new clamav clamav-db zoo unzip unrar bzip2 unarj perl-DBD-mysql

Open /etc/amavisd.conf...

vi /etc/amavisd.conf

... and add the $myhostname line with your correct hostname below the $mydomain line:

$mydomain = '';   # a convenient default for other settings
$myhostname = "server1.$mydomain";

Then create a symlink from /var/run/clamav/clamd to /var/lib/clamav/clamd-socket:

mkdir -p /var/run/clamav
ln -s /var/lib/clamav/clamd-socket /var/run/clamav/clamd

To enable the services, run:

chkconfig --add amavis
chkconfig --add clamd
/etc/init.d/amavis start
/etc/init.d/clamd start

Share this page:

5 Comment(s)

Add comment


From: Rafaga at: 2011-07-22 19:53:58

Hello men, i saw all your post about the perfect server suse 11.4 with ispconfig 3. i did all step by step and funs good, but when i install ispconfig 3, send me a error, look

Shutting down virus-scanner (amavisd-new): ..done
Starting virus-scanner (amavisd-new): ..done
/usr/bin/lsb_release: line 368: echo: write error: Broken pipe
/usr/bin/lsb_release: line 368: echo: write error: Broken pipe
/usr/bin/lsb_release: line 368: echo: write error: Broken pipe
Shutting down Clam AntiVirus daemon Starting Clam AntiVirus daemon ..done
Stopping dovecot ..done
Fatal: execv(/usr/bin/doveconf) failed: Permission denied
startproc:  exit status of parent of /usr/sbin/dovecot: 84
Starting dovecot Syntax OK
Shutting down httpd2 (waiting for all children to terminate) ..done


Any idea???

From: Anonymous at: 2012-02-13 16:18:51

After installing clamav, you might want to update the antivirus database with:


From: at: 2011-11-18 13:08:02

Great work as always :D

From: Doc.B at: 2011-06-17 17:16:15

Congratulations, an excellent documentation that makes it easy to set up ISPConfig quickly.

Maybe you should add the hint that the packets installed with wget may have a different version than described.

Additionally ISPConfig should run https by default, can you add this as well?


In total, a brilliant work, Thanks!

From: Anonymous at: 2012-07-03 09:23:41

Thanks for the tutorial, a small problem thought, on page 5, "yast2 -i webalizer perl-DateManip" should be "yast2 -i webalizer perl-Date-Manip"