The Perfect Setup - Debian Sarge (3.1) - Page 4

MySQL

apt-get install mysql-server mysql-client libmysqlclient12-dev

mysqladmin -u root password yourrootsqlpassword

When you run netstat -tap you should now see a line like this:

tcp        0      0 localhost.localdo:mysql *:*                     LISTEN     2449/mysqld

which means that MySQL is accessible on 127.0.0.1 on port 3306. You can go to the next section (Postfix). If you do not see this line, edit /etc/mysql/my.cnf and comment out skip-networking:

# skip-networking

If you want MySQL to listen on all available IP addresses, edit /etc/mysql/my.cnf and comment out bind-address = 127.0.0.1:

#bind-address            = 127.0.0.1

If you had to edit /etc/mysql/my.cnf you have to restart MySQL:

/etc/init.d/mysql restart

If MySQL is listening on all interfaces, you must now also set a MySQL password for server1.example.com because otherwise anybody could access your database:

mysqladmin -h server1.example.com -u root password yourrootsqlpassword


Postfix/POP3/IMAP

In order to install Postfix with SMTP-AUTH and TLS as well as a POP3 server that also does POP3s (port 995) and an IMAP server that is also capable of IMAPs (port 993) do the following steps:

apt-get install postfix postfix-tls libsasl2 sasl2-bin libsasl2-modules ipopd-ssl uw-imapd-ssl (1 line!)

<- pop3 and pop3s
<- No
<- Internet Site
<- NONE
<- server1.example.com
<- server1.example.com, localhost.example.com, localhost
<- No

postconf -e 'smtpd_sasl_local_domain ='
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
postconf -e 'inet_interfaces = all'
echo 'pwcheck_method: saslauthd' >> /etc/postfix/sasl/smtpd.conf
echo 'mech_list: plain login' >> /etc/postfix/sasl/smtpd.conf

mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

postconf -e 'smtpd_tls_auth_only = no'
postconf -e 'smtp_use_tls = yes'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtp_tls_note_starttls_offer = yes'
postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'
postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
postconf -e 'smtpd_tls_loglevel = 1'
postconf -e 'smtpd_tls_received_header = yes'
postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
postconf -e 'tls_random_source = dev:/dev/urandom'

The file /etc/postfix/main.cf should now look like this:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

myhostname = server1.example.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = server1.example.com, localhost.example.com, localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

/etc/init.d/postfix restart

Authentication will be done by saslauthd. We have to change a few things to make it work properly. Because Postfix runs chrooted in /var/spool/postfix we have to do the following:

mkdir -p /var/spool/postfix/var/run/saslauthd

Now we have to edit /etc/default/saslauthd in order to activate saslauthd. Remove # in front of START=yes and add the line PARAMS="-m /var/spool/postfix/var/run/saslauthd -r":

# This needs to be uncommented before saslauthd will be run automatically
START=yes

PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"

# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"

MECHANISMS="pam"

We must also edit /etc/init.d/saslauthd and change the location of saslauthd's PID file. Change the value of PIDFILE to /var/spool/postfix/var/run/${NAME}/saslauthd.pid:

PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"

Now start saslauthd:

/etc/init.d/saslauthd start

 

Next we create the file /etc/c-client.cf with the following contents:

I accept the risk
set disable-plaintext 0

and restart inetd:

/etc/init.d/openbsd-inetd restart

If we don't do this, then our POP3/IMAP logins will fail.

 

To see if SMTP-AUTH and TLS work properly now run the following command:

telnet localhost 25

After you have established the connection to your postfix mail server type

ehlo localhost

If you see the lines

250-STARTTLS

and

250-AUTH

everything is fine.

Type

quit

to return to the system's shell.

 

Courier-IMAP/Courier-POP3

If you want to use a POP3/IMAP daemon that has Maildir support (if you do not want to use the traditional Unix mailbox format) you can install Courier-IMAP/Courier-IMAP-SSL (for IMAPs on port 993) and Courier-POP3/Courier-POP3-SSL (for POP3s on port 995). Otherwise you can proceed with the Apache configuration.

apt-get install courier-imap courier-imap-ssl courier-pop courier-pop-ssl

<- No

ipopd and UW-IMAP will then be replaced.

Then configure Postfix to deliver emails to a user's Maildir*:

postconf -e 'home_mailbox = Maildir/'
postconf -e 'mailbox_command ='

/etc/init.d/postfix restart

*Please note: You do not have to do this if you intend to use ISPConfig on your system as ISPConfig does the necessary configuration using procmail recipes. But please go sure to enable Maildir under Management -> Settings -> EMail in the ISPConfig web interface.

Share this page:

78 Comment(s)

Add comment

Comments

From: at: 2005-04-29 15:01:28

In addition to your howto very nice, but why use apache2 from debdot and not the debian mirrors.

Debian Sarge 3.1 ( testing ) includes apache2

Same for the? ? install HTML::Parser? ( apt-get install libhtml-parser-perl )?
and the others..

From: at: 2005-05-18 18:34:52

i'm getting dependency errors for postfix-tls.
postfix-tls: Depends: postfix (= 2.1.5-9)

However, I have postfix 2.2.3-2

From: at: 2005-07-29 10:22:24

Because Postfix 2.2.x includes TLS support and you don't need postifix-tls package.

From: Anonymous at: 2005-11-09 02:01:34

Experts,

Please pardon my ignorance. But what is an ISP Server (ISPConfig)?

I am trying to setup a linux server (Debian) at my home so that i can host web-pages (web-site), mail server, etc.

So Do I need to setup according to ISP server docs.?

please help me out!.

thanks

From: admin at: 2005-11-09 10:26:29

It's a server for hosting web sites, handling email, FTP, ...

Seems to be what you're looking for. :-)

From: kevinthecomputerguy at: 2010-05-03 18:21:05
From: at: 2005-05-03 08:18:01

Nice article. A few things:

  1. You need to fix some permissions. Root is world readable by default, so are users home dirs.
  2. (also mentioned above) Why the packages from debdot?
  3. I don't think Sarge comes with SSH installed by default
  4. ProFTPD? Euck. vsftpd is safer for (the most) cases which don't need the extra functionality.
  5. Your postfix config is a little lax on hostnames (do they exist, etc)

From: at: 2005-05-04 09:32:59

AFAIK, vsftpd lets you create only one anonymous account per server instead of one per IP address (as ProFTPd does). That's a little drawback.

From: at: 2005-05-03 11:16:01

IMHO ntpdate from ntp package is better than rdate for time sync...

From: at: 2005-05-03 15:07:36

I recommend rewriting this article to address the issues other users have commented on.? You should also make a plaintext authenticated smarthost example for properly relaying mail to an isps server.? I know a lot of people, including myself, that have found it exhasting to find a howto as good as yours, but it lacks that crucial part in which I need.? Thank you.

From: at: 2005-05-05 08:11:10

"In order to install Postfix with SMTP-AUTH and TLS as well as a POP3 server that also does POP3s (port 995) and an IMAP server that is also capable of IMAPs (port 993) do the following steps:

apt-get install postfix postfix-tls sasl-bin libsasl-modules-plain libsasl2 sasl2-bin libsasl2-modules ipopd-ssl uw-imapd-ssl"

When I'm doing this I get:

# apt-get install postfix postfix-tls sasl-bin libsasl-modules-plain libsasl2 sasl2-bin libsasl2-modules ipopd-ssl uw-imapd-ssl
Reading Package Lists... Done
Building Dependency Tree... Done
E: Couldn't find package sasl-bin

Any ideas anyone

From: at: 2005-05-05 16:03:47

Maybe the package names have changed due to the upcoming final release of Debian Sarge.

Run

apt-cache search sasl

to find all packages related to SASL, and install them.

From: at: 2005-08-08 12:06:48

with sarge 3.1, you have to apt-get install sasl2-bin greetings lasseboo

From: at: 2005-05-05 09:46:58

There's no need for creating a dev/log socket in the bind9 chroot environment and modifying sysklogd to listen on that too.

bind9 opens /dev/log (the one outside the chroot) before calling chroot(2) => Logging still works over that socket from the chroot environement.
See http://cryptio.net/~ferlatte/blog/2004/10/01/#syslog_and_chroot for more info.

That site also has a nice chroot implementation for bind9 on debian: http://cryptio.net/~ferlatte/blog/config/

From: at: 2005-05-12 10:12:17

I have added the line in /ect/apt/sources.list. But i cant install apt-get install libapache2-mod-php4 libapache2-mod-perl2 php4 php4-cli php4-common php4-curl php4-dev php4-domxml php4-gd php4-imap php4-ldap php4-mcal php4-mhash php4-mysql php4-odbc php4-pear php4-xslt curl libwww-perl imagemagick I get this error : mainframe:/etc/postfix/ssl# apt-get install libapache2-mod-php4 libapache2-mod-perl2 php4 php4-cli php4-common php4-curl php4-dev php4-domxml php4-gd php4-imap php4-ldap php4-mcal php4-mhash php4-mysql php4-odbc php4-pear php4-xslt curl libwww-perl imagemagick Reading Package Lists... Done Building Dependency Tree... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: libapache2-mod-php4: Depends: php4-common (= 4:4.3.10-13) but 4:4.3.11-0.dotdeb.0 is to be installed php4-imap: Depends: libc-client-ssl2001 but it is not installable E: Broken packages mainframe:/etc/postfix/ssl# What do i need to do?

From: at: 2005-05-13 10:11:21

Remove the dotdeb line from /etc/apt/sources.list, run "apt-get update" and try installing again.

Falko

From: at: 2005-07-28 05:41:42

I am new to this whole thing, but I followed this tutorial to set up a server, and the installation of ISPConfig was doing just fine until the very end when it checks to see if all the packages are installed. I get the following error -- can anyone help? "ERROR: The syntax of your httpd.conf is not ok! Please correct the error. The installation routine stops here!" If anyone can help, I'd very much appreciate it. Much obliged.

From: at: 2005-08-01 03:20:55

Great, great, great how-to. For non-guru Debian users, a lot more how-to's like this are needed and welcome. I'm guessing and hoping now that Sarge is in stable, we're going to see a lot more of these how-to's.

I'm going to give this how-to a shot, and if it works well, I'll be sending the author a token of my appreciation. I have apache running, but gave up on bind and a mail server.

All I need now is a how-to this simple that shows how to configure OpenLDAP. Yast was a great gui tool for configuring servers and by copying the original config files prior to altering them with Yast, then comparing the original with the Yast modified config files, one could learn exactly how to configure servers manually. Too bad that a fully functioning Yast isn't yet available on Debian, although I'm aware of efforts on porting Yast to Debian now that it has been GPL'd. If the author or someone else could make configuring OpenLDAP as easy as this how-to, then life would really be complete.

Question: If Exim exists on an apache server, but is used only for internal mail delivery (notices, error messages to root, etc.), and then Postfix is installed and Exim removed, will the error messages and notices and other internal mail continue to be delivered? I seem to remember a few years back when I removed the default mail server (possibly Exim) and installed Postfix in its place, I remember it fouling up local mail deliver (error messages, notices, cron messages, etc.). Is there any precautions to take when removing the existing mail server to replace it with Postfix?

From: at: 2005-08-22 01:31:37

? ? Good idea to create something like this for the average user.

? It should be noted however that ISPConfig 2.0.7 does not correctly identify the Etch testing branch (Etch is the testing and unstable branches after Sarge stable was released).

From: at: 2005-08-22 15:45:16

Obviously the issues of quota formats 1 and 2 were sidestepped, that can be tricky (depends mostly on your kernel version).... And the issue of XFS and quotas.

WARNING: If XFS is the filesystem you enable quotas for, the above simply will not work in sarge-3.1 with a 2.6.n kernel. Although I still have no idea what does work, I am still researching this issue.

From: at: 2005-08-22 19:26:02

Also be forewarned, if you are using NIS authentication, you will have to manually edit /etc/passwd and /etc/group because ISPConfig does not handle this properly.

From: at: 2005-08-22 22:20:51

While ISPConfig has the potential to be a decent remote management tool, it suffers horribly from mangling Bind9 zone files. MAKE SURE you run named-checkconf and named-checkzone BEFORE using its Bind configuration, as the zone files are horribly mangled (who puts blank lines in their zone files? Bind and its documentation strictly forbid it).

From: at: 2005-08-28 21:04:18

When doing apt-get for this part I get the following error, any idea?

Setting up ipopd (2002edebian1-11) ...
/var/lib/dpkg/info/ipopd.postinst: line 75: /dev/stderr: Permission denied
dpkg: error processing ipopd (--configure):
subprocess post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of ipopd-ssl:
ipopd-ssl depends on ipopd (>= 4:2002.rc7debian); however:
Package ipopd is not configured yet.
dpkg: error processing ipopd-ssl (--configure):
dependency problems - leaving unconfigured
Errors were encountered while processing:
ipopd
ipopd-ssl
E: Sub-process /usr/bin/dpkg returned an error code (1)

Thank you

From: at: 2005-08-28 21:13:38

Changing the /dev/stderr in line 75 of /dev/stderr to &2

fixed the problem.

Hope it might help anyone else.

From: at: 2005-08-31 11:28:07

My first time and succes... Thank you , thank you, thank you.....god work

From: at: 2005-09-02 10:54:35

Hi!

My name is Andrew. I have? lived? in Hungary and I want to tell you that many people using Debian Linux in Hungary. I am working at a bank as IT system programmers.

I have never seen such an egzakt and good tutorial as yours. Thank you for helping and congratulations !

From: at: 2005-09-09 17:42:12

hello all

I have a problem
when i running mysql is writer error: can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)'

chack that mysqld is running and that the socket: '/var/run/mysqld/mysqld.sock' exists!

how can I affixed this?

don

From: Anonymous at: 2006-04-30 08:15:49

I had the same problem a few days ago after crashing an Alternc installation. The solution is to check your logs under /var/log/syslog to see that there is no write access to temp folder /tmp. Just do a "chmod 777 /tmp" and restart mysql "/etc/init.d/mysql restart".

But with such kind of an error i guess you have a big trouble on your server, think for a complete reinstallation...

From: at: 2005-09-11 13:07:36

I am following your tutorial exactly except instead of using test server1 just using the suggested defaults.

When I try to edit the /etc/network/interfaces I get a response of permission denied. Any help is appreciated.

Thanks,

David

From: at: 2005-09-11 14:48:23

Are you shure you are logged in as root? The root user is able to edit every file.

From: at: 2005-09-11 16:00:58

Yes I am positive we are logged in as root.? when running command whoami it comes back with root.? We have our own domain name registered and hosted with another hosting service and just want to put our company website on this machine here at the office to learn.

From: at: 2005-09-18 03:28:24

You need to edit the file.

say something like

vi /etc/network/interfaces

From: at: 2005-09-11 16:07:47

Going to reload debiun again. Also am using the tutorial from http://www.aboutdebian.com/linux.htm? with yours and seems things both ways are acting up. I like this layout better however if you could email me or message me if you have jabber, icq or any messanger program or just email dranieri@suscom.net this would be great. Myself and my wife "secretary" does everything is trying with me to learn this and get certified since I am really beginning to hate microsofts greed. Trust us we are microsoft partners but with no linux as an alternative it is hurting our business.

From: at: 2005-09-11 17:39:11

Please use the forums to get this solved:

http://www.howtoforge.com/forums

From: Anonymous at: 2009-06-24 21:02:02

You are editing the file as a standard user. You need to be user root. Try to run the command su and then your command.

From: at: 2005-09-11 17:05:23

Thank you for your help so far.

Here is the exact message after typing in /etc/network/interfaces

-bash: /etc/netwok/interfaces: Permission denied

From: at: 2005-09-14 18:52:12

replace to root:

su -

pass

don

From: Anonymous at: 2005-10-10 02:10:55

Noticed there's no firewall setup in this tutorial. You should have included an iptables setup, otherwise the server will be wide open to attack.

From: admin at: 2005-10-10 07:21:57

Thats not correct. The Howto prepares the system for the installation of ISPConfig and ISPConfig comes with the Bastille Firewall scripts that do the IPTables setup for you.

From: Anonymous at: 2005-10-23 08:36:24

AFAIK, default Debian behaviour is to also install recommended packages after (apt-get install ...). Is it necessary to also install these packages, or the ones that were mentioned here are enough?

The reason why I'm asking is because I am trying to make na minimum install of Debian 3.1

From: admin at: 2005-10-23 11:29:24

No, Debian doesn't install recommended packages by default, only necessary packages. So if you want to have a minimum installation, don't install the recommended packages.

From: Anonymous at: 2006-03-04 03:16:16

Here is a "production" server debian on a P1 -133 MHz-

full ram 188 mb, dhcp, dns, apache, ftp, nis ...

but not realy optimized for minimal packages.

~#df -h
Filesystem Size Used Avail Use% Mounted on
/dev/hda1 897M 658M 192M 78% /
tmpfs 94M 0 94M 0% /dev/shm

~#uptime
04:30:51 up 45 days, 9:12, 1 user, load average: 0.00, 0.00, 0.00

btw install "localepurge" for free disk(s).

Nice HowTo. Thanks

From: Anonymous at: 2006-03-26 22:02:18

No, per default debian (sarge) does not install recommended packages. Only the must-dependecies are installed per default. For a minimum install, you could try download the netinst-cd-image from www.debian.org Greez, Tino

From: Anonymous at: 2005-11-14 09:04:11

Harddisks are written to from outside to the inside, that is why they are faster on the first sectors than they are on the last sectors (~30%).

So I always put my swap partitions at the start of the harddisks (if I have multiple disks one swap partition at the start of each).

Nagium.

From: Anonymous at: 2005-11-18 19:28:59

I have installed Debian Sarge 3.1 per this howto. I want to use Frontpage Extensions on my ISPConfig server. I see that ISPConfig only supports Frontpage with Apache 1.3. This howto uses Apache2. I was able to install Frontpage on the system for Apache2, but I don't know if ISPConfig will be able to use the extensions.

From: Anonymous at: 2006-01-07 21:51:37

Should not be:

update-rc.d -f exim4 remove

just instead of

update-rc.d -f exim remove ?

-----------------

Nice HowTo anyway!

zBit

From: Anonymous at: 2006-02-13 01:19:59

Thanks for the tutorial. I installed ispconfig after. Everthing went perfect.

From: Anonymous at: 2006-02-22 22:40:14

Don't put a general purpose Web server in one big partition! Consider disaster recovery. If you get rooted, you might want to replace root and /usr but leave /var. To avoid getting rooted, you might want to mount noexec any directory Apache can write in. Make a partition for /tmp, /var/tmp, Squirrel Mail's data, Mambo's data, /var/log/apache, etc.

Over time your users will install badly written PHP applications and they will get exploited by worms and skript kiddies. The exploits will write spam-mailers and attack programs in /tmp but they won't run. It won't stop a determined attacker, but the kiddies will move on to lower-hanging fruit.

From: Anonymous at: 2006-03-18 01:07:28

My first debian server setup and all went fantastically well.

Thank you

From: Anonymous at: 2006-06-08 20:13:46

sorry for a stupid question, but whats the adress to the mail servers after this install?

thx for the guide

tomas

From: Anonymous at: 2006-06-08 21:22:40

they have a newer release of this download, and the link up there no longer works, here's an updated link http://ftp.de.debian.org/debian-cd/3.1_r2/i386/iso-cd/debian-31r2-i386-netinst.iso .... im currently downloading it and following this guide, thank you

From: wyzzkid at: 2006-10-19 07:29:30
From: Anonymous at: 2006-02-18 23:02:57

As the help text for the time zone suggests you should use a GMT-zone based setup if you install a server that is linux only. I'd also suggest to install ntpdate + ntp-server.

Balu

From: Anonymous at: 2006-02-23 12:11:25

I dont know for sure but iirc this can be done to cleanup stuff furthermore. Its the purge command that removes stuff from the apt database

dpkg -P lpr nfs-common portmap pidentd pcmcia-cs pppoe pppoeconf ppp pppconfig

rm -fr /etc/ppp

Just a Thought

Ovis

From: Anonymous at: 2006-03-13 07:04:29

As I write this (March 12, 2006), the PowerPC port doesn't include quota support in the kernel by default. For quota support on PowerPC Debian, you'll need to compile a custom kernel. http://www.howtoforge.com/forums/showthread.php?t=21

From: Anonymous at: 2006-05-31 14:07:07

Clamav dependency libgmp3-dev

The ClamAV package requires the GMP library to verify the digital signature of
the virus database. When building ClamAV you need the GMP library and its
headers: if you are using Debian just run apt-get install libgmp3-dev, if you
are using an RPM based distribution install the gmp-devel package. You'll need

to rerun ./configure and recompile ClamAV.

Just my 0.02 ct

gr Ovis

From: Anonymous at: 2005-10-31 15:52:18

Why dont you do it this way,

mkdir -p /var/spool/postfix/var/run

ln -s /var/run/saslauthd /var/spool/postfix/var/run/saslauthd

adduser postfix sasl

when i check with telnet localhost 25 it gives me the same result.

nice howto, keep up the good work,

Louis

From: Anonymous at: 2005-11-04 09:49:09

I got some notice that people don't get this... About the saslauth

if you use the above solution, is tested and works...

DONT do this. ===>>

mkdir -p /var/spool/postfix/var/run/saslauthd
rm -fr /var/run/saslauthd

Now we have to edit /etc/default/saslauthd in order to activate saslauthd. Remove # in front of START=yes and add the line PARAMS="-m /var/spool/postfix/var/run/saslauthd":

<==== DONT DO IT !!! you wil messup ok

ONLY DO THE ABOVE ==> About the saslauth

after that restart postfix and restart saslauthd

use emailadres as login for imap or pop

This setup IS TESTED, and works good.

From: Anonymous at: 2006-05-06 18:32:18

Forget all the Comments and follow the tutorial - it is excellent!!! Thanks a lot........

From: Anonymous at: 2006-07-18 00:15:51

I can't get postfix to authenticate remote users. Something IS terribly wrong with this setup.

My guess is that it only works with ISPConfig.

I think readers should research the issue if they just want to set up a mail server.  

 

From: Anonymous at: 2005-11-04 09:57:51

for the above saslauthd solutioin.

ONLY DO THE 3 LINES NOTHING MORE.

I running this with postfix and courier, and works fine.

dont forget the Maildir if courier is used in the ispconfig

From: Anonymous at: 2005-11-04 14:16:50

If you use this option, ONLY the three lines above are needed..

Nothing else.

after that, restart postfix an saslauthd en test with telnet.

From: admin at: 2006-07-18 14:19:02

Thats is not correct. ISPConfig is not involved in postfix authentication at all.

 If you followed the howto, create a system user and enable smtp-auth in your mail client and you will be able to send mail.

From: halfdan at: 2006-10-27 11:14:15

I fail to connect to the postfix mail server.

When I type: "telnet localhost 25"

I get:

"Trying 127.0.0.1...

Connected to localhost.localdomain.

Escape character is '^]"

But I don't get: "200 server1.example......"

What could be wrong?

From: at: 2007-09-04 14:01:35

In the tutorial above, just before testing the SMTP install by making a telnet conenction to port 25, the instructions read:

"and restart inetd:

/etc/init.d/openbsd-inetd restart"

 

I followed the instructions as described, but the scrpt installed on my machine was named /etc/init.d/inetd

 

 

From: Gulab Pasha at: 2010-06-15 04:15:35

Hi,

 Excellent Tutorial but some how i don't know I'm getting "Unexpected SSL connection shutdown error, but mails are working fine.


Jun 15 09:29:39 sfdlabs imapd-ssl: Connection, ip=[::ffff:192.168.3.2]
Jun 15 09:29:39 sfdlabs imapd-ssl: LOGIN, user=gulab, ip=[::ffff:192.168.3.2], port=[57310], protocol=IMAP
Jun 15 09:29:40 sfdlabs imapd-ssl: DISCONNECTED, user=gulab, ip=[::ffff:192.168.3.2], headers=0, body=0, rcvd=32, sent=230, time=2, starttls=1
Jun 15 09:29:40 sfdlabs imapd-ssl: Connection, ip=[::ffff:192.168.3.2]
Jun 15 09:29:40 sfdlabs imapd-ssl: LOGIN, user=gulab, ip=[::ffff:192.168.3.2], port=[57311], protocol=IMAP
Jun 15 09:29:42 sfdlabs imapd-ssl: Unexpected SSL connection shutdown.

From: Anonymous at: 2005-11-01 15:39:28

I installed these ..

apt-get install libdb-file-lock-perl libdigest-hmac-perl libnet-dns-perl libhtml-parser-perl

From: Anonymous at: 2005-11-26 05:59:31

Debian provides an easy way to enable modules, simply use a2enmod and a2dismod. It also provides another two simple utilities to enable and disable sites. Try it with a2ensite and a2dissite.

From: Anonymous at: 2006-02-04 20:04:55

Wonderful!! Infinitely THANKS! :)

From: Anonymous at: 2006-02-13 07:56:01

The answer to the last setup question for webalizer should be /var/log/apache2/access.log.1 as apache2 is the default on Sarge

From: Anonymous at: 2006-05-01 16:53:16

VERY NICE article. Thank you very much!

Only a petition:

Please, change screenshot for "Is the hardware clock set to GMT". It should be selected "Yes" instead of "No"

It is VERY recommended to set hardware clock to GMT (UTC) if you want automatic "Daylight saving time" changes and if you don't want infinite problems with time depending processes when such changes are backwards. UTC time is constant, independently of you Time Zone, Dayligh saving time changes...

If your computer is not to have Windows installed (as will be the case on a Debian server), it has not sense to set hardware clock to localtime.

From: Anonymous at: 2006-05-01 16:54:58

VERY NICE article. Thank you very much!

Only a petition:

Please, change screenshot for "Is the hardware clock set to GMT". It should be selected "Yes" instead of "No"

It is VERY recommended to set hardware clock to GMT (UTC) if you want automatic "Daylight saving time" changes and if you don't want infinite problems with time depending processes when such changes are backwards. UTC time is constant, independently of you Time Zone, Dayligh saving time changes...

If your computer is not to have Windows installed (as will be the case on a Debian server), it has not sense to set hardware clock to localtime.

From: Anonymous at: 2006-05-12 09:52:19

Very nice HOWTO. I have been using it a lot. If you can make one of these for FreeBSD that would be great, but I understand if you don't.

Regards,
Tim

iHostNZ

From: Anonymous at: 2006-05-30 13:56:23

I cannot imagine how I would ever have set up our webserver without this howto, I followed it step by step and the normal Linux-induced hair-tearing was kept to a minimum. The end result is hugely impressive and I can only thank you profusely for creating this howto.

From: Anonymous at: 2006-06-18 05:48:59

The tutorial, is very exact, regarding the input and output. I think is one of those very nice to keep next to your passport :)

I did it all and I love it the system looks to be fine.

Thank you - Danke Falko.

From: Anonymous at: 2006-07-18 03:50:06

Version 2.2.4 of ISPConfig was released recently. They've updated the path for the webserver and the last section for changing the apache webroot is no longer needed.

See full changelog - http://sourceforge.net/project/shownotes.php?group_id=140327&release_id=432691

From: ejot at: 2006-10-10 10:34:33

I had problems with the CPAN shell failing when installing packages with an error about tar not being able to "untar". Think it might be tied into the number of allowed processes on my VPS. Stopped mysql and apache, ran a CPAN upgrade with perl -MCPAN -e 'install Bundle::CPAN' and tried using the shell again, worked perfectly.

From: at: 2006-12-22 19:12:12

This ONE is the best tutorial ever !!!

Thank you