Virtual Mail And Jabber Server (xmpp) With iRedMail And Ejabberd On Ubuntu 9.10
iRedMail is a shell script that lets you quickly deploy a full-featured mail solution in less than 2 minutes. Since iRedMail 0.5, it supports CentOS 5.x, Debian 5.x, Ubuntu 8.04, 9.04 and 9.10 (both i386 and x86_64). iRedMail supports both OpenLDAP and MySQL as backends for storing virtual domains and users.
This tutorial shows you how to integrate Ejabberd into iredmail's ldap backend on Ubuntu 9.10, passwords will be stored in ldap and you can change the password through webmail.
This tutorial is based on Ubuntu 9.10, so I suggest set up a minimum Ubuntu 9.10 system, install iredmail 0.60 and choose openldap as the backend, as shown in these tutorials:
- iRedMail: Mail Server With LDAP, Postfix, RoundCube/SquirrelMail, Dovecot, ClamAV, SpamAssassin, Amavisd (Debian 5.0.1)
- iRedMail 0.6: Full-Featured Mail Server With OpenLDAP/Postfix/Dovecot/Amavisd/ClamAV/SpamAssassin/RoundCube/iRedAdmin On FreeBSD
Thanks to yrjc2004 for sharing and helping.
1 Install Ejabberd
Install ejabberd:
apt-get install ejabberd
2 Find cn=vmail password
The vmail password was randomly created during iredmail install. You can find the password in /etc/postfix/ldap_virtual_mailbox_domains.cf:
cat /etc/postfix/ldap_virtual_mailbox_domains.cf
bind_dn = cn=vmail,dc=example,dc=com
bind_pw = KxR6AAj2EutXjhcRcK2AHPWCqiA3Ym #cn=vmail password
|
3 Configure ejabberd
Ejabberd's configuration files are written in Erlang syntax, which might be difficult to comprehend. Thankfully, the modifications we need to make are relatively minor and straightforward. The main ejabberd configuration file is located at /etc/ejabberd/ejabberd.cfg. We'll cover each relevant option in turn.
In Erlang, comments begin with the % sign.
Edit /etc/ejabberd/ejabberd.cfg.
Setting admin and domain, now we set [email protected] as admin.
%% Admin user {acl, admin, {user, "www", "example.com"}}. %% Hostname {hosts, ["example.com"]}.
Comment the line, Auth not use internal.
%%{auth_method, internal}.
Add the below at the bottom.
%%% Authenticate against LDAP.
{auth_method, ldap}.
{ldap_servers, ["127.0.0.1"]}.
%%% {ldap_encrypt, tls}.
{ldap_port, 389}.
{ldap_base, "o=domains,dc=example,dc=com"}.
{ldap_rootdn, "cn=vmail,dc=example,dc=com"}.
{ldap_password, "KxR6AAj2EutXjhcRcK2AHPWCqiA3Ym"}. #cn=vmail password
%%% Enable both normal mail user and mail admin.
{ldap_filter, "(&(objectClass=mailUser)(accountStatus=active)(enabledService=jabber))"}.
{ldap_uids, [{"mail", "%u@%d"}]}.
Start ejabberd and check the status:
# /etc/init.d/ejabberd start
Starting jabber server: ejabberd.
# ejabberdctl status
Node ejabberd@u910 is started. Status: started
ejabberd is running
4 Enable jabber service for mail user
Use phpLDAPadmin or other tools to add sample LDAP attributes and values for existing mail users.
Log into phpLDAPadmin:cn=manager,dc=example,dc=com
Find the existing mail user [email protected]:
Enable the jabber service for the user [email protected]:
5 Configure iptables
Standard ports:
5222 Main client port
5223 Obsolete secure jabber port
5269 Server to server port
5280 Web administration
vi /etc/default/iptables
# http/https, smtp/smtps, pop3/pop3s, imap/imaps, ssh
-A INPUT -p tcp -m multiport --dport 80,443,25,465,110,995,143,993,587,465,22,5222,5223,5269,5280 -j ACCEPT # <-- Add 5222 5223 5269 5280
|
Restart the iptables service:
/etc/init.d/iptables restart
6 Web Access Admin Console
Now you can access http://192.168.1.10:5280/admin/
Log in as the ejabberd web admin; we have set [email protected] as the admin for the ejabberd server:
This is how it looks after the login:
Check the virtual host user:
You cannot create a user in webadmin. If you want to create a user, you first need to add the user in iRedAdmin, then enable the jabber service for the user in phpldapadmin.
If you want to add the second virtual domain, you first need to create a new domain in iRedAdmin, then modify /etc/ejabberd/ejabberd.cfg.
%% Hostname {hosts, ["example.com","test.com"]}.