Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (CentOS 6.0 x86_64) - Page 3

9 Configure Saslauthd

Edit /etc/sasl2/smtpd.conf. It should look like this:

vi /etc/sasl2/smtpd.conf

pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/spool/authdaemon/socket

Then turn off Sendmail and start Postfix, saslauthd, and courier-authlib:

chmod 755 /var/spool/authdaemon
chkconfig --levels 235 courier-authlib on
/etc/init.d/courier-authlib start

chkconfig --levels 235 sendmail off
chkconfig --levels 235 postfix on
chkconfig --levels 235 saslauthd on
/etc/init.d/sendmail stop
/etc/init.d/postfix start
/etc/init.d/saslauthd start

 

10 Configure Courier

Now we have to tell Courier that it should authenticate against our MySQL database. First, edit /etc/authlib/authdaemonrc and change the value of authmodulelist so that it reads

vi /etc/authlib/authdaemonrc

[...]
authmodulelist="authmysql"
#authmodulelist="authuserdb authpam authpgsql authldap authmysql authcustom authpipe"
[...]

Then edit /etc/authlib/authmysqlrc. It should look exactly like this (again, make sure to fill in the correct database details):

cp /etc/authlib/authmysqlrc /etc/authlib/authmysqlrc_orig
cat /dev/null > /etc/authlib/authmysqlrc
vi /etc/authlib/authmysqlrc

MYSQL_SERVER localhost
MYSQL_USERNAME mail_admin
MYSQL_PASSWORD mail_admin_password
MYSQL_PORT 0
MYSQL_DATABASE mail
MYSQL_USER_TABLE users
MYSQL_CRYPT_PWFIELD password
#MYSQL_CLEAR_PWFIELD password
MYSQL_UID_FIELD 5000
MYSQL_GID_FIELD 5000
MYSQL_LOGIN_FIELD email
MYSQL_HOME_FIELD "/home/vmail"
MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')
#MYSQL_NAME_FIELD
MYSQL_QUOTA_FIELD quota

Then restart Courier:

chkconfig --levels 235 courier-imap on
/etc/init.d/courier-authlib restart
/etc/init.d/courier-imap restart

When courier-imap is started for the first time, it automatically creates the certificate files /usr/lib/courier-imap/share/imapd.pem and /usr/lib/courier-imap/share/pop3d.pem from the /usr/lib/courier-imap/etc/imapd.cnf and /usr/lib/courier-imap/etc/pop3d.cnf files. Because the .cnf files contain the line CN=localhost, but our server is named server1.example.com, the certificates might cause problems when you use TLS connections. To solve this, we delete both certificates...

cd /usr/lib/courier-imap/share
rm -f imapd.pem
rm -f pop3d.pem

... and replace the CN=localhost lines in /usr/lib/courier-imap/etc/imapd.cnf and /usr/lib/courier-imap/etc/pop3d.cnf with CN=server1.example.com:

vi /usr/lib/courier-imap/etc/imapd.cnf

[...]
CN=server1.example.com
[...]

vi /usr/lib/courier-imap/etc/pop3d.cnf

[...]
CN=server1.example.com
[...]

Then we recreate both certificates...

./mkimapdcert
./mkpop3dcert

... and restart courier-authlib and courier-imap:

/etc/init.d/courier-authlib restart
/etc/init.d/courier-imap restart

By running

telnet localhost pop3

you can see if your POP3 server is working correctly. It should give back +OK Hello there. (type quit to get back to the Linux shell):

[root@server1 share]# telnet localhost pop3
Trying ::1...
Connected to localhost.
Escape character is '^]'.
+OK Hello there.
<-- quit
+OK Better luck next time.
Connection closed by foreign host.
[root@server1 share]#

 

11 Modify /etc/aliases

Now we should open /etc/aliases. Make sure that postmaster points to root and root to your own username or your email address, e.g. like this:

vi /etc/aliases

[...]
postmaster: root
root: postmaster@yourdomain.tld
[...]

or like this (if administrator is your own username):

[...]
postmaster: root
root: administrator
[...]

Whenever you modify /etc/aliases, you must run

newaliases

afterwards and restart Postfix:

/etc/init.d/postfix restart

Share this page:

4 Comment(s)

Add comment

Comments

From: at: 2011-10-07 09:29:08

Hi

I see a discrepency in this section the version number in the text explanation and the actual downloaded/added text (to postfix.spec) are inconsistent.

From: Anonymous at: 2011-10-21 16:28:57

First, great site, these howtos have helped me a billion.

 In the meantime I was having some issues with postfix startup and when trying to connect:

Oct 21 08:03:50 mailserver postfix/smtpd[21849]: connect from localhost[127.0.0.1]
Oct 21 08:03:50 mailserver postfix/smtpd[21849]: warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms
Oct 21 08:03:50 mailserver postfix/smtpd[21849]: fatal: no SASL authentication mechanisms
Oct 21 08:03:51 mailserver postfix/master[21814]: warning: process /usr/libexec/postfix/smtpd pid 21849 exit status 1
Oct 21 08:03:51 mailserver postfix/master[21814]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

After digging this out a littñe I came across this requirement:

cyrus-sasl-plain

 After doing

yum install cyrus-sasl-plain -y

Problem was solved, so if you could add it to the yum install .... part ity'd help a lot.

 Thanks again.

From: Machtyn at: 2011-10-27 03:53:01

I ran into a problem with amavisd-new not installing with an error stating that /etc/clamd.d was not found.  The solution was given by TiTex in this thread: http://www.howtoforge.com/forums/showthread.php?t=53711

 Also, if I may make a suggestions, include the -y option with the yum install command:

yum -y install $packages

From: Anonymous at: 2012-03-16 11:42:21

That was required for my system:
 
chmod -R a+rX /usr/share/doc/pyzor-0.5.0 /usr/bin/pyzor /usr/bin/pyzord

chmod -R a+rX /usr/lib/python2.6/site-packages/pyzor

mkdir /var/spool/amavisd

chown amavis:amavis /var/spool/amavisd

su -m amavis -c 'pyzor --homedir /var/spool/amavisd discover'

su -m amavis -c 'razor-admin -home=/var/spool/amavisd -create'

su -m amavis -c 'razor-admin -home=/var/spool/amavisd -register'