Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Fedora 10) - Page 3

9 Configure Saslauthd

Edit /usr/lib/sasl2/smtpd.conf. It should look like this:

vi /usr/lib/sasl2/smtpd.conf

pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/spool/authdaemon/socket

Then turn off Sendmail and start Postfix, saslauthd, and courier-authlib:

chmod 755 /var/spool/authdaemon
chkconfig --levels 235 courier-authlib on
/etc/init.d/courier-authlib start

chkconfig --levels 235 sendmail off
chkconfig --levels 235 postfix on
chkconfig --levels 235 saslauthd on
/etc/init.d/sendmail stop
/etc/init.d/postfix start
/etc/init.d/saslauthd start

 

10 Configure Courier

Now we have to tell Courier that it should authenticate against our MySQL database. First, edit /etc/authlib/authdaemonrc and change the value of authmodulelist so that it reads

vi /etc/authlib/authdaemonrc

[...]
authmodulelist="authmysql"
#authmodulelist="authuserdb authpam authpgsql authldap authmysql authcustom authpipe"
[...]

Then edit /etc/authlib/authmysqlrc. It should look exactly like this (again, make sure to fill in the correct database details):

cp /etc/authlib/authmysqlrc /etc/authlib/authmysqlrc_orig
cat /dev/null > /etc/authlib/authmysqlrc
vi /etc/authlib/authmysqlrc

MYSQL_SERVER localhost
MYSQL_USERNAME mail_admin
MYSQL_PASSWORD mail_admin_password
MYSQL_PORT 0
MYSQL_DATABASE mail
MYSQL_USER_TABLE users
MYSQL_CRYPT_PWFIELD password
#MYSQL_CLEAR_PWFIELD password
MYSQL_UID_FIELD 5000
MYSQL_GID_FIELD 5000
MYSQL_LOGIN_FIELD email
MYSQL_HOME_FIELD "/home/vmail"
MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')
#MYSQL_NAME_FIELD
MYSQL_QUOTA_FIELD quota

Then restart Courier:

chkconfig --levels 235 courier-imap on
/etc/init.d/courier-authlib restart
/etc/init.d/courier-imap restart

When courier-imap is started for the first time, it automatically creates the certificate files /usr/lib/courier-imap/share/imapd.pem and /usr/lib/courier-imap/share/pop3d.pem from the /usr/lib/courier-imap/etc/imapd.cnf and /usr/lib/courier-imap/etc/pop3d.cnf files. Because the .cnf files contain the line CN=localhost, but our server is named server1.example.com, the certificates might cause problems when you use TLS connections. To solve this, we delete both certificates...

cd /usr/lib/courier-imap/share
rm -f imapd.pem
rm -f pop3d.pem

... and replace the CN=localhost lines in /usr/lib/courier-imap/etc/imapd.cnf and /usr/lib/courier-imap/etc/pop3d.cnf with CN=server1.example.com:

vi /usr/lib/courier-imap/etc/imapd.cnf

[...]
CN=server1.example.com
[...]

vi /usr/lib/courier-imap/etc/pop3d.cnf

[...]
CN=server1.example.com
[...]

Then we recreate both certificates...

./mkimapdcert
./mkpop3dcert

... and restart courier-authlib and courier-imap:

/etc/init.d/courier-authlib restart
/etc/init.d/courier-imap restart

By running

telnet localhost pop3

you can see if your POP3 server is working correctly. It should give back +OK Hello there. (type quit to get back to the Linux shell):

[root@server1 share]# telnet localhost pop3
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK Hello there.
quit
+OK Better luck next time.
Connection closed by foreign host.
[root@server1 share]#

 

11 Modify /etc/aliases

Now we should open /etc/aliases. Make sure that postmaster points to root and root to your own username or your email address, e.g. like this:

vi /etc/aliases

[...]
postmaster: root
root: postmaster@yourdomain.tld
[...]

or like this (if administrator is your own username):

[...]
postmaster: root
root:   administrator
[...]

Whenever you modify /etc/aliases, you must run

newaliases

afterwards and restart Postfix:

/etc/init.d/postfix restart

Share this page:

6 Comment(s)

Add comment

Comments

From: at: 2009-04-12 05:48:16

While building the RPMs for authlib and courier-imap, you may encounter an error saying that ltdl.h and fam.h are required (respectively). You can install these by doing the following:

ltdl.h-- Download and install the latest libtool and libtool-ltdl-devel packages from rpmfind.net

fam.h--As root, run:

yum intall -y gamin-devel

 Since this tutorial is designed for Fedora 10, make sure you are getting the right build for your distribution.

 Hopefully this will save some of you some time, as it added about an extra 20 minutes to my install progress finding the source of the error and a way to fix it.

From: Anonymous at: 2009-03-05 03:34:30

mails are not getting delivered. they are stuck in deferred folder. any clue?

From: jonyssss at: 2009-06-28 23:42:52

Hi. I have a problem. When i want login to realy user and realy domain on my server then the imap was error.

/var/log/mailllog
Jun 29 01:35:31 $mydomain imapd: Connection, ip=[::ffff:127.0.0.1]
Jun 29 01:35:31 $mydomain imapd: chdir $mydomain.cz/$user/: No such file or directory
Jun 29 01:35:31 $mydomain imapd: $user@$mydomain.cz: No such file or directory

$mydomain is realy domain
$user is realy user

From: Anonymous at: 2009-08-20 03:27:26

For FC11 I downloaded the latest source files and found that they built to $HOME/rpm/RPMS/i586 rather than $HOME/rpm/RPMS/i386. I only diuscovered this when I tried to build courier-imap and it could not write the .rpm to the $HOME/rpm/RPMS/i586 folder as it had been created by sudo (root).

A quick chown and chgrp fixed it.

I presume that it would not have been a problem if I had created the $HOME/rpm/RPMS/i586 directory at the start of Step 4 above instead of $HOME/rpm/RPMS/i386.

From: at: 2009-08-01 03:10:50

If /var/log/maillog shows following error -

imapd: Connection, ip=[::ffff:127.0.0.1]
imapd: authdaemon: s_connect() failed: Connection refused
imapd: [Hint: perhaps authdaemond is not running?]
imapd: LOGIN FAILED, user=<-user->, ip=[::ffff:127.0.0.1]
imapd: authentication error: Connection refused

Try the following -

#mv /usr/sbin/authdaemond /usr/sbin/authdaemond.orig
#mv /etc/authlib /etc/authlib.orig

#vi /etc/init.d/courier-authlib
- change location of authdaemonrc in both places from  /etc/authlib/authdaemonrc to /usr/local/etc/authlib/authdaemonrc

- change sbindir="/usr/sbin" to sbindir="/usr/local/sbin"

save the file.

# rm -rf /usr/local/lib/courier-authlib/*.a

#rm -rf /usr/local/lib/courier-authlib/*.la

# /etc/init.d/courier-authlib stop

# /etc/init.d/courier-authlib start

 ==============================

File not found error in log files -

You should install the mysql runtime libraries.

Try:

ldd /usr/local/lib/courier-authlib/libauthmysql.so

This should show which mysql runtime libs need to be present.

From: at: 2009-04-12 17:25:31

While running the razor_admin commands at the top of the page, if you encounter an error saying "Bootstrap...network...giving up," (my apologies, I did not write the exact error message, but this is the gist of it) it means you need to open port 2703 on your firewall. Once you have done this, try running the commands again and they should work.