Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Fedora 10) - Page 5

13 Install Razor, Pyzor And DCC And Configure SpamAssassin

Razor, Pyzor and DCC are spamfilters that use a collaborative filtering network. To install Razor and Pyzor, run

yum install perl-Razor-Agent pyzor

Then initialize both services:

chmod -R a+rX /usr/share/doc/pyzor-0.4.0 /usr/bin/pyzor /usr/bin/pyzord
chmod -R a+rX /usr/lib/python2.5/site-packages/pyzor
su -m amavis -c 'pyzor --homedir /var/spool/amavisd discover'
su -m amavis -c 'razor-admin -home=/var/spool/amavisd -create'
su -m amavis -c 'razor-admin -home=/var/spool/amavisd -register'

Then we install DCC as follows:

cd /tmp
tar xzvf dcc-dccproc.tar.Z
cd dcc-dccproc-1.3.102
./configure --with-uid=amavis
make install
chown -R amavis:amavis /var/dcc
ln -s /var/dcc/libexec/dccifd /usr/local/bin/dccifd

Now we have to tell SpamAssassin to use these three programs. Edit /etc/mail/spamassassin/ so that it looks like this:

vi /etc/mail/spamassassin/

# These values can be overridden by editing ~/.spamassassin/
# (see spamassassin(1) for details)

# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.

#required_hits 5
#report_safe 0
#rewrite_header Subject [SPAM]

# dcc
use_dcc 1
dcc_path /usr/local/bin/dccproc

use_pyzor 1
pyzor_path /usr/bin/pyzor

use_razor2 1
razor_config /var/spool/amavisd/razor-agent.conf

use_bayes 1
use_bayes_rules 1
bayes_auto_learn 1

Then we must enable the DCC plugin in SpamAssassin. Open /etc/mail/spamassassin/v310.pre and uncomment the loadplugin Mail::SpamAssassin::Plugin::DCC line:

vi /etc/mail/spamassassin/v310.pre

# DCC - perform DCC message checks.
# DCC is disabled here because it is not open source.  See the DCC
# license for more details.
loadplugin Mail::SpamAssassin::Plugin::DCC

You can check your SpamAssassin configuration by executing:

spamassassin --lint

It shouldn't show any errors.


/etc/init.d/amavisd restart


Now we update our SpamAssassin rulesets as follows:

sa-update --no-gpg

We create a cron job so that the rulesets will be updated regularly. Run

crontab -e

to open the cron job editor. Create the following cron job:

23 4 */2 * * /usr/bin/sa-update --no-gpg &> /dev/null

This will update the rulesets every second day at 4.23h.


14 Quota Exceedance Notifications

If you want to get notifications about all the email accounts that are over quota, then do this:

cd /usr/local/sbin/
mv quota.txt quota_notify
chmod 755 quota_notify

Open /usr/local/sbin/quota_notify and edit the variables at the top. Further down in the file (towards the end) there are two lines where you should add a % sign ($lusers{$luser}%):

vi /usr/local/sbin/quota_notify

my $POSTFIX_CF = "/etc/postfix/";
my $MAILPROG = "/usr/sbin/sendmail -t";
my @POSTMASTERS = ('postmaster@yourdomain.tld');
my $CONAME = 'My Company';
my $COADDR = 'postmaster@yourdomain.tld';
my $SUADDR = 'postmaster@yourdomain.tld';
my $MAIL_REPORT = 1;
           print "Subject: WARNING: Your mailbox is $lusers{$luser}% full.\n";
           print "Your mailbox: $luser is $lusers{$luser}% full.\n\n";


crontab -e

to create a cron job for that script:

0 0 * * * /usr/local/sbin/quota_notify &> /dev/null


15 Test Postfix

To see if Postfix is ready for SMTP-AUTH and TLS, run

telnet localhost 25

After you have established the connection to your Postfix mail server type

ehlo localhost

If you see the lines




everything is fine.

[root@server1 ~]# telnet localhost 25
Connected to localhost.
Escape character is '^]'.
220 ESMTP Postfix
ehlo localhost
250-SIZE 10240000
250 DSN
221 2.0.0 Bye
Connection closed by foreign host.
[root@server1 ~]#



to return to the system's shell.


16 Populate The Database And Test

To populate the database you can use the MySQL shell:

mysql -u root -p

USE mail;

At least you have to create entries in the tables domains and users:

INSERT INTO `domains` (`domain`) VALUES ('');
INSERT INTO `users` (`email`, `password`, `quota`) VALUES ('', ENCRYPT('secret'), 10485760);

(Please take care you use the ENCRYPT syntax in the second INSERT statement in order to encrypt the password!)

If you want to make entries in the other two tables, that would look like this:

INSERT INTO `forwardings` (`source`, `destination`) VALUES ('', '');
INSERT INTO `transport` (`domain`, `transport`) VALUES ('', '');

To leave the MySQL shell, type


For most people it is easier if they have a graphical front-end to MySQL; therefore you can also use phpMyAdmin (in this example under or to administrate the mail database. Again, when you create a user, go sure that you use the ENCRYPT function to encrypt the password:

I do not think I have to explain the domains and users table further.

The forwardings table can have entries like the following:

source destination Redirects emails for to Creates a Catch-All account for All emails to will arrive at, except those that exist in the users table (i.e., if exists in the users table, mails to will still arrive at @anotherdomain.tld This redirects all emails to to the same user at anotherdomain.tld. E.g., emails to will be forwarded to thomas@anotherdomain.tld., billing@anotherdomain.tld Forward emails for to two or more email addresses. All listed email addresses under destination receive a copy of the email.

The transport table can have entries like these:

domain transport : Delivers emails for locally. This is as if this record would not exist in this table at all. smtp:mail.anotherdomain.tld Delivers all emails for via smtp to the server smtp:mail.anotherdomain.tld:2025 Delivers all emails for via smtp to the server, but on port 2025, not 25 which is the default port for smtp.


The square brackets prevent Postfix from doing lookups of the MX DNS record for the address in square brackets. Makes sense for IP addresses. smtp:mail.anotherdomain.tld Mail for any subdomain of is delivered to mail.anotherdomain.tld.
* smtp:mail.anotherdomain.tld All emails are delivered to mail.anotherdomain.tld. smtp:mail.anotherdomain.tld Emails for are delivered to mail.anotherdomain.tld.


man transport

for more details.

Please keep in mind that the order of entries in the transport table is important! The entries will be followed from the top to the bottom.

Important: Postfix uses a caching mechanism for the transports, therefore it might take a while until you changes in the transport table take effect. If you want them to take effect immediately, run

postfix reload

after you have made your changes in the transport table.


17 Send A Welcome Email For Creating Maildir

When you create a new email account and try to fetch emails from it (with POP3/IMAP) you will probably get error messages saying that the Maildir doesn't exist. The Maildir is created automatically when the first email arrives for the new account. Therefore it's a good idea to send a welcome email to a new account.

First, we install the mailx package:

yum install mailx

To send a welcome email to, we do this:


You will be prompted for the subject. Type in the subject (e.g. Welcome), then press ENTER, and in the next line type your message. When the message is finished, press ENTER again so that you are in a new line, then press CTRL+D:

[root@server1 ~]# mailx
Subject: Welcome
Welcome! Have fun with your new mail account. <-- ENTER
<-- CTRL+D
[root@server1 ~]#

Share this page:

6 Comment(s)

Add comment


From: at: 2009-04-12 05:48:16

While building the RPMs for authlib and courier-imap, you may encounter an error saying that ltdl.h and fam.h are required (respectively). You can install these by doing the following:

ltdl.h-- Download and install the latest libtool and libtool-ltdl-devel packages from

fam.h--As root, run:

yum intall -y gamin-devel

 Since this tutorial is designed for Fedora 10, make sure you are getting the right build for your distribution.

 Hopefully this will save some of you some time, as it added about an extra 20 minutes to my install progress finding the source of the error and a way to fix it.

From: Anonymous at: 2009-03-05 03:34:30

mails are not getting delivered. they are stuck in deferred folder. any clue?

From: jonyssss at: 2009-06-28 23:42:52

Hi. I have a problem. When i want login to realy user and realy domain on my server then the imap was error.

Jun 29 01:35:31 $mydomain imapd: Connection, ip=[::ffff:]
Jun 29 01:35:31 $mydomain imapd: chdir $$user/: No such file or directory
Jun 29 01:35:31 $mydomain imapd: $user@$ No such file or directory

$mydomain is realy domain
$user is realy user

From: Anonymous at: 2009-08-20 03:27:26

For FC11 I downloaded the latest source files and found that they built to $HOME/rpm/RPMS/i586 rather than $HOME/rpm/RPMS/i386. I only diuscovered this when I tried to build courier-imap and it could not write the .rpm to the $HOME/rpm/RPMS/i586 folder as it had been created by sudo (root).

A quick chown and chgrp fixed it.

I presume that it would not have been a problem if I had created the $HOME/rpm/RPMS/i586 directory at the start of Step 4 above instead of $HOME/rpm/RPMS/i386.

From: at: 2009-08-01 03:10:50

If /var/log/maillog shows following error -

imapd: Connection, ip=[::ffff:]
imapd: authdaemon: s_connect() failed: Connection refused
imapd: [Hint: perhaps authdaemond is not running?]
imapd: LOGIN FAILED, user=<-user->, ip=[::ffff:]
imapd: authentication error: Connection refused

Try the following -

#mv /usr/sbin/authdaemond /usr/sbin/authdaemond.orig
#mv /etc/authlib /etc/authlib.orig

#vi /etc/init.d/courier-authlib
- change location of authdaemonrc in both places from  /etc/authlib/authdaemonrc to /usr/local/etc/authlib/authdaemonrc

- change sbindir="/usr/sbin" to sbindir="/usr/local/sbin"

save the file.

# rm -rf /usr/local/lib/courier-authlib/*.a

#rm -rf /usr/local/lib/courier-authlib/*.la

# /etc/init.d/courier-authlib stop

# /etc/init.d/courier-authlib start


File not found error in log files -

You should install the mysql runtime libraries.


ldd /usr/local/lib/courier-authlib/

This should show which mysql runtime libs need to be present.

From: at: 2009-04-12 17:25:31

While running the razor_admin commands at the top of the page, if you encounter an error saying " up," (my apologies, I did not write the exact error message, but this is the gist of it) it means you need to open port 2703 on your firewall. Once you have done this, try running the commands again and they should work.