Virtual Users And Domains With Postfix, Courier And MySQL (+ SMTP-AUTH, Quota, SpamAssassin, ClamAV) - Page 2

4 Configure Postfix

Now we have to tell Postfix where it can find all the information in the database. Therefore we have to create six text files. You will notice that I tell Postfix to connect to MySQL on the IP address 127.0.0.1 instead of localhost. This is because Postfix is running in a chroot jail and does not have access to the MySQL socket which it would try to connect if I told Postfix to use localhost. If I use 127.0.0.1 Postfix uses TCP networking to connect to MySQL which is no problem even in a chroot jail (the alternative would be to move the MySQL socket into the chroot jail which causes some other problems).

Please make sure that /etc/mysql/my.cnf contains the following line:

bind-address            = 127.0.0.1

so that MySQL allows connections on 127.0.0.1 (restart MySQL if you have to make changes to /etc/mysql/my.cnf).

Now let's create our six text files.

/etc/postfix/mysql-virtual_domains.cf:

user = mail_admin
password = mail_admin_password
dbname = mail
table = domains
select_field = 'virtual'
where_field = domain
hosts = 127.0.0.1

/etc/postfix/mysql-virtual_forwardings.cf:

user = mail_admin
password = mail_admin_password
dbname = mail
table = forwardings
select_field = destination
where_field = source
hosts = 127.0.0.1

/etc/postfix/mysql-virtual_mailboxes.cf:

user = mail_admin
password = mail_admin_password
dbname = mail
table = users
select_field = CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')
where_field = email
hosts = 127.0.0.1

/etc/postfix/mysql-virtual_email2email.cf:

user = mail_admin
password = mail_admin_password
dbname = mail
table = users
select_field = email
where_field = email
hosts = 127.0.0.1

/etc/postfix/mysql-virtual_transports.cf:

user = mail_admin
password = mail_admin_password
dbname = mail
table = transport
select_field = transport
where_field = domain
hosts = 127.0.0.1

/etc/postfix/mysql-virtual_mailbox_limit_maps.cf:

user = mail_admin
password = mail_admin_password
dbname = mail
table = users
select_field = quota
where_field = email
hosts = 127.0.0.1

chmod o= /etc/postfix/mysql-virtual_*.cf
chgrp postfix /etc/postfix/mysql-virtual_*.cf

Now we create a user and group called vmail with the home directory /home/vmail. This is where all mail boxes will be stored.

groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /home/vmail -m

Next we do some Postfix configuration. Go sure that you replace server1.example.com with a valid FQDN, otherwise your Postfix might not work properly!

postconf -e 'myhostname = server1.example.com'
postconf -e 'mydestination = server1.example.com, localhost, localhost.localdomain'
postconf -e 'mynetworks = 127.0.0.0/8'
postconf -e 'virtual_alias_domains ='
postconf -e ' virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf'
postconf -e 'virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf'
postconf -e 'virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf'
postconf -e 'virtual_mailbox_base = /home/vmail'
postconf -e 'virtual_uid_maps = static:5000'
postconf -e 'virtual_gid_maps = static:5000'
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/smtpd.cert'
postconf -e 'smtpd_tls_key_file = /etc/postfix/smtpd.key'
postconf -e 'transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf'
postconf -e 'virtual_create_maildirsize = yes'
postconf -e 'virtual_maildir_extended = yes'
postconf -e 'virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf'
postconf -e 'virtual_mailbox_limit_override = yes'
postconf -e 'virtual_maildir_limit_message = "The user you are trying to reach is over quota."'
postconf -e 'virtual_overquota_bounce = yes'
postconf -e 'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps'

Afterwards we create the SSL certificate that is needed for TLS:

cd /etc/postfix
openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509

<-- Enter your Country Name (e.g., "DE").
<-- Enter your State or Province Name.
<-- Enter your City.
<-- Enter your Organization Name (e.g., the name of your company).
<-- Enter your Organizational Unit Name (e.g. "IT Department").
<-- Enter the Fully Qualified Domain Name of the system (e.g. "server1.example.com").
<-- Enter your Email Address.

chmod o= /etc/postfix/smtpd.key

5 Configure Saslauthd

mkdir -p /var/spool/postfix/var/run/saslauthd

Edit /etc/default/saslauthd. Remove the # in front of START=yes and add the line PARAMS="-m /var/spool/postfix/var/run/saslauthd -r". The file should then look like this:

# This needs to be uncommented before saslauthd will be run automatically
START=yes

# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"

MECHANISMS="pam"
PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"

We must also edit /etc/init.d/saslauthd and change the location of saslauthd's PID file. Change the value of PIDFILE to /var/spool/postfix/var/run/${NAME}/saslauthd.pid:

PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"

Then create the file /etc/pam.d/smtp. It should contain only the following two lines (go sure to fill in your correct database details):

auth    required   pam_mysql.so user=mail_admin passwd=mail_admin_password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
account sufficient pam_mysql.so user=mail_admin passwd=mail_admin_password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1

Next create the file /etc/postfix/sasl/smtpd.conf. It should look like this:

pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true
auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: mail_admin
sql_passwd: mail_admin_password
sql_database: mail
sql_select: select password from users where email = '%u'

Then restart Postfix and Saslauthd:

/etc/init.d/postfix restart
postfix check
/etc/init.d/saslauthd restart

6 Configure Courier

Now we have to tell Courier that it should authenticate against our MySQL database. First, edit /etc/courier/authdaemonrc and change the value of authmodulelist so that it reads

authmodulelist="authmysql"

Then edit /etc/courier/authmysqlrc. It should look like this (again, make sure to fill in the correct database details):

MYSQL_SERVER localhost
MYSQL_USERNAME mail_admin
MYSQL_PASSWORD mail_admin_password
MYSQL_PORT 0
MYSQL_DATABASE mail
MYSQL_USER_TABLE users
MYSQL_CRYPT_PWFIELD password
#MYSQL_CLEAR_PWFIELD password
MYSQL_UID_FIELD 5000
MYSQL_GID_FIELD 5000
MYSQL_LOGIN_FIELD email
MYSQL_HOME_FIELD "/home/vmail"
MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')
#MYSQL_NAME_FIELD
MYSQL_QUOTA_FIELD quota

Then restart Courier:

/etc/init.d/courier-authdaemon restart
/etc/init.d/courier-imap restart
/etc/init.d/courier-imap-ssl restart
/etc/init.d/courier-pop restart
/etc/init.d/courier-pop-ssl restart

By running

telnet localhost pop3

you can see if your POP3 server is working correctly. It should give back +OK Hello there. (Type quit to get back to the Linux shell.)

Share this page:

70 Comment(s)

Add comment

Comments

From: Anonymous at: 2005-10-11 00:38:22

Amazing, this tutorial is very good!

Thanks by share what you know!

Tiago Cruz

From: Anonymous at: 2006-04-17 22:07:51

thanks for this tutorial, my server runs fine

found this by google

h**p://blog.b-network.org/index.php?/archives/93-Postfix-Administrations-PHP-Script.html

works fine :)

regards

michael

From: Anonymous at: 2006-06-08 17:33:38

anyone ever have any problems with the quota for users? Im wanting to setup bigger mail accounts for certain users and it doesnt seem as if its reading the value from the mysql database... ive looked all over the net for a solution but am not able to find one.

thanks, P

From: Michael at: 2009-04-14 07:10:11

Hi.

I'm having the same problem, did you find a solution for this problem??? if you did please tell me...

From: Anonymous at: 2005-10-15 15:04:28

everyone wrote handholded tutorials like these !

From: Anonymous at: 2005-10-17 10:50:15

Try to send emails but unable to retrieve email from Outlook Express, getting error such as invalid password. How can I correct this. I am a newbie configuring linux server. Thanks.

From: admin at: 2005-10-17 10:54:46

Please post support requests always to the forums.

http://www.howtoforge.com/forums/

From: Anonymous at: 2005-10-23 16:27:19

why not use postfixadmin instead of phpMyAdmin and custom tables, would make for much easier domain/user management

From: Anonymous at: 2005-12-02 23:14:31

Hi, everything works perfectly except I receive a mail each hour like below

This email is sent by logcheck. If you wish to no-longer receive it,
you can either deinstall the logcheck package or modify its
configuration file (/etc/logcheck/logcheck.conf).

Security Events
=-=-=-=-=-=-=-=
Dec  2 23:02:08 localhost postfix/smtpd[1167]: _sasl_plugin_load failed on sasl_auxprop_plug_init
for plugin: sql
Dec  3 00:00:02 localhost postfix/smtpd[1269]: _sasl_plugin_load failed on sasl_auxprop_plug_init
for plugin: sql

System Events
=-=-=-=-=-=-=
Dec  2 23:02:08 localhost postfix/smtpd[1167]: sql_select option missing
Dec  2 23:02:08 localhost postfix/smtpd[1167]: auxpropfunc error no mechanism available
Dec  3 00:00:02 localhost postfix/smtpd[1269]: sql_select option missing
Dec  3 00:00:02 localhost postfix/smtpd[1269]: auxpropfunc error no mechanism available

From: Anonymous at: 2006-03-11 08:25:29

Thank you. it is a great guide. However, if u can add "auto reply" and "webmail interface", it will be perfect !

From: at: 2007-11-22 02:08:32

I'm not sure about autoreply, but you can install any webamil with IMAP support in order to query the mail via HTTP (i.e: roundcube, squirrelmail, ...)

 Cheers

From: Anonymous at: 2006-03-25 20:41:22

Don't ask me why, but I ran into problems with saslauthd. I was not able to send a mail via my vServer.

Managed to solve the problems by doing

mount --bind /var/run/saslauthd /var/spool/postfix/var/run/saslauthd

But this gets lost on reboot.
So I added the following line to
/etc/fstab

/var/run/saslauthd /var/spool/postfix/var/run/saslauthd none bind

Maybe the problem is related to the chrooted environment.

Still a great HowTo.

From: Anonymous at: 2006-07-24 20:14:35

I would love to add a few notes for those of us not using debian, but for the most part, concisely straight forward. It just works.

From: at: 2006-10-29 13:36:44

the 3 lines of magic are:

echo postfix hold | dpkg --set-selections &&
echo postfix-mysql hold | dpkg --set-selections &&
echo postfix-tls hold | dpkg --set-selections

now you can do ;

apt-get update && apt-get dist-upgrade

Just my .02 ct

Ovis

From: admin at: 2006-12-21 12:06:20

It's howtoforge, as shown here: http://www.howtoforge.com/import_vmware_images

From: at: 2006-12-21 10:06:13

I've downloaded the WMware image of this tutorial. Everything goes fine, but i don't know root password.

I have tried to find it in this tutorial without success.

Thank you 

From: at: 2007-02-17 21:32:55

The filesystem where /var/spool/postfix lies, have to be without noexec flag else postfix can not resolve MX for sending mail to another mailserver. I spent some hours to find it out.

From: Anton N. Petrov at: 2009-04-07 05:28:24

transport table not support forward from "somedomain.com" to "virtual:user@otherdomain.com"

make this via forwardings table as "@somedomain.com","user@otherdomain.com"

PS "somedomain.com" must be add in table domains

From: Dimitar at: 2010-05-05 11:07:25

It's a great basic tutorial! Love it!

For convenience I'm trying to set domain forwarding, or how should I call it...
I want all mails to example.com to go to the respective user @example.net
Example:
bob@example.com->bob@example.net
john@example.com->john@example.net
/dummy@example.com->dropped/
but without doing it by hand in forwardings table.
Is it impossible, or it's just me not able to figure it out...

From: Anonymous at: 2005-11-17 15:03:57

I've followed the setp-by-step giude to the letter (a lot of times now) and i still can't figure out why i get the message "unable to open this mailbox". I've tested both postfix and Courier-imap by logging into them by telnet. Someone told me it might be something with the courier-imap startup line, but i found nothing that could be out of order.

Any help would be greatly apreciated!

From: Anonymous at: 2006-02-27 01:05:52

Trying to access a mailbox via imap before any mail has been delivered to it will generate an error (at least with this setup - not sure about others.) Make sure you send an email to the mailbox before accessing it.

From: Anonymous at: 2006-01-27 22:20:23

I use postfix 2.1.5-9 (debian/stable), which complains about using proxies for security sensitive data. Below I post the original line together with the error and the working line. # virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf # Jan 27 21:40:58 hostname postfix/virtual[11713]: fatal: mysql:/etc/postfix/mysql-virtual_mailboxes.cf: proxy map is not allowed for security sensitive data virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailboxes.cf

From: Anonymous at: 2006-02-15 03:38:20

I think it should be noted here that virtual_mail_maps does not work through proxy: Postfix 2.2.x will ignore it, but 2.1.x will give you a fatal error...

Everything else seems to work with proxy: tho...

From: Anonymous at: 2006-03-11 11:20:57

I copied and pasted stuff from this example, but the /etc/courier/authmysqlrc lines I copied put the CONCAT)SUBSTRING....... line on a new line user MYSQL_MAILDIR_FIELD which casued be to get -ERR: Maildir , file does not exist when using IMAP or POP.. so.. in a nutshell, check your files for newlines that shouldnt be there!

From: Anonymous at: 2006-04-02 08:13:34

Hi, good work.

I ran into trouble with the jail of saslauthd .. the pidfile is created inside the jail, of course. but the init script looks for an not chrooted sasl pidfile.

So, I had to edit the /etc/init.d/saslauthd

PIDFILE=/var/run/$NAME/saslauthd.pid -> PIDFILE=/var/spool/postfix/var/run/$NAME/saslauthd.pid

From: ioerror at: 2006-10-04 23:02:07

I was unable to get mail to deliver (it was bouncing) until I changed the settings in: /etc/postfix/mysql-virtual_domains.cf

user = mail_admin
password = mail_admin_password
dbname = mail
table = domains
select_field = 'domain'
where_field = domain
hosts = 127.0.0.1


You have to change the select_field to 'domain' because there is no 'virtual' field in the domain table.

From: ioerror at: 2006-10-04 23:52:25

This HOWTO allows for insecure relay authentication. You can easily fix this by requiring starttls before auth.

Add the following line to your main.cf
smtpd_tls_auth_only = yes

From: at: 2007-01-16 22:24:51

Saslauth was not working, and i didn't allowed me to send mail with this smtpd.
 
I noticed that /etc/init.d/saslauthd doesn't use the PARAMS var in /etc/default/saslauth, so i did this in my /etc/init.d/saslauthd:
 
 DAEMON_ARGS=" -m /var/spool/postfix/var/run/saslauthd -r"
 
Now it works! 

From: Anonymous at: 2009-03-08 20:44:53

Problem ist that the variable name PARAMS seems to have changed to OPTIONS in /etc/init.d/saslauthd

simply replace ...

PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"

with ...

OPTIONS="-m /var/spool/postfix/var/run/saslauthd -r"

This holds for Debian Lenny and saslauthd 2.1.22.

From: Anonymous at: 2009-04-19 04:38:31

i had to add

saslauthd_path: /var/spool/postfix/var/run/saslauthd/mux

in /etc/postfix/sasl/smtpd.conf

otherwise got the error that saslauthd server file not found.

From: at: 2007-02-18 00:47:52

Hi, i get the folowing error in /var/log/syslog, and i can't receive emails.

 Feb 18 01:22:42 localhost postfix/smtpd[14614]: connect from ug-out-1314.google.com[66.249.92.169]
Feb 18 01:22:42 localhost postfix/smtpd[14614]: BCC3E60E9: client=ug-out-1314.google.com[66.249.92.169]
Feb 18 01:22:42 localhost postfix/cleanup[14621]: BCC3E60E9: message-id=<200702180122.31939.user@example.com>
Feb 18 01:22:42 localhost postfix/qmgr[14607]: BCC3E60E9: from=<usersample@gmail.com>, size=1665, nrcpt=1 (queue
 active)
Feb 18 01:22:43 localhost amavis[13611]: (13611-04) lookup_sql: 2013, Lost connection to MySQL server during query
Feb 18 01:22:43 localhost amavis[13611]: (13611-04) NOTICE: Disconnected from SQL server
Feb 18 01:22:43 localhost amavis[13611]: (13611-04) TROUBLE in check_mail: creating_partsdir FAILED: DBD::mysql::st execute
 failed: Lost connection to MySQL server during query at (eval 38) line 238, <GEN16> line 91.
Feb 18 01:22:43 localhost amavis[13611]: (13611-04) PRESERVING EVIDENCE in /var/lib/amavis/amavis-20070218T010824-13611
Feb 18 01:22:43 localhost postfix/smtp[14622]: BCC3E60E9: to=<user@example.com>, relay=127.0.0.1[127.0.0.1], dela
y=1, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=13611-04, creating_partsdir FAILED:
 DBD::mysql::st execute failed: Lost connection to MySQL server during query at (eval 38) line 238, <GEN16> line 91. (in re
ply to end of DATA command))

If i change at /etc/pam.d/smtp :

auth required pam_mysql.so user=mail_admin passwd=mail_admin_password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
account sufficient pam_mysql.so user=mail_admin passwd=mail_admin_password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1

for this:

auth required pam_mysql.so user=mail_admin passwd=mail_admin_password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
auth required pam_mysql.so user=mail_admin passwd=mail_admin_password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1

 

It's works and i receive mail. 

Other solution for receive mails, but it is not optimal is add a line in /etc/mysql/my.cnf writting this:

wait_timeout = 60000 

From: at: 2007-05-06 22:59:28

/etc/postfix/sasl/smtpd.conf [quote] auxprop_plugin: mysql sql_hostnames: 127.0.0.1 sql_user: mail_admin sql_passwd: mail_admin_password sql_database: mail sql_select: select password from users where email = '%u' [/quote] I think these lines ar not necessary. I don't know what they are good for. But maybe someone can explain it to me?! Best regards.

From: at: 2007-07-31 22:33:22

I had to change

MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')

to

MYSQL_MAILDIR_FIELD CONCAT('/home/vmail/',SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')

to make courier check the right maildir. Before it checked /home/vmail/Maildir.

Hope this helps

Christian 

 

From: Markus K at: 2009-02-03 14:34:16

I followed the instructions, but the "maildirsize" files were not created. So I have to add the following postfix configuration:
virtual_maildir_extended = yes

From: Anonymous at: 2010-03-30 23:48:11

I was getting some SASL-errors when trying to send email with my mta.

Like theese:

postfix/smtpd: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied

 

The new debian (5)-packages for sasl seem to differ a little bit from whats in the guide, but i did this to solve my problem (added the postfix user to the sasl-group):

adduser postfix sasl

 /etc/init.d/postfix reload

 

 

From: elmig at: 2013-07-13 18:06:15

Small but needed changes for Debian 7 'Wheezy':

 

auxprop_plugin: sql
sql_engine: mysql

Also the SQL query needed to have “%u” replaced with “%u@%r” because we now have user and realm provided separately.

 

- source: http://etbe.coker.com.au/2012/06/20/sasl-authentication-wheezy/

From: Anonymous at: 2005-11-05 23:19:17

this paper finally worked. But I had to add for grant ... to user@'%' identified by that is, mysql was not accepting from localhost.. now my mail has arrived. thanks. bvidinli@iyibirisi.com

From: Anonymous at: 2005-11-09 19:13:32

Can you or someone else please explain in more detail how to solve this problem!

Thanks

Michael

From: admin at: 2005-11-10 08:25:09

Please post the problem in the forum: http://www.howtoforge.com/forums

From: Anonymous at: 2006-08-19 08:52:39

Hi, I followed this Howto (its great thanks), however after I recently upgraded postfix with apt it threw the following error at me in mail.log ;

 Aug 19 09:25:41 localhost postfix/virtual[14165]: fatal: mysql:/etc/postfix/mysql-virtual_mailboxes.cf: proxy map is not allowed for security sensitive data

I dont know if it is related to the postfix update or not with debian, however to fix this problem I edited /etc/postfix/main.cf and removed proxy: from all the mysql lines, for example;

 virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf

Instead of

virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf 

Thought I would post this as it might help some one out :D

Regards

 

Keith 

From: ioerror at: 2006-10-04 23:41:27

I found these instructions lacking a little. If you create a new user, you have to take an extra step. You need to create a maildir for the user before you setup the user in the database.

You need to create a folder for your users (example for bofh@YOURVIRTUALDOMAIN.com):

mkdir /home/vmail/YOURVIRTUALDOMAIN.com
mkdir /home/vmail/YOURVIRTUALDOMAIN.com/bofh
cd /home/vmail/YOURVIRTUALDOMAIN.com/bofh
maildirmake Maildir
chown -R vmail:vmail /home/vmail/YOURVIRTUALDOMAIN.com/*


Now you're ready to insert the user into the SQL database. This avoids having mail accepted without a place to put it. After you insert the user into the database, you should be able to login via IMAP and see an empty directory. You should also now be able to send mail!

From: at: 2006-10-30 19:46:40

I would add a step between

apt-get install amavisd-new

and

edit  /etc/amavis/amavisd.conf

edit /etc/apt/sources.list

add to the bottom:
 deb http://some_clamav_mirror sarge/volatile main

where some_clamav_mirror is from this list: http://www.debian.org/devel/debian-volatile/volatile-mirrors

then

apt-get update && apt-get upgrade

 

Vertical 

From: at: 2007-03-20 14:00:26

Hi,

I finally found what's the problem with amavisd. It writes an error like: Table 'mail.policy' not found...

To solve the problem , insert into the new amavisd.conf file the following two lines with correct values:

@lookup_sql_dsn =
( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'mail_admin', 'mail_admin_password'] );

$sql_select_policy = 'SELECT "Y" as local FROM domains WHERE CONCAT("@",domain) IN (%k)';

 

Great howto!!! 

From: Dave at: 2011-02-09 00:53:07

If you get this message, look in /etc/amavis/conf.d/50-user.  It seems that they switched to a multiple-file configuration setup.

From: Anonymous at: 2005-10-15 17:09:27

"Now we create a user and group called vmail with the home directory /home/vamil. This is where all mail boxes will be stored."

should be /home/vmail

"Then run that script once, it will fetch those rulesets and insert them into SpamAssassin:"
Does not insert them or i missed something

From: admin at: 2005-10-15 17:42:29

I corrected the typo, thanks! :-)

From: Anonymous at: 2006-01-26 23:39:34

That update script stubbornly refused to run for me till i realised that pasting into the file using the Webmin file manager pop-up might not be good, so i opened it with vi and all of the line endings had ^M characters.

Got rid of those and it worked like a charm.

Thanks for the great how to!

Matt

From: Anonymous at: 2005-11-05 22:58:09

I got error: "-ERR Maildir: No such file or directory" while telnet localhost pop3 after entering right user/pass: root@server:/var/log # telnet localhost pop3 Trying 127.0.0.1... Connected to server.local. Escape character is '^]'. +OK Hello there. user info2@iyibirisi.net +OK Password required. pass 1234 -ERR Maildir: No such file or directory Connection closed by foreign host. root@server:/var/log #

From: admin at: 2005-11-06 10:39:51

You have to send that user an email first. The mailbox is created when the first email arrives, and then you can use POP3 without errors.

From: Anonymous at: 2005-11-16 09:50:41

I sent a mail and the directory structure exists but I do still have this error message in Outlook ans sqwebmail. Permissions are set to 700 for user accounts. I tried ehlo howtoforge.com; same results as in howto. tried in shell "mail from:<test@howtoforge.com> ; 250-OK rcpt to:<test@virtual.test> (with existing user in mysql database); 250-OK data; 250-OK with comments between <...>; This is a test email. .; Mail queued... quit "

I receive the mail in my directory and everything works fine. If I try to connect to server using pop or imap (sqwebmail) and got this "I got error: "-ERR Maildir: No such file or directory" or "

Unable to open the maildir for this account -- the maildir doesn't exist or has incorrect ownership or permissions."

Some ideas??? Thanks in advance

From: Oles at: 2008-11-12 07:44:02

I had the same error. It was fixed by adding next source

deb http://volatile.debian.org/debian-volatile etch/volatile-sloppy main contrib non-free
and then:

apt-get update
apt-get dist-upgrade

From: Anonymous at: 2005-12-11 22:49:01

GREAT HOWTO! Thanks!

From: Anonymous at: 2005-12-04 11:36:06

Hi,

Every thing works fine :):):):):):) just a little remark, I do not receive any delivery confirmation. What did I wrong or maybe didnt' do?

Thanks

From: Anonymous at: 2005-12-12 05:06:59

Wow, that wget command is tedious! Here's what I've got. Wget -q is quiet, -N overwrites the file if they've been changed and -i defines an input file.

% cat /etc/cron.weekly/sa-rules-update
#!/bin/sh
cd /etc/spamassassin && wget -q -N -i /etc/sa-rules-thirdparty

% head -3 /etc/sa-rules-thirdparty
http://www.rulesemporium.com/rules/71_sare_redirect_pre3.0.0.cf
http://www.rulesemporium.com/rules/70_sare_bayes_poison_nxm.cf
http://www.rulesemporium.com/rules/70_sare_html.cf

Cheers,

Guillaume

From: at: 2008-01-28 03:15:23

You need to remove a line from the /usr/local/sbin/sa_rules_update.sh file if you use this script with any of the newer versions of spamassassin.  Delete the file /etc/spamassassin/antidrug.cf and then

REMOVE THIS LINE:

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://mywebpages.comcast.net/mkettler/sa/antidrug.cf -O antidrug.cf &> /dev/null
 
 

From: Anonymous at: 2012-07-17 09:13:42

Hi,

 The following URL doesn't work anymore (broken), therefor I cannot download the script:

 http://puuhis.net/vhcs/quota.txt

From: Anonymous at: 2005-10-11 07:02:36

I am a newbie in all linux and i am a fervent reader of all the howtos in this site. For people like me articles like this are just the kind we need to get us going !

From: Anonymous at: 2005-10-11 10:35:53

as the usage of SFP is growing, SRS is more-and-more neccessary... ( if you use email-forwarding )

( http://sfp.pobox.com )

From: tommytomato at: 2006-09-26 13:45:17

great  tutorial, thanks I've learnt alot over the past two days.

I got it working ok , but i cant not conntect to mail server using an outside email client.

I can only send and recive localy and remotely using Mutt on the mail server only.

TT 

From: ioerror at: 2006-10-04 20:02:49

I suggest that anyone using this setup replaces the /etc/postfix/sasl/smtpd.conf with the following:

pwcheck_method: saslauthd
#mech_list: plain login
mech_list: digest-md5 cram-md5
allow_plaintext: true
auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: mail_admin
sql_passwd: mail_admin_password
sql_database: mail
sql_select: select password from users where email = '%u'

That will disable authentication in the clear. I also suggest disabling pop3 and imap without ssl. There's no reason to use pop3 or imap without ssl.

Disable them like so (this only disables the insecure versions, ssl is started/stopped through another script):

/etc/init.d/courier-pop stop

/etc/init.d/courier-imap stop



Ensure they don't start on boot like so:

update-rc.d -f courier-pop remove

update-rc.d -f courier-imap remove

At this point, you shouldn't have any of your login and passwords crossing the network in the clear for checking email. You will have logins and hashed passwords sent across the clear when sending email unless the client uses starttls.

Anyone have a good pointer that only allows clients to auth *after* starttls and making auth required for relay?

From: at: 2007-06-11 03:01:20

 my ISP blocks port 25 and I found the following posted by Falco somewhere else that _finally_ enables my server to accept smtp (auth/tls) connections on port 587

 basically add this line

587 inet n - - - - smtpd

 below the line

#587      inet  n - n  - - smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes


in /etc/postfix/master.cf and restart Postfix (sudo postfix reload)

 that's it!

From: at: 2007-07-26 12:06:25

What is the username and password for the vmware image?


Thanks 

From: admin at: 2007-07-27 09:59:06

Take a look here: http://www.howtoforge.com/import_vmware_images

(all passwords are howtoforge).

From: at: 2007-07-27 15:33:25

I tried that, but it says "Login incorrect".

From: admin at: 2007-07-28 07:35:50

The username is root.

BTW, don't use the comment function for this. If you need help, please PM us or write us an email.

From: zed at: 2009-02-16 22:37:10

how can i install postfixadmin on this configuration.  It  is possible?

From: Elietas at: 2009-07-28 08:42:57

Hi,

you have to add @local_domains_acl = ('.'); to /etc/amavis/conf.d/20-debian_defaults if you like Amavis change subject of spam mails.

Without this amavis don´t change the subject.

 Best regards

From: Dlugasx at: 2009-11-09 14:04:00

Do You know how can I connect squirrelmail to that configuration ?

From: Aaron at: 2010-10-02 18:00:32

Hey Falko!

Just ran through this tutorial, set up a mail server on Ubuntu 10.04.1.  Just wanted you to know that it works great with a few exceptions:

1. Step 1 (Page 1):

courier-authmysql is now courier-authlib-mysql
libsasl2 is now libsasl2-2

2. Step 2 (Page 1)

Disregard altogether, no patches (that I could find) for Postfix version 2.7.0

Note: I did install the packages (though in hindsight was probably wasteful), and the following packages are different:

libdb4.2-dev is now libdb4.6-dev
libmysqlclient10-dev is now libmysqlclient-dev
postgresql-dev is now libpq-dev

3. Step 7 (Page 3)

Package unarj no longer exists in the repository (current).  The package arj does, but does not contain an 'unarj' binary.  I just eliminated this completely (though I am sure with a little research the arj package could be used if configured properly where referenced in /etc/amavis/amavisd.conf), I opted to comment out the arj line as it is not a commonly used archive format that I use/receive)

4. Step 8 (Page 4)

dcc-client no longer in the repository (or is named something else now).  I installed Razor and Pyzor, but eliminated dcc-client (at this time), I will probably research it further later.  Also make sure to remove the dcc related lines in /etc/spamassassin/local.cf

As well, I used the format for the rules/scripts that were noted in a comment (above: WGET - Submitted by Anonymous (not registered) on Mon, 2005-12-12 06:06.)

Only problem I found with the rules was I am unable to reach rulesemporium.com at this time.  I am going to research that a little further as well.

Additionally I installed Roundcube (using documentation on the Roundcube website) and it it is working great as well.

Thank you very very very much for your hard work, I have used many of your tutorials in my personal home based server projects.

Aaron

From: Franklin at: 2011-09-10 18:08:39

I've set this up and it seems to work (I can send email via telnet to known addresses and get responses to local addresses) but I can't connect to any of the vmail accounts.

 When I send to <user@domain.tld> the email does not reject but when I try to set up imap through a mail reader the server responds with 

 DATESTAMP server pop3d: LOGIN FAILED, user=<user>, ip=[::ffff:192.168.1.1]

 any ideas?