1 Installation Prerequisites |
1 Installation Prerequisites |
2 You should already have installed and configured Postfix, Dovecot and |
2 You should already have installed and configured Postfix, Dovecot ≥ 1.2.0 |
3 PostgreSQL. |
3 and PostgreSQL. |
4 |
4 |
5 The Virtual Mail Manager depends on: |
5 The Virtual Mail Manager depends on: |
6 - Python (>= 2.4.0) |
6 - Python (≥ 3.2) |
7 - Psycopg 2¹ or pyPgSQL² |
7 - Psycopg¹ (≥ 2.0) |
8 |
8 |
9 If you are using Python <= 2.5.0: |
9 [1] Psycopg: <http://initd.org/psycopg/> (Debian: python3-psycopg2) |
10 - if you want to store your users' passwords as PLAIN-MD4 digest in |
|
11 the database, vmm will try to use Crypto.Hash.MD4 from PyCrypto³. |
|
12 - if you are using Dovecot >= v1.1.0 and you want to store your users' |
|
13 passwords as SHA256 or SSHA256 hashes, vmm will try to use |
|
14 Crypto.Hash.SHA256 from PyCrypto². For SHA256/SSHA256 you should have |
|
15 at least use PyCrypto in version 2.1.0alpha1. |
|
16 |
|
17 When the Crypto.Hash module couldn't be imported, vmm will use |
|
18 dovecotpw/doveadm, if the misc.password_scheme setting in the vmm.cfg |
|
19 is set to PLAIN-MD4, SHA256 or SSHA256 |
|
20 |
|
21 [1] Psycopg: <http://initd.org/psycopg/> (Debian: python-psycopg2) |
|
22 [2] pyPgSQL: <http://pypgsql.sourceforge.net/> (Debian: python-pgsql) |
|
23 [3] PyCrypto: <http://www.pycrypto.org/> (Debian: python-crypto) |
|
24 |
10 |
25 |
11 |
26 Create additionally a user and groups for improved security |
12 Create additionally a user and groups for improved security |
27 We will create the system user `doveauth'. This user is used in the |
13 We will create the system user `doveauth'. This user is used in the |
28 authentication process. On a Debian GNU/Linux System use this command: |
14 authentication process. On a Debian GNU/Linux System use this command: |
30 adduser --system --home /nonexistent --no-create-home --group \ |
16 adduser --system --home /nonexistent --no-create-home --group \ |
31 --disabled-login --gecos "Dovecot IMAP/POP3 authentication user" \ |
17 --disabled-login --gecos "Dovecot IMAP/POP3 authentication user" \ |
32 doveauth |
18 doveauth |
33 |
19 |
34 This will create the doveauth user and group. |
20 This will create the doveauth user and group. |
35 For Dovecot >= 2.0 we create also the group `dovemail'. Dovecot will assign |
21 For Dovecot ≥ 2.0 we create also the group `dovemail'. Dovecot will assign |
36 this group to all Dovecot processes. |
22 this group to all Dovecot processes. |
37 On a Debian GNU/Linux bases system run: |
23 On a Debian GNU/Linux bases system run: |
38 |
24 |
39 addgroup --system dovemail |
25 addgroup --system dovemail |
40 |
26 |
41 |
27 |
42 Configuring PostgreSQL |
28 Configuring PostgreSQL |
43 (for more details see: |
29 (for more details see: |
44 http://vmm.localdomain.org/installation/postgresql_configuration.html) |
30 http://vmm.localdomain.org/installation/postgresql_configuration.html) |
45 |
31 |
46 * /etc/postgresql/8.4/main/pg_hba.conf |
32 * /etc/postgresql/9.1/main/pg_hba.conf |
47 [ if you prefer to connect via TCP/IP ] |
33 [ if you prefer to connect via TCP/IP ] |
48 # IPv4 local connections: |
34 # IPv4 local connections: |
49 host mailsys +mailsys 127.0.0.1/32 md5 |
35 host mailsys +mailsys 127.0.0.1/32 md5 |
50 [ if you want to connect through a local Unix-domain socket ] |
36 [ if you want to connect through a local Unix-domain socket ] |
51 # "local" is for Unix domain socket connections only |
37 # "local" is for Unix domain socket connections only |
52 local mailsys +mailsys md5 |
38 local mailsys +mailsys md5 |
53 |
39 |
54 # reload configuration |
40 # reload configuration |
55 /etc/init.d/postgresql-8.4 force-reload |
41 /etc/init.d/postgresql force-reload |
56 |
42 |
57 * Create a database superuser if necessary: |
43 * Create a database superuser if necessary: |
58 # as root run: su - postgres |
44 # as root run: su - postgres |
59 # if you have sudo privileges run: sudo su - postgres |
45 # if you have sudo privileges run: sudo su - postgres |
60 # create your superuser, which will be able to create users and databases |
46 # create your superuser, which will be able to create users and databases |
72 CREATE DATABASE mailsys WITH OWNER vmm ENCODING 'UTF8'; |
58 CREATE DATABASE mailsys WITH OWNER vmm ENCODING 'UTF8'; |
73 \q |
59 \q |
74 |
60 |
75 # connect to the new database |
61 # connect to the new database |
76 psql mailsys vmm -W -h 127.0.0.1 |
62 psql mailsys vmm -W -h 127.0.0.1 |
77 # either import the database structure for Dovecot v1.0.x/v1.1.x |
63 # import the database structure for Dovecot ≥ 1.2.0 |
78 \i vmm-y.x.z/pgsql/create_tables.pgsql |
|
79 # or import the database structure for Dovecot v1.2.x/v2.x |
|
80 \i vmm-x.y.z/pgsql/create_tables-dovecot-1.2.x.pgsql |
64 \i vmm-x.y.z/pgsql/create_tables-dovecot-1.2.x.pgsql |
81 # leave psql |
65 # leave psql |
82 \q |
66 \q |
83 |
67 |
84 # set permissions for your Dovecot and Postfix users |
68 # set permissions for your Dovecot and Postfix users |
91 mkdir 0 1 2 3 4 5 6 7 8 9 a b c d e f g h i j k l m n o p q r s t u v w x y z |
75 mkdir 0 1 2 3 4 5 6 7 8 9 a b c d e f g h i j k l m n o p q r s t u v w x y z |
92 chmod 771 /srv/mail |
76 chmod 771 /srv/mail |
93 chmod 751 /srv/mail/* |
77 chmod 751 /srv/mail/* |
94 |
78 |
95 |
79 |
96 For Dovecot >= 2.0 read the file Configure.Dovecot_2 |
80 For Dovecot ≥ 2.0 read the file Configure.Dovecot_2 |
97 Configuring Dovecot v1.x |
81 Configuring Dovecot v1.2.x |
98 |
82 |
99 * /etc/dovecot/dovecot.conf |
83 * /etc/dovecot/dovecot.conf |
100 # all your other settings |
84 # all your other settings |
101 #disable_plaintext_auth = no |
85 #disable_plaintext_auth = no |
102 mail_location = maildir:~/Maildir |
86 mail_location = maildir:~/Maildir |
135 password_query = SELECT userid AS "user", password FROM dovecotpassword('%Ln', '%Ld') WHERE %Ls |
119 password_query = SELECT userid AS "user", password FROM dovecotpassword('%Ln', '%Ld') WHERE %Ls |
136 user_query = SELECT home, uid, gid, mail FROM dovecotuser('%Ln', '%Ld') |
120 user_query = SELECT home, uid, gid, mail FROM dovecotuser('%Ln', '%Ld') |
137 |
121 |
138 Provide a root SETUID copy of Dovecot's deliver agent for Postfix |
122 Provide a root SETUID copy of Dovecot's deliver agent for Postfix |
139 |
123 |
140 /!\ Only required with Dovecot v.1.x. |
124 /!\ Only required with Dovecot v.1.2.x. |
141 With Dovecot >= v2.0 use Dovecot's lmtp! |
125 With Dovecot ≥ v2.0 use Dovecot's lmtp! |
142 |
126 |
143 mkdir -p /usr/local/lib/dovecot |
127 mkdir -p /usr/local/lib/dovecot |
144 chmod 700 /usr/local/lib/dovecot |
128 chmod 700 /usr/local/lib/dovecot |
145 chown nobody /usr/local/lib/dovecot |
129 chown nobody /usr/local/lib/dovecot |
146 cp /usr/lib/dovecot/deliver /usr/local/lib/dovecot/ |
130 cp /usr/lib/dovecot/deliver /usr/local/lib/dovecot/ |
152 Start or restart Dovecot |
136 Start or restart Dovecot |
153 |
137 |
154 |
138 |
155 Configuring Postfix's master.cf |
139 Configuring Postfix's master.cf |
156 |
140 |
157 /!\ Only required with Dovecot v.1.x. |
141 /!\ Only required with Dovecot v.1.2.x. |
158 # Add Dovecot's deliver agent |
142 # Add Dovecot's deliver agent |
159 dovecot unix - n n - - pipe |
143 dovecot unix - n n - - pipe |
160 flags=DORhu user=nobody argv=/usr/local/lib/dovecot/deliver -f ${sender} |
144 flags=DORhu user=nobody argv=/usr/local/lib/dovecot/deliver -f ${sender} |
161 -d ${user}@${nexthop} -n -m ${extension} |
145 -d ${user}@${nexthop} -n -m ${extension} |
162 |
146 |
179 virtual_uid_maps = ${sql}pgsql-virtual_uid_maps.cf |
163 virtual_uid_maps = ${sql}pgsql-virtual_uid_maps.cf |
180 virtual_gid_maps = ${sql}pgsql-virtual_gid_maps.cf |
164 virtual_gid_maps = ${sql}pgsql-virtual_gid_maps.cf |
181 virtual_mailbox_base = / |
165 virtual_mailbox_base = / |
182 virtual_mailbox_maps = ${proxysql}pgsql-virtual_mailbox_maps.cf |
166 virtual_mailbox_maps = ${proxysql}pgsql-virtual_mailbox_maps.cf |
183 |
167 |
184 # dovecot LDA (only recommended with Dovecot v1.x) |
168 # dovecot LDA (only recommended with Dovecot v1.2.x) |
185 #dovecot_destination_recipient_limit = 1 |
169 #dovecot_destination_recipient_limit = 1 |
186 #virtual_transport = dovecot: |
170 #virtual_transport = dovecot: |
187 |
171 |
188 # dovecot lmtp |
172 # dovecot lmtp |
189 virtual_transport = lmtp:unix:private/dovecot-lmtp |
173 virtual_transport = lmtp:unix:private/dovecot-lmtp |