Configuring cyrus imap with postfix and mysql database

Sanchez Nicolas sanchez.nicolas at gmail.com
Fri Sep 8 10:25:20 EDT 2006


  Hi !

First, I'm sorry but I'm french and I don't speak english very well, so 
if you don't understand all I write, say it to me.

So I would like to install on a server, 
postfix+cyrus-imap+saslauth+mysql database for authentification.

I've found this tuto but I think my server don't work: 
http://www.campworld.net/thewiki/pmwiki.php/LinuxServersFC5/FC5VirtMailServer 

I explain...

In first, I've installed the packages cyrus-imapd cyrus-imapd-utils 
perl-Cyrus pam_mysql and pam_devel.
Then,I've installed postfix with mysql support from here : 
http://www.campworld.net/downloads/postfix-2.2.8-1.2.i386.rpm
After : fetchmail mdadm(don't know why, but it was in the tuto...).

Then, I've created my database with the files in attachment.

Then, lots of config files modifications I have done, but not really 
understand for pam and saslauthd(see the end of the mail for config files).
After, the Cyrus IMAP configuration...
I've created a "cyrus" user (adduser+passwd) and modified the cyrus conf 
files.
After , I've configured postfix and sasl files.
Then i've launched saslauthd and cyrus-imapd.

Now the pb (Ouch!):
I don't know how to test my conf.
I've send a mail to admin at sd-910.dedibox.fr and an other to 
cyrus at sd-910.dedibox.fr.
Where can I found the mails i've send on my server?
How can I configure thunderbird to get the mails?
Let's see my account config:
-Server type : imap
-address : cyrus or admin @sd-910.dedibox.fr
-server name : sd-910.dedibox.fr
-account name : cyrus or admin
-port: 143
-no secure connexion
-smtp: ??? (smtp.gmail.com cause I don't know what I have to write)

I'm sorry for this long, long mail, but It's my first mail server 
installation and I don't know at all where is my prblem in configuration.

Please, help me!

Thanks in advance,
Nico

------------------------------------------------------------------------
/
/

    * /edit /etc/pam.d/imap and replace the Fedora defaults with the
      following /

/  
auth       sufficient   pam_mysql.so user=mail passwd=xxxxxx host=localhost db=m
ail table=accountuser usercolumn=username passwdcolumn=password crypt=1 logtable
=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid log
timecolumn=time
account    required     pam_mysql.so user=mail passwd=xxxxxxx host=localhost db=m
ail table=accountuser usercolumn=username passwdcolumn=password crypt=1 logtable
=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid log
timecolumn=time 
/

    * /now lets fix up other pam files
       > mv smtp.postfix smtp.postfix.old
       > rm smtp
       > cp imap smtp
       > cp imap smtp.postfix
       > cp imap pop
       > cp imap sieve
       > cat smtp.postfix.old >> smtp.postfis
       > rm smtp.postfix.old /


      /Configure saslauthd/

/Fedora doesn't start saslauthd with the right flags. Edit 
/etc/init.d/saslauthd. Replace /etc/syscnfig/saslauthd with the following. /

/ 
# Directory in which to place saslauthd's listening socket, pid file, and so
# on.  This directory must already exist.
SOCKETDIR=/var/run/saslauthd

# Mechanism to use when checking passwords.  Run "saslauthd -v" to get a list
# of which mechanism your installation was compiled to use.
MECH=pam

# Additional flags to pass to saslauthd on the command line.  See saslauthd(8)
# for the list of accepted flags.
FLAGS=-r/

------------------------------------------------------------------------
//etc/imapd.conf /

/ 
postmaster: postmaster
configdirectory: /var/lib/imap
partition-default: /var/spool/imap
admins: cyrus
sievedir: /var/lib/imap/sieve
sieve_maxscriptsize: 320
sieve_maxscripts: 5
unixhierarchysep: yes
altnamespace: yes
sendmail: /usr/sbin/sendmail
hashimapspool: true
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN
tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
allowanonymouslogin: no
allowplaintext: yes
allowplainwithouttls: yes
autocreatequota: 10000
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
dracinterval: 0
drachost: localhost
servername: sd-910.dedibox.fr

/

//etc/imapd-local.conf /

/ 
postmaster: postmaster
configdirectory: /var/lib/imap
partition-default: /var/spool/imap
admins: cyrus
sievedir: /var/lib/imap/sieve
sieve_maxscriptsize: 32
sieve_maxscripts: 5
unixhierarchysep: yes
sendmail: /usr/sbin/sendmail
hashimapspool: true
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN
tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
allowanonymouslogin: no
allowplaintext: yes
autocreatequota: 10000
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
dracinterval: 0
drachost: localhost
servername: sd-910.dedibox.fr

/

//etc/cyrus.conf /

/ 
# standard standalone server implementation

START {
  # do not delete this entry!
  recover       cmd="ctl_cyrusdb -r"

  # this is only necessary if using idled for IMAP IDLE
  idled         cmd="idled"
}

# UNIX sockets start with a slash and are put into /var/lib/imap/sockets
SERVICES {
  # add or remove based on preferences
  imap          cmd="imapd" listen="imap" prefork=5
  imaps         cmd="imapd -s" listen="imaps" prefork=1
  pop3          cmd="pop3d" listen="pop3" prefork=3
  pop3s         cmd="pop3d -s" listen="pop3s" prefork=1
  sieve         cmd="timsieved" listen="sieve" prefork=1

  # these are only necessary if receiving/exporting usenet via NNTP
#  nntp         cmd="nntpd" listen="nntp" prefork=3
#  nntps                cmd="nntpd -s" listen="nntps" prefork=1

  # at least one LMTP is required for delivery
#  lmtp         cmd="lmtpd" listen="lmtp" prefork=0
  lmtpunix      cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1

  # this is only necessary if using notifications
#  notify       cmd="notifyd" listen="/var/lib/imap/socket/notify" proto="udp" prefork=1
}

EVENTS {
  # this is required
  checkpoint    cmd="ctl_cyrusdb -c" period=30

  # this is only necessary if using duplicate delivery suppression,
  # Sieve or NNTP
  delprune      cmd="cyr_expire -E 3" at=0400

  # this is only necessary if caching TLS sessions
  tlsprune      cmd="tls_prune" at=0400
}/

------------------------------------------------------------------------
//etc/postfix/main.cf /

/ 
# postfix user/group
#soft_bounce=yes
mail_owner = postfix
setgid_group = postdrop
delay_warning_time = 4

# postfix paths
html_directory = no
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
queue_directory = /var/spool/postfix
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.2.2/samples
readme_directory = /usr/share/doc/postfix-2.2.2/README_FILES

# network settings
inet_interfaces = all
mydomain = dedibox.fr
myhostname = sd-910.dedibox.fr
mynetworks = 127.0.0.0/24
mydestination = $myhostname, 
        localhost.$mydomain, 
        localhost, 
        mysql:/etc/postfix/mysql-mydestination.cf
relay_domains = $mydestination
        
# mail delivery
local_transport = cyrus
mailbox_transport = cyrus
recipient_delimiter = + 

# mappings
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
sender_canonical_maps = mysql:/etc/postfix/mysql-canonical.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf,
                regexp:/etc/postfix/virtual_regexp
transport_maps = mysql:/etc/postfix/mysql-transport.cf,
                regexp:/etc/postfix/transport_regexp
#local_recipient_maps = 

# sympa parameters
# sympa_destination_recipient_limit = 1
# sympabounce_destination_recipient_limit = 1

# debugging
debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         xxgdb $daemon_directory/$process_name $process_id & sleep 5

# authentication
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = 
broken_sasl_auth_clients = yes

# rules restrictions 
# smtpd_client_restrictions = reject_rbl_client sb1.spamhaus.org
smtpd_helo_restrictions = permit_sasl_authenticated,
        permit_mynetworks,
        reject_non_fqdn_hostname
smtpd_sender_restrictions = reject_non_fqdn_sender, 
        reject_unknown_sender_domain
smtpd_recipient_restrictions = permit_sasl_authenticated, 
        permit_mynetworks, 
        reject_unauth_destination,
        reject_non_fqdn_recipient, 
        reject_unknown_recipient_domain
smtpd_helo_required = yes
unknown_local_recipient_reject_code = 550
disable_vrfy_command = yes
smtpd_data_restrictions = reject_unauth_pipelining

/

//etc/postfix/master.cf /

/ 
#
# Postfix master process configuration file.  For details on the format
# of the file, see the Postfix master(5) manual page.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd
#  -o content_filter=smtp-amavis:127.0.0.1:10024
#  -o receive_override_options=no_address_mappings
#submission inet n      -       n       -       -       smtpd
#       -o smtpd_etrn_restrictions=reject
#       -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps    inet  n       -       n       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#submission   inet    n       -       n       -       -       smtpd
#  -o smtpd_etrn_restrictions=reject
#  -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
#628      inet  n       -       n       -       -       qmqpd
pickup    fifo  n       -       n       60      1       pickup
  -o content_filter= 
  -o receive_override_options=no_header_body_checks
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       n       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       n       -       -       smtp
        -o fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix  -       n       n       -       -       pipe
  flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
cyrus     unix  -       n       n       -       -       pipe
  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -r ${sender} -m ${extension} ${user}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
#
# spam/virus section
#
#smtp-amavis  unix  -    -       y       -       2       smtp
#  -o smtp_data_done_timeout=1200
#  -o disable_dns_lookups=yes
#  -o smtp_send_xforward_command=yes
#127.0.0.1:10025 inet n  -       y       -       -       smtpd
#  -o content_filter=
#  -o smtpd_helo_restrictions=
#  -o smtpd_sender_restrictions=
#  -o smtpd_recipient_restrictions=permit_mynetworks,reject
#  -o mynetworks=127.0.0.0/8
#  -o smtpd_error_sleep_time=0
#  -o smtpd_soft_error_limit=1001
#  -o smtpd_hard_error_limit=1000
#  -o receive_override_options=no_header_body_checks
#  -o smtpd_bind_address=127.0.0.1
#  -o smtpd_helo_required=no
#  -o smtpd_client_restrictions=
#  -o smtpd_restriction_classes=
#  -o disable_vrfy_command=no
#  -o strict_rfc821_envelopes=yes
#
# transport entry for the mailing lists
#
#sympa        unix  -       n       n       -       -       pipe
#  flags=R user=sympa argv=/home/sympa/bin/queue ${recipient}
#sympabounce  unix  -       n       n       -       -       pipe
#  flags=R user=sympa argv=/home/sympa/bin/bouncequeue ${user}

/

//usr/lib/sasl2/smtpd.conf /

/ 
pwcheck_method: saslauthd
mech_list: plain login

/

//etc/postfix/mysql-canonical.cf /

/ 
# mysql config file for canonical lookups on postfix
# comments are ok.
#

# the user name and password to log into the mysql server
hosts = 127.0.0.1
user = mail
password = xxxxxxxxx

# the database name on the servers
dbname = mail

# the table name
table = virtual
#
select_field = alias
where_field = username
# Return the first match only
additional_conditions = and status = '1' limit 1

/

//etc/postfix/mysql-mydestination.cf /

/ 
# mysql config file for local domain (like sendmail's sendmail.cw) lookups on postfix
# comments are ok.
#

# the user name and password to log into the mysql server
hosts = 127.0.0.1
user = mail
password = xxxxxxxxxxxxxx

# the database name on the servers
dbname = mail

# the table name
table = domain
#
select_field = domain_name
where_field = domain_name

/

//etc/postfix/mysql-relay.cf /

/ 
#
# mysql config file for transport lookups on postfix
# comments are ok.
#

# the user name and password to log into the mysql server
hosts = 127.0.0.1
user = mail
password = xxxxxxxxxxxxxxxx

# the database name on the servers
dbname = mail

# the table name
table = domain

#
select_field = transport
where_field = domain_name

/

//etc/postfix/mysql-transport.cf /

/ 
#
# mysql config file for transport lookups on postfix
# comments are ok.
#

# the user name and password to log into the mysql server
hosts = 127.0.0.1
user = mail
password = xxxxxxxxxxxxxxxx

# the database name on the servers
dbname = mail

# the table name
table = domain

#
select_field = transport
where_field = domain_name

/

//etc/postfix/mysql-virtual.cf /

/ 
#
# mysql config file for alias lookups on postfix
# comments are ok.
#

# the user name and password to log into the mysql server
hosts = 127.0.0.1
user = mail
password = xxxxxxxxxxxx

# the database name on the servers
dbname = mail

# the table name
table = virtual

#
select_field = dest
where_field = alias
additional_conditions = and status = '1'

/

//etc/postfix/transport_regexp /

/ 
# /^.*+owner\@lists\..*$/ sympabounce:
# /^.*\@lists\..*$/       sympa:

/

//etc/postfix/virtual_regexp /

/ 
# This will be used to deal with the mailing lists
#/^(.*)-owner\@lists\.(.*)$/    $1+owner at lists.$2
/

------------------------------------------------------------------------

connect mysql;
INSERT INTO user (Host, User, Password, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv, Index_priv, Alter_priv) VALUES ('localhost', 'mail', PASSWORD('xxxxxxxxxxx'), 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N');
   
INSERT INTO db (Host, Db, User, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Grant_priv, References_priv, Index_priv, Alter_priv) VALUES ('localhost', 'mail', 'mail', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y ');
flush privileges;

create database mail;

------------------------------------------------------------------------

# phpMyAdmin MySQL-Dump
# version 2.2.6
# http://phpwizard.net/phpMyAdmin/
# http://www.phpmyadmin.net/ (download page)
#
# Host: localhost
# Generation Time: Nov 04, 2002 at 01:44 AM
# Server version: 3.23.52
# PHP Version: 4.2.3
# Database : `mail`
# --------------------------------------------------------

#
# Table structure for table `accountuser`
#

CREATE TABLE accountuser (
  username varchar(255) binary NOT NULL default '',
  password varchar(30) binary NOT NULL default '',
  prefix varchar(50) NOT NULL default '',
  domain_name varchar(255) NOT NULL default '',
  UNIQUE KEY username (username)
) TYPE=MyISAM;
# --------------------------------------------------------

#
# Table structure for table `adminuser`
#

CREATE TABLE adminuser (
  username varchar(50) binary NOT NULL default '',
  password varchar(50) binary NOT NULL default '',
  type int(11) NOT NULL default '0',
  SID varchar(255) NOT NULL default '',
  home varchar(255) NOT NULL default '',
  PRIMARY KEY  (username)
) TYPE=MyISAM;
# --------------------------------------------------------

#
# Table structure for table `alias`
#

CREATE TABLE alias (
  alias varchar(255) NOT NULL default '',
  dest longtext,
  username varchar(50) NOT NULL default '',
  status int(11) NOT NULL default '1',
  PRIMARY KEY  (alias)
) TYPE=MyISAM;
# --------------------------------------------------------

#
# Table structure for table `domain`
#

CREATE TABLE domain (
  domain_name varchar(255) NOT NULL default '',
  prefix varchar(50) NOT NULL default '',
  maxaccounts int(11) NOT NULL default '20',
  quota int(10) NOT NULL default '20000',
  transport varchar(255) NOT NULL default 'cyrus',
  freenames enum('YES','NO') NOT NULL default 'NO',
  freeaddress enum('YES','NO') NOT NULL default 'NO',
  PRIMARY KEY  (domain_name),
  UNIQUE KEY prefix (prefix)
) TYPE=MyISAM;
# --------------------------------------------------------

#
# Table structure for table `domainadmin`
#

CREATE TABLE domainadmin (
  domain_name varchar(255) NOT NULL default '',
  adminuser varchar(255) NOT NULL default ''
) TYPE=MyISAM;
# --------------------------------------------------------

#
# Table structure for table `search`
#

CREATE TABLE search (
  search_id varchar(255) NOT NULL default '',
  search_sql text NOT NULL,
  perpage int(11) NOT NULL default '0',
  timestamp timestamp(14) NOT NULL,
  PRIMARY KEY  (search_id),
  KEY search_id (search_id)
) TYPE=MyISAM;
# --------------------------------------------------------

#
# Table structure for table `virtual`
#

CREATE TABLE virtual (
  alias varchar(255) NOT NULL default '',
  dest longtext,
  username varchar(50) NOT NULL default '',
  status int(11) NOT NULL default '1',
  KEY alias (alias)
) TYPE=MyISAM;

CREATE TABLE log (
  id int(11) NOT NULL auto_increment,
  msg text NOT NULL,
  user varchar(255) NOT NULL default '',
  host varchar(255) NOT NULL default '',
  time datetime NOT NULL default '2000-00-00 00:00:00',
  pid varchar(255) NOT NULL default '',
  PRIMARY KEY  (id)
) TYPE=MyISAM;

INSERT INTO adminuser (username, password) VALUES ('admin', ENCRYPT('xxxxxxxxxxxxx'));
INSERT INTO domainadmin (domain_name,adminuser) VALUES ('*','admin');
INSERT INTO accountuser (username, password) VALUES ('cyrus', ENCRYPT('xxxxxxxxx'));



More information about the Info-cyrus mailing list