Configuring cyrus imap with postfix and mysql database
Andreas Winkelmann
ml at awinkelmann.de
Fri Sep 8 12:07:24 EDT 2006
Am Friday 08 September 2006 16:25 schrieb Sanchez Nicolas:
> First, I'm sorry but I'm french and I don't speak english very well, so
> if you don't understand all I write, say it to me.
>
> So I would like to install on a server,
> postfix+cyrus-imap+saslauth+mysql database for authentification.
>
> I've found this tuto but I think my server don't work:
> http://www.campworld.net/thewiki/pmwiki.php/LinuxServersFC5/FC5VirtMailServ
>er
>
> I explain...
>
> In first, I've installed the packages cyrus-imapd cyrus-imapd-utils
> perl-Cyrus pam_mysql and pam_devel.
> Then,I've installed postfix with mysql support from here :
> http://www.campworld.net/downloads/postfix-2.2.8-1.2.i386.rpm
> After : fetchmail mdadm(don't know why, but it was in the tuto...).
>
> Then, I've created my database with the files in attachment.
>
> Then, lots of config files modifications I have done, but not really
> understand for pam and saslauthd(see the end of the mail for config files).
> After, the Cyrus IMAP configuration...
> I've created a "cyrus" user (adduser+passwd) and modified the cyrus conf
> files.
> After , I've configured postfix and sasl files.
> Then i've launched saslauthd and cyrus-imapd.
>
> Now the pb (Ouch!):
> I don't know how to test my conf.
> I've send a mail to admin at sd-910.dedibox.fr and an other to
> cyrus at sd-910.dedibox.fr.
You should not use "cyrus" to receive/send Mails. It is the Admin-User. And if
"admin" is a Cyrus Admin-User, create a normal Useraccount and test with
that.
> Where can I found the mails i've send on my server?
Hmm, I would start with the Postfix-Logs. Send a Mail and check the Logs if
Postfix gets and send it to Cyrus-Imapd.
If Cyrus-Imapd takes it, connect with your Mailclient and try to read them.
> How can I configure thunderbird to get the mails?
> Let's see my account config:
> -Server type : imap
> -address : cyrus or admin @sd-910.dedibox.fr
> -server name : sd-910.dedibox.fr
> -account name : cyrus or admin
> -port: 143
> -no secure connexion
Don't use "cyrus".
> -smtp: ??? (smtp.gmail.com cause I don't know what I have to write)
Depends on what you want. If you want that your local Postfix will relay Mails
to your ISP, configure that. If you want to use multiple Accounts to send
Mail, it's the easiest to start and configure the ISP in your Mailclient.
> I'm sorry for this long, long mail, but It's my first mail server
> installation and I don't know at all where is my prblem in configuration.
>
> Please, help me!
>
> Thanks in advance,
> Nico
>
> ------------------------------------------------------------------------
> /
> /
>
> * /edit /etc/pam.d/imap and replace the Fedora defaults with the
> following /
>
> /
> auth sufficient pam_mysql.so user=mail passwd=xxxxxx host=localhost
> db=m ail table=accountuser usercolumn=username passwdcolumn=password
> crypt=1 logtable =log logmsgcolumn=msg logusercolumn=user
> loghostcolumn=host logpidcolumn=pid log timecolumn=time
> account required pam_mysql.so user=mail passwd=xxxxxxx
> host=localhost db=m ail table=accountuser usercolumn=username
> passwdcolumn=password crypt=1 logtable =log logmsgcolumn=msg
> logusercolumn=user loghostcolumn=host logpidcolumn=pid log timecolumn=time
> /
>
> * /now lets fix up other pam files
>
> > mv smtp.postfix smtp.postfix.old
> > rm smtp
> > cp imap smtp
> > cp imap smtp.postfix
> > cp imap pop
> > cp imap sieve
> > cat smtp.postfix.old >> smtp.postfis
> > rm smtp.postfix.old /
>
> /Configure saslauthd/
>
> /Fedora doesn't start saslauthd with the right flags. Edit
> /etc/init.d/saslauthd. Replace /etc/syscnfig/saslauthd with the following.
> /
>
> /
> # Directory in which to place saslauthd's listening socket, pid file, and
> so # on. This directory must already exist.
> SOCKETDIR=/var/run/saslauthd
>
> # Mechanism to use when checking passwords. Run "saslauthd -v" to get a
> list # of which mechanism your installation was compiled to use.
> MECH=pam
>
> # Additional flags to pass to saslauthd on the command line. See
> saslauthd(8) # for the list of accepted flags.
> FLAGS=-r/
>
> ------------------------------------------------------------------------
> //etc/imapd.conf /
>
> /
> postmaster: postmaster
> configdirectory: /var/lib/imap
> partition-default: /var/spool/imap
> admins: cyrus
> sievedir: /var/lib/imap/sieve
> sieve_maxscriptsize: 320
> sieve_maxscripts: 5
> unixhierarchysep: yes
> altnamespace: yes
> sendmail: /usr/sbin/sendmail
> hashimapspool: true
> sasl_pwcheck_method: saslauthd
> sasl_mech_list: PLAIN
> tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
> tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
> tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
> allowanonymouslogin: no
> allowplaintext: yes
> allowplainwithouttls: yes
> autocreatequota: 10000
> reject8bit: no
> quotawarn: 90
> timeout: 30
> poptimeout: 10
> dracinterval: 0
> drachost: localhost
> servername: sd-910.dedibox.fr
>
> /
>
> //etc/imapd-local.conf /
>
> /
> postmaster: postmaster
> configdirectory: /var/lib/imap
> partition-default: /var/spool/imap
> admins: cyrus
> sievedir: /var/lib/imap/sieve
> sieve_maxscriptsize: 32
> sieve_maxscripts: 5
> unixhierarchysep: yes
> sendmail: /usr/sbin/sendmail
> hashimapspool: true
> sasl_pwcheck_method: saslauthd
> sasl_mech_list: PLAIN
> tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
> tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
> tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
> allowanonymouslogin: no
> allowplaintext: yes
> autocreatequota: 10000
> reject8bit: no
> quotawarn: 90
> timeout: 30
> poptimeout: 10
> dracinterval: 0
> drachost: localhost
> servername: sd-910.dedibox.fr
>
> /
>
> //etc/cyrus.conf /
>
> /
> # standard standalone server implementation
>
> START {
> # do not delete this entry!
> recover cmd="ctl_cyrusdb -r"
>
> # this is only necessary if using idled for IMAP IDLE
> idled cmd="idled"
> }
>
> # UNIX sockets start with a slash and are put into /var/lib/imap/sockets
> SERVICES {
> # add or remove based on preferences
> imap cmd="imapd" listen="imap" prefork=5
> imaps cmd="imapd -s" listen="imaps" prefork=1
> pop3 cmd="pop3d" listen="pop3" prefork=3
> pop3s cmd="pop3d -s" listen="pop3s" prefork=1
> sieve cmd="timsieved" listen="sieve" prefork=1
>
> # these are only necessary if receiving/exporting usenet via NNTP
> # nntp cmd="nntpd" listen="nntp" prefork=3
> # nntps cmd="nntpd -s" listen="nntps" prefork=1
>
> # at least one LMTP is required for delivery
> # lmtp cmd="lmtpd" listen="lmtp" prefork=0
> lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1
>
> # this is only necessary if using notifications
> # notify cmd="notifyd" listen="/var/lib/imap/socket/notify"
> proto="udp" prefork=1 }
>
> EVENTS {
> # this is required
> checkpoint cmd="ctl_cyrusdb -c" period=30
>
> # this is only necessary if using duplicate delivery suppression,
> # Sieve or NNTP
> delprune cmd="cyr_expire -E 3" at=0400
>
> # this is only necessary if caching TLS sessions
> tlsprune cmd="tls_prune" at=0400
> }/
>
> ------------------------------------------------------------------------
> //etc/postfix/main.cf /
>
> /
> # postfix user/group
> #soft_bounce=yes
> mail_owner = postfix
> setgid_group = postdrop
> delay_warning_time = 4
>
> # postfix paths
> html_directory = no
> command_directory = /usr/sbin
> daemon_directory = /usr/libexec/postfix
> queue_directory = /var/spool/postfix
> sendmail_path = /usr/sbin/sendmail.postfix
> newaliases_path = /usr/bin/newaliases.postfix
> mailq_path = /usr/bin/mailq.postfix
> manpage_directory = /usr/share/man
> sample_directory = /usr/share/doc/postfix-2.2.2/samples
> readme_directory = /usr/share/doc/postfix-2.2.2/README_FILES
>
> # network settings
> inet_interfaces = all
> mydomain = dedibox.fr
> myhostname = sd-910.dedibox.fr
> mynetworks = 127.0.0.0/24
> mydestination = $myhostname,
> localhost.$mydomain,
> localhost,
> mysql:/etc/postfix/mysql-mydestination.cf
> relay_domains = $mydestination
>
> # mail delivery
> local_transport = cyrus
> mailbox_transport = cyrus
> recipient_delimiter = +
>
> # mappings
> alias_maps = hash:/etc/aliases
> alias_database = hash:/etc/aliases
> sender_canonical_maps = mysql:/etc/postfix/mysql-canonical.cf
> virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf,
> regexp:/etc/postfix/virtual_regexp
> transport_maps = mysql:/etc/postfix/mysql-transport.cf,
> regexp:/etc/postfix/transport_regexp
> #local_recipient_maps =
>
> # sympa parameters
> # sympa_destination_recipient_limit = 1
> # sympabounce_destination_recipient_limit = 1
>
> # debugging
> debug_peer_level = 2
> debugger_command =
> PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
> xxgdb $daemon_directory/$process_name $process_id & sleep 5
>
> # authentication
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_security_options = noanonymous
> smtpd_sasl_local_domain =
> broken_sasl_auth_clients = yes
>
> # rules restrictions
> # smtpd_client_restrictions = reject_rbl_client sb1.spamhaus.org
> smtpd_helo_restrictions = permit_sasl_authenticated,
> permit_mynetworks,
> reject_non_fqdn_hostname
> smtpd_sender_restrictions = reject_non_fqdn_sender,
> reject_unknown_sender_domain
> smtpd_recipient_restrictions = permit_sasl_authenticated,
> permit_mynetworks,
> reject_unauth_destination,
> reject_non_fqdn_recipient,
> reject_unknown_recipient_domain
> smtpd_helo_required = yes
> unknown_local_recipient_reject_code = 550
> disable_vrfy_command = yes
> smtpd_data_restrictions = reject_unauth_pipelining
>
> /
>
> //etc/postfix/master.cf /
>
> /
> #
> # Postfix master process configuration file. For details on the format
> # of the file, see the Postfix master(5) manual page.
> #
> #
> ==========================================================================
> # service type private unpriv chroot wakeup maxproc command + args #
> (yes) (yes) (yes) (never) (100)
> #
> ==========================================================================
> smtp inet n - n - - smtpd
> # -o content_filter=smtp-amavis:127.0.0.1:10024
> # -o receive_override_options=no_address_mappings
> #submission inet n - n - - smtpd
> # -o smtpd_etrn_restrictions=reject
> # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
> #smtps inet n - n - - smtpd
> # -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
> #submission inet n - n - - smtpd
> # -o smtpd_etrn_restrictions=reject
> # -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
> #628 inet n - n - - qmqpd
> pickup fifo n - n 60 1 pickup
> -o content_filter=
> -o receive_override_options=no_header_body_checks
> cleanup unix n - n - 0 cleanup
> qmgr fifo n - n 300 1 qmgr
> #qmgr fifo n - n 300 1 oqmgr
> tlsmgr unix - - n 1000? 1 tlsmgr
> rewrite unix - - n - - trivial-rewrite
> bounce unix - - n - 0 bounce
> defer unix - - n - 0 bounce
> trace unix - - n - 0 bounce
> verify unix - - n - 1 verify
> flush unix n - n 1000? 0 flush
> proxymap unix - - n - - proxymap
> smtp unix - - n - - smtp
> # When relaying mail as backup MX, disable fallback_relay to avoid MX loops
> relay unix - - n - - smtp
> -o fallback_relay=
> # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
> showq unix n - n - - showq
> error unix - - n - - error
> discard unix - - n - - discard
> local unix - n n - - local
> virtual unix - n n - - virtual
> lmtp unix - - n - - lmtp
> anvil unix - - n - 1 anvil
> scache unix - - n - 1 scache
> #
> # ====================================================================
> # Interfaces to non-Postfix software. Be sure to examine the manual
> # pages of the non-Postfix software to find out what options it wants.
> #
> # Many of the following services use the Postfix pipe(8) delivery
> # agent. See the pipe(8) man page for information about ${recipient}
> # and other message envelope options.
> # ====================================================================
> #
> # maildrop. See the Postfix MAILDROP_README file for details.
> # Also specify in main.cf: maildrop_destination_recipient_limit=1
> #
> maildrop unix - n n - - pipe
> flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
> #
> # The Cyrus deliver program has changed incompatibly, multiple times.
> #
> old-cyrus unix - n n - - pipe
> flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension}
> ${user} # Cyrus 2.1.5 (Amos Gouaux)
> # Also specify in main.cf: cyrus_destination_recipient_limit=1
> cyrus unix - n n - - pipe
> user=cyrus argv=/usr/lib/cyrus-imapd/deliver -r ${sender} -m ${extension}
> ${user} #
> # See the Postfix UUCP_README file for configuration details.
> #
> uucp unix - n n - - pipe
> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
> ($recipient) #
> # Other external delivery methods.
> #
> ifmail unix - n n - - pipe
> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
> bsmtp unix - n n - - pipe
> flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
> $recipient #
> # spam/virus section
> #
> #smtp-amavis unix - - y - 2 smtp
> # -o smtp_data_done_timeout=1200
> # -o disable_dns_lookups=yes
> # -o smtp_send_xforward_command=yes
> #127.0.0.1:10025 inet n - y - - smtpd
> # -o content_filter=
> # -o smtpd_helo_restrictions=
> # -o smtpd_sender_restrictions=
> # -o smtpd_recipient_restrictions=permit_mynetworks,reject
> # -o mynetworks=127.0.0.0/8
> # -o smtpd_error_sleep_time=0
> # -o smtpd_soft_error_limit=1001
> # -o smtpd_hard_error_limit=1000
> # -o receive_override_options=no_header_body_checks
> # -o smtpd_bind_address=127.0.0.1
> # -o smtpd_helo_required=no
> # -o smtpd_client_restrictions=
> # -o smtpd_restriction_classes=
> # -o disable_vrfy_command=no
> # -o strict_rfc821_envelopes=yes
> #
> # transport entry for the mailing lists
> #
> #sympa unix - n n - - pipe
> # flags=R user=sympa argv=/home/sympa/bin/queue ${recipient}
> #sympabounce unix - n n - - pipe
> # flags=R user=sympa argv=/home/sympa/bin/bouncequeue ${user}
>
> /
>
> //usr/lib/sasl2/smtpd.conf /
>
> /
> pwcheck_method: saslauthd
> mech_list: plain login
>
> /
>
> //etc/postfix/mysql-canonical.cf /
>
> /
> # mysql config file for canonical lookups on postfix
> # comments are ok.
> #
>
> # the user name and password to log into the mysql server
> hosts = 127.0.0.1
> user = mail
> password = xxxxxxxxx
>
> # the database name on the servers
> dbname = mail
>
> # the table name
> table = virtual
> #
> select_field = alias
> where_field = username
> # Return the first match only
> additional_conditions = and status = '1' limit 1
>
> /
>
> //etc/postfix/mysql-mydestination.cf /
>
> /
> # mysql config file for local domain (like sendmail's sendmail.cw) lookups
> on postfix # comments are ok.
> #
>
> # the user name and password to log into the mysql server
> hosts = 127.0.0.1
> user = mail
> password = xxxxxxxxxxxxxx
>
> # the database name on the servers
> dbname = mail
>
> # the table name
> table = domain
> #
> select_field = domain_name
> where_field = domain_name
>
> /
>
> //etc/postfix/mysql-relay.cf /
>
> /
> #
> # mysql config file for transport lookups on postfix
> # comments are ok.
> #
>
> # the user name and password to log into the mysql server
> hosts = 127.0.0.1
> user = mail
> password = xxxxxxxxxxxxxxxx
>
> # the database name on the servers
> dbname = mail
>
> # the table name
> table = domain
>
> #
> select_field = transport
> where_field = domain_name
>
> /
>
> //etc/postfix/mysql-transport.cf /
>
> /
> #
> # mysql config file for transport lookups on postfix
> # comments are ok.
> #
>
> # the user name and password to log into the mysql server
> hosts = 127.0.0.1
> user = mail
> password = xxxxxxxxxxxxxxxx
>
> # the database name on the servers
> dbname = mail
>
> # the table name
> table = domain
>
> #
> select_field = transport
> where_field = domain_name
>
> /
>
> //etc/postfix/mysql-virtual.cf /
>
> /
> #
> # mysql config file for alias lookups on postfix
> # comments are ok.
> #
>
> # the user name and password to log into the mysql server
> hosts = 127.0.0.1
> user = mail
> password = xxxxxxxxxxxx
>
> # the database name on the servers
> dbname = mail
>
> # the table name
> table = virtual
>
> #
> select_field = dest
> where_field = alias
> additional_conditions = and status = '1'
>
> /
>
> //etc/postfix/transport_regexp /
>
> /
> # /^.*+owner\@lists\..*$/ sympabounce:
> # /^.*\@lists\..*$/ sympa:
>
> /
>
> //etc/postfix/virtual_regexp /
>
> /
> # This will be used to deal with the mailing lists
> #/^(.*)-owner\@lists\.(.*)$/ $1+owner at lists.$2
> /
>
> ------------------------------------------------------------------------
>
> connect mysql;
> INSERT INTO user (Host, User, Password, Select_priv, Insert_priv,
> Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv,
> Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv,
> Index_priv, Alter_priv) VALUES ('localhost', 'mail',
> PASSWORD('xxxxxxxxxxx'), 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N',
> 'N', 'N', 'N', 'N');
>
> INSERT INTO db (Host, Db, User, Select_priv, Insert_priv, Update_priv,
> Delete_priv, Create_priv, Drop_priv, Grant_priv, References_priv,
> Index_priv, Alter_priv) VALUES ('localhost', 'mail', 'mail', 'Y', 'Y', 'Y',
> 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y '); flush privileges;
>
> create database mail;
>
> ------------------------------------------------------------------------
>
> # phpMyAdmin MySQL-Dump
> # version 2.2.6
> # http://phpwizard.net/phpMyAdmin/
> # http://www.phpmyadmin.net/ (download page)
> #
> # Host: localhost
> # Generation Time: Nov 04, 2002 at 01:44 AM
> # Server version: 3.23.52
> # PHP Version: 4.2.3
> # Database : `mail`
> # --------------------------------------------------------
>
> #
> # Table structure for table `accountuser`
> #
>
> CREATE TABLE accountuser (
> username varchar(255) binary NOT NULL default '',
> password varchar(30) binary NOT NULL default '',
> prefix varchar(50) NOT NULL default '',
> domain_name varchar(255) NOT NULL default '',
> UNIQUE KEY username (username)
> ) TYPE=MyISAM;
> # --------------------------------------------------------
>
> #
> # Table structure for table `adminuser`
> #
>
> CREATE TABLE adminuser (
> username varchar(50) binary NOT NULL default '',
> password varchar(50) binary NOT NULL default '',
> type int(11) NOT NULL default '0',
> SID varchar(255) NOT NULL default '',
> home varchar(255) NOT NULL default '',
> PRIMARY KEY (username)
> ) TYPE=MyISAM;
> # --------------------------------------------------------
>
> #
> # Table structure for table `alias`
> #
>
> CREATE TABLE alias (
> alias varchar(255) NOT NULL default '',
> dest longtext,
> username varchar(50) NOT NULL default '',
> status int(11) NOT NULL default '1',
> PRIMARY KEY (alias)
> ) TYPE=MyISAM;
> # --------------------------------------------------------
>
> #
> # Table structure for table `domain`
> #
>
> CREATE TABLE domain (
> domain_name varchar(255) NOT NULL default '',
> prefix varchar(50) NOT NULL default '',
> maxaccounts int(11) NOT NULL default '20',
> quota int(10) NOT NULL default '20000',
> transport varchar(255) NOT NULL default 'cyrus',
> freenames enum('YES','NO') NOT NULL default 'NO',
> freeaddress enum('YES','NO') NOT NULL default 'NO',
> PRIMARY KEY (domain_name),
> UNIQUE KEY prefix (prefix)
> ) TYPE=MyISAM;
> # --------------------------------------------------------
>
> #
> # Table structure for table `domainadmin`
> #
>
> CREATE TABLE domainadmin (
> domain_name varchar(255) NOT NULL default '',
> adminuser varchar(255) NOT NULL default ''
> ) TYPE=MyISAM;
> # --------------------------------------------------------
>
> #
> # Table structure for table `search`
> #
>
> CREATE TABLE search (
> search_id varchar(255) NOT NULL default '',
> search_sql text NOT NULL,
> perpage int(11) NOT NULL default '0',
> timestamp timestamp(14) NOT NULL,
> PRIMARY KEY (search_id),
> KEY search_id (search_id)
> ) TYPE=MyISAM;
> # --------------------------------------------------------
>
> #
> # Table structure for table `virtual`
> #
>
> CREATE TABLE virtual (
> alias varchar(255) NOT NULL default '',
> dest longtext,
> username varchar(50) NOT NULL default '',
> status int(11) NOT NULL default '1',
> KEY alias (alias)
> ) TYPE=MyISAM;
>
> CREATE TABLE log (
> id int(11) NOT NULL auto_increment,
> msg text NOT NULL,
> user varchar(255) NOT NULL default '',
> host varchar(255) NOT NULL default '',
> time datetime NOT NULL default '2000-00-00 00:00:00',
> pid varchar(255) NOT NULL default '',
> PRIMARY KEY (id)
> ) TYPE=MyISAM;
>
> INSERT INTO adminuser (username, password) VALUES ('admin',
> ENCRYPT('xxxxxxxxxxxxx')); INSERT INTO domainadmin (domain_name,adminuser)
> VALUES ('*','admin'); INSERT INTO accountuser (username, password) VALUES
> ('cyrus', ENCRYPT('xxxxxxxxx'));
>
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
--
Andreas
More information about the Info-cyrus
mailing list