courier met imap4
Een complete mailserver heeft een IMAP4 toegang nodig. POP3 is niet meer van deze tijd, maar kan eventueel ook. In dit artikel bespreken we de installatie en configuratie van COURIER met IMAP4 op onze reeds bestaande Postfix uit het vorige mailserver artikel.
- courier installatie
De volgendecourierpakketten zijn beschikbaar:
bert@mail:~$aptitude search courier | grep -v i386p courier-authdaemon - Courier authentication daemon p courier-authlib - Courier authentication library p courier-authlib-dev - Development libraries for the Courier auth p courier-authlib-ldap - LDAP support for the Courier authenticatio p courier-authlib-mysql - MySQL support for the Courier authenticati p courier-authlib-pipe - External authentication support for the Co p courier-authlib-postgresql - PostgreSQL support for the Courier authent p courier-authlib-userdb - userdb support for the Courier authenticat p courier-base - Courier mail server - base system p courier-doc - Courier mail server - additional documenta p courier-faxmail - Courier mail server - Fax<->mail gateway p courier-filter-perl - purely Perl-based mail filter framework fo p courier-imap - Courier mail server - IMAP server p courier-imap-ssl - Courier mail server - IMAP over SSL p courier-ldap - Courier mail server - LDAP support p courier-maildrop - Courier mail server - mail delivery agent p courier-mlm - Courier mail server - mailing list manager p courier-mta - Courier mail server - ESMTP daemon p courier-mta-ssl - Courier mail server - ESMTP over SSL p courier-pcp - Courier mail server - PCP server p courier-pop - Courier mail server - POP3 server p courier-pop-ssl - Courier mail server - POP3 over SSL p courier-ssl - Courier mail server - SSL/TLS Support p courier-webadmin - Courier mail server - web-based administra p couriergraph - Mail statistics RRDtool frontend for Couri p couriergrey - Mail filter interface of Courier-MTA to su p courierpassd - change courier user passwords using poppas p mysqmail-courier-logger - real-time logging system in MySQL - CourieWe installeren de volgende pakketten:
courier-base courier-authdaemon courier-authlib-mysql courier-imap courier-imap-ssl courier-ssl
# sudo apt-get install courier-base courier-authdaemon courier-authlib-mysql courier-imap courier-imap-ssl courier-sslThe following extra packages will be installed: courier-authlib courier-authlib-userdb expect gamin libgamin0 libltdl7 libtcl8.6 Suggested packages: courier-doc imap-client tcl8.6 The following NEW packages will be installed: courier-authdaemon courier-authlib courier-authlib-mysql courier-authlib-userdb courier-base courier-imap courier-imap-ssl courier-ssl expect gamin libgamin0 libltdl7 libtcl8.6 0 upgraded, 13 newly installed, 0 to remove and 30 not upgraded. Need to get 1693 kB of archives. After this operation, 6851 kB of additional disk space will be used.De installer vraagt vervolgens of men web-admin wenst te gebruiken: het antwoord is NO
┌───────────────────────────┤ Configuring courier-base ├───────────────────────────┐ │ Courier uses several configuration files in /etc/courier. Some of these files │ │ can be replaced by a subdirectory whose contents are concatenated and treated as │ │ a single, consolidated, configuration file. │ │ │ │ The web-based administration provided by the courier-webadmin package relies on │ │ configuration directories instead of configuration files. If you agree, any │ │ directories needed for the web-based administration tool will be created unless │ │ there is already a plain file in place. │ │ │ │ Create directories for web-based administration? │ │ │ │ <yes> << NO >> │ └──────────────────────────────────────────────────────────────────────────────────┘De installer zoekt ook nog naar een SSL certificaat. Indien we geen certificaat hebben, wordt er zo dadelijk een zelf getekend certificaat gecreëerd. Dit zal straks gevolgen hebben voor software zoals Thunderbird die dit controlleert. We klikken OK
┌────────────────────────────┤ Configuring courier-ssl ├──────────────────────┐ │ SSL certificate required │ │ │ │ POP and IMAP over SSL requires a valid, signed, X.509 certificate. │ │ During the installation of courier-pop-ssl or courier-imap-ssl, │ │ a self-signed X.509 certificate will be generated if necessary. │ │ For production use, the X.509 certificate must be signed by │ │ a recognized certificate authority, in order for mail clients │ │ to accept the certificate. The default location for this certificate is │ │ /etc/courier/pop3d.pem or /etc/courier/imapd.pem. │ │ │ │ <<< Ok >>> │ └─────────────────────────────────────────────────────────────────────────────┘... de installatie wordt hierna afgehandeld:
Setting up libltdl7:amd64 (2.4.2-1.7ubuntu1) ... Setting up libtcl8.6:amd64 (8.6.1-4ubuntu1) ... Setting up expect (5.45-5ubuntu1) ... Setting up courier-authlib (0.63.0-6ubuntu1) ... Setting up courier-authdaemon (0.63.0-6ubuntu1) ... * Starting Courier authentication services authdaemond [ OK ] Setting up courier-authlib-mysql (0.63.0-6ubuntu1) ... Setting up courier-authlib-userdb (0.63.0-6ubuntu1) ... Setting up gamin (0.1.10-4.1ubuntu1) ... Setting up libgamin0 (0.1.10-4.1ubuntu1) ... Processing triggers for ureadahead (0.100.0-16) ... Setting up courier-base (0.68.2-1ubuntu3) ... locale: Cannot set LC_ALL to default locale: No such file or directory update-alternatives: using /usr/bin/deliverquota.courier to provide /usr/bin/deliverquota (deliverquota) in auto mode update-alternatives: using /usr/share/man/man5/maildir.courier.5.gz to provide /usr/share/man/man5/maildir.5.gz (maildir.5.gz) in auto mode update-alternatives: using /usr/bin/maildirmake.courier to provide /usr/bin/maildirmake (maildirmake) in auto mode update-alternatives: using /usr/share/man/man7/maildirquota.courier.7.gz to provide /usr/share/man/man7/maildirquota.7.gz (maildirquota.7.gz) in auto mode update-alternatives: using /usr/bin/makedat.courier to provide /usr/bin/makedat (makedat) in auto mode Setting up courier-ssl (0.68.2-1ubuntu3) ... locale: Cannot set LC_ALL to default locale: No such file or directory Setting up courier-imap (4.10.0-20120615-1ubuntu3) ... * Starting Courier IMAP server imapd [ OK ] Processing triggers for ureadahead (0.100.0-16) ... Setting up courier-imap-ssl (4.10.0-20120615-1ubuntu3) ... locale: Cannot set LC_ALL to default locale: No such file or directory cp: not writing through dangling symlink '/usr/lib/courier/imapd.pem' chmod: cannot operate on dangling symlink '/usr/lib/courier/imapd.pem' chown: cannot dereference '/usr/lib/courier/imapd.pem': No such file or directory Generating a 1024 bit RSA private key .....++++++ .............++++++ writing new private key to '/usr/lib/courier/imapd.pem' ----- 1024 semi-random bytes loaded Generating DH parameters, 512 bit long safe prime, generator 2 This is going to take a long time .......+.......................................+.......................................................................++*++*++*++*++*++* subject= /C=US/ST=NY/L=New York/O=Courier Mail Server/OU=Automatically-generated IMAP SSL key/CN=localhost/emailAddress=postmaster@example.com notBefore=Nov 5 14:20:45 2016 GMT notAfter=Nov 5 14:20:45 2017 GMT SHA1 Fingerprint=3F:A7:3F:C6:FC:C8:D1:ED:9C:2D:65:97:D0:DF:2E:AD:C9:0B:E8:9C * Starting Courier IMAP-SSL server imapd-ssl [ OK ] Processing triggers for libc-bin (2.19-0ubuntu6.9) ... Processing triggers for ureadahead (0.100.0-16) ... - configuratie
De configuratiefiles bevinden zich in een directory/etc/courier-rw------- 1 root root 2171 Nov 5 15:20 imapd.pem drwxr-xr-x 2 daemon daemon 4096 Nov 5 15:20 shared -rw-r--r-- 1 root root 14386 Oct 31 2013 imapd -rw-r--r-- 1 root root 10036 Oct 31 2013 imapd-ssl -rw------- 1 daemon daemon 354 Oct 31 2013 imapd.cnf -rw-rw---- 1 daemon daemon 3654 Oct 30 2013 authdaemonrc -rw-rw---- 1 daemon daemon 8810 Oct 30 2013 authmysqlrc
We zetten eerst de authenticatie methode op mysql. Daartoe editeren we/etc/courier/authdaemonrcen vervangen (in ubuntu 14.04 op regel 27)
authmodulelist="authpam"
door
authmodulelist="authmysql"
Zonder kommentaar ziet de file er dan zo uit:
$ grep -v "^#" /etc/courier/authdaemonrcauthmodulelist="authmysql" authmodulelistorig="authuserdb authpam authpgsql authldap authmysql authcustom authpipe" daemons=5 authdaemonvar=/var/run/courier/authdaemon DEBUG_LOGIN=0 DEFAULTOPTIONS="" LOGGEROPTS=""
Vervolgens zeggen we de authmodule hoe mySQL te gebruiken:
We editeren/etc/courier/authmysqlrc
Na editeren ziet de file er zonder commentaar als volgt uit:
$ grep -v "^#" /etc/courier/authmysqlrcMYSQL_SERVER localhost MYSQL_USERNAME mail MYSQL_PASSWORD sdf12345 MYSQL_PORT 0 MYSQL_OPT 0 MYSQL_DATABASE maildb MYSQL_USER_TABLE users ##NAME: MYSQL_CRYPT_PWFIELD:0 # # Either MYSQL_CRYPT_PWFIELD or MYSQL_CLEAR_PWFIELD must be defined. Both # are OK too. crypted passwords go into MYSQL_CRYPT_PWFIELD MYSQL_CRYPT_PWFIELD crypt ## NAME: MYSQL_CLEAR_PWFIELD:0 ## password stored in MySQL in clear # cleartext passwords go into MYSQL_CLEAR_PWFIELD. Cleartext passwords allow # CRAM-MD5 authentication to be implemented. #MYSQL_CLEAR_PWFIELD clear MYSQL_UID_FIELD uid MYSQL_GID_FIELD gid MYSQL_LOGIN_FIELD id MYSQL_HOME_FIELD home MYSQL_NAME_FIELD name MYSQL_MAILDIR_FIELD concat(home,'/',maildir) MYSQL_WHERE_CLAUSE enabled=1We zetten momenteel zowel "crypt" open naar de server toe;
password is dan sdf12345 (default paswoord indien geen entry is ChangeMe)
Straks gaan we in Thunderbird eerst werken in cleartext, daarna met SSL.
Tot slot herstarten we de courier services:
root@mail:/etc/courier#service courier-authdaemon restart
Stopping Courier authentication services authdaemond [ OK ]
Starting Courier authentication services authdaemond [ OK ]
root@mail:/etc/courier#service courier-imap restart
Stopping Courier IMAP server imapd [ OK ]
Starting Courier IMAP server imapd [ OK ]
root@mail:/etc/courier#service courier-imap-ssl restart
Stopping Courier IMAP-SSL server imapd-ssl [ OK ]
Starting Courier IMAP-SSL server imapd-ssl [ OK ]