{ Berbagi, Menulis, Dan Mengajar } Ilmu… » Linux » installasi Qmail di Debian GNU-LINUX
installasi Qmail di Debian GNU-LINUX
Saat ini debian etch yang telah telah menyediakan paket Qmail source lengkap dengan modul modul pendukungnya,disini akan saya tulis step by step installasi Qmail di debian Etch.
Mengapa Qmail ?
saya pilih qmail, jelas Qmail lebih handal dan Management-nya lebih mudah,selain itu kemampuan Qmail dalam melayani akses ribuan Qmail /hari sudah jelas terbukti (lihatlah Yahoo Mail!!)
sebelum mengikuti langkah langkah mustajab berikut,alangkah baiknya kita mendownload file qmailrocks.tar.gz yang berisi source lengkap dari Qmail dan modul modul pendukung lainnya, pada step selanjutnya kita akan melakukan installasi modul pendukung dari source qmailrocks
okey … Go Start Right Now… GoodLuck
—
1. Update Source apt ke mirror terdekat ( saya pilih di Singapura) upstream dari sana lebih menjanjikan .
—
deb http://security.debian.org/ etch/updates main contrib non-free
deb http://security.debian.org/ etch/updates main
deb http://mirror.averse.net/debian/ etch main contrib non-free
deb-src http://mirror.averse.net/debian/ etch main contrib non-free
deb-src http://mirror.averse.net/debian/ etch main
—
2. Instalasi Qmail
Debian Etch menyediakan paket qmail-src yang berisi source code qmail yang telah dilengkapi dengan build-script yang memudahkan kita dalam melakukan kompilasinya. Paket source qmail ini juga telah dilengkapi dengan patch QMAILQUEUE yang memungkinkan anda untuk mengubah isi queue sebelum suatu mail dikirimkan.
Instalasi kedua paket di atas dapat dilakukan dengan cara:
root:~# apt-get install qmail-src ucspi-tcp-src
Setelah kedua paket di atas terinstall kita akan mengcompile ucspi-tcp terlebih dahulu, baru setelah itu kita melakukan kompilasi pada qmail.
root:~# build-ucspi-tcp
kita akan diminta memasukkan direktori untuk melakukan kompilasi (defaultnya /tmp/ucspi-tcp). Ikuti perintah pada layar, dan setelah selesai anda akan mendapatkan file ucspi-tcp_0.88-5_i386.deb yang dapat langsung anda install.
root:~# dpkg -i /tmp/ucspi-tcp/ucspi-tcp_0.88-5_i386.deb
Ada beberapa patch yang diperlukan untuk membangun binary qmail yaitu:
1. qmail-1.03-maxrcpt.patch: Digunakan untuk membatasi jumlah penerima per email. RFC2821 menyatakan bahwa suatu MTA harus dapat menerima setidaknya 100 penerima untuk tiap mail, namun boleh juga bila kita tidak ingin menerimanya. Pembatasan ini berguna untuk mengurangi spam.
2. qmail-1.03-mfcheck.3.patch: Digunakan untuk menolak email bila domain pengirim tidak valid.
3. qmail-1.03-quotas-1.1.patch: Digunakan untuk menset “over quota” sebagai hard error. Tanpa patch ini, “over quota” pada alamat tujuan hanya menghasilkan soft error sehingga pesan akan secara terus menerus dikirimkan hingga umur maksimal pada queue tercapai.
4. qmail-date-localtime.patch: Berguna agar qmail menggunakan format date lokal pada header email yang dikirimkan.
5. qmail-smtpd-auth: Memaksa user untuk login sebelum mengirim email. Hal ini berguna untuk menghindari pengiriman email yang dilakukan oleh virus/worm.
root:~# build-qmail
This script unpacks the qmail source into a directory, and
compiles it to produce a binary qmail*.deb file.
The directory where this is done will end up containing the source
and package files for the qmail binary package, along with a
directory containing the unpacked source.
Enter a directory where you would like to do this [/tmp/qmail]
dpkg-source: extracting qmail in qmail-1.03
dpkg-source: extracting qmail in qmail-1.03
Binary package qmail will be compiled now
If you want to apply a custom patch, switch to another console and do it now
This can take long time, depending on your machine
Press ENTER to continue…
Setelah proses kompilasi selesai anda akan mendapatkan file /tmp/qmail/qmail_1.03-24_i386.deb pada direktori /tmp/qmail. File ini dapat langsung diinstall pada banyak komputer tanpa harus melakukan kompilasi ulang.
root:~# dpkg -i /tmp/qmail/qmail_1.03-24_i386.deb
root:~# echo “nama.domain.anda” > /var/qmail/control/me
Jangan lupa untuk memeriksa isi file /etc/tcp.smtp untuk menentukan network mana saja yang dapat menggunakan mailserver anda. Secara default, isi dari file ini adalah:
127.0.0.1:allow,RELAYCLIENT=””
Anda dapat mengubah isi file itu menjadi:
127.0.0.1:allow,RELAYCLIENT=””
[IP Network Anda]:allow,RELAYCLIENT=””
:allow
root:~# echo “.id” >> /var/qmail/control/rcpthosts
root:~# echo “.com” >> /var/qmail/control/rcpthosts
root:~# echo “.net” >> /var/qmail/control/rcpthosts
root:~# echo “.edu” >> /var/qmail/control/rcpthosts
…
Dot yang lain bisa menyusul kemudian
Setelah anda mengubah isi /etc/tcp.smtp jangan lupa untuk membangun databasenya dengan menjalankan perintah:
root:~# tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
Hasil installasi Qmail diatas akan menghasilkan script boot up /etc/init.d/qmail
3. Setting Maildir
Maildir adalah direktory email yang secara umum digunakan oleh Qmail-MailServer. Untuk bisa membaca email di Maildir maka kita harus mengedit file /etc/init.d/qmail, default-nya
alias_empty=”|/usr/sbin/qmail-procmail” Beri komentar “#”
kemudian cari ganti dengan alias_empty=”./Maildir/”
maka akan diperoleh konfigurasi seperti dibawah ini
# set default delivery method
#alias_empty=”|/usr/sbin/qmail-procmail” # procmail delivery to /var/spool/mai
alias_empty=”./Maildir/” # This uses qmail prefered ~/Maildir/ directory
# You may want to maildirmake /etc/skel/Maildir
#alias_empty=”./Mailbox” # This uses Mailbox file in users $HOME
kemudian lakukan restart Qmail
root:~# /etc/init.d/qmail restart
Test Email-Server,
kita dapat mencoba mailserver baru anda dengan menggunakan telnet seperti yang digambarkan pada potongan program di bawah ini.
root:~# telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
220 ptpn-xi.com ESMTP
MAIL FROM:
250 ok
RCPT TO:
250 ok
DATA
354 go ahead
ketik pesan anda di sini
dan setelah selesai akhiri dengan tanda titik (.)
.
250 ok [angka aneh]
—
4. Installasi VPOPMAIL on MYSQL
Apakah Vpopmail itu ?
vpopmail is a free GPL software package, to provide an easy way to manage virtual e-mail domains and non /etc/passwd e-mail accounts on your qmail or Postfix mail servers. Originally developed by Inter7 it has become a large open source project with a large community supporting it.
root:~# apt-get install vopomail-bin
Ada beberapa perintah dasar yang disediakan oleh vpopmail. Perintah-perintah ini adalah perintah dasar yang umum dipakai dalam manajemen suatu domain beserta user-user di dalamnya.
* vadddomain: digunakan untuk menambahkan virtual domain dan POSTMASTER domain tersebut.
* vadduser: digunakan untuk menambahkan user pada domain virtual.
* vpasswd: digunakan untuk mengubah password user pada domain virtual.
* vdeluser: digunakan untuk menghapus suatu user virtual domain.
* vdeldomain: digunakan untuk menghapus virtual domain.
root:~# vadddomain coba.domain.com
Please enter password for postmaster: *****
enter password again: *****
root:~# vadduser user1@coba.domain.com
Please enter password for user1@coba.domain.com: ****
enter password again: ****
Pada contoh di atas tampak bahwa domain coba.domain.com telah sukses dibuat dan kita juga telah membuat user baru untuk domain itu yakni user1@coba.domain.com.
Setup the MySQL support in the vpopmail sources
# Create the configuration file that vpopmail will use
# to setup the connection to the mysql database
#
# This example will tell vpopmail :
# * Log into the server running on localhost
# * Use the default mysql port
# (In fact if the server is localhost, and you don’t specify a port number, then
# I believe the that communications are done via unix sockets rather than TCP/IP)
# * Login with username vpopmailuser
# * Login with password vpoppasswd
# * Use the database called vpopmail
#
mkdir ~vpopmail/etc
chown vpopmail.vchkpw ~vpopmail/etc
echo “localhost|0|vpopmailuser|vpoppasswd|vpopmail” > ~vpopmail/etc/vpopmail.mysql
chown vpopmail.vchkpw ~vpopmail/etc/vpopmail.mysql
chmod 640 ~vpopmail/etc/vpopmail.mysql
# log into MySQL as the MySQL root user
# and then create the database for vpopmail to use
# and then setup the appropriate permissions on this database
/usr/local/mysql/bin/mysql –password=”mysql-root-pwd”
CREATE DATABASE vpopmail;
GRANT select,insert,update,delete,create,drop ON vpopmail.*
TO vpopmailuser@localhost IDENTIFIED BY ‘vpoppasswd';
quit
Now, build the program
./configure \
–disable-roaming-users \
–enable-logging=p \
–disable-passwd \
–enable-clear-passwd \
–disable-domain-quotas \
–enable-auth-module=mysql \
–enable-auth-logging \
–enable-sql-logging \
–enable-valias \
–disable-mysql-limits
make
make install-strip
Review the contents of the file is used to set the default limits for any domains / mailboxes in the vpopmail system. Make sure it contains reasonable defaults for your system.
vi ~vpopmail/etc/vlimits.default
# in particular set the default mailbox size to be something reasonable eg 20Mb
default_quota 20971520
Optionally, nominate a “default domain”. Users in this domain can login to POP3 etc using just their username. Users from all other domains need to use their full email address as their login name.
echo “yourdomain.com” > /home/vpopmail/etc/defaultdomain
Setup the quota warning message that is sent to users when they are at 90% quota
vi quotawarn.msg
From: SomeCompany Postmaster
To: SomeCompany User:;
Subject: Mail quota warning
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 7bit
Your mailbox on the server is now more than 90% full.
So that you can continue to receive mail,
you need to remove some messages from your mailbox.
If you require assistance with this,
please contact our support department :
email : support@yourdomain.com
Tel : xx xxxx xxxx
cp quotawarn.msg /home/vpopmail/domains/.quotawarn.msg
If you want, you can alter the standard message that gets sent to the sender in an overquota situation
echo “Message rejected. Not enough storage space in user’s mailbox to accept message.” > /home/vpopmail/domains/.over-quota.msg
OK, vpopmail is now installed!
Some example vpopmail commands :
To add a domain :
/home/vpopmail/bin/vadddomain yourdomain.com yourpassword
# this creates the domain and makes a mailbox postmaster@yourdomain.com
To add a mailbox:
/home/vpopmail/bin/vadduser someone@yourdomain.com apassword
(Or you can do it via qmailadmin)
To remove a mailbox
/home/vpopmail/bin/vdeluser someone@yourdomain.com
(Or you can do it via qmailadmin)
To remove a domain :
/home/vpopmail/bin/vdeldomain yourdomain.com
To change a user’s password
/home/vpopmail/bin/vpasswd someone@yourdomain.com newpassword
(Or you can do it via qmailadmin)
To lookup info about a user
/home/vpopmail/bin/vuserinfo someone@yourdomain.com
This gives you info such as name, crypted password, cleartext password, dir, quota, usage%, last auth.
It has a number of flags to let you see the individual fields, or you can see them all if you dont use any flags.
It also creates the maildirsize file in the users dir
Logging in via POP3
When your users are setting up their POP3 email clients (eg Outlook Express), they should use settings like this :
My incoming mail server is a POP3 server
Incoming mail server (POP3): pop3.yourdomain.com
Outgoing mail server (SMTP): smtp.yourdomain.com
POP3 account name : theirusername@yourdomain.com
Password: theirpassword
5. Installasi AUTORESPONDER
Ambil paket autoresponder dari source qmailrock
tar xzf autorespond-2.0.4.tar.gz
chown -R root.root autorespond-2.0.4
cd autorespond-2.0.4
Build the program
make
make install
6. intall EZMLM / EZMLM-IDX
Ambil paket autoresponder dari source qmailrock
tar xzf ezmlm-0.53.tar.gz
chown -R root.root ezmlm-0.53
wget http://www.bowe.id.au/michael/Sources/Linux/WebMail/ezmlm-idx-0.40.tar.gz
tar xzf ezmlm-idx-0.40.tar.gz
chown -R root.root ezmlm-idx-0.40
Merge the sources together
cp -R ezmlm-idx-0.40/* ezmlm-0.53/
# (you need to press y quite a few times to allow the patch files to overwrite the original files)
cd ezmlm-0.53
patch < idx.patch
Build the program
make
make man
make setup
7. Installasi Qmailadmin
Ambil paket qmailadmin dari source qmailrock
tar xzf qmailadmin-1.2.9.tar.gz
chown -R root.root qmailadmin-1.2.9
cd qmailadmin-1.2.9
(Optional) Make a small mod that affects the look of the qmailadmin login page
edit the lang/en file, and change record 112 “Username” rather than “User Account”
(We found our users knew what to type as their “Username”, but didn’t know what to type as a “User Account”)
Build the program
./configure \
–enable-htmldir=/usr/local/apache/htdocs \
–enable-cgibindir=/usr/local/apache/cgi-bin \
–enable-maxusersperpage=12 \
–enable-maxaliasesperpage=12 \
–disable-modify-quota \
–disable-ezmlm-mysql \
–disable-help
# note, I chose to have 12 accounts per page in the config above,
# because this makes these particular screens fit nicely on my 1024*768 monitor
make
make install-strip
Test to see if it works
http://webmail.yourdomain.com/cgi-bin/qmailadmin
8. Installasi Courier-Imap
Ambil paket Courier-Imap dari source qmailrock
bunzip2 courier-authlib-0.58.tar.bz2
tar xf courier-authlib-0.58.tar
chown -R root.root courier-authlib-0.58
cd courier-authlib-0.58
Build the authentication library
./configure \
# note, if you are running redhat/fedora, you may have to add a
# –with-redhat
# to the list of configuration settings above
make
make install
make install-configure
Review the settings for the authentication library
vi /usr/local/courier-authlib/etc/authlib/authdaemonrc
authmodulelist=”authvchkpw” <-- Authenticate via vpopmail
9. Installasi Webmail (squirrelmail)
Configure SquirrelMail
cd config
perl conf.pl
D. SET PRE-DEFINED SETTINGS FOR SPECIFIC IMAP SERVERS
Choose Courier
1. ORGANIZATION PREFERENCES
1. Organization name : YourCompany WebMail
2. Organization Logo : /images/yourcompanylogo-100.gif
3. Org. Logo Height/Width : 100/100
4. Organization title : YourCompany WebMail (v$version)
7. Provider link : http://www.yourdomain.com
8. Provider name : YourCompany
2. SERVER SETTINGS
1. Domain : yourdomain.com
3. FOLDER DEFAULTS
15. Default Unseen Type : 2
4. GENERAL OPTIONS
1. Data directory : /var/squirrelmail/data
2. Attachment directory : /var/squirrelmail/attach
5. Usernames in lower case : true
7. Hide SM attributions : true
11. Allow server-side sorting : false
( Note, server-sorting is faster, but I personally find the sort results to be not as “intuitive”
compared with when you let SquirrelMail do the sorting. If you toggle this option on/off and compare
the resultant displays in SquirrelMail you will see what I mean. For example if you server-sort the
FROM column then the sort will be done senders email address, whereas if you let SquirrelMail do the
sort then column will be sorted on senders name. I would suggest you try toggling this
option on and off to make your own decision on which sorting method provides the better results.)
6. ADDRESS BOOKS
2. Use Javascript Address Book Search : True
9. DATABASE
1. DSN for address book : mysql://squirreluser:squirrelpassword@localhost/squirrelmail
3. DSN for preferences : mysql://squirreluser:squirrelpassword@localhost/squirrelmail
Now Save and quit the config program
Create the necessary database and tables in MySQL, so that SquirrelMail can store the address books and user preferences there :
root~# mysql -u root -p
CREATE DATABASE squirrelmail;
GRANT select,insert,update,delete ON squirrelmail.*
TO squirreluser@localhost IDENTIFIED BY ‘squirrelpassword';
USE squirrelmail;
CREATE TABLE address (
owner varchar(128) DEFAULT ” NOT NULL,
nickname varchar(16) DEFAULT ” NOT NULL,
firstname varchar(128) DEFAULT ” NOT NULL,
lastname varchar(128) DEFAULT ” NOT NULL,
email varchar(128) DEFAULT ” NOT NULL,
label varchar(255),
PRIMARY KEY (owner,nickname),
KEY firstname (firstname,lastname)
);
CREATE TABLE userprefs (
user varchar(128) DEFAULT ” NOT NULL,
prefkey varchar(64) DEFAULT ” NOT NULL,
prefval blob DEFAULT ” NOT NULL,
PRIMARY KEY (user,prefkey)
);
quit
You can define what default SquirrelMail settings that users will receive when they log in.
For MySQL backend
cd /usr/local/apache/htdocs/squirrelmail
# replace the default preferences definition in the db_prefs file
# with our own customised defaults.
# Open the file, scroll down and replace the existing “var $default”
# entry (on line 102) with our customised version shown below
vi functions/db_prefs.php
var $default = Array(‘chosen_theme’ => ‘../themes/default_theme.php’,
‘show_html_default’ => ‘1’,
‘language’ => ‘en_US’,
‘use_javascript_addr_book’ => ‘1’,
‘left_size’ => ‘140’,
‘left_refresh’ => ‘3600’,
‘show_username’ => ‘1’,
‘show_username_pos’ => ‘top’,
‘order1′ => ‘1’,
‘order2′ => ‘2’,
‘order3′ => ‘3’,
‘order4′ => ‘5’,
‘order5′ => ‘4’,
‘order6′ => ‘6’);
Or, if you aren’t running MySQL backend for SquirrelMail, you can adjust the default preferences like this :
vi /var/squirrelmail/data/default_pref :
show_html_default=1
language=en_US
use_javascript_addr_book=1
left_size=140
left_refresh=3600
show_username=1
show_username_pos=top
order1=1
order2=2
order3=3
order4=5
order5=4
order6=6
Setup periodic purging of the “attach” directory
When SquirrelMail users are composing a message that has attachment(s), the attachment is temporarily stored in the /var/squirrelmail/attach directory. When the user sends the message, the associated temp files will get deleted.
However sometimes the temp files do not get deleted (eg if the user closes their browser mid-compose?). Since the permissions on this directory are setup (as a security measure) to prevent the webserver from listing the files in this directory, there is no way for Apache/SquirrelMail to do a periodic scan/purge of old files.
So we are going to setup a daily crontab to clean up any attachments that get left hanging around
crontab -e
# delete any files that are more than 2 days old from the SquirrelMail attachment dir
0 0 * * * find /var/squirrelmail/attach/* -atime +2 -exec /bin/rm {} \;
Install the quota_usage plugin so users can see their mailbox quota usage
cd /usr/local/src
wget http://www.squirrelmail.org/plugins/quota_usage-1.2.tar.gz
wget http://www.squirrelmail.org/plugins/compatibility-1.3.tar.gz
cd /usr/local/apache/htdocs/squirrelmail/plugins
tar xzf /usr/local/src/quota_usage-1.2.tar.gz
cp quota_usage/config.php.sample quota_usage/config.php
chown -R root.www quota_usage
chmod -R o-rx quota_usage
# qmailadmin and the other tools all classify a 1Mb as 1048576 bytes (1024 * 1024 )
# Fix up the quota_plugin so it works with the same units.
# Otherwise your quota would show as 20M in qmailadmin, and 21M in SquirrelMail :-/
vi quota_usage/functions.php
Go to line 43 and change the value 1000000 to 1048576
tar xzf /usr/local/src/compatibility-1.3.tar.gz
chown -R root.www compatibility
chmod -R o-rx compatibility
cd ../config
perl conf.pl
8. Plugins
choose quota_usage
choose compatibility
Optionally, Setup SSL mode at login time
cd /usr/local/src
wget http://www.squirrelmail.org/plugins/secure_login-1.2-1.2.8.tar.gz
cd /usr/local/apache/htdocs/squirrelmail/plugins
tar xzf /usr/local/src/secure_login-1.2-1.2.8.tar.gz
cp secure_login/config.php.sample secure_login/config.php
chown -R root.www secure_login
chmod -R o-rx secure_login
cd ../config
perl conf.pl
8. Plugins, and choose secure_login
Optionally, modify SquirrelMail so that it will any failed login attempts to the syslog
modify squirrelmail/functions/imap_general.php
search for the line that has “Unknown user or password incorrect”
above this line add :
syslog(LOG_MAIL|LOG_NOTICE,”Squirrelmail login failed for Username : $username, Password : $password”);
now failed SquirrelMail logins will be logged to /var/log/maillog
Filed under: Linux