Setting Mail Server with Qmail on Fedora 3 part4


16. Starting Qmail

# /downloads/qmailrocks/scripts/util/qmr_inst_check

# qmailctl stop

# qmailctl start

# qmailctl stat

You should see an output like this:

/service/qmail-send: up (pid 29956) 2 seconds
/service/qmail-send/log: up (pid 29960) 2 seconds
/service/qmail-smtpd: up (pid 29963) 2 seconds
/service/qmail-smtpd/log: up (pid 29968) 2 seconds
/service/qmail-pop3d: up (pid 29971) 2 seconds
/service/qmail-pop3d/log: up (pid 29972) 2 seconds
messages in queue: 0
messages in queue but not yet preprocessed: 0

Congratulations, Qmail is now officially up and running and you should be able to send and receive mail on the server.

Let's test your new server's POP3 service...

telnet localhost 110

you should see something like this:

Trying 192.168.1.10...
Connected to 192.168.1.10.
Escape character is '^]'.
+OK <16658.1054485137@smiert.org>
user postmaster@smiert.org
+OK
pass your_password
+OK
list
+OK
1 323 (there's your message!)
.
quit
+OK
Connection closed by foreign host.

And now let's test your server's SMTP service to make sure the TLS functionaltiy is there...

telnet localhost 25

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.smiert.org ESMTP
ehlo localhost
250-mail.smiert.org
250-AUTH LOGIN CRAM-MD5 PLAIN
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-STARTTLS
250-PIPELINING
250 8BITMIME
starttls
220 ready for tls
quit
quit
Connection closed by foreign host.

17. Installing Courier-imap/imaps with Courierpassd.
We will also be installed the Courier-authlib package to enable proper authentication through courier-imap.
Installing IMAP will enable IMAP connections to the mail server.
Courier-imap is the preferred IMAP server to install because it has built in support the vchkpw mail user setup that Vpopmail utilizes.
In short, Courier IMAP works with Vpopmail and virtual domains.
In addition to installing Courier-imap, we're going to install Courierpassd.
Courierpassd is a utility that allows users to change their mailbox passwords remotely.
Courierpassd will allow your mail users to change their passwords using the Squirrelmail interface.
This will give your users more power over their account settings and, more importantly, keep them from pestering you whenever they want to change their passwords.


18. installing courier-authlib...

# cd /downloads/qmailrocks/

# tar jxvf courier-authlib-0.55.tar.bz2

# cd courier-authlib-0.55

# ./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw --without-authldap --without-authmysql --disable-root-check --with-ssl --with-authchangepwdir=/usr/local/libexec/authlib --with-redhat

# make && make check

# make install-strip && make install-configure

Now we will add a startup command for authedaemond to the /etc/rc.local file to ensure startup on boot...

# vi /etc/rc.local

Add the following line:

/usr/local/sbin/authdaemond start

19. install courier-imap/imaps...

courier imap needs to be compiled by a NON-ROOT USER.
For the purposes of this guide, I am going to use a NON ROOT user called smiert.

# cd /downloads/qmailrocks/

# tar jxvf courier-imap-4.0.2.tar.bz2

# chown -R smiert:wheel courier-imap-4.0.2

# cd /downloads/qmailrocks/courier-imap-4.0.2

# su smiert

# ./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw --without-authldap --without-authmysql --disable-root-check --with-ssl --with-authchangepwdir=/usr/local/libexec/authlib --with-redhat

# make && make check

Now we will exit out of our NON-ROOT USER and go back to being root...

# exit

# make install-strip && make install-configure

Now let's create an SSL certificate for the IMAP-SSL server...

# /usr/local/sbin/mkimapdcert

This will start and automated process that creates a self-signed imap-ssl X.509 certificate called imapd.pem. It should create this new certificate at /usr/local/share/imapd.pem. If the certificate already exists, the "mkimapdcert" tool will not let you overwrite it.

A Note on IMAP-SSL certificates: Keep in mind that since this SSL certificate is self-signed and is not from a "trusted" authority such as Verisign or Thawte, mail clients such as Outlook will give a warning when they attempt to connect to your IMAP-SSL server on port 993. The warning will state that the certificate is not from a "trusted" authority. While the warning is a bit ugly, it does NOT mean your IMAP-SSL connection is any less secure than it would be with a real certificate from Verisign or Thawte. All it means is that the SSL certificate was not generated by a company which Microsoft recognizes as a "trusted" authority. From a security standpoint, however, your IMAP-SSL server is every bit as secure as it would be if you bought the certificate from Verisign or Thawte. If the warning is too inconvenient for your purposes, you will need to purchase a "real" certificate from a "trusted" authority such as Verisign or Thawte. Be prepared to shell out a good chunk of change if you do so.

# vi /usr/local/etc/imapd.cnf

change postmaser@example.com to postmaster@smiert.org

Save and exit

# vi /usr/local/etc/imapd

Make sure that the following configuration exists: IMAPDSTART=YES

# vi /usr/local/etc/imapd-ssl

Make sure that the following configuration exists: IMAPDSSLSTART=YES

Make sure that the following configuration exists: TLS_CERTFILE=/usr/local/share/imapd.pem

Save and exit the file.

# vi /usr/local/etc/authlib/authdaemonrc

Make sure that "authvchkpw" is the only module listed.

authmodulelist="authvchkpw"

Save and exit the file.

Now we create the startup scripts...

# cp /usr/local/libexec/imapd.rc /etc/rc.d/init.d/imap

# cp /usr/local/libexec/imapd-ssl.rc /etc/rc.d/init.d/imaps

Now let's start up Authdaemond, IMAP and IMAPS. To be safe we'll stop each service before starting it...

# /usr/local/sbin/authdaemond stop

# /usr/local/sbin/authdaemond start

# /etc/rc.d/init.d/imap stop

# /etc/rc.d/init.d/imaps stop

# /etc/rc.d/init.d/imap start

# /etc/rc.d/init.d/imaps start

If you run "nmap localhost", you should see both 143 and 993 now open and listening.

Now let's test it...

# telnet localhost 143

Trying 192.168.1.10...
Connected to 192.168.1.10.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE STARTTLS] Courier-IMAP ready. Copyright 1998-2003 Double Precision, Inc. See COPYING for distribution information.
a login postmaster@smiert.org my_password
a OK LOGIN Ok.
a logout
* BYE Courier-IMAP server shutting down
a OK LOGOUT completed
Connection closed by foreign host.

20. Installing Courierpassd

Note: Courierpassd will require that port 106 be open to at least local traffic (traffic from 127.0.0.1)

# cd /downloads/qmailrocks

# tar zxvf courierpassd-1.1.0-RC1.tar.gz

# cd courierpassd-1.1.0-RC1

# ./configure

# make && make install

OK. Courierpassd is installed now. Next, we are going to configure Xinetd to run courierpassd.

# cd /etc/xinetd.d

Here we create the xinetd script for courierpassd...

# vi courierpassd

service courierpassd
{
port = 106
socket_type = stream
protocol = tcp
user = root
server = /usr/local/sbin/courierpassd
server_args = -s imap
wait = no
only_from = 127.0.0.1
instances = 4
disable = no
}

Save and exit.

Now let's add the Courierpassd service to the system's services file:

# vi /etc/services

Append to following line to the /etc/services file:

courierpassd 106/tcp #for /etc/xinetd.d/courierpassd

we now want to restart Xinetd:

# /etc/rc.d/init.d/xinetd restart

Now let's test Courierpassd by trying the reset the password for a mail account.

# telnet localhost 106
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
200 courierpassd v0.30 hello, who are you?
user postmaster@smiert.org
200 Your password please.
pass my_password
200 Your new password please.
newpass my_new_password
200 Password changed, thank-you.
quit
200 Bye.
Connection closed by foreign host.

Popular posts from this blog

Howto configure boot device order on ILOM

To ensure the system can be installed using the DVD drive, the boot device order in the BIOS has to be configured correctly so that the DVD drive takes precedence over the internal hard drives. 1 Log into the ILOM. 2 Start the system if it is not already running: > start /SYS else reset the system: > reset /SYS 3 Log onto the system’s console: > start /SP/console 4 When prompted, press Esc 2 to enter setup. 5 Once the setup menu has loaded, navigate across to the Boot screen by using the right arrow key. 6 Using the down arrow key, select the Boot Device Priority item and press Enter. 7 Confirm that the item [CD/DVD] is higher in the list than the item [Hard Drive]. The order can be changed by selecting the relevant item and using the +/- keys to move the item up or down in the list. 8 Once the order is correct, save any changes made by pressing Esc and then navigate right to the Exit screen. Select the item Save Changes and Exit and press Enter, then confirm
Read more

SAN Switch Config Command

Login via console Fabric OS (swd77) swd77 console login: admin Password: Note: password default is "password" - set hostname swd77:admin> switchName swcdr1 Committing configuration... Done. swcdr1:admin> - set IP Address swcdr1:admin> ipaddrset Ethernet IP Address [192.168.0.25]: 192.168.0.11 Ethernet Subnetmask [255.255.255.0]: Fibre Channel IP Address [0.0.0.0]: Fibre Channel Subnetmask [0.0.0.0]: Gateway IP Address [192.168.0.25]: 0.0.0.0 Issuing gratuitous ARP...Done. 2008/07/14-18:46:43, [WEBD-1007], 494,, INFO, swcdr1, HTTP server will be restarted due to change of IP Address IP address is being changed...Done. Committing configuration...Done. - Configure basic parameter swcdr1:admin> switchDisable swcdr1:admin> configure Configure... Fabric parameters (yes, y, no, n): [no] y Domain: (1..239) [1] 22008/07/14-18:50:40, [FW-1424], 24,, WARNING, swcdr1, Switch status changed from HEALTHY to MARGINAL. 2008/07/14-18:50:40, [FW-1439], 25,, WARNING, swcdr
Read more

Howto cstm on HP-UX

If we want to show all machine information, just use cstm. # cstm Running Command File (/usr/sbin/stm/ui/config/.stmrc). -- Information -- Support Tools Manager Version C.46.05 (C) Copyright Hewlett Packard Co. 1995-2002 All Rights Reserved Use of this program is subject to the licensing restrictions described in "Help-->On Version". HP shall not be liable for any damages resulting from misuse or unauthorized use of this program. cstm> Map all device in this system with : cstm> map Dev Last Last Op Num Path Product Active Tool Status === ==================== ========================= =========== ============= 1 system system (1014) Information Successful 2 memory IPF_MEMORY (1014) Information Successful ------------ We want to know info about memory information cstm>sel d 2 cstm>
Read more