From dghartung.com/docs

This article explains how to set up an email server that uses Postfix as the SMTP server and Cyrus-Imap as the POP/IMAP server. Also included are spam controls via Spamassasin as well as virus scanning with ClamAV.

I start out with a fresh VE of Fedora Release 7 on an OpenVZ server. Your mileage may vary. For those who need help here is the conf file I use for this VE http://www.dghartung.com/samples/301.conf. For more information on VE or OpenVZ virtualization goto the OpenVZ Website

Contents 1 Update the system 2 Minor Tweaks 2.1 /etc/inittab 2.2 vim-enhanced 2.3 /etc/bashrc 2.4 Configure Unneeded Daemons 3 Install Sofware 4 MySQL Configuration 5 Postfix Build and Install 6 Postfix and Cyrus Configuration 6.1 Cyrus Imap Configuration 6.1.1 Generate Files for Secure IMAP 6.2 Configure Postfix 7 Install and Configure Web-Cyradm 7.1 Install Web-Cyradm 7.2 Configure Web-Cyradm 8 Try it Out!

Update the system

On my fresh VE I have to install yum, most people can omit this

vzyum 301 install yum

Then enter the system

vzctl enter 301

Then change to the home directory

cd

Perform a system update

yum update

Minor Tweaks

Lets perform some minor tweaks. These are optional of course, but they should make your life easier.

/etc/inittab

If your running a "physical" box check to make sure it boots in runlevel 3. If you desire to start in graphical mode leave this setting as is and boot into runlevel 5. Edit /etc/inittab to your liking

Runlevel 5 looks like this

id:5:initdefault:

Runlevel 3 looks like this

id:3:initdefault:

vim-enhanced

First lets make sure vim-enchanced is installed. This should give give you colored output when editing your files.

yum install vim-enchanced

Now edit /etc/profiled.d/vim.sh. Comment out lines 2 and 3. It should look like this when your done

if [ -n "$BASH_VERSION" -o -n "$KSH_VERSION" -o -n "$ZSH_VERSION" ]; then
 #[ -x /usr/bin/id ] || return
 #[ `/usr/bin/id -u` -le 100 ] && return
 # for bash and zsh, only if no alias is already set
 alias vi >/dev/null 2>&1 || alias vi=vim
fi

You need to log out and log in again for the changes to take effect, but wait until the next section is complete so you only have to do it once

/etc/bashrc

I add some of my own alias commands to /etc/bashrc to make my life easier. Entering the aliases in this file make the changes system wide. If you only want to change the aliases for an individual user enter them in /home/$user/.bashrc Or for the user root enter the aliases in /root/.bashrc . Either way works.

# Makes chkconfig easier to type
alias cc='chkconfig'
# For checking which services are enabled for run level 3
alias cc3='chkconfig --list | grep 3:on'
# Unesscessary for this setup.  Used for email servers
alias ama='chown -R amavis:amavis /var/amavis'
# Adds color to the terminal
alias ls='ls -lah --color=tty'
# Makes disk usage human readable
alias du='du -hs'

Configure Unneeded Daemons

You don't need all the default enabled services. I shut these off, but your mileage may vary

cc sendmail off
cc apmd off
cc cups off
cc isdn off
cc kudzu off
cc netfs off
cc nfslock off
cc pcmcia off
cc portmap off
cc cups-config-daemon off
cc bluetooth off
cc acpid off
cc auditd off
cc cpuspeed off
cc haldaemon off
cc iptables off
cc mDNSResponder off
cc mdmonitor off
cc rhnsd off
cc rpcgssd off
cc rpcidmapd off

Install Sofware

First we need to install "Development Tools" for later use

yum groupinstall "Development Tools"

Now Lets install the rest of the software needed

yum install openssl openssl-devel mysql mysql-server mysql-devel httpd \
httpd-devel mod_ssl cyrus-imapd cyrus-sasl cyrus-sasl-plain cyrus-sasl-md5 \
cyrus-sasl-gssapi cyrus-imapd-utils cyrus-sasl-devel cyrus-imapd-devel \
perl-Cyrus db4 db4-devel pam pam-devel perl-Date-Calc mailman spamassassin \
openldap openldap-servers geoip-devel file-devel pcre-devel pam_mysql \
perl-Convert-TNEF perl-Convert-UUlib perl-DBD-MySQL perl-DBD-SQLite perl-DBI \
perl-Digest-HMAC perl-Digest-SHA1 perl-ExtUtils-Embed perl-ExtUtils-MakeMaker \
perl-GSSAPI perl-HTML-Parser perl-HTML-Tagset perl-IO-Multiplex \
perl-IO-Socket-INET6  perl-IO-Socket-SSL perl-IO-Zlib perl-IO-stringy perl-LDAP \
perl-MIME-tools perl-Mail-SPF-Query perl-MailTools perl-Net-CIDR-Lite perl-Net-DNS \
perl-Net-IP perl-Net-SSLeay perl-Net-Server perl-Razor-Agent perl-Socket6 \
perl-Test-Harness perl-Test-Simple perl-TimeDate perl-URI perl-Unix-Syslog \
perl-XML-LibXML perl-XML-LibXML-Common perl-XML-NamespaceSupport perl-XML-SAX \
perl-devel perl-libwww-perl file file-libs freeze gmp lzo lzop nomarch p7zip \
arj cabextract php-mysql php-xml php-imap php-mcrypt php-mbstring \
php-pear-Net-FTP php-pear-Mail-Mime php-gd php-ldap php-mhash \
php-pear-File-SMBPasswd phpMyAdmin php-pecl-Fileinfo \
php-pecl-memcache php-devel php-pear-DB php-pear-Mail \
php-pear-Log php-pear-Date php-pear-Auth-SASL php-pear-Net-URL \
php-pear-Net-Socket php-pear-HTTP-Request php-pear-File php-pear-Cache \
php-pear-Net_SMTP php-pear-SOAP php-pear-XML-Serializer \
php-pear-Services-Weather

MySQL Configuration

Lets start with MySQL configuration, First lets start it up

service mysqld start

After you start it for the first time it suggests that you set the root password, I think this is a good idea, so lets do it

/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h mailsrv2.dghartung.com password 'new-password'

Then make sure it starts at boot time

chkconfig mysqld on

Postfix Build and Install

The standard postfix rpm does no ship with MySQL support, so we have to rebuild it. This is easily done with a source rpm. Change to your home directory and download the source rpm for postfix. Your mileage may vary here. Find a Fedora mirror and get the postfix source rpm

wget http://mirror.facebook.com/fedora/linux/releases/7/Everything/source/SRPMS/postfix-2.3.6-1.src.rpm

Now Install the source rpm

rpm -ivh postfix-2.3.6-1.src.rpm

Now edit /usr/src/redhat/SPECS/postfix.spec. We want to add MySQL support so edit the line to look like this

%define MYSQL 1

After you edit the file, build it

rpmbuild -ba /usr/src/redhat/SPECS/postfix.spec

Then install your new rpms

rpm -ivh /usr/src/redhat/RPMS/{$arch}/postfix-2.3.6-1.i386.rpm
rpm -ivh /usr/src/redhat/RPMS/{$arch}/postfix-debuginfo-2.3.6-1.i386.rpm
rpm -ivh /usr/src/redhat/RPMS/{$arch}/postfix-pflogsumm-2.3.6-1.i386.rpm

Postfix and Cyrus Configuration

Cyrus Imap Configuration

Most of the configuration can be done with a script that I wrote. This file checks for and creates the following files

• /etc/rc.d/init.d/cyrus
• /etc/cyrus.conf
• /etc/pam.d/imap , pop , sieve , smtp
• /etc/imapd.conf
• /etc/imapd-local.conf
• /etc/postfix/mysql-virtual.cf
• /etc/postfix/mysql-canonical.cf
• /etc/postfix/mysql-mydestination.cf

Grab the file

wget http://www.dghartung.com/samples/mailfilecreate-f7.sh
chmod 700 mailfilecreate-f7.sh

Now modify the file according to your values. Set the IP Address of your machine, Servername, Where your mysql server lives, db user, db user password, and the db name. Make sure you uncomment line 20 so the script runs.

./mailfilecreate-f7.sh

Generate Files for Secure IMAP

Grab the script and run it

wget http://www.dghartung.com/samples/configimap-f7.sh
chmod 700 configimap-f7.sh
./configimap-f7.sh

Configure Postfix

Grab the config_main_cf.sh script and run it, fine tune it to your liking before running

wget http://www.dghartung.com/samples/config_main_cf.sh

Install and Configure Web-Cyradm

Install Web-Cyradm

cd /var/www/html/
wget http://www.dghartung.com/samples/web-cyradm-0.5.4-1.tar.gz
tar -zxvf web-cyradm-0.5.4-1.tar.gz
mv web-cyradm-0.5.4-1 webcyradm

Configure Web-Cyradm

Change to the web_cyradm directory

cd /var/www/html/webcyradm/scripts

Set the password for the system user "cryus", you'll need this later in the configuration

passwd cyrus

Edit the following files to your specs

Edit insertuser_mysql.sql to reflect the user and password for accessing your MySQL database

vi insertuser_mysql.sql

At the bottom of this script edit the password for the admin of the site and for the user cyrus.

vi create_mysql.sql

mysql -u root -p < /var/www/html/webcyradm/scripts/insertuser_mysql.sql
mysql mail -u mail -p < /var/www/html/webcyradm/scripts/create_mysql.sql

cd ../config
cp conf.php-dist conf.php

Edit this file to reflect the values for your MySQL database and cyrus user

vi conf.php

Edit the values in conf.php to match your system

Try it Out!

Make sure the services are running and turn them on at boot time

service mysqld start
chkconfig mysqld on
service postfix start
chkconfig postfix on
service cyrus-imapd start
chkconfig cyrus-imapd on
service saslauthd start
chkconfig saslauthd on
service httpd start
chkconfig httpd on

Point your browser to http://your.server.name/webcyradm. Log in with username admin and your secret password. Add a domain, and then add some users. Use your favorite email client and try to login to the server via IMAP or POP. This must be done before sending emails to your server. Send some test mails and see if you can read them.