Posts Tagged ‘Qmail with LDAP’

Qmail Installation with Phpldap installation

April 10th, 2010

Introduction Qmail LDAP Configuration:-

Qmail Downloads

Check for cc and gcc
wget http://www.qmailrocks.org/downloads/qmailrocks.tar.gz
wget http://www.nrg4u.com/qmail/qmail-ldap-1.03-20060201.patch.gz
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
#
rpm -Uhv rpmforge-release-0.3.6-1.el5.rf.i386.rpm
yum install openldap*
yum install zlib*
yum install glib
yum install gcc-c++
yum install gdbm*
yum install openssl-devel
Qmail Users / groups
mkdir -p /var/qmail
groupadd nofiles
useradd -g nofiles -d /var/qmail/alias -s /sbin/nologin -p’*’ alias
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p’*’ qmaild
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p’*’ qmaill
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p’*’ qmailp
groupadd qmail
useradd -g qmail -d /var/qmail -s /sbin/nologin -p’*’ qmailq
useradd -g qmail -d /var/qmail -s /sbin/nologin -p’*’ qmailr
useradd -g qmail -d /var/qmail -s /sbin/nologin -p’*’ qmails
groupadd vmail
useradd -g vmail -s /bin/true vmail
Qmail Compilation
mkdir -p /var/qmail
mkdir /usr/src/qmail
cd /usr/src/qmail
tar xvzf /downloads/qmailrocks/qmail-1.03.tar.gz
cd qmail-1.03
cd /downloads
gzip -d qmail-ldap-1.03-20060201.patch.gz
cd /usr/src/qmail/qmail-1.03
patch -p1 concurrencyincoming
echo 255 > concurrencyremote
echo ./Maildir/ > defaultdelivery
echo mydomain.com > defaultdomain
echo 10000 > defaultquotacount
echo 10000000 > defaultquotasize
echo /var/qmail/bin/dirmaker > dirmaker
echo dc=mysdomain,dc=com > ldapbasedn
echo 0 > ldapcluster
id -g vmail > ldapgid
echo cn=manager,dc=mydomain,dc=com > ldaplogin
echo /home/vmail > ldapmessagestore
echo qmailUser > ldapobjectclass
echo password123 > ldappassword
echo 127.0.0.1 > ldapserver
id -u vmail > ldapuid
echo mail1.mydomain.com > me
echo 127.:allow,NOPBS=”" :deny > qmail-pop3d.rules
echo 800000000 > qmail-smtpd-softlimit
echo 3 > qmail-start-loglevel
echo 3 > qmail-pop3d-loglevel
echo 800000000 > qmail-pop3d-softlimit – need to check
echo ” Your mail quota is overflowing, check it out” > quotawarning
echo fever.fm > rcpthosts
echo mydomain.com >> rcpthosts
echo mail1.mydomain.com >> rcpthosts
ln –s rcpthosts locals

cd /var/qmail

vi bin/dirmaker
————————————————————————————-
#!/bin/sh
echo ‘———————————————-’ >> /tmp/dirmaker
date >> /tmp/dirmaker
echo $1 >> /tmp/dirmaker
id >> /tmp/dirmaker

mkdir –parents -m 700 -p $1/Maildir
mkdir –parents -m 700 -p $1/Maildir/tmp
mkdir –parents -m 700 -p $1/Maildir/cur
mkdir –parents -m 700 -p $1/Maildir/new
chown -R vmail:vmail $1
—————————————————————————————

vi rc
—————————————————————————————
#!/bin/sh
QLOG=”`cat /var/qmail/control/qmail-start-loglevel`”
DEFD=”`cat /var/qmail/control/defaultdelivery`”
exec env – PATH=”/var/qmail/bin:$PATH” LOGLEVEL=”$QLOG” qmail-start “$DEFD”
——————————————————————————————–

chmod 755 rc bin/dirmaker

UCSPI-TCP / Daemontools Install

cd /usr/src/qmail
tar zxvf /downloads/qmailrocks/ucspi-tcp-0.88.tar.gz
cd ucspi-tcp-0.88
patch < /downloads/qmailrocks/patches/ucspi-tcp-0.88.errno.patch
make && make setup check

mkdir -p /package
chmod 1755 /package
cd /package
tar zxvf /downloads/qmailrocks/daemontools-0.76.tar.gz
cd /package/admin/daemontools-0.76/src
patch &1

———————————————————————————————

vi qmail-smtpd/log/run
———————————————————————————————
#!/bin/sh
PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin
export PATH
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s10000000 n20 /var/log/qmail/qmail-smtpd 2>&1
———————————————————————————————

vi qmail-send/run
———————————————————————————————
#!/bin/sh
exec /var/qmail/rc
———————————————————————————————

vi qmail-send/log/run
———————————————————————————————
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s10000000 n20 /var/log/qmail/qmail-send 2>&1
———————————————————————————————-

vi qmail-pop3d/run
———————————————————————————————-
#!/bin/sh
IP=`head -1 /var/qmail/control/me`
LL=`head -1 /var/qmail/control/qmail-pop3d-loglevel`
SL=`head -1 /var/qmail/control/qmail-pop3d-softlimit`
exec \
env LOGLEVEL=$LL \
softlimit -m $SL \
/usr/local/bin/tcpserver -v -R -H -l 0 0 pop3 \
/var/qmail/bin/qmail-popup $IP \
/var/qmail/bin/tcp-env \
/var/qmail/bin/auth_pop \
/var/qmail/bin/qmail-pop3d Maildir 2>&1
cd /service
chmod +x */run
chmod +x */log/run

vi /etc/tcp.smtp
—————————————————————————————————
127.:allow,RELAYCLIENT=”",MAXRCPTCOUNT=”25″
10.:allow,RELAYCLIENT=”",MAXRCPTCOUNT=”25″
:deny

#10.:allow,RELAYCLIENT=”",SMTPAUTH=”",AUTHREQUIRED=”",SENDERCHECK=”",
LOGLEVEL=”3″,RCPTCHECK=”",NOPBS=”",SANITYCHECK=”",BLCKRELAYPRBE=”"
—————————————————————————————————

mkdir /service
ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /var/qmail/supervise/qmail-pop3d /service

echo admin@mydomain.com > /var/qmail/alias/.qmail-root
echo admin@mydomain.com > /var/qmail/alias/.qmail-postmaster
echo admin@mydomain.com > /var/qmail/alias/.qmail-mailer-daemon
ln -s /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-anonymous

chmod 644 /var/qmail/alias/.qmail*

cd /var/qmail
rsync -avur /downloads/qmailrocks/scripts/finalize/qmailctl bin/.
ln -s /var/qmail/bin/qmailctl /usr/bin
ln -s /var/qmail/bin/qmailctl /etc/init.d/qmailctl

Qmail others configuration
/etc/init.d/sendmail stop
chkconfig sendmail off
mv /usr/lib/sendmail /usr/lib/sendmail.org
mv /usr/sbin/sendmail /usr/sbin/sendmail.org
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
chkconfig –level 2345 qmailctl on

OPENLDAP Integration with QMAIL-LDAP

Configuration
wget http://phpqladmin.com/phpQLAdmin-2.2.7.tar.gz
cd /downloads
tar zxvf /downloads/phpQLAdmin-2.2.7.tar.gz

cd /etc/openldap
cp /usr/src/qmail/qmail-1.03/qmail.schema schema/.
cp /downloads/phpQLAdmin-2.2.7/schemas/phpQLAdmin.schema schema/.

vi slapd.conf
—————————————————————————————————–
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/qmail.schema
include /etc/openldap/schema/phpQLAdmin.schema

# Directives needed to implement policy:

access to * by dn=”uid=admin,ou=mydomain.com,dc=mydomain,dc=com” write
by * read
access to attrs=userPassword
by dn=”uid=admin,ou=mydomain.com,dc=mydomain,dc=com” write
by anonymous auth

database dbm
suffix “dc=mydomain,dc=com”
rootdn “cn=Manager,dc=mydomain,dc=com”

rootpw password123

————————————————————————————————-

vi ldap.conf
————————————————————————————————
HOST 127.0.0.1
BASE dc=mydomain,dc=com
————————————————————————————————

—————————————————————————————————

vi schema/phpQLAdmin.schema
————————————————————————————————–
( Uncomment the following line )

# This is also availible in krb5-kdc.schema (from OpenLDAP.org)
attributetype ( 1.3.6.1.4.1.5322.10.1.12
NAME ‘krb5RealmName’
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
#
attributetype ( 1.3.6.1.4.1.5322.10.1.1
NAME ‘krb5PrincipalName’
DESC ‘The unparsed Kerberos principal name’
EQUALITY caseExactIA5Match
SINGLE-VALUE
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

# PQL_ATTR_KRB5_ADMIN_SERVER
attributetype ( 1.3.6.1.4.1.8767.3.2.2.15 NAME ‘krb5AdminServer’
DESC ‘Fully Qualified Host Name of the Kerberos admin server’
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.8767.3.2.4.1 NAME ‘defaultDomain’
DESC ‘Default domain name for the branch’
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024}
SINGLE-VALUE )

————————————————————————————————

/etc/init.d/ldap start

Creation of LDAP datbase and LDIF FILES.

a.ldif for creating base

cat base.ldif
————————————————————————
#mydomain.com
dn: dc=mydomain,dc=com
objectClass: top
objectClass: domain
dc: mydomain
—————————————————————————————

b.ldif for creating organizational unit

vi ht-ou.ldif
——————————————————————————————
#mydomain.com
dn: ou=mydomain.com,dc=mydomain,dc=com
objectClass: top
objectClass: organizationalUnit
ou: mydomain.com
description: mydomain.com
——————————————————————————————

c. ldif file for creating Admin User.

(Note: Password is postmaster )

cat admin-ht.ldif
—————————————————————————————–
# admin, mydomain.com
dn: uid=admin,ou=mydomain.com,dc=mydomain,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: qmailuser
cn: admin admin
sn: admin admin
mail: admin@mydomain.com
accountStatus: active
userPassword:: e0NSWVBUfU9XY3dPTS9IekVBT2s=
mailMessageStore: mydomain.com/admin
uid: admin
deliveryMode: noforward
——————————————————————————————

iv. addressbook.

cat address.ldif
————————————————————————————-
# deepa, addressbook, mydomain.in
dn: cn=deepa,ou=addressbook,dc=mydomain,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: deepa
sn: deepa
mail: deepa@mydomain.com
ou: addressbook

Commnad to create user/ database

ldapadd -acvx -D”cn=Manager,dc=mydomain,dc=com” -w password_of rootdn -f Ldif_filename

Courier IMAP Integration.

Compilation and its parameters
cd /downloads/qmailrocks/
tar jxvf courier-authlib-0.55.tar.bz2
cd courier-authlib-0.55

./configure –prefix=/usr/local –exec-prefix=/usr/local –with-authldap –without-authmysql –disable-root-check –with-ssl –with-authchangepwdir=/usr/local/libexec/authlib –with-redhat

make && make check
make install-strip && make install-configure

vi /etc/rc.local
( Add following line )
—————————————————————————————————-
/usr/local/sbin/authdaemond start
—————————————————————————————————–

cd /downloads/qmailrocks/
tar jxvf courier-imap-4.0.2.tar.bz2

useradd bsmith

chown -R bsmith:wheel courier-imap-4.0.2
cd /downloads/qmailrocks/courier-imap-4.0.2
su bsmith
./configure –prefix=/usr/local –exec-prefix=/usr/local –without-authvchkpw –with-authldap –without-authmysql   –disable-root-check –with-ssl –with-authchangepwdir=/usr/local/libexec/authlib –with-redhat
make && make check
exit
make install-strip && make install-configure

/usr/local/sbin/mkimapdcert

vi /usr/local/etc/imapd.cnf
(Change postmaser@example.com an administrative email address )
——————————————————————————————————
…………………………..
………………………….
emailAddress=admin@mydomain.com
……………………………
——————————————————————————————————-

Configuration changes
vi /usr/local/etc/imapd
——————————————————————————————————-
IMAPDSTART=YES
——————————————————————————————————-

vi /usr/local/etc/imapd-ssl
——————————————————————————————————-
IMAPDSSLSTART=YES
TLS_CERTFILE=/usr/local/share/imapd.pem
——————————————————————————————————-

vi /usr/local/etc/authlib/authdaemonrc
——————————————————————————————————-
authmodulelist=”authldap”
authmodulelistorig=”authldap”
——————————————————————————————————-

vi /usr/local/etc/authlib/authldaprc
——————————————————————————————————-
LDAP_SERVER localhost
LDAP_PORT 389
LDAP_PROTOCOL_VERSION 3
LDAP_BASEDN dc=isgec, dc=com
LDAP_BINDDN cn=manager, dc=isgec, dc=com
LDAP_BINDPW secretisgec
LDAP_TIMEOUT 5
LDAP_MAIL uid
LDAP_GLOB_UID vmail
LDAP_GLOB_GID vmail
LDAP_HOMEDIR mailMessageStore
LDAP_MAILROOT /home/vmail
LDAP_DEFAULTDELIVERY defaultDelivery
LDAP_FULLNAME cn
LDAP_CLEARPW clearPassword
LDAP_CRYPTPW userPassword
#LDAP_CRYPTPW sambaLMPassword
LDAP_DEREF never
LDAP_TLS 0
LDAP_AUTHBIND 1
—————————————————————————————————

cp /usr/local/libexec/imapd.rc /etc/rc.d/init.d/imap
cp /usr/local/libexec/imapd-ssl.rc /etc/rc.d/init.d/imaps

vi /etc/rc.local
( Add following line )
—————————————————————————————————-
/etc/rc.d/init.d/imap start
/etc/rc.d/init.d/imaps start
—————————————————————————————————–

/usr/local/sbin/authdaemond stop
/usr/local/sbin/authdaemond start
/etc/rc.d/init.d/imap stop
/etc/rc.d/init.d/imaps stop
/etc/rc.d/init.d/imap start
/etc/rc.d/init.d/imaps start
qmailctl cdb

phpldapadmin
yum install php
yum install php-ldap
cd /downloads
wget http://downloads.sourceforge.net/project/phpldapadmin/phpldapadmin-php5/1.2.0.5/phpldapadmin-1.2.0.5.tgz?use_mirror=nchc

tar zxvf phpldapadmin-1.2.0.5.tgz
mv phpldapadmin-1.2.0.5 /var/www/html/phpldapadmin
mv config/config.php.example config/config.php

vi /etc/php.ini
memory_limit = 32M

Now login at www./phpldapadmin

Thanks
Pawan Kumar

View Comments »

Posted in CentOS, Linux, Mail Servers

Tags: