A Whimsicalmind

21st November, 2011
by David Cooke
0 comments

How to setup your own Ubuntu mail server (Part 1)

Many times I find myself in a conversation with people about the difficulty of hosting their own mail servers. It’s a common belief that they’re hard to build and maintain. In this series of tutorials, I will hopefully be able to disprove this idea.

I have split this into 2 parts. Part 1 (this part) will cover the initial installation and configuration of the IMAP and SMTP servers. Part 2 will cover how to add email accounts and setting up a webmail client. If it is popular, I may add more parts covering anti-spam, anti-virus… etc.

This tutorial assumes you have an Ubuntu 10.04 LTS installation, with Apache, MySQL and PHP pre installed / configured. That phpMyAdmin is installed. That you have a domain, and the DNS records are pointing to your server. That you have root access to your server via SSH. That you have a SSH client installed on your local machine. It is also assumed that you are familiar with basic Linux command line use.

If you want any additional how-tos for any of the above, then leave me a comment.

If you do not have a server, then I recommend a Linode VPS. For my email server, I am using a Linode 512. Under £15 ($20) per month.

Step 1

First we need to install the base packages. Open your SSH client and log into your server.

sudo apt-get install postfix postfix-mysql postfix-doc dovecot-common dovecot-imapd dovecot-pop3d libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl telnet mailutils

During this installation, you will be prompted by the Postfix package configuration. In the first prompt, select “Internet Site”.

In the second prompt, you should enter the domain name of your server, eg. mail.domain.com.

Step 2

Now we need to setup MySQL for the virtual domains and users.

Log into phpMyAdmin and create a new database called “email”.

In the SQL tab of phpMyAdmin, enter the following to create an email admin user. You can change the username and password, but I will use “email_admin” and “email_admin_password” for the purpose of this tutorial.

GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO ‘mail_admin’@'localhost’ IDENTIFIED BY ‘mail_admin_password’;
FLUSH PRIVILEGES;

Now select the email database and enter the following in the SQL tab to create tables for virtual domains, mail forwardings, users and transport.

CREATE TABLE domains (domain varchar(50) NOT NULL, PRIMARY KEY (domain));
CREATE TABLE forwardings (source varchar(80) NOT NULL, destination TEXT NOT NULL, PRIMARY KEY (source));
CREATE TABLE users (email varchar(80) NOT NULL, password varchar(20) NOT NULL, PRIMARY KEY (email));
CREATE TABLE transport (domain varchar(128) NOT NULL default ”, transport varchar(128) NOT NULL default ”, UNIQUE KEY domain (domain));

Step 3

Now we’re going to configure the SMTP server (Postfix) to use the MySQL database and tables we just setup.

Create the following files with the following contents.

FILE: /etc/postfix/mysql-virtual_domains.cf
user = email_admin
password = email_admin_password
dbname = email
query = SELECT domain AS virtual FROM domains WHERE domain=’%s’
hosts = 127.0.0.1

FILE: /etc/postfix/mysql-virtual_forwardings.cf
user = email_admin
password = email_admin_password
dbname = email
query = SELECT destination FROM forwardings WHERE source=’%s’
hosts = 127.0.0.1

FILE: /etc/postfix/mysql-virtual_mailboxes.cf
user = email_admin
password = email_admin_password
dbname = email
query = SELECT CONCAT(SUBSTRING_INDEX(email,’@',-1),’/',SUBSTRING_INDEX(email,’@',1),’/') FROM users WHERE email=’%s’
hosts = 127.0.0.1

FILE: /etc/postfix/mysql-virtual_email2email.cf
user = email_admin
password = email_admin_password
dbname = email
query = SELECT email FROM users WHERE email=’%s’
hosts = 127.0.0.1

Now change the permissions and ownership of these files.

chmod o= /etc/postfix/mysql-virtual_*.cf

chgrp postfix /etc/postfix/mysql-virtual_*.cf

Then we create a user and group for mail handling.

groupadd -g 5000 vmail

useradd -g vmail -u 5000 vmail -d /home/vmail -m

Now enter the following commands to complete the Postfix configuration.

sudo postconf -e ‘myhostname = mail.domain.com’

sudo postconf -e ‘mydestination = mail.domain.com, localhost’

sudo postconf -e ‘mynetworks = 127.0.0.0/8′

sudo postconf -e ‘message_size_limit = 30720000′

sudo postconf -e ‘virtual_alias_domains =’

sudo postconf -e ‘virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf’

sudo postconf -e ‘virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf’

sudo postconf -e ‘virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf’

sudo postconf -e ‘virtual_mailbox_base = /home/vmail’

sudo postconf -e ‘virtual_uid_maps = static:5000′

sudo postconf -e ‘virtual_gid_maps = static:5000′

sudo postconf -e ‘smtpd_sasl_auth_enable = yes’

sudo postconf -e ‘broken_sasl_auth_clients = yes’

sudo postconf -e ‘smtpd_sasl_authenticated_header = yes’

sudo postconf -e ‘smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination’

sudo postconf -e ‘smtpd_use_tls = yes’

sudo postconf -e ‘smtpd_tls_cert_file = /etc/postfix/smtpd.cert’

sudo postconf -e ‘smtpd_tls_key_file = /etc/postfix/smtpd.key’

sudo postconf -e ‘virtual_create_maildirsize = yes’

sudo postconf -e ‘virtual_maildir_extended = yes’

sudo postconf -e ‘proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps’

sudo postconf -e virtual_transport=dovecot

sudo postconf -e dovecot_destination_recipient_limit=1

Step 4

Now we need to create a SSL Certificate for our SMTP server.

cd /etc/postfix

sudo openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x5

You will be prompted to enter a few details. These will show when someone views the details of the certificate. The one to make sure you get right here, is when you’re prompted “Common Name (eg, YOUR name) []:”. This is where you must enter the name of your server, eg. mail.domain.com.

chmod o= /etc/postfix/smtpd.key

Step 5

Now we need to configure saslauthd to use MySQL.

sudo mkdir -p /var/spool/postfix/var/run/saslauthd

Whilst making sure you enter your own username and password where necessary, replace the contents of the following files.

FILE: /etc/default/saslauthd
START=yes
DESC=”SASL Authentication Daemon”
NAME=”saslauthd”
MECHANISMS=”pam”
MECH_OPTIONS=”"
THREADS=5
OPTIONS=”-c -m /var/spool/postfix/var/run/saslauthd -r”

FILE: /etc/pam.d/smtp
auth    required   pam_mysql.so user=email_admin passwd=email_admin_password host=127.0.0.1 db=email table=users usercolumn=email passwdcolumn=password crypt=1
account sufficient pam_mysql.so user=email_admin passwd=email_admin_password host=127.0.0.1 db=email table=users usercolumn=email passwdcolumn=password crypt=1

FILE: /etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true
auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: email_admin
sql_passwd: email_admin_password
sql_database: email
sql_select: select password from users where email = ‘%u’

Change file permissions and restart services.

sudo chmod o= /etc/pam.d/smtp

sudo chmod o= /etc/postfix/sasl/smtpd.conf

sudo adduser postfix sasl

sudo service postfix restart

sudo service saslauthd restart

Step 6

Now we need to configure our IMAP server (Dovecot).

Whilst making sure you enter your own username and password where necessary, replace the contents of the following files.

FILE: /etc/postfix/master.cf (append to bottom)
dovecot   unix  -       n       n       -       -       pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}

FILE: /etc/dovecot/dovecot.conf
protocols = imap imaps
log_timestamp = “%Y-%m-%d %H:%M:%S ”
mail_location = maildir:/home/vmail/%d/%n/Maildir
ssl_cert_file = /etc/ssl/certs/dovecot.pem
ssl_key_file = /etc/ssl/private/dovecot.pem
namespace private {
separator = .
prefix = INBOX.
inbox = yes
}
protocol lda {
log_path = /home/vmail/dovecot-deliver.log
auth_socket_path = /var/run/dovecot/auth-master
postmaster_address = postmaster@example.com
mail_plugins = sieve
global_script_path = /home/vmail/globalsieverc
}
auth default {
user = root
passdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
userdb static {
args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
}
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0600
user = vmail
}
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
}

FILE: /etc/dovecot/dovecot-sql.conf
driver = mysql
connect = host=127.0.0.1 dbname=email user=email_admin password=email_admin_password
default_pass_scheme = CRYPT
password_query = SELECT email as user, password FROM users WHERE email=’%u’;

Change file permissions and restart services.

sudo chgrp vmail /etc/dovecot/dovecot.conf

sudo chmod g+r /etc/dovecot/dovecot.conf

sudo service dovecot restart

Step 7

Now we simply need to test our IMAP server is working.

telnet localhost imap

If you see output similar to the following, then it’s working correctly.

Trying 127.0.0.1…
Connected to localhost.localdomain.
Escape character is ‘^]’.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS AUTH=PLAIN] Dovecot ready.

 

Look out for Part 2 in the next day or so, to find out how to setup email addresses and an email client.

14th November, 2011
by David Cooke
0 comments

PhoneGap Conditional Javascript

Today I came across a PhoneGap problem that had me racking my brains for hours. Not sure if anyone has had the same problem?

The app I’m working on needs to work on both iOS and Android, and also Blackberry OS at a later date. After some time debugging and Googling, it turns out, PhoneGap has a different Javascript, dependant on the platform. For some reason, this isn’t very well documented.

PhoneGap build also has limitations, in that you cannot specify a set of files to build for a specific platform. Whatever you upload, gets built for all platforms.

The only solution is to check what platform the device is, and then load the correct platforms PhoneGap.

<script type=”text/javascript” charset=”utf-8″>
var ua = navigator.userAgent;
var platform = {
iphone: ua.match(/(iPhone|iPod|iPad)/),
android: ua.match(/Android/)
};

if (platform.android) {
document.write(‘<script src=”phonegap_android_1_2_0.js”><\/script>’);
} else if (platform.iphone) {
document.write(‘<script src=”phonegap_ios_1_2_0.js”><\/script>’);
}
</script>

Hopefully this will save someone else hours of debugging.

13th November, 2011
by David Cooke
1 Comment

My Setup

Despite needing to fulfil a number of roles in my job, I don’t like to have a vast amount of software installed on my machines. This is more than likely down to my untidiness OCD.

Operating System

Over the years, I have tried many different operating systems, but these days I find Ubuntu suits my needs best.

I have nothing against Windows, Mac, or other linux distros. Windows does a very good job for the majority of its users. It is fairly flexible and usable which is all most people need in an OS. Mac is less flexible and focuses more on looking pretty. Linux however, is far quicker, far more secure, and in most distros, more flexible / customisable.

I’m currently using Ubuntu 11.10 x64 with Unity 2D.

Web Browsers

Unfortunately, as my primary role is a web developer, web browsers are the only thing I can’t have the minimum of.

Within Ubuntu, I have to have Firefox, Chrome and Opera.

Though it is possible to install Safari and IE in Ubuntu using Wine, I don’t believe this setup gives an accurate enough representation for browser testing. Besides which, it is a bit messy. For thes reasons, I use VirtualBox to install Windows 7, and then install IE and Safari for testing.

Browser Plugins

Having used Firefox since the very early days, back when it was called Firebird, I find it hard to use any other browsers for anything besides testing. This is why I have most plugins installed in Firefox.

Web Developer toolbar, Firebug and YSlow, AdBlock Plus and LastPass are installed in Firefox.

The only other plugin I really use, is for mobile development. This is an excellent plugin called Ripple Emulator. Unfortunately it is only available for Chrome, but it is especially useful for developing mobile sites, or even mobile apps using PhoneGap.

Email Client

Being a Mozilla fanboy, this is rather a simple one. Thunderbird, with the Lightning calendar plugin.

It’s reliable, fast, and not bloated with features I wont use.

Text Editor

As any developer will tell you, this is the software they use most. Almost every working day of our lives in fact. So it is important to get this right.

In the past I used Windows. The best code editor out there for Windows, in my opinion, is Dreamweaver. However this is not available natively for linux.

It seems that there is no middle ground with linux text editors. You can either have a really simple editor, like gedit, or a bloated IDE like Eclipse.

In the end, I found the Sublime Text project. It has everything I need, and is so flexible that should I ever need something that isn’t included, it is relatively easy to write it myself. Also, as the project is in beta currently, the developer is open to suggestions on new feature requests. It isn’t free, but it is the best $59 I ever spent on software. The biggest box it ticks on my list of requirements, is speed. If you use Sublime, then you will know what I’m talking about.

I would recommend anyone trying this, to get Sublime Text 2. It is updated almost daily and despite being beta, is very stable.

Version Software

One of the hardest changes when moving from Windows to Linux, was finding version software that worked how I wanted it to. Previously using TortoiseSVN, which works via shell context menu integration, meant it was hard to use any dedicated software.

RabbitVCS is the only piece of software (at least that I know), that provides shell context menu integration with Ubuntu. It integrates into both Nautilus, Thunar and Gedit. Not only is it for Subversion, but it is for Git too.

FTP Client

For FTP I use 2 pieces of software, depending on the task.

If it is simply uploading files to a remote server, then I use faithful old Filezilla. Fast, easy to use and has never let me down.

For more complex tasks, where I need to upload changed files, or compare remote files, I use Beyond Compare 3. Though this is not free, the $50 it costs, would easily be regained in hours saved working out what files have changed and manually merging files. It allows for file / folder comparison and sync between local / local, local / remote, remote / remote.

Misc

Other software I have installed are, Dropbox, Libre Office suite, Skype and Pidgin for obvious reasons.

12th November, 2011
by David Cooke
2 Comments

QRBoards.com

QRBoards.com is a new site, launched yesterday by Eazytiger.

I was the lead developer for the duration of the project, working with another developer, @olimortimer and a Eazytiger’s Creative Manager, @DangerousMrD.

The concept was to create a method for allowing estate agents to present more information to the general public, outside the property. It was important that this would be usable, without having to modify their existing property boards. The solution is relatively simple. To add a smaller board below the existing boards, which contains a qr code. With the smart-phone market share so great, this will allow passers by to scan the qr board outside the property and then direct them to the estate agents website and property details page, for the property they are standing out side of.

So, if you are an estate agent, or know of any, then let them know about our new site, QRBoards.com

11th November, 2011
by David Cooke
0 comments

First Post!

Just a quick introductory post for my first one!

My name is David. A 25 year old Web Developer / Mobile Developer / Server Administrator from Derby, UK. I work for Eazytiger Ltd, a Leicestershire based new media agency.

After many years away from blogging, I have decided it’s time to get back into it. I intend to blog about many things, mostly related to my work as a developer & server admin.

As a self taught developer, I learned much from the open source community. So I intend contribute to / start new open source projects in the near future.

If you want to know a little more about me professionally, take a look at my online CV.