<---- template headericclude ----->
Email Server using Postfix, Dovecot, Squirrelmail, Spamassassin, ClamAV and Amavisd
FedoraForum.org - Fedora Support Forums and Community
Page 1 of 9 123 ... LastLast
Results 1 to 15 of 121
  1. #1
    nephila Guest

    Email Server using Postfix, Dovecot, Squirrelmail, Spamassassin, ClamAV and Amavisd

    I noticed a number of people have questions regarding these setups, I'm no expert on email systems or the programs described here, but I do have an email server running on Fedora Core 2 that serves about 30 users and its working quite well so here's what I have learnt in setting up and maintaining that server.

    This howto will explain how to go about setting up an email server on Fedora Core 3 using Postfix, Dovecot, Squirrelmail, Spamassassin, ClamAV and Amavisd. I have also done a similar setup on Fedora Core 2. My best advice is to set this up first on a workstation and test it thoroughly before setting up on a server and going live with it!

    This howto does not go into much detail, if you are looking for a full explanation of what is going on then read the documentation for each progarm. This is merely a step by step guide to get you up and running. You may use apt / yum to install software. I do not use these programs so these instructions do not include the use of them, feel free to adjust these
    instructions as you see fit.

    STEPS

    * Assume a clean install of fedora core 3.
    * Commands run as root.

    1. Run System Settings > Add/Remove Applications
    Under the Email Server sections select Spamassassin,
    Postfix, Squirrelmail and Dovecot then click ok and update the system.

    2. Run the command:
    Code:
    system-switch-mail
    and choose postfix as the default MTA.

    3. Configure postfix by changing the following in /etc/postfix/main.cf
    Code:
    myhostname = ~YOUR IP ADDRESS OR DOMAIN NAME~
    	myorigin = $mydomain
    	inet_interfaces = $myhostname, localhost
    	mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
    	home_mailbox = Maildir/
    4. Start Postfix and Test
    Run
    Code:
    /etc/rc.d/init.d/postfix start
    If it doesn't start check /var/log/maillog for specific errors
    Run:
    Code:
    echo "hello" | mail root
    Check /root/Maildir/new for a message. You can read the message
    with the less command or any text editor you prefer.

    5. Configure Dovecot by changing the following in /etc/dovecot.conf
    Code:
    protocols = imap pop3
    6. Start Dovecot and Test
    Run
    Code:
    echo "hello" | mail ~NON ROOT USER~
    Run
    Code:
    /etc/rc.d/init.d/httpd restart
    Run
    Code:
    /etc/rc.d/init.d/dovecot start
    Browse http://localhost/webmail
    Login with the non root user's username and password
    You should have an email with the message "hello"

    7. Setup Thunderbird mail to use pop3 and check for email.
    Use your IP address as the server and log in using the same
    non root user. You should get the same email with the message
    "hello".

    You now have a usable email system running but you should set up postfix so
    that it isn't an open relay by making it require authentication on SMTP
    transactions. you also want to setup virus scanners and spam filters, so lets
    get to it...

    8. Enable SMTP Authentication
    8.1 Check that Cyrus SASL is installed
    Run as root:
    Code:
    rpm -qa | grep sasl
    You should get:
    Code:
                cyrus-sasl-2.1.19-3
                cyrus-sasl-devel-2.1.19-3
                cyrus-sasl-plain-2.1.19-3
                cyrus-sasl-md5-2.1.19-3
    there may be a few others, that's ok.
    If these are not installed, find the rpms on your distro cdroms and
    install them.
    8.2 Edit /etc/postfix/main.cf and add the following to the bottom of the file:
    Code:
    smtpd_sasl_auth_enable = yes
            smtpd_sasl_security_options = noanonymous
            smtpd_sasl_local_domain = $myhostname
            broken_sasl_auth_clients = yes
            smtpd_recipient_restrictions =
               permit_sasl_authenticated,
               check_relay_domains

    8.3 Start the saslauthd by running
    Code:
    /etc/rc.d/init.d/saslauthd start
    8.4 Reload postfix by running
    Code:
    /etc/rc.d/init.d/postfix restart
    8.5 Try sending mail to yourself using a pop3 client. You must have
    the right settings in your mail client, be sure to use SMTP auth!

    Check http://postfix.state-of-mind.de/patr...etter/smtpauth
    for more information on this.

    9. Install ClamAv from RPM
    Run:
    Code:
    rpm -Uvh clamav-0.83-1.i386.rpm
    Finally we install amavisd-new and configure it appropriately.

    10. Install Required Programs and Packages
    Get the following rpms from
    http://dag.wieers.com/packages/
    http://dries.studentenweb.org/apt/
    http://freshrpms.net/packages/
    http://rpmfind.net/linux/RPM/fedora/...4-40.i386.html

    arc
    cabextract
    freeze
    lzo
    lzop
    ncompress
    nomarch
    unarj
    unrar
    zoo

    perl-Archive-Zip-1.09-0.1.fc3.rf.noarch.rpm
    perl-BerkeleyDB-0.26-1.1.fc3.rf.i386.rpm
    perl-Convert-BinHex-1.119-1.1.fc3.rf.noarch.rpm
    perl-Convert-TNEF-0.17-2.1.fc3.rf.noarch.rpm
    perl-Convert-UUlib-1.03-1.1.fc3.rf.i386.rpm
    perl-IO-stringy-2.109-1.1.fc3.rf.noarch.rpm
    perl-MailTools-1.66-1.1.fc3.rf.noarch.rpm
    perl-MIME-tools-5.415-1.1.fc3.test.noarch.rpm
    perl-Net-Server-0.86-0.1.fc3.rf.noarch.rpm
    perl-TimeDate-1.16-1.1.fc3.rf.noarch.rpm
    perl-Unix-Syslog-0.100-0.1.fc3.rf.i386.rpm

    Install the Following from the CDROM distros
    perl-Archive-Tar-1.08-3.noarch.rpm
    perl-Compress-Zlib-1.33-6.i386.rpm

    These are all required by amavisd-new

    11. Install the amavisd-new rpm
    Run:
    Code:
    rpm -Uvh amavisd-new-2.2.0-3.1.fc3.rf.i386.rpm
    12. Test amavisd-new
    Run:
    Code:
    /etc/rc.d/init.d/amavisd start
    Run:
    Code:
    telnet localhost 10024
    you should be greeted by amavisd-new.

    13. Configure postfix
    add the following to /etc/postfix/master.cf at the bottom
    Code:
    smtp-amavis unix -	-	y/n	-	2  smtp
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes
        -o disable_dns_lookups=yes
    
    127.0.0.1:10025 inet n	-	y/n	-	-  smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=127.0.0.0/8
        -o strict_rfc821_envelopes=yes
        -o smtpd_error_sleep_time=0
        -o smtpd_soft_error_limit=1001
        -o smtpd_hard_error_limit=1000
        -o smtpd_client_connection_count_limit=0
        -o smtpd_client_connection_rate_limit=0
        -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
    test it by doing the following:
    Run:
    Code:
    telnet localhost 10025
    you should be greeted by postfix

    Run:
    Code:
    postconf -e 'content_filter=smtp-amavis:[127.0.0.1]:10024'
    14. Test
    Run:
    Code:
    echo "hello" | mail ~NON ROOT USER~
    check mail for the non root user, you should have recieved mail.

    15. Configure ClamAV
    Run:
    Code:
    mkdir /var/run/amavis
        chown amavis /var/run/amavis
        chown amavis /var/run/clamav
    Edit /etc/clamd.conf making the following changes:
    Code:
    LocalSocket /var/run/amavis/clamd.ctl
        #TCPSocket 3310 -- comment this out!!
        User amavis
    Run:
    Code:
    /etc/rc.d/init.d/clamd restart
    Check /var/log/maillog and make sure that clamd has no errors

    16. Configure Amavisd
    Edit /etc/amavisd.conf making the following changes
    Code:
    $sa_tag_level_deflt  = 0.0; 
        ...
         ['ClamAV-clamd',
           \&ask_daemon, ["CONTSCAN {}\n", "/var/run/amavis/clamd.ctl"],
           qr/\bOK$/, qr/\bFOUND$/,
           qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
    restart amavisd:
    Code:
    /etc/rc.d/init.d/amavisd restart
    17. Test again
    Run:
    Code:
    echo "this is a test" | mail ~NON ROOT USER~
    log in as the non root user, read the email and view the full
    headers, you should see that the message passes through amavisd.


    That's all folks! Play around with the configuration settings and tweak it to your tatse!
    If I screwed up something somewhere please let me know. Also if you find this helpful let me know too.

  2. #2
    snurckle Guest
    Awesome Post, this helped me alot.

    I started with a new install of Fedora Core 3, and for the most part it was easy to do (with the aid of your howto).

    I did have a few problems though. When installing clamd, I had to edit my yum.conf file to add [DAG]. I also had to import the keys for the it as well.

    You didn't go through any spamassassin setup, just an install.

    Thanks for the post, it was VERY HELPFUL.

  3. #3
    nephila Guest
    Glad it helped! A lot of spamassin conf is done through amavis so tweaking that will tweak sa. There's also a lot of doc on the web, the goal of the howto was to get readers up and running! I dont use yum or apt or anything else, so I didn't include any info about that, sorry that you had issues with that.

  4. #4
    sportq Guest
    nephila,

    I've followed the guide and everything happens as expected until I get to the stage where the filters are added to /etc/postfix/master.cf (I restart postfix although the procedure doesn't say I should).

    When I try this test....
    Code:
    telnet localhost 10025
    I get nothing.

    Peter

  5. #5
    snurckle Guest
    were you able to Telnet before? to port 10024?

    If so, your problem lies within SpamAssassin/Amavisd-new

    Suggest trying the following command.

    Code:
    service amavisd restart;service spamassassin restart;service postfix restart
    additionally, you may want to adjust IPTABLES, you may have the port shut down.

    to test to see if your firewall (IPTABLES) is the problem-

    Code:
    service iptables stop
    then try to:

    Code:
    telnet localhost 10025
    turn IPTABLES BACK ON, don't leave yourself open for intruders-

    I haven't messed with IPTABLES YET, but you need to add/edit it to open the ports, they are shutdown by default.

    There are a few things the original poster forgot to mention about doing this with a clean install of Fedora. But essentially he was right now, you just need to adjust things on your server to allow it to open the 10024/25 ports.

  6. #6
    snurckle Guest
    Quote Originally Posted by nephila
    Glad it helped! A lot of spamassin conf is done through amavis so tweaking that will tweak sa. There's also a lot of doc on the web, the goal of the howto was to get readers up and running! I dont use yum or apt or anything else, so I didn't include any info about that, sorry that you had issues with that.
    This was probably the best HOWTO for this setup I've seen. I went off of it, almost entirely. Deviated a little to set up TLS, but very good.

    Thanks for posting it. The only thing I don't like is how amavisd-new and spamassassin talk, but perhaps it's better than spamassassin hogging resources.

    Your setup doesn't send ALL email through spamassassin, it does if the email is HTML encoded, and if it's 'suspected' of being SPAM. Perhaps it only adds a header entry if it hits a certain number of points. Not sure what is going on, but I'll research and see if I can adjust it a little.

    I receive a log entry about spamassassin to connected, but I suspect this is normal, and spamassassin just doesn't have the control it's used to when running behind amavisd-new. Almost switched to MIME-Defang because of this, but realized spamassassin was doing what it shoud, and backed off.

    Thanks again!

  7. #7
    tmdii2005 Guest

    some questions I have

    Thanks, nephila,

    Your post helps me a lot in building my mail server. I started with a new install of Fedora Core 3, and now I have some questons:

    1. I can use 'mail' or 'echo' to send mail to myself. But I can't send mail to myself using squirrelmail's webmail page or any pop3 mail client.

    2. I can't receive mails from my yahoo or other mail account.

    I'm quite a newbie about Fedora. Can you or any one give me some suggestions?

    Thanks a lot.

  8. #8
    snurckle Guest
    POP3 and IMAP are ran using dovecot (in this configuration)

    First question I have is- Is Dovecot running?

    to check-

    service dovecot status

    If it is running, restart it, and check the /var/log/messages and /var/log/maillog for an error.
    Usually dovecot will stop if there is an error. A good thing to do, in troubleshooting a problem is to open up 2 terminal windows, type:

    tail -f /var/log/messages
    and
    tail -f /var/log/maillog (in the other terminal)

    service dovecot restart

    and see if either on of those kick out an error on the tail -f xxxx

    post your error, and I'll try to help more.

    Try trying to connect with your POP3 client as well, if there is a problem connecting, the error will show up as well. You may want to look at your firewall, make sure the port for POP3 or IMAP are open to receive your traffic.
    Last edited by snurckle; 25th March 2005 at 11:57 PM.

  9. #9
    tmdii2005 Guest
    dovecot is running ok. I restarted dovecot, and tried to send a mail to myself in webmail, and got some messages like below.

    1. for /var/log/messages:

    Mar 26 21:47:13 Server dovecot: dovecot shutdown succeeded
    Mar 26 21:47:14 Server dovecot: dovecot startup succeeded
    Mar 26 21:49:30 Server kernel: audit(1111891770.517:0): avc: denied { read } for pid=5336 exe=/usr/sbin/httpd name=sh dev=hda2 ino=3342445 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:bin_t tclass=lnk_file

    2. for /var/log/maillog:

    Mar 26 21:47:13 Server dovecot: Killed with signal 15
    Mar 26 21:47:14 Server dovecot: Dovecot starting up
    Mar 26 21:47:48 Server imap-login: Login: me [127.0.0.1]
    Mar 26 21:49:11 Server imap-login: Login: me [127.0.0.1]
    Mar 26 21:52:49 Server last message repeated 5 times
    Mar 26 21:57:50 Server imap-login: Login: me [127.0.0.1]

    I don't know what was wrong. Please give me some advice. Thanks alot.

  10. #10
    snurckle Guest
    Try using Thunderbird or some other POP3/IMAP client to send yourself a message.

    /var/log/maillog should have reported getting a message if you sent yourself one. On top of that, I don't see postfix in either of the logs, so it may be something simple- like you didn't start Postfix, or--there was an error when it started so it is locked.

    do the tail -f /var/log/maillog and tail -f /var/log/messages (in seperate windows)

    just to make sure everything is running copy the following line, and execute on your commandline:

    Code:
    service dovecot restart;service amavisd restart;service spamassassin restart;service postfix restart
    I put the postfix at the end, because I think that's where your problem is. If you send yourself a test message, and it isn't getting back to you...or in this case- you logged in, sent yourself a message, and it didn't show up in /var/log/maillog I suspect postfix has a problem.

    post the logfile messages.

  11. #11
    basketkase999 Guest
    This a great Walkthrough. I was wondering however if we have to do any dns/bind stuff on the box for the domain name i want to use?

  12. #12
    snurckle Guest
    of course you do. But that's easy as well. Let me know if you need help

  13. #13
    basketkase999 Guest
    I had an old email server on RHL 9 before I upgraded to Fedora 3. I based my server off of the following: http://www.netikus.net/documents/Lin...stallation.pdf . I assume that the section on configuring dns will apply the same to this email server. I'm still a noob so I am still not 100% sure. If you have any specific guides on how to setup the dns stuff I would greatly appreciated it! Thanks in advance!

  14. #14
    basketkase999 Guest
    Also, I have the same problem sportq had. I tried all the fixes snurckle suggested but it still didn't work. Any suggestions, as i don't see a follow up about it?

  15. #15
    basketkase999 Guest
    Another problem: I try to restart postfix, and it says its starts ok. But when i run "service postfix status", I get "master is stopped". Any ideas?

Page 1 of 9 123 ... LastLast

Similar Threads

  1. Postfix, amavisd-new, clamav, spamassassin Fedora 7
    By RevDarkman in forum Servers & Networking
    Replies: 4
    Last Post: 3rd October 2007, 04:01 PM
  2. EMail server setup: FC6+Postfix+Dovecot+Squirrelmail
    By rdnewman in forum Servers & Networking
    Replies: 2
    Last Post: 5th August 2007, 01:04 AM
  3. Postfix Spamassassin Amavisd Clamav: Slow down
    By jinfeld in forum Servers & Networking
    Replies: 2
    Last Post: 13th November 2006, 08:19 PM
  4. Receving eMail? Squirrelmail, Dovecot, Postfix
    By simonsez in forum Servers & Networking
    Replies: 0
    Last Post: 21st July 2005, 08:45 PM
  5. Install mail server from Postfix/CyrusSASL2/PAM-MySQL/MySQL/Dovecot/Amavisd/Clamav
    By chengcsw in forum Guides & Solutions (Not For Questions)
    Replies: 7
    Last Post: 26th April 2005, 08:38 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
[[template footer(Guest)]]