Complete Virtual Mail Server/Admin Support Systems

From Gentoo Wiki
Jump to:navigation Jump to:search

Administration interface

This document will not rely on any of the applications mentioned in this chapter. They can be installed and used, but a valid system should work without any of these in place. There is one exception however, www-apps/postfixadmin. The exception exists that postfixadmin will be used to create the initial tables. The reason is simple, postfixadmin could be used to administer the database and if it is not entirely happy about the table layout, things could go wrong. Thus letting postfixadmin create the tables, it is kept happy if ever it is decided to use it.

Apache, PHP and PostgreSQL

Apache, PHP and PostgreSQL are extensive packages. Read the Apache article about how to setup Apache. PHP also has a wiki page dedicated to its installation. It should be made certain that all features expected from PHP and Apache work before continuing, as they will be important for the usage of webmail and statistics presentation.

One of the core components of the setup is PostgreSQL. Make sure to read through and follow the wiki article to set up the PostgreSQL infrastructure before continuing. Alternatively there is also MySQL or LDAP.

Connecting PostgreSQL and Apache (and others) together can happen in several ways, via the network or via a UNIX socket for example. While UNIX sockets are the fastest and slightly more secure, a TCP/IP connection might be desired when connecting across multiple (virtual) servers.

When using UNIX sockets, it is important however, that common filesystem permissions are used and thus apache and postfix may need to be in the postgres group.

root #gpasswd -a apache postgres

Postfixadmin

As mentioned in the introduction, postfixadmin will be used to create the tables. This to make sure that if postfixadmin would ever be used to administer the mail accounts etc, it will understand the table format.

If not done so already, www-apps/postfixadmin should be emerged:

root #emerge --ask postfixadmin

Since postfixadmin is a web application, webapp-config will be used to install postfixadmin to localhost/postfixadmin. If an external domain is preferred and required, Apache will have to be setup adequately, preferably only over https.

root #webapp-config -h localhost -d postfixadmin -I postfixadmin 2.3.8

Postfixadmin also needs a database to store its data in and a user to access this database. The user postfixadmin will be created for postfixadmin to access the database, later another user will be created to read from this database. This way, administration and plain reading will be logically separated.

root #createuser -U postgres --pwprompt postfixadmin
Enter password for new role: $password
Enter it again: $password

A database for this user will also be needed. It will be owned by postfixadmin:

root #createdb -U postgres --owner=postfixadmin postfix

Next the postfixadmin configuration file needs to be edited to point to this database amongst other things.

Note
Postfixadmin wants a hashed password in its config file, this will be generated by visiting http://localhost/postfixadmin/setup.php. However to actually get the password, the config file needs to be setup properly beforehand. As such, filling in the password in config.inc.php can only be done after having edited it properly.
FILE /var/www/localhost/htdocs/postfixadmin/config.inc.phpDiff of postfixadmin configuration
-$CONF['configured'] = false;
+$CONF['configured'] = true;
 
-$CONF['postfix_admin_url'] = '';
+$CONF['postfix_admin_url'] = 'http://localhost/postfixadmin';
-$CONF['database_type'] = 'mysql';
+$CONF['database_type'] = 'pgsql';
 $CONF['database_host'] = 'localhost';
-$CONF['database_user'] = 'postfix';
-$CONF['database_password'] = 'postfixadmin';
+$CONF['database_user'] = 'postfixadmin';
+$CONF['database_password'] = '$password';
 $CONF['database_name'] = 'postfix';
 $CONF['database_prefix'] = '';
 
-$CONF['admin_email'] = 'postmaster@change-this-to-your.domain.tld';
+$CONF['admin_email'] = 'postmaster@example.com';
 
 
-    'abuse' => 'abuse@change-this-to-your.domain.tld',
-    'hostmaster' => 'hostmaster@change-this-to-your.domain.tld',
-    'postmaster' => 'postmaster@change-this-to-your.domain.tld',
-    'webmaster' => 'webmaster@change-this-to-your.domain.tld'
+    'abuse' => 'abuse@example.com',
+    'hostmaster' => 'hostmaster@example.com',
+    'postmaster' => 'postmaster@example.com',
+    'webmaster' => 'webmaster@example.com'
 
-$CONF['domain_path'] = 'NO';
+$CONF['domain_path'] = 'YES';
 
-$CONF['domain_in_mailbox'] = 'YES';
+$CONF['domain_in_mailbox'] = 'NO';
 
-$CONF['transport'] = 'NO';
+$CONF['transport'] = 'YES';
 
-$CONF['vacation_domain'] = 'autoreply.change-this-to-your.domain.tld';
+$CONF['vacation_domain'] = 'autoreply.example.com';
 
-$CONF['user_footer_link'] = "http://change-this-to-your.domain.tld/main";
+$CONF['user_footer_link'] = "http://example.com/";
 
-$CONF['footer_text'] = 'Return to change-this-to-your.domain.tld';
-$CONF['footer_link'] = 'http://change-this-to-your.domain.tld';
+$CONF['footer_text'] = 'Return to http://example.com/';
+$CONF['footer_link'] = 'http://example.com/';
 
-// $CONF['mailbox_postcreation_script']='sudo -u courier /usr/local/bin/postfixadmin-mailbox-postcreation.sh';
+$CONF['mailbox_postcreation_script']='sudo -u vmail /usr/local/bin/postfixadmin-mailbox-postcreation.sh';
 
-// $CONF['mailbox_postdeletion_script']='sudo -u courier /usr/local/bin/postfixadmin-mailbox-postdeletion.sh';
+$CONF['mailbox_postdeletion_script']='sudo -u vmail /usr/local/bin/postfixadmin-mailbox-postdeletion.sh';
 
-// $CONF['domain_postdeletion_script']='sudo -u courier /usr/local/bin/postfixadmin-domain-postdeletion.sh';
+$CONF['domain_postdeletion_script']='sudo -u vmail /usr/local/bin/postfixadmin-domain-postdeletion.sh';
Note
The last three entries are completely optional, but make adding and deleting of mailboxes and domains possible. When not using postfixadmin these can be omitted. Otherwise the noted scripts can be copied from /usr/share/doc/postfixadmin-2.3.7/ADDITIONS. For the scripts to work sudo needs to be installed and configured. Remember to make any used scripts executable (chmod +x), and to change the basedir and trashbase variables at the top of the scripts to the storage space.
root #visudo
apache ALL=(vmail) NOPASSWD: /usr/local/bin/postfixadmin-domain-postdeletion.sh
apache ALL=(vmail) NOPASSWD: /usr/local/bin/postfixadmin-mailbox-postcreation.sh
apache ALL=(vmail) NOPASSWD: /usr/local/bin/postfixadmin-mailbox-postdeletion.sh
This will allow apache (via postfixadmin) to run the above mentioned scripts as the vmail user.

Having postfixadmin generate the required tables, go to http://localhost/postfixadmin/setup.php and follow the instructions. Also any configuration errors or missing packages will be noted here. At this point a password hash will also be generated and can be edited into the config file. After that, super-admin users can be added to the database from this page. To log into the administrative page, go to http://localhost/postfixadmin/.

Warning
The mailsystem should end up being fully postfixadmin compatible. It should not matter if users/domains are added manually or via the postfixadmin GUI. Note however, that there are some user -> domain dependencies.
Note
If postfixadmin is not desired on the system, it can be removed after the tables have been created. Another option is to have postfixadmin create the tables on some other test system, and export/import the tables.