422 lines
9.2 KiB
HTML
422 lines
9.2 KiB
HTML
|
<HTML
|
|||
|
><HEAD
|
|||
|
><TITLE
|
|||
|
>Technologies</TITLE
|
|||
|
><META
|
|||
|
NAME="GENERATOR"
|
|||
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
|
|||
|
REL="HOME"
|
|||
|
TITLE="Postfix-Cyrus-Web-cyradm-HOWTO"
|
|||
|
HREF="index.html"><LINK
|
|||
|
REL="PREVIOUS"
|
|||
|
TITLE="Introduction"
|
|||
|
HREF="intro.html"><LINK
|
|||
|
REL="NEXT"
|
|||
|
TITLE="Getting and installing the software"
|
|||
|
HREF="install.html"></HEAD
|
|||
|
><BODY
|
|||
|
CLASS="SECT1"
|
|||
|
BGCOLOR="#FFFFFF"
|
|||
|
TEXT="#000000"
|
|||
|
LINK="#0000FF"
|
|||
|
VLINK="#840084"
|
|||
|
ALINK="#0000FF"
|
|||
|
><DIV
|
|||
|
CLASS="NAVHEADER"
|
|||
|
><TABLE
|
|||
|
SUMMARY="Header navigation table"
|
|||
|
WIDTH="100%"
|
|||
|
BORDER="0"
|
|||
|
CELLPADDING="0"
|
|||
|
CELLSPACING="0"
|
|||
|
><TR
|
|||
|
><TH
|
|||
|
COLSPAN="3"
|
|||
|
ALIGN="center"
|
|||
|
>Postfix-Cyrus-Web-cyradm-HOWTO</TH
|
|||
|
></TR
|
|||
|
><TR
|
|||
|
><TD
|
|||
|
WIDTH="10%"
|
|||
|
ALIGN="left"
|
|||
|
VALIGN="bottom"
|
|||
|
><A
|
|||
|
HREF="intro.html"
|
|||
|
ACCESSKEY="P"
|
|||
|
>Prev</A
|
|||
|
></TD
|
|||
|
><TD
|
|||
|
WIDTH="80%"
|
|||
|
ALIGN="center"
|
|||
|
VALIGN="bottom"
|
|||
|
></TD
|
|||
|
><TD
|
|||
|
WIDTH="10%"
|
|||
|
ALIGN="right"
|
|||
|
VALIGN="bottom"
|
|||
|
><A
|
|||
|
HREF="install.html"
|
|||
|
ACCESSKEY="N"
|
|||
|
>Next</A
|
|||
|
></TD
|
|||
|
></TR
|
|||
|
></TABLE
|
|||
|
><HR
|
|||
|
ALIGN="LEFT"
|
|||
|
WIDTH="100%"></DIV
|
|||
|
><DIV
|
|||
|
CLASS="SECT1"
|
|||
|
><H1
|
|||
|
CLASS="SECT1"
|
|||
|
><A
|
|||
|
NAME="TECH"
|
|||
|
></A
|
|||
|
>2. Technologies</H1
|
|||
|
><DIV
|
|||
|
CLASS="SECT2"
|
|||
|
><H2
|
|||
|
CLASS="SECT2"
|
|||
|
><A
|
|||
|
NAME="POSTFIX"
|
|||
|
></A
|
|||
|
>2.1. The Postfix MTA</H2
|
|||
|
><A
|
|||
|
NAME="AEN187"
|
|||
|
></A
|
|||
|
><TABLE
|
|||
|
BORDER="0"
|
|||
|
WIDTH="100%"
|
|||
|
CELLSPACING="0"
|
|||
|
CELLPADDING="0"
|
|||
|
CLASS="BLOCKQUOTE"
|
|||
|
><TR
|
|||
|
><TD
|
|||
|
WIDTH="10%"
|
|||
|
VALIGN="TOP"
|
|||
|
> </TD
|
|||
|
><TD
|
|||
|
WIDTH="80%"
|
|||
|
VALIGN="TOP"
|
|||
|
><P
|
|||
|
> Postfix attempts to be fast, easy to administer, and secure, while at the same time
|
|||
|
being sendmail compatible enough to not upset existing users. Thus, the outside has a
|
|||
|
sendmail-ish flavor, but the inside is completely different.</P
|
|||
|
></TD
|
|||
|
><TD
|
|||
|
WIDTH="10%"
|
|||
|
VALIGN="TOP"
|
|||
|
> </TD
|
|||
|
></TR
|
|||
|
><TR
|
|||
|
><TD
|
|||
|
COLSPAN="2"
|
|||
|
ALIGN="RIGHT"
|
|||
|
VALIGN="TOP"
|
|||
|
>--<SPAN
|
|||
|
CLASS="ATTRIBUTION"
|
|||
|
>www.postfix.org</SPAN
|
|||
|
></TD
|
|||
|
><TD
|
|||
|
WIDTH="10%"
|
|||
|
> </TD
|
|||
|
></TR
|
|||
|
></TABLE
|
|||
|
><P
|
|||
|
> <DIV
|
|||
|
CLASS="FIGURE"
|
|||
|
><A
|
|||
|
NAME="AEN191"
|
|||
|
></A
|
|||
|
><P
|
|||
|
><B
|
|||
|
>Figure 1. Postfix - the big picture</B
|
|||
|
></P
|
|||
|
><P
|
|||
|
><IMG
|
|||
|
SRC="big-picture.png"></P
|
|||
|
></DIV
|
|||
|
>
|
|||
|
</P
|
|||
|
><P
|
|||
|
>Doesn't it look impressive? - It looks much more complicated than it is. Postfix is indeed nice
|
|||
|
to configure and handle.</P
|
|||
|
><P
|
|||
|
>Unlike sendmail, postfix is not one monolithic program, it is a compilation of small programs, each of
|
|||
|
which has a specialized function.
|
|||
|
At this point I don't what to go into details about what each program does what.
|
|||
|
If you are interested how Postfix works, please see the documentation at
|
|||
|
<A
|
|||
|
HREF="http://www.postfix.org/docs.html"
|
|||
|
TARGET="_top"
|
|||
|
>http://www.postfix.org/docs.html</A
|
|||
|
>
|
|||
|
</P
|
|||
|
><P
|
|||
|
>In this document you will find the information needed to get the system running in conjunction with the other components of a full e-mail setup.</P
|
|||
|
></DIV
|
|||
|
><DIV
|
|||
|
CLASS="SECT2"
|
|||
|
><H2
|
|||
|
CLASS="SECT2"
|
|||
|
><A
|
|||
|
NAME="CYRUS"
|
|||
|
></A
|
|||
|
>2.2. Cyrus IMAP</H2
|
|||
|
><P
|
|||
|
>Cyrus IMAP is developed and maintained by Carnegie Mellon University.</P
|
|||
|
><P
|
|||
|
>Unlike the WU-IMAPd package, Cyrus uses its own method to store the user's mail.
|
|||
|
Each message is stored in its own file.
|
|||
|
The benefit of using separate files is improved reliability since only one message is lost if there is a filesystem error.
|
|||
|
Metadata such as the status of a message (seen, etc) is stored in a database.
|
|||
|
Additionally, the messages are indexed to improve Cyrus performance, specially with lots of users and/or lots of big emails.
|
|||
|
There is nothing else as fast as the Cyrus IMAP-server.</P
|
|||
|
><P
|
|||
|
> Another very important feature is that you don't need a local Un*x user for each account. All users are
|
|||
|
authenticated by the IMAP-Server. This makes it a great solution when you have a really huge number of users.</P
|
|||
|
><P
|
|||
|
> User administration is done by special IMAP-commands. This allows you to either use the commandline interface
|
|||
|
or use one of the available Web interfaces. This method is much more secure than a Webinterface to
|
|||
|
<TT
|
|||
|
CLASS="FILENAME"
|
|||
|
> /etc/passwd</TT
|
|||
|
>.</P
|
|||
|
><P
|
|||
|
>Starting from Cyrus 2.1, SASL-lib version 2 is used for authentication.
|
|||
|
For the setup described in this HOWTO, a tree-layer authentication is implemented.
|
|||
|
Cyrus authenticates with saslauthdaemon which forwards the request
|
|||
|
to pam_mysql which finally looks up the user information in the MySQL-table.</P
|
|||
|
><P
|
|||
|
> Since CMU changed the license policy for Cyrus, this software is going to be used by many more users.</P
|
|||
|
></DIV
|
|||
|
><DIV
|
|||
|
CLASS="SECT2"
|
|||
|
><H2
|
|||
|
CLASS="SECT2"
|
|||
|
><A
|
|||
|
NAME="SASL"
|
|||
|
></A
|
|||
|
>2.3. Cyrus SASL</H2
|
|||
|
><P
|
|||
|
>SASL means <20>Simple Authentication and Security Layer<65>. It is standardized by the IETF (Internet
|
|||
|
Engineering Taskforce). SASL is used by network servers (in this case Cyrus-IMAP) to
|
|||
|
handle authentication requests from clients.</P
|
|||
|
><P
|
|||
|
>Cyrus SASL is a extensive software, and sometimes not easy to understand.
|
|||
|
Even I have just the minimum knowledge needed to write this HOWTO.</P
|
|||
|
></DIV
|
|||
|
><DIV
|
|||
|
CLASS="SECT2"
|
|||
|
><H2
|
|||
|
CLASS="SECT2"
|
|||
|
><A
|
|||
|
NAME="OPENSSL"
|
|||
|
></A
|
|||
|
>2.4. OpenSSL</H2
|
|||
|
><P
|
|||
|
>OpenSSL is a library needed by SASL for encryption of the data-stream. It is used by
|
|||
|
almost all opensource software that need encryption.
|
|||
|
Most or all Un*x distributions come with a pre-installed OpenSSL.
|
|||
|
Be sure to also install the appropriate devel-package. If you like, you can
|
|||
|
compile OpenSSL by yourself. This will be required if you need to fix a security hole.
|
|||
|
</P
|
|||
|
></DIV
|
|||
|
><DIV
|
|||
|
CLASS="SECT2"
|
|||
|
><H2
|
|||
|
CLASS="SECT2"
|
|||
|
><A
|
|||
|
NAME="MYSQL"
|
|||
|
></A
|
|||
|
>2.5. MySQL Database</H2
|
|||
|
><P
|
|||
|
>MySQL is a very fast, powerful and very easy to use database.</P
|
|||
|
><P
|
|||
|
>Since Cyrus can authenticate its users with pam, you can use pam_mysql as a connector to the
|
|||
|
user database stored in MySQL. This allows you to create a nice Webinterface for your users for changing
|
|||
|
passwords, defining and deleting aliases and more.</P
|
|||
|
></DIV
|
|||
|
><DIV
|
|||
|
CLASS="SECT2"
|
|||
|
><H2
|
|||
|
CLASS="SECT2"
|
|||
|
><A
|
|||
|
NAME="PAM-MYSQL"
|
|||
|
></A
|
|||
|
>2.6. pam_mysql</H2
|
|||
|
><P
|
|||
|
>pam means "Pluggable Authentication module" and was originally proposed by some people at Sun.
|
|||
|
In meantime a lot of modules have been developed. One of them is an interface to MySQL</P
|
|||
|
><P
|
|||
|
>With pam_mysql you store the users password in a MySQL database. Further, Postfix is able to
|
|||
|
lookup aliases from a MySQL-table. At the end of the day, you have a base for all administrative tasks
|
|||
|
to be done by the postmaster.</P
|
|||
|
><P
|
|||
|
>You will be able to delegate some tasks to powerusers. For example, tasks such as creating accounts, changing passwords and creating new aliases can be delegated to an administrator for a particular domain.
|
|||
|
At the end of the day, you, as a sysadmin, will have the time to do some more productive tasks or write a HOWTO for the Linux Documentation Project.</P
|
|||
|
></DIV
|
|||
|
><DIV
|
|||
|
CLASS="SECT2"
|
|||
|
><H2
|
|||
|
CLASS="SECT2"
|
|||
|
><A
|
|||
|
NAME="WEB-CYRADM"
|
|||
|
></A
|
|||
|
>2.7. Web-cyradm Webinterface</H2
|
|||
|
><P
|
|||
|
> <DIV
|
|||
|
CLASS="FIGURE"
|
|||
|
><A
|
|||
|
NAME="AEN226"
|
|||
|
></A
|
|||
|
><P
|
|||
|
><B
|
|||
|
>Figure 2. Web-cyradm Domain administration</B
|
|||
|
></P
|
|||
|
><P
|
|||
|
><IMG
|
|||
|
SRC="home.png"></P
|
|||
|
></DIV
|
|||
|
>
|
|||
|
</P
|
|||
|
><P
|
|||
|
>Web-cyradm is the webinterface that allows you to perform the administrative tasks required to maintain the mail system.
|
|||
|
This screenshot shows the domain administration part of Web-cyradm.</P
|
|||
|
><P
|
|||
|
>Web-cyradm is written in PHP, the most sophisticated html-preprocessor language.
|
|||
|
If you don't have a webserver with php installed, I would like to refer you to my
|
|||
|
<A
|
|||
|
HREF="http://www.delouw.ch/linux/apache.phtml"
|
|||
|
TARGET="_top"
|
|||
|
>Apache-Compile-HOWTO</A
|
|||
|
>.
|
|||
|
This document describes how to set up Apache with PHP and other modules.</P
|
|||
|
><P
|
|||
|
>Web-cyradm is under active development from people around the globe. The list of features grows
|
|||
|
with each release. If you would like to contribute to web-cyradm, or you have a nice idea, feel free to contact
|
|||
|
the mailinglist on <A
|
|||
|
HREF="http://www.web-cyradm.org"
|
|||
|
TARGET="_top"
|
|||
|
>http://www.web-cyradm.org</A
|
|||
|
>
|
|||
|
</P
|
|||
|
><P
|
|||
|
> The following is a partial list of features:
|
|||
|
<P
|
|||
|
></P
|
|||
|
><UL
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Administration of multiple virtual domains</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Setting of quotas</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Automatically creating usernames, either with a defined prefix, or the domainname</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Delegation of tasks such as creating new users to <20>Domain Masters<72> </P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Mapping of user-accounts to email addresses</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Forwarding of accounts to single aliases</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Vacation functions for a single aliases</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Support for SMTP Transport Tables</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Support for MySQL and PostgreSQL</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>i18n (internationalization) support (including different charsets)</P
|
|||
|
></LI
|
|||
|
><LI
|
|||
|
><P
|
|||
|
>Translated into 18 Languages and growing</P
|
|||
|
></LI
|
|||
|
></UL
|
|||
|
>
|
|||
|
</P
|
|||
|
><P
|
|||
|
>Web-cyradm supports different roles of its users.
|
|||
|
If you plan to use it as a frontend for your powerusers, please notice
|
|||
|
that security may be a problem. The role based stuff needs a security review.
|
|||
|
</P
|
|||
|
></DIV
|
|||
|
></DIV
|
|||
|
><DIV
|
|||
|
CLASS="NAVFOOTER"
|
|||
|
><HR
|
|||
|
ALIGN="LEFT"
|
|||
|
WIDTH="100%"><TABLE
|
|||
|
SUMMARY="Footer navigation table"
|
|||
|
WIDTH="100%"
|
|||
|
BORDER="0"
|
|||
|
CELLPADDING="0"
|
|||
|
CELLSPACING="0"
|
|||
|
><TR
|
|||
|
><TD
|
|||
|
WIDTH="33%"
|
|||
|
ALIGN="left"
|
|||
|
VALIGN="top"
|
|||
|
><A
|
|||
|
HREF="intro.html"
|
|||
|
ACCESSKEY="P"
|
|||
|
>Prev</A
|
|||
|
></TD
|
|||
|
><TD
|
|||
|
WIDTH="34%"
|
|||
|
ALIGN="center"
|
|||
|
VALIGN="top"
|
|||
|
><A
|
|||
|
HREF="index.html"
|
|||
|
ACCESSKEY="H"
|
|||
|
>Home</A
|
|||
|
></TD
|
|||
|
><TD
|
|||
|
WIDTH="33%"
|
|||
|
ALIGN="right"
|
|||
|
VALIGN="top"
|
|||
|
><A
|
|||
|
HREF="install.html"
|
|||
|
ACCESSKEY="N"
|
|||
|
>Next</A
|
|||
|
></TD
|
|||
|
></TR
|
|||
|
><TR
|
|||
|
><TD
|
|||
|
WIDTH="33%"
|
|||
|
ALIGN="left"
|
|||
|
VALIGN="top"
|
|||
|
>Introduction</TD
|
|||
|
><TD
|
|||
|
WIDTH="34%"
|
|||
|
ALIGN="center"
|
|||
|
VALIGN="top"
|
|||
|
> </TD
|
|||
|
><TD
|
|||
|
WIDTH="33%"
|
|||
|
ALIGN="right"
|
|||
|
VALIGN="top"
|
|||
|
>Getting and installing the software</TD
|
|||
|
></TR
|
|||
|
></TABLE
|
|||
|
></DIV
|
|||
|
></BODY
|
|||
|
></HTML
|
|||
|
>
|