Changes

1,698 bytes added , 12:37, 21 August 2019

m

→‎Create email account

Line 100: Line 100:

/etc/apache2/sites-available/webmail.conf

−

ServerAdmin rafael@herrerosolis.com

+

ServerAdmin rafael@herrerosolis.com

−

Redirect permanent / https://webmail.herrerosolis.com/

+

Redirect permanent / https://webmail.herrerosolis.com/

−

# DocumentRoot /var/www/rafael

+

# DocumentRoot /var/www/rafael

−

ServerName webmail.herrerosolis.com

+

ServerName webmail.herrerosolis.com

−

ServerAlias webmail.herrerosolis.com

+

ServerAlias webmail.herrerosolis.com

−

ErrorLog /var/log/apache2/webmail/error.log

+

ErrorLog /var/log/apache2/webmail/error.log

−

+

−

# Posible values include: debug, info, notice, warn, error, crit.

+

# Posible values include: debug, info, notice, warn, error, crit.

−

# alert, emerg.

+

# alert, emerg.

−

+

−

CustomLog /var/log/apache2/webmail/access.log combined

+

CustomLog /var/log/apache2/webmail/access.log combined

−

</virtualHost>

+

</virtualHost>

−

+

−

+

−

ServerAdmin rafael@herrerosolis.com

+

ServerAdmin rafael@herrerosolis.com

−

DocumentRoot /var/lib/roundcube

+

DocumentRoot /var/lib/roundcube

−

ServerName webmail.herrerosolis.com

+

ServerName webmail.herrerosolis.com

−

ServerAlias webmail.herrerosolis.com

+

ServerAlias webmail.herrerosolis.com

−

+

−

ErrorLog /var/log/apache2/webmail/error.log

+

ErrorLog /var/log/apache2/webmail/error.log

−

+

−

# Posible values include: debug, info, notice, warn, error, crit.

+

# Posible values include: debug, info, notice, warn, error, crit.

−

# alert, emerg.

+

# alert, emerg.

−

CustomLog /var/log/apache2/webmail/access.log combined

+

CustomLog /var/log/apache2/webmail/access.log combined

−

SSLEngine on

+

SSLEngine on

−

SSLCertificateFile /etc/ssl/certs/herrerosolis.crt

+

SSLCertificateFile /etc/ssl/certs/herrerosolis.crt

−

SSLCertificateKeyFile /etc/ssl/private/herrerosolis.key

+

SSLCertificateKeyFile /etc/ssl/private/herrerosolis.key

−

</virtualHost>

+

</virtualHost>

−

</nowiki>

+

</nowiki>

−

===OPTIONAL: Remove TinyMCE===

+

====OPTIONAL: Remove TinyMCE====

TinyMCE is a WYSIWYG text-editor for HTML emails. I hate it. It had a long history of being insecure, buggy, slow, and hard to use. So I disable it:

Line 136: Line 136:

<nowiki>Comment out these lines:

−

#<Directory "/usr/share/tinymce/www/">

+

#<Directory "/usr/share/tinymce/www/">

−

# Options Indexes MultiViews FollowSymLinks

+

# Options Indexes MultiViews FollowSymLinks

−

# AllowOverride None

+

# AllowOverride None

−

# Order allow,deny

+

# Order allow,deny

−

# allow from all

+

# allow from all

−

#</Directory>

+

#</Directory>

−

</nowiki>

+

</nowiki>

===Create Databases===

−

mysql -u root -p

+

+

mysql -u root -p

+

</syntaxhighlight>

+

+

CREATE DATABASE email_accounts;

+

USE email_accounts;

+

CREATE TABLE mailboxes (

+

id INT(10) NOT NULL AUTO_INCREMENT PRIMARY KEY,

+

domain_id INT(10) NOT NULL,

+

local_part VARCHAR(250) NOT NULL,

+

password VARCHAR(100) NULL,

+

description VARCHAR(250) NULL,

+

active TINYINT(1) NOT NULL DEFAULT 0,

+

created TIMESTAMP NOT NULL DEFAULT NOW(),

+

modified TIMESTAMP NULL

+

);

−

CREATE ~~DATABASE email_accounts~~;

+

CREATE TABLE aliases (

+

id INT(10) NOT NULL AUTO_INCREMENT PRIMARY KEY,

+

domain_id INT(10) NOT NULL,

+

local_part VARCHAR(250) NOT NULL,

+

goto VARCHAR(250) NOT NULL,

+

description VARCHAR(250) NULL,

+

active TINYINT(1) NOT NULL DEFAULT 0,

+

created TIMESTAMP NOT NULL DEFAULT NOW(),

+

modified TIMESTAMP NULL

+

);

−

~~USE email_accounts~~;

+

CREATE TABLE vacations (

+

id INT(10) NOT NULL AUTO_INCREMENT PRIMARY KEY,

+

mailbox_id INT(10) NOT NULL,

+

subject VARCHAR(250) NOT NULL,

+

body TEXT NOT NULL,

+

description VARCHAR(250) NULL,

+

active TINYINT(1) NOT NULL DEFAULT 0,

+

created TIMESTAMP NOT NULL DEFAULT NOW(),

+

modified TIMESTAMP NULL

+

);

−

~~<nowiki>CREATE TABLE mailboxes (~~

+

CREATE TABLE domains (

−

~~id INT(10) NOT NULL AUTO_INCREMENT PRIMARY KEY,~~

+

id INT(10) NOT NULL AUTO_INCREMENT PRIMARY KEY,

−

~~domain_id INT(10) NOT NULL,~~

+

fqdn VARCHAR(250) NOT NULL,

−

~~local_part VARCHAR(250) NOT NULL,~~

+

type ENUM('local','relay') NOT NULL DEFAULT 'local',

−

~~password VARCHAR(100) NULL,~~

+

description VARCHAR(250) NULL,

−

~~description VARCHAR(250) NULL,~~

+

active TINYINT(1) NOT NULL DEFAULT 0,

−

~~active TINYINT(1) NOT NULL DEFAULT 0,~~

+

created TIMESTAMP NOT NULL DEFAULT NOW(),

−

~~created TIMESTAMP NOT NULL DEFAULT NOW(),~~

+

modified TIMESTAMP NULL

−

~~modified TIMESTAMP NULL~~

+

);

−

);

+

</syntaxhighlight>

−

~~CREATE TABLE aliases (~~

+

−

~~id INT(10) NOT NULL AUTO_INCREMENT PRIMARY KEY,~~

−

~~domain_id INT(10) NOT NULL,~~

−

~~local_part VARCHAR(250) NOT NULL,~~

−

~~goto VARCHAR(250) NOT NULL,~~

−

~~description VARCHAR(250) NULL,~~

−

~~active TINYINT(1) NOT NULL DEFAULT 0,~~

−

~~created TIMESTAMP NOT NULL DEFAULT NOW(),~~

−

~~modified TIMESTAMP NULL~~

−

);

−

~~CREATE TABLE vacations (~~

−

~~id INT(10) NOT NULL AUTO_INCREMENT PRIMARY KEY,~~

−

~~mailbox_id INT(10) NOT NULL,~~

−

~~subject VARCHAR(250) NOT NULL,~~

−

~~body TEXT NOT NULL,~~

−

~~description VARCHAR(250) NULL,~~

−

~~active TINYINT(1) NOT NULL DEFAULT 0,~~

−

~~created TIMESTAMP NOT NULL DEFAULT NOW(),~~

−

~~modified TIMESTAMP NULL~~

−

);

−

CREATE TABLE domains (

−

id INT(10) NOT NULL AUTO_INCREMENT PRIMARY KEY,

−

fqdn VARCHAR(250) NOT NULL,

−

type ENUM('local','relay') NOT NULL DEFAULT 'local',

−

description VARCHAR(250) NULL,

−

active TINYINT(1) NOT NULL DEFAULT 0,

−

created TIMESTAMP NOT NULL DEFAULT NOW(),

−

modified TIMESTAMP NULL

−

);

−

</~~nowiki~~>

===Create your first email account and domain===

====Domain====

−

<~~nowiki~~>INSERT INTO domains VALUES(NULL,'herrerosolis.com','local','My personal domain',1,NOW(),NOW());</~~nowiki~~>

+

+

INSERT INTO domains VALUES(NULL,'herrerosolis.com','local','My personal domain',1,NOW(),NOW());

+

</syntaxhighlight>

+

====User====

−

<~~nowiki~~>INSERT INTO mailboxes VALUES(NULL,1,'joe',MD5('password - choose a good one'),'My account for joe@herrerosolis.com',1,NOW(),NOW());</~~nowiki~~>

+

+

INSERT INTO mailboxes VALUES(NULL,1,'joe',MD5('password - choose a good one'),'My account for joe@herrerosolis.com',1,NOW(),NOW());

+

</syntaxhighlight>

+

====Alias====

−

<~~nowiki~~>insert into aliases values (null, 1, 'rafa', 'rafael@herrerosolis.com', 'Redirect to me', 1, NOW(), NOW() );</~~nowiki~~>

+

+

insert into aliases values (null, 1, 'rafa', 'rafael@herrerosolis.com', 'Redirect to me', 1, NOW(), NOW() );

+

</syntaxhighlight>

+

===Create a database-account to access the database===

−

<~~nowiki~~>grant ALL on email_accounts.* to '~~email~~'@'localhost' identified by 'password';

+

−

flush privileges;

+

grant ALL on email_accounts.* to 'cartero'@'localhost' identified by 'password';

−

</~~nowiki~~>

+

flush privileges;

+

</syntaxhighlight>

+

http://bradthemad.org/tech/notes/exim_cheatsheet.php

Line 363: Line 379:

server_set_id = $auth1

−

</syntaxhighlight>

+

</syntaxhighlight>

−

Line 420: Line 435:

cat /etc/passwd | grep mail

−

ADD to the file /etc/dovecot/dovecot.conf

+

ADD to the file /etc/dovecot/dovecot.conf<syntaxhighlight lang="text">

−

<~~nowiki~~>protocols = imap

+

protocols = imap

−

listen = *, ::</~~nowiki~~>

+

listen = *, ::

+

</syntaxhighlight>

+

Add to the file /etc/dovecot/conf.d/10-mail.conf

Line 430: Line 447:

<nowiki>!include auth-sql.conf.ext</nowiki>

−

ADD to the file /etc/dovecot/dovecot-sql.conf.ext

+

ADD to the file /etc/dovecot/dovecot-sql.conf.ext<syntaxhighlight lang="text">

−

<~~nowiki~~>driver = mysql

+

driver = mysql

−

connect = host=127.0.0.1 dbname=~~email_accounts~~ user=~~email~~ password=~~password~~

+

−

default_pass_scheme = MD5

+

connect = host=127.0.0.1 dbname=[MYSQL DATABASE] user=[MYSQL user] password=[MYSQL mailbox PASSWORD plain text]

−

+

default_pass_scheme = MD5

−

password_query = SELECT CONCAT(mailboxes.local_part,'@',domains.fqdn) as `user`, mailboxes.password AS `password`,'/var/spool/mail/%d/%n' AS `userdb_home`, [YOUR ~~UID~~] AS `userdb_uid`, [YOUR GID] AS `userdb_gid` FROM `mailboxes`, `domains` WHERE mailboxes.local_part = '%n' AND mailboxes.active = 1 AND mailboxes.domain_id = domains.id AND domains.fqdn = '%d' AND domains.active = 1

+

−

+

password_query = SELECT CONCAT(mailboxes.local_part,'@',domains.fqdn) as `user`, mailboxes.password AS `password`,'/var/spool/mail/%d/%n' AS `userdb_home`, [YOUR mail user GID] AS `userdb_uid`, [YOUR mail user GID] AS `userdb_gid` FROM `mailboxes`, `domains` WHERE mailboxes.local_part = '%n' AND mailboxes.active = 1 AND mailboxes.domain_id = domains.id AND domains.fqdn = '%d' AND domains.active = 1

−

user_query = SELECT '/var/spool/mail/%d/%n' AS `home`, [YOUR UID] AS `uid`, [YOUR GID] AS `gid`</~~nowiki~~>

+

user_query = SELECT '/var/spool/mail/%d/%n' AS `home`, [YOUR mail USER UID] AS `uid`, [YOUR mail user GID] AS `gid`

+

</syntaxhighlight>

+

====SSL====

- Get certificates ej: Lets Encrypt

Edit: /etc/dovecot/conf.d/10-ssl.conf

−

~~<nowiki>~~ssl = required

+

ssl = required

−

~~# Preferred permissions: root:root 0444~~

+

−

~~ssl_cert~~ = </etc/~~ssl~~/~~certs~~/~~dovecot~~.pem

+

ssl_key = </etc/letsencrypt/live/webmail.herrerosolis.com/privkey.pem

−

~~# Preferred permissions: root:root 0400~~

+

ssl_cert = </etc/letsencrypt/live/webmail.herrerosolis.com/fullchain.pem

−

~~ssl_key~~ = </etc/~~ssl~~/~~private~~/~~dovecot~~.pem~~</nowiki>~~

====Ports====

Line 465: Line 485:

Add to /etc/roundcube/config.inc.php

<nowiki>$config['imap_conn_options'] = array(

−

'ssl' => array(

+

'ssl' => array(

−

'verify_peer' => false,

+

'verify_peer' => false,

−

'verify_peer_name' => false,

+

'verify_peer_name' => false,

−

'allow_self_signed' => true,

+

'allow_self_signed' => true,

−

),

+

),

−

);

+

);

−

</nowiki>

+

</nowiki>

====Enable Password Plugin====

Line 501: Line 521:

Then edit your local composer.json file and add the "vendor/plugin" names to the "require" section of the JSON structure. Don't forget to specify the version constraint:

<nowiki>"require" : {

−

...,

+

...,

−

"roundcube/rcsample": ">=0.2.0"

+

"roundcube/rcsample": ">=0.2.0"

−

}</nowiki>

+

}</nowiki>

After every change to composer.json run

php composer.phar install

−

==Restart Everithing==

+

==Restart Everithing==

−

<~~nowiki~~>/etc/init.d/apache2 restart

+

−

/etc/init.d/exim4 restart

+

/etc/init.d/apache2 restart

−

/etc/init.d/dovecot restart</~~nowiki~~>

+

/etc/init.d/exim4 restart

−

+

/etc/init.d/dovecot restart

−

Exim may output a “paniclog”. If so, read it, fix it – and then manually delete the paniclog file, or else you’ll keep getting fake warnings every time you restart exim.

+

</syntaxhighlight>Exim may output a “paniclog”. If so, read it, fix it – and then manually delete the paniclog file, or else you’ll keep getting fake warnings every time you restart exim.

−

Line 562: Line 578:

mailq | grep frozen | awk '{print $3}' | xargs exim -v -M

+

====Exim usefull commands====

+

https://hostpapasupport.com/list-useful-commands-manage-exim-mail-server/

+

====Spam filters filtering your mails====

+

https://www.mail-tester.com/

Line 587: Line 609:

1. In the file /etc/dovecot/conf.d/auth-sql-conf.ext uncomment driver and set it to mysql

2. /etc/dovecot/conf.d/10-mail.conf uncomment first_valid_uid and set it to [your_uid] (ie. 8). If you need to do the same for first_valid_gid

+

https://pasztor.at/blog/the-big-exim-tutorial

=Adding new Domains=

#Add the new domain to to MySQL email_accounts.domains

#Start creating accounts with the new domain id

+

=Auxiliary Scripts=

+

===Create email account===

+

+

#!/bin/bash

+

PASSWORD1="hola"

+

PASSWORD2="mundo"

+

DOMAIN="herrerosolis.com"

+

echo "******************************* MAIL ACCOUNT INFORMATION *****************************************"

+

read -p "Username (without@herrerosolis.com): " USERNAME

+

while [[ "$PASSWORD1" != "$PASSWORD2" ]]; do

+

read -s -p "Password: " PASSWORD1

+

echo

+

read -s -p "Confirm password: " PASSWORD2

+

if [ "$PASSWORD1" != "$PASSWORD2" ]; then

+

echo "Passwords dont match, try again..."

+

fi

+

done

+

echo

+

echo

+

echo "Input MySQL database password for user mail"

+

mysql -h 127.0.0.1 -u cartero -p -D email_accounts -e "INSERT INTO mailboxes VALUES(NULL,1,'$USERNAME',MD5('$PASSWORD1'),'Mail account for $USERNAME@${DOMAIN}',1,NOW(),NOW());"

+

</syntaxhighlight>

+

===Create email alias===

+

+

#!/bin/bash

+

echo "******************************* MAIL ACCOUNT INFORMATION *****************************************"

+

read -p "Alias name (without _@redactate.com): " ALIAS

+

read -p "Destiny account (full email address): " GOTO

+

echo

+

echo

+

echo "Input MySQL database password for user mail"

+

mysql -h 127.0.0.1 -u cartero -p -D email_accounts -e "INSERT INTO aliases VALUES (null, 2, '$ALIAS', '$GOTO', 'Redirecting $ALIAS@ to $GOTO', 1, NOW(),NOW());"

+

</syntaxhighlight>

Rafahsolis

Bureaucrats, Administrators

2,306

edits

Changes

Linux Mail Server: Exim4 (view source)

Revision as of 12:37, 21 August 2019

Navigation menu

Search