postfix

It’s been a while since I blogged about the installation of my eee-box – and my intention to use it as a server.

Of course, I did some basic installation in the meantime – and the box is now running perfectly.

So – here’s the final chapter in this two-part series, and a list of everything I did to get the box up and running:

Basic tools

The first thing I missed was my good old vim – easy:

sudo apt-get install vim

did the trick.

I then made sure that updates happen automatically – there’s a good page on that in the serverguide, and all I had to make sure was that mailx was installed. Logwatch is also an option – but only after a mailsystem is up and running (see below).

Web-Stuff

MySQL installation was pretty easy: I followed the server guide’s page on this, and then created also /etc/mysql/conf.d/charsets.cnf (Download here) – this helped me get rid of some UTF8-errors on my old gentoo box already…

I then made the mysql server accessible from the outside by adding

bind-address my.ip.addr.ess

into /etc/mysql/my.cnf, then following this excellent website that explains everything on how to remote access a mysql database.

After that, I installed apache2 – again, the server guide’s page on that subject includes everything necessary. The guide’s page on PHP also has a lot of good information – I ended up installing php5, libapache2-mod-php5, php5-cli and php5-mysql. Finally, I created a phpinfo.php and deleted index.html, in /var/www.

For the usage of automatic WordPress updates, I also installed an ftp-server – again, just followed the server guide. In WordPress, when installing a plugin, I then have to enter “localhost” plus my local user name plus the corresponding password, whenever it asks for a connection information.

Finally, I installed mediawiki; the packages to install were mediawiki, mediawiki-math, imagemagick and php5-gd; the installation itself is again covered in the server guide.

After the configuration of mediawiki (make sure you use the old backward-compatible charset!), I enabled TeX and uploads and moved my old mediawiki according to my own blog entry (hey – they start to come in handy!!)

For some reason, I had to change the password of my mediawiki admin user after that – luckily, I found this blog entry… and then, I installed the cite extension – again, I followed my own guide on doing so.

Samba

For Samba, the installation was really easy; the corresponding page on the ubuntu server guide explains everything needed. All I had to do was to smbpasswd my working user – and everything worked. While I now have a nice NAS, I still wanted to be able to access my home share from outside – mainly due to filesharing, see below.

Mailserver

The mailserver is always a little tricky; I decided to go with dovecot, postfix, procmail and getmail. I started with dovecot (only use the instructions relating to dovecot, not the ones relating to postfix!), and for a proper postfix installation, I closely (!) followed this doc (also, I had to install procmail in order to get over this flawlessly). I created an alias for root pointing to my working user, as explained here. And finally, I installed getmail, as explained on howtoforge.

It took me three attempts – but following these documents in the given order should do it.

Filesharing

While I obviously know that filesharing involves a lot of illegal (or at least…. grey) activities, I still use it – how to get an ubuntu ISO file faster than via bittorrent? Not to speak of all the great american tv shows that you just can’t watch around here (not even DVD’s are available, sometimes….) – so, I still rely on bittorrent and, sometimes on mldonkey. The basic instructions I noted down a while ago were useful, when it came down to configuring mldonkey (it’s config files are in /var/lib/mldonkey…)

As for bittorrent, I highly recommend to go with devinw’s installer package that installs lighthttpd, rtorrent and wtorrent – it’s in the ubuntu forums and it worked after a couple of problems – read the forum entry in case of troubles!

Backup system

I then installed rsnapshot and configured it, following the work I did a while ago.

Upgrade to 9.04

Final step was to update to 9.04 – there is a good instruction provided by the canonical folks on how to do so.

The box now runs for something over 2 months – no problems, AT ALL!

Maybe I’ll go ahead and try some anti-spam solution, once again….

Nein, dieses Buch habe ich nicht zu Weihnachten geschenkt gekriegt – es sei denn, man zählt Geschenke, die man sich selbst macht, dazu…

Nichtsdestotrotz ist “Das Postfix Buch” eine lohnende Investition. Ich habe nämlich jetzt endlich verstanden, wie dieses Stück Software funktioniert und fühle mich endlich in der Lage, meinen lokalen Mailserver (dessen Anti-Viren / Anti-Spam Funktion nie richtig funktioniert hat) zu reparieren. Ich werde die notwendigen Schritte selbstverständlich in der “Server-Sektion” dieses Blogs veröffentlichen; in der Zwischenzeit sei dieses Buch allen Postfix-Interessierten wärmstens ans Herz gelegt – die zugehörige Website ist übrigens unter www.postfixbuch.de zu finden; das Buch (und die Webseite) verfügen über viele weiterführende Links, btw – einige davon sehr nützlich…

Nichts wird ausgelassen – wie Postfix funktioniert, was SMTP / POP3 / IMAP eigentlich ist, wie man Anti-Spam Software integriert, wie man SMTP über SSL/TLS tunnelen kann usw usf. Und immer wird viel Wert auf Sicherheit gelegt. Wie gesagt – wärmstens zu empfehlen!

I noticed two annoying errors in the daily logwatch mail, which I wanted to get rid of. The first one is this:
/etc/courier-imap/shared/index: No such file or directory: 4 Time(s)
I found out that this has to do with the shared folder feature of the courier-imap server; since I do not want to use this, I just created the file index – let’s see whether this already helps.

The second one seems to have to do with Postfix, as it occurs in the respective section of the log:
sql_select option missing
auxpropfunc error no mechanism available
_sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
(This is then repeated several times).
Here’s the solution – it has to do with the MySQL USE flag – cyrus-sasl has been compiled with it, but MySQL has not been configured. So, I added the proposed line
sql_select: dummy
to /etc/sasl2/smtpd.conf.

HTH!

The last important task that the new box has to fulfill is the e-mail bit. It shall collect the e-mails from different accounts and act as a spamfilter. This is quite a big task, but after it is managed, the only thing left is a bit of acpi magic, copying the final data over and assembling the box in final state – and the switch then can take place, as all the rest of the server’s tasks are not as vital and can be installed on the fly.

So, for the e-mail bit, there is a vergy good Gentoo wiki entry which is followed. This includes some alterations in the use flags and emerging postfix, courier-imap, procmail, fetchmail, courier-sasl and courier-authlib. Then, we update main.cf, as given, also add a file /etc/postfix/generic. We add anti-virus filtering – as described here. This means that we emerge amavisd-new and configure some options. Also, we create the directory /home/quarantine/amavis and set up a daily cron job to delete the contents of it. I noted that amavisd-new is complaining about spamassassin not being present – so I emerged it.

We then configure courier-imap and add a fetchmailrc. It’s basically all there….

Last two steps is configuring squirrelmail and a spam solution. For squirrelmail, I had to alter the data directory on configuration page 4 – it has to be set to ../data/; the attachment-dir was set to $data_dir/

Finally, we add the bogofilter stuff from the wiki page (this is in part II of the guide). Again, we just follow the directions from there – and we’re done – e-mail is up and running!