Virtual Users And Domains With Postfix, Courier A... http://www.howtoforge.com/virtual-users-and-domai...

Virtualization Poll

Options For This Howto

VMware Images:

V irtual U s ers A nd
D omains With
P os tfix, C ourier
A nd M ySQ L
(Fedora 8 ) (9 9 0 .6
M B) (1 1 /1 5
/2 0 0 7 )

V M ware I mage
I mport G uide
L is t of all V M ware
I mages
Free Support
P aid Support

Navigation
H owtos
L inux
C entO S
D ebian
Fedora
Kernel
M andriva
P C LinuxO S
SuSE
U buntu
A pac he
Bac kup
C ontrol P anels

1 of 12 11/30/09 12:06
Virtual Users And Domains With Postfix, Courier A... http://www.howtoforge.com/virtual-users-and-domai...

DNS
D es ktop
E mail
A nti-Spam/V irus
P os tfix
P roc mail
Sendmail
FT P
H igh-A vailability
L ighttpd
M onitoring
M ySQ L
P rogramming
C /C ++
P HP
Samba
Sec urity
A nti-Spam/V irus
V irtualization
O ther
FreeBSD
C ommerc ial
M ini-H owtos
Forums
C ontribute
Subs c ription
L ogin
Site M ap/RSS Feeds

User login
U s ername:

P as s word:

Remember M e?

C reate a new ac c ount

Reques t new pas s word

Ads by Google
Free Domains
Linux OS
Install Linux
Good Domains

Who's online
T here are c urrently 9 us ers and 2 7 6 3 gues ts online.

2 of 12 11/30/09 12:06
Virtual Users And Domains With Postfix, Courier A... http://www.howtoforge.com/virtual-users-and-domai...

HowtoForge Forums
Sell C vv G ood and
fres h, pleas e
purc has e my :X
s ell C vv G ood and
fres h, pleas e
purc has e my :X
how to run
inotifywait
bac kground
Res tarting O penBSD
Sec ure Shell
s erver s s hd
L inux ldap bind
windows ad
L dap from windows
to linux
pos tfix/s quirrelma
il with plugin ...
G odaddy and
N ames ervers
H ow to Run a V ideo
at the s tart
unattended?
L oc al T es ting
Server Setup

News
D is tro Review: O penSU SE 1 1 .2
KD E C ommunity Forums A nnounc e the C ontinuation of Klas s room
D RM C hange C ontinues T o C aus e D ebate
T he P erfec t D es ktop - Fedora 1 2 i6 8 6 (G N O M E )
Stream mus ic wireles s ely us ing P uls eA udio s erver
M us ic A lbum C overs A nd P ic ture P reviews A s Folder T humbnails I n N autilus
L inux M int 8 final releas ed
Finding files and doc uments with Rec oll
When O pen Sourc e M eets C los ed M inds
Strange I deas A bout Freedom of Speec h

more

Recent comments
boot problem after ins tall php5 pakage
1 4 hours 5 3 min ago
T hanks man
1 5 hours 1 0 s ec ago
s quiremail not working
1 5 hours 2 5 min ago

3 of 12 11/30/09 12:06
Virtual Users And Domains With Postfix, Courier A... http://www.howtoforge.com/virtual-users-and-domai...

Re: Sec urity c ons ideration - D N S

1 9 hours 8 min ago
Re: C hillifire™ H ots pot s olution - Run one hots pot or an entir
1 9 hours 2 7 min ago
openvz
2 2 hours 3 3 min ago
problems with pam
1 day 5 hours ago
Re: When I ins talled and s tarted
1 day 1 5 hours ago
Re: s ubvers ion tutoria;
2 days 3 hours ago
thanks everything woked
2 days 3 hours ago

Newsletter
Subscribe to
HowtoForge
Newsletter
and s tay informed
about our lates t
H O WT O s and
projec ts .
enter email address

(T o uns ubs c ribe

from our news letter,
vis it this link.)

Syndicate

H owtoForge Feed for Fac ebook®

"Facebook" is a registered trademark of Facebook, Inc. All rights reserved.

English | Deutsch | Site Map/RSS Feeds | Advertise

You are here: Home » Howtos » Linux » Fedora » Virtual Users And Domains With Postfix, Courier And MySQL (Fedora 8)

Virtual Users And Domains With Postfix, Courier And MySQL (Fedora 8)

4 of 12 11/30/09 12:06
Virtual Users And Domains With Postfix, Courier A... http://www.howtoforge.com/virtual-users-and-domai...

Do you like HowtoForge? Please consider supporting us by becoming a

subscriber.
Submitted by falko (Contact Author) (Forums) on Sun, 2007-11-18 18:00. ::
Anti-Spam/Virus | Fedora | Postfix
Robust Dedicated Servers
Ente rprise ho sting so lutio ns 24/7
pro suppo rt, gre a t pro m o s
w w w .ayksolutions.com

OsiriX PRO
with FDA-cle a ra nce a nd suppo rt
R SNA No rth Building #8903
w w w .aycan.com

PostgreSQL Solutions
P o stgre SQ L T ra ining, Suppo rt
R e plica tio n, High-Ava ila bility
w w w .postgresql-support.de

5 of 12 11/30/09 12:06
Virtual Users And Domains With Postfix, Courier A... http://www.howtoforge.com/virtual-users-and-domai...

tweet V ers ion 1 .0

A uthor: Falko T imme <ft [at] falkotimme [dot] c om>
L as t edited 1 1 /1 4 /2 0 0 7

This tutorial is Copyright (c) 2007 by Falko Timme. I t is derived from a tutorial from Chris toph Haas which
you can find at http://workaround.org. You are free to us e this tutorial under the Creative Commons licens e
2.5 or any later vers ion.

T his doc ument des c ribes how to ins tall a mail s erver bas ed on P os tfix that is bas ed on virtual us ers
and domains , i.e. us ers and domains that are in a M ySQ L databas e. I 'll als o demons trate the
ins tallation and c onfiguration of C ourier (C ourier-P O P 3 , C ourier- I M A P ), s o that C ourier c an
authentic ate agains t the s ame M ySQ L databas e P os tfix us es .

T he res ulting P os tfix s erver is c apable of SMTP-A UTH and TLS and quot a (quota is not built into
P os tfix by default, I 'll s how how to patc h your P os tfix appropriately). P as s words are s tored in
encrypt ed form in the databas e (mos t doc uments I found were dealing with plain text pas s words
whic h is a s ec urity ris k). I n addition to that, this tutorial c overs the ins tallation of A mavisd,
SpamA ssassin and ClamA V s o that emails will be s c anned for s pam and virus es .

T he advantage of s uc h a "virtual" s etup (virtual us ers and domains in a M ySQ L databas e) is that it is
far more performant than a s etup that is bas ed on "real" s ys tem us ers . With this virtual s etup your
mail s erver c an handle thous ands of domains and us ers . Bes ides , it is eas ier to adminis trate bec aus e
you only have to deal with the M ySQ L databas e when you add new us ers /domains or edit exis ting
ones . N o more pos tmap c ommands to c reate db files , no more reloading of P os tfix, etc . For the
adminis tration of the M ySQ L databas e you c an us e web bas ed tools like phpM yA dmin whic h will als o
be ins talled in this howto. T he third advantage is that us ers have an email addres s as us er name
(ins tead of a us er name + an email addres s ) whic h is eas ier to unders tand and keep in mind.

T his tutorial is bas ed on Fedora 8 (i3 8 6 ). Y ou s hould already have s et up a bas ic Fedora s ys tem, as
des c ribed here: http://www.howtoforge.c om/fedora- 8 - s erver- lamp- email- dns - ftp- is pc onfig and
http://www.howtoforge.c om/fedora- 8 - s erver- lamp- email- dns - ftp- is pc onfig- p2 . P lus , you s hould make
s ure that the firewall is off (at leas t for now) and that SELinux is disabled (this is important! ), as s hown
in the c hapters s ix and s even on http://www.howtoforge.c om/fedora- 8 - s erver- lamp- email- dns - ftp-
is pc onfig- p3 .

T his howto is meant as a prac tic al guide; it does not c over the theoretic al bac kgrounds . T hey are
treated in a lot of other doc uments in the web.

T his doc ument c omes without warranty of any kind! I want to s ay that this is not the only way of
s etting up s uc h a s ys tem. T here are many ways of ac hieving this goal but this is the way I take. I do
not is s ue any guarantee that this will work for you!

O ur hos tname in this example is server1.example.com, and it has the I P addres s 192.168.0.100, s o we
c hange /etc/hosts as follows :

vi /etc/hosts

6 of 12 11/30/09 12:06
Virtual Users And Domains With Postfix, Courier A... http://www.howtoforge.com/virtual-users-and-domai...

# Do not remove the following line, or various programs

# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.0.100 server1.example.com server1
::1 localhost6.localdomain6 localhost6

Firs t we import the G P G keys for s oftware pac kages :

rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*

T hen we update our exis ting pac kages on the s ys tem:

yum update

N ow we ins tall s ome s oftware that we need later on:

yum groupinstall 'Development Tools'

yum groupinstall 'Development Libraries'

7 of 12 11/30/09 12:06
Virtual Users And Domains With Postfix, Courier A... http://www.howtoforge.com/virtual-users-and-domai...

T his c an all be ins talled with one s ingle c ommand (inc luding the pac kages we need to build C ourier-
I M A P ):

yum install ntp httpd mysql-server php php-mysql php-mbstring rpm-build gcc mysql-devel
openssl-devel cyrus-sasl-devel pkgconfig zlib-devel phpMyAdmin pcre-devel openldap-devel
postgresql-devel expect libtool-ltdl-devel openldap-servers libtool gdbm-devel pam-devel
gamin-devel

U nfortunately there are no rpm pac kages for C ourier- I M A P , C ourier- A uthlib, and M aildrop, therefore
we have to ins tall them as des c ribed in this tutorial: H ow T o I ns tall c ourier- imap, c ourier- authlib,
A nd maildrop O n Fedora, RedH at, C entO S

We have to get the P os tfix s ourc e rpm, patc h it with the quota patc h, build a new P os tfix rpm pac kage
and ins tall it.

cd /usr/src
wget http://ftp-stud.fht-esslingen.de/pub/Mirrors/fedora/linux/releases/8/Fedora/source/SRPMS
/postfix-2.4.5-2.fc8.src.rpm
rpm -ivh postfix-2.4.5-2.fc8.src.rpm

T he las t c ommand will s how s ome warnings that you c an ignore:

warning: user kojibuilder does not exist - using root

warning: group kojibuilder does not exist - using root

cd /usr/src/redhat/SOURCES
wget http://vda.sourceforge.net/VDA/postfix-2.4.5-vda-ng.patch.gz
gunzip postfix-2.4.5-vda-ng.patch.gz
cd /usr/src/redhat/SPECS/

N ow we mus t edit the file postfix.spec:

vi postfix.spec

C hange %define MYSQL 0 to %define MYSQL 1, add Patch0: postfix-2.4.5-vda-ng.patch to the # Patches
s tanza, and finally add %patch0 -p1 -b .vda-ng to the %setup -q s tanza:

8 of 12 11/30/09 12:06
Virtual Users And Domains With Postfix, Courier A... http://www.howtoforge.com/virtual-users-and-domai...

[...]
%define MYSQL 1
[...]
# Patches

Patch0: postfix-2.4.5-vda-ng.patch
Patch1: postfix-2.1.1-config.patch
Patch3: postfix-alternatives.patch
Patch6: postfix-2.1.1-obsolete.patch
Patch7: postfix-2.1.5-aliases.patch
Patch8: postfix-large-fs.patch
Patch9: postfix-2.4.0-cyrus.patch
Patch10: postfix-2.4.5-open_define.patch
[...]
%prep
T hen we build our new P os tfix rpm pac kage with quota and M ySQ L s upport:

rpmbuild -ba postfix.spec

Y ou will s ee lots of warnings like thes e that you c an ignore:

msg.h:12:1: warning: "/*" within comment

msg.h:14:1: warning: "/*" within comment
msg.h:33:1: warning: "/*" within comment
msg.h:34:1: warning: "/*" within comment
msg.h:35:1: warning: "/*" within comment
msg.h:36:1: warning: "/*" within comment

O ur P os tfix rpm pac kage is c reated in /usr/src/redhat/RPMS/i386, s o we go there:

cd /usr/src/redhat/RPMS/i386

T he c ommand

ls -l

s hows you the available pac kages :

[root@server1 i386]# ls -l
total 11604
-rw-r--r-- 1 root root 3899179 2007-11-13 22:26 postfix-2.4.5-2.fc8.i386.rpm
-rw-r--r-- 1 root root 7907114 2007-11-13 22:26 postfix-debuginfo-2.4.5-2.fc8.i386.rpm
-rw-r--r-- 1 root root 50804 2007-11-13 22:26 postfix-pflogsumm-2.4.5-2.fc8.i386.rpm
[root@server1 i386]#

P ic k the P os tfix pac kage and ins tall it like this :

rpm -ivh postfix-2.4.5-2.fc8.i386.rpm

(I n c as e you have problems c reating the P os tfix rpm pac kage, you c an download mine from here.)

9 of 12 11/30/09 12:06
Virtual Users And Domains With Postfix, Courier A... http://www.howtoforge.com/virtual-users-and-domai...

Start M ySQ L :

chkconfig --levels 235 mysqld on

/etc/init.d/mysqld start

T hen s et pas s words for the M ySQ L root ac c ount:

mysqladmin -u root password yourrootsqlpassword

mysqladmin -h server1.example.com -u root password yourrootsqlpassword

N ow we c onfigure phpM yA dmin. We c hange the A pac he c onfiguration s o that phpM yA dmin allows
c onnec tions not jus t from loc alhos t (by c ommenting out the <Directory /usr/share/phpMyAdmin/>
s tanza):

vi /etc/httpd/conf.d/phpMyAdmin.conf

# phpMyAdmin - Web based MySQL browser written in php

#
# Allows only localhost by default
#
# But allowing phpMyAdmin to anyone other than localhos
# dangerous unless properly secured by SSL

Alias /phpMyAdmin /usr/share/phpMyAdmin

#<Directory /usr/share/phpMyAdmin/>
# order deny,allow
# deny from all
# allow from 127.0.0.1
#</Directory>

# This directory does not require access over HTTP - ta

T hen we c reate the s ys tem s tartup links for A pac he and s tart it:

chkconfig --levels 235 httpd on

/etc/init.d/httpd start

N ow you c an direc t your brows er to http://server1.example.com/phpMyAdmin/ or http://192.168.0.100

/phpMyAdmin/ and log in with the us er name root and your new root M ySQ L pas s word.

10 of 12 11/30/09 12:06
Virtual Users And Domains With Postfix, Courier A... http://www.howtoforge.com/virtual-users-and-domai...

T his page is lic ens ed under a C reative C ommons L ic ens e.

add c omment | view as pdf | print: this | all page(s ) |

V irtual U s ers A nd D omains With P os tfix, C ourier A nd M ySQ L (Fedora C ore 5 )

V irtual U s ers A nd D omains With P os tfix, C ourier A nd M ySQ L (D ebian E tc h)
V irtual U s ers A nd D omains With P os tfix, C ourier A nd M ySQ L (U buntu 6 .1 0 E dgy E ft)

Pleas e do not us e the comment function to as k for help! I f you need help, pleas e us e our forum.
Comments will be publis hed after adminis trator approval.

selinux
Submitted by Slawek (not registered) on Wed, 2008-09-17 09:16.

You don't have to disable selinux !

I found help here:

http://wiki.centos.org/HowTos/SELinux

I had problems during configure postfix + mysql + courier-imap

(elements: postfix_virtual_t , courier_authdaemon_t , postfix_smtpd_t)

You do have to analyze logs: /var/log/messages and /var/log/audit/audit.log

You have to make sure, that it isn't file permision problem.
You have to make sure, that it isn't selinux file context problem.

1. after problem occurs check logs:

tail /var/log/messages
and find:
setroubleshoot: SELinux is preventing xxxx (<element>) .... For complete SELinux messages. run sealert -l
<alert_identifier>
e.g. <element> = postfix_virtual_t
2. create selinux policy module:
grep <element> /var/log/audit/audit.log | audit2allow -M <module_name>
e.g.
grep postfix_virtual_t /var/log/audit/audit.log | audit2allow -M postfixvirtual
it creates two files .te (text version of module), .pp (module)
3. display and check .te file
e.g.
cat postfixvirtual.te
4. if it is ok load module:
semodule -i postfixvirtual.pp
5. test if it works, if not go back to step 1 and repeat (I had to do 3 times for every element)
reply | view as pdf

cyrus-sasl missing
Submitted by jpieper (registered user) on Wed, 2008-08-27 19:19.

11 of 12 11/30/09 12:06
Virtual Users And Domains With Postfix, Courier A... http://www.howtoforge.com/virtual-users-and-domai...

I also needed to install cyrus-sasl:

yum -y install cyrus-sasl

It wasn´t installed before and isn´t present in paragraph 3 of this article.

reply | view as pdf

Sponsored Links: Unified Communications: Thoughts, Strategies and Predictions

Join the discussion.
www.seamlessenterprise.com

IP Convergence
Integrate your wireless and wireline networks.
Learn how from the experts at Sprint.
www.seamlessenterprise.com

Wireless & Wireline Integration

Thoughts, strategies and solutions: join the discussion
www.seamlessenterprise.com

Unified Communications 2009

Join the Discussion. Now.
www.seamlessenterprise.com

Red Hat Virtual Experience - a free virtual event. Dec. 9th

Howtos | Mini-Howtos | Forums | News | Search | Contribute | Subscription

Site Map/RSS Feeds | Advertise | Contact | Disclaimer | Imprint

Copyright © 2009 HowtoForge - Linux Howtos and Tutorials

All Rights Reserved.

12 of 12 11/30/09 12:06