Elyograg.org Server Config

From Edition

Jump to: navigation, search

Every time I update the mailserver software, I seem to find a better way to do things that require a lot of research to implement. The last big upgrade included a number of new things: Postfixadmin, Dovecot instead of Courier IMAP, quota support with the VDA Postfix patch, and per-user maildrop filtering for my own domains. Because none of the other people have the kind of access required to edit the filters, I did not make it available to anyone else. Getting maildrop to work properly was quite an adventure.

This time, the changes will be minor in comparison. All the software has been upgraded to new versions with significantly more functionality, but that wasn't very hard. The major upgrade I am planning for this cycle is switching the delivery mechanism to dovecot. If I am reading what I've found correctly, it will let me set up per-user filters that will work for everyone. I'm pretty sure it will also let me have quotas without using patched Postfix packages, one of the biggest reasons that I cannot easily upgrade software when new versions come out. I'm also hoping to implement per-user spam settings.

The server is running the 64-bit version of Debian 5.0, known by its distribution name of "lenny." Early on in the install process, I made some changes to APT's sources.list and preferences files.

APT configuration

Install some basic system necessities. 

apt-get update
apt-get install openssh-server rsync denyhosts dselect

# In /etc/denyhosts.conf:
#  Uncomment the SYNC_SERVER parameter.
#  Set appropriate PURGE_DENY value - I use 3w
#  Change SMTP_FROM and SMTP_SUBJECT parameters as appropriate.
# Configure appropriate /var/lib/denyhosts/allowed-hosts file.
# Restart denyhosts.

/etc/init.d/denyhosts restart


Install ancillary email packages and create special users/groups. 

apt-get update
apt-get install rsync denyhosts dselect
apt-get install clamav clamav-daemon amavisd-new spamassassin
apt-get install lha arj unrar zoo nomarch lzop cabextract
apt-get install dspam razor pyzor dovecot-imapd dovecot-pop3d

addgroup --system --gid 902 vmail
adduser --system --group --uid 901 vmail
addgroup --system --gid 904 vacation
adduser --system --group --uid 903 vacation
usermod -a -G daemon vmail
usermod -a -G clamav amavis
usermod -a -G amavis clamav
usermod -a -G mail dovecot


Retrieve Postfix source package - you can use a directory other than /usr/src if you wish, but I do recommend making a new subdirectory to hold everything. 

apt-get build-dep postfix
apt-get install dh-buildinfo dh-make dh-make-perl sudo dpatch patchutils
mkdir /usr/src/postfix
cd /usr/src/postfix
apt-get source postfix


Note postfix version downloaded by above steps, retrieve and apply matching VDA patch. 

cd /usr/src/postfix
wget "http://vda.sourceforge.net/VDA/postfix-2.5.5-vda-ng.patch.gz"
zcat postfix-2.5.5-vda-ng.patch.gz | patch -p0

# If appropriate, download and apply the 64-bit patch too.
# The 64-bit patch depends on applying the regular patch first.
# I did not need this step, as I am not running a 64 bit CPU or kernel.

wget "http://vda.sourceforge.net/VDA/postfix-2.5.5-vda-ng-64bit.patch.gz"
zcat postfix-2.5.5-vda-ng-64bit.patch.gz | patch -p0


Change to the extracted postfix source directory, and build the packages. 

cd /usr/src/postfix/postfix-2.5.5
debian/rules binary


Install apache2, mod-php5, and supporting bits. 

apt-get install libapache2-mod-php5 php-pear php5-mysql php5-mcrypt
apt-get install php5-gd ttf-bitstream-vera ttf-freefont php5-imagick


Reconfigure the debconf package. Leave the interface set to "Dialog" and set the ignore priority to medium. 

dpkg-reconfigure debconf


Install the MySQL server. It will ask you for a root password and whether or not to support connectiosn from old clients, to which you'll likely want to say no. 

apt-get install mysql-server


Purge exim4, then install the main postfix package plus -pcre and -mysql support. It will ask a bunch of questions, appropriate responses noted below. 

cd /usr/src/postfix
apt-get install openssl-blacklist ssl-cert resolvonf
dpkg --force-depends --purge exim4-daemon-light exim4-config exim4 exim4-base
dpkg -i postfix_2.5.5-1.1_i386.deb postfix-pcre_2.5.5-1.1_i386.deb postfix-mysql_2.5.5-1.1_i386.deb

# Answers to debconf questions:
#  Internet Site
#  full machine DNS name
#  valid email address
#  defaults - full machine name, localhost.localdomain, localhost
#  Don't force synchronous updates
Retrieved from "http://ed.ition.org/wiki/Elyograg.org_Server_Config"
Personal tools