Please note that this information is no longer up to date. The content of this site has moved to a new domain DIYMacServer.com which is kept up to date. Apologies for the inconvienince.
The mail-server is mainly based on Postfix from Wietse Venema. This mail-server is already included in the standard installation of Mac OSX but it lacks some important features if you want to receive mail from more than one user on different domains. To do that you need some more extensions and added features to de-couple the Postfix user management from the OSX user management, add some virtual domain handling, enable the users to send the mail securely and safely and don’t open yourself for the dreadful spammer.
To be able to do this you need to compile Postfix with support for MySQL (user management), SASL (authentication), TLS (SSL) and use Courier IMAP (virtual mailboxes) to have people look into their mailbox.
I will show you where to get the source code and how to compile it with the correct options selected and finally how to install and configure it. Several times you need to execute commands as a root user. If you are doing this for the first time its very well possible you don’t know the password for the root user. To set or reset the password read my short blogpost on the subject.
First you need to get the source code from Carnegie Mellon from their FTP server, get cyrus-sasl-2.1.18.tar.gz from their server. Get this version and not a later one, I haven’t got the later versions to compile properly on my machine and didn’t have the time to check why. Perhaps later when I got some more spare time I’ll check why.
Before we start building SASL, you need to check to see if
/usr/include/pam has been symlinked to
/usr/include/security and if not, symlink it using this command line:
ln -s /usr/include/pam /usr/include/security
Unpack the source code and use the terminal, go to the directory in which you unpacked the source and issue the following commands as a normal user:
As root user, install with command:
Cyrus SASL is installed in
/usr/local/lib/sasl2 by default, and wants to by symlinked to
/usr/lib/sasl2. We are going to use Apple’s libraries instead of the Cyrus distribution, so ignore the symlink request. The last step we need to do here is:
mv /usr/lib/sasl2/disabled/* /usr/lib/sasl2
This enables a couple of useful plug-ins that Apple had turned off.
Get the latest source code from postfix.org, I’ve used version 2.2.9. This was the latest version when I checked. I’m compiling it with several options to help me achieve the flexibility and the security I need. I’m requiring the MySQL support for mail box maintenance, SASL for authentication and the SSL options to enable TLS support.
As a precautionary measure, you may want to backup the old Postfix executables before installing the new version. The following commands may be used as an example of how to do this (you can only do this as a root user):
mkdir -p postfix-2.0.10.apple
cp -p post* postfix-2.0.10.apple
cp -p /usr/bin/mailq postfix-2.0.10.apple
cp -p /usr/bin/newaliases postfix-2.0.10.apple
cp -p sendmail postfix-2.0.10.apple
mkdir -p postfix-2.0.10.apple
cp -Rp postfix/* postfix-2.0.10.apple
Unpack it into a directory, use the Terminal and get into the directory where you unpacked it. Issue the following commands as a normal user:
make -f Makefile.init makefiles CCARGS='-DUSE_TLS -DUSE_SASL_AUTH -I/usr/local/include/sasl -DHAS_SSL -I/usr/include/openssl -DHAS_MYSQL -I/Library/Mysql/include/mysql -DDEF_HTML_DIR=\"/Library/WebServer/Documents/PostfixDocs\" ' AUXLIBS='-L/usr/lib -lldap -L/usr/lib -llber -L/usr/local/lib -lssl -lsasl2 -L/Library/MySQL/lib/mysql -lmysqlclient -lz -lm'
as root user type the following commands:
Please note that for the dependencies on directories I’m assuming you’ve got MySQL installed from my other instructions. If not please check the location of the MySQL files mentioned in the command lines.
The Courier authentication library will serve our purpose by separating the user authentication from the OS X user administration into a standalone user administration based on a MySQL database. You can find the software and documentation from the Courier authentication library web-site. The version we used is version 0.58.
Compiling and installing is the same procedure as all the previous ones. Extract the source archive in a directory, open a Terminal session, change the directory to the one you extracted the archive in and type in the following commands as a normal user (please note that the configure command will run a long time):
./configure --with-authmysql --with-mysql-libs=/Library/MySQL/lib/mysql --with-mysql-includes=/Library/Mysql/include/mysql
As root user issue the install commands:
Only run the
make install-configure command on a fresh installation, if you do an upgrade don’t execute this as it will overwrite your existing configuration files.
I prefer to provide an IMAP server instead of a POP3 server. It makes it a lot easier to provide web based mail-services if you use a IMAP server. Courier has one of the best IMAP servers. You can find it at it’s own home-page. Make sure you download the correct package, I’ve used version 4.1.0.
When you’ve downloaded the software extract the source archive into a directory where we can compile it. Start a Terminal session change the directory in the one you just extracted the software in and follow the instructions:
This will prevent compiler errors, if you didn’t issue this command as the first one you will get an error saying :
"Undefined symbols: _rfc1035_default_resolver"
Next configure the make files with the authentication modules you just created:
./configure --prefix=/usr/local --with-authpwd=YES --without-authcram COURIERAUTHCONFIG=/usr/local/bin/courierauthconfig
And then issue the install command as a root user:
Next page ->, How to configure the mail server.