The items that are of interest to us are the changes to IMAP, Authlib and maildrop. This updates them to the following versions: Courier-IMAP 4.1.2, Courier-Authlib 0.59 and Maildrop 2.0.3.
IMAP changes:
Auth changes:
maildrop changes:
Don’t forget the command:
chmod o+x /usr/local/var/spool/authdaemon
After you installed the authlib binaries. Otherwise you’ll get the error: SASL authentication failure: cannot connect to Courier authdaemond: Permission denied
.
You can read all about how to setup maildrop in the documentation. If you have problems in using it please post your errors and problems in the forum.
Next up is to have maildrop create folders that not already exist in your inbox when needed and to have users have their own filtering rules. Hope you like it as it is currently…
]]>Second update is a new update of the Akismet plug-in for WordPress. This plug-in is a real time saver as is keeps 99% of all spam from showing up in my blog as you might have noticed. It’s up to version 1.15 and the changes are more cosmetical than functional and you can get it here. If you are running a WordPress blog you really can’t do without.
]]>I’ve checked the installation procedure again after some reports of errors of using the installation with phpMyAdmin. I seemed there was an important option missing from the configuration command.
Next stop was building the mail server, I ‘ve got the build process documented and checked properly. Next up is documenting the configuration of the mailserver.
You can have a look at the new pages for building the server, hope you like the new look. I’ve made some changes to the style sheet to make the commands and the configuration stick out a bit more and make them more readable.
I hope there are no issues with relocation of the MySQL, Apache, and PHP documentation, they where still located in the hierarchy of version 1 and I had to put them in the correct place. Sorry….
Donations where a bit slow these last 2 weeks, didn’t receive any, and the Adsense income these weeks has also been slow. A well, it’s not that important, I will need to be a bit patient. That will give me more time to document everything proper before launching myself at a new toy
Wietse tells in his announcement that the update is a collection of back-ported fixes from the Postfix 2.3 development branch.
Most of this patch hardens the TLS implementation against DNS-based attacks, and eliminates some anomalies from the TLS per-site policy engine. See the TLS_README document for tips on how to avoid DNS-based attacks that can change the server hostname that Postfix uses for logging, for TLS per-site policies, and for server certificate verification.
The patch also adds a workaround that prevents Postfix from repeatedly trying to deliver mail to domains with a malformed MX record (for example, with a null MX hostname). Postfix 2.2.9 bounces such mail immediately.
I’ve downloaded my copy of 2.2.9, compiled and installed it and I can safely say that it is currently running perfectly on my Mac mini server without any problem. Upgrading was as simple as downloading the source, unpacking it and run the commands as documented in the building page. Here is an extract of it:
Unpack it into a directory, use the Terminal and get into the directory where you unpacked it. Issue the following commands as a normal user:
make -f Makefile.init makefiles CCARGS='-DUSE_TLS -DUSE_SASL_AUTH -I/usr/local/include/sasl -DHAS_SSL -I/usr/include/openssl -DHAS_MYSQL -I/Library/Mysql/include/mysql -DDEF_HTML_DIR=\"/Library/WebServer/Documents/PostfixDocs\" ' AUXLIBS='-L/usr/lib -lldap -L/usr/lib -llber -L/usr/local/lib -lssl -lsasl2 -L/Library/MySQL/lib/mysql -lmysqlclient -lz -lm'
as root user type the following commands:
make install
The IMAP server has just received some bug-fixes on which you can read here. The fixes are not significant but could be annoying if you encountered them. Doing the upgrade is as easy as the Postfix described above, just run the commands from the build page and you’re a happy bunny running the new version. The only thing you should not do is run the “make install-configure” command as this will overwrite all your configuration files !!! Here is the extract:
Start a Terminal session change the directory in the one you just extracted the software in and follow the instructions:
RANLIB="ranlib -c"
export RANLIB
This will prevent compiler errors, if you didn’t issue this command as the first one you will get an error saying :
"Undefined symbols: _rfc1035_default_resolver"
Next configure the make files with the authentication modules you just created:
./configure --prefix=/usr/local --with-authpwd=YES --without-authcram COURIERAUTHCONFIG=/usr/local/bin/courierauthconfig
Compile:
make
And then issue the install command as a root user:
make install
I’m running both updated versions on my server for a day now and I’m not noticing any errors or problems. Hope the update goes as easy for you as it did for me, if it doesn’t please let me know and we’ll work it out.
]]>The related documentation has been updated and if you want to upgrade you can just download the new source-code and run the build commands as documented. Don’t forget the command:
chmod o+x /usr/local/var/spool/authdaemon
After you installed the compiled binaries. Otherwise you’ll get the error: SASL authentication failure: cannot connect to Courier authdaemond: Permission denied
.
I’ve upgraded my server as soon as I found out. I found no real problems after the upgrade. the only thing I did wrong is that I forgot the chmod
command myself and got the error as documented above.
I’ve subscribed myself to the Courier mailing list and others to prevent missing important updates like this and other pieces of software we use.
]]>It didn’t look to complicated and it turned out to be one of the easier installs on the server. This is what I had to do to get it working:
First you need to download the code from the Roundcube site, I’ve used roundcube_webmail_0.1-20051021.tar.gz.
Extract the archive into the directory /Library/Apache2/htdocs
(if you have the Apache installation from Server Logistics like I did and documented).
Step into the directory roundcubemail-0.1-20051021
and change the permissions on the temp and logs directory so that the webserver can write into these directories with the following commands:
chown -R www:www temp
chown -R www:www logs
Next we need to create a database for Roundcube to use. Start up MySQL on the command line and issue the following commands in MySQL:
CREATE DATABASE roundcubemail;
GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost
IDENTIFIED BY 'PASSWORD';
FLUSH PRIVILEGES;
quit
Note: Change the PASSWORD into any password you would like to use, remember it as you need to put it in the configuration file later.
Next we need to create the database structure (tables and such), luckily a script to create all this has been included in the archive. You need to execute the following command to import the script into the database:
mysql -p roundcubemail <sql/mysql.initial.sql
Next step is modifying the configuration of Roundcube to reflect your situation. Step into the directory config
and we will first edit the database connection. Edit the file db.inc.php
and change the password in the following line with the password you used earlier:
rcmail_config['db_dsnw'] = 'mysql://roundcube:PASSWORD@localhost/roundcubemail';
Next file to edit is the main.inc.php
and change the following lines:
$rcmail_config['enable_caching'] = FALSE;
Define the host as localhost
$rcmail_config['default_host'] = 'localhost';
But if you use IMAP over SSL as I do you need to use:
$rcmail_config['default_host'] = 'ssl://localhost:993';
If you’ve changed these lines your done with the configuration of Roundcube.
I like to use a subdomains to divide up the specific tasks my webserver does. I use http://webmail.richard5.net to allow users to access their mail. (Mental note: still need to provide SSL support for this). How you can set this up as well is as follows:
Go into /Library/Apache2/conf and edit the httpd.conf file. Uncomment the following line:
NameVirtualHost *:80
and add the following beneath it:
ServerAdmin webmaster@yourdomain.tld
DocumentRoot /Library/Apache2/htdocs/roundcubemail-0.1-20051021/
ServerName webmail.yourdomain.tld
ErrorLog logs/webmail-error_log
CustomLog logs/webmail-access_log combined
Then restart Apache by issuing the command:
/Library/Apache2/bin/apachectl restart
Point your browser to http://webmail.yourdomain.tld and you should see a login screen appear.
For errors you could check the logfiles to explain what went wrong. For Roundcube errors check the /Library/Apache2/htdocs/roundcubemail-0.1-20051021/logs/errors
file and for general mail errors check the /var/log/mail.log
file.
Hope you enjoy Roundcube as much as I do…
]]>It was quite easy doing the migration, just copying the HTML/PHP files, making a backup of all the databases and restoring them on the mini for the web part. For the mail server I used postfix admin to create all the mailboxes and aliases for all the domains. Then made backups from the original server and restored them on the new mini.
I did some tests on the web part, to see if everything was configured as it should and tested the mail server to see if it didn’t become another spam relay server and it blocked unwanted spammers from sending mail via my server. I asked a friend to try abuse my server and used the relay service at www.abuse.net to check independently. It all worked out. The server is secure, still could use some tweaking but I will report on that later.
]]>I’m quite happy now with the setup I got here for myself so the next phase for me is to get everything moved from my current servers to my Mac mini. The old server still running strong is an old Sun Ultra 5, which I got from my former employer. I’ve been hosting my sites and e-mail services from this machine for several years now and it’s time for retirement for this baby. I need to copy websites, databases and mail directories and test everything properly before scrapping the old machine and let the Mac mini take over. I’m guessing that my next electrical bill will be a lot cheaper when I’ve got the mini running.