PostFix


16
Dec
2005

First I would like to thank everybody who sent emails and posted comments on possible errors and omissions in the documentation. Special thanks go to Tim who ran into some issues because of the errors in the documentation and while helping him trying to solve the problems he had, I made corrrections to the documentation. (more…)

15
Dec
2005

Finally, I’ve got all steps document into getting everything compiled, installed and configured for the “ISP in a box” documentation. The last step, which took longer than I thought, was getting everything to start-up at boot time.

I thought it would be easy (more…)

11
Dec
2005

For Postfix and Courier IMAP configuration you need to find out the UID and the GID number for the postfix user on your server (you need the information here and here in our ISP in a box project). Because of rights management and permissioning both Postfix and Courier IMAP need the correct user and group id to access the virtual maibox directory. The information is not in the default User management System Preference panel as postfix is a system user and not a ‘normal’ user. (more…)

9
Dec
2005

On my current mailserver I do the administration manually. Adding a new mail user is a complex task of adding several records in the database and creating the virtual mailboxes with the correct ownership and permissions. It almost never works in one go, because I don’t do it very often and have forgotten what to do. Which is one of the handicaps that you get when you never document what you have done before and make it a repeat-able exercise. (more…)

4
Dec
2005

Yes, I’ve just finsihed compiling everything on my new Mac mini. I didn’t waste any time and got right to it. When running through my own installation and compilation instructions I found some errors and omisions. But everything is now corrected and you should be able to compile it yourself as well when you follow the instructions.

If you run into an error or read something you don’t understand please let me know so I can correct it, change the writing or add some extra information.

23
Nov
2005

I had to start someday, and today was as good as any other day. I haven’t had time to tinker with it some more after getting everything to work but I needed to properly write down what I’ve done to get it working. For now the only thing I got is a TXT file which got some copied commands and output in it from my Terminal sessions. Good luck with it and I hope you like it.

By the way, I’ve added a Paypal donation button on the site. This is for people feeling generous and wanted to pitch in. I need a second Mac mini to help me continuing improving this stuff. I’m putting in a lot of time to help you and myself to get this working. Think of the money you save by not having to buy anything else than a Mac mini to become your own provider.

9
Nov
2005

I’m very exited, after finally finding a reasonably good and easy to understand document explaining how to create your own CA (certification authorithy) on Mac OSX (workstation not a server) on MacOSXHints.com, I couldn’t resist. I was working on the documentation of my project but it still kept itching. I wanted to get Postfix to use TLS. So I got down and started finding the correct command line to compile with all the options I wanted enabled. It took me quite some time as I found out after a few hours of testing and compiling that my binaries and libraries were not updated. They compiled allright but were not copied in the correct destination directory. When I found this out it was easy. I’ve got it working now, next step, tweaking the configuration parameters and find out what actually is going on so I can write a proper document describing the process to you so you can do it yourself and unerstand what you are doing…

31
Oct
2005

Finally had an evening to myself to continue the research in setting up a good and secure mailserver for multiple virtual domains. I’ve started by getting SASL up and running doing some proper authentication when someone wants to send mail via our mailserver. Normally one is able to do this without providing a username and password, but in this day and age of evil spammers this is not a good idea.

Authentication for SMTP access is a good thing. But not by itself, we need to encrypt the communication between the client and the server so nobody can sniff out the passwords on the internet. To do this we need to recompile postfix for TLS support. It’s a SSL lookalike for a specific transport. More on this later.

It took me some effort and some Googling to get the authentication on STMP working using the compiled SASL library. As an added bonus I got it to use the authdaemon which we configured already for the IMAP authentication. Which saves a lot of problems now we don’t have to keep multiple user administrations. It’s getting better all the time.

Next step is getting TLS working on Postfix, keep watching…

11
Oct
2005

Finally found the problem with my Postfix configuration, it had something to do with the domain tags in the ‘main.cf’ configuration file. I can now send and receive emails between several test accounts and two domain names I set up on my local Mac mini. I still have to test it in the real world but I will leave that for a later date. I can’t just remove my production server and stick my Mac mini into the network. I only have one internet connection with one ip-address so it’s going to be difficult, that step needs a lot of preparation and must include everything on the current server to be migrated to the Mac mini so I can leave it in place.

Things I still need to do is to get a more secure way of access to the mail server. I’m thinking on using SSL to access the IMAP server and to find a way to get users who are connected via the internet to send email safely without having to include their ip-address in my servers config. This should be possible in some manner which I need to research a bit more.

Another thing is that I’m going to buy an external harddisk which I can connect to my Mac mini and use it to make a test install of all the things I need to get a proper server install. When attaching a firewire disk it will be possible to boot from that and create a new installation without interfering my current installation which I use for my daily work. In this manner I can test my installation and configuration script. I’m currently writing it all down and doing a backtrack on what I did that time before it all started working ;-)

The question remaining is, shall I publish the document in advance before testing it and amend it with my findings or should I wait untill it is fully tested. Please let me know what you think or would like to see…

By the way, when I’m done it’s just going to be a document explaining how-to to create your own server. A proper ISP in a box as you might call it. I’m not going to provide install packages, you will need to compile some stuff to get it all working. I’ve made this choice because it’s otherwise going to be to dependend on all the choices you make which packages you will use for all the other components. I like having freedom of choice so I will provide it as well. I’m not going to dictate wich component you need to take, but will give options and what to do to get them working.

10
Oct
2005

Again I made some small progress in getting a fully functional IMAP based mail server running on my Mac mini. After getting Postfix compiled with MySQL support I needed to get started on the IMAP end of things.

First downloading the source code as I couldn’t find any ready made packages I could just install. You can get Courier IMAP from here and the authentication library from here. I used version 4.0.6 of the IMAP server and version 0.57 of the authlib daemon.

The authlib daemon was as easy as ./configure, make and then as root do a ‘make install’ and ‘make install-configure’ and then tweak some of the configuration files. The IMAP server took more effort. It needed some parameters during the configuration stage, I took some values on a best guess effort but I still need to find out what they do exactly. I’ve got it compiled and running with:

./configure --prefix=/usr/local --with-authpwd=YES  --without-authcram
make
make install

Now I can read my emails from the server, still needed some configuration tweaking but more on that later. Still while trying to send mail to myself the mail address gets bounced in Postfix, I need to find out why. But to end on a positive note, my mail was copied into the send mail folder on the IMAP server !

« Previous PageNext Page »