CREATION D’UN SERVEUR MULTI-DOMAINES

Last update : 10 février  2005

Ce document à pour objectif la mise en place d’un serveur de mail multi-domaines basé sur le couple Postfix + Mysql + Courier Imap + Php + Apache.

I Installation Apache – Php

Nous devons tout d’abord prendre en compte le fait que la plupart des webmails ont besoin de PHP compilé avec Imap. Il faudra donc commencer par installer Imap. Attention cependant, la directive de compilation –with-imap de Php n’est valable qu’avec le serveur UW IMAP.

Installation réussi avec succès sur Fedora 2.0

Installation de UW IMAP :

Récupérer IMAP server source (imap-2004a) sur  http://www.washington.edu/imap/

cd /usr/local/

Décompresser l’archive imap.tar.Z : tar –zxvf imap.tar.Z

ln –s /usr/local/imap-2004a imap

cd imap

make slx SSLTYPE=none

cd c-client

ln –s /usr/local/imap/c-client lib

ln –s /usr/local/imap/c-client include

Installation PHP – APACHE

Récupérer et décompresser Apache (1.3.31) et PHP (4.3.9)

cd apache

./configure --prefix=/usr/local/apache

cd ../php

'./configure' '--with-mysql' '--with-apache=/usr/local/apache'  '--enable-track-vars' '--with-gettext' '--with-gd' '--with-zlib-dir '-with-freetype-dir’ --enable-gd-native-ttf' '--with-jpeg-dir' '--enable-mbstring' --enable-shmop ‘--with-imap=/usr/local/imap-2004a/c-client'

make

make install

cd ../apache

vi src/include/httpd.h  ==> Ajuster HARD_SERVER_LIMIT en fonction des besoins     

./configure --prefix=/usr/local/apache --activate-module=src/modules/php4/libphp4.a \

--activate-module=src/modules/standard/mod_rewrite.c
--activate-module=src/modules/gzip/mod_gzip.a

make

make install

Configurer ensuite apache à l’aide du fichier /usr/local/apache/conf/httpd.conf

AddType application/x-httpd-php .php .php3 .php4 .inc
AddType application/x-httpd-php-source .phps

DirectoryIndex index.html index.htm  index.php index.php3 index.php4

Apache au démarage
cp bin/apachectl /etc/rc.d/init.d/httpd

Et ajouter au début du fichier httpd les lignes suivantes

# chkconfig: 345 85 15

# description: Apache is a World Wide Web server.  It is used to serve \

#              HTML files and CGI.

# processname: httpd

Puis executer la commande suivante :

/sbin/chkconfig httpd on

II Création de la base de donnée :

CREATE TABLE `users` (

  `uid` int(11) NOT NULL auto_increment,

  `username` varchar(250) binary NOT NULL default '',

  `civ` varchar(5) NOT NULL default '',

  `nom` varchar(128) NOT NULL default '',

  `prenom` varchar(50) NOT NULL default '',

  `seen` datetime default NULL,

  `password` varchar(128) binary NOT NULL default '',

  `gid` int(11) NOT NULL default '0',

  `maildir` varchar(128) NOT NULL default '',

  `alias` varchar(128) NOT NULL default '',

  `etat` int(11) NOT NULL default '1',

  `domaine` int(11) NOT NULL default '1',

  `size` int(11) NOT NULL default '0',

  `mail_alt` varchar(128) NOT NULL default '',

  `cp` varchar(8) NOT NULL default '',

  `ville` varchar(30) NOT NULL default '',

  `pays` varchar(40) NOT NULL default '',

  `date_naiss` date NOT NULL default '0000-00-00',

  `date_insc` date NOT NULL default '0000-00-00',

  `question` varchar(255) NOT NULL default '',

  `reponse` varchar(255) NOT NULL default '',

  `suspendu` tinyint(1) NOT NULL default '0',

  `quota` tinyint(4) NOT NULL default '20',

  PRIMARY KEY  (`uid`),

  UNIQUE KEY `username` (`username`)

) TYPE=MyISAM AUTO_INCREMENT=30954 ;

CREATE TABLE `domains` (

  `domain_id` int(10) unsigned NOT NULL auto_increment,

  `domain` varchar(125) NOT NULL default '',

  `diff_dom` varchar(40) NOT NULL default '',

  `type` smallint(6) NOT NULL default '0',

  PRIMARY KEY  (`domain_id`)

) TYPE=MyISAM AUTO_INCREMENT=37 ;

III Installation postfix – courier-imap

Installation postfix tiré de la doc http://kummefryser.dk/HOWTO/mail/postfix_mysql.html :

-         Installer au préalable les packages mysql-client et mysql-devel

-         cd /usr/local

-         groupadd postdrop

-         adduser postfix

-         tar –zxvf postfix-2.1.5.tar.gz

-         cd  postfix-2.1.5

-         make -f Makefile.init makefiles     'CCARGS=-DHAS_MYSQL -I/usr/include/mysql'     'AUXLIBS=-L/usr/lib/mysql -lmysqlclient -lz -lm'

-         make

-         make install     

configurer alors les fichiers suivants :

main.cf :

#SPAMTEST

maps_rbl_domains = relays.ordb.org,

                list.dsbl.org,

                sbl-xbl.spamhaus.org

soft_bounce = no

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/libexec/postfix

mail_owner = postfix

mydestination = $myhostname, localhost, domaine1.com, domaine2.com

unknown_local_recipient_reject_code = 550

debug_peer_level = 2

debugger_command =

         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

         xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail

newaliases_path = /usr/bin/newaliases

mailq_path = /usr/bin/mailq

setgid_group = postdrop

html_directory = no

manpage_directory = /usr/local/man

sample_directory = /etc/postfix

alias_maps = mysql:/etc/postfix/mysql-aliases.cf

virtual_maps = mysql:/etc/postfix/remote_aliases.cf

readme_directory = no

mysql-aliases.cf :

#

# mysql config file for alias lookups on postfix

# comments are ok.

#

# the user name and password to log into the mysql server

user = votre_user

password = votre_pass

hosts = votre_serveur

# the database name on the servers

dbname = Votre_DB

# the table name

table = users

#

select_field = maildir

where_field = username

# you may specify additional_conditions here

additional_conditions = and etat = 1

remote_aliases.cf :

#

# mysql config file for alias lookups on postfix

# comments are ok.

#

# the user name and password to log into the mysql server

user = votre_user

password = votre_pass

hosts = votre_serveur

# the database name on the servers

dbname = Votre_DB

# the table name

table = users

#

select_field = username

where_field = alias

# you may specify additional_conditions here

additional_conditions = and etat = 1

IV Installation courier-imap :

Récupérer Courier-imap

-         cd /usr/local

-         tar -jxvf courier-imap-3.0.8.tar.bz2

-         cd courier-imap-3.0.8

-         ./configure --disable-root-check --with-mysql=yes --with-authmysql  --with-authchangepwdir

-         make

-         make install

-         make install-configure

configurer alors les fichiers suivants :

authdaemonrc :

##VERSION: $Id: authdaemonrc.in,v 1.8 2001/10/07 02:16:22 mrsam Exp $

#

# Copyright 2000-2001 Double Precision, Inc.  See COPYING for

# distribution information.

#

# authdaemonrc created from authdaemonrc.dist by sysconftool

#

# Do not alter lines that begin with ##, they are used when upgrading

# this configuration.

#

# This file configures authdaemond, the resident authentication daemon.

#

# Comments in this file are ignored.  Although this file is intended to

# be sourced as a shell script, authdaemond parses it manually, so

# the acceptable syntax is a bit limited.  Multiline variable contents,

# with the \ continuation character, are not allowed.  Everything must

# fit on one line.  Do not use any additional whitespace for indentation,

# or anything else.

##NAME: authmodulelist:0

#

# The authentication modules that are linked into authdaemond.  The

# default list is installed.  You may selectively disable modules simply

# by removing them from the following list.  The available modules you

# can use are: authcustom authcram authuserdb authldap authmysql authpam

#authmodulelist="authcustom authcram authuserdb authldap authmysql authpam"

authmodulelist="authmysql"

##NAME: authmodulelistorig:1

#

# This setting is used by Courier's webadmin module, and should be left

# alone

#authmodulelistorig="authcustom authcram authuserdb authldap authmysql authpam"

authmodulelistorig="authmysql"

##NAME: daemons:0

#

# The number of daemon processes that are started.  authdaemon is typically

# installed where authentication modules are relatively expensive: such

# as authldap, or authmysql, so it's better to have a number of them running.

# PLEASE NOTE:  Some platforms may experience a problem if there's more than

# one daemon.  Specifically, SystemV derived platforms that use TLI with

# socket emulation.  I'm suspicious of TLI's ability to handle multiple

# processes accepting connections on the same filesystem domain socket.

#

# You may need to increase daemons if as your system load increases.  Symptoms

# include sporadic authentication failures.  If you start getting

# authentication failures, increase daemons.  However, the default of 5

# SHOULD be sufficient.  Bumping up daemon count is only a short-term

# solution.  The permanent solution is to add more resources: RAM, faster

# disks, faster CPUs...

daemons=1

##NAME: version:0

#

# When you have multiple versions of authdaemond.* installed, authdaemond

# just picks the first one it finds.  Set "version" to override that.

# For example:  version=authdaemond.plain

version=""

##NAME: authdaemonvar:0

#

# authdaemonvar is here, but is not used directly by authdaemond.  It's

# used by various configuration and build scripts, so don't touch it!

authdaemonvar=/usr/lib/courier-imap/var/authdaemon

authmysqlrc :

##VERSION: $Id: authmysqlrc,v 1.8 2001/10/07 02:35:04 mrsam Exp $

#

# Copyright 2000 Double Precision, Inc.  See COPYING for

# distribution information.

#

# Do not alter lines that begin with ##, they are used when upgrading

# this configuration.

#

# authmysqlrc created from authmysqlrc.dist by sysconftool

#

# DO NOT INSTALL THIS FILE with world read permissions.  This file

# might contain the MySQL admin password!

#

# Each line in this file must follow the following format:

#

# field[spaces|tabs]value

#

# That is, the name of the field, followed by spaces or tabs, followed by

# field value.  Trailing spaces are prohibited.

##NAME: LOCATION:0

#

# The server name, userid, and password used to log in.

MYSQL_SERVER            localhost

MYSQL_USERNAME          postfix

MYSQL_PASSWORD          postfix

##NAME: MYSQL_SOCKET:0

#

# MYSQL_SOCKET can be used with MySQL version 3.22 or later, it specifies the

# filesystem pipe used for the connection

#

# MYSQL_SOCKET          /var/mysql/mysql.sock

##NAME: MYSQL_PORT:0

#

# MYSQL_PORT can be used with MySQL version 3.22 or later to specify a port to

# connect to.

MYSQL_PORT        0

##NAME: MYSQL_OPT:0

#

# Leave MYSQL_OPT as 0, unless you know what you're doing.

MYSQL_OPT         0

##NAME: MYSQL_DATABASE:0

#

# The name of the MySQL database we will open:

MYSQL_DATABASE          mail

##NAME: MYSQL_USER_TABLE:0

#

# The name of the table containing your user data.  See README.authmysqlrc

# for the required fields in this table.

MYSQL_USER_TABLE user 

#MYSQL_USER_TABLE passwd

##NAME: MYSQL_CRYPT_PWFIELD:0

#

# Either MYSQL_CRYPT_PWFIELD or MYSQL_CLEAR_PWFIELD must be defined.  Both

# are OK too. crypted passwords go into MYSQL_CRYPT_PWFIELD, cleartext

# passwords go into MYSQL_CLEAR_PWFIELD.  Cleartext passwords allow

# CRAM-MD5 authentication to be implemented.

#MYSQL_CRYPT_PWFIELD    crypt

##NAME: MYSQL_CLEAR_PWFIELD:0

#

#

MYSQL_CLEAR_PWFIELD     clear

##NAME: MYSQL_DEFAULT_DOMAIN:0

#

# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user',

# we will look up 'user@DEFAULT_DOMAIN' instead.

#

#

# DEFAULT_DOMAIN        example.com

##NAME: MYSQL_UID_FIELD:0

#

# Other fields in the mysql table:

#

# MYSQL_UID_FIELD - contains the numerical userid of the account

#

MYSQL_UID_FIELD         uid

##NAME: MYSQL_GID_FIELD:0

#

# Numerical groupid of the account

MYSQL_GID_FIELD         gid

##NAME: MYSQL_LOGIN_FIELD:0

#

# The login id, default is id.  Basically the query is:

#

#  SELECT MYSQL_UID_FIELD, MYSQL_GID_FIELD, ... WHERE id='loginid'

#

MYSQL_LOGIN_FIELD username

##NAME: MYSQL_HOME_FIELD:0

#

MYSQL_HOME_FIELD  home

##NAME: MYSQL_NAME_FIELD:0

#

# The user's name (optional)

#MYSQL_NAME_FIELD nom

##NAME: MYSQL_MAILDIR_FIELD:0

#

# This is an optional field, and can be used to specify an arbitrary

# location of the maildir for the account, which normally defaults to

# $HOME/Maildir (where $HOME is read from MYSQL_HOME_FIELD).

#

# You still need to provide a MYSQL_HOME_FIELD, even if you uncomment this

# out.

#

MYSQL_MAILDIR_FIELD     maildir

##NAME: MYSQL_QUOTA_FIELD:0

#

# Define MYSQL_QUOTA_FIELD to be the name of the field that can optionally

# specify a maildir quota.  See README.maildirquota for more information

#

# MYSQL_QUOTA_FIELD     quota

##NAME: MYSQL_WHERE_CLAUSE:0

#

# This is optional, MYSQL_WHERE_CLAUSE can be basically set to an arbitrary

# fixed string that is appended to the WHERE clause of our query

#

# MYSQL_WHERE_CLAUSE    server='mailhost.example.com'

imapd :

##VERSION: $Id: imapd.dist.in,v 1.10 2001/08/16 01:38:43 mrsam Exp $

#

# imapd created from imapd.dist by sysconftool

#

# Do not alter lines that begin with ##, they are used when upgrading

# this configuration.

#

#  Copyright 1998 - 2001 Double Precision, Inc.  See COPYING for

#  distribution information.

#

#  This configuration file sets various options for the Courier-IMAP server

#  when used with the couriertcpd server.

#  A lot of the stuff here is documented in the manual page for couriertcpd.

#

#  NOTE - do not use \ to split long variable contents on multiple lines.

#  This will break the default imapd.rc script, which parses this file.

#

##NAME: ADDRESS:0

#

#  Address to listen on, can be set to a single IP address.

#

#ADDRESS=127.0.0.1

ADDRESS=0

##NAME: PORT:1

#

#  Port numbers that connections are accepted on.  The default is 143,

#  the standard IMAP port.

#

#  Multiple port numbers can be separated by commas.  When multiple port

#  numbers are used it is possible to select a specific IP address for a

#  given port as "ip.port".  For example, "127.0.0.1.900,192.68.0.1.900"

#  accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1

#  The previous ADDRESS setting is a default for ports that do not have

#  a specified IP address.

PORT=143

##NAME: MAXDAEMONS:0

#

#  Maximum number of IMAP servers started

#

MAXDAEMONS=40

##NAME: MAXPERIP:0

#

#  Maximum number of connections to accept from the same IP address

MAXPERIP=4

##NAME: PIDFILE:0

#

#  File where couriertcpd will save its process ID

#

PIDFILE=/var/run/imapd.pid

##NAME: TCPDOPTS:0

#

# Miscellaneous couriertcpd options that shouldn't be changed.

#

TCPDOPTS="-nodnslookup -noidentlookup"

##NAME: AUTHMODULES:0

#

# Authentication modules.  Here's the default list:

#

#    authdaemon

#

# The default is set during the initial configuration.

#

AUTHMODULES="authdaemon"

##NAME: AUTHMODULES_ORIG:0

#

# For use by webadmin

AUTHMODULES_ORIG="authdaemon"

##NAME: IMAP_CAPABILITY:0

#

# IMAP_CAPABILITY specifies what most of the response should be to the

# CAPABILITY command.

#

# If you have properly configured Courier to use CRAM-MD5 or CRAM-SHA1

# authentication (see INSTALL), set IMAP_CAPABILITY as follows:

#

# IMAP_CAPABILITY="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT AUTH=CRAM-MD5 AUTH=CRAM-SHA1"

#

# Otherwise, leave it set to the default value.  The IDLE keyword can also

# be added, in experimental mode.

#

# NOTE: CRAM-SHA1 is considered experimental at this time.

IMAP_CAPABILITY="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT"

##NAME: IMAP_CAPABILITY_ORIG:0

#

# For use by webadmin

IMAP_CAPABILITY_ORIG="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT AUTH=CRAM-MD5 AUTH=CRAM-SHA1 IDLE"

##NAME: IMAP_IDLE_TIMEOUT:0

#

# If you want to try out the IDLE extension, this setting controls how often

# the server polls for changes to the folder, in IDLE mode (in seconds).

IMAP_IDLE_TIMEOUT=60

##NAME: IMAP_CAPABILITY_TLS:0

#

# The following setting will advertise SASL PLAIN authentication after

# STARTTLS is established.  If you want to allow SASL PLAIN authentication

# with or without TLS then just comment this out, and add AUTH=PLAIN to

# IMAP_CAPABILITY

IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN"

##NAME: IMAP_TLS_ORIG:0

#

# For use by webadmin

IMAP_CAPABILITY_TLS_ORIG="$IMAP_CAPABILITY_ORIG AUTH=PLAIN"

##NAME: IMAP_DISABLETHREADSORT:0

#

# Set IMAP_DISABLETHREADSORT to disable the THREAD and SORT commands -

# server side sorting and threading.

#

# Those capabilities will still be advertised, but the server will reject

# them.  Set this option if you want to disable all the extra load from

# server-side threading and sorting.  Not advertising those capabilities

# will simply result in the clients reading the entire folder, and sorting

# it on the client side.  That will still put some load on the server.

# advertising these capabilities, but rejecting the commands, will stop this

# silliness.

#

IMAP_DISABLETHREADSORT=0

##NAME: IMAP_CHECK_ALL_FOLDERS:0

#

# Set IMAP_CHECK_ALL_FOLDERS to 1 if you want the server to check for new

# mail in every folder.  Not all IMAP clients use an IMAP's server new mail

# indicator, but some do, and normally new mail is checked only in INBOX,

# because it is a comparatively time consuming operation, and it would be

# a complete waste of time unless mail filters are used to deliver new

# mail directly to folders.

#

# When IMAP clients are used which support new mail indication, and when

# mail filters are used to sort incoming mail into folders, setting

# IMAP_CHECK_ALL_FOLDERS to 1 will allow IMAP clients to announce new

# mail in folders.  Note that this will result in slightly more load on the

# server.

#

IMAP_CHECK_ALL_FOLDERS=0

##NAME: IMAP_OBSOLETE_CLIENT:0

#

# Set IMAP_OBSOLETE_CLIENT if your IMAP client expects \\NoInferiors to mean

# what \\HasNoChildren really means.

IMAP_OBSOLETE_CLIENT=0

##NAME: IMAP_ULIMITD:0

#

# IMAP_ULIMITD sets the maximum size of the data segment of the server

# process.  The value of IMAP_ULIMITD is simply passed to the "ulimit -d"

# command.  The argument to ulimit -d sets the upper limit on the size

# of the data segment of the server process, in kilobytes.  The default

# value of 65536 sets a very generous limit of 64 megabytes, which should

# be more than plenty for anyone.

#

# This feature is used as an additional safety check that should stop

# any potential denial-of-service attacks that exploit any kind of

# a memory leak to exhaust all the available memory on the server.

# It is theoretically possible that obscenely huge folders will also

# result in the server running out of memory when doing server-side

# sorting (by my calculations you have to have at least 100,000 messages

# in a single folder, for that to happen).

IMAP_ULIMITD=65536

##NAME: IMAP_USELOCKS:0

#

# Set IMAP_USELOCKS to 1 if you experience weird problems when using IMAP

# clients that open multiple connections to the server.  I would hope that

# most IMAP clients are sane enough not to issue commands to multiple IMAP

# channels which conflict with each other.

#

IMAP_USELOCKS=0

##NAME: IMAP_EMPTYTRASH:0

#

# The following setting is optional, and causes messages from the given

# folder to be automatically deleted after the given number of days.

# IMAP_EMPTYTRASH is a comma-separated list of folder:days.  The default

# setting, below, purges 7 day old messages from the Trash folder.

# Another useful setting would be:

#

# IMAP_EMPTYTRASH=Trash:7,Sent:30

#

# This would also delete messages from the Sent folder (presumably copies

# of sent mail) after 30 days.  This is a global setting that is applied to

# every mail account, and is probably useful in a controlled, corporate

# environment.

#

# You might want to disable this setting in certain situations - it results

# in a stat() of every file in each folder, at login and logout.

#

IMAP_EMPTYTRASH=Trash:7

##NAME: IMAP_MOVE_EXPUNGE_TO_TRASH:0

#

# Set IMAP_MOVE_EXPUNGE_TO_TRASH to move expunged messages to Trash.  This

# effectively allows an undo of message deletion by fishing the deleted

# mail from trash.  Trash can be manually expunged as usually, and mail

# will get automatically expunged from Trash according to IMAP_EMPTYTRASH.

#

# NOTE: shared folders are still expunged as usual.  Shared folders are

# not affected.

#

IMAP_MOVE_EXPUNGE_TO_TRASH=0

##NAME: IMAPDSTART:0

#

# IMAPDSTART is not used directly.  Rather, this is a convenient flag to

# be read by your system startup script in /etc/rc.d, like this:

#

#  . /usr/lib/courier-imap/libexec/imapd.config

#

#  case x$IMAPDSTART in

#  x[yY]*)

#        /usr/lib/courier-imap/libexec/imapd.rc start

#        ;;

#  esac

#

# The default setting is going to be NO, so you'll have to manually flip

# it to yes.

IMAPDSTART=YES

V Démarrage des Services

Lancement de courier-imap faire un script start_courier

/usr/lib/courier-imap/libexec/imapd.rc start

/usr/lib/courier-imap/libexec/authlib/authdaemond start

Arrêt de courier-imap faire un script stop_courier

/usr/lib/courier-imap/libexec/imapd.rc stop

/usr/lib/courier-imap/libexec/authlib/authdaemond stop

Lancement postfix : postfix start

Arrêt postfix : postfix stop

Autres options disponibles : reload, abort, flush, check

VI Installation du webmail

Notre choix s’est porté sur JAWmail

http://sourceforge.net/projects/jawmail/

Cedratnet.fr