How To Install Postfix with Mysql, Postfixadmin, Cyrus-SASL, Courier Authlib, Courier-Imap, Smtp-Auth and Squirellmail FreeBSD

What is Postfix, Postfixadmin, Cyrus-SASL, Courier Authlib, Courier-Imap, Squirellmail ?

Postfix is a free open source mail transfer agent (MTA), a computer program for the routing and delivery of email. It is intended as a fast, easy-to-administer, and secure alternative to the widely-used Sendmail MTA.

Postfix Admin is a web based interface to configure and manage a Postfix based email server for many users.

Cyrus-SASL is a package contains a Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols.

Courier Authlib is the Courier authentication library.

Courier-Imap is a fast, scalable, enterprise IMAP server that uses Maildirs. Many E-mail service providers use Courier-IMAP to easy handle hundreds of thousands of mail accounts. With its built-in IMAP and POP3 aggregation proxy, Courier-IMAP has practically infinite horizontal scalability. In a proxy configuration, a pool of Courier servers service initial IMAP and POP3 connections from clients.

Squirellmail is a Webmail for user to sending and receiving email.

I assume we already have a clean install server with Centos4 up and running.
We also need to make sure web server apache, php and mysql installed on the server.

FYI : We weil install all packages from FreeBSD ports
We assume you already have Freebsd 7 OS with MYSQL PHP and Apache installed on it.

1. Create Postfix DB

Login into your server and su with root access.

#mysql -u root -p
#create database postfix;
#GRANT ALL PRIVILEGES ON postfix.* TO 'postfix'@'localhost' IDENTIFIED BY 'yourpostfixpassword' WITH GRANT OPTION;
#flush privileges;
#exit

From mysql command above, we have created postfix db, with postfix user and yourpostfixpassword as db password.

2. Install Cyrus-SASL

Login into your server and su with root access.

#/usr/ports/security/cyrus-sasl2
#make config

Please kindly to take a look a capture screen below :
You need to make sure MYSQL, LOGIN and PLAIN is ticked/checked.

#make install clean

This will automatically install any dependency like MYSQL, OpenSSL.. etc.. leave it untouch and wait until the installation finished.

3. Install Postfix

#/usr/ports/mail/postfix
#make config

Please kindly to take a look a capture screen below :
You need to make sure PCRE, MYSQL,SASL2,TLS

#make install clean

This will automatically install any dependency like PCRE, MYSQL, Cyrus-SASL2, OpenSSL.. etc.. leave it untouch and wait until the installation finished.

3.1 Generate SSL for postfix

#cd /etc/ssl
#openssl req -new -x509 -nodes -out smtpd.pem -keyout smtpd.pem -days 3650

This will create smtpd.pem in /etc/ssl

3.2 Modify postix main.cf

## Add few lines below in the end of main.cf
virtual_alias_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:125
virtual_mailbox_base = /var/vmail/
virtual_mailbox_domains = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 112400000
virtual_mailbox_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 125
virtual_transport = virtual
virtual_uid_maps = static:125
alias_maps = mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf


#====================SASL========================
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
    permit_mynetworks,  
    permit_sasl_authenticated,
    reject_invalid_hostname,
    reject_non_fqdn_hostname,
    reject_unknown_sender_domain,
    reject_non_fqdn_sender,
    reject_non_fqdn_recipient,
    reject_unknown_recipient_domain,
    reject_unauth_pipelining,
    reject_unauth_destination,
    permit

smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner=$myhostname ESMTP "rainforest.neorack.com"

smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/ssl/smtpd.pem
smtpd_tls_cert_file = /etc/ssl/smtpd.pem
smtpd_tls_CAfile = /etc/ssl/smtpd.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

3.3 Create All *.cf files in /usr/local/etc/postfix

#cd /usr/local/etc/postfix
#pico mysql_virtual_alias_maps.cf

user = postfix
password = yourpostfixpassword
hosts = localhost
dbname = postfix
query = SELECT goto FROM alias WHERE address='%s' AND active = '1'

#pico mysql_virtual_domains_maps.cf

user = postfix
password = yourpostfixpassword
hosts = localhost
dbname = postfix
query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'

#pico mysql_virtual_mailbox_maps.cf

user = postfix
password = yourpostfixpassword
hosts = localhost
dbname = postfix
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'

3.4 Create VMAIL directory

#cd /var
#mkdir vmail
#chown -R postfix:postfix vmail

4 Install Courier-Authlib and SMTP AUTH

#cd /usr/ports/security/courier-authlib

Please kindly to take a look a capture screen below
You need to make sure Ticked AUTH_MYSQL

#make install clean

This will automatically install any dependency like MYSQL.. leave it untouched until finished.

4.1 Edit authdaemonrc

#cd /usr/local/etc/authlib
#mv authdaemonrc authdaemonrc-ori
#pico authdaemonrc
## uncomment this line below and edit this line to :
authmodulelist="authmysql"

4.2 Edit authmysqlrc

#cd /usr/local/etc/authlib
#mv authmysqlrc authmysqlrc-ori

Before you edit authmysqlrc, please check your postfix UID and GID.

#id postfix
uid=125(postfix) gid=125(postfix) groups=125(postfix),6(mail)

We will need postfix UID and GID in authmysqlrc config file below

#pico authmysqlrc

## Edit and change the sql user,db and password as needed
MYSQL_SERVER            localhost
MYSQL_USERNAME          postfix
MYSQL_PASSWORD          yourpostfixpassword
MYSQL_SOCKET            /tmp/mysql.sock
MYSQL_PORT              0
MYSQL_OPT               0
MYSQL_DATABASE          postfix
MYSQL_USER_TABLE        mailbox
MYSQL_CRYPT_PWFIELD     password
MYSQL_CLEAR_PWFIELD     password
MYSQL_UID_FIELD         '125'
MYSQL_GID_FIELD         '125'
MYSQL_LOGIN_FIELD       username
MYSQL_HOME_FIELD        '/var/vmail'
MYSQL_NAME_FIELD        name
MYSQL_MAILDIR_FIELD     maildir

4.3 Setting SMTP AUTH

#cd /usr/local/lib/sasl2
#pico smtpd.conf

pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/run/authdaemond/socket

4.4 Change authdaemond_path permission

#chown -R postfix:postfix /var/run/authdaemond/

5. Install Courier-Imap

#cd /usr/ports/mail/courier-imap
#make config

Please kindly to take a look a capture screen below,
Make sure you have ticked a AUTH_MYSQL

#make install clean

It will automatically install any dependency like MYSQL.. leave it untouched until installation finished.

5.1 Edit imapd, imapd-ssl, pop3d and pop3d-ssl

#cd /usr/local/etc/courier-imap
#cp pop3d.dist pop3d
#pico pop3d

## edit these line below to :
POP3AUTH="PLAIN LOGIN"
POP3AUTH_TLS="PLAIN LOGIN"
POP3DSTART=YES
## leave other options untouched

#cp imapd.dist imapd
#pico imapd

## change this line below to :
IMAPDSTART=YES
## leave other options untouched

#cp pop3d-ssl.dist pop3d-ssl
#pico pop3d-ssl

## change these line below to :
POP3DSSLSTART=YES
POP3_STARTTLS=NO
TLS_CERTFILE=/etc/ssl/smtpd.pem
## leave other options untouched

#cp imapd-ssl.dist imapd-ssl
#pico imapd-ssl

## change these line below to :
IMAPDSSLSTART=YES
IMAPDSTARTTLS=NO
TLS_CERTFILE=/etc/ssl/smtpd.pem
## leave other options untouched

6. Install Postfixadmin

#cd /usr/ports/mail/postfixadmin
#make config

Please kindly to take a look a capture screen below:
Please make sure you ticked a MYSQL

#make install clean

It will automatically install any dependency such as MYSQL etc.. please leave it untouched until finished.

6.1 Edit postfix admin config file

#cp -R /usr/local/www/postfixadmin /var/www/html/postfixadmin
#cd /var/www/html/postfixadmin

Find file config.inc.php.dist or config.inc.php-dist rename it to config.inc.php
#pico config.inc.php

## edit few lines below to :
$CONF['configured'] = true;
$CONF['postfix_admin_url'] = 'http://10.10.10.10/postfixadmin'; ## change it to your ip address/website
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfix';
$CONF['database_password'] = 'yourpostfixpassword';
$CONF['database_name'] = 'postfix';
$CONF['database_prefix'] = '';[/code]

You can access postfixadmin from browser. Example : http://10.10.10.10/postfixadmin/setup.php
After you have access the url above. you will generate a admin password for postfix. example your admin password is : testing123

you will receive a line like below, this is a HASH password for testing123:

$CONF['setup_password'] = 'e457ce0976f66096b69267f5103b62e0:712a40a9bd487e5fde6e1c6014f25'

Next, you need to edit config.inc.php again>
#pico config.inc.php

### fine $CONF['setup_password'] ###
Change it like below :

$CONF['setup_password'] = 'e457ce0976f66096b69267f5103b62e0:712a40a9bd487e5fde6e1c6014f25'
### save this file ###

So you can start create a postmaster account to manage all your virtual domains and virtual mailbox
From this url http://10.10.10.10/postfixadmin/setup.php
Input your setup admin password example : testing123
Input your master email or master admin email example : postmaster@testing.com
Inpur your master email or master admin email password example ; test123

After you have finished created a postmaster account / master admin email account.
you can login via this url http://10.10.10.10/postfixadmin/ to create a domain and virtual email account.

7. Install Squirrelmail Webmail

#cd /usr/ports/mail/squirrelmail
#make install clean

7.1 Configure Squirrelmail

#cp -R /usr/local/www/squirrelmail /var/www/html/webmail
#cd /var/www/html/webmail/config
#./conf.pl

type option 2
type option A
type option 6 for auth type "login"
type option 8 and type courier

type option B
type option 7 for smtp auth "login"
type S to save
type Q to quit

You can access your webmail from http://10.10.10.10/webmail, Change it into your website url/ your server ip address.

7.2 Install Courierpassd

#cd /usr/ports/security/courierpassd
#make install clean

7.3 Install Courierpassd in Inetd.conf

#pico /etc/inetd.conf

## add this line in the end of the config file
courierpassd stream tcp nowait root /usr/local/sbin/courierpassd courierpassd -s imap

#pico /etc/services

## add this line in the end of the config file
courierpassd 106/tcp #for courierpassd

8. Configure all Services in rc.conf and rc.local

#pico /etc/rc.conf
postfix_enable="YES"
courier_authdaemond_enable="YES"
courier_imap_imapd_enable="YES"
courier_imap_pop3d_enable="YES"
courier_imap_imapd_ssl_enable="YES"
courier_imap_pop3d_ssl_enable="YES"
inetd_enable="YES"

#pico /etc/rc.local
/usr/local/bin/mysqld_safe --user=mysql &

8.1 Starting all Services and daemon

#/usr/local/sbin/postfix start
postfix/postfix-script: starting the Postfix mail system
#/usr/src/etc/rc.d/inetd restart
Starting inetd.
#/usr/local/etc/rc.d/courier-authdaemond start
Starting courier_authdaemond.
#/usr/local/etc/rc.d/courier-imap-imapd start
Starting courier-imap-imapd.
#/usr/local/etc/rc.d/courier-imap-imapd-ssl start
Starting courier-imap-imapd-ssl.
#/usr/local/etc/rc.d/courier-imap-pop3d start
Starting courier-imap-pop3d.
#/usr/local/etc/rc.d/courier-imap-pop3d-ssl start
Starting courier-imap-pop3d-ssl.