Tag/tag.png

Needs Updating
This article needs updating to include the latest versions of Ubuntu. More info...

Tag/tag.png

Unsupported Version
This article applies to an unsupported version of Ubuntu. More info...

This wiki document explains how to setup Zarafa Mailserver on Ubuntu Hardy. The intended audience is experienced Linux users and system administrators.

Introduction

If you are new to Zarafa, please find more information on their homepage at http://www.zarafa.com/

This documentation describes how to set up Zarafa Mailserver, Postfix and Postgrey (for receiving Mails including Greylisting), OpenLDAP as central user-storage to postfix, phpldapadmin for editing LDAP-Users via Web-Page.

For 10.04 and above look here as the package is now in the Ubuntu Repositories:

http://www.zarafa.com/wiki/index.php/Install_Zarafa_from_Ubuntu_Repository

Thanks to

This documentation were not possible without the great work of (sorry, many pages are in german!)

Pre-Requirements

I started with a plain Ubuntu 8.04 LTS Server with no special packages except OpenSSH-Server installed during installation from the CD. My machine is a virtual. Currently I have assigned 1 CPU and 512 MB RAM and it works good (registered 10 Users within Zarafa and max. 2 Users concurrent on webaccess).

Step-By-Step Installation

Please note, I just copy the Unix-Commands with have to be entered at shell (eather SSH-Remote-Shell or on the machine itself starting Terminal-Session). Lines starting with a hash (#) are remark-lines. Since anything after a hash is ignored by the shell, it doesn't mather if you enter this also.

Download files

Look here http://www.zarafaserver.de/download-community I downloaded the 64 Bit Ubuntu 8.04 version.

Ubuntu-Preparation

Lets start:

   # Became root
   sudo bash

   # Install some Dependencies
   apt-get install mysql-server libapache2-mod-php5 slapd ldap-utils phpldapadmin libldap-2.4-2

Zarafa installation

   # Became root
   sudo bash
   # goto where you downloaded the Zarafa-Files
   cd <DOWNLOADFOLDER>
   # unzip anything
   for i in *.gz; do tar -xvzf "$i"; done

   # start installation
   install.sh   

LDAP configuration

I still have troubles using LDAPS (meaning SSL-Encoded ldap-connecton, so I still use the unencrypted version, works also!)

   # copy schema
   sudo cp /usr/share/zarafa/zarafa.schema /etc/ldap/schema

Following adjustments within /etc/ldap/slapd.conf (Ubuntu 8.10 : /etc/default/slapd) :

   # Zarafa
   include /etc/ldap/schema/zarafa.schema

Now start the LDAP-Server, the HTTP-Server and make sure that the link for phpldapadmin is enabled

   # Became root
   sudo bash
   ln -s /usr/share/phpldapadmin /var/www/phpldapadmin
   /etc/init.d/apache2 restart
   /etc/init.d/slapd restart

Now you should see the phpldapadmin-screen when going to http://localhost/phpldapadmin

LDAP: Create users and groups

Logon the phpldapadmin and create a new group. I called this group mailusers. Within this "directory-entry" all Zarafa-Users are listed. Do it that way:

  1. Click on this "Create new entry here" item
  2. Select "Posix Group"
  3. Insert the name of the group, in my example "mailusers", into the "group"-Field
  4. Save changes

Now do the same for creating a group storing the user-groups:

  1. Click on this "Create new entry here" item
  2. Select "Posix Group"
  3. Insert the name of the group, in my example "mailgroups", into the "group"-Field
  4. Save changes

The following steps have do be done for each user-account!!

Now create your Zarafa-users under this new group:

  1. Select the created group ("mailusers" i.e.)
  2. Click on "Create a child entry"
  3. Select "User Account"
  4. Fill at least this fields: first name, last name, user id (=zarafa User-ID, POP3 and IMAP-UserAccount, Webaccess-Account), Password

  5. Select the created group as GID Number (i.e. "mailusers")
  6. Doesn't care what to set as home directory or as login shell, but there anything has to be entered
  7. "Create Object"

Now you have to add the Object-Class "zarafa-user", to let zarafa know that this is one of its users

  1. choose the newly created user
  2. search for "objectClass"
  3. click at "add value"
  4. choose "zarafa-user"
  5. save your changes

Now define mail-aliases under which this user will be accessable:

  1. choose the user
  2. click "Add new attribute" and search for "mail"
  3. insert the full e-mail-address of this user. It is a must in this configuration that the first entry on "mail" is a full e-mail-address because this is the sender-address when using web-access
  4. save your changes
  5. choose the new user again and add all possible alias-addresses to this user-account. Add them also to the mail-field, but don't include the domain, means: just add "joe" and not "joe@nowhere.com". If your user-name is just a number or something (popuser001), please add also the e-mail-address without the domain-part, otherwise postfix/zarafa will not be able to find the right receiver!

Set up zarafa to use LDAP

   # become root
   sudo bash
   # go to zarafa-config-folder
   cd /etc/zarafa
   ln -s ldap.openldap.cfg ldap.cfg

Now adjust some settings within the /etc/zarafa/ldap.cfg:

   ldap_host = localhost
   ldap_port = 389
   ldap_protocol = ldap

   # Enter here the full name of the mailusers-group as shown in phpldapadmin
   ldap_user_search_base = cn=mailusers,dc=.....  

   # Enter here the full name of the mailgroups-group as shown in phpldapadmin
   ldap_group_search_base = cn=mailgroups,dc=.....

All other settings should be left "default".

Now just tell zarafa to user "ldap":

Editing /etc/zarafa/server.cfg:

   user_plugin             = ldap
   user_plugin_config      = /etc/zarafa/ldap.cfg

and now restart zarafa ("sudo /etc/init.d/zarafa-server restart").

To check if the server knows your ldap-user try this:

   # should show all users
   sudo zarafa-admin -l

   # should show all groups (it's not neccessary to have some groups created)
   sudo zarafa-admin -L

Set up postfix to use LDAP

Tell postfix to use LDAP for aliasing (/etc/postfix/main.cf):

   alias_maps = hash:/etc/aliases, ldap:/etc/postfix/ldap-aliases

Now thie local alias is default, but ldap is a fallback. LDAP-Config should be in "/etc/postfix/ldap-aliases":

   server_host = localhost
   # please enter the full dn of the "mailusers"-Group:
   search_base = cn=mailusers,dc=....
   query_filter = mail=%s
   result_attribute = uid

You can try the postfix-setup out with that command:

   postalias -q <ALIASENTRY> ldap:/etc/postfix/ldap-aliases 

<ALIASENTRY> is now any of this alias-entries entered as "mail"-Attibute, i.E. "joe", "sandy",...

The result should be the "User Name"-Attribute

Set up postfix for zarafa

A view settings have to be done to tell postfix to send mails to zarafa (because postfix will receive mails from the internet in the first step, zarafa can't do that directly.

Add/Change this in /etc/postfix/main.cf:

   # add your networks, i.e. 10.0.0.0/24 (meaning 10.0.0.0 - 10.0.0.255), to allow forwarding and skip greylisting from them
   mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.0.0.0/24

   mydestination = yourFirstDomain.com, yourSecondDomain.com
   relayhost = theMailServer.yourProvider.com
   mailbox_transport = zarafa:
   zarafa_destination_recipient_limit = 1
   
   # this line is to tell postfix to check postgrey:
   smtpd_client_restrictions = permit_mynetworks, check_policy_service inet:127.0.0.1:60000

And this goes to /etc/postfix/master.cf:

  zarafa unix - n n - 10 pipe
        flags= user=vmail argv=/usr/bin/zarafa-dagent ${user}

Be sure to also create the unix-user "vmail" since zarafa sends all mail using this user.

Now tell zarafa to use the local postfix for sending mail out (/etc/zarafa/spool.cfg):

  # Outgoing mailserver name or IP address
  smtp_server     =       relay.internal.fungus.at

and now restart postfix and zarafa:

   sudo /etc/init.d/postfix restart
   sudo /etc/init.d/zarafa-server restart

OK, that should it be.

Admin Users

As written in the step-by-step installation, users can be administered with phpldapadmin. Also all "aliases",.. can be set up in this web-gui. Take care of when adding alias-names to "mail", that this mustn't have a domain-part! (joe instead of joe@mydomain.com)

The first entry of the mail-attribute must be a full e-mail-address since this is the sender-address when using webaccess.

Example:

 mail:
  joe@myfulldomain.com
  joe
  joe.black
  bigboss

 user name:
   mailuser001

This means, that the user "mailuser001" (the user must enter this as user in the webaccess or in the mail-client when connecting via imap or pop3!!) has the following settings:

  • when sending mail from webaccess "joe@myfulldomain.com" will be used as the sender-address

  • mails going to "joe", "joe.black", "bigboss" are all forwarded to this zarafa-account
  • postfix must be configured to know, which domains are accepted (value "mydestination" in /etc/postfix/main.cf)

Access to the mail-store

Web-Access is going trought: http://localhost/webaccess

Pop3 and IMAP4 via the normal ports (110, 143) or take a look at /etc/zarafa/gateway.cfg

Zarafa (last edited 2013-12-09 15:48:22 by cpe-67-242-170-182)