|
Needs Updating |
|
Unsupported Version |
This wiki document explains how to setup Zarafa Mailserver on Ubuntu Hardy. The intended audience is experienced Linux users and system administrators.
Introduction
If you are new to Zarafa, please find more information on their homepage at http://www.zarafa.com/
This documentation describes how to set up Zarafa Mailserver, Postfix and Postgrey (for receiving Mails including Greylisting), OpenLDAP as central user-storage to postfix, phpldapadmin for editing LDAP-Users via Web-Page.
For 10.04 and above look here as the package is now in the Ubuntu Repositories:
http://www.zarafa.com/wiki/index.php/Install_Zarafa_from_Ubuntu_Repository
Thanks to
This documentation were not possible without the great work of (sorry, many pages are in german!)
http://blog.netzpiraten.ch/openldap-unter-ubuntu-installieren/
https://help.ubuntu.com/8.10/serverguide/C/openldap-server.html
- Zarafa Documentation which is realy good
Pre-Requirements
I started with a plain Ubuntu 8.04 LTS Server with no special packages except OpenSSH-Server installed during installation from the CD. My machine is a virtual. Currently I have assigned 1 CPU and 512 MB RAM and it works good (registered 10 Users within Zarafa and max. 2 Users concurrent on webaccess).
Step-By-Step Installation
Please note, I just copy the Unix-Commands with have to be entered at shell (eather SSH-Remote-Shell or on the machine itself starting Terminal-Session). Lines starting with a hash (#) are remark-lines. Since anything after a hash is ignored by the shell, it doesn't mather if you enter this also.
Download files
Look here http://www.zarafaserver.de/download-community I downloaded the 64 Bit Ubuntu 8.04 version.
Ubuntu-Preparation
Lets start:
# Became root sudo bash # Install some Dependencies apt-get install mysql-server libapache2-mod-php5 slapd ldap-utils phpldapadmin libldap-2.4-2
Zarafa installation
# Became root sudo bash # goto where you downloaded the Zarafa-Files cd <DOWNLOADFOLDER> # unzip anything for i in *.gz; do tar -xvzf "$i"; done # start installation install.sh
LDAP configuration
I still have troubles using LDAPS (meaning SSL-Encoded ldap-connecton, so I still use the unencrypted version, works also!)
# copy schema sudo cp /usr/share/zarafa/zarafa.schema /etc/ldap/schema
Following adjustments within /etc/ldap/slapd.conf (Ubuntu 8.10 : /etc/default/slapd) :
# Zarafa include /etc/ldap/schema/zarafa.schema
Now start the LDAP-Server, the HTTP-Server and make sure that the link for phpldapadmin is enabled
# Became root sudo bash ln -s /usr/share/phpldapadmin /var/www/phpldapadmin /etc/init.d/apache2 restart /etc/init.d/slapd restart
Now you should see the phpldapadmin-screen when going to http://localhost/phpldapadmin
LDAP: Create users and groups
Logon the phpldapadmin and create a new group. I called this group mailusers. Within this "directory-entry" all Zarafa-Users are listed. Do it that way:
- Click on this "Create new entry here" item
- Select "Posix Group"
- Insert the name of the group, in my example "mailusers", into the "group"-Field
- Save changes
Now do the same for creating a group storing the user-groups:
- Click on this "Create new entry here" item
- Select "Posix Group"
- Insert the name of the group, in my example "mailgroups", into the "group"-Field
- Save changes
The following steps have do be done for each user-account!!
Now create your Zarafa-users under this new group:
- Select the created group ("mailusers" i.e.)
- Click on "Create a child entry"
- Select "User Account"
Fill at least this fields: first name, last name, user id (=zarafa User-ID, POP3 and IMAP-UserAccount, Webaccess-Account), Password
- Select the created group as GID Number (i.e. "mailusers")
- Doesn't care what to set as home directory or as login shell, but there anything has to be entered
- "Create Object"
Now you have to add the Object-Class "zarafa-user", to let zarafa know that this is one of its users
- choose the newly created user
- search for "objectClass"
- click at "add value"
- choose "zarafa-user"
- save your changes
Now define mail-aliases under which this user will be accessable:
- choose the user
- click "Add new attribute" and search for "mail"
- insert the full e-mail-address of this user. It is a must in this configuration that the first entry on "mail" is a full e-mail-address because this is the sender-address when using web-access
- save your changes
choose the new user again and add all possible alias-addresses to this user-account. Add them also to the mail-field, but don't include the domain, means: just add "joe" and not "joe@nowhere.com". If your user-name is just a number or something (popuser001), please add also the e-mail-address without the domain-part, otherwise postfix/zarafa will not be able to find the right receiver!
Set up zarafa to use LDAP
# become root sudo bash # go to zarafa-config-folder cd /etc/zarafa ln -s ldap.openldap.cfg ldap.cfg
Now adjust some settings within the /etc/zarafa/ldap.cfg:
ldap_host = localhost ldap_port = 389 ldap_protocol = ldap # Enter here the full name of the mailusers-group as shown in phpldapadmin ldap_user_search_base = cn=mailusers,dc=..... # Enter here the full name of the mailgroups-group as shown in phpldapadmin ldap_group_search_base = cn=mailgroups,dc=.....
All other settings should be left "default".
Now just tell zarafa to user "ldap":
Editing /etc/zarafa/server.cfg:
user_plugin = ldap user_plugin_config = /etc/zarafa/ldap.cfg
and now restart zarafa ("sudo /etc/init.d/zarafa-server restart").
To check if the server knows your ldap-user try this:
# should show all users sudo zarafa-admin -l # should show all groups (it's not neccessary to have some groups created) sudo zarafa-admin -L
Set up postfix to use LDAP
Tell postfix to use LDAP for aliasing (/etc/postfix/main.cf):
alias_maps = hash:/etc/aliases, ldap:/etc/postfix/ldap-aliases
Now thie local alias is default, but ldap is a fallback. LDAP-Config should be in "/etc/postfix/ldap-aliases":
server_host = localhost # please enter the full dn of the "mailusers"-Group: search_base = cn=mailusers,dc=.... query_filter = mail=%s result_attribute = uid
You can try the postfix-setup out with that command:
postalias -q <ALIASENTRY> ldap:/etc/postfix/ldap-aliases
<ALIASENTRY> is now any of this alias-entries entered as "mail"-Attibute, i.E. "joe", "sandy",...
The result should be the "User Name"-Attribute
Set up postfix for zarafa
A view settings have to be done to tell postfix to send mails to zarafa (because postfix will receive mails from the internet in the first step, zarafa can't do that directly.
Add/Change this in /etc/postfix/main.cf:
# add your networks, i.e. 10.0.0.0/24 (meaning 10.0.0.0 - 10.0.0.255), to allow forwarding and skip greylisting from them mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.0.0.0/24 mydestination = yourFirstDomain.com, yourSecondDomain.com relayhost = theMailServer.yourProvider.com mailbox_transport = zarafa: zarafa_destination_recipient_limit = 1 # this line is to tell postfix to check postgrey: smtpd_client_restrictions = permit_mynetworks, check_policy_service inet:127.0.0.1:60000
And this goes to /etc/postfix/master.cf:
zarafa unix - n n - 10 pipe flags= user=vmail argv=/usr/bin/zarafa-dagent ${user}
Be sure to also create the unix-user "vmail" since zarafa sends all mail using this user.
Now tell zarafa to use the local postfix for sending mail out (/etc/zarafa/spool.cfg):
# Outgoing mailserver name or IP address smtp_server = relay.internal.fungus.at
and now restart postfix and zarafa:
sudo /etc/init.d/postfix restart sudo /etc/init.d/zarafa-server restart
OK, that should it be.
Admin Users
As written in the step-by-step installation, users can be administered with phpldapadmin. Also all "aliases",.. can be set up in this web-gui. Take care of when adding alias-names to "mail", that this mustn't have a domain-part! (joe instead of joe@mydomain.com)
The first entry of the mail-attribute must be a full e-mail-address since this is the sender-address when using webaccess.
Example:
mail: joe@myfulldomain.com joe joe.black bigboss user name: mailuser001
This means, that the user "mailuser001" (the user must enter this as user in the webaccess or in the mail-client when connecting via imap or pop3!!) has the following settings:
when sending mail from webaccess "joe@myfulldomain.com" will be used as the sender-address
- mails going to "joe", "joe.black", "bigboss" are all forwarded to this zarafa-account
- postfix must be configured to know, which domains are accepted (value "mydestination" in /etc/postfix/main.cf)
Access to the mail-store
Web-Access is going trought: http://localhost/webaccess
Pop3 and IMAP4 via the normal ports (110, 143) or take a look at /etc/zarafa/gateway.cfg