Wiki

Personal wiki of Goran Jurić

Sidebar

Debian

  1. Installation
    1. Essential software
    2. Static IP address
    3. Time synchronization
  2. Security
    1. Firewall
    2. Intrusion detection
    3. Server certificates
  3. Web Server
    1. MySQL
    2. Apache
    3. PHP
  4. Mail Server
    1. Dns records
    2. Postfix
    3. Courier
    4. Anti-spam & Anti-virus
    5. Maildrop
    6. Vacation
    7. DKIM
    8. Webmail
  5. Other services
    1. Subversion
    2. Redmine
    3. Munin
    4. Hudson
debian:courier

Table of Contents

Courier - Debian Lenny (5.0) / Ubuntu

This article is outdated. Updated version on building a mail server on Debian 6 is published as a free eBook here.

Installation

To install Courier with support for MySQL authorisation and POP3, POP3-SSL, IMAP and IMAP-SSL access to mailboxes you run: 

apt-get install courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl

Since I do not use POP3 I am only installing 

apt-get install courier-authdaemon courier-authlib-mysql courier-imap courier-imap-ssl

When asked if you would like to create directories for web-based administration, answer No.

Open /etc/courier/authdaemonrc and change 

authmodulelist="authpam"

to 

authmodulelist="authmysql"

Create a backup of the /etc/courier/authmysqlrc file 

cd /etc/courier/
cp authmysqlrc authmysqlrc~

Empty /etc/courier/authmysqlrc 

cat /dev/null > /etc/courier/authmysqlrc
nano /etc/courier/authmysqlrc

And paste the following: 

MYSQL_SERVER localhost
MYSQL_USERNAME mailadmin
MYSQL_PASSWORD newpassword
MYSQL_PORT 0
MYSQL_DATABASE mail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD 5000
MYSQL_GID_FIELD 5000
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD "/home/vmail"
MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(username,'@',-1),'/',SUBSTRING_INDEX(username,'@',1),'/')
MYSQL_QUOTA_FIELD concat(quota,'S')

Notice that the QUOTE_FIELD has an “S” appended to the value. This is because Postfix Admin stores MailDir quota as an integer, and Courier maildrop expects the quota value to be in the format XXXS, where XXX represent the number of bytes that can be stored in the Maildir, and “S” stands for size.

Maildrop can also use XXXC, where “C” I guess stands for “COUNT” because this value stands for number of messages that MailDir can store.

Configure Courier to user our certificates

nano /etc/courier/imapd-ssl

and change values of TLS_CERTFILE and TLS_TRUSTCERTS to 

TLS_CERTFILE=/etc/ssl/self-signed/server.pem
TLS_TRUSTCERTS=/etc/ssl/self-signed/server.crt

To restart Courier you have to restart couple of services 

/etc/init.d/courier-authdaemon restart
/etc/init.d/courier-imap restart
/etc/init.d/courier-imap-ssl restart

And if you have it installed POP3 as well 

/etc/init.d/courier-pop restart
/etc/init.d/courier-pop-ssl restart

If you would like users of every virtual domain on your server to connect to mail.their-domain.com instead of to atlantis.example.com you will have to sign new certificates for every domain and also use a separate IP address for each virtual host. Information on placing certificates for various hosts can be found in /etc/courier/imapd-ssl.

Courier firewall rules

You have to change Firewall rules to allow inbound connections to ports that Courier uses:

  • Pop and secure Pop use ports 110 and 995 respectively.
  • Imap and secure imap use ports 143 and 993 respectively.
debian/courier.txt · Last modified: 2015/03/13 23:29 (external edit)

Copyright © Goran Jurić