CyrusDTC

From Dracula's Wiki

Runing DTC with cyrus

the firs thing that has to be done is the postfix configuration. Here I am using my configuration as example, I have made this configuration based on the web-cyradm howto. ( Postfix-Cyrus-Web-cyradm-HOWTO by Luc de Louw http://www.delouw.ch/linux/Postfix-Cyrus-Web-cyradm-HOWTO/html/index.html ) so first lets get rid of some courier specific things in /etc/postfix/main.cf

delete all virtual entries:

virtual_mailbox_domains = hash:/usr/share/dtc/etc/postfix_virtual_mailbox_domains
virtual_mailbox_base = /
virtual_mailbox_maps = hash:/usr/share/dtc/etc/postfix_vmailbox
virtual_minimum_uid = 100
virtual_uid_maps = static:65534
virtual_gid_maps = static:65534
virtual_alias_maps = hash:/usr/share/dtc/etc/postfix_virtual
virtual_uid_maps = hash:/usr/share/dtc/etc/postfix_virtual_uid_mapping

change some settings so the domain names get read from the DB

mydestination = localhost, mysql:/etc/postfix/mysql-mydestination.cf
sender_canonical_maps = mysql:/etc/postfix/mysql-canonical.cf (I'm not sure if I actualy need this)
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf

we will get to the content of the file a bit later.

definie these in your main.cf ###TO BE CHECKED

fallback_transport = cyrus
mailbox_transport = cyrus

other options I have set in my main.cf ... always worked so I prefer to keep them

broken_sasl_auth_clients = yes
disable_vrfy_command = yes

add cyrus to /etc/postfix/master.cf

cyrus     unix  -       n       n       -       -       pipe
  flags=R user=cyrus argv=/usr/cyrus/bin/deliver -e -m ${extension} ${recipient}

Configure PAM ( http://www.delouw.ch/linux/Postfix-Cyrus-Web-cyradm-HOWTO/html/pam-config.html )

You have to create the file /etc/pam.d/imap with the following entries: change user=,passwd= and db=to match your mysql user and password!

auth sufficient pam_mysql.so user=mail passwd=foobar host=localhost db=mail table=accountuser usercolumn=username passwdcolumn=password crypt=1 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time

account required pam_mysql.so user=mail passwd=foobar host=localhost db=mail table=accountuser usercolumn=username passwdcolumn=password crypt=1 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time

create /etc/postfix/mysql-virtual.cf with folowing content: again, change user, password and db

#
# mysql config file for alias lookups on postfix
# comments are ok.
#

# the user name and password to log into the mysql server
hosts = localhost
user = mail
password = foobar

# the database name on the servers
dbname = mail

# the table name
table = virtual

#
select_field = dest
where_field = alias
additional_conditions = and status = '1'

create /etc/postfix/mysql-canonical.cf

# mysql config file for canonical lookups on postfix
# comments are ok.
#

# the user name and password to log into the mysql server
hosts = localhost
user = mail
password = foobar

# the database name on the servers
dbname = mail

# the table name
table = virtual
#
select_field = alias
where_field = username
# Return the first match only
additional_conditions = and status = '1' limit 1

Finally the file /etc/postfix/mysql-mydestination.cf

# mysql config file for local domain (like sendmail's sendmail.cw) lookups on postfix
# comments are ok.
#

# the user name and password to log into the mysql server
hosts = localhost
user = mail
password = foobar

# the database name on the servers
dbname = mail

# the table name
table = domain
#
select_field = domain_name
where_field = domain_name

alow sasl authentication, add this in main.cf

# SASL SUPPORT FOR CLIENTS
#
# The following options set parameters needed by Postfix to enable
# Cyrus-SASL support for authentication of mail clients.
#
smtpd_sasl_application_name = smtpd
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = 
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination

You also need to create the file /usr/local/lib/sasl2/smtpd.conf with the following contents: in my case it was /usr/lib/sasl2 ...

pwcheck_method: saslauthd

The next step is to tell postfix how to find the saslauthd socket:

mv /var/run/sasl2 /var/run/sasl2-old
ln -s /var/run/saslauthd /var/run/sasl2

create a startup file for cyrus delete the rm -f and ln line if postfix is not in chroot mode !

#!/bin/bash
#
# Cyrus startup script

case "$1" in
    start)
        # Starting SASL saslauthdaemon
        /usr/sbin/saslauthd -r -c -a pam

        rm -f /var/spool/postfix/var/run/saslauthd/mux
        ln /var/run/saslauthd/mux /var/spool/postfix/var/run/saslauthd/mux

        # Starting Cyrus IMAP Server
        /usr/cyrus/bin/master &
        ;;

    stop)

        # Stopping SASL saslauthdaemon
        killall saslauthd

        # Stopping Cyrus IMAP Server
        killall /usr/cyrus/bin/master

        ;;

    *)
        echo "Usage: $0 {start|stop}"
        exit 1
        ;;

esac

if you see this in your auth.log ... cannot connect to saslauthd server: Permission denied then add cyrus to the sasl group !

when testing ... don't make the mistake I did creating a testacount foo@bar.com and trying to login with foo@bar.net argggg....

now this would already be enough so that cyrus could authenticate the users you create with DTC but the users don't have any mailboxes yet since cyrus can't use what is created by dtc, cyrus has it's own sealed system so you would have to create them manualy with cyradm, which is not realy the reason you installed dtc so it will get a bit tricky now. You will have to combine DTC with web-cyradm.

TODO:

• automatic startup of cyrus !
• change sql files to use DTC table

+---------------+---------------------+------+-----+---------------------+----------------+
| Field         | Type                | Null | Key | Default             | Extra          |
+---------------+---------------------+------+-----+---------------------+----------------+
| prefix        | varchar(50)         |      |     |                     |                |
-> mbox_host
| domain_name   | varchar(255)        |      |     |                     |                |
-> mbox_host
| name          | varchar(50)         |      |     |                     |                |
| username2     | varchar(25)         |      |     |                     |                |
| email         | varchar(100)        |      |     |                     |                |

| usertype      | varchar(25)         |      |     |                     |                |
use type ?? must change from varchar(20) to 25. what does dtc do ? 


| block         | tinyint(4)          |      |     | 0                   |                |
| sendEmail     | tinyint(4)          | YES  |     | 0                   |                |
????

| gid           | tinyint(3) unsigned |      |     | 18                  |                |
-> gid ? 

| registerDate  | datetime            |      |     | 0000-00-00 00:00:00 |                |
-> startdate, change to datetime instead of just date.

| lastvisitDate | datetime            |      |     | 0000-00-00 00:00:00 |                |
lastlogin, in dtc int14 ??? 

| activation    | varchar(100)        |      |     |                     |                |
| params        | text                |      |     |                     |                |
+---------------+---------------------+------+-----+---------------------+----------------+

my cyrus configfiles can be found here