centos:mail_c6:horde_8

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

Nächste Überarbeitung		 Vorhergehende Überarbeitung
centos:mail_c6:horde_8 [21.02.2013 17:39. ] – Seite neu angelegt djangocentos:mail_c6:horde_8 [22.07.2019 15:08. ] (aktuell) – Externe Bearbeitung 127.0.0.1
Zeile 1: Zeile 1:
 +====== Filter-Regeln (sieve) - ingo ======
 +Als letzte [[http://www.horde.org/apps|Applikation]] installieren wir uns noch die Anwendung **[[http://www.horde.org/apps/ingo|Ingo]]**. Mit Hilfe dieser Anwendung können wir die am IMAP-Server hinterlegten Sieve-Regeln anlegen, bearbeiten und auch löschen. 
 +Informationen zu Installation und Konfiguration findet amn auch auf der offiziellen [[http://www.horde.org/apps/ingo/docs/INSTALL|Doku-Seite]].
 +
 +===== Installation =====
 +Wie auch schon bei der [[centos:mail_c6:horde_1|Grund-Installation]] des Horde-Frameworks, werden wir hier auf **PHP Extension and Application Repository** oder kurz **PEAR** zurück.
 +
 +Das Programmpaket holen wir und nun erst einmal auf unseren Web-Server.
 +   # pear install -a -B horde/ingo
 +
 +  Starting to download ingo-3.0.2.tgz (1,488,898 bytes)
 +  ......................................................................done: 1,488,898 bytes
 +  install ok: channel://pear.horde.org/ingo-3.0.2
 +
 +===== vorbereitende Konfiguration =====
 +Die Konfiguration des Moduls **Ingo** erfolgt, wie auch bereits bei der Grundkonfiguration des Horde-Frameworks, über die GUI des Horde-Framworks. Bevor wir uns daran machen können, benötigen wir noch eine entsprechende (//leere//) Backupdatei für die mitgelieferte Vorgabekonfigurationsdatei. Ferner müssen wir dafür sorgen, dass unser Apache-Webserver die Änderungen im Konfigurationsverzeichnis ablegen kann.
 +Zunächst kopieren wir uns die Vorlagedateien, die bei der Hordeinstallation mit kamen.
 +   # cp -a /var/www/horde/ingo/config/hooks.php.dist /var/www/horde/ingo/config/hooks.php
 +
 +   # cp -a /var/www/horde/ingo/config/backends.php /var/www/horde/ingo/config/backends.local.php
 +Anschließend legen wir noch die besagte Backup-Datei für die Konfiguration an.
 +   # touch /var/www/horde/ingo/config/conf.php.bak
 +
 +Zum Schluß weisen wir noch die Datei und Besitzrechte für die Konfigurationsdatei- und dessen Verzeichnis zu.
 +   # chown -R root:apache /var/www/horde/ingo/config
 +
 +   # chmod g+w -R /var/www/horde/ingo/config
 +
 +===== Konfiguration des Backend-/IMAP-Server =====
 +Neben der Konfiguration der Anwendung selbst, müssen wir der Anwendung **Ingo** auch noch mitteilen, wie es sich zum **MDA**((**M**ail **D**elivery **S**ystem)) also unserem IMAP-Server verbinden soll.
 +
 +<WRAP round tip>Die mitgelieferte Konfigurationsdatei **backends.php** lassen wir unangetastet. Die Konfiguration nehmen wir über die zuvor kopierte Datei **backends.local.php** vor.</WRAP>
 +
 +Als erstes deaktivieren wir den ersten Standardeintrag und ergänzen dann den Eintrag für die Anbindung an unseren Dovecot-IMAP-Server.
 +   # vim /var/www/horde/ingo/config/backends.local.php
 +<file php /var/www/horde/ingo/config/backends.local.php><?php
 +/**
 + * Ingo works purely on a preferred mechanism for server selection. There are
 + * a number of properties that you can set for each backend:
 + *
 + * IMPORTANT: DO NOT EDIT THIS FILE!
 + * Local overrides MUST be placed in backends.local.php or backends.d/.
 + * If the 'vhosts' setting has been enabled in Horde's configuration, you can
 + * use backends-servername.php.
 + *
 + * Example configuration file that enables the Sieve backend in favor of the
 + * IMAP backend:
 + *
 + * <code>
 + * <?php
 + * $backends['imap']['disabled'] = true;
 + * $backends['sieve']['disabled'] = false;
 + * </code>
 + *
 + * disabled: (boolean) If true, the config entry is disabled.
 + *
 + * params: (array) An array containing any additional information that the
 +         transport class needs. See examples below for further details.
 + *
 + * preferred: (string) This is the field that is used to choose which server
 +            is used. The value for this field may be a single string or an
 +            array of strings containing the hostnames to use with this
 +            server.
 + *
 + * script: (string) The type of script driver this server uses. Options:
 +   - imap:  IMAP client side filtering (POP3 servers NOT supported).
 +   - maildrop:  Maildrop scripts.
 +   - procmail:  Procmail scripts.
 +   - sieve:  Sieve scripts.
 + *
 + * scriptparams: (array) An array containing any additional information that
 +               the script driver needs. See below for further details.
 + *
 + * shares: (boolean) Some drivers support sharing filter rules with other
 +         users. Users can then configure filters for each other if they
 +         give them permissions to do so. If you want to enable this feature,
 +         you need to set this parameter to true.
 + *
 + * transport: (string) The transport driver to use to store the script on the
 +            backend server. Valid options:
 +   - ldap:  LDAP server.
 +   - null:  No backend server (i.e. for script drivers, such as 'imap', that
 +            does not use scripts).
 +   - timsieved:  Timsieved (managesieve) server.
 +   - vfs:  Use Horde VFS.
 + *
 +   NOTE: By default, the transport driver will use Horde credentials to
 +         authenticate to the backend. If a different username/password is
 +         needed, use the 'transport_auth' hook (see hooks.php) to define
 +         these values.
 + */
 +
 +/* IMAP Example */
 +$backends['imap'] = array(
 +    // ENABLED by default
 +    // Django : 2013-02-04
 +    // default: 'disabled' => false,
 +    'disabled' => true,
 +    'transport' => 'null',
 +    'params' => array(),
 +    'script' => 'imap',
 +    'scriptparams' => array(),
 +    'shares' => false
 +);
 +
 +/* Maildrop Example */
 +$backends['maildrop'] = array(
 +    // Disabled by default
 +    'disabled' => true,
 +    'transport' => 'vfs',
 +    'params' => array(
 +        // Hostname of the VFS server
 +        'hostspec' => 'localhost',
 +        // Name of the maildrop config file to write
 +        'filename' => '.mailfilter',
 +        // The path to the .mailfilter filter file, defaults to the filters'
 +        // owner's home directory.
 +        // You can use the following variables:
 +        //   %u = name of the filters' owner
 +        //   %d = domain name of the filters' owner
 +        //   %U = the transport 'username'
 +        // Example:
 +        //   '/data/maildrop/filters/%d/%u'
 +        //   This would be translated into:
 +        //   '/data/maildrop/filters/<filter_owners_domainname>/<filter_owners_username>/.mailfilter'
 +        // 'vfs_path' => '/path/to/maildrop',
 +
 +        // VFS: FTP example
 +        // The VFS driver to use
 +        'vfstype' => 'ftp',
 +        // Port of the VFS server
 +        'port' => 21,
 +        // Specify permissions for uploaded files if necessary:
 +        // 'file_perms' => '0640',
 +
 +        // VFS: SSH2 example
 +        // The VFS driver to use
 +        // 'vfstype' => 'ssh2',
 +        // Port of the VFS server
 +        // 'port' => 22,
 +    ),
 +    'script' => 'maildrop',
 +    'scriptparams' => array(
 +        // Any arguments passed to the mailbot command. The -N flag (to not
 +        // include the original, quoted message content has been added with
 +        // Maildrop 2.5.1/Courier 0.65.1.
 +        'mailbotargs' => '-N',
 +        // What path style does the IMAP server use ['mbox'|'maildir']?
 +        'path_style' => 'mbox',
 +        // Strip 'INBOX.' from the beginning of folder names in generated
 +        // scripts?
 +        'strip_inbox' => false,
 +        // An array of variables to append to every generated script.
 +        // Use if you need to set up specific environment variables.
 +        'variables' => array(
 +            // Example for the $PATH variable
 +            // 'PATH' => '/usr/bin'
 +        )
 +    ),
 +    'shares' => false
 +);
 +
 +/* Procmail Example */
 +$backends['procmail'] = array(
 +    // Disabled by default
 +    'disabled' => true,
 +    'transport' => 'vfs',
 +    'params' => array(
 +        // Hostname of the VFS server
 +        'hostspec' => 'localhost',
 +        // Name of the procmail config file to write
 +        'filename' => '.procmailrc',
 +        // The path to the .procmailrc filter file, defaults to the filters'
 +        // owner's home directory.
 +        // You can use the following variables:
 +        //   %u = name of the filters' owner
 +        //   %U = the 'username' from above
 +        // Example:
 +        //   '/data/procmail/filters/%u'
 +        //   This would be translated into:
 +        //   '/data/procmail/filters/<filter_owners_username>/.procmailrc'
 +        // 'vfs_path' => '/path/to/procmail',
 +
 +        // If procmail needs an external command for mail delivery, you
 +        // can specify it below. You can also set a prefix for the mailbox name
 +        // eg. for /usr/local/sbin/dmail +INBOX
 +        // 'delivery_agent' => '/usr/local/sbin/dmail',
 +        // 'delivery_mailbox_prefix' => '+',
 +
 +        // if the GNU utilities cannot be found in the path
 +        // or have different names, you can specify their location below
 +        // 'date' => '/opt/csw/bin/gdate',
 +        // 'echo' => '/opt/csw/bin/gecho',
 +        // 'ls' => '/opt/csw/bin/gls',
 +
 +        // VFS: FTP example
 +        // The VFS driver to use
 +        'vfstype' => 'ftp',
 +        // Port of the VFS server
 +        'port' => 21,
 +
 +        // VFS: SSH2 example
 +        // The VFS driver to use
 +        // 'vfstype' => 'ssh2',
 +        // Port of the VFS server
 +        // 'port' => 22,
 +    ),
 +    'script' => 'procmail',
 +    'scriptparams' => array(
 +        // What path style does the IMAP server use ['mbox'|'maildir']?
 +        'path_style' => 'mbox',
 +        // An array of variables to append to every generated script.
 +        // Use if you need to set up specific environment variables.
 +        'variables' => array(
 +            // The $DEFAULT variable. If using Maildir, Ingo will use this
 +            // value as the default unless you explicitly configure otherwise.
 +            // 'DEFAULT' => '$HOME/Maildir/',
 +            // The $DEFAULT variable. If using Maildir, Ingo will use this
 +            // value as the default unless you explicitly configure otherwise.
 +            // 'MAILDIR' => '$HOME/Maildir',
 +            // Example for the $PATH variable
 +            // 'PATH' => '/usr/bin',
 +            // Example for the $VACATION_DIR variable (used to store vacation files)
 +            // 'VACATION_DIR' => '$HOME',
 +        ),
 +        // If you need procmail to be called from .forward in the user's home
 +        // directory, set the file and the content below:
 +        // 'forward_file' => '.forward',
 +        // 'forward_string' => '"|/usr/local/bin/procmail"',
 +    ),
 +    'shares' => false
 +);
 +
 +/* Sieve Example */
 + * Django : 2013-02-04
 + * Konfigurationsbeispiel für die Anbindung an unseren Dovecot-IMAP-Server
 + */
 +$backends['sieve'] = array(
 +    // Disabled by default
 +    'disabled' => false,
 +    'transport' => 'timsieved',
 +    'params' => array(
 +        // Hostname of the timsieved server
 +        'hostspec' => 'imap.dmz.nausch.org',
 +        // Login type of the server
 +        'logintype' => 'LOGIN',
 +        // Enable/disable TLS encryption
 +        'usetls' => true,
 +        // Port number of the timsieved server
 +        'port' => 4190,
 +        // Name of the sieve script
 +        'scriptname' => 'ingo',
 +        // Enable debugging. With Net_Sieve 1.2.0 or later, the sieve protocol
 +        // communication is logged with the DEBUG level. Earlier versions
 +        // print the log to the screen.
 +        'debug' => true,
 +    ),
 +    'script' => 'sieve',
 +    'scriptparams' => array(
 +        // If using Dovecot or any other Sieve implementation that requires
 +        // folder names to be UTF-8 encoded, set this parameter to true.
 +        'utf8' => true,
 +     ),
 +    'shares' => false
 +);
 +
 +
 +/* sivtest Example */
 +$backends['sivtest'] = array(
 +    // Disabled by default
 +    'disabled' => true,
 +    'transport' => 'sivtest',
 +    'params' => array(
 +        // Hostname of the timsieved server
 +        'hostspec' => 'localhost',
 +        // Login type of the server
 +        'logintype' => 'GSSAPI',
 +        // Enable/disable TLS encryption
 +        'usetls' => true,
 +        // Port number of the timsieved server
 +        'port' => 4190,
 +        // Name of the sieve script
 +        'scriptname' => 'ingo',
 +        // Location of sivtest
 +        'command' => '/usr/bin/sivtest',
 +        // name of the socket we're using
 +        'socket' => Horde::getTempDir() . '/sivtest.'
 +            . uniqid(mt_rand()) . '.sock',
 +    ),
 +    'script' => 'sieve',
 +    'scriptparams' => array(),
 +    'shares' => false,
 +);
 +
 +/* Sun ONE/JES Example (LDAP/Sieve) */
 +$backends['ldapsieve'] = array(
 +    // Disabled by default
 +    'disabled' => true,
 +    'transport' => 'ldap',
 +    'params' => array(
 +        // Hostname of the ldap server
 +        'hostspec' => 'localhost',
 +        // Port number of the timsieved server
 +        'port' => 389,
 +        // LDAP Protocol Version (default = 2).  3 is required for TLS.
 +        'version' => 3,
 +        // Whether or not to use TLS.  If using TLS, you MUST configure
 +        // OpenLDAP (either /etc/ldap.conf or /etc/ldap/ldap.conf) with the CA
 +        // certificate which signed the certificate of the server to which you
 +        // are connecting.  e.g.:
 +        //
 +        // TLS_CACERT /usr/share/ca-certificates/mozilla/Equifax_Secure_CA.crt
 +        //
 +        // You MAY have problems if you are using TLS and your server is
 +        // configured to make random referrals, since some OpenLDAP libraries
 +        // appear to check the certificate against the original domain name,
 +        // and not the referred-to domain.  This can be worked around by
 +        // putting the following directive in the ldap.conf:
 +        //
 +        // TLS_REQCERT never
 +        'tls' => true,
 +        // Bind DN (for bind and script distinguished names, %u is replaced
 +        // with username, and %d is replaced with the internet domain
 +        // components (e.g. "dc=example, dc=com") if available).
 +        'bind_dn' => 'cn=ingo, ou=applications, dc=example, dc=com',
 +        // Bind password.  If not provided, user's password is used (useful
 +        // when bind_dn contains %u).
 +        'bind_password' => 'secret',
 +        // How to find user object.
 +        'script_base' => 'ou=People, dc=example, dc=com',
 +        'script_filter' => '(uid=%u)',
 +        // Attribute script is stored in.  Will not touch non-Ingo scripts.
 +        'script_attribute' => 'mailSieveRuleSource'
 +    ),
 +    'script' => 'sieve',
 +    'scriptparams' => array()
 +);
 +</file>
 +
 +Da die [[centos:mail_c6:horde_3#horde_framework|Authentifizierung]] mit **Username = eMail-Adresse** und **Passwort** gegen die mySQL-Datenbank erfolgt, müssen wir dien Umstand noch über die Datei **hooks.php** unserer Installation mitgeben.
 +   # vim /var/www/horde/ingo/config/hooks.php
 +
 +<file php /var/www/horde/ingo/config/hooks.php><?php
 +/**
 + * Ingo Hooks configuration file.
 + *
 + * THE HOOKS PROVIDED IN THIS FILE ARE EXAMPLES ONLY.  DO NOT ENABLE THEM
 + * BLINDLY IF YOU DO NOT KNOW WHAT YOU ARE DOING.  YOU HAVE TO CUSTOMIZE THEM
 + * TO MATCH YOUR SPECIFIC NEEDS AND SYSTEM ENVIRONMENT.
 + *
 + * For more information please see the horde/config/hooks.php.dist file.
 + *
 + * $Id: 1a8dc8d3f15f0e2d28118cd031b88294fcf72058 $
 + */
 +
 +class Ingo_Hooks
 +{
 +    /**
 +     * Returns the username/password needed to connect to the transport
 +     * backend.
 +     *
 +     * @param string $driver  The driver name (array key from backends.php).
 +     *
 +     * @return mixed  If non-array, uses Horde authentication credentials
 +                      (DEFAULT). Otherwise, an array with the following keys
 +                    (non-existent keys will use default values):
 +      - euser: (string; SIEVE ONLY) For the sieve driver, the effective
 +               user to use.
 +      - password: (string) Password.
 +      - username: (string) User name.
 +     */
 +    public function transport_auth($driver)
 +    {
 +        switch ($driver) {
 +        case 'timsieved':
 +//            // Example #1: Use full Horde username for password.
 +//            return array(
 +//                'username' => $GLOBALS['registry']->getAuth(null);
 +//            );
 +//
 +//            // Example #2: Use IMP password/username.
 +              // Django : 2013-02-04
 +              // Eintrag aktiviert für die Authentifizierung mit username und password 
 +              // gegen unseren mySQL-Datenbankserver
 +            $ob = $GLOBALS['registry']->call('mail/imapOb');
 +            return array(
 +                'password' => $ob->getParam('password'),
 +                'username' => $ob->getParam('username')
 +            );
 +        }
 +//
 +//        // DEFAULT: Use hordeauth (identical to not defining hook at all).
 +//        return true;
 +    }
 +
 +
 +    /**
 +     * Set the default addresses used for the vacation module.
 +     *
 +     * @param string $user  The username.
 +     *
 +     * @return array  A list of vacation addresses.
 +     */
 +//    public function vacation_addresses($user = null)
 +//    {
 +//        // Example #1: User has 2 vacation addresses.
 +//        return array($user . '@example.com', $user . '@foobar.com');
 +//    }
 +
 +}
 +</file>
 +
 +===== Konfiguration über die WEB-GUI =====
 +Die Konfiguration der Applikation **IMP** erfolgt dann über die GUI des Web-Frameworks. Dazu rufen wir unseren angelegten VHOST im Webbrowser auf.
 +   $ firefox https://buero.nausch.org
 +
 +{{ :centos:mail_c6:horde-5.png?direct&500 |Bild: Bildschirmhardcopy Horde "Erstanmeldung"}}
 +
 +Mit einem Klick auf das Zahnradsysmbol {{:centos:mail_c6:horde-4.png?nolink|Bild: Horde Menüpunkt Administration}} erreichen wir den Menüpunkt //**Administration**//.
 +
 +{{ :centos:mail_c6:horde-6.png?direct&480 |Bild: Bildschirmhardcopy Horde "Menüpunkt Administration"}}
 +
 +Hier wählen wir den Menüpunkt **//Configuration//** aus.
 +
 +{{ :centos:mail_c6:horde-37.png?direct&750 |Bild: Bildschirmhardcopy Horde "Configuration"}}
 +
 +Da wir die Anwendung **//Ingo//** noch nicht konfiguriert haben und auch die nötigen mySQL-Datenbanktabellen angelegt haben, sind die beiden Fehlermeldungen normal. 
 +
 +Als erstes legen wir die notwendigen Datenbanktabellen an. Hierzu klicken wir auf den Punkt **DB schema is out of date**. Die Aktion wird uns entsprechend positiv quittiert.
 +
 +{{ :centos:mail_c6:horde-38.png?direct&750 |Bild: Bildschirmhardcopy Horde "Configuration"}}
 +
 +Um zur Konfiguration von **IMP** zu gelangen, klicken wir nun auf den Punkt **Filter (ingo)**. 
 +
 +{{ :centos:mail_c6:horde-39.png?direct&750 |Bild: Bildschirmhardcopy Horde "Configuration"}}
 +
 +Auf den nun zur Verfügung stehenden Reitern, erfolgt die Konfiguration der Horde-Applikation **Ingo**. 
 +
 +=== Rules Storage ===
 +  $conf[storage][driver]                                                         SQL
 +  $conf[storage][params][driverconfig]                                           Horde defaults
 +  $conf[storage][maxblacklist]                                                   0
 +  $conf[storage][maxwhitelist]                                                   0
 +   
 +=== Rules Options ===
 +  $conf[rules][userheader]                                                       [✔]
 +
 +=== Spam Filtering ===
 +  $conf[spam][compare]                                                           string
 +  $conf[spam][header]                                                            X-Spam-Level
 +  $conf[spam][char]                                                          *
 +
 +
 +Am Ende unserer Konfigurationsarbeit, sichern wir die Konfiguration mit einem Klick auf die Schaltfläche: 
 +{{:centos:mail_c6:111-ingo.png?nolink&170|Bild: Schaltfläche "Filter-Konfiguration erzeugen"}}
 +Die erfolgreiche Sicherung wird uns entsprechend angezeigt.
 +{{ :centos:mail_c6:222-ingo.png?nolink&250 |Bild: Bestätigung der erfolgreichen Sicherung}}
 +
 +====== Links ======
 +  * **[[centos:mail_c6:start|Zurück zum Kapitel >>Mailserverinstallation unter CentOS 6<<]]**
 +  * **[[centos:mail_c6:start#horde_groupware_server|Zurück zum Kapitel >>horde Groupware Server<<]]**
 +  * **[[wiki:start|Zurück zu >>Projekte und Themenkapitel<<]]**
 +  * **[[http://dokuwiki.nausch.org/doku.php/|Zurück zur Startseite]]**
 +