Postfixadmin zur Verwaltung des Dovecot-IMAP-Server unter CentOS 6.x
Betreibt man einen Mailserver mit vielen virtuellen Domänen und hat auch noch mehrere Administratoren, die sich um die Neuanlage der Nutzerkonten und deren Pflege kümmern, wird es bei meist etwas komplizierter. Entweder man braucht ein mächtigen LDAP-Server und zugehörige versierte Administratoren, Admins mit Konsolen-Zugang zum IMAP- und Postfix-Server oder man greift auf eine einfache WEB-GUI zum Verwalten der Maildomänen und Postfächer zurück.
Wir werden nun in diesem Konfigurationsbeispiel auf eine mySQL-Datenbank als Datenbankbackendsystem und auf Postfixadmin als WEB-GUI für die Administratoren zurückgreifen.
Download
Als erstes holen wir uns das aktuelle Programmarchiv von der Projektseite bei Sourceforge.
Wir wechseln als erstes in unser lokales Paketverzeichnis; falls wir dieses noch nicht angelegt haben, erstellen wir ggf. das fehlende Verzeichnis.
# mkdir -p /usr/local/src/packages/
# cd /usr/local/src/packages/
Dann laden wir das tar.gz-Archiv auf unseren Webserver herunter.
# wget http://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-2.3.6/postfixadmin-2.3.6.tar.gz
Im nächsten Schritt entpacken wir das Verzeichnis in den Webseiten-Speicherbereiches unseres Apache-Webservers.
# tar -zxf postfixadmin-2.3.6.tar.gz -C /var/www/
Die Datei und Nutzerrechte passen wir entsprechend an.
# chown root.apache /var/www/postfixadmin-2.3.6/ -R
Installation
Wichtige Informationen zur Installation finden wir in der Datei INSTALL.TXT.
# cat /var/www/postfixadmin/INSTALL.TXT
# # Postfix Admin # by Mischa Peters <mischa at high5 dot net> # Copyright (c) 2002 - 2005 High5! # Licensed under GPL for more info check GPL-LICENSE.TXT # REQUIRED!! ---------- - You are using Postfix 2.0 or higher. - You are using Apache 1.3.27 / Lighttpd 1.3.15 or higher. - You are using PHP 5.1.2 or higher. - You are using MySQL 3.23 or higher (5.x recommended) OR PostgreSQL 7.4 (or higher) READ THIS FIRST! ---------------- When this is an upgrade from a previous version of Postfix Admin, please read DOCUMENTS/UPGRADE.TXT also! If you need to setup Postfix to be able to handle Virtual Domains and Virtual Users check out: - the PostfixAdmin documentation in the DOCUMENTS/ directory - our wiki at http://sourceforge.net/apps/mediawiki/postfixadmin/ There are also lots of HOWTOs around the web. Be warned that many of them (even those listed below) may be outdated or incomplete. Please stick to the PostfixAdmin documentation, and use those HOWTOs only if you need some additional information that is missing in the PostfixAdmin DOCUMENTS/ folder. - http://codepoets.co.uk/postfixadmin-postgresql-courier-squirrelmail-debian-etch-howto-tutorial (Debian+Courier+PostgreSQL+Postfix+Postfixadmin) - http://bliki.rimuhosting.com/space/knowledgebase/linux/mail/postfixadmin+on+debian+sarge (Postfix+MySQL+Postfixadmin+Dovecot) - http://en.gentoo-wiki.com/wiki/Virtual_mail_server_using_Postfix,_Courier_and_PostfixAdmin (Postfix+MySQL+Postfixadmin+Courier) 1. Unarchive new Postfix Admin ------------------------------ Make sure that you are in your WWW directory and then unarchive the Postfix Admin archive (whatever the filename is): $ tar -zxvf postfixadmin-2.2.0.tgz 2. Setup a Database ------------------- With your chosen/preferred database server (i.e. MySQL or PostgreSQL), you need to create a new database. A good name for this could be : postfix The mechanics of creating the database vary depending on which server you are using. Most users will find using phpMyAdmin or phpPgAdmin the easiest route. If you wish to use the command line, you'll need to do something like : For MySQL: CREATE DATABASE postfix; CREATE USER 'postfix'@'localhost' IDENTIFIED BY 'choose_a_password'; GRANT ALL PRIVILEGES ON `postfix` . * TO 'postfix'@'localhost'; For PostgreSQL: CREATE USER postfix WITH PASSWORD 'whatever'; CREATE DATABASE postfix OWNER postfix ENCODING 'unicode'; 3. Configure PostfixAdmin so it can find the database ----------------------------------------------------- Edit the config.inc.php file - or - create config.local.php and add your settings there. The most important settings are those for your database server. You must also change the line that says : $CONF['configured'] = false; to $CONF['configured'] = true; PostfixAdmin does not require write access to any files. You can therefore leave the files owned as root (or a.n.other user); as long as the web server user (e.g. www-data) can read them, it will be fine. The next 'step', is optional. Only do it, if other non-trusted users have access to your user: Depending on your environment, you may want to protect the database username and password stored in config.inc.php - if so, you could move them into the Apache configuration file (which can be set to be visible only by root) using something like the following in your VirtualHost definition : SetEnv DB_USER "postfix" SetEnv DB_PASS "opensesame" config.inc.php would then be able to access these through : $CONF['database_user'] = $_SERVER['DB_USER'] 4. Check settings, and create Admin user ---------------------------------------- Hit http://yourserver.tld/postfixadmin/setup.php in a web browser. You should see a list of 'OK' messages. The setup.php script will attempt to create the database structure (or upgrade it if you're coming from a previous version). Assuming everything is OK you can specify a password (which you'll need to use setup.php again in the future); when you submit the form, the hashed value (which you need to enter into config.inc.php is echoed out - with appropriate instructions on what to do with it). create the admin user using the form displayed. 5. Use PostfixAdmin ------------------- This is all that is needed. Fire up your browser and go to the site that you specified to host Postfix Admin. 6. Integration with Postfix, Dovecot etc. ----------------------------------------- Now that PostfixAdmin is working, you need to do some configuration in Postfix, Dovecot etc. so that they use the domains, mailboxes and aliases you setup in PostfixAdmin. The files in the DOCUMENTS/ directory explain which settings you need to do/change. 7. More information ------------------- As of March 2007, PostfixAdmin moved to SourceForge. For the forum posts and source updates, see: https://sourceforge.net/projects/postfixadmin There is also #postfixadmin on irc.freenode.net.
mySQL Datenbank und -user anlegen
Wie Eingangs erwähnt, nutzen wir für die Verwaltung unserer Maildomänen und deren Nutzerkonten sowie Aliasen eine mySQL-Datenbank.
Wir melden uns also als berechtigter Datenbankuser an der mySQL-Datenbank an.
# mysql -h localhost -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1942
Server version: 5.1.67 Source distribution
Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
Dort legen wir als aller erst einmal eine Datenbank mit dem Namen postfix an.
mysql> create database postfix;
Query OK, 1 row affected (0.03 sec)
Anschließend legen wir uns einen oder mehrere Datenbankuser an, denen wir entsprechende Rechte an der Datenbank postfix einräumen. In diesem Anwendungsbeispiel gehen wir von drei Nutzern aus.
- Postfix-Admin : Der Nutzer, der vom Webserver, also unserer WEB-GUI PostfixAdmin, aus Zugriffe vornehmen wird.
- Postfix-Systemuser : technische User, der vom MTA1) also unserem Postfix-Server aus bei der Einlieferung der elektronischen Post die Datenbank befragen wird.
- Dovecot-Systemuser : technische User, der vom MDA2) also unserem Dovecot-IMAP Server beim Abholen der eMails durch die Nutzer die Authentifizierung und Autorisierung benötigt wird.
Also:
- postfixadmin-user:
Nutzer anlegen:mysql> CREATE USER 'pfadmin_user'@'10.0.0.90' IDENTIFIED BY 'rbgsDK39DeM2b2btx9iMHfzd';
Query OK, 0 rows affected (0.00 sec)
mysql> CREATE USER 'pfadmin_user'@'vml000090.dmz.nausch.org' IDENTIFIED BY 'rbgsDK39DeM2b2btx9iMHfzd';
Query OK, 0 rows affected (0.00 sec)
Nutzerberechtigungen setzen:mysql> GRANT ALL PRIVILEGES ON postfix.* TO 'pfadmin_user'@'10.0.0.90' IDENTIFIED BY 'rbgsDK39DeM2b2btx9iMHfzd' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;
Query OK, 0 rows affected (0.00 sec)
mysql> GRANT ALL PRIVILEGES ON postfix.* TO 'pfadmin_user'@'vml000090.dmz.nausch.org' IDENTIFIED BY 'rbgsDK39DeM2b2btx9iMHfzd' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;
Query OK, 0 rows affected (0.00 sec)
Berechtigungen zuweisen:mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
- postfix_user:
Nutzer anlegen:mysql> CREATE USER 'postfix_user'@'10.0.0.80' IDENTIFIED BY 'rbBgeM2b2btx9iMHfzd';
Query OK, 0 rows affected (0.00 sec)
mysql> CREATE USER 'postfix_user'@'smtp.dmz.nausch.org' IDENTIFIED BY 'rbBgeM2b2btx9iMHfzd';
Query OK, 0 rows affected (0.00 sec)
Berechtigungen zuweisen:mysql> GRANT ALL PRIVILEGES ON postfix.* TO 'postfix_user'@'10.0.0.80' IDENTIFIED BY 'rbBgeM2b2btx9iMHfzd' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;
Query OK, 0 rows affected (0.00 sec)
mysql> GRANT ALL PRIVILEGES ON postfix.* TO 'postfix_user'@'smtp.dmz.nausch.org' IDENTIFIED BY 'rbBgeM2b2btx9iMHfzd' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;
Query OK, 0 rows affected (0.00 sec)
Berechtigungen zuweisen:mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
- dovecot_user:
Nutzer anlegen:mysql> CREATE USER 'dovecot_user'@'10.0.0.170' IDENTIFIED BY 'GOMrG7l1bD74Ez81sUO';
Query OK, 0 rows affected (0.00 sec)
mysql> CREATE USER 'dovecot_user'@'imap.dmz.nausch.org' IDENTIFIED BY 'GOMrG7l1bD74Ez81sUO';
Query OK, 0 rows affected (0.00 sec)
Nutzerberechtigungen setzen:mysql> GRANT ALL PRIVILEGES ON postfix.* TO 'dovecot_user'@'10.0.0.170' IDENTIFIED BY 'GOMrG7l1bD74Ez81sUO' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;
Query OK, 0 rows affected (0.00 sec)
mysql> GRANT ALL PRIVILEGES ON postfix.* TO 'dovecot_user'@'imap.dmz.nausch.org' IDENTIFIED BY 'GOMrG7l1bD74Ez81sUO' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;
Query OK, 0 rows affected (0.00 sec)
Berechtigungen zuweisen:mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
Abschließend melden wir uns wieder von unserem Datenbankhost ab.
mysql> quit
Bye
Apache vHost anlegen
Bevor wir uns auf unserem Webserver einen vHost anlegen, überprüpfen wir noch, ob das Paket php-mbstring bereits bei der Installation des Webserver mitinstalliert wurde.
# yum list php-mbstring
Sofern das Paket noch nicht installiert wurde, holen wir dies jetzt nach.
# yum install php-mbstring -y
Anschließend definieren wir nun unseren vHost.
# vim /etc/httpd/conf.d/vhost_postfixadmin.conf
- /etc/httpd/conf.d/vhost_postfixadmin.conf
# # postfixadmin.nausch.org # <VirtualHost *:80> ServerAdmin webmaster@nausch.org ServerName postfixadmin.nausch.org ServerPath / DocumentRoot "/var/www/postfixadmin-2.3.6" <Location /> Options -Indexes FollowSymLinks Order allow,deny Allow from all </Location> <File setup.php> Order deny,allow Deny from all Allow from 127.0.0.1 Allow from 10.0 </File> DirectoryIndex index.php ErrorLog logs/postfixadmin_error.log CustomLog logs/postfixadmin_access.log combined </VirtualHost>
Bevor wor unseren Webserver einmal durchstarten damit er den neuen vHost auch verwenden kann, machen wir noch kurz einen Syntax-Check.
# service httpd configtest
Syntax OK
Abschließend starten wir den Webserver durch.
# service httpd condrestart
Stopping httpd: [ OK ] Starting httpd: [ OK ]
Konfiguration
Die Konfiguration von PostfixAdmin erfolgt über die Konfigurationsdatei config.inc.php. Rufen wir jetzt schon die WEB-GUI auf, erhalten wir Informationen zur weiteren Installation und Querverweise angezeigt.
Diese Datei versehen wir nun mit den entsprechenden Daten unserer Produktionsumgebung.
# vim /var/www/postfixadmin/config.inc.php
Die Änderungen in der Datei sind im folgenden Beispiel mit demm Namen des Admins und dem Datum versehen.
- /var/www/postfixadmin/config.inc.php
<?php /** * Postfix Admin * * LICENSE * This source file is subject to the GPL license that is bundled with * this package in the file LICENSE.TXT. * * Further details on the project are available at : * http://www.postfixadmin.com or http://postfixadmin.sf.net * * @version $Id: config.inc.php 935 2011-01-02 21:33:13Z christian_boltz $ * @license GNU GPL v2 or later. * * File: config.inc.php * Contains configuration options. */ /***************************************************************** * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! * You have to set $CONF['configured'] = true; before the * application will run! * Doing this implies you have changed this file as required. * i.e. configuring database etc; specifying setup.php password etc. */ // Django : 2013-02-05 // default: $CONF['configured'] = false $CONF['configured'] = true; // In order to setup Postfixadmin, you MUST specify a hashed password here. // To create the hash, visit setup.php in a browser and type a password into the field, // on submission it will be echoed out to you as a hashed value. $CONF['setup_password'] = 'changeme'; // Postfix Admin Path // Set the location of your Postfix Admin installation here. // YOU MUST ENTER THE COMPLETE URL e.g. http://domain.tld/postfixadmin // Django : 2013-02-05 // default: $CONF['postfix_admin_url'] = ''; $CONF['postfix_admin_url'] = 'http://postfixadmin.nausch.org'; // shouldn't need changing. $CONF['postfix_admin_path'] = dirname(__FILE__); // Language config // Language files are located in './languages', change as required.. // Django : 2013-02-05 // default: $CONF['default_language'] = 'en'; $CONF['default_language'] = 'de'; // Database Config // mysql = MySQL 3.23 and 4.0, 4.1 or 5 // mysqli = MySQL 4.1+ // pgsql = PostgreSQL $CONF['database_type'] = 'mysqli'; // Django : 2013-02-05 // default: $CONF['database_host'] = 'localhost'; // $CONF['database_user'] = 'postfix'; // $CONF['database_password'] = 'postfixadmin'; $CONF['database_host'] = 'mysql.dmz.nausch.org'; $CONF['database_user'] = 'pfadmin_user'; $CONF['database_password'] = 'J6nj7rbgsDK39DeM2b2btx9iMHfzd'; $CONF['database_name'] = 'postfix'; // If you need to specify a different port for a MYSQL database connection, use e.g. // $CONF['database_host'] = '172.30.33.66:3308'; // If you need to specify a different port for POSTGRESQL database connection // uncomment and change the following // $CONF['database_port'] = '5432'; // Here, if you need, you can customize table names. $CONF['database_prefix'] = ''; $CONF['database_tables'] = array ( 'admin' => 'admin', 'alias' => 'alias', 'alias_domain' => 'alias_domain', 'config' => 'config', 'domain' => 'domain', 'domain_admins' => 'domain_admins', 'fetchmail' => 'fetchmail', 'log' => 'log', 'mailbox' => 'mailbox', 'vacation' => 'vacation', 'vacation_notification' => 'vacation_notification', 'quota' => 'quota', 'quota2' => 'quota2', ); // Site Admin // Define the Site Admins email address below. // This will be used to send emails from to create mailboxes. // Django : 2013-02-05 // default: $CONF['admin_email'] = 'postmaster@change-this-to-your.domain.tld'; $CONF['admin_email'] = 'postmaster@nausch.org'; // Mail Server // Hostname (FQDN) of your mail server. // This is used to send email to Postfix in order to create mailboxes. // Django : 2013-02-05 // default: $CONF['smtp_server'] = 'localhost'; $CONF['smtp_server'] = 'smtp.dmz.nausch.org'; $CONF['smtp_port'] = '25'; // Encrypt // In what way do you want the passwords to be crypted? // md5crypt = internal postfix admin md5 // md5 = md5 sum of the password // system = whatever you have set as your PHP system default // cleartext = clear text passwords (ouch!) // mysql_encrypt = useful for PAM integration // authlib = support for courier-authlib style passwords // dovecot:CRYPT-METHOD = use dovecotpw -s 'CRYPT-METHOD'. Example: dovecot:CRAM-MD5 $CONF['encrypt'] = 'md5crypt'; // In what flavor should courier-authlib style passwords be enrypted? // md5 = {md5} + base64 encoded md5 hash // md5raw = {md5raw} + plain encoded md5 hash // SHA = {SHA} + base64-encoded sha1 hash // crypt = {crypt} + Standard UNIX DES-enrypted with 2-character salt $CONF['authlib_default_flavor'] = 'md5raw'; // If you use the dovecot encryption method: where is the dovecotpw binary located? $CONF['dovecotpw'] = "/usr/sbin/dovecotpw"; // Minimum length required for passwords. Postfixadmin will not // allow users to set passwords which are shorter than this value. // Django : 2013-02-05 // default: $CONF['min_password_length'] = 5; $CONF['min_password_length'] = 8; // Generate Password // Generate a random password for a mailbox or admin and display it. // If you want to automagically generate paswords set this to 'YES'. // Django : 2013-02-05 // default: $CONF['generate_password'] = 'NO'; $CONF['generate_password'] = 'YES'; // Show Password // Always show password after adding a mailbox or admin. // If you want to always see what password was set set this to 'YES'. $CONF['show_password'] = 'NO'; // Page Size // Set the number of entries that you would like to see // in one page. // Django : 2013-02-05 // default: $CONF['page_size'] = '10'; $CONF['page_size'] = '100'; // Default Aliases // The default aliases that need to be created for all domains. $CONF['default_aliases'] = array ( // Django : 2013-02-05 // default: 'abuse' => 'abuse@change-this-to-your.domain.tld', // 'hostmaster' => 'hostmaster@change-this-to-your.domain.tld', // 'postmaster' => 'postmaster@change-this-to-your.domain.tld', // 'webmaster' => 'webmaster@change-this-to-your.domain.tld' 'abuse' => 'abuse@nausch.org', 'hostmaster' => 'hostmaster@nausch.org', 'postmaster' => 'postmaster@nausch.org', 'webmaster' => 'webmaster@nausch.org' ); // Mailboxes // If you want to store the mailboxes per domain set this to 'YES'. // Examples: // YES: /usr/local/virtual/domain.tld/username@domain.tld // NO: /usr/local/virtual/username@domain.tld // Django : 2013-02-05 // default: $CONF['domain_path'] = 'NO'; $CONF['domain_path'] = 'YES'; // If you don't want to have the domain in your mailbox set this to 'NO'. // Examples: // YES: /usr/local/virtual/domain.tld/username@domain.tld // NO: /usr/local/virtual/domain.tld/username // Note: If $CONF['domain_path'] is set to NO, this setting will be forced to YES. // Django : 2013-02-05 // default: $CONF['domain_in_mailbox'] = 'YES'; $CONF['domain_in_mailbox'] = 'NO'; // If you want to define your own function to generate a maildir path set this to the name of the function. // Notes: // - this configuration directive will override both domain_path and domain_in_mailbox // - the maildir_name_hook() function example is present below, commented out // - if the function does not exist the program will default to the above domain_path and domain_in_mailbox settings $CONF['maildir_name_hook'] = 'NO'; /* maildir_name_hook example function Called by create-mailbox.php if $CONF['maildir_name_hook'] == '<name_of_the_function>' - allows for customized maildir paths determined by a custom function - the example below will prepend a single-character directory to the beginning of the maildir, splitting domains more or less evenly over 36 directories for improved filesystem performance with large numbers of domains. Returns: maildir path ie. I/example.com/user/ */ /* function maildir_name_hook($domain, $user) { $chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"; $dir_index = hexdec(substr(md5($domain), 28)) % strlen($chars); $dir = substr($chars, $dir_index, 1); return sprintf("%s/%s/%s/", $dir, $domain, $user); } */ // Default Domain Values // Specify your default values below. Quota in MB. // Django : 2013-02-05 // default: $CONF['aliases'] = '10'; // $CONF['mailboxes'] = '10'; // $CONF['maxquota'] = '10'; $CONF['aliases'] = '0'; $CONF['mailboxes'] = '0'; $CONF['maxquota'] = '5000'; // Quota // When you want to enforce quota for your mailbox users set this to 'YES'. // Django : 2013-02-05 // default: $CONF['quota'] = 'NO'; $CONF['quota'] = 'YES'; // You can either use '1024000' or '1048576' $CONF['quota_multiplier'] = '1024000'; // Transport // If you want to define additional transport options for a domain set this to 'YES'. // Read the transport file of the Postfix documentation. $CONF['transport'] = 'NO'; // Transport options // If you want to define additional transport options put them in array below. $CONF['transport_options'] = array ( 'virtual', // for virtual accounts 'local', // for system accounts 'relay' // for backup mx ); // Transport default // You should define default transport. It must be in array above. $CONF['transport_default'] = 'virtual'; // Virtual Vacation // If you want to use virtual vacation for you mailbox users set this to 'YES'. // NOTE: Make sure that you install the vacation module. (See VIRTUAL-VACATION/) $CONF['vacation'] = 'NO'; // This is the autoreply domain that you will need to set in your Postfix // transport maps to handle virtual vacations. It does not need to be a // real domain (i.e. you don't need to setup DNS for it). // Django : 2013-02-05 // default: $CONF['vacation_domain'] = 'autoreply.change-this-to-your.domain.tld'; $CONF['vacation_domain'] = 'autoreply.nausch.org'; // Vacation Control // If you want users to take control of vacation set this to 'YES'. // Django : 2013-02-05 // default: $CONF['vacation_control'] ='YES'; $CONF['vacation_control'] ='NO'; // Vacation Control for admins // Set to 'YES' if your domain admins should be able to edit user vacation. // Django : 2013-02-05 // default: $CONF['vacation_control_admin'] = 'YES'; $CONF['vacation_control_admin'] = 'NO'; // Alias Control // Postfix Admin inserts an alias in the alias table for every mailbox it creates. // The reason for this is that when you want catch-all and normal mailboxes // to work you need to have the mailbox replicated in the alias table. // If you want to take control of these aliases as well set this to 'YES'. // Alias control for superadmins $CONF['alias_control'] = 'NO'; // Alias Control for domain admins $CONF['alias_control_admin'] = 'NO'; // Special Alias Control // Set to 'NO' if your domain admins shouldn't be able to edit the default aliases // as defined in $CONF['default_aliases'] $CONF['special_alias_control'] = 'NO'; // Alias Goto Field Limit // Set the max number of entries that you would like to see // in one 'goto' field in overview, the rest will be hidden and "[and X more...]" will be added. // '0' means no limits. $CONF['alias_goto_limit'] = '0'; // Alias Domains // Alias domains allow to "mirror" aliases and mailboxes to another domain. This makes // configuration easier if you need the same set of aliases on multiple domains, but // also requires postfix to do more database queries. // Note: If you update from 2.2.x or earlier, you will have to update your postfix configuration. // Set to 'NO' to disable alias domains. $CONF['alias_domain'] = 'YES'; // Backup // If you don't want backup tab set this to 'NO'; $CONF['backup'] = 'YES'; // Send Mail // If you don't want sendmail tab set this to 'NO'; $CONF['sendmail'] = 'YES'; // Logging // If you don't want logging set this to 'NO'; $CONF['logging'] = 'YES'; // Fetchmail // If you don't want fetchmail tab set this to 'NO'; // Django : 2013-02-05 // default: $CONF['fetchmail'] = 'YES'; $CONF['fetchmail'] = 'NO'; // fetchmail_extra_options allows users to specify any fetchmail options and any MDA // (it will even accept 'rm -rf /' as MDA!) // This should be set to NO, except if you *really* trust *all* your users. $CONF['fetchmail_extra_options'] = 'NO'; // Header $CONF['show_header_text'] = 'NO'; $CONF['header_text'] = ':: Postfix Admin ::'; // link to display under 'Main' menu when logged in as a user. // Django : 2013-02-05 // default: $CONF['user_footer_link'] = "http://change-this-to-your.domain.tld/main"; $CONF['user_footer_link'] = "https://nausch.org"; // Footer // Below information will be on all pages. // If you don't want the footer information to appear set this to 'NO'. $CONF['show_footer_text'] = 'YES'; // Django : 2013-02-05 // default: $CONF['footer_text'] = 'Return to change-this-to-your.domain.tld'; // $CONF['footer_link'] = 'http://change-this-to-your.domain.tld'; $CONF['footer_text'] = 'nausch.org'; $CONF['footer_link'] = 'http://nausch.org'; // Welcome Message // This message is send to every newly created mailbox. // Change the text between EOM. // Django : 2013-02-05 // default: $CONF['welcome_text'] = <<<EOM // Hi, // // Welcome to your new account. // EOM; $CONF['welcome_text'] = <<<EOM Griasde! Herzlich Willkommen auf dem Mailserver von nausch.org! Wenn Du Probleme, Fragen und/oder Anregungen zu diesem Dienst hast, dann schreib einfach eine eMail an django@nausch.org. Den Webmaildienst erreichst du unter dieser Adresse: https://buero.nausch.org Viel Spass und viele Gruesse BOfH aka Django Bastard Operator from Hell http://dokuwiki.nausch.org EOM; // When creating mailboxes or aliases, check that the domain-part of the // address is legal by performing a name server look-up. // Django : 2013-02-05 // default: $CONF['emailcheck_resolve_domain']='YES'; $CONF['emailcheck_resolve_domain']='NO'; // Optional: // Analyze alias gotos and display a colored block in the first column // indicating if an alias or mailbox appears to deliver to a non-existent // account. Also, display indications, for POP/IMAP mailboxes and // for custom destinations (such as mailboxes that forward to a UNIX shell // account or mail that is sent to a MS exchange server, or any other // domain or subdomain you use) // See http://www.w3schools.com/html/html_colornames.asp for a list of // color names available on most browsers //set to YES to enable this feature // Django : 2013-02-05 // default: $CONF['show_status']='NO'; $CONF['show_status']='YES'; //display a guide to what these colors mean // Django : 2013-02-05 // default: $CONF['show_status_key']='NO'; $CONF['show_status_key']='YES'; // 'show_status_text' will be displayed with the background colors // associated with each status, you can customize it here $CONF['show_status_text']=' '; // show_undeliverable is useful if most accounts are delivered to this // postfix system. If many aliases and mailboxes are forwarded // elsewhere, you will probably want to disable this. $CONF['show_undeliverable']='NO'; $CONF['show_undeliverable_color']='tomato'; // mails to these domains will never be flagged as undeliverable $CONF['show_undeliverable_exceptions']=array("unixmail.domain.ext","exchangeserver.domain.ext","gmail.com"); $CONF['show_popimap']='NO'; $CONF['show_popimap_color']='darkgrey'; // you can assign special colors to some domains. To do this, // - add the domain to show_custom_domains // - add the corresponding color to show_custom_colors $CONF['show_custom_domains']=array("subdomain.domain.ext","domain2.ext"); $CONF['show_custom_colors']=array("lightgreen","lightblue"); // If you use a recipient_delimiter in your postfix config, you can also honor it when aliases are checked. // Example: $CONF['recipient_delimiter'] = "+"; // Set to "" to disable this check. // Django : 2013-02-05 // default: $CONF['recipient_delimiter'] = ""; $CONF['recipient_delimiter'] = "+"; // Optional: // Script to run after creation of mailboxes. // Note that this may fail if PHP is run in "safe mode", or if // operating system features (such as SELinux) or limitations // prevent the web-server from executing external scripts. // Parameters: (1) username (2) domain (3) maildir (4) quota // $CONF['mailbox_postcreation_script']='sudo -u courier /usr/local/bin/postfixadmin-mailbox-postcreation.sh'; // Optional: // Script to run after alteration of mailboxes. // Note that this may fail if PHP is run in "safe mode", or if // operating system features (such as SELinux) or limitations // prevent the web-server from executing external scripts. // Parameters: (1) username (2) domain (3) maildir (4) quota // $CONF['mailbox_postedit_script']='sudo -u courier /usr/local/bin/postfixadmin-mailbox-postedit.sh'; // Optional: // Script to run after deletion of mailboxes. // Note that this may fail if PHP is run in "safe mode", or if // operating system features (such as SELinux) or limitations // prevent the web-server from executing external scripts. // Parameters: (1) username (2) domain // $CONF['mailbox_postdeletion_script']='sudo -u courier /usr/local/bin/postfixadmin-mailbox-postdeletion.sh'; // Optional: // Script to run after creation of domains. // Note that this may fail if PHP is run in "safe mode", or if // operating system features (such as SELinux) or limitations // prevent the web-server from executing external scripts. // Parameters: (1) domain //$CONF['domain_postcreation_script']='sudo -u courier /usr/local/bin/postfixadmin-domain-postcreation.sh'; // Optional: // Script to run after deletion of domains. // Note that this may fail if PHP is run in "safe mode", or if // operating system features (such as SELinux) or limitations // prevent the web-server from executing external scripts. // Parameters: (1) domain // $CONF['domain_postdeletion_script']='sudo -u courier /usr/local/bin/postfixadmin-domain-postdeletion.sh'; // Optional: // Sub-folders which should automatically be created for new users. // The sub-folders will also be subscribed to automatically. // Will only work with IMAP server which implement sub-folders. // Will not work with POP3. // If you define create_mailbox_subdirs, then the // create_mailbox_subdirs_host must also be defined. // // $CONF['create_mailbox_subdirs']=array('Spam'); // $CONF['create_mailbox_subdirs_host']='localhost'; // // Specify '' for Dovecot and 'INBOX.' for Courier. // Django : 2013-02-05 // default: $CONF['create_mailbox_subdirs_prefix']='INBOX.'; $CONF['create_mailbox_subdirs_prefix']=''; // Optional: // Show used quotas from Dovecot dictionary backend in virtual // mailbox listing. // See: DOCUMENTATION/DOVECOT.txt // http://wiki.dovecot.org/Quota/Dict // // Django : 2013-02-05 // default: $CONF['used_quotas'] = 'NO'; $CONF['used_quotas'] = 'YES'; // if you use dovecot >= 1.2, set this to yes. // Note about dovecot config: table "quota" is for 1.0 & 1.1, table "quota2" is for dovecot 1.2 and newer // Django : 2013-02-05 // default: $CONF['new_quota_table'] = 'NO'; $CONF['new_quota_table'] = 'YES'; // // Normally, the TCP port number does not have to be specified. // $CONF['create_mailbox_subdirs_hostport']=143; // // If you have trouble connecting to the IMAP-server, then specify // a value for $CONF['create_mailbox_subdirs_hostoptions']. These // are some examples to experiment with: // $CONF['create_mailbox_subdirs_hostoptions']=array('notls'); // $CONF['create_mailbox_subdirs_hostoptions']=array('novalidate-cert','norsh'); // See also the "Optional flags for names" table at // http://www.php.net/manual/en/function.imap-open.php // Theme Config // Specify your own logo and CSS file // Django : 2013-02-05 // default: $CONF['theme_logo'] = 'images/logo-default.png'; // $CONF['theme_logo'] = 'images/postfixadmin_logo2.png'; $CONF['theme_css'] = 'css/default.css'; // XMLRPC Interface. // This should be only of use if you wish to use e.g the // Postfixadmin-Squirrelmail package // change to boolean true to enable xmlrpc $CONF['xmlrpc_enabled'] = false; // If you want to keep most settings at default values and/or want to ensure // that future updates work without problems, you can use a separate config // file (config.local.php) instead of editing this file and override some // settings there. if (file_exists(dirname(__FILE__) . '/config.local.php')) { include(dirname(__FILE__) . '/config.local.php'); } // // END OF CONFIG FILE // /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */
Initialisierung
Die Erstinitialisierung nehmen wir nun über unserem Browser vor.
$ firefox http://postfixadmin.nausch.org/setup.php
Als erstes erzeugen wir den Passworthash unseres Konfigurationspasswortes.
Diesen tragen wir in die Konfigurationsdatei config.inc.php ein.
# vim /var/www/postfixadmin-2.3.6/config.inc.php
... // In order to setup Postfixadmin, you MUST specify a hashed password here. // To create the hash, visit setup.php in a browser and type a password into the field, // on submission it will be echoed out to you as a hashed value. // Django : 2013-02-05 // default: $CONF['setup_password'] = 'changeme'; $CONF['setup_password'] = '7447deb0814e465863804dc1e18a209a:3fa10b4244b1d15447deb0814e465869764b8744'; ...
Anschließend rufen wir die Konfigurationsseite nochmals auf und legen unseren BOfH3)-Account an.
Anschließend können wir nun die Loginseite unserer WEB-GUI aufrufen.