Virtuelle Benutzer und Domains mit Postfix, Courier, MySQL und SquirrelMail (Mandriva 2008.1) - Seite 5

14 Eine Willkommens-Mail senden um die Maildir zu erstellen

Wenn Du eine neues E-Mail Konto anlegst und versuchst E-Mails abzurufen (mit POP3/IMAP), erhältst Du wahrscheinlich Fehlermeldungen, die Dir mitteilen, dass die Maildir nicht existiert. Die Maildir wird automatisch erstellt, wenn die erste E-Mail im neuen Konto ankommt. Daher ist es keine schlechte Idee, eine Willkommens-Mail an ein neues Konto zu senden. Um eine Willkommens-Mail an sales@example.com zu senden, führen wir dies aus:

mailx sales@example.com

Du wirst nach dem Betreff gefragt. Gib den Betreff ein (z.B. Welcome), drücke dann ENTER und gib in die nächste Zeile Deine Nachricht ein. Wenn die Nachricht fertig ist, drücke erneut ENTER damit Du Dich in einer neuen Zeile befindest, drücke dann STRG+D um die E-Mail fertigzustellen:

[root@server1 mail]# mailx sales@example.com
Subject: Welcome <-- ENTER
Welcome! Have fun with your new mail account. <-- ENTER
<-- CTRL+D
EOT
[root@server1 mail]#

15 Installation von SquirrelMail

SquirrelMail ist ein Webmail Interface, mit dem Deine Benutzer E-Mails in einem Browser senden und erhalten können. Dieses Kapitel zeigt, wie man es installiert und an unser Setup anpasst, so dass die Benutzer sogar ihr E-Mail Konten-Passwort vom SquirrelMail Interface aus ändern können.

Um SquirrelMail zu installieren, tippen wir einfach:

urpmi squirrelmail

SquirrelMail hat einige vorinstallierte Plugins, leider ist keiner von ihnen fähig, uns unser E-Mail Passwort in unserer MySQL Datenbank ändern zu lassen. Aber es gibt den Change SQL Password Plugin, den wir manuell installieren können:

cd /var/www/squirrelmail/plugins/
wget http://www.squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fwww.squirrelmail.org%2Fplugins%2Fchange_sqlpass-3.3-1.2.tar.gz
tar xvfz change_sqlpass-3.3-1.2.tar.gz
cd change_sqlpass
cp config.php.sample config.php

Nun müssen wir config.php bearbeiten und sie an unser Setup anpassen. Bitte passe die $csp_dsn, $lookup_password_query, $password_update_queries, $password_encryption, $csp_salt_static und $csp_delimiter Variablen wie folgt an und kommentiere $csp_salt_query aus:

vi config.php


[...]
$csp_dsn = 'mysql://mail_admin:mail_admin_password@localhost/mail'; [...] $lookup_password_query = 'SELECT count(*) FROM users WHERE email = "%1" AND password = %4'; [...] $password_update_queries = array('UPDATE users SET password = %4 WHERE email = "%1"'); [...] $password_encryption = 'MYSQLENCRYPT'; [...] $csp_salt_static = 'LEFT(password, 2)'; [...] //$csp_salt_query = 'SELECT salt FROM users WHERE username = "%1"'; [...] $csp_delimiter = '@'; [...]
Die vollständige Datei sieht wie folgt aus:
<?php
/** * SquirrelMail Change SQL Password Plugin * Copyright (C) 2001-2002 Tyler Akins * 2002 Thijs Kinkhorst <kink@users.sourceforge.net> * 2002-2005 Paul Lesneiwski <paul@openguild.net> * This program is licensed under GPL. See COPYING for details * * @package plugins * @subpackage Change SQL Password * */ // Global Variables, don't touch these unless you want to break the plugin // global $csp_dsn, $password_update_queries, $lookup_password_query, $force_change_password_check_query, $password_encryption, $csp_salt_query, $csp_salt_static, $csp_secure_port, $csp_non_standard_http_port, $csp_delimiter, $csp_debug, $min_password_length, $max_password_length, $include_digit_in_password, $include_uppercase_letter_in_password, $include_lowercase_letter_in_password, $include_nonalphanumeric_in_password; // csp_dsn // // Theoretically, any SQL database supported by Pear should be supported // here. The DSN (data source name) must contain the information needed // to connect to your database backend. A MySQL example is included below. // For more details about DSN syntax and list of supported database types, // please see: // http://pear.php.net/manual/en/package.database.db.intro-dsn.php // //$csp_dsn = 'mysql://user:password@localhost/email_users'; $csp_dsn = 'mysql://mail_admin:mail_admin_password@localhost/mail'; // lookup_password_query // // This plugin will always verify the user's old password // against their login password, but an extra check can also // be done against the database for more security if you // desire. If you do not need the extra password check, // make sure this setting is empty. // // This is a query that returns a positive value if a user // and password pair are found in the database. // // This query should return one value (one row, one column), the // value being ideally a one or a zero, simply indicating that // the user/password pair does in fact exist in the database. // // %1 in this query will be replaced with the full username // (including domain), such as "jose@example.com" // %2 in this query will be replaced with the username (without // any domain portion), such as "jose" // %3 in this query will be replaced with the domain name, // such as "example.com" // %4 in this query will be replaced with the current (old) // password in whatever encryption format is needed per other // plugin configuration settings (Note that the syntax of // the password will be provided depending on your encryption // choices, so you NEVER need to provide quotes around this // value in the query here.) // %5 in this query will be replaced with the current (old) // password in unencrypted plain text. If you do not use any // password encryption, %4 and %5 will be the same values, // except %4 will have double quotes around it and %5 will not. // //$lookup_password_query = ''; // TERRIBLE SECURITY: $lookup_password_query = 'SELECT count(*) FROM users WHERE username = "%1" AND plain_password = "%5"'; //$lookup_password_query = 'SELECT count(*) FROM users WHERE username = "%1" AND crypt_password = %4'; $lookup_password_query = 'SELECT count(*) FROM users WHERE email = "%1" AND password = %4'; // password_update_queries // // An array of SQL queries that will all be executed // whenever a password change attempt is made. // // Any number of queries may be included here. // The queries will be executed in the order given here. // // %1 in all queries will be replaced with the full username // (including domain), such as "jose@example.com" // %2 in all queries will be replaced with the username (without // any domain portion), such as "jose" // %3 in all queries will be replaced with the domain name, // such as "example.com" // %4 in all queries will be replaced with the new password // in whatever encryption format is needed per other // plugin configuration settings (Note that the syntax of // the password will be provided depending on your // encryption choices, so you NEVER need to provide quotes // around this value in the queries here.) // %5 in all queries will be replaced with the new password // in unencrypted plain text - BEWARE! If you do not use // any password encryption, %4 and %5 will be the same // values, except %4 will have double quotes around it // and %5 will not. // // $password_update_queries = array( // 'UPDATE users SET crypt_password = %4 WHERE username = "%1"', // 'UPDATE user_flags SET force_change_pwd = 0 WHERE username = "%1"', // 'UPDATE users SET crypt_password = %4, force_change_pwd = 0 WHERE username = "%1"', // ); $password_update_queries = array('UPDATE users SET password = %4 WHERE email = "%1"'); // force_change_password_check_query // // A query that checks for a flag that indicates if a user // should be forced to change their password. This query // should return one value (one row, one column) which is // zero if the user does NOT need to change their password, // or one if the user should be forced to change it now. // // This setting should be an empty string if you do not wish // to enable this functionality. // // %1 in this query will be replaced with the full username // (including domain), such as "jose@example.com" // %2 in this query will be replaced with the username (without // any domain portion), such as "jose" // %3 in this query will be replaced with the domain name, // such as "example.com" // //$force_change_password_check_query = 'SELECT IF(force_change_pwd = "yes", 1, 0) FROM users WHERE username = "%1"'; //$force_change_password_check_query = 'SELECT force_change_pwd FROM users WHERE username = "%1"'; $force_change_password_check_query = ''; // password_encryption // // What encryption method do you use to store passwords // in your database? Please use one of the following, // exactly as you see it: // // NONE Passwords are stored as plain text only // MYSQLPWD Passwords are stored using the MySQL password() function // MYSQLENCRYPT Passwords are stored using the MySQL encrypt() function // PHPCRYPT Passwords are stored using the PHP crypt() function // MD5CRYPT Passwords are stored using encrypted MD5 algorithm // MD5 Passwords are stored as MD5 hash // //$password_encryption = 'MYSQLPWD'; $password_encryption = 'MYSQLENCRYPT'; // csp_salt_query // csp_salt_static // // Encryption types that need a salt need to know where to get // that salt. If you have a constant, known salt value, you // should define it in $csp_salt_static. Otherwise, leave that // value empty and define a value for the $csp_salt_query. // // Leave both values empty if you do not need (or use) salts // to encrypt your passwords. // // The query should return one value (one row, one column) which // is the salt value for the current user's password. This // query is ignored if $csp_salt_static is anything but empty. // // %1 in this query will be replaced with the full username // (including domain), such as "jose@example.com" // %2 in this query will be replaced with the username (without // any domain portion), such as "jose" // %3 in this query will be replaced with the domain name, // such as "example.com" // //$csp_salt_static = 'LEFT(crypt_password, 2)'; //$csp_salt_static = '"a4"'; // use this format with MYSQLENCRYPT //$csp_salt_static = '$2$blowsomefish$'; // use this format with PHPCRYPT //$csp_salt_static = ''; $csp_salt_static = 'LEFT(password, 2)'; //$csp_salt_query = 'SELECT SUBSTRING_INDEX(crypt_password, '$', 1) FROM users WHERE username = "%1"'; //$csp_salt_query = 'SELECT SUBSTRING(crypt_password, (LENGTH(SUBSTRING_INDEX(crypt_password, '$', 2)) + 2)) FROM users WHERE username = "%1"'; //$csp_salt_query = 'SELECT salt FROM users WHERE username = "%1"'; //$csp_salt_query = ''; // csp_secure_port // // You may ensure that SSL encryption is used during password // change by setting this to the port that your HTTPS is served // on (443 is typical). Set to zero if you do not wish to force // an HTTPS connection when users are changing their passwords. // // You may override this value for certain domains, users, or // service levels through the Virtual Host Login (vlogin) plugin // by setting a value(s) for $vlogin_csp_secure_port in the vlogin // configuration. // $csp_secure_port = 0; //$csp_secure_port = 443; // csp_non_standard_http_port // // If you serve standard HTTP web requests on a non-standard // port (anything other than port 80), you should specify that // port number here. Set to zero otherwise. // // You may override this value for certain domains, users, or // service levels through the Virtual Host Login (vlogin) plugin // by setting a value(s) for $vlogin_csp_non_standard_http_port // in the vlogin configuration. // //$csp_non_standard_http_port = 8080; $csp_non_standard_http_port = 0; // min_password_length // max_password_length // include_digit_in_password // include_uppercase_letter_in_password // include_lowercase_letter_in_password // include_nonalphanumeric_in_password // // You can set the minimum and maximum password lengths that // you accept or leave those settings as zero to indicate that // no limit should be applied. // // Turn on any of the other settings here to check that the // new password contains at least one digit, upper case letter, // lower case letter and/or one non-alphanumeric character. // $min_password_length = 6; $max_password_length = 0; $include_digit_in_password = 0; $include_uppercase_letter_in_password = 0; $include_lowercase_letter_in_password = 0; $include_nonalphanumeric_in_password = 0; // csp_delimiter // // if your system has usernames with something other than // an "@" sign separating the user and domain portion, // specify that character here // //$csp_delimiter = '|'; $csp_delimiter = '@'; // debug mode // $csp_debug = 0; ?>
Nun müssen wir uns in die SquirrelMail Konfiguration begeben und SquirrelMail mitteilen, dass wir Courier als unseren POP3 und IMAP Server verwenden (wenn Du das nicht tust, wirst Du wahrscheinlich folgende Fehler sehen

ERROR: Could not complete request.
Query: CREATE "Sent"
Reason Given: Invalid mailbox name.

wenn Du Dich bei SquirrelMail anmeldest), den Change SQL Password Plugin aktivieren und die anderen Passwort Plugins deaktivieren:

/var/www/squirrelmail/conf/conf.pl

Du siehst folgendes Menü. Tippe D um den IMAP/POP3 Server zu ändern:

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages

D. Set pre-defined settings for specific IMAP servers


C Turn color off
S Save data
Q Quit

Command >> <-- D


SquirrelMail Configuration : Read: config.php
---------------------------------------------------------
While we have been building SquirrelMail, we have discovered some
preferences that work better with some servers that don't work so
well with others. If you select your IMAP server, this option will
set some pre-defined settings for that server.

Please note that you will still need to go through and make sure
everything is correct. This does not change everything. There are
only a few settings that this will change.

Please select your IMAP server:
bincimap = Binc IMAP server
courier = Courier IMAP server
cyrus = Cyrus IMAP server
dovecot = Dovecot Secure IMAP server
exchange = Microsoft Exchange IMAP server
hmailserver = hMailServer
macosx = Mac OS X Mailserver
mercury32 = Mercury/32
uw = University of Washington's IMAP server

quit = Do not change anything
Command >> <-- courier

imap_server_type = courier
default_folder_prefix = INBOX.
trash_folder = Trash
sent_folder = Sent
draft_folder = Drafts
show_prefix_option = false
default_sub_of_inbox = false
show_contain_subfolders_option = false
optional_delimiter = .
delete_folder = true

Press any key to continue... <-- press some key


SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages

D. Set pre-defined settings for specific IMAP servers


C Turn color off
S Save data
Q Quit

Command >> <-- 8


SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Plugins
Installed Plugins
1. delete_move_next
2. squirrelspell
3. newmail
4. filters
5. address_add
6. change_pass
7. quota_usage
8. change_ldappass
9. avelsieve
10. windows
11. folder_sizes
12. archive_mail
13. empty_folders

Available Plugins:
14. abook_import_export
15. abook_take
16. administrator
17. block_sender
18. bookmarks
19. bug_report
20. calendar
21. change_sqlpass
22. compatibility
23. demo
24. fortune
25. info
26. junkfolder
27. ldifimport
28. listcommands
29. login_image
30. mail_fetch
31. message_details
32. rewrap
33. secure_login
34. select_range
35. sent_subfolders
36. spam_buttons
37. spamassassin
38. spamcop
39. test
40. translate
41. username

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >> <-- 22 (oder die Nummer, die der Kompatibilitäts-Plugin hat - sie wird vom change_sqlpass Plugin benötigt)


SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Plugins
Installed Plugins
1. delete_move_next
2. squirrelspell
3. newmail
4. filters
5. address_add
6. change_pass
7. quota_usage
8. change_ldappass
9. avelsieve
10. windows
11. folder_sizes
12. archive_mail
13. empty_folders
14. compatibility

Available Plugins:
15. abook_import_export
16. abook_take
17. administrator
18. block_sender
19. bookmarks
20. bug_report
21. calendar
22. change_sqlpass
23. demo
24. fortune
25. info
26. junkfolder
27. ldifimport
28. listcommands
29. login_image
30. mail_fetch
31. message_details
32. rewrap
33. secure_login
34. select_range
35. sent_subfolders
36. spam_buttons
37. spamassassin
38. spamcop
39. test
40. translate
41. username

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >> <-- 22 (die Nummer des change_sqlpass Plugins)


SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Plugins
Installed Plugins
1. delete_move_next
2. squirrelspell
3. newmail
4. filters
5. address_add
6. change_pass
7. quota_usage
8. change_ldappass
9. avelsieve
10. windows
11. folder_sizes
12. archive_mail
13. empty_folders
14. compatibility
15. change_sqlpass

Available Plugins:
16. abook_import_export
17. abook_take
18. administrator
19. block_sender
20. bookmarks
21. bug_report
22. calendar
23. demo
24. fortune
25. info
26. junkfolder
27. ldifimport
28. listcommands
29. login_image
30. mail_fetch
31. message_details
32. rewrap
33. secure_login
34. select_range
35. sent_subfolders
36. spam_buttons
37. spamassassin
38. spamcop
39. test
40. translate
41. username

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >> <-- 6 (die Nummer des change_pass Plugins)


SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Plugins
Installed Plugins
1. delete_move_next
2. squirrelspell
3. newmail
4. filters
5. address_add
6. quota_usage
7. change_ldappass
8. avelsieve
9. windows
10. folder_sizes
11. archive_mail
12. empty_folders
13. compatibility
14. change_sqlpass

Available Plugins:
15. abook_import_export
16. abook_take
17. administrator
18. block_sender
19. bookmarks
20. bug_report
21. calendar
22. change_pass
23. demo
24. fortune
25. info
26. junkfolder
27. ldifimport
28. listcommands
29. login_image
30. mail_fetch
31. message_details
32. rewrap
33. secure_login
34. select_range
35. sent_subfolders
36. spam_buttons
37. spamassassin
38. spamcop
39. test
40. translate
41. username

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >> <-- 7 (die Nummer des change_ldappass Plugins)


SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Plugins
Installed Plugins
1. delete_move_next
2. squirrelspell
3. newmail
4. filters
5. address_add
6. quota_usage
7. avelsieve
8. windows
9. folder_sizes
10. archive_mail
11. empty_folders
12. compatibility
13. change_sqlpass

Available Plugins:
14. abook_import_export
15. abook_take
16. administrator
17. block_sender
18. bookmarks
19. bug_report
20. calendar
21. change_ldappass
22. change_pass
23. demo
24. fortune
25. info
26. junkfolder
27. ldifimport
28. listcommands
29. login_image
30. mail_fetch
31. message_details
32. rewrap
33. secure_login
34. select_range
35. sent_subfolders
36. spam_buttons
37. spamassassin
38. spamcop
39. test
40. translate
41. username

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >> <-- S


SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Plugins
Installed Plugins
1. delete_move_next
2. squirrelspell
3. newmail
4. filters
5. address_add
6. quota_usage
7. avelsieve
8. windows
9. folder_sizes
10. archive_mail
11. empty_folders
12. compatibility
13. change_sqlpass

Available Plugins:
14. abook_import_export
15. abook_take
16. administrator
17. block_sender
18. bookmarks
19. bug_report
20. calendar
21. change_ldappass
22. change_pass
23. demo
24. fortune
25. info
26. junkfolder
27. ldifimport
28. listcommands
29. login_image
30. mail_fetch
31. message_details
32. rewrap
33. secure_login
34. select_range
35. sent_subfolders
36. spam_buttons
37. spamassassin
38. spamcop
39. test
40. translate
41. username

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >> <-- Q

Nun kannst Du http://server1.example.com/squirrelmail oder http://192.168.0.100/squirrelmail in Deinen Browser eingeben um auf SquirrelMail zugreifen zu können.

Melde Dich mit Deiner E-Mail Adresse (z.B. sales@example.com) und Deinem Passwort an:


Du müsstest die Willkommens-Mail im Postfach sehen:



Um Dein Passwort zu ändern, gehe zu Options und wähle dann Change Password:


Gib Dein derzeitiges Passwort und dann Dein neues Passwort zweimal ein:


SquirrelMail wird Dir mitteilen, ob das Passwort erfolgreich geändert wurde:

16 Referenzen

Tutorial: ISP-style Email Service with Debian-Sarge and Postfix 2.1: http://workaround.org/articles/ispmail-sarge/
Postfix + Quota: http://vhcs.net/new/modules/newbb/viewtopic.php?topic_id=3496&forum=17
Mail Passwords Encrypted using saslauthd: http://www.syscp.de/docs/public/contrib/cryptedmailpws

17 Links

0 Kommentar(e)

Zum Posten von Kommentaren bitte