Recently installed a new QMAIL, following mostly Thibs Qmailrocks install guide. I didn’t followed literally Thibs good guide, cause in his guide in few of the sections like Install Vpopmail he recommends using MySQL as a Backend to store Vpopmail email data and passwords; I prefer storing all vpopmail data on the file system as I believe it is much better especially for tiny QMAIL mail servers with less than 500 mail box accounts.
In this little article I will explain, how I made Vpopmail courier-authlib and courier-imap play nice together without storing data in SQL backend.
1. Compile vpopmail with file system data storage support
So here is how I managed to make vpopmail + courier-authlib + courier-imap, work well together:
First its necessery to compile Vpopmailin store all its users data and mail data on file system. For this in Thibs Vpopmail Intsall step compiled Vpopmail without support for MySQL, e.g. instead of using his pointed compile time ./configure, arguments I used:
# cd /downloads/vpopmail-5.4.33
# ./configure \
--enable-qmaildir=/var/qmail/ \
--enable-qmail-newu=/var/qmail/bin/qmail-newu \
--enable-qmail-inject=/var/qmail/bin/qmail-inject \
--enable-qmail-newmrh=/var/qmail/bin/qmail-newmrh \
--enable-tcprules-prog=/usr/bin/tcprules \
--enable-tcpserver-file=/etc/tcp.smtp \
--enable-clear-passwd \
--enable-many-domains \
--enable-qmail-ext \
--enable-logging=y \
--enable-auth-logging \
--enable-libdir=/usr/lib/ \
--disable-roaming-users \
--disable-passwd \
--enable-domainquotas \
--enable-roaming-users
....
....
# make && make install-strip
# cat > ~vpopmail/etc/vusagec.conf < < __EOF__
Server:
Disable = True;
__EOF__
echo 'export PATH=$PATH:/var/qmail/bin/:/home/vpopmail/bin/' > /etc/profile.d/extrapath.sh
chmod +x /etc/profile.d/extrapath.sh
source /etc/profile
A tiny shell script with all above options to compile (qmail) vpopmail without MySQL / PostgreSQL support is here
For other steps concerning creation of vpopmail/vchkpw – user/group just follow as Thibs suggests.
2. Compile and install courier-authlib-0.59.1
I’ve made mirror of courier-authlib.0.59.1.tar.gz cause this version includes support for vchkpw without mysql, its a pity newer versions of courier-authlib not any more have support for vpopmail to store its data directly on the hard disk.
Then on downlaod, compile && install courier-authlib:
Download authlib courier-authlib.0.59.1.tar.gz – (I made mirror of courier-authlib.0.59.1.tar.gz you can use my mirror or download it somewhere else from the net):
# cd /usr/local/src
# wget -q https://www.pc-freak.net/files/courier-authlib.0.59.1.tar.gz
# tar -zxvvf courier-authlib.0.59.1.tar.gz
Compile courier-authlib
# ./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw --without-authldap --without-authmysql --disable-root-check --with-ssl --with-authchangepwdir=/usr/local/libexec/authlib
....
# make && make install && make install-strip && make install-configure
....
On Debian Squeeze, this version of courier-authlib compiles fine, on Debian Lenny I use it too and there it is okay.
Unless above commands returns a compile error authlib will be installed inside /usr/local/libexec. If you get any errors it is most likely due to some missing header files. The error should be self explanatory enough, but just in case you have troubles to find what deb is necessery to install, please check here the complete list of installed packages I have on the host . In case of problems the quickest way (if on Debian Squeeze) is to install same packages, type:
# wget -q https://www.pc-freak.net/files/list_of_all_deb_necessery_installed_packages_for_authlib.txt
# for i in $(cat list_of_all_deb_necessery_installed_packages_for_authlib.txt |awk '{ print $2 }'); do
apt-get install --yes $i;
done
This is for the lazy ones though it might install you some packs you don’t like to have on your host, so just install it in case you know what you’re doing 🙂
Next step is to set proper configuration for courier-authdaemon.
3. Configure courier-authlib in /usr/local/etc/authlib
Again for the lazy ones I have prepared a good config which is working 100% with vpopmail configured to store mails on the file system, to install the “good” configs, fetch mine and put them in proper location, e.g.:
# cd /usr/local/etc
# wget -q https://www.pc-freak.net/files/authlib-config-for-qmail-with-hdd-directory-stored-userdata.tar.gz
# tar -zxvvf authlib-config-for-qmail-with-hdd-directory-stored-userdata.tar.gz
....
For those who prefer not to use my configuration as pointed above, here is what you will need to change manually in configs:
Edit /usr/local/etc/authlib/authdaemonrc and make sure there variable authmodulelist and authmodulelist and daemons=5
equals to:
authmodulelist="authvchkpw"
authmodulelistorig="authuserdb authpgsql authldap authmysql authcustom authvchkpw authpipe"
daemons=10
Bear in mind here the setting daemons, will set how many maximum parallel connections should be possible to authdaemond on new IMAP fetch mail user requests. Setting it to 10 will allow your mail server to support up to 10 users to paralelly check your mail for a tiny mail server this setting is okay if you expect higher number of parallel mail users raise the setting to some setting fitting your needs.
P.S. On some qmail installations this value has created weird problems and took me hours to debug the whole mess is caused by this setting, make sure you plan it now unless you don’t to loose some time in future.
4. Stop debian courier-authdaemon and start custom compiled one
Now all is ready and authdaemond can be started, but before that if you have installed courier-authlib as a debian package you need to stop it via init script and only when completely sure old default Debian courier-authdaemon is stopped launch the new installed one:
# /etc/init.d/courier-authdaemon stop
# s ax |grep -i authdaemond |grep -v grep
#
# /usr/local/sbin/authdaemond start
#
To make the newly custom source installed courier-authdaemon to load itself on system boot instead of the debian installed package
# dpkg -l |grep -i courier-authdaemon
ii courier-authdaemon 0.63.0-3 Courier authentication daemon
open /etc/init.d/courier-authdaemond, after line:
. /lib/lsb/init-functions
add
/usr/local/sbin/authdaemond start
exit 0
This will make the script exit once launches cmd /usr/local/sbin/authdaemond start
5. Compile and Install courier-imap
You will also have to install from courier-imap archive source, I have tested it and know Qmail + Vpopmail + Courier-Imap works for sure with version courier-imap-4.1.2.tar.bz2
As of time of writing this post courier-imap-4.11.0.tar.bz2 is the latest available for download from Courier-imap download site unfortunately this version requires higher version of >= courier-authlib-0.63
In order install courier-imap-4.1.2.tar.bz2
# cd /usr/local/src
# wget -q https://www.pc-freak.net/files/courier-imap-4.1.2.tar.bz2
# tar -jxvvf courier-imap-4.1.2.tar.bz2
...
# chown -R hipo:hipo courier-imap-4.1.2
# su hipo
$ cd courier-imap-4.1.2/
$ export CFLAGS="-DHAVE_OPEN_SMTP_RELAY -DHAVE_VLOGAUTH"
$ export COURIERAUTHCONFIG=/usr/local/bin/courierauthconfig
$ export CPPFLAGS=-I/usr/local/courier-authlib/include
$ ./configure --prefix=/usr/local/courier-imap --disable-root-check
...
$ exit
# make
...
# make install
...
# make install configure
It is recommended courier-imap to be compiled with non root username. In above code I use my username hipo, other people have to use any non-root user.
6. Set proper configuration and new init script for courier-imap
In /usr/lib/courier-imap, download following working configs (for convenience I’ve made tar with my configs):
# cd /usr/lib/courier-imap
# rm -rf etc
# wget -q https://www.pc-freak.net/files/courier-imap-config-etc.tar.gz
Then you will have to overwrite default courier-imap init script in /etc/init.d/courier-imap with another one to start the custom compiled one instead of debian default installed courier-imap
# mv /etc/init.d/courier-imap /root
# cd /etc/init.d
# wget -q https://www.pc-freak.net/files/debian-courier-imap
# mv debian-courier-imap courier-imap
# chmod +x courier-imap
This init script is written use /var/lock/subsys/courier-imap, so you will have to also create /var/lock/subsys/
# mkdir -p /var/lock/subsys
7. Start custom installed courier-imap
The start/stop init script of newly installed courier-imap is /usr/lib/courier-imap/libexec/imapd.rc
/usr/lib/courier-imap/libexec/imapd.rc start
Since a new /etc/init.dcourier-imap is installed too, it can be also used to control courier-imap start/stop.
Well thats should be enough for Courier-authlib and Courier-Authlib to communicate fine between each other and be able to connect and fetch e-mail stored in file system by vpopmail.
8. Test if Qmail IMAP proto finally works
# telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE AUTH=CRAM-MD5 ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2011 Double Precision, Inc. See COPYING for distribution information.
a login username@mail-domain.com my-username-password
a OK LOGIN Ok.
a LIST "" "*"
* LIST (\HasNoChildren) "." "INBOX.Sent"
* LIST (\Marked \HasChildren) "." "INBOX"
* LIST (\HasNoChildren) "." "INBOX.Drafts"
* LIST (\HasNoChildren) "." "INBOX.Trash"
a OK LIST completed
a EXAMINE Inbox
* FLAGS (\Draft \Answered \Flagged \Deleted \Seen \Recent)
* OK [PERMANENTFLAGS ()] No permanent flags permitted
* 6683 EXISTS
* 471 RECENT
* OK [UIDVALIDITY 1272460837] Ok
* OK [MYRIGHTS "acdilrsw"] ACL
a OK [READ-ONLY] Ok
* 1 FETCH (BODY[] {2619}
Return-Path:
Delivered-To: hipo@my-domain-name.com
Received: (qmail 22304 invoked by uid 1048); 24 Apr 2012 14:49:49 -0000
Received: from unknown (HELO localhost) (127.0.0.1)
by mail.my-domain-name.com with SMTP; 24 Apr 2012 14:49:49 -0000
Delivered-To: hipo@my-domain-name.com
Received: from localhost [127.0.0.1]
......
......
That’s all it works. Enjoy 🙂