Fwd: [docteam-commits] [Branch ~ubuntu-core-doc/ubuntu-doc/ubuntu-hardy]
Jonathan Jesse
jjesse at iserv.net
Sun Nov 11 11:55:14 UTC 2007
On Saturday 10 November 2007 18:23:44 Matthew East wrote:
> I don't understand this revision: it adds a new directory and an
> orphaned chapter in generic/server/c/mail.xml which isn't part of a
> full document.
>
> Perhaps there was meant to be an amendment to
> generic/server/C/mail.xml, which already exists?
>
> It's very important to check patches before applying them... and to
> validate documents when editing them.
>
> ---------- Forwarded message ----------
> From: noreply at launchpad.net <noreply at launchpad.net>
> Date: 10 Nov 2007 12:07
> Subject: [docteam-commits] [Branch
> ~ubuntu-core-doc/ubuntu-doc/ubuntu-hardy] To:
> ubuntu-doc-commits at lists.ubuntu.com
>
>
> ------------------------------------------------------------
> revno: 3626
> committer: Jonathan Jesse <jjesse at iserv.net>
> branch nick: ubuntu-hardy
> timestamp: Sat 2007-11-10 07:04:04 -0500
> message:
> adding adam's patch
> added:
> generic/server/c/
> generic/server/c/mail.xml
>
> === added directory 'generic/server/c'
> === added file 'generic/server/c/mail.xml'
> --- a/generic/server/c/mail.xml 1970-01-01 00:00:00 +0000
> +++ b/generic/server/c/mail.xml 2007-11-10 12:04:04 +0000
> @@ -0,0 +1,1107 @@
> +<?xml version="1.0" encoding="UTF-8"?>
> +<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
> + "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
> +<!ENTITY % globalent SYSTEM "../../../libs/global.ent">
> +%globalent;
> +<!ENTITY % genericent SYSTEM "../../libs/generic.ent">
> +%genericent;
> +<!ENTITY % cdo-C SYSTEM "../../../libs/cdo-C.ent">
> +%cdo-C;
> +<!ENTITY % gnome-menus-C SYSTEM "../../../ubuntu/libs/gnome-menus-C.ent">
> +%gnome-menus-C;
> +<!ENTITY % xinclude SYSTEM "../../../libs/xinclude.mod">
> +%xinclude;
> +<!ENTITY language "&EnglishAmerican;">
> +]>
> + <chapter id="email-services" status="complete">
> + <title>Email Services</title>
> + <para>
> + The process of getting an email from one person to
> another over a network or
> + the Internet involves many systems working
> together. Each of these systems
> + must be correctly configured for the process
> to work. The sender uses a <emphasis>Mail
> + User Agent</emphasis> (MUA), or email client,
> to send the message through one or more
> + <emphasis>Mail Transfer Agents</emphasis>
> (MTA), the last of which will hand it off to a
> <emphasis>Mail Delivery Agent</emphasis> (MDA) for delivery to
> the
> + recipient's mailbox, from which it
> + will be retrieved by the recipient's email
> client, usually via a POP3 or IMAP server.
> + </para>
> + <sect1 id="postfix" status="complete">
> + <title>Postfix</title>
> + <para>
> + <application>Postfix</application> is the default Mail
> Transfer Agent (MTA) in Ubuntu. It
> + attempts to be fast and easy to administer and secure. It is
> + compatible with the MTA
> <application>sendmail</application>. This section explains how
> + to install and configure
> <application>postfix</application>. It also explains how to
> + set it up as an SMTP server using a secure connection
> (for sending emails securely).
> + </para>
> + <sect2 id="postfix-installation" status="complete">
> + <title>Installation</title>
> + <para>
> + To install <application>postfix</application> run the
> following command:
> + </para>
> +<screen>
> +<command>sudo apt-get install postfix</command>
> +</screen>
> + <para>
> + Simply press return when the installation process asks
> questions, the configuration will be done in greater detail in the
> next stage.
> + </para>
> + </sect2>
> + <sect2 id="postfix-configuration" status="complete">
> + <title>Basic Configuration</title>
> + <para>
> + To configure <application>postfix</application>, run the
> following command:
> + </para>
> +<screen>
> +<command>sudo dpkg-reconfigure postfix</command>
> +</screen>
> + <para>
> + The user interface will be displayed. On each screen,
> select the following
> + values:
> + <itemizedlist spacing="compact">
> + <listitem><para>Ok</para></listitem>
> + <listitem><para>Internet Site</para></listitem>
> + <listitem><para>NONE</para></listitem>
> + <listitem><para>mail.example.com</para></listitem>
> + <listitem><para>mail.example.com, localhost.localdomain,
> localhost</para></listitem>
> + <listitem><para>No</para></listitem>
> + <listitem><para>127.0.0.0/8</para></listitem>
> + <listitem><para>Yes</para></listitem>
> + <listitem><para>0</para></listitem>
> + <listitem><para>+</para></listitem>
> + <listitem><para>all</para></listitem>
> + </itemizedlist>
> + </para>
> + <note>
> + <para>
> + Replace mail.example.com with your mail server hostname.
> + </para>
> + </note>
> + <para>
> + Now is a good time to decide which mailbox format you
> want to use. By default
> + Postifx will use <emphasis role="strong">mbox</emphasis>
> for the mailbox format.
> + Rather than editing the configuration file directly,
> + you can use the <command>postconf</command> command to
> configure + all <application>postfix</application> parameters.
> The + configuration parameters will be stored in
> + <filename>/etc/postfix/main.cf</filename> file. Later if you
> + wish to re-configure a particular parameter, you can either
> + run the command or change it manually in the file.
> + </para>
> + <para>
> + To configure the mailbox format for <emphasis
> role="strong">Maildir:</emphasis>
> + </para>
> +<screen>
> +<command>sudo postconf -e 'home_mailbox = Maildir/'</command>
> +</screen>
> + <note>
> + <para>
> + This will place new mail in /home/<emphasis
> role="italic">username</emphasis>/Maildir so
> + you will need to configure your Mail Delivery Agent (MDA)
> to use the same path.
> + </para>
> + </note>
> + </sect2>
> + <sect2 id="postfix-smtp-authentication" status="complete">
> + <title>SMTP Authentication</title>
> + <para>
> + SMTP-AUTH allows a client to identify itself through an
> authentication mechanism (SASL).
> + Transport Layer Security (TLS) should be used to encrypt
> the authentication process.
> + Once authenticated the SMTP server will allow the client
> to relay mail.
> + </para>
> + <procedure>
> + <step>
> + <para>
> + Configure Postfix for SMTP-AUTH using SASL (Dovecot
> SASL): + </para>
> +<screen>
> +sudo postconf -e 'smtpd_sasl_type = dovecot'
> +sudo postconf -e 'smtpd_sasl_path = private/auth-client'
> +sudo postconf -e 'smtpd_sasl_local_domain ='
> +sudo postconf -e 'smtpd_sasl_security_options = noanonymous'
> +sudo postconf -e 'broken_sasl_auth_clients = yes'
> +sudo postconf -e 'smtpd_sasl_auth_enable = yes'
> +sudo postconf -e 'smtpd_recipient_restrictions =
> permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
> +sudo postconf -e 'inet_interfaces = all'
> +</screen>
> + <note>
> + <para>
> + The <emphasis>smtpd_sasl_path</emphasis> configuration
> is a path relative to the Postfix queue directory.
> + </para>
> + </note>
> + </step>
> + <step>
> + <para>
> + Next, configure the digital certificate for TLS. When
> asked questions, follow
> + the instructions and answer appropriately:
> + </para>
> +<screen>
> +openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
> +chmod 600 smtpd.key
> +openssl req -new -key smtpd.key -out smtpd.csr
> +openssl x509 -req -days 365 -in smtpd.csr -signkey smtpd.key -out
> smtpd.crt +openssl rsa -in smtpd.key -out smtpd.key.unencrypted
> +mv -f smtpd.key.unencrypted smtpd.key
> +openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out
> cacert.pem -days 3650
> +sudo mv smtpd.key /etc/ssl/private/
> +sudo mv smtpd.crt /etc/ssl/certs/
> +sudo mv cakey.pem /etc/ssl/private/
> +sudo mv cacert.pem /etc/ssl/certs/
> +</screen>
> + <note>
> + <para>
> + You can get the digital certificate from a
> certificate authority. Alternatively, you
> + can create the certificate yourself. Refer to
> + <ulink
> url="./web-servers.xml#creating-a-self-signed-certificate">Creating
> + a self Signed Certification</ulink> sub-section for more
> + details.
> + </para>
> + </note>
> + </step>
> + <step>
> + <para>
> + Configure Postfix to provide TLS encryption for both
> incoming and outgoing mail:
> + </para>
> +<screen>
> +sudo postconf -e 'smtpd_tls_auth_only = no'
> +sudo postconf -e 'smtp_use_tls = yes'
> +sudo postconf -e 'smtpd_use_tls = yes'
> +sudo postconf -e 'smtp_tls_note_starttls_offer = yes'
> +sudo postconf -e 'smtpd_tls_key_file = /etc/ssl/private/smtpd.key'
> +sudo postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt'
> +sudo postconf -e 'smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem'
> +sudo postconf -e 'smtpd_tls_loglevel = 1'
> +sudo postconf -e 'smtpd_tls_received_header = yes'
> +sudo postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
> +sudo postconf -e 'tls_random_source = dev:/dev/urandom'
> +sudo postconf -e 'myhostname = mail.example.com'
> +</screen>
> + </step>
> + </procedure>
> + <note>
> + <para>
> + After running all the commands,
> <application>Postfix</application> is configured for SMTP-AUTH
> + and a self-signed cerficiate has been created for TLS
> encryption. + </para>
> + </note>
> + <para>
> + Now, the file <filename>/etc/postfix/main.cf</filename>
> + should look like <ulink
> url="../sample/postfix_configuration">this</ulink>.
> + </para>
> + <para>
> + The postfix initial configuration is complete. Run
> + the following command to start the postfix daemon:
> + </para>
> +<screen>
> +<command>sudo /etc/init.d/postfix start</command>
> +</screen>
> + <para>
> + <application>Postfix</application> supports SMTP-AUTH as
> defined in + <ulink
> + url="ftp://ftp.isi.edu/in-notes/rfc2554.txt">RFC2554</ulink>.
> + It is based on <ulink
> + url="ftp://ftp.isi.edu/in-notes/rfc2222.txt">SASL</ulink>.
> However it is still necessary
> + to set up SASL authentication before you can use SMTP-AUTH.
> + </para>
> + </sect2>
> + <sect2 id="sasl">
> + <title>Configuring SASL</title>
> + <para>
> + Postfix supports two SASL implementations Cyrus SASL and
> Dovecot SASL. To enable Dovecot SASL
> + the <application>dovecot-common</application> package will
> need to be installed. From a terminal prompt
> + enter the following:
> + </para>
> +<screen>
> +<command>sudo apt-get install dovecot-common</command>
> +</screen>
> + <para>
> + Next you will need to edit
> <filename>/etc/dovecot/dovecot.conf</filename>. In the <emphasis>auth
> default</emphasis>
> + section uncomment the <emphasis>socket listen</emphasis>
> option and change the following:
> + </para>
> +<programlisting>
> + socket listen {
> + #master {
> + # Master socket provides access to userdb information. It's
> typically + # used to give Dovecot's local delivery agent access to
> userdb so it + # can find mailbox locations.
> + #path = /var/run/dovecot/auth-master
> + #mode = 0600
> + # Default user/group is the one who started dovecot-auth (root)
> + #user =
> + #group =
> + #}
> + client {
> + # The client socket is generally safe to export to everyone. Typical
> use + # is to export it to your SMTP server so it can do SMTP AUTH
> lookups + # using it.
> + path = /var/spool/postfix/private/auth-client
> + mode = 0660
> + user = postfix
> + group = postfix
> + }
> + }
> +</programlisting>
> + <para>
> + Once you have <application>Dovecot</application>
> configured start it with:
> + </para>
> +<screen>
> +<command>sudo /etc/init.d/dovecot start</command>
> +</screen>
> + </sect2>
> + <sect2 id="postfix-testing" status="complete">
> + <title>Testing</title>
> + <para>
> + SMTP-AUTH configuration is complete. Now it is time to
> test the setup.
> + </para>
> + <para>
> + To see if SMTP-AUTH and TLS work properly, run the following
> + command:
> + </para>
> +<screen>
> +<command>telnet mail.example.com 25</command>
> +</screen>
> + <para>
> + After you have established the connection to the postfix mail
> + server, type:
> + </para>
> +<screen>
> +ehlo mail.example.com
> +</screen>
> + <para>
> + If you see the following lines among others, then everything
> + is working perfectly. Type <command>quit</command> to exit.
> + </para>
> +<programlisting>
> +250-STARTTLS
> +250-AUTH LOGIN PLAIN
> +250-AUTH=LOGIN PLAIN
> +250 8BITMIME
> +</programlisting>
> + </sect2>
> +
> + <sect2 id="postfix-troubleshooting">
> + <title>Troubleshooting</title>
> + <para>
> + This section introduces some common ways to determine the
> cause if problems arise.
> + </para>
> + <sect3 id="postfix-chroot">
> + <title>Escaping chroot</title>
> + <para>
> + The Ubuntu <application>postfix</application> package will
> by default install into a <emphasis>chroot</emphasis>
> + environment for security reasons. This can add greater
> complexity when troubleshooting problems.
> + </para>
> + <para>
> + To turn off the chroot operation locate for the following line
> in the + <filename>/etc/postfix/master.cf</filename> configuration
> file: + </para>
> +<screen>
> +smtp inet n - - - - smtpd
> +</screen>
> + <para>
> + and modify it as follows:
> + </para>
> +<screen>
> +smtp inet n - n - - smtpd
> +</screen>
> + <para>
> + You will then need to restart Postfix to use the new
> configuration. From a terminal prompt enter:
> + </para>
> +<screen>
> +<command>sudo /etc/init.d/postfix restart</command>
> +</screen>
> + </sect3>
> + <sect3 id="postfix-logs">
> + <title>Log Files</title>
> + <para>
> + <application>Postfix</application> sends all log messages to
> <filename>/var/log/mail.log</filename>.
> + However error and warning messages can sometimes get lost in
> the normal log output so they are also logged to
> + <filename>/var/log/mail.err</filename> and
> <filename>/var/log/mail.warn</filename> respectivley.
> + </para>
> + <para>
> + To see messages entered into the logs in real time you can
> use the <application>tail -f</application>
> + command:
> + </para>
> +<screen>
> +<command>tail -f /var/log/mail.err</command>
> +</screen>
> + <para>
> + The amount of detail that is recorded in the logs can be
> increased. Below are some configuration options for increasing the
> log level
> + for some of the areas covered above.
> + </para>
> + <itemizedlist spacing="compact">
> + <listitem>
> + <para>
> + To increase <emphasis>TLS</emphasis> activity logging set
> the <emphasis>smtpd_tls_loglevel</emphasis> option to a value from 1
> to 4.
> + </para>
> +<screen>
> +<command>sudo postconf -e 'smtpd_tls_loglevel = 4'</command>
> +</screen>
> + </listitem>
> + <listitem>
> + <para>
> + If you are having trouble sending or receiving mail from a
> specific domain you can add the domain to the
> <emphasis>debug_peer_list</emphasis>
> + parameter.
> + </para>
> +<screen>
> +<command>sudo postconf -e 'debug_peer_list = problem.domain'</command>
> +</screen>
> + </listitem>
> + <listitem>
> + <para>
> + You can increase the verbosity of any
> <application>Postfix</application> daemon process by editing the
> <filename>/etc/postfix/master.cf</filename>
> + and adding a <emphasis>-v</emphasis> after the entry. For
> example edit the <emphasis>smtp</emphasis> entry:
> + </para>
> +<programlisting>
> +smtp unix - - - - - smtp -v
> +</programlisting>
> + </listitem>
> + </itemizedlist>
> + <note>
> + <para>
> + It is important to note that after making one of the logging
> changes above the <application>Postfix</application> process will need
> to be reloaded
> + in order to recognize the new configuration: <command>sudo
> /etc/init.d/postfix reload</command>
> + </para>
> + </note>
> + <itemizedlist spacing="compact">
> + <listitem>
> + <para>
> + To increase the amount of information logged when
> troubleshooting <emphasis>SASL</emphasis> issues you can set the
> following options in
> + <filename>/etc/dovecot/dovecot.conf</filename>
> + </para>
> +<programlisting>
> +auth_debug=yes
> +auth_debug_passwords=yes
> +</programlisting>
> + </listitem>
> + </itemizedlist>
> + <note>
> + <para>
> + Just like <application>Postfix</application> if you change a
> <application>Dovecot</application> configuration the process will need
> to be
> + reloaded: <command>sudo /etc/init.d/dovecot reload</command>.
> + </para>
> + </note>
> + <note>
> + <para>
> + Some of the options above can drastically increase the
> amount of information sent to the log files. Remember to return the
> log level
> + back to normal after you have corrected the problem. Then
> reload the appropriate daemon for the new configuration to take
> affect.
> + </para>
> + </note>
> + </sect3>
> + <sect3 id="postfix-help">
> + <title>Where to get Help</title>
> + <para>
> + Administering a <application>Postfix</application> server
> can be a very complicated task. At some point you may
> + need to turn to the Ubuntu community for more experienced help.
> + </para>
> + <para>
> + A great place to ask for <application>Postfix</application>
> assistance, and get involved with the Ubuntu Server community,
> + is the <emphasis>#ubuntu-server</emphasis> IRC channel on
> <ulink url="http://freenode.net">freenode</ulink>. You
> + can also post a message to one of the <ulink
> url="http://www.ubuntu.com/support/community/webforums">Web
> Forums</ulink>.
> + </para>
> + <para>
> + For in depth <application>Postfix</application> information
> Ubuntu developers highly recommend:
> + <ulink url="http://www.postfix-book.com/">The Book of
> Postfix</ulink>. + </para>
> + <para>
> + Finally, the <ulink
> url="http://www.postfix.org/documentation.html">Postfix</ulink>
> website also has great documentaion on all
> + the different configuration options available.
> + </para>
> + </sect3>
> + </sect2>
> + </sect1>
> +
> + <sect1 id="exim4" status="complete">
> + <title>Exim4</title>
> + <para>
> + <application>Exim4</application> is another Message Transfer
> + Agent (MTA) developed at the University of Cambridge for use
> + on Unix systems connected to the internet. Exim can be
> + installed in place of <application>sendmail</application>,
> + although the configuration of
> + <application>exim</application> is quite different to
> + that of <application>sendmail</application>.
> + </para>
> + <sect2 id="exim4-installation" status="complete">
> + <title>Installation</title>
> + <para>
> + To install <application>exim4</application>, run the
> following command:
> +<screen>
> +<command>sudo apt-get install exim4</command>
> +</screen>
> + </para>
> + </sect2>
> + <sect2 id="exim4-configuration" status="complete">
> + <title>Configuration</title>
> + <para>
> + To configure <application>exim4</application>, run the
> following command:
> + </para>
> +<screen>
> +<command>sudo dpkg-reconfigure exim4-config</command>
> +</screen>
> + <para>
> + The user interface will be displayed. The user interface
> + lets you configure many parameters. For example, In
> + <application>exim4</application> the configuration files are
> + split among multiple files. If you wish to have them in one
> + file you can configure accordingly in this user interface.
> + </para>
> +
> + <para>
> + All the parameters you configure in the user interface are
> + stored in
> + <filename>/etc/exim4/update-exim4.conf.conf</filename> file.
> + If you wish to re-configure, either you re-run the
> + configuration wizard or manually edit this file
> + using your favourite editor. Once you configure, you can run
> + the following command to generate the master configuration
> + file:
> + </para>
> +<screen>
> +<command>sudo update-exim4.conf</command>
> +</screen>
> + <para>
> + The master configuration file, is generated and
> + it is stored in
> + <filename>/var/lib/exim4/config.autogenerated</filename>.
> + </para>
> + <warning>
> + <para>
> + At any time, you should not edit the master configuration
> + file,
> + <filename>/var/lib/exim4/config.autogenerated</filename>
> + manually. It is updated automatically every time you run
> + <command>update-exim4.conf</command>
> + </para>
> + </warning>
> + <para>
> + You can run the following command to start
> + <application>exim4</application> daemon.
> + </para>
> +<screen>
> +<command>sudo /etc/init.d/exim4 start</command>
> +</screen>
> + </sect2>
> + <sect2>
> + <title>SMTP Authentication</title>
> + <para>
> + In this section we'll configure Exim4 to use SMTP-AUTH using
> TLS and SASL.
> + </para>
> + <para>
> + The first step is to create a certificate for use with TLS.
> Enter the following into a terminal prompt:
> + </para>
> +<screen>
> +<command>sudo /usr/share/doc/exim4-base/examples/exim-gencert</command>
> +</screen>
> + <para>
> + Now Exim4 needs to be configured for TLS by editing
> <filename>/etc/exim4/conf.d/main/03_exim4-config_tlsoptions</filename>
> + add the following:
> + </para>
> +<programlisting>
> +MAIN_TLS_ENABLE = yes
> +</programlisting>
> + <para>
> + Next you need to configure <application>Exim4</application>
> to use the <application>saslauthd</application>
> + for authentication. Edit
> <filename>/etc/exim4/conf.d/auth/30_exim4-config_examples</filename>
> and uncomment
> + the <emphasis>plain_saslauthd_server</emphasis> and
> <emphasis>login_saslauthd_server</emphasis> sections:
> + </para>
> +<programlisting>
> + plain_saslauthd_server:
> + driver = plaintext
> + public_name = PLAIN
> + server_condition = ${if saslauthd{{$auth2}{$auth3}}{1}{0}}
> + server_set_id = $auth2
> + server_prompts = :
> + .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
> + server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
> + .endif
> +#
> + login_saslauthd_server:
> + driver = plaintext
> + public_name = LOGIN
> + server_prompts = "Username:: : Password::"
> + # don't send system passwords over unencrypted connections
> + server_condition = ${if saslauthd{{$auth1}{$auth2}}{1}{0}}
> + server_set_id = $auth1
> + .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
> + server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
> + .endif
> +</programlisting>
> + <para>
> + Finally, update the Exim4 configuration and restart the service:
> + </para>
> +<screen>
> +<command>sudo update-exim4.conf</command>
> +<command>sudo /etc/init.d/exim4 restart</command>
> +</screen>
> + </sect2>
> + <sect2>
> + <title>Configuring SASL</title>
> + <para>
> + This section provides details on configuring the saslauthd
> to provide authentication for <application>Exim4</application>.
> + </para>
> + <para>
> + The first step is to install the sasl2-bin package. From a
> terminal prompt enter the following:
> + </para>
> +<screen>
> +<command>sudo apt-get install sasl2-bin</command>
> +</screen>
> + <para>
> + To configure saslauthd edit the /etc/default/saslauthd
> configuration file and set START=no to:
> + </para>
> +<programlisting>
> +START=yes
> +</programlisting>
> + <para>
> + Next the <emphasis>Debian-exim</emphasis> user needs to be
> part of the <emphasis>sasl</emphasis> group in
> + order for Exim4 to use the saslauthd service:
> + </para>
> +<screen>
> +<command>sudo adduser Debian-exim sasl</command>
> +</screen>
> + <para>
> + Now start the <application>saslauthd</application> service:
> + </para>
> +<screen>
> +<command>sudo /etc/init.d/saslauthd start</command>
> +</screen>
> + <para>
> + <application>Exim4</application> is now configured with
> SMTP-AUTH using TLS and SASL authentication.
> + </para>
> + </sect2>
> + </sect1>
> + <sect1 id="dovecot-server" status="complete">
> + <title>Dovecot Server</title>
> + <para>
> + <application>Dovecot</application> is a Mail Delivery
> Agent, written with security
> + primarily in mind. It supports the major mailbox formats: mbox
> + or Maildir. This section explain how to set it up as an imap or
> + pop3 server.
> + </para>
> + <sect2 id="dovecot-installation" status="complete">
> + <title>Installation</title>
> + <para>
> + To install <application>dovecot</application>, run the
> following command in the
> + command prompt:
> + </para>
> +<screen>
> +<command>sudo apt-get install dovecot-common dovecot-imapd
> dovecot-pop3d</command>
> +</screen>
> + </sect2>
> + <sect2 id="dovecot-configuration" status="complete">
> + <title>Configuration</title>
> + <para>
> + To configure <application>dovecot</application>, you can
> edit the file
> + <filename>/etc/dovecot/dovecot.conf</filename>. You can
> + choose the protocol you use. It could be pop3, pop3s (pop3
> + secure), imap and imaps (imap secure). A description of
> these protocols is beyond the scope of this guide. For further
> information, refer to the wikipedia articles on <ulink
> + url="http://en.wikipedia.org/wiki/POP3">POP3</ulink> and
> + <ulink
> +
> url="http://en.wikipedia.org/wiki/Internet_Message_Access_Protocol">IMAP</u
>link>. + </para>
> +
> + <para>
> + IMAPS and POP3S are more secure that the simple IMAP and
> + POP3 because they use SSL encryption to connect. Once you
> + have chosen the protocol, amend the following line in the file
> + <filename>/etc/dovecot/dovecot.conf</filename>:
> + </para>
> +<programlisting>
> +protocols = pop3 pop3s imap imaps
> +</programlisting>
> + <para>
> + It enables the protocols when
> <application>dovecot</application> is started. Next, add the following
> line in the pop3 section of the file
> <filename>/etc/dovecot/dovecot.conf</filename>:
> + </para>
> +<programlisting>
> +pop3_uidl_format = %08Xu%08Xv
> +</programlisting>
> + <para>
> + Next, choose the mailbox you use.
> <application>Dovecot</application> supports
> + <emphasis role="strong">maildir</emphasis> and <emphasis
> + role="strong">mbox</emphasis> formats. These are the most
> + commonly used mailbox formats. They both have their own
> + benefits and they are discussed on <ulink
> + url="http://wiki.dovecot.org/MailboxFormat">the dovecot
> website</ulink>.
> + </para>
> + <para>
> + Once you have chosen your mailbox type, edit the file
> + <filename>/etc/dovecot/dovecot.conf</filename> and change
> + the following line:
> + </para>
> +<programlisting>
> +mail_location = maildir:~/Maildir # (for maildir)
> +or
> +mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u # (for mbox)
> +</programlisting>
> + <note>
> + <para>
> + You should configure your Mail Transport Agent (MTA) to transfer
> the + incoming mail to this type of mailbox if it is different from
> the one + you have configured.
> + </para>
> + </note>
> + <para>
> + Once you have configured dovecot, start the
> <application>dovecot</application> daemon
> + in order to test your setup:
> + </para>
> + <screen><command>sudo /etc/init.d/dovecot
> start</command></screen> + <para>
> + If you have enabled imap, or pop3, you can also try to log in
> + with the commands <command>telnet localhost pop3</command> or
> + <command>telnet localhost imap2</command>. If you see
> + something like the following, the installation has been
> + successful:
> + </para>
> +<programlisting>
> +bhuvan at rainbow:~$ telnet localhost pop3
> +Trying 127.0.0.1...
> +Connected to localhost.localdomain.
> +Escape character is '^]'.
> ++OK Dovecot ready.
> +</programlisting>
> + </sect2>
> + <sect2 id="dovecot-ssl" status="complete">
> + <title>Dovecot SSL Configuration</title>
> + <para>
> + To configure <application>dovecot</application> to use
> SSL, you can edit the file
> + <filename>/etc/dovecot/dovecot.conf</filename> and amend
> + following lines:
> + </para>
> +<programlisting>
> +ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
> +ssl_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
> +ssl_disable = no
> +disable_plaintext_auth = no
> +</programlisting>
> + <para>
> + You can get the SSL certificate from a Certificate Issuing
> + Authority or you can create self signed SSL certificate. Please
> + refer to <xref linkend="creating-a-self-signed-certificate"/>
> + for details about how to create self signed SSL certificate.
> Once + you create the certificate, you will have a key file and a
> + certificate file. Please copy them to the location pointed +
> in the <filename>/etc/dovecot/dovecot.conf</filename>
> + configuration file.
> + </para>
> + </sect2>
> + <sect2>
> + <title>Firewall Configuration for an Email Server</title>
> + <para>
> + To access your mail server from another computer, you must
> + configure your firewall to allow connections to the server on
> + the necessary ports.
> + <itemizedlist>
> + <listitem><para>IMAP - 143</para></listitem>
> + <listitem><para>IMAPS - 993</para></listitem>
> + <listitem><para>POP3 - 110</para></listitem>
> + <listitem><para>POP3S - 995</para></listitem>
> + </itemizedlist>
> + </para>
> + </sect2>
> + </sect1>
> + <sect1 id="mailman" status="complete">
> + <title>Mailman</title>
> + <para>
> + Mailman is an open source program for managing electronic mail
> + discussions and e-newsletter lists. Many open source mailing
> + lists (including all the <ulink
> + url="http://lists.ubuntu.com">Ubuntu mailing lists</ulink>) use
> + Mailman as their mailing list software. It is powerful and easy
> + to install and maintain.
> + </para>
> + <sect2 id="mailman-installation" status="complete">
> + <title>Installation</title>
> + <para>
> + Mailman provides a web interface for the administrators
> + and users. So, it requires Apache with mod_perl support.
> + Mailman uses an external mail server to send and receive
> + emails. It works perfectly with the following mail servers:
> + </para>
> + <para>
> + <itemizedlist spacing="compact">
> + <listitem>
> + <para><application>Postfix</application></para>
> + </listitem>
> + <listitem>
> + <para><application>Exim</application></para>
> + </listitem>
> + <listitem>
> + <para><application>Sendmail</application></para>
> + </listitem>
> + <listitem>
> + <para><application>Qmail</application></para>
> + </listitem>
> + </itemizedlist>
> + </para>
> +
> + <para>
> + We will see how to install and configure Mailman with,
> the Apache web server,
> + and either the Postfix or Exim mail server. If you wish
> to install Mailman
> + with a different mail server, please refer to the references
> + section.
> + </para>
> + <note>
> + <para>
> + You only need to install one mail server and
> <application>Postfix</application> is the default Ubuntu Mail Transfer
> Agent.
> + </para>
> + </note>
> + <sect3 id="mailman-apache2">
> + <title>Apache2</title>
> + <para>
> + To install apache2 you refer to <ulink
> + url="./web-servers.xml#http-installation">HTTPD
> + Installation</ulink> section for details.
> + </para>
> + </sect3>
> + <sect3 id="mailman-postfix">
> + <title>Postfix</title>
> + <para>
> + For instructions on installing and configuring Postfix
> refer to <xref linkend="postfix"/>
> + </para>
> + </sect3>
> + <sect3 id="mailman-exim4">
> + <title>Exim4</title>
> + <para>
> + To install Exim4 refer to <xref linkend="exim4"/>.
> + </para>
> + <para>
> + Once exim4 is installed, the configuration files are stored
> in + the <filename>/etc/exim4</filename> directory. In
> Ubuntu, by default, the exim4 configuration files are
> + split across different files. You can change this
> behavior by changing
> + the following variable in the
> <filename>/etc/exim4/update-exim4.conf</filename> file:
> +
> + <itemizedlist spacing="compact">
> + <listitem>
> +
> <para><application>dc_use_split_config='true'</application></para>
> + </listitem>
> + </itemizedlist>
> + </para>
> + </sect3>
> + <sect3 id="mailman-mailman">
> + <title>Mailman</title>
> + <para>
> + To install <application>Mailman</application>, run
> following command at a terminal prompt:
> + </para>
> +<screen>
> +<command>sudo apt-get install mailman</command>
> +</screen>
> + <para>
> + It copies the installation files in
> + <application>/var/lib/mailman</application> directory. It
> installs the
> + CGI scripts in
> <application>/usr/lib/cgi-bin/mailman</application> + directory.
> It creates <emphasis>list</emphasis> linux + user. It creates
> the <emphasis>list</emphasis> linux
> + group. The mailman process will be owned by this user.
> + </para>
> + </sect3>
> + </sect2>
> + <sect2 id="mailman-configuration" status="complete">
> + <title>Configuration</title>
> + <para>
> + This section assumes you have successfully installed
> + <application>mailman</application>,
> + <application>apache2</application>, and
> + <application>postfix</application> or
> <application>exim4</application>. Now you just need
> + to configure them.
> + </para>
> + <sect3 id="mailman-conf-apache2">
> + <title>Apache2</title>
> + <para>
> + An example Apache configuration file comes with
> <application>Mailman</application> and is placed
> + in <filename>/etc/mailman/apache.conf</filename>. In
> order for Apache to use the config file it needs
> + to be copied to
> <filename>/etc/apache2/sites-available</filename>: + </para>
> +<screen>
> +<command>sudo cp /etc/mailman/apache.conf
> /etc/apache2/sites-available/mailman.conf</command>
> +</screen>
> + <para>
> + This will setup a new Apache
> <emphasis>VirtualHost</emphasis> for the Mailman administration site.
> + Once you have copied the new configuration file you will
> need to enable it and restart Apache:
> + </para>
> +<screen>
> +<command>sudo a2ensite mailman.conf</command>
> +<command>sudo /etc/init.d/apache2 restart</command>
> +</screen>
> + <para>
> + Mailman uses apache2 to render its CGI scripts. The
> mailman CGI scripts
> + are installed in the
> <application>/usr/lib/cgi-bin/mailman</application>
> + directory. So, the mailman url will be
> + http://hostname/cgi-bin/mailman/. You can make changes to the
> +
> <filename>/etc/apache2/sites-available/mailman.conf</filename> file if you
> wish to
> + change this behavior.
> + </para>
> + </sect3>
> + <sect3 id="mailman-conf-postfix">
> + <title>Postfix</title>
> + <para>
> + For <application>Postfix</application> integration, we
> will associate the domain lists.example.com with the mailing lists.
> + Please replace <emphasis>lists.example.com</emphasis> with
> the domain of your choosing.
> + </para>
> + <para>
> + You can use the postconf command to add the necessary
> configuration to <filename>/etc/postfix/main.cf</filename>:
> + </para>
> +<screen>
> +<command>sudo postconf -e 'relay_domains = lists.example.com'</command>
> +<command>sudo postconf -e 'transport_maps =
> hash:/etc/postfix/transport'</command>
> +<command>sudo postconf -e 'mailman_destination_recipient_limit =
> 1'</command> +</screen>
> + <para>
> + In <filename>/etc/postfix/master.cf</filename> double check
> that you have the following transport:
> + </para>
> +<programlisting>
> +mailman unix - n n - - pipe
> + flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
> + ${nexthop} ${user}
> +</programlisting>
> + <para>
> + It calls the <emphasis>postfix-to-mailman.py</emphasis>
> script when a mail is delivered to a list.
> + </para>
> + <para>
> + Associate the domain lists.example.com to the Mailman
> transport with the transport map. Edit the file
> <filename>/etc/postfix/transport</filename>:
> + </para>
> +<programlisting>
> +lists.example.com mailman:
> +</programlisting>
> + <para>
> + Now have <application>Postfix</application> build the
> transport map by entering the following from a terminal prompt:
> + </para>
> +<screen>
> +<command>sudo postmap -v /etc/postfix/transport</command>
> +</screen>
> + <para>
> + Then restart Postfix to enable the new configurations:
> + </para>
> +<screen>
> +<command>sudo /etc/init.d/postfix restart</command>
> +</screen>
> + </sect3>
> + <sect3 id="mailman-conf-exim4">
> + <title>Exim4</title>
> + <para>
> + Once Exim4 is installed, you can start the Exim server
> using the following
> + command from a terminal prompt:
> + </para>
> +<screen>
> +<command>sudo apt-get /etc/init.d/exim4 start</command>
> +</screen>
> + <para>
> +In order to make mailman work with exim4, you need to configure exim4.
> +As mentioned earlier, by default, exim4 uses multiple configuration
> +files of different types. For details, please refer to the <ulink
> +url="http://www.exim.org">Exim</ulink> website. To run mailman, we
> +should add new a configuration file to the following configuration
> +types:
> + <itemizedlist spacing="compact">
> + <listitem>
> + <para>Main</para>
> + </listitem>
> + <listitem>
> + <para>Transport</para>
> + </listitem>
> + <listitem>
> + <para>Router</para>
> + </listitem>
> + </itemizedlist>
> + Exim creates a master configuration file by sorting all
> + these mini configuration files. So, the order of these
> + configuration files is very important.
> + </para>
> + </sect3>
> + <sect3 id="mailman-conf-main">
> + <title>Main</title>
> + <para>
> + All the configuration files belonging to the main type are
> + stored in the
> + <filename>/etc/exim4/conf.d/main/</filename> directory.
> You can add
> + the following content to a new file, named
> <filename>04_exim4-config_mailman</filename>:
> +
> +<programlisting>
> +# start
> +# Home dir for your Mailman installation -- aka Mailman's prefix
> +# directory.
> +# On Ubuntu this should be "/var/lib/mailman"
> +# This is normally the same as ~mailman
> +MM_HOME=/var/lib/mailman
> +#
> +# User and group for Mailman, should match your --with-mail-gid
> +# switch to Mailman's configure script. Value is normally "mailman"
> +MM_UID=list
> +MM_GID=list
> +#
> +# Domains that your lists are in - colon separated list
> +# you may wish to add these into local_domains as well
> +domainlist mm_domains=hostname.com
> +#
> +# -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> +#
> +# These values are derived from the ones above and should not need
> +# editing unless you have munged your mailman installation
> +#
> +# The path of the Mailman mail wrapper script
> +MM_WRAP=MM_HOME/mail/mailman
> +#
> +# The path of the list config file (used as a required file when
> +# verifying list addresses)
> +MM_LISTCHK=MM_HOME/lists/${lc::$local_part}/config.pck
> +# end
> +</programlisting>
> + </para>
> + </sect3>
> + <sect3 id="mailman-conf-transport">
> + <title>Transport</title>
> + <para>
> +All the configuration files belonging to transport type are stored in
> +the <filename>/etc/exim4/conf.d/transport/</filename> directory. You
> +can add the following content to a new file named <filename>
> +40_exim4-config_mailman</filename>:
> +
> +<programlisting>
> + mailman_transport:
> + driver = pipe
> + command = MM_WRAP \
> + '${if def:local_part_suffix \
> + {${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \
> + {post}}' \
> + $local_part
> + current_directory = MM_HOME
> + home_directory = MM_HOME
> + user = MM_UID
> + group = MM_GID
> +</programlisting>
> + </para>
> + </sect3>
> + <sect3 id="mailman-conf-router">
> + <title>Router</title>
> + <para>
> +All the configuration files belonging to router type are stored in the
> +<filename>/etc/exim4/conf.d/router/</filename> directory. You can add
> the following content
> +in to a new file named <filename>101_exim4-config_mailman</filename>:
> +<programlisting>
> + mailman_router:
> + driver = accept
> + require_files = MM_HOME/lists/$local_part/config.pck
> + local_part_suffix_optional
> + local_part_suffix = -bounces : -bounces+* : \
> + -confirm+* : -join : -leave : \
> + -owner : -request : -admin
> + transport = mailman_transport
> +</programlisting>
> +
> + </para>
> +<warning>
> +<para>
> +The order of main and transport configuration files can be in any order.
> +But, the order of router configuration files must be the same.
> +This particular file must appear before the
> +<application>200_exim4-config_primary</application> file.
> +These two configuration files contain same type of information. The
> +first file takes the precedence. For more details, please refer to the
> +references section.
> +</para>
> +</warning>
> + </sect3>
> + <sect3 id="mailman-conf-mailman">
> + <title>Mailman</title>
> + <para>
> + Once mailman is installed, you can run it using the
> following command:
> + </para>
> +<screen>
> +<command>sudo /etc/init.d/mailman start</command>
> +</screen>
> + <para>
> + Once mailman is installed, you should create the default
> mailing list.
> + Run the following command to create the mailing list:
> + </para>
> +
> +<screen>
> +<command>sudo /usr/sbin/newlist mailman</command>
> +</screen>
> +
> +<programlisting>
> + Enter the email address of the person running the list: bhuvan at
> ubuntu.com + Initial mailman password:
> + To finish creating your mailing list, you must edit your
> <filename>/etc/aliases</filename> (or
> + equivalent) file by adding the following lines, and possibly running the
> + `newaliases' program:
> +
> + ## mailman mailing list
> + mailman: "|/var/lib/mailman/mail/mailman post mailman"
> + mailman-admin: "|/var/lib/mailman/mail/mailman admin mailman"
> + mailman-bounces: "|/var/lib/mailman/mail/mailman bounces mailman"
> + mailman-confirm: "|/var/lib/mailman/mail/mailman confirm mailman"
> + mailman-join: "|/var/lib/mailman/mail/mailman join mailman"
> + mailman-leave: "|/var/lib/mailman/mail/mailman leave mailman"
> + mailman-owner: "|/var/lib/mailman/mail/mailman owner mailman"
> + mailman-request: "|/var/lib/mailman/mail/mailman request mailman"
> + mailman-subscribe: "|/var/lib/mailman/mail/mailman subscribe mailman"
> + mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe
> mailman" +
> + Hit enter to notify mailman owner...
> +
> + #
> +</programlisting>
> + <para>
> + We have configured either Postfix or Exim4 to recognize
> all emails from mailman. So, it is
> + not mandatory to make any new entries in
> + <filename>/etc/aliases</filename>. If you have made any
> changes + to the configuration files, please ensure that you
> restart those + services before continuing to next section.
> + </para>
> + </sect3>
> + </sect2>
> + <sect2 id="mailman-admin" status="complete">
> + <title>Administration</title>
> +<para>
> +We assume you have a default installation. The
> +mailman cgi scripts are still in the
> +<application>/usr/lib/cgi-bin/mailman/</application> directory. Mailman
> +provides a web based administration facility. To access this page, point
> +your browser to the following url:
> +
> +</para>
> +<para>
> +http://hostname/cgi-bin/mailman/admin
> +</para>
> +
> +<para>
> +The default mailing list, <emphasis>mailman</emphasis>,
> +will appear in this screen. If you click the mailing list name, it
> +will ask for your authentication password. If you enter the correct
> +password, you will be able to change administrative settings of this
> +mailing list.
> +
> +You can create a new mailing list using the command line utility
> +(<command>/usr/sbin/newlist</command>).
> +Alternatively, you can create a new mailing list using the web interface.
> +</para>
> + </sect2>
> + <sect2 id="mailman-users" status="complete">
> + <title>Users</title>
> +<para>
> +Mailman provides a web based interface for users. To access this page,
> +point your browser to the following url:
> +</para>
> +
> +<para>
> +http://hostname/cgi-bin/mailman/listinfo
> +</para>
> +
> +<para>
> +The default mailing list, <emphasis>mailman</emphasis>,
> +will appear in this screen. If you
> +click the mailing list name, it will display the subscription form. You
> +can enter your email address, name (optional), and password to subscribe.
> +An email invitation will be sent to you. You can follow the
> +instructions in the email to subscribe.
> +</para>
> + </sect2>
> + <sect2 id="mailman-references" status="complete">
> + <title>References</title>
> +<para>
> +<ulink url="http://www.list.org/mailman-install/index.html"> GNU Mailman
> +- Installation Manual</ulink>
> +</para>
> +<para>
> +<ulink url="http://www.exim.org/howto/mailman21.html">HOWTO - Using Exim
> +4 and Mailman 2.1 together</ulink>
> +</para>
> + </sect2>
> + </sect1>
> + </chapter>
> +
>
>
>
> --
>
> https://code.launchpad.net/~ubuntu-core-doc/ubuntu-doc/ubuntu-hardy
>
> You are receiving this branch notification because you are subscribed to
> it. To unsubscribe from this branch go to
> https://code.launchpad.net/~ubuntu-core-doc/ubuntu-doc/ubuntu-hardy/+subscr
>iption/ubuntu-core-doc.
>
> --
> ubuntu-doc-commits mailing list
> ubuntu-doc-commits at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-doc-commits
>
>
> --
> Matthew East
> http://www.mdke.org
> gnupg pub 1024D/0E6B06FF
Matt,
I agree, sorry I thought I had that validated and working fine when I
commited, my mistake
More information about the ubuntu-doc
mailing list