qmail LDAP Configuration.

Qmail Downloads
Check for cc and gcc
wget http://www.qmailrocks.org/downloads/qmailrocks.tar.gz
wget http://www.nrg4u.com/qmail/qmail-ldap-1.03-20060201.patch.gz
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
rpm -Uhv rpmforge-release-0.3.6-1.el5.rf.i386.rpm
yum install openldap*
yum install zlib*
yum install glib
yum install gcc-c++
yum install gdbm*
yum install openssl-devel

Qmail Users / groups

mkdir -p /var/qmail
groupadd nofiles
useradd -g nofiles -d /var/qmail/alias -s /sbin/nologin -p'*' alias
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p'*' qmaild
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p'*' qmaill
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p'*' qmailp
groupadd qmail
useradd -g qmail -d /var/qmail -s /sbin/nologin -p'*' qmailq
useradd -g qmail -d /var/qmail -s /sbin/nologin -p'*' qmailr
useradd -g qmail -d /var/qmail -s /sbin/nologin -p'*' qmails
groupadd vmail
useradd -g vmail -s /bin/true vmail

Qmail Compilation
mkdir -p /var/qmail
mkdir /usr/src/qmail
cd /usr/src/qmail
tar xvzf /downloads/qmailrocks/qmail-1.03.tar.gz
cd qmail-1.03
cd /downloads
gzip -d qmail-ldap-1.03-20060201.patch.gz
cd /usr/src/qmail/qmail-1.03
patch -p1 < /downloads/qmail-ldap-1.03-20060201.patch

vi Makefile
-------------------------------------------------------------------------------------------

LDAPFLAGS=-DQLDAP_CLUSTER -DEXTERNAL_TODO -DDASH_EXT -

DDATA_COMPRESS -DQMQP_COMPRESS -DSMTPEXECCHECK
ZLIB=-lz
MDIRMAKE=-DAUTOMAILDIRMAKE
HDIRMAKE=-DAUTOHOMEDIRMAKE
SHADOWLIBS=-lcrypt
DEBUG=-DDEBUG
-----------------------------------------------------------------------------------------

make setup check

Qmail Configration and LDAP controls files
mkdir /var/qmail/supervise
cd /var/qmail/supervise
mkdir -p qmail-smtpd/log qmail-send/log qmail-pop3d/log
chmod +t qmail-smtpd qmail-send qmail-pop3d

mkdir /var/log/qmail
cd /var/log/qmail
mkdir qmail-send qmail-smtpd qmail-pop3d
chown -R qmaill:root /var/log/qmail
chmod -R 750 /var/log/qmail

cd /var/qmail/control
echo 100 > concurrencyincoming
echo 255 > concurrencyremote
echo ./Maildir/ > defaultdelivery
echo hindustantimes.com > defaultdomain
echo 10000 > defaultquotacount
echo 10000000 > defaultquotasize
echo /var/qmail/bin/dirmaker > dirmaker
echo dc=hindustantimes,dc=com > ldapbasedn
echo 0 > ldapcluster
id -g vmail > ldapgid
echo cn=manager,dc=hindustantimes,dc=com > ldaplogin
echo /home/vmail > ldapmessagestore
echo qmailUser > ldapobjectclass
echo p4mail1server > ldappassword
echo 127.0.0.1 > ldapserver
id -u vmail > ldapuid
echo mail1.hindustantimes.com > me
echo 127.:allow,NOPBS="" :deny > qmail-pop3d.rules
echo > qmail-smtpd-softlimit
echo 3 > qmail-start-loglevel
echo 3 > qmail-pop3d-loglevel
echo 800000000 > qmail-pop3d-softlimit – need to check
echo " Your mail quota is overflowing, check it out" > quotawarning
echo fever.fm > rcpthosts
echo hindustantimes.com >> rcpthosts
echo mail1.hindustantimes.com >> rcpthosts
ln –s rcpthosts locals

cd /var/qmail

vi bin/dirmaker
-------------------------------------------------------------------------------------
#!/bin/sh
echo '----------------------------------------------' >> /tmp/dirmaker
date >> /tmp/dirmaker
echo $1 >> /tmp/dirmaker
id >> /tmp/dirmaker

mkdir --parents -m 700 -p $1/Maildir

mkdir --parents -m 700 -p $1/Maildir/tmp
mkdir --parents -m 700 -p $1/Maildir/cur
mkdir --parents -m 700 -p $1/Maildir/new
chown -R vmail:vmail $1
---------------------------------------------------------------------------------------

vi rc
---------------------------------------------------------------------------------------
#!/bin/sh
QLOG="`cat /var/qmail/control/qmail-start-loglevel`"
DEFD="`cat /var/qmail/control/defaultdelivery`"
exec env - PATH="/var/qmail/bin:$PATH" LOGLEVEL="$QLOG" qmail-start
"$DEFD"
--------------------------------------------------------------------------------------------

chmod 755 rc bin/dirmaker

UCSPI-TCP / Daemontools Install

cd /usr/src/qmail
tar zxvf /downloads/qmailrocks/ucspi-tcp-0.88.tar.gz
cd ucspi-tcp-0.88
patch < /downloads/qmailrocks/patches/ucspi-tcp-0.88.errno.patch
make && make setup check

mkdir -p /package
chmod 1755 /package
cd /package
tar zxvf /downloads/qmailrocks/daemontools-0.76.tar.gz
cd /package/admin/daemontools-0.76/src
patch < /downloads/qmailrocks/patches/daemontools-0.76.errno.patch
cd /package/admin/daemontools-0.76
package/install

Qmail Run Files

cd /var/qmail/supervise

vi qmail-smtpd/run
------------------------------------------------------------------------------------------
#!/bin/sh
QUID=`id -u qmaild`
QGID=`id -g qmaild`
MAXD=`head -1 /var/qmail/control/concurrencyincoming`
HOST=`head -1 /var/qmail/control/me`
SOFT=`head -1 /var/qmail/control/qmail-smtpd-softlimit`
CDBF="/etc/tcp.smtp.cdb"

if [ -z "$QUID" -o -z "$QGID" -o -z "$MAXD" -o -z "$HOST" ]; then

echo QUID, QGID, MAXD, or HOST is unset in
echo /var/qmail/supervise/qmail-smtpd/run
exit 1
fi
exec /usr/local/bin/softlimit -m $SOFT \
/usr/local/bin/tcpserver -v \
-H \
-R \
-l $HOST \
-x $CDBF \
-c $MAXD \
-u $QUID \
-g $QGID \
0 \
smtp \
/var/qmail/bin/qmail-smtpd \
/var/qmail/bin/auth_smtp /usr/bin/true 2>&1

---------------------------------------------------------------------------------------------

vi qmail-smtpd/log/run
---------------------------------------------------------------------------------------------
#!/bin/sh
PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin
export PATH
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s10000000 n20
/var/log/qmail/qmail-smtpd 2>&1
---------------------------------------------------------------------------------------------

vi qmail-send/run
---------------------------------------------------------------------------------------------
#!/bin/sh
exec /var/qmail/rc
---------------------------------------------------------------------------------------------

vi qmail-send/log/run
---------------------------------------------------------------------------------------------
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t s10000000 n20
/var/log/qmail/qmail-send 2>&1
----------------------------------------------------------------------------------------------

vi qmail-pop3d/run
----------------------------------------------------------------------------------------------
#!/bin/sh
IP=`head -1 /var/qmail/control/me`
LL=`head -1 /var/qmail/control/qmail-pop3d-loglevel`
SL=`head -1 /var/qmail/control/qmail-pop3d-softlimit`
exec \
env LOGLEVEL=$LL \
softlimit -m $SL \
/usr/local/bin/tcpserver -v -R -H -l 0 0 pop3 \
/var/qmail/bin/qmail-popup $IP \
/var/qmail/bin/tcp-env \
/var/qmail/bin/auth_pop \
/var/qmail/bin/qmail-pop3d Maildir 2>&1
vi /etc/tcp.smtp
---------------------------------------------------------------------------------------------------
127.:allow,RELAYCLIENT="",MAXRCPTCOUNT="25"
10.:allow,RELAYCLIENT="",MAXRCPTCOUNT="25"
:deny

#10.:allow,RELAYCLIENT="",SMTPAUTH="",AUTHREQUIRED="",SENDERCHECK
="",LOGLEVEL="3",RCPTCHECK="",NOPBS="",SANITYCHECK="",BLCKRELAYPR
BE=""
---------------------------------------------------------------------------------------------------

mkdir /service
ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd
/var/qmail/supervise/qmail-pop3d /service
cd /service
chmod +x */run
chmod +x */log/run

echo [email protected] > /var/qmail/alias/.qmail-root

echo [email protected] > /var/qmail/alias/.qmail-postmaster
echo [email protected] > /var/qmail/alias/.qmail-mailer-daemon
ln -s /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-anonymous

chmod 644 /var/qmail/alias/.qmail*

cd /var/qmail
rsync -avur /downloads/qmailrocks/scripts/finalize/qmailctl bin/.
ln -s /var/qmail/bin/qmailctl /usr/bin
ln -s /var/qmail/bin/qmailctl /etc/init.d/qmailctl

Qmail others configuration

/etc/init.d/sendmail stop
chkconfig sendmail off
mv /usr/lib/sendmail /usr/lib/sendmail.org
mv /usr/sbin/sendmail /usr/sbin/sendmail.org
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
chkconfig --level 2345 qmailctl on

OPENLDAP Integration with QMAIL-LDAP

Configuration
wget http://phpqladmin.com/phpQLAdmin-2.2.7.tar.gz
cd /downloads
tar zxvf /downloads/phpQLAdmin-2.2.7.tar.gz
cd /etc/openldap
cp /usr/src/qmail/qmail-1.03/qmail.schema schema/.
cp /downloads/phpQLAdmin-2.2.7/schemas/phpQLAdmin.schema schema/.

vi slapd.conf
-----------------------------------------------------------------------------------------------------
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/qmail.schema
include /etc/openldap/schema/phpQLAdmin.schema

# Directives needed to implement policy:

access to * by
dn="uid=admin,ou=hindustantimes.com,dc=hindustantimes,dc=com" write
by * read
access to attrs=userPassword
by
dn="uid=admin,ou=hindustantimes.com,dc=hindustantimes,dc=com" write
by anonymous auth

database dbm
suffix "dc=hindustantimes,dc=com"
rootdn "cn=Manager,dc=hindustantimes,dc=com"

rootpw p4mail1server

-------------------------------------------------------------------------------------------------

vi ldap.conf
------------------------------------------------------------------------------------------------
HOST 127.0.0.1
BASE dc=hindustantimes,dc=com
------------------------------------------------------------------------------------------------

---------------------------------------------------------------------------------------------------

vi schema/phpQLAdmin.schema
--------------------------------------------------------------------------------------------------
( Uncomment the following line )

# This is also availible in krb5-kdc.schema (from OpenLDAP.org)

attributetype ( 1.3.6.1.4.1.5322.10.1.12
NAME 'krb5RealmName'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
#
attributetype ( 1.3.6.1.4.1.5322.10.1.1
NAME 'krb5PrincipalName'
DESC 'The unparsed Kerberos principal name'
 EQUALITY caseExactIA5Match
SINGLE-VALUE
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

# PQL_ATTR_KRB5_ADMIN_SERVER
attributetype ( 1.3.6.1.4.1.8767.3.2.2.15 NAME 'krb5AdminServer'
DESC 'Fully Qualified Host Name of the Kerberos admin server'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.8767.3.2.4.1 NAME 'defaultDomain'

DESC 'Default domain name for the branch'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024}
SINGLE-VALUE )

------------------------------------------------------------------------------------------------

/etc/init.d/ldap start

Creation of LDAP datbase and LDIF FILES.

a. ldif for creating base

cat base.ldif
------------------------------------------------------------------------
#hindustantimes.com
dn: dc=hindustantimes,dc=com
objectClass: top
objectClass: domain
dc: hindustantimes
---------------------------------------------------------------------------------------

b. ldif for creating organizational unit

vi ht-ou.ldif
------------------------------------------------------------------------------------------
#hindustantimes.com
dn: ou=hindustantimes.com,dc=hindustantimes,dc=com
objectClass: top
objectClass: organizationalUnit
ou: hindustantimes.com
description: hindustantimes.com
------------------------------------------------------------------------------------------

c. ldif file for creating Admin User.

(Note: Password is postmaster )

cat admin-ht.ldif
 -----------------------------------------------------------------------------------------
# admin, hindustantimes.com
dn: uid=admin,ou=hindustantimes.com,dc=hindustantimes,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: qmailuser
cn: admin admin
sn: admin admin
mail: [email protected]
accountStatus: active
userPassword:: e0NSWVBUfU9XY3dPTS9IekVBT2s=
mailMessageStore: hindustantimes.com/admin
uid: admin
deliveryMode: noforward
------------------------------------------------------------------------------------------

iv. addressbook.

cat address.ldif
-------------------------------------------------------------------------------------
# deepa, addressbook, hindustantimes.in
dn: cn=deepa,ou=addressbook,dc=hindustantimes,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: deepa
sn: deepa
mail: [email protected]
ou: addressbook

Commnad to create user/ database

ldapadd -acvx -D"cn=Manager,dc=hindustantimes,dc=com" -w password_of rootdn -f

Ldif_filename

Courier IMAP Integration.

Compilation and its parameters

cd /downloads/qmailrocks/
tar jxvf courier-authlib-0.55.tar.bz2
cd courier-authlib-0.55

./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authldap --without-

authmysql --disable-root-check --with-ssl
--with-authchangepwdir=/usr/local/libexec/authlib --with-redhat

make && make check

make install-strip && make install-configure

vi /etc/rc.local
( Add following line )
----------------------------------------------------------------------------------------------------
/usr/local/sbin/authdaemond start
-----------------------------------------------------------------------------------------------------

cd /downloads/qmailrocks/
tar jxvf courier-imap-4.0.2.tar.bz2

useradd bsmith

chown -R bsmith:wheel courier-imap-4.0.2

cd /downloads/qmailrocks/courier-imap-4.0.2
su bsmith
./configure --prefix=/usr/local --exec-prefix=/usr/local --without-authvchkpw --
with-authldap --without-authmysql --disable-root-check --with-ssl --with-
authchangepwdir=/usr/local/libexec/authlib --with-redhat
make && make check
exit
make install-strip && make install-configure

/usr/local/sbin/mkimapdcert

vi /usr/local/etc/imapd.cnf
(Change [email protected] an administrative email address )
------------------------------------------------------------------------------------------------------
…………………………..
………………………….
[email protected]
……………………………
-------------------------------------------------------------------------------------------------------

Configuration changes
vi /usr/local/etc/imapd
-------------------------------------------------------------------------------------------------------
IMAPDSTART=YES
-------------------------------------------------------------------------------------------------------

vi /usr/local/etc/imapd-ssl
-------------------------------------------------------------------------------------------------------
IMAPDSSLSTART=YES
TLS_CERTFILE=/usr/local/share/imapd.pem
-------------------------------------------------------------------------------------------------------

vi /usr/local/etc/authlib/authdaemonrc
-------------------------------------------------------------------------------------------------------
authmodulelist="authldap"
authmodulelistorig="authldap"
-------------------------------------------------------------------------------------------------------

vi /usr/local/etc/authlib/authldaprc
-------------------------------------------------------------------------------------------------------
LDAP_SERVER localhost
LDAP_PORT 389
LDAP_PROTOCOL_VERSION 3
LDAP_BASEDN dc=isgec, dc=com
LDAP_BINDDN cn=manager, dc=isgec, dc=com
LDAP_BINDPW secretisgec
LDAP_TIMEOUT 5
LDAP_MAIL uid
LDAP_GLOB_UID vmail
LDAP_GLOB_GID vmail
LDAP_HOMEDIR mailMessageStore
LDAP_MAILROOT /home/vmail
LDAP_DEFAULTDELIVERY defaultDelivery
LDAP_FULLNAME cn
LDAP_CLEARPW clearPassword
LDAP_CRYPTPW userPassword
#LDAP_CRYPTPW sambaLMPassword
LDAP_DEREF never
LDAP_TLS 0
LDAP_AUTHBIND 1
---------------------------------------------------------------------------------------------------

cp /usr/local/libexec/imapd.rc /etc/rc.d/init.d/imap
cp /usr/local/libexec/imapd-ssl.rc /etc/rc.d/init.d/imaps

vi /etc/rc.local
( Add following line )
----------------------------------------------------------------------------------------------------
/etc/rc.d/init.d/imap start
/etc/rc.d/init.d/imaps start
-----------------------------------------------------------------------------------------------------

/usr/local/sbin/authdaemond stop
/usr/local/sbin/authdaemond start
/etc/rc.d/init.d/imap stop
/etc/rc.d/init.d/imaps stop
/etc/rc.d/init.d/imap start
/etc/rc.d/init.d/imaps start
qmailctl cdb

phpldapadmin
yum install php
yum install php-ldap
cd /downloads
wget http://downloads.sourceforge.net/project/phpldapadmin/phpldapadmin-
php5/1.2.0.5/phpldapadmin-1.2.0.5.tgz?use_mirror=nchc

tar zxvf phpldapadmin-1.2.0.5.tgz

mv phpldapadmin-1.2.0.5 /var/www/html/phpldapadmin
cd /var/www/html/phpldapadmin
mv config/config.php.example config/config.php

vi /etc/php.ini
memory_limit = 32M