Mail Server Setup With Exim, MySQL, Cyrus-Imapd, Horde Webmail On Centos 5.1 - works?

Sorry about my above post. I think the login fails because u are trying to login using administrator instead of Administrator which u configured in the post prior to this one.

 

I edited the sql table to rename the user (horde table "horde_users" ), still the same thing
messages:

Code:

Nov 19 13:18:54 server imap[14538]: sql_select option missing
Nov 19 13:18:54 server imap[14538]: auxpropfunc error no mechanism available 
saslauthd[14539]: do_auth : auth failure: [[email protected]] [service=imap] [realm=domain.com] [mech=pam] [reason=PAM auth error]
[I]repeated 6 times[/I]

 

can you add debug to you /etc/pam.d/imap file and they tell me what u see in /var/log/secure

 

Horde cannot login into cyrus because in config file the user is cyrus with blank password. System doesn't allow cyrus user with blank password. If i replace this with a real password login works and seems to work through IMAP.

My problems are mostly related with php and also i get some errors when i install packages of pearl/php about some files in tmp directory ( i never found any logs about it..)

So i get several errors between modules... One time i almost managed to make this work but virtual folders were already f***d up and couldn't create any users...

Also some errors occur in apache configuration especially in secure connections related to the hostname of the machine...


All this combination (how to) works but it needs a GOOD updated and some details that are not included.


And finally, topdog, we don't blame you.. We thank you for your work, BUT i call for help if anyone has made this to work, to post the updated info so other people can also make this how to to work

Cheers

 

The should not be neccessary if you have set the admins to a user who is in the db and has a password, you need to use that user not the cyrus user.

Just pinpoint what u are facing and i will help.

I will try to redo it on 5.2 and post an update, i just relaxing abit at the moment after doing a maration CCSP certification program which i finished last friday. I will try and work on this next weekend.

 

Hi again, i mean the admin login to cyrus which horde uses from imap module (imp servers section) probably for reading virtual folders(?)... this operation works ONLY if i set a cyrus user password (from the system) and set the same in the config file..

Otherwise IMP never logins...

To make an update would be very kind of you... also i will come back with a list with specific problems because at this moment i have formatted this machine for another one time!!

Thank you

 

actually the login you use to login to horde is what is passed on to imp then on to the imap server. The virtual folders are just a software implementation in horde and not stored on the imap server

If the login fails it means there is an underlying problem with your authentication which u need to test using

Code:

testsaslauthd -u user@domain -p <password> -s imap

 

OK, but then what is the use of servers config file of IMP? When i fixed this password issue then i was able to login with any existed user in the system...

I noticed some 'malfunction' in the way that the system registered new users...

Also i couldn't understand if there is a relation between horde admin user and cyrus because if i logged in as Administrator in horde i had no admin rights to delete folders in cyrus for instance...

Any way, these are various problem which i remember from the many many installs i had done.. so don't bother to solve them because maybe i don't remember well.. As soon as i get more time in my work because we changing some systems now, i will install CentOS 5.2 again and start over.. Then i'll start to post SPECIFIC problems and maybe i'll get to success!

Thanks for your valuable help!

P.S. I think that its not important the way that someone installs CentosOS? I mean with graphic desktop, or server environment or any other packages? Either way according to how to we install all necessary things afterward right?

P.S.2. One last thing which made me confused... the host name of the machine during installation should be mailserver.domain.com or just mailserver ? Because i think this is important for apache setup ?

 

It tells imp which server to connect to.

The horde admin user should be a cyrus admin user, As per deleting of folders that is the default cyrus behavior, the acl's applied to the folders do not allow for deleting by default you need to set the acl to allow deleting before you can do it.
http://cyrusimap.web.cmu.edu/twiki/bin/view/Cyrus/DeleteMailboxPermissions

That should not really affect apache as with virtual hosting the page that is served is dependent on what the client sends in the HOST field of the HTTP/1.1 headers.

 

First, Topdog many thanks, you are very helpful

That give an idea, to double check /etc/pam modifications related to imap, there was a typo in the DB pwd..

1. Horde Login

a) First login success
got the horde menu on the left, auth failed in the center

b) re-login got access
FYI:
# testsaslauthd -u [email protected] -p pwd123
0: OK "Success."
​

2. Kmail (on the local box), added IMAP & pop3

a) Imap connected
var log maillog

imap[9707]: accepted connection
master[9726]: about to exec /usr/lib/cyrus-imapd/imapd
imap[9726]: executed
imap[9707]: login: server [10.0.0.1] [email protected] plaintext User ​

IMAP does not have default folders in Kmail, when I try to subscribe it crashes it

b) Pop3 AUTH failed
messages:

pop3[9733]: sql_select option missing
pop3[9733]: auxpropfunc error no mechanism available​

var log maillog

pop3[9708]: accepted connection
master[9733]: about to exec /usr/lib/cyrus-imapd/pop3d
pop3[9708]: badlogin: server [10.0.0.1] plaintext [email protected] invalid user
pop3[9733]: executed
master[9688]: process 9708 exited, status 0​

3. Deliver mail to a smarthost with and without auth

4. Somebody mentioned that horde can fetch external pop3, but as Horde is not a daemon, its just triggered when the user logs in (wild guess). So it does ot work for me, I will have some users accessing using IMAP and/or pop3, so I would need something like fetchmail. Will check this after first 3 issues are solved and post back.

P.S. Just to know, got some errors in messages every 5 min. probably when horde and/or Kmail is accessing imap.
imap[9760]: auxpropfunc error no mechanism available
imap[9773]: sql_select option missing

 

You r welcome.

Do u see the folders in webmail ?

This is because your pop3 is authenticating against the system not against pam_mysql to fix

Code:

cp /etc/pam.d/imap /etc/pam.d/pop3

Create this above the dnslookup router

Code:

smarthost:
  driver = manualroute
  transport = remote_smtp
  route_list = * mail.smarthost.name

Yes its not a daemon so the mail will only be fetched while the user is logged in.

This is not an error related to horde, it is due to the sql plugin of saslauthd to fix it look at this http://www.cyberciti.biz/faq/postfix-sql_select-option-missing-auxpropfunc-error/

 

No. In Mail, there is just: Filters, New Message, Search

I got pop, put placed also pop3

# cp /etc/pam.d/imap /etc/pam.d/pop
cp: overwrite `/etc/pam.d/pop'? y
# cp /etc/pam.d/imap /etc/pam.d/sieve
cp: overwrite `/etc/pam.d/sieve'? y
# cp /etc/pam.d/imap /etc/pam.d/lmtp
cp: overwrite `/etc/pam.d/lmtp'? y
# cp /etc/pam.d/imap /etc/pam.d/csync
cp: overwrite `/etc/pam.d/csync'? y

restarted sasl and exim
still no luck with pop3

Thats cool for smarthost which dont need authentication, any idea if it is required ?

I tried using the one generated on debian:

Code:

remote_smtp_smarthost:
  driver = manualroute
  transport = remote_smtp
  hosts_try_auth = <; ${if exists{/etc/exim/passwd.client} \
        {\
        ${lookup{$host}nwildlsearch{/etc/exim/passwd.client}{$host_address}}\
        }\
        {} \
      }

Where passwd.client stands:

Code:

# password file used when the local exim is authenticating to a remote
# host as a client.
#
# see exim4_passwd_client(5) for more documentation
#
# Example:
### target.mail.server.example:login:password
mail.server.com:login:pwd

but exim doesnt start, it has a problem with "hosts_try_auth"

Will check fetchmail then.

done, errors gone!!


thanks

 

Code:

# routers section
smarthost:
  driver = manualroute
  domains = ! +local_domains
  transport = auth_remote
  route_list = * smart_host_name

# transports section
auth_remote:
  driver = smtp
  hosts_require_auth = smart_host_name

# authenticators section
smarthost_remote_login:
  driver = plaintext
  public_name = LOGIN
  client_send = : isp_user_name : isp_password

Use testsaslauthd to debug the pop3 service, as for the folders check the logs to see why the autocreate/autosubscribe options r not working (may be you removed it from the config)

 

OK, here i am again, found some little spare time and started over:

CLEAN install CentOS 5.2 , with option Server GUI (and only)

Hostname: mailsrv

- SELinux: Permissive mode (in Enforced mode had many problems with php/apache)

- Started system in GNOME environment and make full yum update...

- Installed firefox, everything is updated and starting step-by-step and copy-paste from how to guide.. (its supposed that all necessary changes are done during transfer of configs(!))

- Configure rpmforge repo -> path not found... should be: http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm (hope its right...the same file..)
Result: Retrieving http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
warning: /var/tmp/rpm-xfer.vVnMD4: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
Preparing... ########################################### [100%]
1:rpmforge-release ########################################### [100%]

- Disable the repo... ** path is wrong, on my CentOS 5.2 path is \etc\yum.repos.d

- Installing apache and php (getting some many uknown errors..!)

Installing: php-pear ####################### [ 1/23]
Installing: php-pear-Net-Socket ####################### [ 2/23]
/tmp/glibctestc17Z8U:1:22: error: features.h: No such file or directory
Installing: php-pear-MDB2 ####################### [ 3/23]
/tmp/glibctestLE1x5J:1:22: error: features.h: No such file or directory
Installing: php-pear-Net-URL ####################### [ 4/23]
/tmp/glibctestRasjeX:1:22: error: features.h: No such file or directory
Installing: php-pear-Auth-SASL ####################### [ 5/23]
/tmp/glibctestMcGIcd:1:22: error: features.h: No such file or directory
Installing: php-pear-Net-SMTP ####################### [ 6/23]
/tmp/glibctestrrD0Jw:1:22: error: features.h: No such file or directory
Installing: php-pear-DB ####################### [ 7/23]
/tmp/glibctestHzrksp:1:22: error: features.h: No such file or directory
Installing: libc-client ####################### [ 8/23]
Installing: libmcrypt ####################### [ 9/23]
Installing: php-pdo ####################### [10/23]
Installing: php-mbstring ####################### [11/23]
Installing: php-pear-Net-Sieve ####################### [12/23]
/tmp/glibctest0T2EYG:1:22: error: features.h: No such file or directory
Installing: php-mcrypt ####################### [13/23]
Installing: php-pear-HTTP-Request ####################### [14/23]
/tmp/glibctestOnqEZA:1:22: error: features.h: No such file or directory
Installing: php-pear-Mail ####################### [15/23]
/tmp/glibctests7qLz6:1:22: error: features.h: No such file or directory
Installing: php-pear-Date ####################### [16/23]
/tmp/glibctestKGLHTA:1:22: error: features.h: No such file or directory
Installing: php-mysql ####################### [17/23]
Installing: php-pecl-Fileinfo ####################### [18/23]
Installing: php-xml ####################### [19/23]
Installing: php-pear-Mail-Mime ####################### [20/23]
/tmp/glibctestdeYm48:1:22: error: features.h: No such file or directory
Installing: php-pear-File ####################### [21/23]
/tmp/glibctestRkGCPV:1:22: error: features.h: No such file or directory
Installing: php-imap ####################### [22/23]
Installing: php-pear-Log ####################### [23/23]
/tmp/glibctestlKZx7w:1:22: error: features.h: No such file or directory

- Install Exim and MySQL ---> ALL succesful

Install rest of packages everything went fine.. no errors... so starting configuration..

 

Config part

--Apache config...

i wonder.. now in server name.. should be mailsrv or mailsrv.mydomain.com ?

--Exim configured
copied entire config file from how to..

-- Mysql password

/usr/bin/mysqladmin -u root -h your_host_name password 'new-password' -p

this works ONLY if i set as hostname localhost... any other name fails...

--- Creating turba table

file is turba.mysql.sql and not turba_objects.mysql.sql (not existed something like this...)


-- Horde config

NOW.. in horde config file (which already exist) there are some duplicates with the proposed one.. During last installations remember that was serious problems with this... what should i do, just add in the bottom or replace? (think replacement doesn't work..)

-- Continued until cyrus config (imapd.conf)

Inside this file in admins section its only andrew... should be only this? (cyrus, Administrator?)


-- Continued with the rest of configs...

Starting services got this error:

"Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName"

Anyway, continuing the guide, create admin user and trying to login...

Logins with admin user but left tool bar is just a white area... after refreshing the page appears... (always happening..)

As admin created 2 users test1 and test2, when they are logged in no folders appear... only inbox... this problem in previous installs solved with cyrus user password...(only after set a cyrus password imp could see the folders section....this is what i was saying to topdog)

Trying to send a message from test1 to test2 i get an error that Sent Items folder cannot be created... Test1 receives this mail succesfully


So i stop here, wait for any suggestions how to make all this work..

Thank you

 

Ok almost works!! (after some changes i have stated...)

Now i have 1-2 minor problems... One is Spamassassin which seems that only rejects spams without sending them in spam folders.. (thinks user nobody... how to fix this?)

And second one, what would be the best way to backup this system? I think that user folders are not enough...

Thanks in advance

 

If you do not want spam to be rejected at smtp time, and delivered to a spam folder then you need to comment out the section in you exim conf file

Code:

 drop    condition = ${if >{$spam_score_int}{60} {1}}
        message   = Your message scored $spam_score SpamAssassin point. Report follows:\n\
        $spam_report

You will also need a sieve rule to file the spam tagged mails into the spam folder.

You need to backup /var/spool/imap, or if you want to go really funky you can setup imap replication to replicate the mail to another imap server.

 

SO, if i only comment this rule in exim.conf, spam should come in INBOX marked as spam? (move to spam folders can be done from horde rules...?)

Because i am not familiar with sieve, i don't know how to do this...


Finally, if i backup /var/spool/imap and i have a system crash how i can restore users? In this way i keep only their folders, right? Users are kept in mysql, or not..?

To be more specific, i would like to have the smallest downtime due to a hardware problem... keep an image of the machine, keep config files and have it back in minutes.. but what about user accounts data?


finally, topdog, a BIG THANK YOU!

 

Yes thats right.

Its easy to use actually and very powerful, thats one of the reasons for using cyrus. And horde intergrates with sieve quite well so you can create
the rules from with in horde.

My bad for a full recovery you will have to backup much more.
- The configs in /etc
- The mysql database horde
- The horde system
- The mail folders in /var/spool/mail

Depending on how mission critical your setup is you could run a hot standby machine using cyrus imap replication / mysql replication. (I have a setup like that running a a large cellphone company)

No problem, hope my xmas present is in the post...... lol just kidding.

 

Thanks also for your very quick answers!

I'll try to do these modifications and i hope that i will have finally this system up and running!