Projet

Général

Profil

HowTo Mail Backup - Ikujam » Historique » Version 5

iku jam, 30/01/2012 14:23
layout

1 1 iku jam
h2. Presentation
2 1 iku jam
3 5 iku jam
{{>toc}}
4 5 iku jam
5 1 iku jam
several projects with mail servers
6 1 iku jam
request of certain stability, needed documentation
7 1 iku jam
free software user, activist and contributor
8 1 iku jam
idea is to produce a complete test environment with vms on a single machine
9 1 iku jam
10 1 iku jam
CC-NC-SA
11 1 iku jam
12 1 iku jam
13 1 iku jam
h2. Requirements
14 1 iku jam
15 2 iku jam
to follow you need some linux admin skills:
16 2 iku jam
17 2 iku jam
* basic shell (bash)
18 2 iku jam
* at least basic knowledge of debian package system (install & setup packages with apt-get, manage services)
19 2 iku jam
* able to setup ssh public key authentication
20 2 iku jam
* i don't like nano, feel free to use it - or another editor - instead of vi
21 2 iku jam
22 2 iku jam
23 1 iku jam
h3. Host system
24 1 iku jam
25 1 iku jam
* debian
26 1 iku jam
* qemu-kvm
27 1 iku jam
* bind
28 1 iku jam
29 1 iku jam
This howto uses
30 2 iku jam
31 5 iku jam
<pre>
32 1 iku jam
 # cat /etc/debian_version 
33 1 iku jam
 wheezy/sid
34 1 iku jam
 # uname -a
35 1 iku jam
 Linux master 3.1.0-1-amd64 #1 SMP Sun Dec 11 20:36:41 UTC 2011 x86_64 GNU/Linux
36 5 iku jam
</pre>
37 1 iku jam
38 1 iku jam
h3. Mail Server VMs
39 1 iku jam
40 1 iku jam
* debian
41 1 iku jam
* debian packages for the different software
42 1 iku jam
43 1 iku jam
44 5 iku jam
<pre>
45 1 iku jam
 root@mail1:~# echo "mail1" > /etc/hostname
46 1 iku jam
 root@mail1:~# apt-get install inotify-tools rsync openssh-server pgpool  javascript-common apache2 libapache2-mod-php5  roundcube postgresql postfix postfix-pgsql mailman roundcube-pgsql libc-client2007e mlock php5-imap postgrey courier-authlib-postgresql sasl2-bin courier-authdaemon  libsasl2-modules-sql courier-imap-ssl --no-install-recommends 
47 5 iku jam
</pre>
48 1 iku jam
49 1 iku jam
* use default options for roundcube, courier & mailman  for now
50 1 iku jam
** ident authentication
51 1 iku jam
** dbconfig
52 1 iku jam
** pgsql as database choice
53 1 iku jam
** mailman language as you prefer
54 1 iku jam
55 1 iku jam
* install postfixadmin :
56 1 iku jam
57 5 iku jam
<pre>
58 1 iku jam
 root@mail1:~# lynx 'http://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-2.3.4/postfixadmin_2.3.4_all.deb'
59 5 iku jam
</pre>
60 1 iku jam
61 5 iku jam
either directly from within lynx, otherwise via
62 1 iku jam
63 5 iku jam
<pre>
64 5 iku jam
 root@mail1:~# dpkg -i postfixadmin_2.3.4_all.deb
65 5 iku jam
</pre>
66 1 iku jam
67 1 iku jam
68 5 iku jam
* use default options for now
69 1 iku jam
70 1 iku jam
71 5 iku jam
* just as of personal habit, some tools i use 
72 5 iku jam
73 5 iku jam
<pre>
74 5 iku jam
 root@mail1:~# apt-get install lynx less mc vim screen
75 1 iku jam
 root@mail1:~# cat /etc/debian_version 
76 1 iku jam
 wheezy/sid
77 1 iku jam
 root@mail1:~# uname -a
78 1 iku jam
 Linux mail1.test 3.1.0-1-amd64 #1 SMP Tue Jan 10 05:01:58 UTC 2012 x86_64 GNU/Linux
79 5 iku jam
</pre>
80 1 iku jam
81 1 iku jam
82 5 iku jam
<pre>
83 5 iku jam
root@mail2:~# cat /etc/debian_version 
84 5 iku jam
wheezy/sid
85 5 iku jam
root@mail2:~# uname -a
86 5 iku jam
Linux mail2 3.1.0-1-amd64 #1 SMP Fri Dec 23 16:37:11 UTC 2011 x86_64 GNU/Linux
87 1 iku jam
root@mail2:~# cat /etc/network/interfaces 
88 1 iku jam
# This file describes the network interfaces available on your system
89 1 iku jam
# and how to activate them. For more information, see interfaces(5).
90 1 iku jam
91 1 iku jam
# The loopback network interface
92 1 iku jam
auto lo
93 1 iku jam
iface lo inet loopback
94 1 iku jam
95 1 iku jam
# The primary network interface
96 1 iku jam
allow-hotplug eth0
97 1 iku jam
iface eth0 inet static
98 1 iku jam
        address 192.168.122.3
99 1 iku jam
        netmask 255.255.255.0
100 1 iku jam
        network 192.168.122.0
101 1 iku jam
        broadcast 192.168.122.255
102 1 iku jam
        gateway 192.168.122.1
103 5 iku jam
</pre>
104 1 iku jam
105 1 iku jam
106 5 iku jam
h2. dns setup on host node
107 1 iku jam
108 5 iku jam
<pre>
109 1 iku jam
110 1 iku jam
root@quadebian:/etc/bind# cat  db.192.168.122
111 1 iku jam
;
112 1 iku jam
; BIND reverse data file for test
113 1 iku jam
;
114 1 iku jam
$TTL	604800
115 1 iku jam
@	IN	SOA	master.test. root.master.test. (
116 1 iku jam
			      1		; Serial
117 1 iku jam
			 604800		; Refresh
118 1 iku jam
			  86400		; Retry
119 1 iku jam
			2419200		; Expire
120 1 iku jam
			 604800 )	; Negative Cache TTL
121 1 iku jam
;
122 1 iku jam
@	IN	NS	master.test.
123 1 iku jam
1	IN	PTR	master.test.
124 1 iku jam
2	IN	PTR	mail1.test.
125 1 iku jam
3	IN	PTR	mail2.test.
126 1 iku jam
127 1 iku jam
128 1 iku jam
root@quadebian:/etc/bind# cat  db.test 
129 1 iku jam
;
130 1 iku jam
; BIND data file for test
131 1 iku jam
;
132 1 iku jam
$TTL	604800
133 1 iku jam
@	IN	SOA	master.test. info.master.test. (
134 1 iku jam
			      2		; Serial
135 1 iku jam
			 604800		; Refresh
136 1 iku jam
			  86400		; Retry
137 1 iku jam
			2419200		; Expire
138 1 iku jam
			 604800 )	; Negative Cache TTL
139 1 iku jam
;
140 1 iku jam
@	IN	NS	master.test.
141 1 iku jam
test.	IN	MX	10	mail1.test.
142 1 iku jam
test.	IN	MX	20	mail2.test.
143 1 iku jam
144 1 iku jam
master	IN	A	192.168.122.1
145 1 iku jam
mail1	IN	A	192.168.122.2
146 1 iku jam
mail2	IN	A	192.168.122.3
147 1 iku jam
148 1 iku jam
root@quadebian:/etc/bind# named-checkzone test db.test 
149 1 iku jam
zone test/IN: loaded serial 2
150 1 iku jam
OK
151 5 iku jam
</pre>
152 1 iku jam
153 1 iku jam
154 1 iku jam
* pass kvm dns server in forward mode on host node (default net config)
155 1 iku jam
156 5 iku jam
<pre>
157 1 iku jam
root@quadebian:/etc/bind# virsh 
158 1 iku jam
Welcome to virsh, the virtualization interactive terminal.
159 1 iku jam
160 1 iku jam
Type:  'help' for help with commands
161 1 iku jam
       'quit' to quit
162 1 iku jam
163 1 iku jam
virsh # net-dumpxml default
164 1 iku jam
<network>
165 1 iku jam
  <name>default</name>
166 1 iku jam
  <uuid>0529cc34-c2ad-9663-0f42-5b338b14a6e4</uuid>
167 1 iku jam
  <forward mode='nat'/>
168 1 iku jam
  <bridge name='virbr0' stp='on' delay='0' />
169 1 iku jam
  <mac address='52:54:00:37:85:D8'/>
170 1 iku jam
  <ip address='192.168.122.1' netmask='255.255.255.0'>
171 1 iku jam
    <dhcp>
172 1 iku jam
      <range start='192.168.122.2' end='192.168.122.254' />
173 1 iku jam
    </dhcp>
174 1 iku jam
  </ip>
175 1 iku jam
</network>
176 5 iku jam
</pre>
177 1 iku jam
178 1 iku jam
179 1 iku jam
h3. vm dns config
180 1 iku jam
181 1 iku jam
* change requires to reaffect NICs via virt-manager
182 1 iku jam
** remove nic (and /etc/udev/rules.d/70-persistent-net.rules - it keeps track of different nics on the system, avoids getting eth2/3/4...)
183 1 iku jam
** create new nic on default network
184 1 iku jam
** reboot vm
185 1 iku jam
** test connectivity & bind (set nameserver to 192.168.122.1 in /etc/resolv.conf)
186 1 iku jam
187 1 iku jam
h3. tests to do
188 1 iku jam
189 1 iku jam
* open http://mail1.test/roundcube & http://mail1.test/postfixadmin in a browser
190 1 iku jam
** roundcube -> 404
191 1 iku jam
** postfixadmin -> ok
192 1 iku jam
* dns
193 1 iku jam
194 5 iku jam
<pre>
195 1 iku jam
root@quadebian:/etc/bind# dig mx test
196 1 iku jam
197 1 iku jam
; <<>> DiG 9.7.3 <<>> mx test
198 1 iku jam
;; global options: +cmd
199 1 iku jam
;; Got answer:
200 1 iku jam
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26405
201 1 iku jam
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 3
202 1 iku jam
203 1 iku jam
;; QUESTION SECTION:
204 1 iku jam
;test.				IN	MX
205 1 iku jam
206 1 iku jam
;; ANSWER SECTION:
207 1 iku jam
test.			604800	IN	MX	20 mail2.test.
208 1 iku jam
test.			604800	IN	MX	10 mail1.test.
209 1 iku jam
210 1 iku jam
;; AUTHORITY SECTION:
211 1 iku jam
test.			604800	IN	NS	master.test.
212 1 iku jam
213 1 iku jam
;; ADDITIONAL SECTION:
214 1 iku jam
mail1.test.		604800	IN	A	192.168.122.2
215 1 iku jam
mail2.test.		604800	IN	A	192.168.122.3
216 1 iku jam
master.test.		604800	IN	A	192.168.122.1
217 1 iku jam
218 1 iku jam
;; Query time: 2 msec
219 1 iku jam
;; SERVER: 10.11.12.126#53(10.11.12.126)
220 1 iku jam
;; WHEN: Tue Jan 24 09:55:25 2012
221 1 iku jam
;; MSG SIZE  rcvd: 135
222 5 iku jam
</pre>
223 1 iku jam
224 1 iku jam
225 1 iku jam
226 1 iku jam
227 1 iku jam
h2. Server configuration
228 1 iku jam
229 1 iku jam
h3. postfix 
230 1 iku jam
231 5 iku jam
<pre>
232 5 iku jam
233 1 iku jam
root@mail2:/etc/postfix# mv main.cf main.cf.debian
234 1 iku jam
root@mail2:/etc/postfix# vi  main.cf 
235 1 iku jam
root@mail2:/etc/postfix# mkdir pgsql
236 1 iku jam
root@mail2:/etc/postfix# vi pgsql/virtual_alias_maps.cf
237 1 iku jam
root@mail2:/etc/postfix# vi pgsql/virtual_domain_maps.cf
238 1 iku jam
root@mail2:/etc/postfix# vi pgsql/relay_domains.cf
239 1 iku jam
root@mail2:/etc/postfix# vi pgsql/virtual_mailbox_limits.cf
240 1 iku jam
root@mail2:/etc/postfix# vi pgsql/virtual_mailbox_maps.cf 
241 1 iku jam
root@mail2:/etc/courier# vi /etc/mailname 
242 1 iku jam
root@mail2:/etc/courier# cat /etc/postfix/transport
243 1 iku jam
lists.test mailman:
244 1 iku jam
root@mail2:/etc/courier# postmap  /etc/postfix/transport
245 1 iku jam
root@mail2:/etc/postfix# scp -r . mail1.test:/etc/postfix/
246 5 iku jam
</pre>
247 1 iku jam
248 5 iku jam
<pre>
249 1 iku jam
root@mail1:/etc/postfix# vi  main.cf 
250 1 iku jam
# change following line : 
251 1 iku jam
mydestination = test,mail1.test,localhost.test, localhost
252 5 iku jam
</pre>
253 1 iku jam
254 1 iku jam
h3. saslauthd 
255 1 iku jam
256 1 iku jam
* change /etc/default/saslauthd
257 1 iku jam
258 5 iku jam
<pre>
259 1 iku jam
 START=yes
260 1 iku jam
 MECHANISMS="rimap"
261 1 iku jam
 OPTIONS="-c -r -O localhost -m /var/run/saslauthd"
262 5 iku jam
</pre>
263 1 iku jam
264 1 iku jam
265 1 iku jam
h3. postfixadmin
266 1 iku jam
267 1 iku jam
*Only on mail1* : mail2 will be synced through logshipping/PITR ;)
268 2 iku jam
269 1 iku jam
* open 
270 1 iku jam
271 1 iku jam
http://mail1.test/postfixadmin/setup.php
272 1 iku jam
273 1 iku jam
* set password and replace specified line in /etc/postfixadmin/config.inc.php :
274 1 iku jam
275 5 iku jam
<pre>
276 1 iku jam
 $CONF['setup_password'] = 'changeme';
277 5 iku jam
</pre>
278 1 iku jam
279 1 iku jam
* create superadmin account using a local or valid email address (if you have internet access)
280 1 iku jam
281 1 iku jam
* modify /usr/share/postfixadmin/functions.inc.php
282 1 iku jam
** this is in order to allow local domains, e.g. @.test@
283 1 iku jam
284 1 iku jam
_lignes 232++_
285 1 iku jam
286 1 iku jam
<pre>
287 1 iku jam
    if (!preg_match ('/^([-0-9A-Z]+\.)+' . '([0-9A-Z]){2,6}$/i', ($domain)))
288 1 iku jam
    {
289 1 iku jam
    if (!preg_match ('/^([-0-9A-Z]){3,16}$/i', ($domain)))
290 1 iku jam
        {
291 1 iku jam
        flash_error(sprintf($PALANG['pInvalidDomainRegex'], htmlentities($domain)));
292 1 iku jam
        return false;
293 1 iku jam
        }
294 1 iku jam
    }
295 1 iku jam
</pre>
296 1 iku jam
297 1 iku jam
298 1 iku jam
299 1 iku jam
h3. courier
300 1 iku jam
301 5 iku jam
<pre>
302 1 iku jam
root@mail1:/etc/courier# vi authdaemonrc 
303 1 iku jam
root@mail2:/etc/courier# mv authpgsqlrc authpgsqlrc.debian
304 1 iku jam
root@mail2:/etc/courier# vi authpgsqlrc
305 1 iku jam
root@mail2:/etc/courier# mv imapd imapd.debian
306 1 iku jam
root@mail2:/etc/courier# vi  imapd 
307 1 iku jam
root@mail2:/etc/courier# mv imapd-ssl imapd-ssl.debian
308 1 iku jam
root@mail2:/etc/courier# vi  imapd-ssl 
309 5 iku jam
</pre>
310 1 iku jam
311 1 iku jam
312 1 iku jam
h3. roundcube
313 1 iku jam
314 1 iku jam
* activate webapp
315 1 iku jam
** uncomment two alias directives inside /etc/apache2/conf.d/roundcube
316 1 iku jam
** adapt config : 
317 1 iku jam
318 5 iku jam
<pre>
319 1 iku jam
 $rcmail_config['default_host'] = 'localhost';
320 1 iku jam
 $rcmail_config['smtp_server'] = 'localhost';
321 5 iku jam
</pre>
322 1 iku jam
323 1 iku jam
* /etc/init.d/apache2 reload
324 1 iku jam
325 1 iku jam
h3. ssh
326 1 iku jam
327 1 iku jam
* generate pair of keys on mail1 & mail2
328 1 iku jam
329 5 iku jam
<pre>
330 1 iku jam
# su mail
331 1 iku jam
$ bash
332 1 iku jam
mail@mail2:/etc/postfix$ ssh-keygen 
333 1 iku jam
Generating public/private rsa key pair.
334 1 iku jam
Enter file in which to save the key (/var/mail/.ssh/id_rsa): 
335 1 iku jam
Created directory '/var/mail/.ssh'.
336 1 iku jam
Enter passphrase (empty for no passphrase): 
337 1 iku jam
Enter same passphrase again: 
338 1 iku jam
Your identification has been saved in /var/mail/.ssh/id_rsa.
339 1 iku jam
Your public key has been saved in /var/mail/.ssh/id_rsa.pub.
340 1 iku jam
The key fingerprint is:
341 1 iku jam
b9:bf:63:05:c0:9f:4f:07:82:d9:fd:79:99:cf:20:20 mail@mail2
342 1 iku jam
The key's randomart image is:
343 1 iku jam
+--[ RSA 2048]----+
344 1 iku jam
|       . + .     |
345 1 iku jam
|        E + o    |
346 1 iku jam
|         + + o .o|
347 1 iku jam
|         .+ o =o.|
348 1 iku jam
|        S  + o +.|
349 1 iku jam
|         .  o   o|
350 1 iku jam
|        .  .     |
351 1 iku jam
|         .o      |
352 1 iku jam
|         .oo     |
353 1 iku jam
+-----------------+
354 5 iku jam
</pre>
355 1 iku jam
356 1 iku jam
* add mail1's public key to mail1's authorized keys 
357 1 iku jam
358 5 iku jam
<pre>
359 1 iku jam
 mail@mail1:/$ cp /var/mail/.ssh/id_rsa.pub /var/mail/.ssh/authorized_keys
360 5 iku jam
</pre>
361 1 iku jam
362 1 iku jam
* add mail1's public key to mail2's authorized keys 
363 1 iku jam
364 5 iku jam
<pre>
365 1 iku jam
 mail@mail2:/$ vi /var/mail/.ssh/authorized_keys
366 1 iku jam
 mail@mail2:/$ chmod 0600 /var/mail/.ssh/authorized_keys
367 5 iku jam
</pre>
368 1 iku jam
369 1 iku jam
* test connection
370 1 iku jam
371 5 iku jam
<pre>
372 1 iku jam
mail@mail1:/etc/courier$ ssh mail2.test
373 1 iku jam
The authenticity of host 'mail2.test (192.168.122.3)' can't be established.
374 1 iku jam
ECDSA key fingerprint is cb:a6:dd:64:03:ba:45:61:a3:b8:14:3a:05:89:ab:b3.
375 1 iku jam
Are you sure you want to continue connecting (yes/no)? yes
376 1 iku jam
Warning: Permanently added 'mail2.test,192.168.122.3' (ECDSA) to the list of known hosts.
377 1 iku jam
Linux mail2 3.1.0-1-amd64 #1 SMP Fri Dec 23 16:37:11 UTC 2011 x86_64
378 1 iku jam
379 1 iku jam
The programs included with the Debian GNU/Linux system are free software;
380 1 iku jam
the exact distribution terms for each program are described in the
381 1 iku jam
individual files in /usr/share/doc/*/copyright.
382 1 iku jam
383 1 iku jam
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
384 1 iku jam
permitted by applicable law.
385 1 iku jam
$ hostname
386 1 iku jam
mail2
387 1 iku jam
$ logout
388 1 iku jam
389 1 iku jam
390 5 iku jam
</pre>
391 5 iku jam
392 2 iku jam
h3. inotify/rsync
393 2 iku jam
394 1 iku jam
# gen ssh key for user @mail@ on mail1 & copy public key to mail2
395 1 iku jam
396 1 iku jam
* create sync script 
397 1 iku jam
398 5 iku jam
<pre>
399 1 iku jam
mail@mail1:/etc/courier$ vi ~/sync.sh
400 5 iku jam
</pre>
401 1 iku jam
402 1 iku jam
<pre>
403 1 iku jam
#!/bin/sh
404 2 iku jam
BASEDIR="$1"
405 1 iku jam
REMOTE_HOST="$2"
406 1 iku jam
RSYNC_OPTIONS="-rtlavz -e ssh --delete"
407 2 iku jam
408 1 iku jam
 
409 1 iku jam
# Initial sync
410 1 iku jam
rsync ${RSYNC_OPTIONS} ${BASEDIR}/ ${REMOTE_HOST}:${BASEDIR}
411 4 iku jam
 
412 1 iku jam
# Wait for events to trigger rsync
413 1 iku jam
inotifywait --format '%w' -e close_write -e move -e create -e delete -qmr $BASEDIR | while read EVENT_DIR
414 1 iku jam
do
415 1 iku jam
  # Fork off rsync proc to do sync
416 1 iku jam
rsync  ${RSYNC_OPTIONS} ${EVENT_DIR} ${REMOTE_HOST}:${EVENT_DIR} &
417 4 iku jam
done
418 1 iku jam
419 1 iku jam
</pre>
420 5 iku jam
421 5 iku jam
<pre>
422 1 iku jam
root@mail1:/etc/courier# mkdir /var/log/mail
423 2 iku jam
root@mail1:/etc/courier# chown mail:mail  /var/log/mail
424 1 iku jam
root@mail1:/etc/courier# vi   /etc/rc.local 
425 5 iku jam
</pre>
426 1 iku jam
427 5 iku jam
* ajout de la ligne : 
428 1 iku jam
429 5 iku jam
<pre>
430 1 iku jam
 su mail -l  -c " nohup sh ~/sync.sh /var/mail/ mail2.test  2>&1 >> /var/log/mail/sync.log &" 
431 5 iku jam
</pre>
432 1 iku jam
433 1 iku jam
434 1 iku jam
435 5 iku jam
<pre>
436 1 iku jam
root@mail1:/etc/courier# sh  /etc/rc.local 
437 1 iku jam
nohup: ignoring input and redirecting stderr to stdout
438 1 iku jam
root@mail1:/etc/courier# su mail
439 1 iku jam
mail@mail1:/etc/courier$ chmod 0700 ~/sync.sh
440 5 iku jam
</pre>
441 2 iku jam
442 1 iku jam
443 1 iku jam
444 2 iku jam
h3. postgresql PITR
445 1 iku jam
446 5 iku jam
* gen ssh key for user @postgres@ on mail1 & copy public key to mail2
447 2 iku jam
448 2 iku jam
http://www.postgresql.org/docs/8.4/static/continuous-archiving.html
449 2 iku jam
http://wiki.postgresql.org/wiki/Warm_Standby
450 2 iku jam
451 2 iku jam
* stop postresql on mail2.test
452 2 iku jam
* do a full sync of the database
453 1 iku jam
454 5 iku jam
<pre>
455 2 iku jam
# su postgres
456 2 iku jam
$ rsync -a /var/lib/postgresql/9.1/main/ postgres@mail2.test://var/lib/postgresql/9.1/main/
457 5 iku jam
</pre>
458 1 iku jam
459 2 iku jam
460 2 iku jam
on mail1 : 
461 2 iku jam
462 2 iku jam
archive_command = 'rsync -a /var/lib/postgresql/9.1/main/%p postgres@mail2.test://var/lib/postgresql/9.1/wal/pg_xlog/%f'
463 2 iku jam
464 2 iku jam
* restart postgresql
465 2 iku jam
466 2 iku jam
on mail2 : 
467 2 iku jam
468 5 iku jam
<pre>
469 2 iku jam
root@mail2:~# mkdir /var/lib/postgresql/9.1/wal
470 2 iku jam
root@mail2:~# chown postgres:postgres  /var/lib/postgresql/9.1/wal
471 2 iku jam
root@mail2:/var/lib/postgresql/9.1/main# vi recovery.conf
472 2 iku jam
restore_command = 'cp /var/lib/postgresql/9.1/wal/pg_xlog/%f "%p"'
473 5 iku jam
</pre>
474 1 iku jam
475 2 iku jam
* on first startup, 
476 1 iku jam
* recovery.conf will be renamed to recovery.done after recovery
477 2 iku jam
** rename recovery.done to recovery.conf and restart postgresql to sync with latest logs from master.
478 2 iku jam
479 2 iku jam
480 1 iku jam
h2. putting pieces together
481 1 iku jam
482 2 iku jam
* recover postfixadmin on mail1 password from  @/etc/postfixadmin/config.inc.php@ :
483 1 iku jam
484 1 iku jam
 $CONF['database_password'] = 'GENERATED PASSWORD';
485 1 iku jam
486 2 iku jam
* apply it to @/etc/postfixadmin/config.inc.php@ on mail2
487 1 iku jam
488 2 iku jam
* apply it to the different files (mail1 & mail2):
489 2 iku jam
490 5 iku jam
<pre>
491 5 iku jam
for i in /etc/postfix/pgsql/virtual_alias_maps.cf /etc/postfix/pgsql/virtual_domain_maps.cf /etc/postfix/pgsql/relay_domains.cf /etc/postfix/pgsql/virtual_mailbox_limits.cf /etc/postfix/pgsql/virtual_mailbox_maps.cf ; do   sed -i "s/PASSWORD/GENERATED PASSWORD/"  $i ;  done
492 1 iku jam
 vi  /etc/courier/authpgsqlrc
493 5 iku jam
</pre>
494 1 iku jam
495 1 iku jam
* restart courier authdaemon : 
496 1 iku jam
497 1 iku jam
 /etc/init.d/courier-authdaemon restart
498 1 iku jam
499 1 iku jam
* create account via postfixadmin 
500 1 iku jam
501 1 iku jam
** login to http://mail1.test/postfixadmin/login.php
502 1 iku jam
** add domain (Domain list -> new domain)
503 1 iku jam
*** domain name : "test"
504 1 iku jam
** add mailbox (Virtual list -> add mailbox)
505 1 iku jam
* verify domain & mailbox creation
506 1 iku jam
* send testmail in commandline on master (apt-get install bsd-mailx)
507 1 iku jam
* verify replication of maildir on mail2
508 1 iku jam
509 1 iku jam
* roundcube
510 1 iku jam
** connect on http://mail1.test/roundcube with test@test
511 1 iku jam
** send test mail to outside (may be rejected/filtered as spam since "test" emaildomain isn't valid, should work with a public MX DNS entry)
512 2 iku jam
513 1 iku jam
514 1 iku jam
h3. vacation/responder
515 2 iku jam
516 5 iku jam
<pre>
517 2 iku jam
root@mail1:~# apt-get install git-core  --no-install-recommends  
518 2 iku jam
root@mail1:~# cd /usr/share/roundcube/plugins/ && git clone https://github.com/bhuisgen/rc-vacation.git vacation
519 2 iku jam
520 2 iku jam
root@mail1:/usr/share/roundcube/plugins# mkdir /etc/roundcube/plugins/vacation
521 2 iku jam
root@mail1:/usr/share/roundcube/plugins# ln -s /usr/share/roundcube/plugins/vacation/config.inc.php /etc/roundcube/plugins/vacation/
522 2 iku jam
root@mail1:/usr/share/roundcube/plugins# cd vacation/
523 2 iku jam
root@mail1:/usr/share/roundcube/plugins/vacation# cp config.inc.php.dist config.inc.php
524 2 iku jam
root@mail1:/usr/share/roundcube/plugins/vacation# vi config.inc.php
525 2 iku jam
root@mail1:/usr/share/roundcube/plugins/vacation# ln -s /usr/share/roundcube/plugins/vacation/ /var/lib/roundcube/plugins/
526 5 iku jam
</pre>
527 2 iku jam
528 2 iku jam
* edit /etc/roundcube/main.inc.php
529 2 iku jam
530 2 iku jam
$rcmail_config['vacation_sql_dsn'] =
531 2 iku jam
        'pgsql://postfixadmin:PASSWORD@localhost/postfixadmin';
532 2 iku jam
533 2 iku jam
* test in roundcube settings, you should have a new tab "vacation/répondeur"
534 2 iku jam
535 2 iku jam
536 2 iku jam
h2. failover
537 2 iku jam
538 2 iku jam
* in case of a failover of mail1, mail2 should be available to receive mails and provide access to all the mails that were on mail1
539 2 iku jam
** when mail1 comes back up online, it needs to synchronize with mail2 before 
540 2 iku jam
* in case of a failover of mail2, mail1 should not be impacted
541 2 iku jam
542 1 iku jam
543 1 iku jam
h2. References
544 1 iku jam
545 1 iku jam
http://chiliproject.tetaneutral.net/projects/tetaneutral/wiki/Serveur_Mail_tetalab
546 1 iku jam
547 1 iku jam
http://www.kutukupret.com/2011/06/28/postfix-one-way-maildir-replication-backup-using-inotify-and-rsync/
548 2 iku jam
549 1 iku jam
http://www.postgresql.org/docs/9.1/interactive/continuous-archiving.html