RE: [SLE] IMAP HowTo (was re: POP Mail HOWTO?)
Sandy Drobic [mailto:suse-linux-e@japantest.homelinux.com]
Most of the time I start backwards, meaning I set up the imap server first, test the login to cyradm, create a few test mailboxes, set up the first user accounts and then try to authenticate to the imap server with a mail client.
That much, I seem to have... It asked for a password, then contentedly showed an empty Inbox.
If that works I send a mail manually with cyrdeliver and check if the mail is indeed visible on the imap server.
Will do.
Once that works I begin with Postfix, check the config if it's an open relay,
Remind me what setting(s) in main.cf need to be in what condition to avoid open relay. (I don't want to assume anything about defaults, nor to assume anything about my understanding of all the pages I've read.)
set up the right domain and host names and recipient maps, enable mailbox_transport for Cyrus and submit a mail to postfix, either by telnet or simply with mail.
Here's a place that I might be messing up, due to lack of understanding of what goes where. I know it's really simple, but when you've never had it actually work before, you can be doing something really 'obvious' and dumb without realizing. Obviously, I've got basic internet connection working, so I've put my ISP's primary and secondary server IPs in the right places... As for mail-related stuff, in particular: I'm kevinmcl-â-magma.ca (my ISP is magma.ca and I think I'm fooling harvest bots by writing my e-mail address that way... hah...). Their mail server (both incoming and outgoing) is "mail.magma.ca". I've filled those items in where it seemed appropriate in configuration, which was later, in fetchmailconf, but I'm summarizing here. On my own network, there is no DNS server. I'm using a LinkSys router that is 192.168.1.1. My PC-that-wants-to-be-mail-server is (say) 192.168.1.91 (static) and thinks of itself as hostname "junkbox". Anyplace that I've been prompted for an in-house "domain" or workgroup (such as when setting up Samba) I've said "OURHOUSE". One of the many things I'm not clear about is where (in all the various setups/configs) I'm allowed/supposed to use the bogus 'domain' "OURHOUSE", as opposed to some real domain. I also avoid configuring things like masquerading and any rewriting of addresses, since I'm not clear on what goes where and don't need to break something else while the utter basic stuff isn't working.
When that works I include amavisd-new for spam and virus checks. Only then do I publish the mx record, connect the server to the internet or use fetchmail to get the mails.
I'm guessing that with no in-house DNS, I don't worry about publishing MX record...? Or have I misunderstood? Outbound, I'll use the ISP's smart-host service until I've had the incoming path working for a while.
The last step is to configure the log and server monitoring. I think it is important, even if some may say it is overkill for small sites.
This is not done in a few hours. it is slow but steady work and ensures that every link in the mail chain works before I use it productively.
Never having had the simple chain working before, I don't even know how to recognize that one or another component is working separately. Or, I didn't until you described how to fire a testmail into Cyrus, and suggested working from Cyrus backwards. Suddenly a tiny part makes more sense.
This is of course only the basic setup without any tuning.
"Tuning" he says. TUNING! Hah! In my dreams. :-) Anyway, thanks a bunch. I'm printing out your message, and heading home for a couple of weeks of "vacation" - also known as anguish and frustration in front of the Linux box, interspersed with episodes of yard work and house maintenance. Woohoo. K The information contained in this electronic mail transmission may be privileged and confidential, and therefore, protected from disclosure. If you have received this communication in error, please notify us immediately by replying to this message and deleting it from your computer without copying or disclosing it. -- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
mlist@safenet-inc.com wrote:
Sandy Drobic [mailto:suse-linux-e@japantest.homelinux.com]
Most of the time I start backwards, meaning I set up the imap server first, test the login to cyradm, create a few test mailboxes, set up the first user accounts and then try to authenticate to the imap server with a mail client.
That much, I seem to have... It asked for a password, then contentedly showed an empty Inbox.
If that works an important part of your setup works. Have you tried to create a new folder in your mailclient? If you login to cyradm, can you list the mailboxes? When were successful in both tasks I would feel confident enough to say that Cyrus is running as desired.
If that works I send a mail manually with cyrdeliver and check if the mail is indeed visible on the imap server.
Will do.
create /tmp/testmail: Return-Path: <test@example.com> Date: Tue, 20 Jun 2006 15:40:20 +0200 From: test user <test@example.com To: test@example.com Subject: testmail for deliver Message-ID: <2006062013402serwer-dfsdf0.GA3046kkkkk@example.com> Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 8bit Hello, this is a testmail! -------------------- /usr/lib/cyrus/bin/deliver kevinmcl </tmp/testmail Unless you change the Message-ID, this will only work once. Cyrus is surpressing double mails. Does deliver report a failure or does the command execute without error message?
Once that works I begin with Postfix, check the config if it's an open relay,
Remind me what setting(s) in main.cf need to be in what condition to avoid open relay. (I don't want to assume anything about defaults, nor to assume anything about my understanding of all the pages I've read.)
It depends on your setup. Usually, Postfix in suse is not an open relay, but there were cases when the default configuration resulted in an open relay, when the server had an official ip and postfix listened on all network interfaces (not a suse default).
set up the right domain and host names and recipient maps, enable mailbox_transport for Cyrus and submit a mail to postfix, either by telnet or simply with mail.
Here's a place that I might be messing up, due to lack of understanding of what goes where. I know it's really simple, but when you've never had it actually work before, you can be doing something really 'obvious' and dumb without realizing.
Actually, it's not that simple at all. I spend some month to get comfortable with Postfix. Most of the time Yast creates a working configuration, when you use the MTA configuration assistent in yast. I don't use it, I configure everything manually in the config files, so I can't give you accurate advice on how to use yast to set up a mail system. Carefully wark through yast -> network services -> mail transfer agent. If that doesn't work I can only help with the output I requested.
Obviously, I've got basic internet connection working, so I've put my ISP's primary and secondary server IPs in the right places... As for mail-related stuff, in particular: I'm kevinmcl-â-magma.ca (my ISP is magma.ca and I think I'm fooling harvest bots by writing my e-mail address that way... hah...). Their mail server (both incoming and outgoing) is "mail.magma.ca". I've filled those items in where it seemed appropriate in configuration, which was later, in fetchmailconf, but I'm summarizing here.
First get the server to work locally without connection to the internet. Then set up the relay host for Postfix and send a testmail to an external server. Only after that try to use fetchmail.
On my own network, there is no DNS server. I'm using a LinkSys router that is 192.168.1.1. My PC-that-wants-to-be-mail-server is (say) 192.168.1.91 (static) and thinks of itself as hostname "junkbox".
the output of "postconf -n" will show if it is a working configuration or not.
Anyplace that I've been prompted for an in-house "domain" or workgroup (such as when setting up Samba) I've said "OURHOUSE".
Samba and DNS are completely different. You can't compare their setup.
One of the many things I'm not clear about is where (in all the various setups/configs) I'm allowed/supposed to use the bogus 'domain' "OURHOUSE", as opposed to some real domain.
What you are doing in your internal network is your decision. Once you send the mail to an official internt server you might face restrictions that will prevent you to send mail. Many servers are configured to reject mails that use a bogus sender address.
I also avoid configuring things like masquerading and any rewriting of addresses, since I'm not clear on what goes where and don't need to break something else while the utter basic stuff isn't working.
Then only use your official email address as sender address.
When that works I include amavisd-new for spam and virus checks. Only then do I publish the mx record, connect the server to the internet or use fetchmail to get the mails.
I'm guessing that with no in-house DNS, I don't worry about publishing MX record...? Or have I misunderstood?
In your case you don't have to bother with that.
Outbound, I'll use the ISP's smart-host service until I've had the incoming path working for a while.
People on dynamic IPs are encouraged to use the smarthost of their ISP for all outgoing mail. Only send directly when you know what your are doing.
The last step is to configure the log and server monitoring. I think it is important, even if some may say it is overkill for small sites.
This is not done in a few hours. it is slow but steady work and ensures that every link in the mail chain works before I use it productively.
Never having had the simple chain working before, I don't even know how to recognize that one or another component is working separately. Or, I didn't until you described how to fire a testmail into Cyrus, and suggested working from Cyrus backwards. Suddenly a tiny part makes more sense.
If you really want to understand how mailserver exactly work be prepared to learn for many many month. This does not mean you will need month to get a working configuration. It only means that it will take some month to understand exactly WHY the configuration is working. (^-^)
This is of course only the basic setup without any tuning.
"Tuning" he says. TUNING! Hah! In my dreams. :-)
Anyway, thanks a bunch. I'm printing out your message, and heading home for a couple of weeks of "vacation" - also known as anguish and frustration in front of the Linux box, interspersed with episodes of yard work and house maintenance. Woohoo.
Have fun! (^-^) Sandy -- List replies only please! Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com -- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
participants (2)
-
mlist@safenet-inc.com -
Sandy Drobic