You may also be interested in looking at web-cyradm, which is a php Cyrus-Imapd administration utility. Here's the instructions: http://www.tldp.org/HOWTO/Postfix-Cyrus-Web-cyradm-HOWTO/ Also, here's a HOWTO I wrote for FC3, since the HOWTO above is for deb. It is intended to be used together with the HOWTO above and tells you how to do it on FC3. Step 0: Create an RPM of postfix with MYSQL support 0.1: Download the postfix source rpm (like "postfix-2.1.5-2.2.src.rpm", but version number will vary). 0.2: $ rpm -ivh postfix-2.1.5-2.2.src.rpm 0.3: $ cd /usr/src/redhat/SPECS 0.4: Edit the file postfix.spec Change the line: %define MYSQL 0 To: %define MYSQL 1 0.5 $ cd ../ 0.6 $ rpmbuild -ba SPEC/postfix.spec (get coffee, read theonion.com, etc...) 0.7 $ cd RPMS/i386 0.8 Install the RPMs $ rpm -Uvh postfix-2.1.5-2.2.i386.rpm --replacefiles $ rpm -Uvh postfix-debuginfo-2.1.5-2.2.i386.rpm --replacefiles $ rpm -Uvh postfix-pflogsumm-2.1.5-2.2.i386.rpm --replacefiles 1. Getting and Installing the Software cyrus-imapd is included with Fedora Core 3, but you may have to manually install the following packages: cyrus-sasl cyrus-sasl-plain cyrus-sasl-md5 cyrus-sasl-gssapi cyrus-imapd-utils cyrus-sasl-devel cyrus-imapd-devel perl-Cyrus pam_mysql (Note that perl-Cyrus gives you the cyradm command line tool used in the HOWTO) Most of these rpms are available on the Internet. Try rpm.pbone.net to search for them. Make sure you install them all. The versions of the cyrus-imapd packages should match each other. Also, the versions of the cyrus-sasl packages should match each other. cyrus-sasl version and cyrus-imap version will not be the same, this is OK. 2. Where to Install the web-cyradm stuff As for the web-cyradm package itself, remember the apache html root on redhat/fedora systems is /var/www/html, so place it inside there. I use /var/www/html/web-cyradm/ 3. Make sure that your CRYPT settings are consistent! Choose one type of password encryption and use it everywhere. I prefer "encrypt" because it is portable. This is option 1. You must select it in the following places: /etc/pam.d/imap (TWO LOCATIONS crypt=1): auth sufficient pam_mysql.so user=mail passwd=secret host=localhost db=mail table=accountuser usercolumn=username passwdcolumn=password crypt=1 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time account required pam_mysql.so user=mail passwd=secret host=localhost db=mail table=accountuser usercolumn=username passwdcolumn=password crypt=1 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time (web-cyradm directory)/config/conf.php (around line 61) $CRYPT="crypt" If you manually insert users into mysql, remember to use the encrypt() function if you are using "crypt", or shadow encryption. Here's a handy chart: conf.php pam.d/imap mysql plain plain 0 crypt/shadow crypt 1 encrypt() mysql mysql 2 password() md5 md5 3 md5() 4. Note on editing /etc/pam.d/imap The Redhat rpm install for cyrus-imapd adds two lines to /etc/pam.d/imap which you must either comment or remove before adding the lines from the web-cyradm HOWTO. Basically, when you open /etc/pam.d/imap, comment out or delete any lines that are already there. 5. Passwords!!! Several config files contain the mysql database user and login. The HOWTO example uses default values username=mail, password=secret. If you changed either (and you should change the password) make sure you edit the config files to put the actual password in there. Files are: /etc/postfix/mysql-virtual.cf /etc/postfix/mysql-canonical.cf /etc/postfix/mysql-mydestination.cf (web-cyradm directory)/config/conf.php 6. Note that the /etc/init.d/cyrus-imapd startup script DOES NOT START SASLAUTH2!!! If you are unable to authenticate the cyrus user with: $ cyradm --user cyrus --server localhost --auth plain Password: IMAP Password: Login failed: generic failure at /usr/lib/perl5/site_perl/5.8.5/i386- linux-thread-multi/Cyrus/IMAP/Admin.pm line 118 cyradm: cannot authenticate to server with plain as cyrus It could be because saslauthd is not running. Type $ ps aux | grep saslauthd to see if it is running. If not, start it (see below). 7. WARNING!!! THE STARTUP SCRIPT /etc/init.d/saslauthd DOES NOT START SASLAUTHD WITH THE PROPER OPTIONS FOR USE WITH WEB-CYRADM!!! YOU MUST EDIT THE STARTUP OPTIONS (see below). (This one took me hours to figure out). If you use "/etc/init.d/saslauthd start" to startup saslauthd, you will get a very weird situation. In this case, you CAN authenticate the cyrus user, but you cannot authenticate any regular mailbox users. $ cyradm --user cyrus --server localhost --auth plain Password: IMAP Password: localhost> You're IN!! $ cyradm --user mail0001 --server localhost --auth plain Password: IMAP Password: Login failed: authentication failure at /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread- multi/Cyrus/IMAP/Admin.pm line 118 cyradm: cannot authenticate to server with plain as mail0001 This was a real head-banger. The problem is that redhat starts saslauthd with shadow authentication mechanism by defualt. However, we need pam authentication. To change this, edit the file: /etc/sysconfig/saslauthd Where it says: MECH=shadow Change it to: MECH=pam Save, close and (re)start saslauthd. You can now use the built-in "/etc/init.d/saslauthd start" script to start this service. 8. Make sure all required processes are running: $ /etc/init.d/httpd start $ /etc/init.d/mysqld start $ /etc/init.d/cyrus-imapd start $ postfix start $ /etc/init.d/saslauthd start Well, that's how I got it to work! Let me know if there are any errors/omissions... -m
