Configuring an IMAP/POP Proxy with perdition and MySQL

Perdition is an IMAP/POP proxy written in C, and it offers map user connections to another mail servers where store the email inbox. The clients will connect to perdition server and this will distribute the connections to the corresponding server. In this scenario is configured one server mail.mydomain.com with ip 192.168.1.51 running postfix and perdition, this will accept the IMAP4/IMAP4S and POP3/POP3S connections and will redistribute to the mailboxes mbox1 and mbox2 with ip 192.168.0.16 and 192.168.0.17 with another internal network, this process is transparent for the end user and the mail clients will have the same configuration.

Image

 

Installing perdition

1.- Install perdition and other dependencies:










1


# yum install gcc make wget popt popt-static gettext perl mysql-server mysql-devel openssl openssl-devel postfix




- Install logging library:










1

2

3

4

5



vanessa_logger-0.0.10.tar.gz

# tar -xzvf vanessa_logger-0.0.10.tar.gz && cd vanessa_logger-0.0.10/

# ./configure

# make && make install




- Installing data type library:










1

2

3

4

5



vanessa_adt-0.0.9.tar.gz

# tar -xzvf vanessa_adt-0.0.9.tar.gz && cd vanessa_adt-0.0.9/

# ./configure

# make && make install




- Installing a socket tcp library:










1

2

3

4

5



vanessa_socket-0.0.12.tar.gz

# tar -xzvf vanessa_socket-0.0.12.tar.gz && cd vanessa_socket-0.0.12/

# ./configure

# make && make install




2.- Download perdition package:










1

2



1.18/perdition-1.18.tar.gz




3.- Exctract package and install:










1

2

3


# tar -xzvf perdition-1.18.tar.gz && cd perdition-1.18/

# ./configure --enable-static --prefix=/usr/local

# make && make install




4.- Add the path /usr/local/lib to the system library path:










1

2

3


# vi /etc/ld.so.conf.d/perdition.conf

/usr/local/lib

# ldconfig




5.- Configuring services:










1

2

3

4


# chkconfig --levels 235 postfix on

# chkconfig --levels 235 mysqld on

# service mysqld start

# service postfix start




6.- Setup a password for root user to mysql and running script preparation to mysql database:










1

2

3

4

5

6

7

8

9

10

11

12

13

14

15


# mysqladmin -u root password root

# /usr/local/sbin/perditiondb_mysql_makedb

Database server: localhost

Database name: dbPerdition

Database table: tblPerdition

Database user: perdition

Connections allowed from: localhost

Proceed (May destroy existing data in database) [y/n]? y

To insert rows into tblPerdition use the following once

logged into dbPerdition

insert into tblPerdition values ("user", "servername", "port");

where:

user: name of user. Up to 128 characters. May not be NULL.

servername: name of server for user. Up to 255 characters. May not be NULL.

port: port to connect to on server. May be NULL.




- Create another table for imap protocol connections:










1

2

3

4

5

6

7

8

9

10


# mysql -u root -p

mysql> CREATE TABLE 'tblPerditionImap4' (

mysql> 'user' varchar(128) NOT NULL,

mysql> 'servername' varchar(255) NOT NULL,

mysql> 'port' varchar(8) DEFAULT NULL,

mysql> PRIMARY KEY ('user'),

mysql> KEY 'idxtblPerdition_user' ('user')

mysql> ) ENGINE=MyISAM DEFAULT CHARSET=latin1;

mysql> INSERT INTO tblPerditionImap4 VALUES ('usu1','192.168.0.16','143'),('usu2','192.168.0.17','143');

mysql> INSERT INTO tblPerdition VALUES ('usu1','192.168.0.16','110'),('usu2','192.168.0.17','110');




7.- Create user and directories:










1

2

3

4


# mkdir -p /usr/local/var/run/perdition/

# groupadd perdition

# useradd -d /usr/local/var/run/perdition/ -s /bin/false -g perdition perdition

# chown perdition:perdition /usr/local/var/run/perdition/




8- Generate certificates:










1


# openssl req -new -x509 -nodes -out /usr/local/etc/perdition/perdition.crt.pem -keyout perdition.key.pem -days 365




9.- Edit /usr/local/etc/perdition/perdition.*.conf:










1


# vi /usr/local/etc/perdition/perdition.pop3.conf














1

2

3

4

5

6

7


listen_port 110

map_library /usr/local/lib/libperditiondb_mysql.so.0

map_library_opt "localhost:3306:dbPerdition:tblPerdition:perdition:perdition:

servername:user:port"

username perdition

username_from_database

pid_file /var/run/perdition.pop3/perdition.pop3.pid














1


# vi /usr/local/etc/perdition/perdition.imap4.conf














1

2

3

4

5

6

7


listen_port 143

map_library /usr/local/lib/libperditiondb_mysql.so.0

map_library_opt "localhost:3306:dbPerdition:tblPerditionImap4:perdition:perdition:

servername:user:port"

username perdition

username_from_database

pid_file /var/run/perdition.imap4/perdition.imap4.pid














1


# vi /usr/local/etc/perdition/perdition.pops.conf














1

2

3

4

5

6

7

8

9

10

11

12

13

14


listen_port 995

map_library /usr/local/lib/libperditiondb_mysql.so.0

map_library_opt "localhost:3306:dbPerdition:tblPerdition:perdition:perdition:

servername:user:port"

username perdition

username_from_database

pid_file /var/run/perdition.pop3s/perdition.pop3s.pid

ssl_mode ssl_listen

ssl_no_cn_verify

ssl_cert_file /usr/local/etc/perdition/perdition.crt.pem

ssl_cert_accept_self_signed

ssl_cert_accept_expired

ssl_cert_accept_not_yet_valid

ssl_key_file /usr/local/etc/perdition/perdition.key.pem














1


# vi /usr/local/etc/perdition/perdition.imaps.conf














1

2

3

4

5

6

7

8

9

10

11

12

13

14


listen_port 993

map_library /usr/local/lib/libperditiondb_mysql.so.0

map_library_opt "localhost:3306:dbPerdition:tblPerditionImap4:perdition:perdition:

servername:user:port"

username perdition

username_from_database

pid_file /var/run/perdition.imap4s/perdition.imap4s.pid

ssl_mode ssl_listen

ssl_no_cn_verify

ssl_cert_file /usr/local/etc/perdition/perdition.crt.pem

ssl_cert_accept_self_signed

ssl_cert_accept_expired

ssl_cert_accept_not_yet_valid

ssl_key_file /usr/local/etc/perdition/perdition.key.pem




10.- Edit /etc/sysconfig/perdition:










1


# vi /etc/sysconfig/perdition














1

2

3

4

5

6

7

8

9

10

11

12

13


#!/bin/sh

RUN_PERDITION="${RUN_PERDITION:=yes}"

FLAGS="${FLAGS:=}"

POP3="${POP3:=yes}"

POP3_FLAGS="${POP3_FLAGS:= -f /usr/local/etc/perdition/perdition.pop3.conf}"

POP3S="${POP3S:=yes}"

POP3S_FLAGS="${POP3S_FLAGS:= -f /usr/local/etc/perdition/perdition.pops.conf}"

IMAP4="${IMAP4:=yes}"

IMAP4_FLAGS="${IMAP4_FLAGS:= -f /usr/local/etc/perdition/perdition.imap4.conf}"

IMAP4S="${IMAP4S:=yes}"

IMAP4S_FLAGS="${IMAP4S_FLAGS:= -f /usr/local/etc/perdition/perdition.imaps.conf}"

MANAGESIEVE="${MANAGESIEVE:=no}"

MANAGESIEVE_FLAGS="${MANAGESIEVE_FLAGS:=}"














1


# chmod +x /etc/sysconfig/perdition




11.- Create init script:










1


# vi /etc/init.d/perdition














1


#!/bin/sh














1

2

3


PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/sbin

NAME=perdition

DAEMON=/usr/local/sbin/perdition














1


test -f $DAEMON || exit 0














1

2

3


if [ -e /etc/sysconfig/perdition ]; then

. /etc/sysconfig/perdition

fi














1

2


# Please do not edit the values below.

# Rather, please edit /etc/sysconfig/perdition














1

2

3


if [ "$RUN_PERDITION" != "yes" ]; then

exit 0

fi














1

2

3


case "$1" in

start)

if [ "$POP3" = "yes" ]; then














1

2

3

4

5

6

7


/usr/local/sbin/perdition.pop3 $POP3_FLAGS > /dev/null 2> /var/log/maillog

if [ ! -e /var/run/perdition.pop3/perdition.pop3.pid ]; then

echo "Unable to start POP3 Daemon (maybe another process is listening to the same port?)"

fi

if [ $? ] ; then

echo -e "perdition.pop3 startedn"

fi














1

2

3

4

5

6


fi

if [ "$POP3S" = "yes" ]; then

/usr/local/sbin/perdition.pop3s $POP3S_FLAGS

if [ ! -e /var/run/perdition.pop3s/perdition.pop3s.pid ]; then

echo "Unable to start POP3S Daemon (maybe another process is listening to the same port?)"

fi














1

2

3

4

5

6

7

8

9

10

11

12


if [ $? ] ; then

echo -e "perdition.pop3s startedn"

fi

fi

if [ "$IMAP4" = "yes" ]; then

/usr/local/sbin/perdition.imap4 $IMAP4_FLAGS

if [ ! -e /var/run/perdition.imap4/perdition.imap4.pid ]; then

echo "Unable to start IMAP4 Daemon (maybe another process is listening to the same port?)"

fi

if [ $? ] ; then

echo -e "perdition.imap4 startedn"

fi














1

2

3

4

5

6


fi

if [ "$IMAP4S" = "yes" ]; then

/usr/local/sbin/perdition.imap4s $IMAP4S_FLAGS

if [ ! -e /var/run/perdition.imaps/perdition.imaps.pid ]; then

echo "Unable to start IMAP4S Daemon (maybe another process is listening to the same port?)"

fi














1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55


if [ $? ] ; then

echo -e "perdition.imap4s startedn"

fi

fi

;;

stop)

if [ "$POP3" = "yes" ]; then

kill -9 `cat /var/run/perdition.pop3/perdition.pop3.pid`

if [ $? ] ; then

echo -e "perdition.pop3 stoppedn"

fi

fi

if [ "$POP3S" = "yes" ]; then

kill -9 `cat /var/run/perdition.pop3s/perdition.pop3s.pid`

if [ $? ] ; then

echo -e "perdition.pop3s stoppedn"

fi

fi

if [ "$IMAP4" = "yes" ]; then

kill -9 `cat /var/run/perdition.imap4/perdition.imap4.pid`

if [ $? ] ; then

echo -e "perdition.imap4 stoppedn"

fi

fi

if [ "$IMAP4S" = "yes" ]; then

kill -9 `cat /var/run/perdition.imap4s/perdition.imap4s.pid`

if [ $? ] ; then

echo -e "perdition.imap4s stoppedn"

fi

fi

;;

restart)

$0 stop

$0 start

;;

force-reload|reload)

echo "Reloading $NAME configuration files"

if [ "$POP3" = "yes" ]; then

kill -1 `cat /var/run/perdition.pop3/perdition.pop3.pid`

fi

if [ "$POP3S" = "yes" ]; then

kill -1 `cat /var/run/perdition.pop3s/perdition.pop3s.pid`

fi

if [ "$IMAP4" = "yes" ]; then

kill -1 `cat /var/run/perdition.imap4/perdition.imap4.pid`

fi

if [ "$IMAP4S" = "yes" ]; then

kill -1 `cat /var/run/perdition.imap4s/perdition.imap4s.pid`

fi

;;

*)

echo "Usage: /etc/init.d/$NAME {start|stop|restart|reload|force-reload}"

exit 1

;;

esac














1


exit 0














1

2

3


# chmod +x /etc/init.d/perdition

# chkconfig --levels 235 perdition on

# service perdition start




12.- Edit /etc/postfix/transports:










1


# vi /etc/postfix/transports














1

2


usu1@mydomain.com smtp:192.168.0.16

usu2@mydomain.com smtp:192.168.0.17














1

2


# postmap /etc/postfix/transports

# vi /etc/postfix/main.cf














1

2


hostname=smtp.mydomain.com

transport_maps=hash:/etc/postfix/transport














1


# service postfix restart




13.- Add iptables rules:










1


# vi /etc/sysconfig/iptables














1

2

3

4

5


-A INPUT -m tcp -p tcp --dport 995 -j ACCEPT

-A INPUT -m tcp -p tcp --dport 25 -j ACCEPT

-A INPUT -m tcp -p tcp --dport 993 -j ACCEPT

-A INPUT -m tcp -p tcp --dport 110 -j ACCEPT

-A INPUT -m tcp -p tcp --dport 143 -j ACCEPT














1


# service iptables restart




Installing server mailboxes

1.- Installing dovecot and postfix:










1


# yum install dovecot postfix




2.- Edit /etc/postfix/main.cf:










1

2

3

4

5


# vi /etc/postfix/main.cf

myhostname=mbox1.mydomain.com

mydestination=mydomain.com

inet_interfaces=localhost, 192.168.0.17

home_mailbox = Maildir/




3.- Edit Dovecot configuration:










1

2


# vi /etc/dovecot/conf.d/10-auth.conf

disable_plaintext_auth = no














1

2

3

4

5

6

7

8

9

10


# vi /etc/dovecot/conf.d/10-master.conf

service pop3-login {

inet_listener pop3 {

port = 110

}

inet_listener pop3s {

#port = 995

#ssl = yes

}

}














1

2

3

4

5

6

7

8


service imap-login {

inet_listener imap {

port = 143

}

inet_listener imaps {

#port = 993

#ssl = yes

}














1

2


# vi /etc/dovecot/conf.d/10-mail.conf

mail_location = maildir:~/Maildir




4.- Restart services:










1

2

3

4


# service postfix restart

# service dovecot restart

# chkconfig --levels 235 postfix on

# chkconfig --levels 235 dovecot on




5.- Add iptables rules:










1

2

3

4


# vi /etc/sysconfig/iptables

-A INPUT -m tcp -p tcp --dport 25 -j ACCEPT

-A INPUT -m tcp -p tcp --dport 110 -j ACCEPT

-A INPUT -m tcp -p tcp --dport 143 -j ACCEPT














1


# service iptables restart




Final testing

Image

official web page of perdition project:

http://horms.net/projects/perdition/

Nhận xét

Đăng nhận xét

Bài đăng phổ biến từ blog này

CLEANING UP THE ZABBIX DATABASE

My Zabbix database size increased a lot in the last few months and since my disk was running out space, I decided to clean up the old events from the database. Looking at the database tables, the biggest one was  history_uint , which holds the items history data – over 400 millions of records and over 30 Gb of disk space before the clean up. Since deleting the old records from this table directly would be a very slow process, I decided to create a new table and insert the latest records from the  history_uint  table and then just replace the old table with a new one. Since this is not an offical procedure, use it at your own risk. Environment: Zabbix v2.2 MySql 5.1 – InnoDB with  innodb_file_per_table=ON Step 1 – Stop the Zabbix server Step 2 – Open your favourite MySQL client and create a new table CREATE TABLE  history_uint_new  LIKE  history_uint; Step 3 – Insert the latest records from the  history_uint  table to the...
Đọc thêm

Configuring DHCP Relay service on the FortiGate unit

Configuring DHCP Relay service on the FortiGate unit If the clients are configured to obtain a IP address using DHCP relay, configure the FortiGate server as below: To configure DHCP relay on the FortiGate unit   1. Go to System > Network > Interfaces and select Interface want to configure DHCP relay.   2. Enable DHCP Server in the interface and choose Advanced   3. For Mode, select Relay.   4. In Type select Regular.   5. Select OK.   6. If a router is installed between the FortiGate unit and the DHCP server, define a static route to the DHCP server. Note : Sometimes it is required to specify more than one DHCP relay IP, to allow for the coverage of additional LAN subnets. Although the Web Based Manager (GUI) does not provide an option to configure this, it is possible to set up to 8 IPs from the CLI.       config system interface             edit <REQUIRED_INTERFACE_HERE>   ...
Đọc thêm

[Resolved] Amazon EC2 Redhat 7 using 6GB for the root space

Hình ảnh
I create new server with 10GB of HDD, but when i check on the command line, the root space only show 6GB. I'm using t2.micto and Redhat 7.0, disk type: XFS. - xvda1: boot partition - xvda2: root partition Fix Step: We have instance A with the volume VA. 1) Stop the current instace A 2) Snapshot the current volume VA of the instance A 3) Start the instance A 4) Create new volume with 25GB by using the snapshot of volume VA then we have new volume VB 5) Attach the new volume VB to the instance A as default (/dev/sdf) 6) From the ssh console, i use the lsblk command to list the disk. # lsblk 7) Using the xfs_repair to repair the /dev/xvdf2 ( yum install xfsprogs) # xfs_repair /dev/xvdf2 8) Continue as the image below 9) Remove the /dev/xvdf2, remember the start of this disk then we will create the new one with the same. 10) Using XFS command to repair the /dev/xvdf2 again. # xfs_repair /dev/xvdf2 11) Use the lsblk co...
Đọc thêm