outsource from india chennai india programmers freelance php coder freelance outsource scripts programming complicated perl patterns php module installation
outsource from india perl installation and configuration php installation linux system administration US$15,US$19,US$11,US$10 cheap programmer
india outsource outsource india chennai india programmers php perl mysql freelance freelance programmer
SHOWCASE of php and perl scripts CONTACT US for php custom perl scripts
HOME
 
Postfix-Cyrus-Web-cyradm-HOWTO
PrevNext

2. Technologies

2.1. The Postfix MTA

 

Postfix attempts to be fast, easy to administer, and secure, while at the same time being sendmail compatible enough to not upset existing users. Thus, the outside has a sendmail-ish flavor, but the inside is completely different.

 
--www.postfix.org 

Figure 1. Postfix - the big picture

Doesn't it look impressive? - It looks much more complicated as it is. Postfix is indeed nice to configure and handle.

Unlike sendmail, postfix is not one monolithic program, it is a compilation of small programs, each of it has a specialized function. At this place I don't what to go into details with program does what. If you are interested how Postfix is working, please see the documentation at http://www.postfix.org/docs.html

In this document you will find the information needed to get the system running.

2.2. Cyrus IMAP

The Cyrus IMAP is developed and maintained by Carnegie Mellon University.

Unlike the WU-IMAPd Cyrus is using its own method to store the users mail. The data is stored in a own method. Each message is stored in its own file. The benefit of separate file is also the reliability, on filesystem errors, only one message is lost. Metadata like statuts of a message (seen etc) is stored in a database. Additionally the messages are indexed. This makes Cyrus very performant. Especially with lots of users and/or lot of big emails, there is nothing else fast as the Cyrus IMAP-server.

Another very important feature is, you don't need a local Un*x user for each account. All users are authenticated by the IMAP-Server. This makes it a great solution for really huge base of users.

User administration is done by special IMAP-commands. This allows you to either use the commandline interface, or use one of the available Webinterfaces. This Method is much more secure than a Webinterface to /etc/passwd.

Starting from Cyrus 2.1, the SASL-lib version 2 is used for authentication. For the setup described in this HOWTO, there is a tree-layer authentication implemented. Cyrus authenticates with saslauthdaemon which forwards the request to pam_mysql which finally looks up the MySQL-table.

Since CMU changed the license policy for Cyrus, this software is going to be used by much more users.

2.3. Cyrus SASL

SASL means »Simple Authentication and Security Layer«. It is standardized by the IETF (Internet Engineering Taskforce). SASL is used by network servers (Here for Cyrus-IMAP) to handle authentication requests from clients.

Cyrus SASL is a extensive software, and sometimes not easy to understand. Even I just have a minimum knowledge needed to write this HOWTO.

2.4. OpenSSL

OpenSSL is a library needed by SASL for encrytion of the data-stream. It is used by by almost all opensource software which needs encryption methods. Most or all distributions comes with a preinstalled OpenSSL. Be sure to install also the appropriate devel-package. If you like, you also can compile OpenSSL by your self. This is especially recommended, if you need to fix a security hole.

2.5. MySQL Database

MySQL is a very fast, powerful and very nice to handle Database.

Since Cyrus can authenticate its users with pam, you can use pam_mysql as a connector to the userdatebase stored in MySQL. This allows you to create a nice Webinterface for your users for changing passwords, define and delete aliases and more.

2.6. pam_mysql

pam means "Pluggable Authentication module" and was originally proposed by some people at Sun. In meantime a lot of modules have been developed. One of them is an interface to MySQL

With pam_mysql you store the users password in a mysql database. Further, Postfix is able to lookup aliases from a MySQL-table. At the end of the day, you have a base for all administrative tasks to be done by the postmaster.

You will be able to delegate some tasks to Powerusers, e.g. creating accounts for a particular domain. Changing passwords and creating new aliases can be delegated to the user. At the end of the day you as a Sysadmin have the time to do some more productive tasks, or write a HOWTO for the Linux Documentation Project.

2.7. Web-cyradm Webinterface

Figure 2. Web-cyradm Domain administration

Web-cyradm is the webinterface that allows you to perform the administrative tasks to your mailsystem. This screenshot shows the domain administration part of Web-cyradm.

Web-cyradm is written in PHP, the most sophisticated html-preprocessor language. If you don't have a webserver with php installed, I would like to refer to my Apache-Compile-HOWTO. This document describes how to set up Apache with PHP and other modules

Web-cyradm is under active development from people around the globe. The list of features grows with each release. If you like to contribute to web-cyradm, or you have a nice idea, feel free to contact the mailinglist on http://www.web-cyradm.org

Here a choice of features:

  • Administration of multiple virtual domains

  • Setting of quotas

  • Automatically create username, either with a defined prefix, or the domainname as postfix

  • Delegate tasks like creating new users to »Domain Masters«

  • Map user-accounts to emailadresses

  • Forwarding of accounts or single aliases

  • Vacation function for single aliases

  • Support for SMTP Transport Tables

  • Support for MySQL and PostgreSQL

  • i18n (internationalization) support (including different charsets)

  • Translated into 14 Languages and growing

Web-cyradm has support for different roles of its users. If you plan to use is as a frontend for your powerusers, please notice, that security may be a problem, the role based stuff needs a security review.

PrevHomeNext
Introduction Getting and installing the software

Linux HOWTO full list
   This document, LDP HOWTO-INDEX, is copyrighted (c) 1995 - 2002 by Tim Bynum, Guylhem Aznar, Joshua Drake and Greg Ferguson. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts, and with no Back-Cover Texts. A copy of the license is available at http://www.gnu.org/copyleft/fdl.html. If you have questions, please contact the LDP.
Web Design Copyright © 1999-2003. Chrisranjana Software Solutions Pvt Ltd. syndicate rss feed