#portsnap fetch extract #cd /usr/ports/ports-mgmt/portmaster #make install clean #cd / -- we need to install mariadb first, else either dovecot or postfix will install the mysql client instead of mariadb #postmaster database/mariadb102-server -- do the usual setup and finis mariadb installation #portmaster mail/dovecot2 -- make sure you select MYSQL and VPOPMAIL #portmaster mail/dovecot2-pigeonhole -- make sure the MANAGESIEVE option is selected here #portmaster mail/postfix -- again, make sure you select MYSQL support. Also, select TLS, anything else is not needed.
-- we install wget to fetch those tar files.. #portmaster ftp/wget #adduser -- add a user called vmail with group vmail, and make sure these have UID and GID 1003! -- if these are not available, write down the UID and GID, obtainable from /etc/passwd and /etc/groups. We will need them later. #mkdir -p /datastore/mailstore #chown -R vmail:vmail /datastore/mailstore #cd /usr/local/etc #mkdir certificates #wget http://www.tec4u.nl/emailserver/dovecot.tar.gz #tar -xzvf dovecot.tar.gz #wget http://www.tec4u.nl/emailserver/postfix.tar.gz #tar -xzvf postfix.tar.gz -- set up the entire database with one SQL file. Reminder: if you already have this, all data will be killed! #wget http://www.tec4u.nl/emailserver/database.sql #mysql -p < database.sql -- login with the information from the mariadb setup
#nano /usr/local/etc/postfix/main.cf -- change the following lines and enter YOUR domain: myhostname = mail.domain.tld smtp_helo_name = mail.domain.tld -- change the line: mydomain = mydomain.local -- mydomain can be anything, but make sure it ends on .local! -- if your vmail uid and gid isn't 1003, change the lines to the correct value: virtual_uid_maps = static:1003 virtual_gid_maps = static:1003 -- the current configuration allows for an email to be 50MB maximum. If you want to change this, change the line containing: message_size_limit = 50000000 -- the current configuration allows for a maximum of 20 email recipients in any email. To change this, change the line: smtpd_recipient_limit = 20
#nano /usr/local/etc/postfix/ -- change the following lines and enter YOUR domain: myhostname = mail.domain.tld smtp_helo_name = mail.domain.tld -- change the line: mydomain = mydomain.local -- mydomain can be anything, but make sure it ends on .local! -- if your vmail uid and gid isn't 1002, change the lines to the correct value: virtual_uid_maps = static:1002 virtual_gid_maps = static:1002 -- the current configuration allows for an email to be 50MB maximum. If you want to change this, change the line containing: message_size_limit = 50000000 -- the current configuration allows for a maximum of 20 email recipients in any email. To change this, change the line: smtpd_recipient_limit = 20
#nano /usr/local/etc/dovecot/dovecot.conf -- look for these lines and change 1003 to the correct uid and gid: mail_uid = 1003 mail_gid = 1003 first_valid_uid = 1003 first_valid_gid = 1003 -- change the line and fill in your own email address: postmaster_address = postmaster@domain.tld -- the quota amount is dictated by the quotadict. This is done by an sql query. if that fails, the standard quota is enforced which is set to 1GB plus a maximum of 100MB for the trash. -- any spam folder is ignored in quota calculations. -- to change this, change the lines: quota_rule = *:storage=1G quota_rule2 = Trash:storage=+100M quota_rule3 = Spam:ignore -- in the current configuration the user will get 2 quota warnings: at 80% and 95% and 1 critical warning at 100%. Also, they will receive a critical message if the mailbox is over 100% -- to change this, change the lines: quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u quota_warning3 = storage=100%% quota-critical %u quota_warning4 = -storage=100%% quota-warning below %u
#nano /usr/local/etc/dovecot/quota-warning.sh -- edit the file and change the sender email address. Make any changes you like, even html email is possible. Store it after you are done #nano /usr/local/etc/dovecot/quota-critical.sh -- edit the file and change the sender email address. Make any changes you like, even html email is possible. Store it after you are done
#cd /usr/local/etc/certificates/ -- enter the following commands, make sure you enter the correct infomation! -- especially the YOUR name, which should be your full server name as is found in DNS. #openssl genrsa -des3 -out postfix.key.pass #openssl req -new -key postfix.key.pass -out postfix.csr #openssl x509 -req -days 3650 -in postfix.csr -signkey postfix.key.pass -out postfix.crt #openssl rsa -in postfix.key.pass -out postfix.key.nopass #mv postfix.key.nopass postfix.key #openssl req -new -x509 -extensions v3_ca -keyout postfix.cakey.pem -out postfix.cacert.pem -days 3650
#cd /usr/local/etc/certificates/ -- enter the following commands, make sure you enter the correct infomation! -- especially the YOUR name, which should be your full server name as is found in DNS. openssl req -new -x509 -nodes -keyout dovecot.key -out dovecot.crt -days 365 openssl x509 -subject -fingerprint -noout -in dovecot.crt
#portmaster www/apache24 -- just use the standard config -- perl itself was installed with the postfix and dovecot install, so no need to re-install. -- we do need some modules though.. #cpan DBD-mysql #cpan CGI #cpan File::Copy #cpan Data::Dumper #cpan Encode #cpan HTML::Entities -- we create a folder for the document root #mkdir -p /www/hostconfig #mkdir -p /www/sites/myhost/htdocs #mkdir -p /www/sites/myhost/logs #chown -R www:www /www/sites/myhost #cd /www/sites/myhost/htdocs #wget http://www.tec4u.nl/emailserver/manager.tar.gz #tar -xzvf manager.tar.gz #mv manager/htaccess manager/.htaccess #touch index.html
#nano /usr/local/etc/apache24/httpd.conf -- enable the modules: ssl_module, rewrite_module -- add as the last line in this file: Include /www/hostconfig/*.active -- save and close the file #nano /www/hostconfig/default.active -- enter the following in this file. Please note: it is a basic configuration! -- you might change Options and AllowOverride to something else than All, but this will work. -- change any domain.tld entries in your domain or ip address <VirtualHost *> Servername domain.tld Redirect permanent / https://domain.tld/ </VirtualHost> <VirtualHost *:443> ServerName domain.tld DocumentRoot /www/sites/myhost/htdocs Errorlog /www/myhost/logs/error.log CustomLog /www/myhost/logs/transfer.log combined </VirtualHost> <Directory "/www/sites/myhost/htdocs"> AllowOverride All Options All Order allow,deny Allow from all require all granted </Directory> -- save it and close it -- start apache: #service apache start -- or #apachectl start
#ipfw add 1000 allow tcp from any to any 25,110,143,587,993,995