Extract, paket tersebut.
Akan ada dua folder dalam paket tersebut.
copy semua isi folder bin ke C:\xampp\apache\bin
copy isi folder ext ke C:\xampp\php\ext
Edit file C:\xampp\php\php.ini lalu tambahkan text "extension=php_yaz.dll" pada bagian extension.
You will be asked two questions. Answer as follows:
General type of mail configuration: <-- Internet Site
System mail name: <-- server1.example.com
Then run
dpkg-reconfigure postfix
Again, you'll be asked some questions:
General type of mail configuration: <-- Internet Site
System mail name: <-- server1.example.com
Root and postmaster mail recipient: <-- [blank]
Other destinations to accept mail for (blank for none): <-- server1.example.com, localhost.example.com, localhost.localdomain, localhost
Force synchronous updates on mail queue? <-- No
Local networks: <-- 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
Use procmail for local delivery? <-- Yes
Mailbox size limit (bytes): <-- 0
Local address extension character: <-- +
Internet protocols to use: <-- all
The file /etc/postfix/main.cf should now look like this:
cat /etc/postfix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = server1.example.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = server1.example.com, localhost.example.com, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
Authentication will be done by saslauthd. We have to change a few things to make it work properly. Because Postfix runs chrooted in /var/spool/postfix we have to do the following:
mkdir -p /var/spool/postfix/var/run/saslauthd
Now we have to edit /etc/default/saslauthd in order to activate saslauthd. Set START to yes and change the line OPTIONS="-c -m /var/run/saslauthd" to OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r":
vi /etc/default/saslauthd
# Settings for saslauthd daemon
# Please read /usr/share/doc/sasl2-bin/README.Debian for details.
#
# Should saslauthd run automatically on startup? (default: no)
START=yes
# Description of this saslauthd instance. Recommended.
# (suggestion: SASL Authentication Daemon)
DESC="SASL Authentication Daemon"
# Short name of this saslauthd instance. Strongly recommended.
# (suggestion: saslauthd)
NAME="saslauthd"
# Which authentication mechanisms should saslauthd use? (default: pam)
#
# Available options in this Debian package:
# getpwent -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam -- use PAM
# rimap -- use a remote IMAP server
# shadow -- use the local shadow password file
# sasldb -- use the local sasldb database file
# ldap -- use LDAP (configuration is in /etc/saslauthd.conf)
#
# Only one option may be used at a time. See the saslauthd man page
# for more information.
#
# Example: MECHANISMS="pam"
MECHANISMS="pam"
# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.
MECH_OPTIONS=""
# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.
THREADS=5
# Other options (default: -c -m /var/run/saslauthd)
# Note: You MUST specify the -m option or saslauthd won't run!
#
# WARNING: DO NOT SPECIFY THE -d OPTION.
# The -d option will cause saslauthd to run in the foreground instead of as
# a daemon. This will PREVENT YOUR SYSTEM FROM BOOTING PROPERLY. If you wish
# to run saslauthd in debug mode, please run it by hand to be safe.
#
# See /usr/share/doc/sasl2-bin/README.Debian for Debian-specific information.
# See the saslauthd man page and the output of 'saslauthd -h' for general
# information about these options.
#
# Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
#OPTIONS="-c -m /var/run/saslauthd"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"
Next add the postfix user to the sasl group (this makes sure that Postfix has the permission to access saslauthd):
to return to the system's shell.
Run this to install Courier-IMAP/Courier-IMAP-SSL (for IMAPs on port 993) and Courier-POP3/Courier-POP3-SSL (for POP3s on port 995):
Create directories for web-based administration? <-- No
SSL certificate required <-- Ok
During the installation, the SSL certificates for IMAP-SSL and POP3-SSL are created with the hostname localhost. To change this to the correct hostname (server1.example.com in this tutorial), delete the certificates...
cd /etc/courier
rm -f /etc/courier/imapd.pem
rm -f /etc/courier/pop3d.pem
... and modify the following two files; replace CN=localhost with CN=server1.example.com (you can also modify the other values, if necessary):
vi /etc/courier/imapd.cnf
[...]
CN=server1.example.com
[...]
vi /etc/courier/pop3d.cnf
[...]
CN=server1.example.com
[...]
Then recreate the certificates...
mkimapdcert
mkpop3dcert
... and restart Courier-IMAP-SSL and Courier-POP3-SSL:
*Please note: You do not have to do this if you intend to use ISPConfig on your system as ISPConfig does the necessary configuration using procmail recipes. But please go sure to enable Maildir under Management -> Server -> Settings -> EMail in the ISPConfig web interface.
Perenacanaan:
Mail server menggunakan OS Ubuntu 11.04 Server
Menggunakan aplikasi postfix, dovecot, sasl authentication, smtp auth, tls, dan roundcube
Web Server menggunakan apache2 serta dukungan php5 dan mysql-server
Dns Server menggunakan bind9
Ip Address Server 192.168.1.1/24
Domain yang digunakan adalah erwin.com
Domain untuk mail server adalah mail.erwin.com
Sertifikat menggunakan default bawaan ubuntu (snake-oil)
Diasumsikan user yang digunakan untuk konfigurasi adalah "erwinheldy" dengan password "jaringan"
Saat proses instalasi ada beberapa konfigurasi yang harus diisi yaitu
mysql root password = password untuk user root
system mail name = nama sistem mail yang digunakan (erwin.com) yang nantinya digunakan untuk domain pada mail (user@erwin.com)
zone "erwin.com" {
type master;
file "/etc/bind/db.erwin.com";
};
zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/db.192";
};
Edit konfigurasi db.erwin.com
nano db.erwin.com
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA ns.erwin.com. root.erwin.com. (
3 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns.erwin.com.
@ IN A 192.168.1.1
@ IN AAAA ::1
ns IN A 192.168.1.1
IN MX 1 mail.erwin.com
mail IN A 192.168.1.1
www IN CNAME @
Edit konfigurasi db.192
nano db.192
;
; BIND reverse data file for local loopback interface
;
$TTL 604800
@ IN SOA ns.erwin.com. root.ns.erwin.com. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns.erwin.com.
1 IN PTR ns.erwin.com.
Restart bind9
invoke-rc.d bind9 restart
Edit konfigurasi resolv agar mengarahkan dns server ke ip 192.168.1.1
Ok
Internet Site
erwin.com
erwinheldy --> keterangan: salah satu username yang digunakan
OK
No
127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.1.0/24 --> keterangan: tambahkan network address
0
+
all
Ubah beberapa konfigurasi postfix di file main.cf
nano /etc/postfix/main.cf
Baris yang harus diubah antara lain
smtpd_sasl_path = private/dovecot-auth
menjadi
smtpd_sasl_path = private/auth-client
smtpd_tls_auth_only = yes
menjadi
smtpd_tls_auth_only = no
Edit konfigurasi dovecot
nano /etc/dovecot/dovecot.conf
Beberapa baris yang harus diubah antara lain
socket listen {
#master {
# Master socket provides access to userdb information. It's typically
# used to give Dovecot's local delivery agent access to userdb so it
# can find mailbox locations.
#path = /var/run/dovecot/auth-master
#mode = 0600
# Default user/group is the one who started dovecot-auth (root)
#user =
#group =
#}
client {
# The client socket is generally safe to export to everyone. Typical use
# is to export it to your SMTP server so it can do SMTP AUTH lookups
# using it.
path = /var/spool/postfix/private/auth-client
mode = 0660
user = postfix
group = postfix
}
}
mechanisms = plain
menjadi
mechanisms = plain login
Buat database untuk roundcube, dan berikan privileges untuk user (dicontohkan user:erwinheldy dengan paswd:jaringan)
create database roundcubemail;
grant all privileges on roundcubemail.* to erwinheldy@localhost identified by 'jaringan';
flush privileges;
exit
Import tabel sql ke database
mysql -u erwinheldy -p roundcubemail < roundcube/SQL/mysql.initial.sql
Edit konfigurasi apache
nano /etc/apache2/sites-available/default
Tambahkan baris berikut di paling bawah
<VirtualHost *:80>
ServerName mail.erwin.com
DocumentRoot /usr/share/roundcube
<Directory "/usr/share/roundcube/">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Order deny,allow
Allow from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</Virtualhost>
Aktifkan modul rewrite
a2enmod rewrite
Restart apache
invoke-rc.d apache2 restart
Akses web
http://mail.erwin.com/installer
Start Installation
Next
product_name = Erwin Webmail
database username = erwinheldy
database password = jaringan
default_host = erwin.com
smtp_user/smtp_pass = erwinheldy jaringan
checklist "Use the current IMAP username and password for SMTP authentication"
language = en_US
checklist "If preview pane is enabled"
Next>>
Edit file main.inc.php lalu copy paste script php yang ada di web sesuai dengan nama file-nya
nano main.inc.php
Edit juga file db.inc.php lalu copy paste script php yang ada di web sesuai dengan nama file-nya
nano db.inc.php
Klik CONTINUE
Instalasi Selesai, hapus folder installer pada roundcube
rm -rf /usr/share/roundcube/installer/
Masuk ke
http://mail.erwin.com
Jika berhasil, maka akan muncul tampilan login roundcube, login dengan username: erwinheldy password: jaringan
Tambahkan folder melalui Settings --> Folders, Klik tanda plus di pojok kiri bawah
Masukkan Folder Name sebagai berikut satu per satu
Drafts
Junk
Trash
Pengujian terakhir yaitu mengirim email ke akun sendiri yaitu ke erwinheldy@erwin.com dari roundcube
Periksa log untuk meyakinkan bahwa proses autentikasi dilakukan dengan secured
tail -f /var/log/mail.log
Feb 1 18:58:54 server dovecot: imap-login: Login: user=, method=PLAIN, rip=192.168.1.1, lip=192.168.1.1, secured
Feb 1 18:58:54 server dovecot: IMAP(erwinheldy): Disconnected: Logged out bytes=91/764
Periksa juga log untuk error log. Jika tidak ada respon maka konfigurasi tidak mengalami error
