2 Instalasi Yaz Extension untuk PHP di XAMPP

Download paket yang dibutuhkan di sini

Extract, paket tersebut.
Akan ada dua folder dalam paket tersebut.
copy semua isi folder bin ke C:\xampp\apache\bin
copy isi folder ext ke C:\xampp\php\ext

Edit file C:\xampp\php\php.ini lalu tambahkan text "extension=php_yaz.dll" pada bagian extension.

Restart service apache.

1 Install Postfix (SMTP-AUTH and TLS) Courier-IMAPCourier-IMAP-SSL (for IMAPs on port 993) and Courier-POP3Courier-POP3-SSL (for POP3s on port 995)

In order to install Postfix with SMTP-AUTH and TLS do the following steps:
aptitude install postfix libsasl2-2 sasl2-bin libsasl2-modules procmail

You will be asked two questions. Answer as follows:
General type of mail configuration: <-- Internet Site
System mail name: <-- server1.example.com

Then run
dpkg-reconfigure postfix

Again, you'll be asked some questions:
General type of mail configuration: <-- Internet Site
System mail name: <-- server1.example.com
Root and postmaster mail recipient: <-- [blank]
Other destinations to accept mail for (blank for none): <-- server1.example.com, localhost.example.com, localhost.localdomain, localhost
Force synchronous updates on mail queue? <-- No
Local networks: <-- [::ffff:]/104 [::1]/128
Use procmail for local delivery? <-- Yes
Mailbox size limit (bytes): <-- 0
Local address extension character: <-- +
Internet protocols to use: <-- all

Next, do this:
postconf -e 'smtpd_sasl_local_domain ='
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_sasl_authenticated_header = yes'
postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
postconf -e 'inet_interfaces = all'
echo 'pwcheck_method: saslauthd' >> /etc/postfix/sasl/smtpd.conf
echo 'mech_list: plain login' >> /etc/postfix/sasl/smtpd.conf

Afterwards we create the certificates for TLS:
mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024

chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr

openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt

openssl rsa -in smtpd.key -out smtpd.key.unencrypted

mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

Next we configure Postfix for TLS (make sure that you use the correct hostname for myhostname):
postconf -e 'myhostname = server1.example.com'

postconf -e 'smtpd_tls_auth_only = no'
postconf -e 'smtp_use_tls = yes'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtp_tls_note_starttls_offer = yes'
postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'
postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
postconf -e 'smtpd_tls_loglevel = 1'
postconf -e 'smtpd_tls_received_header = yes'
postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
postconf -e 'tls_random_source = dev:/dev/urandom'

The file /etc/postfix/main.cf should now look like this:
cat /etc/postfix/main.cf

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = server1.example.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = server1.example.com, localhost.example.com, localhost.localdomain, localhost
relayhost =
mynetworks = [::ffff:]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

Authentication will be done by saslauthd. We have to change a few things to make it work properly. Because Postfix runs chrooted in /var/spool/postfix we have to do the following:
mkdir -p /var/spool/postfix/var/run/saslauthd

Now we have to edit /etc/default/saslauthd in order to activate saslauthd. Set START to yes and change the line OPTIONS="-c -m /var/run/saslauthd" to OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r":
vi /etc/default/saslauthd

# Settings for saslauthd daemon
# Please read /usr/share/doc/sasl2-bin/README.Debian for details.

# Should saslauthd run automatically on startup? (default: no)

# Description of this saslauthd instance. Recommended.
# (suggestion: SASL Authentication Daemon)
DESC="SASL Authentication Daemon"

# Short name of this saslauthd instance. Strongly recommended.
# (suggestion: saslauthd)

# Which authentication mechanisms should saslauthd use? (default: pam)
# Available options in this Debian package:
# getpwent  -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam       -- use PAM
# rimap     -- use a remote IMAP server
# shadow    -- use the local shadow password file
# sasldb    -- use the local sasldb database file
# ldap      -- use LDAP (configuration is in /etc/saslauthd.conf)
# Only one option may be used at a time. See the saslauthd man page
# for more information.
# Example: MECHANISMS="pam"

# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.

# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.

# Other options (default: -c -m /var/run/saslauthd)
# Note: You MUST specify the -m option or saslauthd won't run!
# The -d option will cause saslauthd to run in the foreground instead of as
# a daemon. This will PREVENT YOUR SYSTEM FROM BOOTING PROPERLY. If you wish
# to run saslauthd in debug mode, please run it by hand to be safe.
# See /usr/share/doc/sasl2-bin/README.Debian for Debian-specific information.
# See the saslauthd man page and the output of 'saslauthd -h' for general
# information about these options.
# Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
#OPTIONS="-c -m /var/run/saslauthd"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"

Next add the postfix user to the sasl group (this makes sure that Postfix has the permission to access saslauthd):
adduser postfix sasl

Now restart Postfix and start saslauthd:
/etc/init.d/postfix restart
/etc/init.d/saslauthd start

To see if SMTP-AUTH and TLS work properly now run the following command:
telnet localhost 25

After you have established the connection to your Postfix mail server type
ehlo localhost

If you see the lines


everything is fine. The output on my system looks like this:
root@server1:/etc/postfix/ssl# telnet localhost 25
Trying ::1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 server1.example.com ESMTP Postfix (Ubuntu)
ehlo localhost
250-SIZE 10240000
250 DSN
221 2.0.0 Bye
Connection closed by foreign host.


to return to the system's shell. Run this to install Courier-IMAP/Courier-IMAP-SSL (for IMAPs on port 993) and Courier-POP3/Courier-POP3-SSL (for POP3s on port 995):
aptitude install courier-authdaemon courier-base courier-imap courier-imap-ssl courier-pop courier-pop-ssl courier-ssl gamin libgamin0 libglib2.0-0

You will be asked two questions:
Create directories for web-based administration? <-- No
SSL certificate required <-- Ok

During the installation, the SSL certificates for IMAP-SSL and POP3-SSL are created with the hostname localhost. To change this to the correct hostname (server1.example.com in this tutorial), delete the certificates...
cd /etc/courier
rm -f /etc/courier/imapd.pem
rm -f /etc/courier/pop3d.pem

... and modify the following two files; replace CN=localhost with CN=server1.example.com (you can also modify the other values, if necessary):
vi /etc/courier/imapd.cnf


vi /etc/courier/pop3d.cnf


Then recreate the certificates...

... and restart Courier-IMAP-SSL and Courier-POP3-SSL:
/etc/init.d/courier-imap-ssl restart
/etc/init.d/courier-pop-ssl restart

If you do not want to use ISPConfig, configure Postfix to deliver emails to a user's Maildir*:
postconf -e 'home_mailbox = Maildir/'
postconf -e 'mailbox_command ='
/etc/init.d/postfix restart

*Please note: You do not have to do this if you intend to use ISPConfig on your system as ISPConfig does the necessary configuration using procmail recipes. But please go sure to enable Maildir under Management -> Server -> Settings -> EMail in the ISPConfig web interface.


2 Mail Server Menggunakan Postfix Dovecot dan Roundcube

Mail server menggunakan OS Ubuntu 11.04 Server
Menggunakan aplikasi postfix, dovecot, sasl authentication, smtp auth, tls, dan roundcube
Web Server menggunakan apache2 serta dukungan php5 dan mysql-server
Dns Server menggunakan bind9
Ip Address Server
Domain yang digunakan adalah erwin.com
Domain untuk mail server adalah mail.erwin.com
Sertifikat menggunakan default bawaan ubuntu (snake-oil)
Diasumsikan user yang digunakan untuk konfigurasi adalah "erwinheldy" dengan password "jaringan"

Install paket-paket yang dibutuhkan

apt-get install bind9 apache2 dovecot-postfix mysql-server php5 php5-mysql php5-mcrypt php-pear sasl2-bin libsasl2-modules libsasl2-2

Saat proses instalasi ada beberapa konfigurasi yang harus diisi yaitu

mysql root password = password untuk user root
system mail name = nama sistem mail yang digunakan (erwin.com) yang nantinya digunakan untuk domain pada mail (user@erwin.com)

Buat konfigurasi untuk dns server

cd /etc/bind
cp named.conf.default-zones named.conf.local
cp db.local db.erwin.com
cp db.127 db.192

Edit konfigurasi named.conf.local

nano named.conf.local
zone "erwin.com" {
        type master;
        file "/etc/bind/db.erwin.com";

zone "1.168.192.in-addr.arpa" {
        type master;
        file "/etc/bind/db.192";

Edit konfigurasi db.erwin.com

nano db.erwin.com
; BIND data file for local loopback interface
$TTL    604800
@       IN      SOA     ns.erwin.com. root.erwin.com. (
                              3         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
@       IN      NS      ns.erwin.com.
@       IN      A
@       IN      AAAA    ::1
ns      IN      A
        IN      MX 1    mail.erwin.com
mail    IN      A
www     IN      CNAME   @

Edit konfigurasi db.192

nano db.192
; BIND reverse data file for local loopback interface
$TTL    604800
@       IN      SOA     ns.erwin.com. root.ns.erwin.com. (
                              2         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
@       IN      NS      ns.erwin.com.
1       IN      PTR     ns.erwin.com.

Restart bind9

invoke-rc.d bind9 restart

Edit konfigurasi resolv agar mengarahkan dns server ke ip

nano /etc/resolv.conf

Lakukan pengujian dns server menggunakan nslookup

nslookup mail.erwin.com

Pastikan hasil nslookup seperti berikut


Name:   mail.erwin.com

Tahap berikutnya adalah konfigurasi postfix

dpkg-reconfigure postfix

Tahapan konfigurasi yang harus diisi yaitu

Internet Site
erwinheldy       --> keterangan: salah satu username yang digunakan
No [::ffff:]/104 [::1]/128         --> keterangan: tambahkan network address

Ubah beberapa konfigurasi postfix di file main.cf

nano /etc/postfix/main.cf

Baris yang harus diubah antara lain

smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_path = private/auth-client

smtpd_tls_auth_only = yes
smtpd_tls_auth_only = no

Edit konfigurasi dovecot

nano /etc/dovecot/dovecot.conf

Beberapa baris yang harus diubah antara lain

socket listen {
    #master {
      # Master socket provides access to userdb information. It's typically
      # used to give Dovecot's local delivery agent access to userdb so it
      # can find mailbox locations.
      #path = /var/run/dovecot/auth-master
      #mode = 0600
      # Default user/group is the one who started dovecot-auth (root)
      #user =
      #group =
    client {
      # The client socket is generally safe to export to everyone. Typical use
      # is to export it to your SMTP server so it can do SMTP AUTH lookups
      # using it.
      path = /var/spool/postfix/private/auth-client
      mode = 0660
      user = postfix
      group = postfix
mechanisms = plain
mechanisms = plain login

Edit konfigurasi sasl

nano /etc/default/saslauthd

Restart konfigurasi

invoke-rc.d postfix restart
invoke-rc.d dovecot restart
invoke-rc.d saslauthd restart

Untuk melihat jika SMTP-AUTH dan TLS bekerja dengan semestinya, jalankan perintah berikut

telnet mail.erwin.com 25

Setelah terlihat status connected ke postfix mail server, ketik

ehlo mail.erwin.com

Jika terlihat baris berikut diantara yang lainnya, berarti semuanya telah bekerja dengan semestinya. ketik quit untuk keluar


Selanjutnya proses instalasi roundcube, diasumsikan paket tarbal roundcube telah ada di folder /usr/share

cd /usr/share

Extract Roundcube

tar xzf roundcube_0.7.1.tar.gz

Selanjutnya rename folder untuk memudahkan, ganti kepemilikan, dan hak akses untuk roundcube

mv roundcube_0.7.1/ roundcube/
chown -R www-data:www-data roundcube/
chmod -R 755 roundcube/
chmod -R 777 roundcube/logs/
chmod -R 777 roundcube/temp/

Masuk ke mysql console

mysql -u root -p

Buat database untuk roundcube, dan berikan privileges untuk user (dicontohkan user:erwinheldy dengan paswd:jaringan)

create database roundcubemail;
grant all privileges on roundcubemail.* to erwinheldy@localhost identified by 'jaringan';
flush privileges;

Import tabel sql ke database

mysql -u erwinheldy -p roundcubemail < roundcube/SQL/mysql.initial.sql

Edit konfigurasi apache

nano /etc/apache2/sites-available/default

Tambahkan baris berikut di paling bawah

<VirtualHost *:80>
    ServerName mail.erwin.com
    DocumentRoot /usr/share/roundcube
    <Directory "/usr/share/roundcube/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride All
        Order deny,allow
        Allow from all
        Allow from ::1/128

Aktifkan modul rewrite

a2enmod rewrite

Restart apache

invoke-rc.d apache2 restart

Akses web

Start Installation
product_name        = Erwin Webmail
database username   = erwinheldy
database password   = jaringan
default_host        = erwin.com
smtp_user/smtp_pass = erwinheldy jaringan
checklist           "Use the current IMAP username and password for SMTP authentication"
language            = en_US
checklist           "If preview pane is enabled"

Masuk ke folder konfig roundcube

cd roundcube/config

Ketikkan perintah berikut

cp main.inc.php.dist main.inc.php
cp db.inc.php.dist db.inc.php
echo "" > main.inc.php
echo "" > db.inc.php

Edit file main.inc.php lalu copy paste script php yang ada di web sesuai dengan nama file-nya

nano main.inc.php

Edit juga file db.inc.php lalu copy paste script php yang ada di web sesuai dengan nama file-nya

nano db.inc.php


Instalasi Selesai, hapus folder installer pada roundcube

rm -rf /usr/share/roundcube/installer/

Masuk ke


Jika berhasil, maka akan muncul tampilan login roundcube, login dengan username: erwinheldy password: jaringan

Tambahkan folder melalui Settings --> Folders, Klik tanda plus di pojok kiri bawah

Masukkan Folder Name sebagai berikut satu per satu

Pengujian terakhir yaitu mengirim email ke akun sendiri yaitu ke erwinheldy@erwin.com dari roundcube

Periksa log untuk meyakinkan bahwa proses autentikasi dilakukan dengan secured

tail -f /var/log/mail.log
Feb  1 18:58:54 server dovecot: imap-login: Login: user=, method=PLAIN, rip=, lip=, secured
Feb  1 18:58:54 server dovecot: IMAP(erwinheldy): Disconnected: Logged out bytes=91/764

Periksa juga log untuk error log. Jika tidak ada respon maka konfigurasi tidak mengalami error

tail -f /var/log/mail.err