-------------------------------------------------------------------- EZ QmailToaster Fresh Install on SuSE 10.1 Nick Hemmesch -------------------------------------------------------------------- Corrected November 1, 2005 by Brent Dacus Updated May 27, 2006 by Nick Test machine: ASUS Pundit, 2.6ghz celeron, 512mb ram, 60gig IDE drive, and a dvd burner for mondorescue backups. -------------------------------------------------------------------- This tutorial is for SuSE 10.1 (sus101), it is specific for SuSE only. -------------------------------------------------------------------- NOTE: You must have either a local dns server or a local caching name server. -------------------------------------------------------------------- 1. Download SuSE 10.2 CD iso's or the DVD iso. -------------------------------------------------------------------- Burn iso's to CD, or DVD if you downloded a DVD iso Boot with your CD 1 or the DVD -------------------------------------------------------------------- 2. Splash Page: -------------------------------------------------------------------- Select "New Install", then Select your language, Select your timezone and set time, Select desktop --> KDE -------------------------------------------------------------------- 3. Installation Settings (as per my test box): -------------------------------------------------------------------- System --> no changes Keyboard Layout --> no changes Partitioning --> no changes Software --> accept defaults with changes as follows: [X] Simple Webserver with Apache2 [X] Network and Server [ ] Laptop --> UN-SELECT [X] C/C++ Compiler and Tools [X] Experienced User Booting --> no changes Timezone --> no changes Language --> no changes Runlevel --> Set to runlevel 3 Installation Settings --> Accept Confirm Installation --> Install -------------------------------------------------------------------- 4. After the package installation and reboot: -------------------------------------------------------------------- Enter hostname & un-select dhcp option to set hostname Enter root password Network Configuration: Network Mode --> no changes Firewall --> firewall enabled --> ssh port open Network Interfaces: Edit device: Set static IP address & Subnet Mask Hostname and Name Server: Enter your dns servers and search domain Routing: Enter your default gateway Network Configuration --> Accept Test Internet Connection --> do this Online Update Configuration --> configure and update User Authentication Method -> local (/etc/passwd) New Local User --> add as per your requirements - at least one (you) Hardware Configuration --> as per your hardware Finish -------------------------------------------------------------------- 5. After reboot, login as root: -------------------------------------------------------------------- mkdir /usr/src/qtms-install cd /usr/src/qtms-install This is SuSE 10.1 so the qmailtoaster switch is sus101 Start necessary services --> Yast -> System -> System Services (Runlevel) Start apache2, mysql, and ntp -------------------------------------------------------------------- 6. Prepare to Install QmailToaster: -------------------------------------------------------------------- wget http://www.qmailtoaster.com/suse/sus101/sus101-deps.sh sh cnt40-deps.sh wget http://www.qmailtoaster.com/suse/sus101/sus101-perl.sh Stop firewall --> Yast -> Security and Users -> Firewall -> Stop Firewall Now sh sus101-perl.sh Start and configure firewall --> Yast -> Security and Users -> Firewall: Start Firewall Now Allowed Services -> Advanced: TCP Ports: add -> 22 53 80 110 143 443 465 993 995 UDP Ports: add -> 53 123 Disable AppArmor: Yast -> Novell AppArmor -> AppArmor Control Panel -> Enable AppArmor Configure -> Disabled -> OK Set hostname so qmailtoaster reads it correctly on install: echo your.fqdn.com -> /etc/hostname hostname -F /etc/hostname wget http://www.qmailtoaster.com/suse/sus101/mysql-setup.sh Edit mysql-setup.sh to reflect your mysql root password sh mysql-setup.sh Remove conflicting packages installed by SuSE (without the "\"): rpm -e --nodeps postfix mailx mailman grepmail mutt yast2-mail \ yast2-mail-aliases imap-2004g_suse-14 imap-lib-2004g_suse-14 -------------------------------------------------------------------- 7. Get QmailToaster Packages: -------------------------------------------------------------------- wget http://www.qmailtoaster.com/info/current-download-script.sh sh current-dowmload-script.sh This script downloads all necessary packages into you current directory (should be /usr/src/qtms-install/). -------------------------------------------------------------------- 8. Install QmailToaster Packages: -------------------------------------------------------------------- wget http://www.qmailtoaster.com/suse/sus101/sus101-install-script.sh sh sus101-install-script.sh Set hostname back so SuSE reads it correctly: Yast -> Network Services -> Hostnames -> Finish Note: SuSE will error on startup if the /etc/host file doesn't look like this: 127.0.0.1 localhost xxx.xxx.xxx.xxx some.domain.com some Make a self signed certificate - better instructions later :( Note: common name should be your FQDN server.your-domain.com mv stunnel.pem /var/qmail/control/servercert.pem chown root:qmail /var/qmail/control/servercert.pem chmod 644 /var/qmail/control/servercert.pem /ln -s /var/qmail/control/servercert.pem /var/qmail/control/clientcert.pem REBOOT -------------------------------------------------------------------- 9. Add djbdns (if you don't want bind) -------------------------------------------------------------------- rpm -e bind bind-chrootenv rpmbuild --rebuild --with sus101 djbdns*.src.rpm rpm -Uvh ../packages/RPMS/i586/djbdns-localcache*.rpm echo "nameserver 127.0.0.1" > /etc/resolv.conf REBOOT -------------------------------------------------------------------- 10. Setup QmailToaster: -------------------------------------------------------------------- qmailctl stat (Should look somewhat like this) [root@gateway ~]# qmailctl stat clamd: up (pid 2425) 65 seconds imap4: up (pid 2421) 65 seconds imap4-ssl: up (pid 2423) 65 seconds pop3: up (pid 2414) 65 seconds pop3-ssl: up (pid 2409) 65 seconds send: up (pid 2416) 65 seconds smtp: up (pid 2418) 65 seconds spamd: up (pid 2407) 65 seconds clamd/log: up (pid 2417) 65 seconds imap4/log: up (pid 2422) 65 seconds imap4-ssl/log: up (pid 2424) 65 seconds pop3/log: up (pid 2415) 65 seconds pop3-ssl/log: up (pid 2413) 65 seconds send/log: up (pid 2420) 65 seconds smtp/log: up (pid 2419) 65 seconds spamd/log: up (pid 2408) 65 seconds [root@gateway ~]# Add a domain: /home/vpopmail/bin/vadddomain your-domain.com Add a user: /home/vpopmail/bin/vadduser you@your-domain.com Edit /etc/php5/apache2/php.ini and set register_globals = On service apache2 restart Bring up your browser and go to: http://www.your-domain.com/admin-toaster/ Username: admin Password: toaster Change your password . . . Edit /etc/php5/apache2/php.ini and set register_globals = Off service apache2 restart Check your mail server: http://www.your-domain.com/webmail login with your full email address and your password Send yourself an email - should show right away Send an email to yourself if you have another address Go to your other email account and reply to the message you sent If Isoqlog doesn't show right away, do this: sh /usr/share/toaster/isoqlog/bin/cron.sh -------------------------------------------------------------------- 11. Add domainkeys: -------------------------------------------------------------------- Make dir for yourdomain.com: mkdir /var/qmail/control/domainkeys/your-domain.com Make domainkey: dknewkey /var/qmail/control/domainkeys/your-domain.com/private > your-domain-dk.txt chown root:qmail /var/qmail/control/domainkeys/your-domain.com/private chmod 444 /var/qmail/control/domainkeys/your-domain.com/private Make dns entry: BIND - in the your-domain.com zone file (see yourdomain-dk.txt): private._domainkey IN TXT "k=rsa; p=MEwwDQY . . . to end of key" (NOTE QUOTATION MARKS MUST BE THERE) DJBDNS - in /var/djbdns/tinydns/root/data (make from your-domain-dk.txt): '_domainkey.your-domain.com:o=-; r=postmaster@your-domain.com 'private._domainkey.your-domain.com:k=rsa; p=MEwwDQY . . . to end of key Test your mailserver: http://domainkeys.sourceforge.net/policycheck.html http://domainkeys.sourceforge.net/selectorcheck.html In squirrelmail, select a test email, select View Full Header and you should find something like the following: ----------- snip ------------ DomainKey-Status: good Received: by simscan 1.2.0 ppid: 22641, pid: 22644, t: 0.8416s scanners: clamav: 0.88.2/m:38/d:1476 spam: 3.1.1 X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on ndh1.whatgives.org X-Spam-Level: * X-Spam-Status: No, score=1.6 required=5.0 tests=FROM_DOMAIN_NOVOWEL autolearn=no version=3.1.1 Received: from unknown (HELO ns1.ndhsdns.com) (216.221.100.227) by ndh1.whatgives.org with (DHE-RSA-AES256-SHA encrypted) SMTP; 22 May 2006 20:03:36 -0000 Received-SPF: pass (ndh1.whatgives.org: SPF record at ndhsdns.com designates 216.221.100.227 as permitted sender) Received: (qmail 28034 invoked by uid 89); 22 May 2006 20:03:36 -0000 Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private; d=ndhsdns.com; b=XVKQZe446BXMnSoQKvgchf0DRx4v8YQYZn5KVLj5O8XYf7V1dX7ETaJ1VGWGp5Bf ; Received: from unknown (HELO www.ndhsdns.com) (127.0.0.1) by ns1.ndhsdns.com with SMTP; 22 May 2006 20:03:36 -0000 ----------- snip ------------ -------------------------------------------------------------------- 12. Logs for all packages except freshclam are at: -------------------------------------------------------------------- /var/log/qmail/* Freshclam is at /var/log/clamav