-------------------------------------------------------------------- EZ QmailToaster Fresh Install on SuSE 10.1 x86_64 Nick Hemmesch Jun 06, 2006 -------------------------------------------------------------------- SuSE 10.1 x86_64: This test install was performed on an opteron 270 with 2GB ram on a MSI m/b. -------------------------------------------------------------------- This tutorial is for SuSE 10.1 x86_64 (sus10164) To install SuSE 10.1 i586, replace sus10164 with sus101 -------------------------------------------------------------------- Notes: You must have either a local dns server or a local caching name server. If you need a caching namserver, we will add one in Step 9. Be sure to replace "your-domain.com" with your real domain name, and "your.fqdn.com" with your server's "Fully Qualified Domain Name". -------------------------------------------------------------------- 1. Download SuSE 10.1 x86_64 CD iso's or the DVD iso. -------------------------------------------------------------------- Burn iso's to CD, or DVD if you downloded a DVD iso Boot with your CD 1 or the DVD -------------------------------------------------------------------- 2. Splash Page: -------------------------------------------------------------------- Select "Installation", then Language: Select your language & Click "Next" Media Check: Click "Next" to skip License Agreement: Select "Yes, . ." & Click "Next" Installation Mode: Select "New Install" & Click "Next" Clock and Time Zone: Select your region & timezone & Click "Next" Desktop Selection: Select "Other" & Click "Next", then Select: "Text Mode" & Click "OK" -------------------------------------------------------------------- 3. Installation Settings - EXPERT (as per my test box): -------------------------------------------------------------------- System: no changes Keyboard Layout: no changes Partitioning: "Base Partition Setup on This Proposal" "boot" and "/" "FileSystem" must be ext3 for quotas to work correctly At the bottom of the "Installation Settings" screen: Click: "Accept" Confirm Installation: Click "Install" You will see "Preparing Your Hard Disk", then "Package Installation" Click "Details" to see package installation -------------------------------------------------------------------- 4. After the package installation and reboot: -------------------------------------------------------------------- Host and Domain Name: Enter hostname & un-select "Change Hostname via DHCP", then Enter root password Network Configuration Overview: "Next" Network Configuration: Firewall: firewall enabled & ssh port open Network Interfaces: Edit device: Set static IP address & Subnet Mask Hostname and Name Server: Enter your dns servers and search domain Routing: Enter your default gateway At the bottom of the screen: Click "Next" Test Internet Connection: Select "Yes" and Click "Next" Running Internet Connection Test: Select "Download ..." & Click "Next" Online Update Configuration: Select "Configure Now" & Click "Next" Online Update: Select "Run Update" & Click "Next" & "OK" when finished User Authentication Method: Select "local (/etc/passwd)" & Click "Next" New Local User: Add one (you) & Unselect "Automatic Login" & Click "Next" Release Notes: Click "Next" Hardware Configuration: Click "Next" Installation Complete: Click "Finish" -------------------------------------------------------------------- 5. After reboot, login as root: -------------------------------------------------------------------- mkdir /usr/src/qtms-install cd /usr/src/qtms-install This is SuSE 10.1 x86_64 so the qmailtoaster switch is sus10164 Start necessary services: Yast: System: System Services (Runlevel): Start apache2, mysql, and ntp -------------------------------------------------------------------- 6. Prepare to Install QmailToaster: -------------------------------------------------------------------- wget http://www.qmailtoaster.com/suse/sus10164/sus10164-deps.sh sh sus10164-deps.sh wget http://www.qmailtoaster.com/suse/sus10164/sus10164-perl.sh Stop Firewall: Yast: Security and Users: Firewall: "Stop Firewall Now" sh sus10164-perl.sh Start Firewall: Yast: Security and Users: Firewall: Allowed Services: Advanced: add the following: TCP Ports: add -> 22 25 53 80 110 143 443 993 995 UDP Ports: add -> 53 123 Start Firewall Now Disable AppArmor: Yast: Novell AppArmor: AppArmor Control Panel: Enable AppArmor Configure: Select "Disabled" & Click "OK" Set hostname so qmailtoaster reads it correctly on install: echo your.fqdn.com > /etc/hostname hostname -F /etc/hostname wget http://www.qmailtoaster.com/suse/sus10164/mysql-setup.sh Edit mysql-setup.sh to reflect your mysql root password sh mysql-setup.sh Remove conflicting packages installed by SuSE (without the "\"): rpm -e --nodeps postfix mailx mailman grepmail mutt yast2-mail \ yast2-mail-aliases imap-2004g_suse-14 imap-lib-2004g_suse-14 Note: You system may not have installed all these packages so adjust your command line accordingly. Configure apache2 Add index.php to /etc/apache2/httpd.conf as shown below: DirectoryIndex index.php index.html index.html.var -------------------------------------------------------------------- 7. Get QmailToaster Packages: -------------------------------------------------------------------- wget http://www.qmailtoaster.com/info/current-download-script.sh sh current-dowmload-script.sh This script downloads all necessary packages into you current directory (should be /usr/src/qtms-install/). -------------------------------------------------------------------- 8. Install QmailToaster Packages: -------------------------------------------------------------------- wget http://www.qmailtoaster.com/suse/sus101/sus101-install-script.sh sh sus10164-install-script.sh -------------------------------------------------------------------- 9. Add djbdns (if you don't want bind) -------------------------------------------------------------------- rpm -e bind bind-chrootenv rpmbuild --rebuild --with sus101 djbdns*.src.rpm rpm -Uvh ../packages/RPMS/i586/djbdns-localcache*.rpm echo "search your-domain.com" > /etc/resolv.conf echo "nameserver 127.0.0.1" >> /etc/resolv.conf REBOOT -------------------------------------------------------------------- 10. Setup QmailToaster: -------------------------------------------------------------------- qmailctl stat (Should look somewhat like this) [root@gateway ~]# qmailctl stat authlib: up (pid 2425) 65 seconds clamd: up (pid 2425) 65 seconds imap4: up (pid 2421) 65 seconds imap4-ssl: up (pid 2423) 65 seconds pop3: up (pid 2414) 65 seconds pop3-ssl: up (pid 2409) 65 seconds send: up (pid 2416) 65 seconds smtp: up (pid 2418) 65 seconds spamd: up (pid 2407) 65 seconds authlib/log: up (pid 2417) 65 seconds clamd/log: up (pid 2417) 65 seconds imap4/log: up (pid 2422) 65 seconds imap4-ssl/log: up (pid 2424) 65 seconds pop3/log: up (pid 2415) 65 seconds pop3-ssl/log: up (pid 2413) 65 seconds send/log: up (pid 2420) 65 seconds smtp/log: up (pid 2419) 65 seconds spamd/log: up (pid 2408) 65 seconds [root@gateway ~]# Add a domain: /home/vpopmail/bin/vadddomain your-domain.com Add a user: /home/vpopmail/bin/vadduser you@your-domain.com Edit /etc/php5/apache2/php.ini and set register_globals = On service apache2 restart Bring up your browser and go to: http://www.your-domain.com/admin-toaster/ Username: admin Password: toaster Change your password . . . Edit /etc/php5/apache2/php.ini and set register_globals = Off service apache2 restart Check your mail server: http://www.your-domain.com/webmail login with your full email address and your password Send yourself an email - should show right away Send an email to yourself if you have another address Go to your other email account and reply to the message you sent If Isoqlog doesn't show right away, do this: sh /usr/share/toaster/isoqlog/bin/cron.sh -------------------------------------------------------------------- 11. Add domainkeys: -------------------------------------------------------------------- Make dir for yourdomain.com: mkdir /var/qmail/control/domainkeys/your-domain.com Make domainkey (Remove "\"): dknewkey /var/qmail/control/domainkeys/your-domain.com/private > \ your-domain-dk.txt chown root:qmail /var/qmail/control/domainkeys/your-domain.com/private chmod 444 /var/qmail/control/domainkeys/your-domain.com/private Make dns entry: BIND - in the your-domain.com zone file (see yourdomain-dk.txt): private._domainkey IN TXT "k=rsa; p=MEwwDQY . . . to end of key" (NOTE QUOTATION MARKS MUST BE THERE) DJBDNS - in /var/djbdns/tinydns/root/data (make from your-domain-dk.txt): '_domainkey.your-domain.com:o=-; r=postmaster@your-domain.com 'private._domainkey.your-domain.com:k=rsa; p=MEwwDQY . . . to end of key Test your mailserver: http://domainkeys.sourceforge.net/policycheck.html http://domainkeys.sourceforge.net/selectorcheck.html In squirrelmail, select a test email, select View Full Header and you should find something like the following: ----------- snip ------------ DomainKey-Status: good Received: by simscan 1.2.0 ppid: 22641, pid: 22644, t: 0.8416s scanners: clamav: 0.88.2/m:38/d:1476 spam: 3.1.1 X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on ndh1.whatgives.org X-Spam-Level: * X-Spam-Status: No, score=1.6 required=5.0 tests=FROM_DOMAIN_NOVOWEL autolearn=no version=3.1.1 Received: from unknown (HELO ns1.ndhsdns.com) (216.221.100.227) by ndh1.whatgives.org with (DHE-RSA-AES256-SHA encrypted) SMTP; 22 May 2006 20:03:36 -0000 Received-SPF: pass (ndh1.whatgives.org: SPF record at ndhsdns.com designates 216.221.100.227 as permitted sender) Received: (qmail 28034 invoked by uid 89); 22 May 2006 20:03:36 -0000 Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private; d=ndhsdns.com; b=XVKQZe446BXMnSoQKvgchf0DRx4v8YQYZn5KVLj5O8XYf7V1dX7ETaJ1VGWGp5Bf ; Received: from unknown (HELO www.ndhsdns.com) (127.0.0.1) by ns1.ndhsdns.com with SMTP; 22 May 2006 20:03:36 -0000 ----------- snip ------------ -------------------------------------------------------------------- 12. Logs for all packages except freshclam are at: -------------------------------------------------------------------- /var/log/qmail/* Freshclam is at /var/log/clamav