Hi there Thank you for the help. I made essentielly the same steps as you described. Just that I started with the debs. And I found the error: At the end of the third line of
/etc/courier/authpgsqlrc was a space after the username entry. This apparently disturbed postgresql that much, that it would not accept the user pass login, but quit without any message. Solved and running now! Marcel Tim Hunter schrieb: >Try this, all my notes from when I installed, same packages as you. > > >----- Original Message ----- >From: "Marcel Weber" <[EMAIL PROTECTED]> >To: "Debian-Testing@Lists. Debian. Org" <[EMAIL PROTECTED]> >Sent: Thursday, May 16, 2002 1:25 PM >Subject: authenticating courier against postgresql with authpgsql fails > > > > >>Hi >> >>I tried the whole day to get this courier and postgresql thing flying. I >>managed it that postfix looks it's virtual table from the database. But >> >> >with > > >>courier no chance. I am not sure if it is an error in my configuration >> >> >(I > > >>think not) or if some package is broken. Perhaps one of you guys can >> >> >give >me > > >>a hint. >> >>PostgreSQL Table >> >> Table "courier" >> Column | Type | Modifiers >>----------+------------------------+------------------------ >> id | character varying(128) | not null default '' >> password | character varying(128) | not null default '' >> vollname | character varying(128) | not null default '' >> uid | numeric(10,0) | not null default '101' >> gid | numeric(10,0) | not null default '101' >> home | character varying(255) | not null default '' >> maildir | character varying(255) | not null default '' >>Primary key: courier_pkey >> >> >>/etc/courier/authpgsqlrc >> >>PGSQL_SERVER localhost >>PGSQL_USERNAME courier >>PGSQL_PASSWORD courier >>PGSQL_PORT /var/run/postgresql/.s.PGSQL.5432 >>PGSQL_DATABASE courier >>PGSQL_USERTABLE courier >>PGSQL_CLEAR_PWFIELD password >>PGSQL_MAILDIR_FIELD maildir >>DEFAULT_DOMAIN pingu.weber.hargarten >> >> >>When I connect to the box via imap or pop3 I hear some harddisk noise >> >> >and > > >>find this in the logs (not always but sometimes): >> >>May 16 20:06:10 pingu postgres[23338]: [18] DEBUG: proc_exit(0) >>May 16 20:06:10 pingu postgres[23338]: [19] DEBUG: shmem_exit(0) >>May 16 20:06:10 pingu postgres[23338]: [20] DEBUG: exit(0) >>May 16 20:06:10 pingu postgres[22884]: [18] DEBUG: reaping dead >> >> >processes > > >>May 16 20:06:10 pingu postgres[22884]: [19] DEBUG: child process (pid >>23338) ex >>ited with exit code 0 >>May 16 20:07:31 pingu imaplogin: Connection, ip=[::ffff:192.168.10.16] >>May 16 20:07:39 pingu imaplogin: LOGIN FAILED, ip=[::ffff:192.168.10.16] >>May 16 20:08:08 pingu last message repeated 2 times >>May 16 20:08:12 pingu imaplogin: LOGOUT, ip=[::ffff:192.168.10.16] >> >>Don't know if there is any connection between the two things. >> >>Actually I followed the manual one can find under >>http://www.sweeney.demon.co.uk/pfix_imap_virtual.html and adopted it for >>postgresql. >> >>Installed packages are: >> >>postgresql 7.2.1-2 >>courier-authpostgresql 0.37.3-2 >>courier-imap 1.4.3-2 >>courier-pop 0.37.3-2 >>courier-authdaemon 0.37.3-2 >> >> >>I also tried the sid packages for courier, at least for the >>courier-authpostgresql >> >>Hope that there is someone who can help me... At least that I know if it >> >> >is > > >>my fault or if I should file a bug report. >> >> >>Marcel >> >> >>-- >> ______ >> (Muuuhh) >>Global Village Sau ==> ^..^ |/����� >>(Kann Fremdsprache) ==> (oo) >> >> >> >>-- >>To UNSUBSCRIBE, email to [EMAIL PROTECTED] >>with a subject of "unsubscribe". Trouble? Contact >> >> >[EMAIL PROTECTED] > > >> >> >>------------------------------------------------------------------------ >> >>CREATE TABLE passwd ( >> id varchar(128) DEFAULT '' NOT NULL constraint id_id >primary key, >> crypt varchar(128) DEFAULT '' NOT NULL, >> clear varchar(128) DEFAULT '' NOT NULL, >> name varchar(128) DEFAULT '' NOT NULL, >> uid int4 DEFAULT 65534 NOT NULL, >> gid int4 DEFAULT 65534 NOT NULL, >> home varchar(255) DEFAULT '' NOT NULL, >> maildir varchar(255) DEFAULT '' NOT NULL, >> quota varchar(255) DEFAULT '' NOT NULL >>); >> >> >>insert into passwd (id,clear,uid,gid,home) values >('cojones','pass',1009,100,'/home/cojones'); >> >> >>Installing Courier with webmail and virtual users, with postgresql >>as the dbms. >> >>Geevarghese Philip >> >>06/03/2002 >> >>Abstract >> >>This document outlines the procedure that I followed to install courier >>with its webmail feature, with virtual users exclusively, and with >>postgresql as the dbms for storing information about the virtual users. >> >> >>1 Introduction >> >>1.1 Caveats >> >>1. You MUST read install.html. No exceptions. This document doesn't >> relieve you of the need to read and understand that one. You have >> been warned. >> >>2. This document reflects my ignorance as well as my knowledge. Read >> every statement in it with the prefix ``as far as I know''. If you >> see something stated here that you know is incorrect, you are probably >> right. >> >>3. This document describes what should be done to get Courier configured >> to suit one specific set of requirements, namely, those which I >> had, and which I have tried to list below. The steps described here >> may not be suitable when the requirements are different. >> >>1.2 Copyright, Disclaimer, Trademarks and Credits >> >>1.2.1 Copyright >> >>Copyright (c) 2002 by Geevarghese Philip mailto: [EMAIL PROTECTED] >> >>Please freely copy and distribute (sell or give away) this document >>in any format. Send any corrections and comments to the document maintainer. >>You may create a derivative work and distribute it provided that you: >> >>1. License the derivative work in the spirit of this license or use >> GPL. Include a copyright notice and at least a pointer to the license >> used. >> >>2. Give due credit to previous authors and major contributors. >> >>1.2.2 Disclaimer >> >>While I haven't intentionally tried to mislead you, there are likely >>to be a number of errors in this document. Please let me know about >>them. Since this is free documentation, it should be obvious that >>I cannot be held legally responsible for any errors. >> >>1.2.3 Trademarks. >> >>All trademarks in this document are acknowledged. >> >>1.2.4 Credits >> >>This document closely follows the sequence of instructions in the install.html >>file included with the courier distribution, and borrows quite heavily >>from it. The only contribution from my part has been to put in the >>knowledge I gained from my efforts to get the thing working properly. >> >>1.3 Contacting the author >> >>Please send any suggestions/criticisms to me at [EMAIL PROTECTED] >> Please let me know of any errors in facts, opinions, logic, spelling, >>grammar, clarity, links, etc. >> >>1.4 Background >> >>One of the responsibilities assigned to me at the place where I am >>system administrator was to set up an email server for use by the >>employees, most of whom are road warriors. My first choice for a mail >>server was postfix, due to its extreme simplicity of configuration, >>and since I didn't know that webmail servers existed. >> >>A couple of weeks into the experiment, I became convinced that there >>could be a better choice than postfix in my case, since : >> >>1. The road warriors were quite new to Linux, and are likely to remain >> so for a long time to come. Accessing mail from our server involved >> downloading some ssh client to their laptops, configuring it to >> access our server (both one-time affairs), and being satisfied with >> a non-graphical mail reader (pine). None of these were quite pleasant >> to my clients, especially the last one. >> >>2. I found disconcerting the security risk involved in creating one >> login per such user, just for the sake of their being able to access >> mail. >> >>3. Most significant : I came to know about the existence and availability >> of webmail servers. >> >>I searched the web for a freely downloadable email server with a companion >>webmail server, and found out that Courier fitted the bill quite nicely. >>So I decided to install and configure Courier to suite my needs. >> >>Installing and configuring Courier to suite my needs was not an easy >>task. It took me quite some time and effort, and a number of installs, >>to get it right. When I realized that the task would not be a trivial >>one, I started keeping an account of the things I did during the installation >>and configuration. By the time I was able to get Courier to work correctly, >>I had three 10''x12'' pages of closely spaced text describing how >>to do it again from scratch. >> >>On one of the early days, when I was feeling particularly hopeless, >>I sent a long mail to the Courier mailing list, which, to be honest, >>would have (and did, it seems) scared away the bravest soul due to >>its size and haziness. Now that I have got it right, I want to share >>what I have learned with others in a similar predicament, so that >>they may save much time and effort. This document is a dressed up >>version of the account I kept of my installation procedure. >> >>1.5 Configuration Options >> >>I read and digested the install.html that came along with the distribution, >>which took some time and effort. After considering everything, I chose >>the configuration parameters listed below. I decided to stick with >>the defaults given in install.html wherever possible, to ease the >>process of installation and configuration. >> >>1. A source build and install, not an rpm build and install(now that >> I am confident of things working out alright, maybe I will try that >> :) ), considering that an rpm install puts the files in all sorts >> of places. >> >>2. The installation directory is /usr/lib/courier. >> >>3. The user as which the non-privileged Courier binaries run is courier, >> with group courier. >> >>4. Mail is stored in maildirs. >> >>5. All the mail accounts are virtual accounts, to reduce the (perceived) >> security risk mentioned above. The maildirs corresponding to the >> virtual accounts are all owned by courier. >> >>6. A PostgreSQL database is the means of authentication. Mainly because >> I had some experience setting up and using PostgreSQL. >> >>7. For those who have mail accounts and no system accounts (which is >> the case with most of our road warriors), webmail is the only way >> of interacting with the mail system. Those who do have system accounts >> can send mail using Courier sendmail. >> >>2 The Installation Procedure >> >>1. See that the following are installed: >> >> (a) gcc, not gcc 3.0 >> >> (b) gnu make >> >> (c) Perl >> >> (d) expect >> >> (e) gdbm or db >> >> (f) openssl >> >> (g) PostgreSQL, with the development libraries. The installation and >> configuration of postgres is described elsewhere in this document. >> Installing pgaccess too makes life simpler. >> >>2. Remove sendmail and all its kin. >> >>3. Create a user and a group named courier. Set the home directory of >> courier to /usr/lib/courier. Set its default shell to sh, not bash. >> Setting it to bash results in an error message when executing the >> cleancache.pl script using su (see below). >> >>4. Set CFLAGS=-I/usr/include/pgsql, and export CFLAGS, so that gcc can >> find the header files in the postgres development libraries. >> >>5. cd to the toplevel Courier source directory. Run ./configure with >> these options: >> >> (a) --with-mailuser=courier >> >> (b) --with-mailgroup=courier >> >> (c) --without-ipv6 , since all those warnings in install.html scared >> me. >> >> (d) --with-cacheowner=courier, since courier is to be made the owner >> of the webmail cgi binary, and the webmail process must have write >> access to the webmail login cache directory. See below. >> >>6. Run make. Run authlib/authinfo to get the list of authentication >> modules compiled in. >> >>7. Run make check. >> >>8. su to root, set the umask to 022. >> >>9. Run make install. >> >>10. Run make install-configure > upgrade.log. The contents of upgrade.log >> have not been of any use to me so far. >> >>11. After install-configure : >> >> (a) Add /usr/lib/courier/man to MANPATH by editing /etc/man.config, >> /usr/lib/courier/bin to the PATH of all users (by editing /etc/profile), >> and /usr/lib/courier/sbin to the PATH of root alone. In /etc/man.config, >> add two MANPATH_MAP entries also, one for /usr/lib/courier/bin >> and one for /usr/lib/courier/sbin. >> >> (b) Add the following command to be executed by crond at least once >> an hour: >> >> su -c "/usr/lib/courier/share/sqwebmail/cleancache.pl" courier >> >> (c) Edit as courier the /usr/lib/courier/etc/authdaemonrc file to remove >> unwanted modules. >> >> (d) Edit as courier the /usr/lib/courier/etc/authpgsqlrc file to configure >> authpgsql. Very Important : Comment out `crypt' and uncomment >> `clear', otherwise webmail won't work(Who will encrypt the password >> for webmail?). >> >> (e) Copy courier.sysvinit to /etc/rc.d/init.d/courier. Use chkconfig >> to modify its on/off behaviour. Make it executable by root. >> >> (f) Remove the setuid bit from /usr/lib/courier/bin/maildrop >> >>12. Webmail Configuration >> >> (a) Copy /usr/lib/courier/libexec/courier/webmail/webmail to >/var/www/cgi-bin/index.cgi. >> Set the apache options Indexes and ExecCGI for the directory /var/www/cgi-bin/. >> Alias /mail to /var/www/cgi-bin/. >> >> (b) Change the ownership of /var/www/cgi-bin/index.cgi to courier.courier. >> Turn on its setuid and setgid bits. >> >> (c) Create /var/www/html/webmail/. >> >> (d) Copy all files in /usr/lib/courier/share/sqwebmail/images/ to >/var/www/html/webmail/. >> >>13. Create a test user, as described in step 17. >> >>14. Post-installation checks >> >> * run showmodules, after installing all files, but before starting >> courier. >> >> * Testing child process termination. >> >> * Log on to the test account. >> >> * run maildirmake $HOME/test and maildirmake $HOME/bounces. For >> a virtual mail account, $HOME is the directory specified in >> the database for the `home' attribute. Refer the section on >> pgsql configuration. >> >> * create $HOME/.courier-test-default containing one line : ./test >> >> * create $HOME/.courier containing one line: ./bounces >> >> * start courier as root: /usr/lib/courier/sbin/courier start >> >> * check the system log files for error messages. >> >> * run ps, check that only the following processes are running: >> >> * courierd : 2, one as root >> >> * courierdsn, as courier >> >> * courieruucp, as courier or uucp >> >> * courieresmtp, as courier >> >> * courierlocal, as root >> >> * couple of logger processes >> >> * start the authdaemond process : /usr/lib/courier/libexec/authlib/authdaemond >> start >> >> * run the perftest1 script while logged on to the test account : >> >> sh perftest1 1000 "user-test-1 user-test-2 user-test-3 user-test-4 >> user-test-5" >> >> Replace 'user' with the name of the test user. >> >> * see that there are exactly 5000 messages in $HOME/test/new. This >> didn't work out right for me. I always got more than 5000 messages, >> quite more, around 20,000. >> >>15. PostgreSQL configuration. >> >> * Install all the postgresql*.rpm required. I installed the following >> from my RedHat CDs : >> >> (a) postgresql-{version}.rpm >> >> (b) postgresql-devel-{version}.rpm >> >> (c) postgresql-server-{version}.rpm >> >> (d) postgresql-odbc-{version}.rpm >> >> (e) postgresql-perl-{version}.rpm >> >> (f) postgresql-tcl-{version}.rpm >> >> (g) postgresql-tk-{version}.rpm >> >> * Use chkconfig to ensure that service postgresql starts up in all >> the proper levels. If required, start up service postgresql. >> >> * Log in as the postgres superuser(not root!!) and cd to data/ . >> Run, as postgres, >> >> pg_passwd pg_pwd >> >> to make a password entry for postgres in the file pg_pwd. The name >> pg pwd is arbitrary � any filename will do. >> >> * As postgres, edit the pg_hba.conf file so that it consists of the >> following two lines : >> >> (a) local all password pg_pwd >> >> (b) host all 127.0.0.1 255.255.255.255 password pg_pwd >> >> These lines say that anyone can connect to any database from the >> local machine using unix domain sockets and the local loopback, >> provided they give a correct username-password pair, as found in >> the file pg_pwd . The password is kept encrypted in pg_pwd by the >> pg_passwd utility. A client is required to give the unencrypted >> form of the password. >> >> * As postgres, create a postgres user named courier (again, the choice >> of username is arbitrary, any name will do) using createuser. >> Allow courier to create new databases. Use pg_passwd to create >> an entry for user courier in pg_pwd. >> >> * Create using createdb, as user courier, a new database named `mail'. >> (From here onwards, the names of databases, tables, columns, rows, >> etc are those suggested by the file README.authmysql.html in the >> courier installation). >> >> Connect as user courier to the database `mail'. Create in this database, >> a table named `passwd' with the following attributes : >> >> +-----------+---------------+-----------------------------+ >> |Attribute | Type | Modifier | >> +-----------+---------------+-----------------------------+ >> +-----------+---------------+-----------------------------+ >> | id | varchar(128) | not null default '' | >> +-----------+---------------+-----------------------------+ >> | clear | varchar(128) | not null default '' | >> +-----------+---------------+-----------------------------+ >> | name | varchar(128) | not null default '' | >> +-----------+---------------+-----------------------------+ >> | uid | int4 | not null default courieruid | >> +-----------+---------------+-----------------------------+ >> | gid | int4 | not null default couriergid | >> +-----------+---------------+-----------------------------+ >> | home | varchar(255) | not null default '' | >> +-----------+---------------+-----------------------------+ >> >> >> id is the key. courieruid and couriergid are the uid and gid, respectively, >> of the system user courier. >> >> * Note the following points: >> >> * Attributes `maildir' and `quota' are optional. The choice is >> made in the file authpgsqlrc. >> >> * The correct data type to use for the string attributes is varchar, >> not char as the README says. Using char results in courier not >> being able to deliver mails. >> >> * The attributes uid and gid are those of the system user who owns >> the mailbox directories. I am stating this because I thought >> that these ids were independent of the operating system's ideas >> of uid and gid, and pertained only to the interaction between >> the pgsql database and courier. And so I set them to 1 and 1 >> for a test user, with the result that no mail could be delivered.When >> all the mailboxes are virtual, it is the easiest (IMHO) to let >> them all be owned by the user as which courier runs (here, courier), >> and set the default values of uid and gid to those of this user, >> instead of 65534. This takes away the need to fill them in for >> each (virtual) user. >> >> * When all the mailboxes are virtual, it is the easiest (again, >> IMHO) for all of them to be the subsubdirectories of one directory, >> all these directories being owned by courier. The way I did >> this is as follows: Login as courier. Create directory $HOME/mail >> ($HOME is /usr/lib/courier/), and a directory $HOME/mail/username >> for each virtual user `username'. Run maildirmake $HOME/mail/username/Maildir >> for each $HOME/mail/username. Set the `home' attribute of user >> `virtual1' in table passwd to `$HOME/mail/virtual1', and keep >> its`maildir' attribute unspecified, since courier takes home/Maildir >> as the value of maildir if none is specified. >> >>16. Don't install webadmin, for security's sake. It should be easy to >> do the configuration manually. >> >>17. Create a virtual account sachu (for my personal use) : >> >> (a) Add an entry for sachu in the `passwd' table >> >> (b) Login as courier and create $HOME/mail/sachu >> >> (c) As courier, run maildirmake $HOME/mail/sachu/Maildir >> >>18. Alias postmaster to sachu. For this, login as courier and edit >/usr/lib/courier/etc/aliases/system >> so that it contains the line : >> >> postmaster : sachu >> >> As root, run /usr/lib/courier/sbin/makealiases. >> >>19. To test the aliasing, run the following: >> >> * echo "To: postmaster" | /usr/lib/courier/bin/sendmail. Check sachu's >> mailbox to see that the message is there. >> >> * As sachu, echo "To: postmaster" | /usr/lib/courier/bin/sendmail >> -Nsuccess. This time, the sending account (which is the same as >> the receiving account, namely, sachu) should receive a return >> receipt. >> >>20. Miscellaneous configuration >> >> * As courier, edit /usr/lib/courier/etc/courierd to make maildrop >> the default delivery agent. >> >> * As courier, edit /usr/lib/courier/etc/esmtpd, and change the last >> NO to YES . I don't know what exactly this signifies, but reading >> install.html and the comments in esmtpd gave me the impression >> that this had to be done. >> >> * As courier, edit /usr/lib/courier/etc/esmtpd-msa, and change the >> NO to YES . I don't know what exactly this signifies, but reading >> install.html and the comments in esmtpd-msa gave me the impression >> that this had to be done. >> >> * Enable webmail calendaring : Create, as courier, >/usr/lib/courier/etc/calendarmode >> with the following line : >> >> local >> >> * Define local domains : Create, as courier, /usr/lib/courier/etc/locals >> with the following lines : >> >> ourdomainname.com >> >> localhost >> >> And then run makealiases as root. >> >> * Specify the default domain. This is the string that will appear >> after the @ in email addresses. If it is not specified, the addresses >> will look like [EMAIL PROTECTED], which looks >> odd. Create, as courier, /usr/lib/courier/etc/defaultdomain with >> the following line : >> >> ourdomainname.com >> >> And then run makealiases as root. Edit, as courier, >/usr/lib/courier/etc/authpgsqlrc >> and specify the default domain there also. >> >>21. Configuring the POP3 and IMAP servers >> >> Follow the instructions in install.html. Modify the firewall configuration >> to open ports 110 and 143, for POP3 and IMAP respectively. >> >> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
