NSLU2-Linux
view · edit · print · history

If you are using unslung-3.x then please read this first http://www.nslu2-linux.org/wiki/HowTo/IncreaseSpaceAvailableForPackages.

Warning: This is a very brief howto about the required steps.

Disclaimer: I'm quite sure that I forgot at least one step, but I can not remember which one. :-(


Comment: [Arno] Thanks pTweety, this is awesome! Can you tell me how the slug handles this? You think it could deal with an installation of a webmail system (probably running apache/php) for 1 or 2 users at a time?

Well, I have to differentiate between the different software:

  • fetchmail is no problem with more then 20 accounts
  • postfix runs well, but the slug has issues to handle mutiple (e.g. 5) mail transfers running in parallel.
  • spamfiltering with bogofilter takes < 1 second in contrary to spam-assassin which needs about 5 second per email.
  • cyrus-imapd with 2 clients (and 4 mailboxes opened on each of them) is quite good and serves up to 2000 emails per folder without any problem (but sometime a small delay of 2-4 seconds; this seems to be related to my IMAP-client TheBat?!).

--pTweety


Comment: [Arno] Thanks for the performance thoughts! Sounds like more then perfect for my use with only 1 or 2 users and mailboxes! Maybe I found the step you think you forgot: I was unable to install cyrus-imapd (did not try the other packages yet) with ipkg as the package was not available, did you do something special to get that to install?

You have to:

 # ipkg update
 # ipkg install unslung-feeds
 # ipkg update

Then you should have all the required data sources setup in ipkg.

--pTweety


Comment: [Pewe] Excellent. This is what I am waiting for. I have come to another problem, though. When trying to do the "ipkg install cyrus-imapd" I get

 ...
 Configuring cyrus-imapd
 adding new service(s) ... failed
 set saslpasswd2 for user 'mail' ... listusers failed failed
 changing permission ...
 chown: /opt/etc/sasl2: No such file or directory
 chmod: /opt/etc/sasl2: No such file or directory
 ...

I think the major problem here is the missing /opt/etc/sasl2. Shouldn't it be created by the install script?

/opt/etc/sasl2 has to be createdby the postinstall script. But in the meamtime you may want to try

 # touch /opt/etc/sasl2
 # chmod 644 /opt/etc/sasl2

Please check /etc/services as well. Uncomment the lines:

 #pop3            110/tcp         pop-3           # POP version 3
 #pop3            110/udp         pop-3
 ...
 #imap3           220/tcp                         # Interactive Mail Access
 #imap3           220/udp                         # Protocol v3

and add some more at the end of the file:

 # start of cyrus-imapd services
 imsp            406/tcp
 acap            674/tcp
 sieve           2000/tcp
 lmtp            2003/tcp
 fud             4201/udp
 # end of cyrus-imapd services

--pTweety

I had the same problem with the latest cyrus-sasl. The file /opt/etc/sasl2 isn't generated until you set a password so after installing cyrus-sasl run:

/opt/sbin/saslpasswd2 mail

And set the password

That'll create the sasl2 file that you should then set the permissions on:

chmod 644 /opt/etc/sasl2

Now you can carry on and install cyrus-imapd

--Marcs


Comment: [Lee] I found the above remedy (run /opt/bin/saslpasswd2 mail) failed for me. The fix was to install libdb-4.2.so by issuing:

ipkg install libdb

after installing cyrus-sasl.

The problem showed up as the second of two failures. The first failure was using /opt/bin instead of /opt/sbin (where my system says saslpasswd2 is).

The second failure was in running /opt/sbin/saslpasswd2, which errors out:

# /opt/sbin/saslpasswd2 mail

/opt/sbin/saslpasswd2: error while loading shared libraries: libdb-4.2.so: cannot open shared object file: No such file or directory

The version of sasl and sasl-libs that ipkg installed in this case are as shown below: # ipkg install cyrus-sasl

Installing cyrus-sasl (2.1.20-8) to root... Downloading http://ipkg.nslu2-linux.org/feeds/unslung/cross/cyrus-sasl_2.1.20-8_ armeb.ipk Installing cyrus-sasl-libs (2.1.20-8) to root... Downloading http://ipkg.nslu2-linux.org/feeds/unslung/cross/cyrus-sasl-libs_2.1. 20-8_armeb.ipk

--Lee

Comment: [knchris] I must be missing something. I do:

 # cyradm -u mail localhost
 Password:
 Cannot find termcap: Can't find a valid termcap file at /opt/lib/perl5/5.8.6/Term/ReadLine?.pm line 338

This warning can be ignored. But you can try to

 ipkg install readline

or

 ipkg install termcap

and check whether one of these let the warning go away. Please report which one solved the problem for you.

--pTweety

readline was already installed. So I installed termcap and tried again, then I removed/reinstalled readline. Still get the warning. --knchris


Comment: [Lee] On my system, all usage of cyradm fails with one of two errors, depending on how the command was called:

  • If I call it as "cyradm --user mail localhost", it fails after a few seconds' pause with the message:

cyradm: cannot connect to server

  • If I call it interactively as just "cyradm", then it fails with the message:

Cannot find termcap: Can't find a valid termcap file at /opt/lib/perl5/5.8.6/Term/ReadLine?.pm line 338

This is similar to knchris's error above but within a different context. It does leave me at the cyradm prompt. However, when one tries to use a cyradm command such as create mailbox (cm), it fails with a "cannot connect to server" message. eg:

cyradm> cm user.lee

createmailbox: no connection to server

Anyone know how to fix these? I'm not finding web searches turn up anything helpful on why cyradm cannot connect to the server, other than a reference to cyradm being tcl-based. As far as I can tell, unslung does not come with tcl by default.

OK, a few hours later.... here's what got cyradm working for me:

The server cyradm could not connect to was, I think, the imap server.

Specifically, the instructions above recommended uncommenting imap3 in /etc/services but I found I could only connect to *an* imap server on the box when I also uncommented imap2 on port 143 in /etc/services.

I also found that cyradm then worked and that I could use cm to create user mailboxes.

I think the missing termcap error message a couple of us saw is actually a reference to a missing Perl module: Term::ReadLine?. I don't kjnow if its absence makes a difference. I certainly could not install it using Unslung's cpan command line. Note this is a different piece of code to readline or termcap. It's a Perl module.

I also added the following to /initrd/etc/inetd.conf (though I haven't tested if it makes any difference yet):

telnet stream tcp nowait root /usr/sbin/telnetd

imap stream tcp nowait root /opt/libexec/cyrus/bin/imapd imapd

imap3 stream tcp nowait root /opt/libexec/cyrus/bin/imapd imapd

pop3 stream tcp nowait root /opt/libexec/cyrus/bin/pop3d pop3d

An area that we could do with some expert clarity on is: what user should we run cyrus as?

Most web documentation suggests "cyrus". The instructions on this page imply "root". Well, they are ambiguous about whether /opt/etc/sasl2 should be owned by mail.root or root.root. Anyone able to answer these?

--Lee

Comment: [knchris] I've got it all working. Very cool. Thanks pTweety!!! I also found the toltec connector for outlook which synchronizes your personal folders and the Cyrus-IMAP folders. I can share contacts, calendar, mail, tasks, etc... The toltec outlook connector is not free, but this is a great solution for small businesses that want simple groupware capabilities. [stanelie] Hum. I can't get Toltec to go beyond "Error : Unable to authenticate the user withCram-MD5?...


installing the software

Install perl, cyrus-sasl, readline, fetchmail, cyrus-imapd, postfix, (bogofilter or spamassassin) using ipkg.

Comment [Lee] You need to have also installed package 'coreutils' for the later 'sieveshell' script to work. This is because sieveshell needs coreutils' 'stty' utility.

--Lee

configure cyrus-imapd

  • create your email users with the web-frontend of your nslu2, e.g. tux
  • note: for those using OpenSlug (ie no web-frontend), use:
  # adduser [username]
  • check permisions of file /opt/etc/sasl2
    1. ls -l /opt/etc/sasl2
    -rw-r--r-- 1 root root ...
  • set passwd for user mail
 # saslpasswd2 mail
  • create the mailboxes for your users:
 # cyradm --user mail localhost
 > cm user.tux
 > cm "user.tux.Buy &- Sell"
 > cm user.tux.Drafts
 > cm user.tux.Outbox
 > cm user.tux.Sent
 > cm user.tux.Trash
 > cm user.tux.Ham
 > cm user.tux.Spam
 > lm
 > quit
  • optionaly upload a sieve script for testing:
 # vi user.tux.sieve.script
 ! require "fileinto";
 ! require "imapflags";
 ! 
 !    if anyof ( header :contains :comparator "i;ascii-casemap" "X-Spam-Flag" "yes",
 !               header :contains "X-Spam-Level" "*****",
 !               header :contains "X-Bogosity" "Spam, " )
 !       { setflag "\\Seen"; fileinto "INBOX.Spam"; }
 ! 
 !  else { fileinto "INBOX"; }

 # sieveshell -u tux -a tux localhost
 > put user.tux.sieve.script
 > activate user.tux.sieve.script
 > quit
  • check the mailbox with your email-client (IMAP recommended!)
  • if at some later point you have DBERRORs? in your log, you can try to fix it like this:
 create your mailboxes anew with cyradm and cm user.xxx and use reconstruct
 # su -s /bin/bash -l mail
 # /opt/libexec/cyrus/bin/reconstruct

configure bogofilter(fast, needs training) / spamassassin(slow, runs out of the box)

  • create technical users in your passwd file(s) (/etc/passwd, /share/*/conf/passwd):
 spam:x:40:40:spam:/opt/var/spool/spamd:
 bogo:x:41:40:bogo:/opt/var/lib/bogofilter:
  • create technical groups in your group file(s) (/etc/group, /share/*/conf/group):
 filter:x:40:
  • create the home dirs, change permissions and ownerships:
 # mkdir /opt/var/spool/spamd
 # mkdir /opt/var/lib/bogofilter
 # chmod 750 /opt/var/spool/spamd
 # chmod 750 /opt/var/lib/bogofilter
 # chown -R spam. /opt/var/spool/spamd
 # chown -R spam. /opt/var/lib/bogofilter

Comment: [Lee] Are the above two lines correct? As I understand them, they are trying to make "spam" the owner of the spamd and bogofilter directories (and subdirectories) but that, issued in this form (spam.), Unslung will error out claiming that no group owner has been given. Should they specify the group owner called filter? IE:

 # chown -R spam.filter /opt/var/spool/spamd
 # chown -R spam.filter /opt/var/lib/bogofilter
--Lee
  • train (bogofilter):
 # for i in /path/to/ham/*. ; do bogofilter -d /opt/var/spool/bogofilter/ -t -v -n < "$i" ; done
 # for i in /path/to/spam/*. ; do bogofilter -d /opt/var/spool/bogofilter/ -t -v -s < "$i" ; done
 ( alternatively use bogohelper.sh
find tux/ -type d ! -name 'Spam' -a ! -name 'Sent' -a ! -name 'Trash' -a ! -name 'attic' -exec bogohelper.sh -n {} \;
  find tux/ -type d -name 'Spam' -exec bogohelper.sh -s {} \;
 )

configure postfix (assuming, that you use dailup connection and have a relay server)

  • change your aliases file
 # vi /opt/etc/aliasas
 ! #root:                   you
 ! root:                   tux
  • and execute
 # newaliasas
  • update /opt/etc/postfix/main.cf
 # postconf -e "myhostname = your-slugs-hostname.your-local-domain.xx"
 # postconf -e "relayhost = [smtp.your-provider.xx]"
 # postconf -e "smtp_sasl_auth_enable = yes"
 # postconf -e "smtp_sasl_password_maps = hash:/opt/etc/postfix/sasl_passwd"
 # postconf -e "smtp_always_send_ehlo = yes"
 # postconf -e "smtp_sasl_security_options = noanonymous"
 # postconf -e "recipient_delimiter = +"
  • add credentials to your sasl_passwd file
 # vi /opt/etc/postfix/sasl_passwd
 ! smtp.your-provider.xx  username:password

 # chmod 600 /opt/etc/postfix/sasl_passwd
 # postmap hash:/opt/etc/postfix/sasl_passwd
  • change /opt/etc/postfix/master.cf
 # vi /opt/etc/postfix/master.cf
 ! #smtp      inet  n       -       n       -       -       smtpd
 ! #smtp      inet  n       -       n       -       -       smtpd -o content_filter=spamassassin
 ! smtp      inet  n       -       n       -       -       smtpd -o content_filter=bogofilter
 ! ...
 ! #
 ! # spamassassin. See http://wiki.apache.org/spamassassin/IntegratedSpamdInPostfix
 ! #
 ! spamassassin
 !           unix  -       n       n       -       -       pipe
 !   user=spamd argv=/opt/bin/spamc -f -e /opt/sbin/sendmail -oi -f ${sender} ${recipient}
 ! #
 ! # bogofilter. Read /opt/doc/bogofilter/integrating-with-postfix
 ! #
 ! bogofilter
 !           unix  -       n       n       -       -       pipe
 !   flags=R user=bogo argv=/opt/sbin/postfix-bogofilter.sh -f ${sender} -- ${recipient}
  • reload the config files:
 /opt/sbin/postfix -c /opt/etc/postfix reload

Comment: [Stein] I had to add the group maildrop, "nano -w /etc/group"

maildrop::69:maildrop


configure fetchmail

  • change /opt/etc/fetchmailrc
 # vi /opt/etc/fetchmailrc
 ! # Edit carefully, see the fetchmail(1) manual page, section "THE RUN CONTROL FILE".
 ! 
 ! poll "pop.your-provider.xx" protocol POP3? : user "tux" there with password "pingu" is "tux" here ;

/opt/sbin/bogohelper.sh

 #!/bin/sh

 if [ -d "$2" ] ; then
     echo -e "\ncd $2"
     cd "$2"
     for i in `find . -name '*.' -maxdepth 1` ; do
         echo "bogofilter -d /opt/var/spool/bogofilter -t -v $1 < $i"
         bogofilter -d /opt/var/spool/bogofilter -t -v "$1" < "$i"
     done
 fi

Comment: [Lee] I've written a second, more restricted HowTo - SetUpAnEmailServer2 - that goes into how to test each step so that you can isolate where problems are showing up as you build. It deals with Postfix+Cyrus-imapd+Sieve+SpamAssassin only though.

view · edit · print · history · Last edited by fcarolo.
Based on work by fcarolo, meaculpa, Lee Kimber, stanelie, Michael, Marc Sutton, Stein, sai, knchris, pTweeety, pewe, Pewe, pTweety, and Arno.
Originally by pTweeety.
Page last modified on February 26, 2007, at 04:42 PM