New: integration.mlmmj.mysql.html, integration.mlmmj.pgsql.html.
This commit is contained in:
parent
c4a10dcf4d
commit
36d3178466
|
@ -29,7 +29,8 @@ We will show you how to integrate both mlmmj and mlmmjadmin in this tutorial.
|
||||||
|
|
||||||
## Backup LDAP data first
|
## Backup LDAP data first
|
||||||
|
|
||||||
Before you do any changes, please backup existing LDAP data first.
|
Although we don't modify any existing LDAP data in this tutorial, but it's
|
||||||
|
a good idea to backup it now before you adding any new mailing lists.
|
||||||
|
|
||||||
* For OpenLDAP, please run command `bash /var/vmail/backup/backup_openldap.sh` to backup.
|
* For OpenLDAP, please run command `bash /var/vmail/backup/backup_openldap.sh` to backup.
|
||||||
* For OpenBSD ldapd, please run command `bash /var/vmail/backup/backup_ldapd.sh` to backup.
|
* For OpenBSD ldapd, please run command `bash /var/vmail/backup/backup_ldapd.sh` to backup.
|
||||||
|
@ -73,6 +74,12 @@ mlmmj unix - n n - - pipe
|
||||||
flags=ORhu user=mlmmj argv=/usr/bin/mlmmj-amime-receive -L /var/vmail/mlmmj/${nexthop}
|
flags=ORhu user=mlmmj argv=/usr/bin/mlmmj-amime-receive -L /var/vmail/mlmmj/${nexthop}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
* Add line below in Postfix config file `/etc/postfix/main.cf`:
|
||||||
|
|
||||||
|
```
|
||||||
|
mlmmj_destination_recipient_limit = 1
|
||||||
|
```
|
||||||
|
|
||||||
* Open file `/etc/postfix/ldap/virtual_group_maps.cf`, replace the
|
* Open file `/etc/postfix/ldap/virtual_group_maps.cf`, replace the
|
||||||
`query_filter` line by below one. It will query old mailing list and new
|
`query_filter` line by below one. It will query old mailing list and new
|
||||||
mlmmj mailing list.
|
mlmmj mailing list.
|
||||||
|
@ -92,6 +99,14 @@ query_filter = (&(|(objectClass=mailUser)(&(objectClass=mailList)(enabledServ
|
||||||
* Run commands below to create file `/usr/bin/mlmmj-amime-receive` (Linux) or
|
* Run commands below to create file `/usr/bin/mlmmj-amime-receive` (Linux) or
|
||||||
`/usr/local/bin/mlmmj-amime-receive` (Linux/FreeBSD):
|
`/usr/local/bin/mlmmj-amime-receive` (Linux/FreeBSD):
|
||||||
|
|
||||||
|
!!! attention
|
||||||
|
|
||||||
|
mlmmj doesn't support signature signing very well, so we follow mlmmj
|
||||||
|
official document and create this script to sign signature properly with
|
||||||
|
command `altermime`. All iRedMail installation should have command
|
||||||
|
`altermime` (package `AlterMIME`) available, so you don't need to install
|
||||||
|
it manually
|
||||||
|
|
||||||
On Linux:
|
On Linux:
|
||||||
|
|
||||||
```
|
```
|
||||||
|
@ -131,12 +146,11 @@ $inet_socket_port = [10024, 10026, 10027, 9998];
|
||||||
```
|
```
|
||||||
|
|
||||||
* Add lines below in Amavisd config file. It creates a new policy bank called
|
* Add lines below in Amavisd config file. It creates a new policy bank called
|
||||||
`MLMMJ` for emails submitted by mlmmj from port 10027.
|
`MLMMJ` for emails submitted by mlmmj from port 10027. The purpose is signing
|
||||||
|
DKIM key on outgoing emails sent by mailing list, but disable
|
||||||
Note: This policy bank doesn't perform spam/virus/banned/bad-header checks
|
spam/virus/banned/bad-header checks, because emails sent to mailing list will
|
||||||
because emails sent to mailing list will be scanned either on port 10024
|
be scanned either on port 10024 (incoming email from external senders) or
|
||||||
(incoming email from external senders) or 10026 (outgoing email sent by
|
10026 (outgoing email sent by smtp authenticated users).
|
||||||
smtp authenticated users).
|
|
||||||
|
|
||||||
```
|
```
|
||||||
$interface_policy{'10027'} = 'MLMMJ';
|
$interface_policy{'10027'} = 'MLMMJ';
|
||||||
|
@ -161,9 +175,9 @@ fully integrated. We will setup `mlmmjadmin` to make managing mailing lists easi
|
||||||
* Download the latest mlmmjadmin release: <https://github.com/iredmail/mlmmjadmin/releases>,
|
* Download the latest mlmmjadmin release: <https://github.com/iredmail/mlmmjadmin/releases>,
|
||||||
upload to iRedMail server. We assume it's uploaded to `/root/` directory.
|
upload to iRedMail server. We assume it's uploaded to `/root/` directory.
|
||||||
|
|
||||||
!!! attention
|
!!! attention
|
||||||
|
|
||||||
NOTE: We use `mlmmjadmin-1.0` for example below.
|
We use `mlmmjadmin-1.0` for example below.
|
||||||
|
|
||||||
* Extract downloaded mlmmjadmin package to `/opt/` directory, and create a
|
* Extract downloaded mlmmjadmin package to `/opt/` directory, and create a
|
||||||
symbol link:
|
symbol link:
|
||||||
|
@ -224,11 +238,12 @@ backend_cli = 'bk_iredmail_ldap'
|
||||||
* Add extra required parameters in `/opt/mlmmjadmin/settings.py`, so that
|
* Add extra required parameters in `/opt/mlmmjadmin/settings.py`, so that
|
||||||
mlmmjadmin can manage mailing lists stored in LDAP server.
|
mlmmjadmin can manage mailing lists stored in LDAP server.
|
||||||
|
|
||||||
!!! attention
|
!!! attention
|
||||||
|
|
||||||
* You can find LDAP URI, basedn, bind_dn, bind_password in iRedAdmin
|
You can find LDAP URI, basedn, bind_dn, bind_password in iRedAdmin
|
||||||
config file.
|
config file, the bind dn must have both read and write privileges to
|
||||||
* LDAP bind dn must have read and write privilege to access LDAP server.
|
manage LDAP server, iRedMail server usually use bind dn
|
||||||
|
`cn=vmailadmin,dc=xx,dc=xx` for this purpose.
|
||||||
|
|
||||||
```
|
```
|
||||||
iredmail_ldap_uri = 'ldap://127.0.0.1'
|
iredmail_ldap_uri = 'ldap://127.0.0.1'
|
||||||
|
|
|
@ -0,0 +1,393 @@
|
||||||
|
# Integrate mlmmj mailing list manager in iRedMail (MySQL/MariaDB backends)
|
||||||
|
|
||||||
|
[TOC]
|
||||||
|
|
||||||
|
## Summary
|
||||||
|
|
||||||
|
In iRedMail-0.9.8, we integrate [mlmmj](http://mlmmj.org) - a simple and slim
|
||||||
|
mailing list manager. It uses very few resources, and requires no daemons, easy
|
||||||
|
to install, configure and manage. if offers a great set of features, including:
|
||||||
|
|
||||||
|
* Archive
|
||||||
|
* Subject prefix
|
||||||
|
* Subscribers only posting
|
||||||
|
* Moderators only posting
|
||||||
|
* Moderation functionality
|
||||||
|
* Custom headers / footer
|
||||||
|
* Fully automated bounce handling
|
||||||
|
* Complete requeueing functionality
|
||||||
|
* Regular expression access control
|
||||||
|
* Delivery Status Notification (RFC1891) support
|
||||||
|
* Rich, customisable texts for automated operations
|
||||||
|
* and more
|
||||||
|
|
||||||
|
iRedMail team also developes a simple RESTful API server called `mlmmjadmin`
|
||||||
|
to help manage mailing lists, it also offers script tool to manage mailing
|
||||||
|
lists from command line.
|
||||||
|
|
||||||
|
We will show you how to integrate both mlmmj and mlmmjadmin in this tutorial.
|
||||||
|
|
||||||
|
## Backup SQL database first
|
||||||
|
|
||||||
|
Although we don't modify any existing SQL data in this tutorial, but it's
|
||||||
|
a good idea to backup it now before you adding any new mailing lists.
|
||||||
|
|
||||||
|
Please run command `bash /var/vmail/backup/backup_mysql.sh` to backup SQL
|
||||||
|
databases.
|
||||||
|
|
||||||
|
## Create required system account
|
||||||
|
|
||||||
|
mlmmj will be ran as user `mlmmj` and group `mlmmj`, all mailing list data will
|
||||||
|
be stored under its home directory `/var/vmail/mlmmj`:
|
||||||
|
|
||||||
|
On Linux or OpenBSD:
|
||||||
|
|
||||||
|
```
|
||||||
|
groupadd mlmmj
|
||||||
|
useradd -m -d /var/vmail/mlmmj -s /sbin/nologin mlmmj
|
||||||
|
chown -R mlmmj:mlmmj /var/vmail/mlmmj
|
||||||
|
chmod -R 0700 /var/vmail/mlmmj
|
||||||
|
```
|
||||||
|
|
||||||
|
On FreeBSD:
|
||||||
|
|
||||||
|
```
|
||||||
|
pw groupadd mlmmj
|
||||||
|
pw useradd -m -g mlmmj -s /sbin/nologin -d /var/vmail/mlmmj mlmmj
|
||||||
|
chown -R mlmmj:mlmmj /var/vmail/mlmmj
|
||||||
|
chmod -R 0700 /var/vmail/mlmmj
|
||||||
|
```
|
||||||
|
|
||||||
|
## Update SQL tables in `vmail` database
|
||||||
|
|
||||||
|
We need some updates in `vmail` SQL database:
|
||||||
|
|
||||||
|
* new SQL table `maillists`: used to store profile of mailing list.
|
||||||
|
* new SQL column `forwardings.is_maillist`
|
||||||
|
* new SQL column `domain.maillists`: used to set per-domain limit of mailing
|
||||||
|
list accounts. This column is mostly used by iRedAdmin-Pro.
|
||||||
|
|
||||||
|
Now apply the SQL changes with SQL commands below:
|
||||||
|
|
||||||
|
```
|
||||||
|
cd /tmp
|
||||||
|
wget https://bitbucket.org/zhb/iredmail/raw/default/extra/update/0.9.8/mlmmj.mysql
|
||||||
|
mysql vmail < mlmmj.mysql
|
||||||
|
```
|
||||||
|
|
||||||
|
## Postfix integration
|
||||||
|
|
||||||
|
* Please add lines below in Postfix config file `/etc/postfix/master.cf`:
|
||||||
|
|
||||||
|
!!! attention
|
||||||
|
|
||||||
|
* Command `/usr/bin/mlmmj-amime-receive` doesn't exist yet, we will
|
||||||
|
create it later.
|
||||||
|
* On FreeBSD and OpenBSD, it should be
|
||||||
|
`/usr/local/usr/bin/mlmmj-amime-receive` instead.
|
||||||
|
|
||||||
|
```
|
||||||
|
# ${nexthop} is '%d/%u' in transport ('mlmmj:%d/%u')
|
||||||
|
mlmmj unix - n n - - pipe
|
||||||
|
flags=ORhu user=mlmmj argv=/usr/bin/mlmmj-amime-receive -L /var/vmail/mlmmj/${nexthop}
|
||||||
|
```
|
||||||
|
|
||||||
|
* Add line below in Postfix config file `/etc/postfix/main.cf`:
|
||||||
|
|
||||||
|
```
|
||||||
|
mlmmj_destination_recipient_limit = 1
|
||||||
|
```
|
||||||
|
|
||||||
|
* Open Postfix config file `/etc/postfix/main.cf`, update existing parameter
|
||||||
|
`transport_maps`, add new sql lookup like below. We will create required sql
|
||||||
|
lookup file later.
|
||||||
|
|
||||||
|
```
|
||||||
|
transport_maps =
|
||||||
|
proxy:mysql:/etc/postfix/mysql/transport_maps_user.cf
|
||||||
|
proxy:mysql:/etc/postfix/mysql/transport_maps_maillist.cf # <- Add this line
|
||||||
|
...
|
||||||
|
```
|
||||||
|
|
||||||
|
* Now create file `/etc/postfix/mysql/mlmmj_maillists_maps.cf`:
|
||||||
|
|
||||||
|
!!! warning
|
||||||
|
|
||||||
|
Please update the `password =` line with the real password of SQL user
|
||||||
|
`vmail`, you can find it in files under `/etc/postfix/mysql/`.
|
||||||
|
|
||||||
|
```
|
||||||
|
user = vmail
|
||||||
|
password = qsescZvV03f6YUtTMN2bQTejmjatzz
|
||||||
|
hosts = 127.0.0.1
|
||||||
|
port = 3306
|
||||||
|
dbname = vmail
|
||||||
|
query = SELECT maillists.transport FROM maillists,domain WHERE maillists.address='%s' AND maillists.active=1 AND maillists.domain = domain.domain AND domain.active=1
|
||||||
|
```
|
||||||
|
|
||||||
|
* Run commands below to create file `/usr/bin/mlmmj-amime-receive` (Linux) or
|
||||||
|
`/usr/local/bin/mlmmj-amime-receive` (Linux/FreeBSD):
|
||||||
|
|
||||||
|
!!! attention
|
||||||
|
|
||||||
|
mlmmj doesn't support signature signing very well, so we follow mlmmj
|
||||||
|
official document and create this script to sign signature properly with
|
||||||
|
command `altermime`. All iRedMail installation should have command
|
||||||
|
`altermime` (package `AlterMIME`) available, so you don't need to install
|
||||||
|
it manually
|
||||||
|
|
||||||
|
On Linux:
|
||||||
|
|
||||||
|
```
|
||||||
|
cd /usr/bin/
|
||||||
|
wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/mlmmj/mlmmj-amime-receive
|
||||||
|
chown mlmmj:mlmmj mlmj-amime-receive
|
||||||
|
chmod 0550 mlmmj-amime-receive
|
||||||
|
perl -pi -e 's#PH_CMD_MLMMJ_RECEIVE#/usr/bin/mlmmj-receive#g' mlmmj-amime-receive
|
||||||
|
perl -pi -e 's#PH_CMD_ALTERMIME#/usr/bin/altermime#g' mlmmj-amime-receive
|
||||||
|
```
|
||||||
|
|
||||||
|
On FreeBSD or OpenBSD:
|
||||||
|
|
||||||
|
```
|
||||||
|
cd /usr/local/bin/
|
||||||
|
wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/mlmmj/mlmmj-amime-receive
|
||||||
|
chown mlmmj:mlmmj mlmj-amime-receive
|
||||||
|
chmod 0550 mlmmj-amime-receive
|
||||||
|
perl -pi -e 's#PH_CMD_MLMMJ_RECEIVE#/usr/local/bin/mlmmj-receive#g' mlmmj-amime-receive
|
||||||
|
perl -pi -e 's#PH_CMD_ALTERMIME#/usr/local/bin/altermime#g' mlmmj-amime-receive
|
||||||
|
```
|
||||||
|
|
||||||
|
## Amavisd Integration
|
||||||
|
|
||||||
|
We need Amavisd to listen on one more port `10027`, it will be used to scan
|
||||||
|
spam/virus for emails posted to mailing list.
|
||||||
|
|
||||||
|
* Please open Amavisd config file, find parameter `$inet_socket_port`, add new
|
||||||
|
port number `10027` in the list, like below:
|
||||||
|
- On RHEL/CentOS, it's `/etc/amavisd/amavisd.conf`.
|
||||||
|
- On Debian/Ubuntu, it's `/etc/amavis/conf.d/50-user`.
|
||||||
|
- On OpenBSD, it's `/etc/amavisd.conf`.
|
||||||
|
- On FreeBSD, it's `/usr/local/etc/amavisd.conf`.
|
||||||
|
|
||||||
|
```
|
||||||
|
$inet_socket_port = [10024, 10026, 10027, 9998];
|
||||||
|
```
|
||||||
|
|
||||||
|
* Add lines below in Amavisd config file. It creates a new policy bank called
|
||||||
|
`MLMMJ` for emails submitted by mlmmj from port 10027. The purpose is signing
|
||||||
|
DKIM key on outgoing emails sent by mailing list, but disable
|
||||||
|
spam/virus/banned/bad-header checks, because emails sent to mailing list will
|
||||||
|
be scanned either on port 10024 (incoming email from external senders) or
|
||||||
|
10026 (outgoing email sent by smtp authenticated users).
|
||||||
|
|
||||||
|
```
|
||||||
|
$interface_policy{'10027'} = 'MLMMJ';
|
||||||
|
$policy_bank{'MLMMJ'} = {
|
||||||
|
originating => 1, # declare that mail was submitted by our smtp client
|
||||||
|
allow_disclaimers => 0, # mailing list should use footer text instead.
|
||||||
|
enable_dkim_signing => 1, # sign DKIm signature
|
||||||
|
smtpd_discard_ehlo_keywords => ['8BITMIME'],
|
||||||
|
terminate_dsn_on_notify_success => 0, # don't remove NOTIFY=SUCCESS option
|
||||||
|
bypass_spam_checks_maps => [1], # don't check spam
|
||||||
|
bypass_virus_checks_maps => [1], # don't check virus
|
||||||
|
bypass_banned_checks_maps => [1], # don't check banned file names and types
|
||||||
|
bypass_header_checks_maps => [1], # don't check bad header
|
||||||
|
};
|
||||||
|
```
|
||||||
|
|
||||||
|
Now restart Amavisd and Postfix servivce, mlmmj mailing list manager is now
|
||||||
|
fully integrated.
|
||||||
|
|
||||||
|
We will setup `mlmmjadmin` program to make managing mailing lists easier.
|
||||||
|
|
||||||
|
## Setup mlmmjadmin: RESTful API server used to manage mlmmj mailing lists
|
||||||
|
|
||||||
|
* Download the latest mlmmjadmin release: <https://github.com/iredmail/mlmmjadmin/releases>,
|
||||||
|
and upload to iRedMail server. We assume it's uploaded to `/root/` directory.
|
||||||
|
|
||||||
|
!!! attention
|
||||||
|
|
||||||
|
We use `mlmmjadmin-1.0` for example below.
|
||||||
|
|
||||||
|
* Extract downloaded mlmmjadmin package to `/opt/` directory, and create a
|
||||||
|
symbol link:
|
||||||
|
|
||||||
|
```
|
||||||
|
tar xjf /root/mlmmjadmin-1.0.tar.bz2 -C /opt
|
||||||
|
ln -s /opt/mlmmjadmin-1.0 /opt/mlmmjadmin
|
||||||
|
```
|
||||||
|
|
||||||
|
* Generate config file by copying sample file, `settings.py.sample`:
|
||||||
|
|
||||||
|
```
|
||||||
|
cd /opt/mlmmjadmin
|
||||||
|
cp settings.py.sample settings.py
|
||||||
|
chown mlmmj:mlmmj settings.py
|
||||||
|
chmod 0400 settings.py
|
||||||
|
```
|
||||||
|
|
||||||
|
* Generate a random, long string as API auth token, it will be used by your
|
||||||
|
API client. For example:
|
||||||
|
|
||||||
|
```
|
||||||
|
$ echo $RANDOM | md5sum
|
||||||
|
43a89b7aa34354089e629ed9f9be0b3b
|
||||||
|
```
|
||||||
|
|
||||||
|
* Add this string in `/opt/mlmmjadmin/settings.py`, parameter `api_auth_tokens`
|
||||||
|
like below:
|
||||||
|
|
||||||
|
```
|
||||||
|
api_auth_tokens = ['43a89b7aa34354089e629ed9f9be0b3b']
|
||||||
|
```
|
||||||
|
|
||||||
|
You can add as many token as you want for different API clients. For example:
|
||||||
|
|
||||||
|
```
|
||||||
|
api_auth_tokens = ['43a89b7aa34354089e629ed9f9be0b3b', '703ed37b20243d7c51c56ce6cd90e94c']
|
||||||
|
```
|
||||||
|
|
||||||
|
* if you manage mail accounts __WITH__ iRedAdmin-Pro, please set values of
|
||||||
|
parameters `backend_api` and `backend_cli` in `/opt/mlmmjadmin/settings.py`
|
||||||
|
like below:
|
||||||
|
|
||||||
|
```
|
||||||
|
backend_api = 'bk_none'
|
||||||
|
backend_cli = 'bk_iredmail_sql'
|
||||||
|
```
|
||||||
|
|
||||||
|
* if you do __NOT__ manage mail accounts with iRedAdmin-Pro, please set values
|
||||||
|
of parameters `backend_api` and `backend_cli` in `/opt/mlmmjadmin/settings.py`
|
||||||
|
like below:
|
||||||
|
|
||||||
|
```
|
||||||
|
backend_api = 'bk_iredmail_sql'
|
||||||
|
backend_cli = 'bk_iredmail_sql'
|
||||||
|
```
|
||||||
|
|
||||||
|
* Add extra required parameters in `/opt/mlmmjadmin/settings.py`, so that
|
||||||
|
mlmmjadmin can connect to SQL server and manage mailing lists.
|
||||||
|
|
||||||
|
!!! attention
|
||||||
|
|
||||||
|
You can find SQL server address, port, database name, SQL username and
|
||||||
|
password in iRedAdmin config file, the SQL user must have both read and
|
||||||
|
write privileges to manage `vmail` database. iRedMail server usually
|
||||||
|
use SQL user `vmailadmin` for this purpose.
|
||||||
|
|
||||||
|
```
|
||||||
|
iredmail_sql_db_type = 'mysql'
|
||||||
|
iredmail_sql_db_server = '127.0.0.1'
|
||||||
|
iredmail_sql_db_port = 3306
|
||||||
|
iredmail_sql_db_name = 'vmail'
|
||||||
|
iredmail_sql_db_user = 'vmailadmin'
|
||||||
|
iredmail_sql_db_password = '<password>'
|
||||||
|
```
|
||||||
|
|
||||||
|
* Copy rc/systemd scripts for service control:
|
||||||
|
|
||||||
|
```
|
||||||
|
#
|
||||||
|
# For RHEL/CentOS
|
||||||
|
#
|
||||||
|
cp /opt/mlmmjadmin/rc_scripts/systemd/rhel.service /lib/systemd/system/mlmmjadmin.service
|
||||||
|
chmod 0644 /lib/systemd/system/mlmmjadmin.service
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl enable mlmmjadmin
|
||||||
|
|
||||||
|
#
|
||||||
|
# For Debian 9 and Ubuntu 16.04 which uses systemd
|
||||||
|
#
|
||||||
|
cp /opt/mlmmjadmin/rc_scripts/systemd/debian.service /lib/systemd/system/mlmmjadmin.service
|
||||||
|
chmod 0644 /lib/systemd/system/mlmmjadmin.service
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl enable mlmmjadmin
|
||||||
|
|
||||||
|
#
|
||||||
|
# For FreeBSD
|
||||||
|
#
|
||||||
|
cp /opt/mlmmjadmin/rc_scripts/mlmmjadmin.freebsd /usr/local/etc/rc.d/mlmmjadmin
|
||||||
|
chmod 0755 /usr/local/etc/rc.d/mlmmjadmin
|
||||||
|
echo 'mlmmjadmin_enable=YES' >> /etc/rc.conf.local
|
||||||
|
|
||||||
|
#
|
||||||
|
# For OpenBSD
|
||||||
|
#
|
||||||
|
cp /opt/mlmmjadmin/rc_scripts/mlmmjadmin.openbsd /etc/rc.d/mlmmjadmin
|
||||||
|
chmod 0755 /etc/rc.d/mlmmjadmin
|
||||||
|
rcctl enable mlmmjadmin
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
* Create directory used to store mlmmjadmin log file. mlmmjadmin is
|
||||||
|
configured to log to syslog directly.
|
||||||
|
|
||||||
|
```
|
||||||
|
#
|
||||||
|
# For RHEL/CentOS
|
||||||
|
#
|
||||||
|
mkdir /var/log/mlmmjadmin
|
||||||
|
chown root:root /var/log/mlmmjadmin
|
||||||
|
chmod 0755 /var/log/mlmmjadmin
|
||||||
|
|
||||||
|
#
|
||||||
|
# For Debian/Ubuntu
|
||||||
|
#
|
||||||
|
mkdir /var/log/mlmmjadmin
|
||||||
|
chown syslog:adm /var/log/mlmmjadmin
|
||||||
|
chmod 0755 /var/log/mlmmjadmin
|
||||||
|
|
||||||
|
#
|
||||||
|
# For OpenBSD/FreeBSD
|
||||||
|
#
|
||||||
|
mkdir /var/log/mlmmjadmin
|
||||||
|
chown root:wheel /var/log/mlmmjadmin
|
||||||
|
chmod 0755 /var/log/mlmmjadmin
|
||||||
|
```
|
||||||
|
|
||||||
|
* Update syslog daemon config file to log mlmmjadmin to dedicated log file:
|
||||||
|
|
||||||
|
For Linux
|
||||||
|
|
||||||
|
```
|
||||||
|
cp /opt/mlmmjadmin/samples/rsyslog/mlmmjadmin.conf /etc/rsyslog.d/
|
||||||
|
service rsyslog restart
|
||||||
|
```
|
||||||
|
|
||||||
|
For OpenBSD, please append below lines in `/etc/syslog.conf`:
|
||||||
|
|
||||||
|
```
|
||||||
|
!!mlmmjadmin
|
||||||
|
local5.* /var/log/mlmmjadmin/mlmmjadmin.log
|
||||||
|
```
|
||||||
|
|
||||||
|
For FreeBSD, please append below lines in `/etc/syslog.conf`:
|
||||||
|
|
||||||
|
```
|
||||||
|
!mlmmjadmin
|
||||||
|
local5.* /var/log/mlmmjadmin/mlmmjadmin.log
|
||||||
|
```
|
||||||
|
|
||||||
|
* Now it's ok to start `mlmmjadmin` service:
|
||||||
|
|
||||||
|
```
|
||||||
|
#
|
||||||
|
# On Linux/FreeBSD:
|
||||||
|
#
|
||||||
|
service mlmmjadmin restart
|
||||||
|
|
||||||
|
#
|
||||||
|
# On OpenBSD
|
||||||
|
#
|
||||||
|
rcctl start mlmmjadmin
|
||||||
|
```
|
||||||
|
|
||||||
|
## References
|
||||||
|
|
||||||
|
* iRedMail: <http://www.iredmail.org>
|
||||||
|
* Mlmmj: <http://mlmmj.org/>
|
||||||
|
* Tunable parameters: <http://mlmmj.org/docs/tunables/>
|
||||||
|
* Postfix integration: <http://mlmmj.org/docs/readme-postfix/>
|
||||||
|
* mlmmjadmin: RESTful API server used to manage mlmmj mailing lists. Developed
|
||||||
|
and maintained by iRedMail team. <https://github.com/iredmail/mlmmjadmin>
|
|
@ -0,0 +1,394 @@
|
||||||
|
# Integrate mlmmj mailing list manager in iRedMail (PostgreSQL backend)
|
||||||
|
|
||||||
|
[TOC]
|
||||||
|
|
||||||
|
## Summary
|
||||||
|
|
||||||
|
In iRedMail-0.9.8, we integrate [mlmmj](http://mlmmj.org) - a simple and slim
|
||||||
|
mailing list manager. It uses very few resources, and requires no daemons, easy
|
||||||
|
to install, configure and manage. if offers a great set of features, including:
|
||||||
|
|
||||||
|
* Archive
|
||||||
|
* Subject prefix
|
||||||
|
* Subscribers only posting
|
||||||
|
* Moderators only posting
|
||||||
|
* Moderation functionality
|
||||||
|
* Custom headers / footer
|
||||||
|
* Fully automated bounce handling
|
||||||
|
* Complete requeueing functionality
|
||||||
|
* Regular expression access control
|
||||||
|
* Delivery Status Notification (RFC1891) support
|
||||||
|
* Rich, customisable texts for automated operations
|
||||||
|
* and more
|
||||||
|
|
||||||
|
iRedMail team also developes a simple RESTful API server called `mlmmjadmin`
|
||||||
|
to help manage mailing lists, it also offers script tool to manage mailing
|
||||||
|
lists from command line.
|
||||||
|
|
||||||
|
We will show you how to integrate both mlmmj and mlmmjadmin in this tutorial.
|
||||||
|
|
||||||
|
## Backup SQL database first
|
||||||
|
|
||||||
|
Although we don't modify any existing SQL data in this tutorial, but it's
|
||||||
|
a good idea to backup it now before you adding any new mailing lists.
|
||||||
|
|
||||||
|
Please run command `bash /var/vmail/backup/backup_pgsql.sh` to backup SQL
|
||||||
|
databases.
|
||||||
|
|
||||||
|
## Create required system account
|
||||||
|
|
||||||
|
mlmmj will be ran as user `mlmmj` and group `mlmmj`, all mailing list data will
|
||||||
|
be stored under its home directory `/var/vmail/mlmmj`:
|
||||||
|
|
||||||
|
On Linux or OpenBSD:
|
||||||
|
|
||||||
|
```
|
||||||
|
groupadd mlmmj
|
||||||
|
useradd -m -d /var/vmail/mlmmj -s /sbin/nologin mlmmj
|
||||||
|
chown -R mlmmj:mlmmj /var/vmail/mlmmj
|
||||||
|
chmod -R 0700 /var/vmail/mlmmj
|
||||||
|
```
|
||||||
|
|
||||||
|
On FreeBSD:
|
||||||
|
|
||||||
|
```
|
||||||
|
pw groupadd mlmmj
|
||||||
|
pw useradd -m -g mlmmj -s /sbin/nologin -d /var/vmail/mlmmj mlmmj
|
||||||
|
chown -R mlmmj:mlmmj /var/vmail/mlmmj
|
||||||
|
chmod -R 0700 /var/vmail/mlmmj
|
||||||
|
```
|
||||||
|
|
||||||
|
## Update SQL tables in `vmail` database
|
||||||
|
|
||||||
|
We need some updates in `vmail` SQL database:
|
||||||
|
|
||||||
|
* new SQL table `maillists`: used to store profile of mailing list.
|
||||||
|
* new SQL column `forwardings.is_maillist`
|
||||||
|
* new SQL column `domain.maillists`: used to set per-domain limit of mailing
|
||||||
|
list accounts. This column is mostly used by iRedAdmin-Pro.
|
||||||
|
|
||||||
|
Now apply the SQL changes with SQL commands below:
|
||||||
|
|
||||||
|
```
|
||||||
|
cd /tmp
|
||||||
|
wget https://bitbucket.org/zhb/iredmail/raw/default/extra/update/0.9.8/mlmmj.pgsql
|
||||||
|
su - postgres
|
||||||
|
psql -d vmail < /tmp/mlmmj.pgsql
|
||||||
|
```
|
||||||
|
|
||||||
|
## Postfix integration
|
||||||
|
|
||||||
|
* Please add lines below in Postfix config file `/etc/postfix/master.cf`:
|
||||||
|
|
||||||
|
!!! attention
|
||||||
|
|
||||||
|
* Command `/usr/bin/mlmmj-amime-receive` doesn't exist yet, we will
|
||||||
|
create it later.
|
||||||
|
* On FreeBSD and OpenBSD, it should be
|
||||||
|
`/usr/local/usr/bin/mlmmj-amime-receive` instead.
|
||||||
|
|
||||||
|
```
|
||||||
|
# ${nexthop} is '%d/%u' in transport ('mlmmj:%d/%u')
|
||||||
|
mlmmj unix - n n - - pipe
|
||||||
|
flags=ORhu user=mlmmj argv=/usr/bin/mlmmj-amime-receive -L /var/vmail/mlmmj/${nexthop}
|
||||||
|
```
|
||||||
|
|
||||||
|
* Add line below in Postfix config file `/etc/postfix/main.cf`:
|
||||||
|
|
||||||
|
```
|
||||||
|
mlmmj_destination_recipient_limit = 1
|
||||||
|
```
|
||||||
|
|
||||||
|
* Open Postfix config file `/etc/postfix/main.cf`, update existing parameter
|
||||||
|
`transport_maps`, add new sql lookup like below. We will create required sql
|
||||||
|
lookup file later.
|
||||||
|
|
||||||
|
```
|
||||||
|
transport_maps =
|
||||||
|
proxy:pgsql:/etc/postfix/pgsql/transport_maps_user.cf
|
||||||
|
proxy:pgsql:/etc/postfix/pgsql/transport_maps_maillist.cf # <- Add this line
|
||||||
|
...
|
||||||
|
```
|
||||||
|
|
||||||
|
* Now create file `/etc/postfix/pgsql/mlmmj_maillists_maps.cf`:
|
||||||
|
|
||||||
|
!!! warning
|
||||||
|
|
||||||
|
Please update the `password =` line with the real password of SQL user
|
||||||
|
`vmail`, you can find it in files under `/etc/postfix/pgsql/`.
|
||||||
|
|
||||||
|
```
|
||||||
|
user = vmail
|
||||||
|
password = qsescZvV03f6YUtTMN2bQTejmjatzz
|
||||||
|
hosts = 127.0.0.1
|
||||||
|
port = 3306
|
||||||
|
dbname = vmail
|
||||||
|
query = SELECT maillists.transport FROM maillists,domain WHERE maillists.address='%s' AND maillists.active=1 AND maillists.domain = domain.domain AND domain.active=1
|
||||||
|
```
|
||||||
|
|
||||||
|
* Run commands below to create file `/usr/bin/mlmmj-amime-receive` (Linux) or
|
||||||
|
`/usr/local/bin/mlmmj-amime-receive` (Linux/FreeBSD):
|
||||||
|
|
||||||
|
!!! attention
|
||||||
|
|
||||||
|
mlmmj doesn't support signature signing very well, so we follow mlmmj
|
||||||
|
official document and create this script to sign signature properly with
|
||||||
|
command `altermime`. All iRedMail installation should have command
|
||||||
|
`altermime` (package `AlterMIME`) available, so you don't need to install
|
||||||
|
it manually
|
||||||
|
|
||||||
|
On Linux:
|
||||||
|
|
||||||
|
```
|
||||||
|
cd /usr/bin/
|
||||||
|
wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/mlmmj/mlmmj-amime-receive
|
||||||
|
chown mlmmj:mlmmj mlmj-amime-receive
|
||||||
|
chmod 0550 mlmmj-amime-receive
|
||||||
|
perl -pi -e 's#PH_CMD_MLMMJ_RECEIVE#/usr/bin/mlmmj-receive#g' mlmmj-amime-receive
|
||||||
|
perl -pi -e 's#PH_CMD_ALTERMIME#/usr/bin/altermime#g' mlmmj-amime-receive
|
||||||
|
```
|
||||||
|
|
||||||
|
On FreeBSD or OpenBSD:
|
||||||
|
|
||||||
|
```
|
||||||
|
cd /usr/local/bin/
|
||||||
|
wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/mlmmj/mlmmj-amime-receive
|
||||||
|
chown mlmmj:mlmmj mlmj-amime-receive
|
||||||
|
chmod 0550 mlmmj-amime-receive
|
||||||
|
perl -pi -e 's#PH_CMD_MLMMJ_RECEIVE#/usr/local/bin/mlmmj-receive#g' mlmmj-amime-receive
|
||||||
|
perl -pi -e 's#PH_CMD_ALTERMIME#/usr/local/bin/altermime#g' mlmmj-amime-receive
|
||||||
|
```
|
||||||
|
|
||||||
|
## Amavisd Integration
|
||||||
|
|
||||||
|
We need Amavisd to listen on one more port `10027`, it will be used to scan
|
||||||
|
spam/virus for emails posted to mailing list.
|
||||||
|
|
||||||
|
* Please open Amavisd config file, find parameter `$inet_socket_port`, add new
|
||||||
|
port number `10027` in the list, like below:
|
||||||
|
- On RHEL/CentOS, it's `/etc/amavisd/amavisd.conf`.
|
||||||
|
- On Debian/Ubuntu, it's `/etc/amavis/conf.d/50-user`.
|
||||||
|
- On OpenBSD, it's `/etc/amavisd.conf`.
|
||||||
|
- On FreeBSD, it's `/usr/local/etc/amavisd.conf`.
|
||||||
|
|
||||||
|
```
|
||||||
|
$inet_socket_port = [10024, 10026, 10027, 9998];
|
||||||
|
```
|
||||||
|
|
||||||
|
* Add lines below in Amavisd config file. It creates a new policy bank called
|
||||||
|
`MLMMJ` for emails submitted by mlmmj from port 10027. The purpose is signing
|
||||||
|
DKIM key on outgoing emails sent by mailing list, but disable
|
||||||
|
spam/virus/banned/bad-header checks, because emails sent to mailing list will
|
||||||
|
be scanned either on port 10024 (incoming email from external senders) or
|
||||||
|
10026 (outgoing email sent by smtp authenticated users).
|
||||||
|
|
||||||
|
```
|
||||||
|
$interface_policy{'10027'} = 'MLMMJ';
|
||||||
|
$policy_bank{'MLMMJ'} = {
|
||||||
|
originating => 1, # declare that mail was submitted by our smtp client
|
||||||
|
allow_disclaimers => 0, # mailing list should use footer text instead.
|
||||||
|
enable_dkim_signing => 1, # sign DKIm signature
|
||||||
|
smtpd_discard_ehlo_keywords => ['8BITMIME'],
|
||||||
|
terminate_dsn_on_notify_success => 0, # don't remove NOTIFY=SUCCESS option
|
||||||
|
bypass_spam_checks_maps => [1], # don't check spam
|
||||||
|
bypass_virus_checks_maps => [1], # don't check virus
|
||||||
|
bypass_banned_checks_maps => [1], # don't check banned file names and types
|
||||||
|
bypass_header_checks_maps => [1], # don't check bad header
|
||||||
|
};
|
||||||
|
```
|
||||||
|
|
||||||
|
Now restart Amavisd and Postfix servivce, mlmmj mailing list manager is now
|
||||||
|
fully integrated.
|
||||||
|
|
||||||
|
We will setup `mlmmjadmin` program to make managing mailing lists easier.
|
||||||
|
|
||||||
|
## Setup mlmmjadmin: RESTful API server used to manage mlmmj mailing lists
|
||||||
|
|
||||||
|
* Download the latest mlmmjadmin release: <https://github.com/iredmail/mlmmjadmin/releases>,
|
||||||
|
and upload to iRedMail server. We assume it's uploaded to `/root/` directory.
|
||||||
|
|
||||||
|
!!! attention
|
||||||
|
|
||||||
|
We use `mlmmjadmin-1.0` for example below.
|
||||||
|
|
||||||
|
* Extract downloaded mlmmjadmin package to `/opt/` directory, and create a
|
||||||
|
symbol link:
|
||||||
|
|
||||||
|
```
|
||||||
|
tar xjf /root/mlmmjadmin-1.0.tar.bz2 -C /opt
|
||||||
|
ln -s /opt/mlmmjadmin-1.0 /opt/mlmmjadmin
|
||||||
|
```
|
||||||
|
|
||||||
|
* Generate config file by copying sample file, `settings.py.sample`:
|
||||||
|
|
||||||
|
```
|
||||||
|
cd /opt/mlmmjadmin
|
||||||
|
cp settings.py.sample settings.py
|
||||||
|
chown mlmmj:mlmmj settings.py
|
||||||
|
chmod 0400 settings.py
|
||||||
|
```
|
||||||
|
|
||||||
|
* Generate a random, long string as API auth token, it will be used by your
|
||||||
|
API client. For example:
|
||||||
|
|
||||||
|
```
|
||||||
|
$ echo $RANDOM | md5sum
|
||||||
|
43a89b7aa34354089e629ed9f9be0b3b
|
||||||
|
```
|
||||||
|
|
||||||
|
* Add this string in `/opt/mlmmjadmin/settings.py`, parameter `api_auth_tokens`
|
||||||
|
like below:
|
||||||
|
|
||||||
|
```
|
||||||
|
api_auth_tokens = ['43a89b7aa34354089e629ed9f9be0b3b']
|
||||||
|
```
|
||||||
|
|
||||||
|
You can add as many token as you want for different API clients. For example:
|
||||||
|
|
||||||
|
```
|
||||||
|
api_auth_tokens = ['43a89b7aa34354089e629ed9f9be0b3b', '703ed37b20243d7c51c56ce6cd90e94c']
|
||||||
|
```
|
||||||
|
|
||||||
|
* if you manage mail accounts __WITH__ iRedAdmin-Pro, please set values of
|
||||||
|
parameters `backend_api` and `backend_cli` in `/opt/mlmmjadmin/settings.py`
|
||||||
|
like below:
|
||||||
|
|
||||||
|
```
|
||||||
|
backend_api = 'bk_none'
|
||||||
|
backend_cli = 'bk_iredmail_sql'
|
||||||
|
```
|
||||||
|
|
||||||
|
* if you do __NOT__ manage mail accounts with iRedAdmin-Pro, please set values
|
||||||
|
of parameters `backend_api` and `backend_cli` in `/opt/mlmmjadmin/settings.py`
|
||||||
|
like below:
|
||||||
|
|
||||||
|
```
|
||||||
|
backend_api = 'bk_iredmail_sql'
|
||||||
|
backend_cli = 'bk_iredmail_sql'
|
||||||
|
```
|
||||||
|
|
||||||
|
* Add extra required parameters in `/opt/mlmmjadmin/settings.py`, so that
|
||||||
|
mlmmjadmin can connect to SQL server and manage mailing lists.
|
||||||
|
|
||||||
|
!!! attention
|
||||||
|
|
||||||
|
You can find SQL server address, port, database name, SQL username and
|
||||||
|
password in iRedAdmin config file, the SQL user must have both read and
|
||||||
|
write privileges to manage `vmail` database. iRedMail server usually
|
||||||
|
use SQL user `vmailadmin` for this purpose.
|
||||||
|
|
||||||
|
```
|
||||||
|
iredmail_sql_db_type = 'pgsql'
|
||||||
|
iredmail_sql_db_server = '127.0.0.1'
|
||||||
|
iredmail_sql_db_port = 3306
|
||||||
|
iredmail_sql_db_name = 'vmail'
|
||||||
|
iredmail_sql_db_user = 'vmailadmin'
|
||||||
|
iredmail_sql_db_password = '<password>'
|
||||||
|
```
|
||||||
|
|
||||||
|
* Copy rc/systemd scripts for service control:
|
||||||
|
|
||||||
|
```
|
||||||
|
#
|
||||||
|
# For RHEL/CentOS
|
||||||
|
#
|
||||||
|
cp /opt/mlmmjadmin/rc_scripts/systemd/rhel.service /lib/systemd/system/mlmmjadmin.service
|
||||||
|
chmod 0644 /lib/systemd/system/mlmmjadmin.service
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl enable mlmmjadmin
|
||||||
|
|
||||||
|
#
|
||||||
|
# For Debian 9 and Ubuntu 16.04 which uses systemd
|
||||||
|
#
|
||||||
|
cp /opt/mlmmjadmin/rc_scripts/systemd/debian.service /lib/systemd/system/mlmmjadmin.service
|
||||||
|
chmod 0644 /lib/systemd/system/mlmmjadmin.service
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl enable mlmmjadmin
|
||||||
|
|
||||||
|
#
|
||||||
|
# For FreeBSD
|
||||||
|
#
|
||||||
|
cp /opt/mlmmjadmin/rc_scripts/mlmmjadmin.freebsd /usr/local/etc/rc.d/mlmmjadmin
|
||||||
|
chmod 0755 /usr/local/etc/rc.d/mlmmjadmin
|
||||||
|
echo 'mlmmjadmin_enable=YES' >> /etc/rc.conf.local
|
||||||
|
|
||||||
|
#
|
||||||
|
# For OpenBSD
|
||||||
|
#
|
||||||
|
cp /opt/mlmmjadmin/rc_scripts/mlmmjadmin.openbsd /etc/rc.d/mlmmjadmin
|
||||||
|
chmod 0755 /etc/rc.d/mlmmjadmin
|
||||||
|
rcctl enable mlmmjadmin
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
* Create directory used to store mlmmjadmin log file. mlmmjadmin is
|
||||||
|
configured to log to syslog directly.
|
||||||
|
|
||||||
|
```
|
||||||
|
#
|
||||||
|
# For RHEL/CentOS
|
||||||
|
#
|
||||||
|
mkdir /var/log/mlmmjadmin
|
||||||
|
chown root:root /var/log/mlmmjadmin
|
||||||
|
chmod 0755 /var/log/mlmmjadmin
|
||||||
|
|
||||||
|
#
|
||||||
|
# For Debian/Ubuntu
|
||||||
|
#
|
||||||
|
mkdir /var/log/mlmmjadmin
|
||||||
|
chown syslog:adm /var/log/mlmmjadmin
|
||||||
|
chmod 0755 /var/log/mlmmjadmin
|
||||||
|
|
||||||
|
#
|
||||||
|
# For OpenBSD/FreeBSD
|
||||||
|
#
|
||||||
|
mkdir /var/log/mlmmjadmin
|
||||||
|
chown root:wheel /var/log/mlmmjadmin
|
||||||
|
chmod 0755 /var/log/mlmmjadmin
|
||||||
|
```
|
||||||
|
|
||||||
|
* Update syslog daemon config file to log mlmmjadmin to dedicated log file:
|
||||||
|
|
||||||
|
For Linux
|
||||||
|
|
||||||
|
```
|
||||||
|
cp /opt/mlmmjadmin/samples/rsyslog/mlmmjadmin.conf /etc/rsyslog.d/
|
||||||
|
service rsyslog restart
|
||||||
|
```
|
||||||
|
|
||||||
|
For OpenBSD, please append below lines in `/etc/syslog.conf`:
|
||||||
|
|
||||||
|
```
|
||||||
|
!!mlmmjadmin
|
||||||
|
local5.* /var/log/mlmmjadmin/mlmmjadmin.log
|
||||||
|
```
|
||||||
|
|
||||||
|
For FreeBSD, please append below lines in `/etc/syslog.conf`:
|
||||||
|
|
||||||
|
```
|
||||||
|
!mlmmjadmin
|
||||||
|
local5.* /var/log/mlmmjadmin/mlmmjadmin.log
|
||||||
|
```
|
||||||
|
|
||||||
|
* Now it's ok to start `mlmmjadmin` service:
|
||||||
|
|
||||||
|
```
|
||||||
|
#
|
||||||
|
# On Linux/FreeBSD:
|
||||||
|
#
|
||||||
|
service mlmmjadmin restart
|
||||||
|
|
||||||
|
#
|
||||||
|
# On OpenBSD
|
||||||
|
#
|
||||||
|
rcctl start mlmmjadmin
|
||||||
|
```
|
||||||
|
|
||||||
|
## References
|
||||||
|
|
||||||
|
* iRedMail: <http://www.iredmail.org>
|
||||||
|
* Mlmmj: <http://mlmmj.org/>
|
||||||
|
* Tunable parameters: <http://mlmmj.org/docs/tunables/>
|
||||||
|
* Postfix integration: <http://mlmmj.org/docs/readme-postfix/>
|
||||||
|
* mlmmjadmin: RESTful API server used to manage mlmmj mailing lists. Developed
|
||||||
|
and maintained by iRedMail team. <https://github.com/iredmail/mlmmjadmin>
|
|
@ -2,9 +2,10 @@
|
||||||
|
|
||||||
* CentOS 6: [MySQL](./sogo-centos-6-mysql.html), [OpenLDAP](./sogo-centos-6-openldap.html).
|
* CentOS 6: [MySQL](./sogo-centos-6-mysql.html), [OpenLDAP](./sogo-centos-6-openldap.html).
|
||||||
|
|
||||||
* Integrate mlmmj mailing list manager:
|
* Integrate mlmmj mailing list manager (mlmmj is a core component since iRedMail-0.9.8):
|
||||||
* [For LDAP backends](./integration.mlmmj.ldap.html)
|
* [For LDAP backends](./integration.mlmmj.ldap.html)
|
||||||
* [For MySQL backends](./integration.mlmmj.mysql.html)
|
* [For MySQL/MariaDB backend](./integration.mlmmj.mysql.html)
|
||||||
|
* [For PostgreSQL backend](./integration.mlmmj.pgsql.html)
|
||||||
|
|
||||||
Documents contributed by iRedMail users:
|
Documents contributed by iRedMail users:
|
||||||
|
|
||||||
|
|
|
@ -159,10 +159,11 @@
|
||||||
</ul>
|
</ul>
|
||||||
</li>
|
</li>
|
||||||
<li>
|
<li>
|
||||||
<p>Integrate mlmmj mailing list manager:</p>
|
<p>Integrate mlmmj mailing list manager (mlmmj is a core component since iRedMail-0.9.8):</p>
|
||||||
<ul>
|
<ul>
|
||||||
<li><a href="./integration.mlmmj.ldap.html">For LDAP backends</a></li>
|
<li><a href="./integration.mlmmj.ldap.html">For LDAP backends</a></li>
|
||||||
<li><a href="./integration.mlmmj.mysql.html">For MySQL backends</a></li>
|
<li><a href="./integration.mlmmj.mysql.html">For MySQL/MariaDB backend</a></li>
|
||||||
|
<li><a href="./integration.mlmmj.pgsql.html">For PostgreSQL backend</a></li>
|
||||||
</ul>
|
</ul>
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
|
@ -53,7 +53,8 @@ to help manage mailing lists, it also offers script tool to manage mailing
|
||||||
lists from command line.</p>
|
lists from command line.</p>
|
||||||
<p>We will show you how to integrate both mlmmj and mlmmjadmin in this tutorial.</p>
|
<p>We will show you how to integrate both mlmmj and mlmmjadmin in this tutorial.</p>
|
||||||
<h2 id="backup-ldap-data-first">Backup LDAP data first</h2>
|
<h2 id="backup-ldap-data-first">Backup LDAP data first</h2>
|
||||||
<p>Before you do any changes, please backup existing LDAP data first.</p>
|
<p>Although we don't modify any existing LDAP data in this tutorial, but it's
|
||||||
|
a good idea to backup it now before you adding any new mailing lists.</p>
|
||||||
<ul>
|
<ul>
|
||||||
<li>For OpenLDAP, please run command <code>bash /var/vmail/backup/backup_openldap.sh</code> to backup.</li>
|
<li>For OpenLDAP, please run command <code>bash /var/vmail/backup/backup_openldap.sh</code> to backup.</li>
|
||||||
<li>For OpenBSD ldapd, please run command <code>bash /var/vmail/backup/backup_ldapd.sh</code> to backup.</li>
|
<li>For OpenBSD ldapd, please run command <code>bash /var/vmail/backup/backup_ldapd.sh</code> to backup.</li>
|
||||||
|
@ -92,6 +93,12 @@ mlmmj unix - n n - - pipe
|
||||||
flags=ORhu user=mlmmj argv=/usr/bin/mlmmj-amime-receive -L /var/vmail/mlmmj/${nexthop}
|
flags=ORhu user=mlmmj argv=/usr/bin/mlmmj-amime-receive -L /var/vmail/mlmmj/${nexthop}
|
||||||
</code></pre>
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Add line below in Postfix config file <code>/etc/postfix/main.cf</code>:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>mlmmj_destination_recipient_limit = 1
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
<ul>
|
<ul>
|
||||||
<li>Open file <code>/etc/postfix/ldap/virtual_group_maps.cf</code>, replace the
|
<li>Open file <code>/etc/postfix/ldap/virtual_group_maps.cf</code>, replace the
|
||||||
<code>query_filter</code> line by below one. It will query old mailing list and new
|
<code>query_filter</code> line by below one. It will query old mailing list and new
|
||||||
|
@ -112,6 +119,14 @@ mlmmj unix - n n - - pipe
|
||||||
<li>Run commands below to create file <code>/usr/bin/mlmmj-amime-receive</code> (Linux) or
|
<li>Run commands below to create file <code>/usr/bin/mlmmj-amime-receive</code> (Linux) or
|
||||||
<code>/usr/local/bin/mlmmj-amime-receive</code> (Linux/FreeBSD):</li>
|
<code>/usr/local/bin/mlmmj-amime-receive</code> (Linux/FreeBSD):</li>
|
||||||
</ul>
|
</ul>
|
||||||
|
<div class="admonition attention">
|
||||||
|
<p class="admonition-title">Attention</p>
|
||||||
|
<p>mlmmj doesn't support signature signing very well, so we follow mlmmj
|
||||||
|
official document and create this script to sign signature properly with
|
||||||
|
command <code>altermime</code>. All iRedMail installation should have command
|
||||||
|
<code>altermime</code> (package <code>AlterMIME</code>) available, so you don't need to install
|
||||||
|
it manually</p>
|
||||||
|
</div>
|
||||||
<p>On Linux:</p>
|
<p>On Linux:</p>
|
||||||
<pre><code>cd /usr/bin/
|
<pre><code>cd /usr/bin/
|
||||||
wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/mlmmj/mlmmj-amime-receive
|
wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/mlmmj/mlmmj-amime-receive
|
||||||
|
@ -147,14 +162,12 @@ spam/virus for emails posted to mailing list.</p>
|
||||||
</code></pre>
|
</code></pre>
|
||||||
|
|
||||||
<ul>
|
<ul>
|
||||||
<li>
|
<li>Add lines below in Amavisd config file. It creates a new policy bank called
|
||||||
<p>Add lines below in Amavisd config file. It creates a new policy bank called
|
<code>MLMMJ</code> for emails submitted by mlmmj from port 10027. The purpose is signing
|
||||||
<code>MLMMJ</code> for emails submitted by mlmmj from port 10027.</p>
|
DKIM key on outgoing emails sent by mailing list, but disable
|
||||||
<p>Note: This policy bank doesn't perform spam/virus/banned/bad-header checks
|
spam/virus/banned/bad-header checks, because emails sent to mailing list will
|
||||||
because emails sent to mailing list will be scanned either on port 10024
|
be scanned either on port 10024 (incoming email from external senders) or
|
||||||
(incoming email from external senders) or 10026 (outgoing email sent by
|
10026 (outgoing email sent by smtp authenticated users).</li>
|
||||||
smtp authenticated users).</p>
|
|
||||||
</li>
|
|
||||||
</ul>
|
</ul>
|
||||||
<pre><code>$interface_policy{'10027'} = 'MLMMJ';
|
<pre><code>$interface_policy{'10027'} = 'MLMMJ';
|
||||||
$policy_bank{'MLMMJ'} = {
|
$policy_bank{'MLMMJ'} = {
|
||||||
|
@ -174,16 +187,18 @@ $policy_bank{'MLMMJ'} = {
|
||||||
fully integrated. We will setup <code>mlmmjadmin</code> to make managing mailing lists easier.</p>
|
fully integrated. We will setup <code>mlmmjadmin</code> to make managing mailing lists easier.</p>
|
||||||
<h2 id="setup-mlmmjadmin-a-restful-api-server-used-to-manage-mlmmj-mailing-lists">Setup mlmmjadmin: a RESTful API server used to manage mlmmj mailing lists</h2>
|
<h2 id="setup-mlmmjadmin-a-restful-api-server-used-to-manage-mlmmj-mailing-lists">Setup mlmmjadmin: a RESTful API server used to manage mlmmj mailing lists</h2>
|
||||||
<ul>
|
<ul>
|
||||||
<li>Download the latest mlmmjadmin release: <a href="https://github.com/iredmail/mlmmjadmin/releases">https://github.com/iredmail/mlmmjadmin/releases</a>,
|
<li>
|
||||||
upload to iRedMail server. We assume it's uploaded to <code>/root/</code> directory.</li>
|
<p>Download the latest mlmmjadmin release: <a href="https://github.com/iredmail/mlmmjadmin/releases">https://github.com/iredmail/mlmmjadmin/releases</a>,
|
||||||
</ul>
|
upload to iRedMail server. We assume it's uploaded to <code>/root/</code> directory.</p>
|
||||||
<div class="admonition attention">
|
<div class="admonition attention">
|
||||||
<p class="admonition-title">Attention</p>
|
<p class="admonition-title">Attention</p>
|
||||||
<p>NOTE: We use <code>mlmmjadmin-1.0</code> for example below.</p>
|
<p>We use <code>mlmmjadmin-1.0</code> for example below.</p>
|
||||||
</div>
|
</div>
|
||||||
<ul>
|
</li>
|
||||||
<li>Extract downloaded mlmmjadmin package to <code>/opt/</code> directory, and create a
|
<li>
|
||||||
symbol link:</li>
|
<p>Extract downloaded mlmmjadmin package to <code>/opt/</code> directory, and create a
|
||||||
|
symbol link:</p>
|
||||||
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
<pre><code>tar xjf /root/mlmmjadmin-1.0.tar.bz2 -C /opt
|
<pre><code>tar xjf /root/mlmmjadmin-1.0.tar.bz2 -C /opt
|
||||||
ln -s /opt/mlmmjadmin-1.0 /opt/mlmmjadmin
|
ln -s /opt/mlmmjadmin-1.0 /opt/mlmmjadmin
|
||||||
|
@ -236,17 +251,18 @@ backend_cli = 'bk_iredmail_ldap'
|
||||||
</code></pre>
|
</code></pre>
|
||||||
|
|
||||||
<ul>
|
<ul>
|
||||||
<li>Add extra required parameters in <code>/opt/mlmmjadmin/settings.py</code>, so that
|
<li>
|
||||||
mlmmjadmin can manage mailing lists stored in LDAP server.</li>
|
<p>Add extra required parameters in <code>/opt/mlmmjadmin/settings.py</code>, so that
|
||||||
</ul>
|
mlmmjadmin can manage mailing lists stored in LDAP server.</p>
|
||||||
<div class="admonition attention">
|
<div class="admonition attention">
|
||||||
<p class="admonition-title">Attention</p>
|
<p class="admonition-title">Attention</p>
|
||||||
<ul>
|
<p>You can find LDAP URI, basedn, bind_dn, bind_password in iRedAdmin
|
||||||
<li>You can find LDAP URI, basedn, bind_dn, bind_password in iRedAdmin
|
config file, the bind dn must have both read and write privileges to
|
||||||
config file.</li>
|
manage LDAP server, iRedMail server usually use bind dn
|
||||||
<li>LDAP bind dn must have read and write privilege to access LDAP server.</li>
|
<code>cn=vmailadmin,dc=xx,dc=xx</code> for this purpose.</p>
|
||||||
</ul>
|
|
||||||
</div>
|
</div>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
<pre><code>iredmail_ldap_uri = 'ldap://127.0.0.1'
|
<pre><code>iredmail_ldap_uri = 'ldap://127.0.0.1'
|
||||||
iredmail_ldap_basedn = 'o=domains,dc=XXX,dc=XXX'
|
iredmail_ldap_basedn = 'o=domains,dc=XXX,dc=XXX'
|
||||||
iredmail_ldap_bind_dn = 'cn=vmailadmin,dc=XXX,dc=XXX'
|
iredmail_ldap_bind_dn = 'cn=vmailadmin,dc=XXX,dc=XXX'
|
||||||
|
|
|
@ -0,0 +1,416 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||||||
|
<title>Integrate mlmmj mailing list manager in iRedMail (MySQL/MariaDB backends)</title>
|
||||||
|
<link rel="stylesheet" type="text/css" href="./css/markdown.css" />
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
|
||||||
|
<div id="navigation">
|
||||||
|
<a href="https://www.iredmail.org" target="_blank">
|
||||||
|
<img alt="iRedMail web site"
|
||||||
|
src="./images/logo-iredmail.png"
|
||||||
|
style="vertical-align: middle; height: 30px;"
|
||||||
|
/>
|
||||||
|
<span>iRedMail</span>
|
||||||
|
</a>
|
||||||
|
// <a href="./index.html">Document Index</a></div><h1 id="integrate-mlmmj-mailing-list-manager-in-iredmail-mysqlmariadb-backends">Integrate mlmmj mailing list manager in iRedMail (MySQL/MariaDB backends)</h1>
|
||||||
|
<div class="toc">
|
||||||
|
<ul>
|
||||||
|
<li><a href="#integrate-mlmmj-mailing-list-manager-in-iredmail-mysqlmariadb-backends">Integrate mlmmj mailing list manager in iRedMail (MySQL/MariaDB backends)</a><ul>
|
||||||
|
<li><a href="#summary">Summary</a></li>
|
||||||
|
<li><a href="#backup-sql-database-first">Backup SQL database first</a></li>
|
||||||
|
<li><a href="#create-required-system-account">Create required system account</a></li>
|
||||||
|
<li><a href="#update-sql-tables-in-vmail-database">Update SQL tables in vmail database</a></li>
|
||||||
|
<li><a href="#postfix-integration">Postfix integration</a></li>
|
||||||
|
<li><a href="#amavisd-integration">Amavisd Integration</a></li>
|
||||||
|
<li><a href="#setup-mlmmjadmin-restful-api-server-used-to-manage-mlmmj-mailing-lists">Setup mlmmjadmin: RESTful API server used to manage mlmmj mailing lists</a></li>
|
||||||
|
<li><a href="#references">References</a></li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
<h2 id="summary">Summary</h2>
|
||||||
|
<p>In iRedMail-0.9.8, we integrate <a href="http://mlmmj.org">mlmmj</a> - a simple and slim
|
||||||
|
mailing list manager. It uses very few resources, and requires no daemons, easy
|
||||||
|
to install, configure and manage. if offers a great set of features, including:</p>
|
||||||
|
<ul>
|
||||||
|
<li>Archive</li>
|
||||||
|
<li>Subject prefix</li>
|
||||||
|
<li>Subscribers only posting</li>
|
||||||
|
<li>Moderators only posting</li>
|
||||||
|
<li>Moderation functionality</li>
|
||||||
|
<li>Custom headers / footer</li>
|
||||||
|
<li>Fully automated bounce handling</li>
|
||||||
|
<li>Complete requeueing functionality</li>
|
||||||
|
<li>Regular expression access control</li>
|
||||||
|
<li>Delivery Status Notification (RFC1891) support</li>
|
||||||
|
<li>Rich, customisable texts for automated operations</li>
|
||||||
|
<li>and more</li>
|
||||||
|
</ul>
|
||||||
|
<p>iRedMail team also developes a simple RESTful API server called <code>mlmmjadmin</code>
|
||||||
|
to help manage mailing lists, it also offers script tool to manage mailing
|
||||||
|
lists from command line.</p>
|
||||||
|
<p>We will show you how to integrate both mlmmj and mlmmjadmin in this tutorial.</p>
|
||||||
|
<h2 id="backup-sql-database-first">Backup SQL database first</h2>
|
||||||
|
<p>Although we don't modify any existing SQL data in this tutorial, but it's
|
||||||
|
a good idea to backup it now before you adding any new mailing lists.</p>
|
||||||
|
<p>Please run command <code>bash /var/vmail/backup/backup_mysql.sh</code> to backup SQL
|
||||||
|
databases.</p>
|
||||||
|
<h2 id="create-required-system-account">Create required system account</h2>
|
||||||
|
<p>mlmmj will be ran as user <code>mlmmj</code> and group <code>mlmmj</code>, all mailing list data will
|
||||||
|
be stored under its home directory <code>/var/vmail/mlmmj</code>:</p>
|
||||||
|
<p>On Linux or OpenBSD:</p>
|
||||||
|
<pre><code>groupadd mlmmj
|
||||||
|
useradd -m -d /var/vmail/mlmmj -s /sbin/nologin mlmmj
|
||||||
|
chown -R mlmmj:mlmmj /var/vmail/mlmmj
|
||||||
|
chmod -R 0700 /var/vmail/mlmmj
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<p>On FreeBSD:</p>
|
||||||
|
<pre><code>pw groupadd mlmmj
|
||||||
|
pw useradd -m -g mlmmj -s /sbin/nologin -d /var/vmail/mlmmj mlmmj
|
||||||
|
chown -R mlmmj:mlmmj /var/vmail/mlmmj
|
||||||
|
chmod -R 0700 /var/vmail/mlmmj
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<h2 id="update-sql-tables-in-vmail-database">Update SQL tables in <code>vmail</code> database</h2>
|
||||||
|
<p>We need some updates in <code>vmail</code> SQL database:</p>
|
||||||
|
<ul>
|
||||||
|
<li>new SQL table <code>maillists</code>: used to store profile of mailing list.</li>
|
||||||
|
<li>new SQL column <code>forwardings.is_maillist</code></li>
|
||||||
|
<li>new SQL column <code>domain.maillists</code>: used to set per-domain limit of mailing
|
||||||
|
list accounts. This column is mostly used by iRedAdmin-Pro.</li>
|
||||||
|
</ul>
|
||||||
|
<p>Now apply the SQL changes with SQL commands below:</p>
|
||||||
|
<pre><code>cd /tmp
|
||||||
|
wget https://bitbucket.org/zhb/iredmail/raw/default/extra/update/0.9.8/mlmmj.mysql
|
||||||
|
mysql vmail < mlmmj.mysql
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<h2 id="postfix-integration">Postfix integration</h2>
|
||||||
|
<ul>
|
||||||
|
<li>
|
||||||
|
<p>Please add lines below in Postfix config file <code>/etc/postfix/master.cf</code>:</p>
|
||||||
|
<div class="admonition attention">
|
||||||
|
<p class="admonition-title">Attention</p>
|
||||||
|
<ul>
|
||||||
|
<li>Command <code>/usr/bin/mlmmj-amime-receive</code> doesn't exist yet, we will
|
||||||
|
create it later.</li>
|
||||||
|
<li>On FreeBSD and OpenBSD, it should be
|
||||||
|
<code>/usr/local/usr/bin/mlmmj-amime-receive</code> instead.</li>
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code># ${nexthop} is '%d/%u' in transport ('mlmmj:%d/%u')
|
||||||
|
mlmmj unix - n n - - pipe
|
||||||
|
flags=ORhu user=mlmmj argv=/usr/bin/mlmmj-amime-receive -L /var/vmail/mlmmj/${nexthop}
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Add line below in Postfix config file <code>/etc/postfix/main.cf</code>:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>mlmmj_destination_recipient_limit = 1
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Open Postfix config file <code>/etc/postfix/main.cf</code>, update existing parameter
|
||||||
|
<code>transport_maps</code>, add new sql lookup like below. We will create required sql
|
||||||
|
lookup file later.</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>transport_maps =
|
||||||
|
proxy:mysql:/etc/postfix/mysql/transport_maps_user.cf
|
||||||
|
proxy:mysql:/etc/postfix/mysql/transport_maps_maillist.cf # <- Add this line
|
||||||
|
...
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Now create file <code>/etc/postfix/mysql/mlmmj_maillists_maps.cf</code>:</li>
|
||||||
|
</ul>
|
||||||
|
<div class="admonition warning">
|
||||||
|
<p class="admonition-title">Warning</p>
|
||||||
|
<p>Please update the <code>password =</code> line with the real password of SQL user
|
||||||
|
<code>vmail</code>, you can find it in files under <code>/etc/postfix/mysql/</code>.</p>
|
||||||
|
</div>
|
||||||
|
<pre><code>user = vmail
|
||||||
|
password = qsescZvV03f6YUtTMN2bQTejmjatzz
|
||||||
|
hosts = 127.0.0.1
|
||||||
|
port = 3306
|
||||||
|
dbname = vmail
|
||||||
|
query = SELECT maillists.transport FROM maillists,domain WHERE maillists.address='%s' AND maillists.active=1 AND maillists.domain = domain.domain AND domain.active=1
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Run commands below to create file <code>/usr/bin/mlmmj-amime-receive</code> (Linux) or
|
||||||
|
<code>/usr/local/bin/mlmmj-amime-receive</code> (Linux/FreeBSD):</li>
|
||||||
|
</ul>
|
||||||
|
<div class="admonition attention">
|
||||||
|
<p class="admonition-title">Attention</p>
|
||||||
|
<p>mlmmj doesn't support signature signing very well, so we follow mlmmj
|
||||||
|
official document and create this script to sign signature properly with
|
||||||
|
command <code>altermime</code>. All iRedMail installation should have command
|
||||||
|
<code>altermime</code> (package <code>AlterMIME</code>) available, so you don't need to install
|
||||||
|
it manually</p>
|
||||||
|
</div>
|
||||||
|
<p>On Linux:</p>
|
||||||
|
<pre><code>cd /usr/bin/
|
||||||
|
wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/mlmmj/mlmmj-amime-receive
|
||||||
|
chown mlmmj:mlmmj mlmj-amime-receive
|
||||||
|
chmod 0550 mlmmj-amime-receive
|
||||||
|
perl -pi -e 's#PH_CMD_MLMMJ_RECEIVE#/usr/bin/mlmmj-receive#g' mlmmj-amime-receive
|
||||||
|
perl -pi -e 's#PH_CMD_ALTERMIME#/usr/bin/altermime#g' mlmmj-amime-receive
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<p>On FreeBSD or OpenBSD:</p>
|
||||||
|
<pre><code>cd /usr/local/bin/
|
||||||
|
wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/mlmmj/mlmmj-amime-receive
|
||||||
|
chown mlmmj:mlmmj mlmj-amime-receive
|
||||||
|
chmod 0550 mlmmj-amime-receive
|
||||||
|
perl -pi -e 's#PH_CMD_MLMMJ_RECEIVE#/usr/local/bin/mlmmj-receive#g' mlmmj-amime-receive
|
||||||
|
perl -pi -e 's#PH_CMD_ALTERMIME#/usr/local/bin/altermime#g' mlmmj-amime-receive
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<h2 id="amavisd-integration">Amavisd Integration</h2>
|
||||||
|
<p>We need Amavisd to listen on one more port <code>10027</code>, it will be used to scan
|
||||||
|
spam/virus for emails posted to mailing list.</p>
|
||||||
|
<ul>
|
||||||
|
<li>Please open Amavisd config file, find parameter <code>$inet_socket_port</code>, add new
|
||||||
|
port number <code>10027</code> in the list, like below:<ul>
|
||||||
|
<li>On RHEL/CentOS, it's <code>/etc/amavisd/amavisd.conf</code>.</li>
|
||||||
|
<li>On Debian/Ubuntu, it's <code>/etc/amavis/conf.d/50-user</code>.</li>
|
||||||
|
<li>On OpenBSD, it's <code>/etc/amavisd.conf</code>.</li>
|
||||||
|
<li>On FreeBSD, it's <code>/usr/local/etc/amavisd.conf</code>.</li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>$inet_socket_port = [10024, 10026, 10027, 9998];
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Add lines below in Amavisd config file. It creates a new policy bank called
|
||||||
|
<code>MLMMJ</code> for emails submitted by mlmmj from port 10027. The purpose is signing
|
||||||
|
DKIM key on outgoing emails sent by mailing list, but disable
|
||||||
|
spam/virus/banned/bad-header checks, because emails sent to mailing list will
|
||||||
|
be scanned either on port 10024 (incoming email from external senders) or
|
||||||
|
10026 (outgoing email sent by smtp authenticated users).</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>$interface_policy{'10027'} = 'MLMMJ';
|
||||||
|
$policy_bank{'MLMMJ'} = {
|
||||||
|
originating => 1, # declare that mail was submitted by our smtp client
|
||||||
|
allow_disclaimers => 0, # mailing list should use footer text instead.
|
||||||
|
enable_dkim_signing => 1, # sign DKIm signature
|
||||||
|
smtpd_discard_ehlo_keywords => ['8BITMIME'],
|
||||||
|
terminate_dsn_on_notify_success => 0, # don't remove NOTIFY=SUCCESS option
|
||||||
|
bypass_spam_checks_maps => [1], # don't check spam
|
||||||
|
bypass_virus_checks_maps => [1], # don't check virus
|
||||||
|
bypass_banned_checks_maps => [1], # don't check banned file names and types
|
||||||
|
bypass_header_checks_maps => [1], # don't check bad header
|
||||||
|
};
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<p>Now restart Amavisd and Postfix servivce, mlmmj mailing list manager is now
|
||||||
|
fully integrated.</p>
|
||||||
|
<p>We will setup <code>mlmmjadmin</code> program to make managing mailing lists easier.</p>
|
||||||
|
<h2 id="setup-mlmmjadmin-restful-api-server-used-to-manage-mlmmj-mailing-lists">Setup mlmmjadmin: RESTful API server used to manage mlmmj mailing lists</h2>
|
||||||
|
<ul>
|
||||||
|
<li>
|
||||||
|
<p>Download the latest mlmmjadmin release: <a href="https://github.com/iredmail/mlmmjadmin/releases">https://github.com/iredmail/mlmmjadmin/releases</a>,
|
||||||
|
and upload to iRedMail server. We assume it's uploaded to <code>/root/</code> directory.</p>
|
||||||
|
<div class="admonition attention">
|
||||||
|
<p class="admonition-title">Attention</p>
|
||||||
|
<p>We use <code>mlmmjadmin-1.0</code> for example below.</p>
|
||||||
|
</div>
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
<p>Extract downloaded mlmmjadmin package to <code>/opt/</code> directory, and create a
|
||||||
|
symbol link:</p>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>tar xjf /root/mlmmjadmin-1.0.tar.bz2 -C /opt
|
||||||
|
ln -s /opt/mlmmjadmin-1.0 /opt/mlmmjadmin
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Generate config file by copying sample file, <code>settings.py.sample</code>:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>cd /opt/mlmmjadmin
|
||||||
|
cp settings.py.sample settings.py
|
||||||
|
chown mlmmj:mlmmj settings.py
|
||||||
|
chmod 0400 settings.py
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Generate a random, long string as API auth token, it will be used by your
|
||||||
|
API client. For example:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>$ echo $RANDOM | md5sum
|
||||||
|
43a89b7aa34354089e629ed9f9be0b3b
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Add this string in <code>/opt/mlmmjadmin/settings.py</code>, parameter <code>api_auth_tokens</code>
|
||||||
|
like below:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>api_auth_tokens = ['43a89b7aa34354089e629ed9f9be0b3b']
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<p>You can add as many token as you want for different API clients. For example:</p>
|
||||||
|
<pre><code>api_auth_tokens = ['43a89b7aa34354089e629ed9f9be0b3b', '703ed37b20243d7c51c56ce6cd90e94c']
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>if you manage mail accounts <strong>WITH</strong> iRedAdmin-Pro, please set values of
|
||||||
|
parameters <code>backend_api</code> and <code>backend_cli</code> in <code>/opt/mlmmjadmin/settings.py</code>
|
||||||
|
like below:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>backend_api = 'bk_none'
|
||||||
|
backend_cli = 'bk_iredmail_sql'
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>if you do <strong>NOT</strong> manage mail accounts with iRedAdmin-Pro, please set values
|
||||||
|
of parameters <code>backend_api</code> and <code>backend_cli</code> in <code>/opt/mlmmjadmin/settings.py</code>
|
||||||
|
like below:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>backend_api = 'bk_iredmail_sql'
|
||||||
|
backend_cli = 'bk_iredmail_sql'
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>
|
||||||
|
<p>Add extra required parameters in <code>/opt/mlmmjadmin/settings.py</code>, so that
|
||||||
|
mlmmjadmin can connect to SQL server and manage mailing lists.</p>
|
||||||
|
<div class="admonition attention">
|
||||||
|
<p class="admonition-title">Attention</p>
|
||||||
|
<p>You can find SQL server address, port, database name, SQL username and
|
||||||
|
password in iRedAdmin config file, the SQL user must have both read and
|
||||||
|
write privileges to manage <code>vmail</code> database. iRedMail server usually
|
||||||
|
use SQL user <code>vmailadmin</code> for this purpose.</p>
|
||||||
|
</div>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>iredmail_sql_db_type = 'mysql'
|
||||||
|
iredmail_sql_db_server = '127.0.0.1'
|
||||||
|
iredmail_sql_db_port = 3306
|
||||||
|
iredmail_sql_db_name = 'vmail'
|
||||||
|
iredmail_sql_db_user = 'vmailadmin'
|
||||||
|
iredmail_sql_db_password = '<password>'
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Copy rc/systemd scripts for service control:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>#
|
||||||
|
# For RHEL/CentOS
|
||||||
|
#
|
||||||
|
cp /opt/mlmmjadmin/rc_scripts/systemd/rhel.service /lib/systemd/system/mlmmjadmin.service
|
||||||
|
chmod 0644 /lib/systemd/system/mlmmjadmin.service
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl enable mlmmjadmin
|
||||||
|
|
||||||
|
#
|
||||||
|
# For Debian 9 and Ubuntu 16.04 which uses systemd
|
||||||
|
#
|
||||||
|
cp /opt/mlmmjadmin/rc_scripts/systemd/debian.service /lib/systemd/system/mlmmjadmin.service
|
||||||
|
chmod 0644 /lib/systemd/system/mlmmjadmin.service
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl enable mlmmjadmin
|
||||||
|
|
||||||
|
#
|
||||||
|
# For FreeBSD
|
||||||
|
#
|
||||||
|
cp /opt/mlmmjadmin/rc_scripts/mlmmjadmin.freebsd /usr/local/etc/rc.d/mlmmjadmin
|
||||||
|
chmod 0755 /usr/local/etc/rc.d/mlmmjadmin
|
||||||
|
echo 'mlmmjadmin_enable=YES' >> /etc/rc.conf.local
|
||||||
|
|
||||||
|
#
|
||||||
|
# For OpenBSD
|
||||||
|
#
|
||||||
|
cp /opt/mlmmjadmin/rc_scripts/mlmmjadmin.openbsd /etc/rc.d/mlmmjadmin
|
||||||
|
chmod 0755 /etc/rc.d/mlmmjadmin
|
||||||
|
rcctl enable mlmmjadmin
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Create directory used to store mlmmjadmin log file. mlmmjadmin is
|
||||||
|
configured to log to syslog directly.</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>#
|
||||||
|
# For RHEL/CentOS
|
||||||
|
#
|
||||||
|
mkdir /var/log/mlmmjadmin
|
||||||
|
chown root:root /var/log/mlmmjadmin
|
||||||
|
chmod 0755 /var/log/mlmmjadmin
|
||||||
|
|
||||||
|
#
|
||||||
|
# For Debian/Ubuntu
|
||||||
|
#
|
||||||
|
mkdir /var/log/mlmmjadmin
|
||||||
|
chown syslog:adm /var/log/mlmmjadmin
|
||||||
|
chmod 0755 /var/log/mlmmjadmin
|
||||||
|
|
||||||
|
#
|
||||||
|
# For OpenBSD/FreeBSD
|
||||||
|
#
|
||||||
|
mkdir /var/log/mlmmjadmin
|
||||||
|
chown root:wheel /var/log/mlmmjadmin
|
||||||
|
chmod 0755 /var/log/mlmmjadmin
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Update syslog daemon config file to log mlmmjadmin to dedicated log file:</li>
|
||||||
|
</ul>
|
||||||
|
<p>For Linux</p>
|
||||||
|
<pre><code>cp /opt/mlmmjadmin/samples/rsyslog/mlmmjadmin.conf /etc/rsyslog.d/
|
||||||
|
service rsyslog restart
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<p>For OpenBSD, please append below lines in <code>/etc/syslog.conf</code>:</p>
|
||||||
|
<pre><code>!!mlmmjadmin
|
||||||
|
local5.* /var/log/mlmmjadmin/mlmmjadmin.log
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<p>For FreeBSD, please append below lines in <code>/etc/syslog.conf</code>:</p>
|
||||||
|
<pre><code>!mlmmjadmin
|
||||||
|
local5.* /var/log/mlmmjadmin/mlmmjadmin.log
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Now it's ok to start <code>mlmmjadmin</code> service:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>#
|
||||||
|
# On Linux/FreeBSD:
|
||||||
|
#
|
||||||
|
service mlmmjadmin restart
|
||||||
|
|
||||||
|
#
|
||||||
|
# On OpenBSD
|
||||||
|
#
|
||||||
|
rcctl start mlmmjadmin
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<h2 id="references">References</h2>
|
||||||
|
<ul>
|
||||||
|
<li>iRedMail: <a href="http://www.iredmail.org">http://www.iredmail.org</a></li>
|
||||||
|
<li>Mlmmj: <a href="http://mlmmj.org/">http://mlmmj.org/</a><ul>
|
||||||
|
<li>Tunable parameters: <a href="http://mlmmj.org/docs/tunables/">http://mlmmj.org/docs/tunables/</a></li>
|
||||||
|
<li>Postfix integration: <a href="http://mlmmj.org/docs/readme-postfix/">http://mlmmj.org/docs/readme-postfix/</a></li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
<li>mlmmjadmin: RESTful API server used to manage mlmmj mailing lists. Developed
|
||||||
|
and maintained by iRedMail team. <a href="https://github.com/iredmail/mlmmjadmin">https://github.com/iredmail/mlmmjadmin</a></li>
|
||||||
|
</ul><div class="footer">
|
||||||
|
<p style="text-align: center; color: grey;">All documents are available in <a href="https://bitbucket.org/zhb/iredmail-docs/src">BitBucket repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. You can <a href="https://bitbucket.org/zhb/iredmail-docs/get/tip.tar.bz2">download the latest version</a> for offline reading. If you found something wrong, please do <a href="https://www.iredmail.org/contact.html">contact us</a> to fix it.</p>
|
||||||
|
</div>
|
||||||
|
<!-- Global site tag (gtag.js) - Google Analytics -->
|
||||||
|
<script async src="https://www.googletagmanager.com/gtag/js?id=UA-3293801-21"></script>
|
||||||
|
<script>
|
||||||
|
window.dataLayer = window.dataLayer || [];
|
||||||
|
function gtag(){dataLayer.push(arguments);}
|
||||||
|
gtag('js', new Date());
|
||||||
|
|
||||||
|
gtag('config', 'UA-3293801-21');
|
||||||
|
</script>
|
||||||
|
</body></html>
|
|
@ -0,0 +1,417 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||||||
|
<title>Integrate mlmmj mailing list manager in iRedMail (PostgreSQL backend)</title>
|
||||||
|
<link rel="stylesheet" type="text/css" href="./css/markdown.css" />
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
|
||||||
|
<div id="navigation">
|
||||||
|
<a href="https://www.iredmail.org" target="_blank">
|
||||||
|
<img alt="iRedMail web site"
|
||||||
|
src="./images/logo-iredmail.png"
|
||||||
|
style="vertical-align: middle; height: 30px;"
|
||||||
|
/>
|
||||||
|
<span>iRedMail</span>
|
||||||
|
</a>
|
||||||
|
// <a href="./index.html">Document Index</a></div><h1 id="integrate-mlmmj-mailing-list-manager-in-iredmail-postgresql-backend">Integrate mlmmj mailing list manager in iRedMail (PostgreSQL backend)</h1>
|
||||||
|
<div class="toc">
|
||||||
|
<ul>
|
||||||
|
<li><a href="#integrate-mlmmj-mailing-list-manager-in-iredmail-postgresql-backend">Integrate mlmmj mailing list manager in iRedMail (PostgreSQL backend)</a><ul>
|
||||||
|
<li><a href="#summary">Summary</a></li>
|
||||||
|
<li><a href="#backup-sql-database-first">Backup SQL database first</a></li>
|
||||||
|
<li><a href="#create-required-system-account">Create required system account</a></li>
|
||||||
|
<li><a href="#update-sql-tables-in-vmail-database">Update SQL tables in vmail database</a></li>
|
||||||
|
<li><a href="#postfix-integration">Postfix integration</a></li>
|
||||||
|
<li><a href="#amavisd-integration">Amavisd Integration</a></li>
|
||||||
|
<li><a href="#setup-mlmmjadmin-restful-api-server-used-to-manage-mlmmj-mailing-lists">Setup mlmmjadmin: RESTful API server used to manage mlmmj mailing lists</a></li>
|
||||||
|
<li><a href="#references">References</a></li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
<h2 id="summary">Summary</h2>
|
||||||
|
<p>In iRedMail-0.9.8, we integrate <a href="http://mlmmj.org">mlmmj</a> - a simple and slim
|
||||||
|
mailing list manager. It uses very few resources, and requires no daemons, easy
|
||||||
|
to install, configure and manage. if offers a great set of features, including:</p>
|
||||||
|
<ul>
|
||||||
|
<li>Archive</li>
|
||||||
|
<li>Subject prefix</li>
|
||||||
|
<li>Subscribers only posting</li>
|
||||||
|
<li>Moderators only posting</li>
|
||||||
|
<li>Moderation functionality</li>
|
||||||
|
<li>Custom headers / footer</li>
|
||||||
|
<li>Fully automated bounce handling</li>
|
||||||
|
<li>Complete requeueing functionality</li>
|
||||||
|
<li>Regular expression access control</li>
|
||||||
|
<li>Delivery Status Notification (RFC1891) support</li>
|
||||||
|
<li>Rich, customisable texts for automated operations</li>
|
||||||
|
<li>and more</li>
|
||||||
|
</ul>
|
||||||
|
<p>iRedMail team also developes a simple RESTful API server called <code>mlmmjadmin</code>
|
||||||
|
to help manage mailing lists, it also offers script tool to manage mailing
|
||||||
|
lists from command line.</p>
|
||||||
|
<p>We will show you how to integrate both mlmmj and mlmmjadmin in this tutorial.</p>
|
||||||
|
<h2 id="backup-sql-database-first">Backup SQL database first</h2>
|
||||||
|
<p>Although we don't modify any existing SQL data in this tutorial, but it's
|
||||||
|
a good idea to backup it now before you adding any new mailing lists.</p>
|
||||||
|
<p>Please run command <code>bash /var/vmail/backup/backup_pgsql.sh</code> to backup SQL
|
||||||
|
databases.</p>
|
||||||
|
<h2 id="create-required-system-account">Create required system account</h2>
|
||||||
|
<p>mlmmj will be ran as user <code>mlmmj</code> and group <code>mlmmj</code>, all mailing list data will
|
||||||
|
be stored under its home directory <code>/var/vmail/mlmmj</code>:</p>
|
||||||
|
<p>On Linux or OpenBSD:</p>
|
||||||
|
<pre><code>groupadd mlmmj
|
||||||
|
useradd -m -d /var/vmail/mlmmj -s /sbin/nologin mlmmj
|
||||||
|
chown -R mlmmj:mlmmj /var/vmail/mlmmj
|
||||||
|
chmod -R 0700 /var/vmail/mlmmj
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<p>On FreeBSD:</p>
|
||||||
|
<pre><code>pw groupadd mlmmj
|
||||||
|
pw useradd -m -g mlmmj -s /sbin/nologin -d /var/vmail/mlmmj mlmmj
|
||||||
|
chown -R mlmmj:mlmmj /var/vmail/mlmmj
|
||||||
|
chmod -R 0700 /var/vmail/mlmmj
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<h2 id="update-sql-tables-in-vmail-database">Update SQL tables in <code>vmail</code> database</h2>
|
||||||
|
<p>We need some updates in <code>vmail</code> SQL database:</p>
|
||||||
|
<ul>
|
||||||
|
<li>new SQL table <code>maillists</code>: used to store profile of mailing list.</li>
|
||||||
|
<li>new SQL column <code>forwardings.is_maillist</code></li>
|
||||||
|
<li>new SQL column <code>domain.maillists</code>: used to set per-domain limit of mailing
|
||||||
|
list accounts. This column is mostly used by iRedAdmin-Pro.</li>
|
||||||
|
</ul>
|
||||||
|
<p>Now apply the SQL changes with SQL commands below:</p>
|
||||||
|
<pre><code>cd /tmp
|
||||||
|
wget https://bitbucket.org/zhb/iredmail/raw/default/extra/update/0.9.8/mlmmj.pgsql
|
||||||
|
su - postgres
|
||||||
|
psql -d vmail < /tmp/mlmmj.pgsql
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<h2 id="postfix-integration">Postfix integration</h2>
|
||||||
|
<ul>
|
||||||
|
<li>
|
||||||
|
<p>Please add lines below in Postfix config file <code>/etc/postfix/master.cf</code>:</p>
|
||||||
|
<div class="admonition attention">
|
||||||
|
<p class="admonition-title">Attention</p>
|
||||||
|
<ul>
|
||||||
|
<li>Command <code>/usr/bin/mlmmj-amime-receive</code> doesn't exist yet, we will
|
||||||
|
create it later.</li>
|
||||||
|
<li>On FreeBSD and OpenBSD, it should be
|
||||||
|
<code>/usr/local/usr/bin/mlmmj-amime-receive</code> instead.</li>
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code># ${nexthop} is '%d/%u' in transport ('mlmmj:%d/%u')
|
||||||
|
mlmmj unix - n n - - pipe
|
||||||
|
flags=ORhu user=mlmmj argv=/usr/bin/mlmmj-amime-receive -L /var/vmail/mlmmj/${nexthop}
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Add line below in Postfix config file <code>/etc/postfix/main.cf</code>:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>mlmmj_destination_recipient_limit = 1
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Open Postfix config file <code>/etc/postfix/main.cf</code>, update existing parameter
|
||||||
|
<code>transport_maps</code>, add new sql lookup like below. We will create required sql
|
||||||
|
lookup file later.</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>transport_maps =
|
||||||
|
proxy:pgsql:/etc/postfix/pgsql/transport_maps_user.cf
|
||||||
|
proxy:pgsql:/etc/postfix/pgsql/transport_maps_maillist.cf # <- Add this line
|
||||||
|
...
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Now create file <code>/etc/postfix/pgsql/mlmmj_maillists_maps.cf</code>:</li>
|
||||||
|
</ul>
|
||||||
|
<div class="admonition warning">
|
||||||
|
<p class="admonition-title">Warning</p>
|
||||||
|
<p>Please update the <code>password =</code> line with the real password of SQL user
|
||||||
|
<code>vmail</code>, you can find it in files under <code>/etc/postfix/pgsql/</code>.</p>
|
||||||
|
</div>
|
||||||
|
<pre><code>user = vmail
|
||||||
|
password = qsescZvV03f6YUtTMN2bQTejmjatzz
|
||||||
|
hosts = 127.0.0.1
|
||||||
|
port = 3306
|
||||||
|
dbname = vmail
|
||||||
|
query = SELECT maillists.transport FROM maillists,domain WHERE maillists.address='%s' AND maillists.active=1 AND maillists.domain = domain.domain AND domain.active=1
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Run commands below to create file <code>/usr/bin/mlmmj-amime-receive</code> (Linux) or
|
||||||
|
<code>/usr/local/bin/mlmmj-amime-receive</code> (Linux/FreeBSD):</li>
|
||||||
|
</ul>
|
||||||
|
<div class="admonition attention">
|
||||||
|
<p class="admonition-title">Attention</p>
|
||||||
|
<p>mlmmj doesn't support signature signing very well, so we follow mlmmj
|
||||||
|
official document and create this script to sign signature properly with
|
||||||
|
command <code>altermime</code>. All iRedMail installation should have command
|
||||||
|
<code>altermime</code> (package <code>AlterMIME</code>) available, so you don't need to install
|
||||||
|
it manually</p>
|
||||||
|
</div>
|
||||||
|
<p>On Linux:</p>
|
||||||
|
<pre><code>cd /usr/bin/
|
||||||
|
wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/mlmmj/mlmmj-amime-receive
|
||||||
|
chown mlmmj:mlmmj mlmj-amime-receive
|
||||||
|
chmod 0550 mlmmj-amime-receive
|
||||||
|
perl -pi -e 's#PH_CMD_MLMMJ_RECEIVE#/usr/bin/mlmmj-receive#g' mlmmj-amime-receive
|
||||||
|
perl -pi -e 's#PH_CMD_ALTERMIME#/usr/bin/altermime#g' mlmmj-amime-receive
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<p>On FreeBSD or OpenBSD:</p>
|
||||||
|
<pre><code>cd /usr/local/bin/
|
||||||
|
wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/mlmmj/mlmmj-amime-receive
|
||||||
|
chown mlmmj:mlmmj mlmj-amime-receive
|
||||||
|
chmod 0550 mlmmj-amime-receive
|
||||||
|
perl -pi -e 's#PH_CMD_MLMMJ_RECEIVE#/usr/local/bin/mlmmj-receive#g' mlmmj-amime-receive
|
||||||
|
perl -pi -e 's#PH_CMD_ALTERMIME#/usr/local/bin/altermime#g' mlmmj-amime-receive
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<h2 id="amavisd-integration">Amavisd Integration</h2>
|
||||||
|
<p>We need Amavisd to listen on one more port <code>10027</code>, it will be used to scan
|
||||||
|
spam/virus for emails posted to mailing list.</p>
|
||||||
|
<ul>
|
||||||
|
<li>Please open Amavisd config file, find parameter <code>$inet_socket_port</code>, add new
|
||||||
|
port number <code>10027</code> in the list, like below:<ul>
|
||||||
|
<li>On RHEL/CentOS, it's <code>/etc/amavisd/amavisd.conf</code>.</li>
|
||||||
|
<li>On Debian/Ubuntu, it's <code>/etc/amavis/conf.d/50-user</code>.</li>
|
||||||
|
<li>On OpenBSD, it's <code>/etc/amavisd.conf</code>.</li>
|
||||||
|
<li>On FreeBSD, it's <code>/usr/local/etc/amavisd.conf</code>.</li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>$inet_socket_port = [10024, 10026, 10027, 9998];
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Add lines below in Amavisd config file. It creates a new policy bank called
|
||||||
|
<code>MLMMJ</code> for emails submitted by mlmmj from port 10027. The purpose is signing
|
||||||
|
DKIM key on outgoing emails sent by mailing list, but disable
|
||||||
|
spam/virus/banned/bad-header checks, because emails sent to mailing list will
|
||||||
|
be scanned either on port 10024 (incoming email from external senders) or
|
||||||
|
10026 (outgoing email sent by smtp authenticated users).</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>$interface_policy{'10027'} = 'MLMMJ';
|
||||||
|
$policy_bank{'MLMMJ'} = {
|
||||||
|
originating => 1, # declare that mail was submitted by our smtp client
|
||||||
|
allow_disclaimers => 0, # mailing list should use footer text instead.
|
||||||
|
enable_dkim_signing => 1, # sign DKIm signature
|
||||||
|
smtpd_discard_ehlo_keywords => ['8BITMIME'],
|
||||||
|
terminate_dsn_on_notify_success => 0, # don't remove NOTIFY=SUCCESS option
|
||||||
|
bypass_spam_checks_maps => [1], # don't check spam
|
||||||
|
bypass_virus_checks_maps => [1], # don't check virus
|
||||||
|
bypass_banned_checks_maps => [1], # don't check banned file names and types
|
||||||
|
bypass_header_checks_maps => [1], # don't check bad header
|
||||||
|
};
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<p>Now restart Amavisd and Postfix servivce, mlmmj mailing list manager is now
|
||||||
|
fully integrated.</p>
|
||||||
|
<p>We will setup <code>mlmmjadmin</code> program to make managing mailing lists easier.</p>
|
||||||
|
<h2 id="setup-mlmmjadmin-restful-api-server-used-to-manage-mlmmj-mailing-lists">Setup mlmmjadmin: RESTful API server used to manage mlmmj mailing lists</h2>
|
||||||
|
<ul>
|
||||||
|
<li>
|
||||||
|
<p>Download the latest mlmmjadmin release: <a href="https://github.com/iredmail/mlmmjadmin/releases">https://github.com/iredmail/mlmmjadmin/releases</a>,
|
||||||
|
and upload to iRedMail server. We assume it's uploaded to <code>/root/</code> directory.</p>
|
||||||
|
<div class="admonition attention">
|
||||||
|
<p class="admonition-title">Attention</p>
|
||||||
|
<p>We use <code>mlmmjadmin-1.0</code> for example below.</p>
|
||||||
|
</div>
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
<p>Extract downloaded mlmmjadmin package to <code>/opt/</code> directory, and create a
|
||||||
|
symbol link:</p>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>tar xjf /root/mlmmjadmin-1.0.tar.bz2 -C /opt
|
||||||
|
ln -s /opt/mlmmjadmin-1.0 /opt/mlmmjadmin
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Generate config file by copying sample file, <code>settings.py.sample</code>:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>cd /opt/mlmmjadmin
|
||||||
|
cp settings.py.sample settings.py
|
||||||
|
chown mlmmj:mlmmj settings.py
|
||||||
|
chmod 0400 settings.py
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Generate a random, long string as API auth token, it will be used by your
|
||||||
|
API client. For example:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>$ echo $RANDOM | md5sum
|
||||||
|
43a89b7aa34354089e629ed9f9be0b3b
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Add this string in <code>/opt/mlmmjadmin/settings.py</code>, parameter <code>api_auth_tokens</code>
|
||||||
|
like below:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>api_auth_tokens = ['43a89b7aa34354089e629ed9f9be0b3b']
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<p>You can add as many token as you want for different API clients. For example:</p>
|
||||||
|
<pre><code>api_auth_tokens = ['43a89b7aa34354089e629ed9f9be0b3b', '703ed37b20243d7c51c56ce6cd90e94c']
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>if you manage mail accounts <strong>WITH</strong> iRedAdmin-Pro, please set values of
|
||||||
|
parameters <code>backend_api</code> and <code>backend_cli</code> in <code>/opt/mlmmjadmin/settings.py</code>
|
||||||
|
like below:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>backend_api = 'bk_none'
|
||||||
|
backend_cli = 'bk_iredmail_sql'
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>if you do <strong>NOT</strong> manage mail accounts with iRedAdmin-Pro, please set values
|
||||||
|
of parameters <code>backend_api</code> and <code>backend_cli</code> in <code>/opt/mlmmjadmin/settings.py</code>
|
||||||
|
like below:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>backend_api = 'bk_iredmail_sql'
|
||||||
|
backend_cli = 'bk_iredmail_sql'
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>
|
||||||
|
<p>Add extra required parameters in <code>/opt/mlmmjadmin/settings.py</code>, so that
|
||||||
|
mlmmjadmin can connect to SQL server and manage mailing lists.</p>
|
||||||
|
<div class="admonition attention">
|
||||||
|
<p class="admonition-title">Attention</p>
|
||||||
|
<p>You can find SQL server address, port, database name, SQL username and
|
||||||
|
password in iRedAdmin config file, the SQL user must have both read and
|
||||||
|
write privileges to manage <code>vmail</code> database. iRedMail server usually
|
||||||
|
use SQL user <code>vmailadmin</code> for this purpose.</p>
|
||||||
|
</div>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>iredmail_sql_db_type = 'pgsql'
|
||||||
|
iredmail_sql_db_server = '127.0.0.1'
|
||||||
|
iredmail_sql_db_port = 3306
|
||||||
|
iredmail_sql_db_name = 'vmail'
|
||||||
|
iredmail_sql_db_user = 'vmailadmin'
|
||||||
|
iredmail_sql_db_password = '<password>'
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Copy rc/systemd scripts for service control:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>#
|
||||||
|
# For RHEL/CentOS
|
||||||
|
#
|
||||||
|
cp /opt/mlmmjadmin/rc_scripts/systemd/rhel.service /lib/systemd/system/mlmmjadmin.service
|
||||||
|
chmod 0644 /lib/systemd/system/mlmmjadmin.service
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl enable mlmmjadmin
|
||||||
|
|
||||||
|
#
|
||||||
|
# For Debian 9 and Ubuntu 16.04 which uses systemd
|
||||||
|
#
|
||||||
|
cp /opt/mlmmjadmin/rc_scripts/systemd/debian.service /lib/systemd/system/mlmmjadmin.service
|
||||||
|
chmod 0644 /lib/systemd/system/mlmmjadmin.service
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl enable mlmmjadmin
|
||||||
|
|
||||||
|
#
|
||||||
|
# For FreeBSD
|
||||||
|
#
|
||||||
|
cp /opt/mlmmjadmin/rc_scripts/mlmmjadmin.freebsd /usr/local/etc/rc.d/mlmmjadmin
|
||||||
|
chmod 0755 /usr/local/etc/rc.d/mlmmjadmin
|
||||||
|
echo 'mlmmjadmin_enable=YES' >> /etc/rc.conf.local
|
||||||
|
|
||||||
|
#
|
||||||
|
# For OpenBSD
|
||||||
|
#
|
||||||
|
cp /opt/mlmmjadmin/rc_scripts/mlmmjadmin.openbsd /etc/rc.d/mlmmjadmin
|
||||||
|
chmod 0755 /etc/rc.d/mlmmjadmin
|
||||||
|
rcctl enable mlmmjadmin
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Create directory used to store mlmmjadmin log file. mlmmjadmin is
|
||||||
|
configured to log to syslog directly.</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>#
|
||||||
|
# For RHEL/CentOS
|
||||||
|
#
|
||||||
|
mkdir /var/log/mlmmjadmin
|
||||||
|
chown root:root /var/log/mlmmjadmin
|
||||||
|
chmod 0755 /var/log/mlmmjadmin
|
||||||
|
|
||||||
|
#
|
||||||
|
# For Debian/Ubuntu
|
||||||
|
#
|
||||||
|
mkdir /var/log/mlmmjadmin
|
||||||
|
chown syslog:adm /var/log/mlmmjadmin
|
||||||
|
chmod 0755 /var/log/mlmmjadmin
|
||||||
|
|
||||||
|
#
|
||||||
|
# For OpenBSD/FreeBSD
|
||||||
|
#
|
||||||
|
mkdir /var/log/mlmmjadmin
|
||||||
|
chown root:wheel /var/log/mlmmjadmin
|
||||||
|
chmod 0755 /var/log/mlmmjadmin
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Update syslog daemon config file to log mlmmjadmin to dedicated log file:</li>
|
||||||
|
</ul>
|
||||||
|
<p>For Linux</p>
|
||||||
|
<pre><code>cp /opt/mlmmjadmin/samples/rsyslog/mlmmjadmin.conf /etc/rsyslog.d/
|
||||||
|
service rsyslog restart
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<p>For OpenBSD, please append below lines in <code>/etc/syslog.conf</code>:</p>
|
||||||
|
<pre><code>!!mlmmjadmin
|
||||||
|
local5.* /var/log/mlmmjadmin/mlmmjadmin.log
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<p>For FreeBSD, please append below lines in <code>/etc/syslog.conf</code>:</p>
|
||||||
|
<pre><code>!mlmmjadmin
|
||||||
|
local5.* /var/log/mlmmjadmin/mlmmjadmin.log
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Now it's ok to start <code>mlmmjadmin</code> service:</li>
|
||||||
|
</ul>
|
||||||
|
<pre><code>#
|
||||||
|
# On Linux/FreeBSD:
|
||||||
|
#
|
||||||
|
service mlmmjadmin restart
|
||||||
|
|
||||||
|
#
|
||||||
|
# On OpenBSD
|
||||||
|
#
|
||||||
|
rcctl start mlmmjadmin
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<h2 id="references">References</h2>
|
||||||
|
<ul>
|
||||||
|
<li>iRedMail: <a href="http://www.iredmail.org">http://www.iredmail.org</a></li>
|
||||||
|
<li>Mlmmj: <a href="http://mlmmj.org/">http://mlmmj.org/</a><ul>
|
||||||
|
<li>Tunable parameters: <a href="http://mlmmj.org/docs/tunables/">http://mlmmj.org/docs/tunables/</a></li>
|
||||||
|
<li>Postfix integration: <a href="http://mlmmj.org/docs/readme-postfix/">http://mlmmj.org/docs/readme-postfix/</a></li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
<li>mlmmjadmin: RESTful API server used to manage mlmmj mailing lists. Developed
|
||||||
|
and maintained by iRedMail team. <a href="https://github.com/iredmail/mlmmjadmin">https://github.com/iredmail/mlmmjadmin</a></li>
|
||||||
|
</ul><div class="footer">
|
||||||
|
<p style="text-align: center; color: grey;">All documents are available in <a href="https://bitbucket.org/zhb/iredmail-docs/src">BitBucket repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. You can <a href="https://bitbucket.org/zhb/iredmail-docs/get/tip.tar.bz2">download the latest version</a> for offline reading. If you found something wrong, please do <a href="https://www.iredmail.org/contact.html">contact us</a> to fix it.</p>
|
||||||
|
</div>
|
||||||
|
<!-- Global site tag (gtag.js) - Google Analytics -->
|
||||||
|
<script async src="https://www.googletagmanager.com/gtag/js?id=UA-3293801-21"></script>
|
||||||
|
<script>
|
||||||
|
window.dataLayer = window.dataLayer || [];
|
||||||
|
function gtag(){dataLayer.push(arguments);}
|
||||||
|
gtag('js', new Date());
|
||||||
|
|
||||||
|
gtag('config', 'UA-3293801-21');
|
||||||
|
</script>
|
||||||
|
</body></html>
|
Loading…
Reference in New Issue