DSM-G600, DNS-3xx and NSA-220 Hack Forum

rsd76 · 2011-04-10 21:01:26

Hi all,

An article in a dutch computer magazine (c't magazine) described a postoffice running on linux for in a LAN.
This postoffice consisted of a local Mail Delivery Agent (postfix), an IMAP-server (cyrus) and a retriever of remote mail (fetchmail).
This acticle inspired me into trying to get this to run on my DNS-323.
This the help of the article and time and patience I succeeded into running my own postoffice.

It retrieves mail from 5 mailboxes at my ISP and stores it into different mailboxes in the IMAP-server.
Both my PCs with thunderbird running on it can access all mailboxes. But this in not a necessity.

The way to get it to work is step by step configuring of the programs.
First configure postfix to work as a relay server for your mail.
Then configure cyrus and postfix to deliver mail to cyrus.
At the end configure fetchmail to retrieve remote mail.

There was one problem which took me some time into solving and it wasn't even something to do with the DNS-323.
I had my router (DLink-655) configure as a DNS reply. So for my DNS-323 the router acted as a name server.
However not as postfix expected. I had to configure it to use my ISP name servers. Maybe Googles name servers can also work.

While you can add user every time you configure one of the programs. This step can be done straightaway.
You do not need to define groupid of userid numbers. Due to my fiddling trying to get it to work I did do this.
Please check before you run these command if these numbers might already exist in /etc/group for groups and /etc/passwd for the users.
Note the first number in /etc/passwd is the userid, the second is the default group id.

Add groups:
Create groups like this

groupadd -g 1000 mail
groupadd -g 1001 maildrop
groupadd -g 1002 postfix

The end of /etc/group should look like:

mail:x:1000:
maildrop:x:1001:
postfix:x:1002:

Add users:
Add users like this:

useradd -d /ffp/home/mail -g mail -u 1000 mail
useradd -d /ffp/home/fetch -g mail -u 1003 fetch
useradd -d /ffp/home/postfix -g postfix -u 1004 postfix

The end of /etc/passwd should look like:

mail:x:1000:1000::/ffp/home/mail:/ffp/bin/sh
fetch:x:1003:1000::/ffp/home/fetch:/ffp/bin/sh
postfix:x:1004:1000::/ffp/home/postfix:/ffp/bin/sh

Store /etc/passwd and /etc/group in flash memory to survive reboot:
/ffp/sbin/store-passwd.sh

Configure optware:
Use directions on: http://dns323.kood.org/howto:optware to install optware.

Edit /ffp/etc/profile:
Add:

export PATH=/opt/bin:/opt/sbin:$PATH to /ffp/etc/profile

Edit /mnt/HD_a2/fun_plug or other fun_plug on other disk
Add:

if [ -d /mnt/HD_a2/ipkg/opt ] ; then
mkdir -p /opt
mount --bind /mnt/HD_a2/ipkg/opt /opt
fi

Configure /etc/services:
Edit /etc/services:
Add:

# Start of postoffice entries
pop3 110/tcp
imap2 143/tcp imap
imaps 993/tcp
pop3s 995/tcp
imsp 406/tcp
acap 674/tcp
sieve 2000/tcp
lmtp 2003/tcp
fud 4201/udp
# End of postoffice entries

Install Optware packages:
Install: postfix, cyrus-imapd, fetchmail

After this the following packages are installed:

cyrus-imapd - 2.2.12-15 - The Carnegie Mellon University Cyrus IMAP Server
cyrus-sasl - 2.1.23-2 - Provides client or server side authentication (see RFC 2222).
cyrus-sasl-libs - 2.1.23-2 - Provides client or server side authentication (see RFC 2222).
e2fslibs - 1.41.9-1 - Ext2 Filesystem Libraries
e2fsprogs - 1.41.9-1 - Ext2 Filesystem Utilities
fetchmail - 6.3.19-1 - A remote mail retrieval and forwarding utility
findutils - 4.2.32-1 - File finding utilities
gdbm - 1.8.3-2 - GNU dbm is a set of database routines that use extensible hashing. It works similar to the standard UNIX dbm routines.
gettext - 0.14.5-2 - Set of tools for producing multi-lingual messages
libdb - 4.2.52-3 - Berkeley DB Libraries
libnsl - 0.9.28-4 - Network Services Library
libstdc++ - 5.0.5-6 - Standard C++ library, needed for dynamically linked C++ programs
ncurses - 5.7-1 - NCurses libraries
openssl - 0.9.7m-5 - Openssl provides the ssl implementation in libraries libcrypto and libssl, and is needed by many other applications and librari
pcre - 8.12-1 - Perl-compatible regular expression library
perl - 5.8.8-23 - Practical Extraction and Report Language.
postfix - 2.3.6-3 - The Postfix mail system is an alternative to sendmail.
psmisc - 22.11-1 - A set of some small useful utilities that use the proc filesystem.

These packages do have some postprocessing which not all work completely. Some scripts want to edit /etc/services which does not work.
Or add users. I have some postprocessing described which should solve this all.

Configure syslogd:

As the syslogd in ffp iqnores /etc/syslogd, just start it.
My preferred options:
/ffp/sbin/syslogd -O /ffp/var/log/messages -s 1024 -b 1

This will create a log in /ffp/var/log called messages with a max size of 1 Mb and if it becomes full will rotate it one (rename old and start a new).
There will only be one extra file (called messages.0).

Configure postfix:

Add/change the following items in the /opt/etc/postfix/main.cf file:

mail_owner = postfix
inet_interfaces = localhost, 192.168.0.100
mynetworks = 127.0.0.0/8,192.168.0.0/24
relayhost = [smtp.server.com]
disable_dns_lookups = yes

For the mynetworks specify the localhost network and your local network address space.
In the example 192.168.0.0/24 defines: 192.168.0.1 to 192.168.0.255.
Adjust to your own needs.

Set directories with correct ownership.

/bin/chown -R postfix:postfix /opt/var/spool/postfix/*
/bin/chown -R postfix:maildrop /opt/var/spool/postfix/public
/bin/chown -R postfix:maildrop /opt/var/spool/postfix/maildrop

/bin/chown root:maildrop /opt/sbin/postqueue
/bin/chown root:maildrop /opt/sbin/postdrop
/bin/chmod 02755 /opt/sbin/postqueue
/bin/chmod 02755 /opt/sbin/postdrop

Create /opt/etc/aliases.db using command: newaliases
Start postfix: postfix start

Check log if relaying works via command: tail -f /ffp/var/log/messages (CTRL^C to quit).
From mail client define DNS-323 now as your smtp server (Authentication method: no authentication).

You can use postqueue -p to see the current queue of postfix.
Use postqueue -f to reprocess the queue (after ammending something).
To delete a mail from the queue use: postsuper -d queue_id

Configure cyrus:

saslpasswd2 mail
saslpasswd2 user1
saslpasswd2 user2
saslpasswd2 user3

The mail user is used to logon to cyrus as administrator.

Postprocessing step from installing cyrus.

/bin/chown mail:root /opt/etc/sasl2
/bin/chmod 640 /opt/etc/sasl2

This is I think part of the saslauthd packages which is also installed.

start cyrus: /opt/etc/init.d/S59cyrus-imapd start

Create mailboxes:

cyradm --user mail localhost
cm user.user1
cm user.user2
cm user.user3
quit

Edit /opt/etc/postfix/main.cf
Change the mailbox_transport to cyrus:

mailbox_transport = cyrus

Edit /opt/etc/postfix/master.cf
Change the user in the 2nd line of the cyrus definition:

cyrus unix - n n - - pipe
user=mail argv=/opt/libexec/cyrus/bin/deliver -e -r ${sender} -m ${extension}

Configure fetchmail:
Edit /opt/etc/fetchmailrc

# Edit carefully, see the fetchmail(1) manual page, section "THE RUN CONTROL FILE".
set daemon 300
set syslog
poll pop.server.com protocol pop3 interval 4 user "user1@domain.com" password "password1" is user1 here
no flush
poll pop.server.com protocol pop3 interval 4 user "user2@domain.com" password "password2" is user2 here
no flush

su - fetch "/opt/bin/fetchmail -f /opt/etc/fetchmailrc --auth password"

Check /ffp/var/log/message via command: tail -f /ffp/var/log/messages (CTRL^C to quit).

Configure startscripts:
After a reboot the following "services" should start: syslogd, saslauthd, postfix, cyrus and fetchmail
In that order. To make this possible create start scripts for these processes and use the options of rcorder the set the order (PROVIDES/REQUIRE).
I've attached the scripts I use(See below). While standing in /ffp/start do:
tar -xzvf /path/to/my_startscripts.tgz
This should unpack the following files:

my_cyrus.sh
my_fetchmail.sh
my_postfix.sh
my_saslauthd.sh
my_syslogd.sh

Configure Thunderbird:
I'm not going into great detail here. There was one setting which did trouble me.
For an Account in Thunderbird, the authentication method (located under the "Server Settings") should be set to "Encrypted password".

Configure backup:
There isn't a default way to backup your cyrus server and configuration.
I use something I found at http://www.komaii.com/linux/cyrus-imapd-backup/

Code:

#!/ffp/bin/sh

/ffp/bin/tar -cvf  /mnt/HD_a2/Users/Backup/cyrus/config.tar \
  /opt/etc/aliases \
  /opt/etc/cyrus.conf \
  /opt/etc/fetchmailrc \
  /opt/etc/imapd.conf \
  /opt/etc/sasl2 \
  /opt/etc/postfix/*

su - mail -c "/opt/libexec/cyrus/bin/ctl_mboxlist -d" > \
  /mnt/HD_a2/Users/Backup/cyrus/mboxlist.dump
/ffp/start/my_cyrus.sh stop
sleep 2
/ffp/bin/rsync -vaR /opt/var/lib/imap /opt/var/spool/imap \
  /mnt/HD_a2/Users/Backup/cyrus/imap
/ffp/start/my_cyrus.sh start

Configure for multiple mail domains:
There is an option to use multiple domains.
You need to create a relaymap with multiple destinations.
Create /opt/etc/postfix/relaymap

@gmail.com smtp.gmail.com
@server.com smtp.server.com

Create /opt/etc/postfix/relaymap.db via command: postmap /opt/etc/postfix/relaymap
If you needs passwords you need to create /opt/etc/postfix/passes

@gmail.com user1:password1
@gmail.com user2:password2
@server.com user3:password3

Create /opt/etc/postfix/passes.db via command: postmap /opt/etc/postfix/passes

Add the following lines to /opt/etc/postfix/main.cf:

sender_dependent_relayhost_maps: hash:/opt/etc/postfix/relaymap
smtp_sender_dependent_authentication = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/opt/etc/postfix/passes
smtp_sasl_security_options = noanonymous

postfix stop
postfix start

However I've not tested and used this at this stage.

Last info:

I do get messages in /ffp/var/log/messages like:
local6.debug lmtpunix[28785]: IOERROR: fstating sieve script /opt/var/lib/imap/sieve/u/userx/defaultbc: No such file or directory
What I found on the internet, that this isn't real problem. This can be solves by creating a sieve script.
But I haven't done this.
The syslogd doesn't only get info from these processes. But also from ssh/cron/useradd and other processes.

It seems to work for me. I will try to help anyone, but I'm also still learning these programs.
Any comments are welcome.

Last edited by rsd76 (2011-04-10 21:02:33)

Attachments:

my_startscripts.tgz, Size: 992 bytes, Downloads: 306

mg · 2011-10-05 19:28:10

rsd76,

This is a great write up. On my DNS 323, I now have most everything working, but in IMAP, Cyrus doesn't list any subfolders off of Inbox. At first I thought this was Thunderbird issue, but it appears to be Cyrus. I can provide more details, but I was first curious if you had encountered similar issues.

Thanks!

rsd76 · 2011-10-05 21:15:33

Hi mg,

Reading your post, I wondering if I understand your issue.
I've tested 3 thinks. I'm using Thunderbird (version 3.1)
Firstly I tried to create a folder next to the INBOX. This didn't work.
Then I created a subfolder of INBOX. This worked. I can also see this directory in /opt/var/spool/imap/user/<username>
Trying to move it up to the same level as INBOX gave me a popup with "Permission Denied".

Moving the folder to another user copied the folder.

I have tried moving mails to the new subfolder and this also works. From the operating system I can see the new mails in the folder as "1." and "2.". So the counting start a new.

So maybe some extra details can help me help you.

I've checked ipkg and there are newer packages than I have installed, but not cyrus (fetchmail and postfix have newer packages).

But I will gladly try to help you how I can.

HTH.

mg · 2011-10-17 07:39:35

rsd, thanks for the prompt reply. Sorry for my delay ... I've been out of town.

Here are some more details.

I've tried from two different Thunderbird clients. On Windows I have version 7.0.1 and in Mint Linux (offshoot of Ubuntu) I have Thunderbird 3.1.15.

My folders are subfolders of INBOX. In Thunderbird if I right click the Inbox and choose "Subscribe...", Thunderbird sees the sub-folders there and shows that I'm subscribed, but they never show up in the "main" window.

From the file system perspective, I can also see the folders in /opt/var/spool/imap/user/<username>

Here is why my guess is that it's not Thunderbirds fault. When using "imtest" (the test imap client provided by cyrus), it seems to show that Cyrus is not reporting that the subfolders exist for the ". list" command, but they do exist for the ". lsub" command ?!?!

matt@minty-media ~ $ imtest -u matt@telegraham.net -p imap nas
S: * OK nas.telegraham.net Cyrus IMAP4 v2.2.12 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=DIGEST-MD5 AUTH=CRAM-MD5 SASL-IR
S: C01 OK Completed
C: A01 AUTHENTICATE DIGEST-MD5
S: + bm9uY2U9IlcwdWRiaW8zamVLMFA4T1VnODNjWDhUc24zdVF5KytYYUo5YVBGY01kYzg9IixyZWFsbT0ibmFzLnRlbGVncmFoYW0ubmV0Iixxb3A9ImF1dGgsYXV0aC1pbnQsYXV0aC1jb25mIixjaXBoZXI9InJjNC00MCxyYzQtNTYscmM0LGRlcywzZGVzIixtYXhidWY9NDA5NixjaGFyc2V0PXV0Zi04LGFsZ29yaXRobT1tZDUtc2Vzcw==
Please enter your password:
C: dXNlcm5hbWU9Im1hdHQiLHJlYWxtPSJuYXMudGVsZWdyYWhhbS5uZXQiLGF1dGh6aWQ9Im1hdHRAdGVsZWdyYWhhbS5uZXQiLG5vbmNlPSJXMHVkYmlvM2plSzBQOE9VZzgzY1g4VHNuM3VReSsrWGFKOWFQRmNNZGM4PSIsY25vbmNlPSJtVTFrTXIwOEVLVlY2QVMvRCtaNU0zdXl4Y29wbkcwT1FHZi9Cc21JcGdFPSIsbmM9MDAwMDAwMDEscW9wPWF1dGgtY29uZixjaXBoZXI9cmM0LG1heGJ1Zj0xMDI0LGRpZ2VzdC11cmk9ImltYXAvbmFzLnRlbGVncmFoYW0ubmV0IixyZXNwb25zZT0zYjhkZTI4Y2IwYzFkNzMzNTc5ZmMwYWFkNjQxMzMwMw==
S: + cnNwYXV0aD1hMDQ5OTkwYzdiNDRiNmViNzRhMzU3OGUwMWIwOTRjMg==
C:
S: A01 OK Success (privacy protection)
Authenticated.
Security strength factor: 128
. list "" "*"
* LIST (\HasNoChildren) "/" "INBOX"
. OK Completed (0.000 secs 2 calls)
. lsub * *
* LSUB (\HasChildren) "/" "INBOX"
* LSUB () "/" "INBOX/Contests"
* LSUB () "/" "INBOX/Eating Out and Groupon"
* LSUB () "/" "INBOX/Facebook"
* LSUB () "/" "INBOX/If your bored"
* LSUB () "/" "INBOX/Junk"
* LSUB () "/" "INBOX/Political"
* LSUB () "/" "INBOX/Sent"
* LSUB () "/" "INBOX/Trash"
. OK Completed (0.000 secs 10 calls)

rsd76 · 2011-10-17 22:10:37

Hi mg,

I've tried to login using the imtest program, but I can't. I also tried testsaslauthd but I'm also not able to login using those programs.
Thunderbird doesn't give me any problem.

But I'm currently not able to test the list command.

I'm wondering. Your "Main" window is the list with users mail boxes and "Local Folders".
Is the Name above this window "All folders" or something other? Like "Unified Folders" or "Favorite Folders".
I use "All folders" and this shows me all subfolders. Also new ones I created. Could your view be wrong?

If I use "cyradm --user mail localhost", I can see those folders:
user.rsd (\HasChildren)
user.rsd.Drafts (\HasNoChildren)
user.rsd.Sent (\HasNoChildren)
user.rsd.Test (\HasNoChildren)
user.rsd.Trash (\HasChildren)
user.rsd.Trash.Test (\HasNoChildren)

I will try lateron if I can replicate your problem. But it does seem a little that I do not have this problem. Or it is the view.
I'm also using W7 and same version of thunderbird (now....).

HTH.,

rsd76

DSM-G600, DNS-3xx and NSA-220 Hack Forum

Announcement

#1 2011-04-10 21:01:26

Postoffice on your nas

Code:

#2 2011-10-05 19:28:10

Re: Postoffice on your nas

#3 2011-10-05 21:15:33

Re: Postoffice on your nas

#4 2011-10-17 07:39:35

Re: Postoffice on your nas

#5 2011-10-17 22:10:37

Re: Postoffice on your nas

Board footer