Chapter 7. Managing Messaging Server Components

Table of Contents
7.1. Advanced OpenLDAP Configuration
7.1.1. OpenLDAP Configuration Parameters
7.1.2. Relocating the OpenLDAP Database
7.1.3. Configuring a Remote OpenLDAP Server
7.1.4. Configuring an Alternative LDAP Server
7.2. Advanced Postfix Configuration
7.2.1. Postfix Configuration Parameters
7.2.2. Relocating the Postfix Message Queue
7.3. Advanced Cyrus Configuration
7.3.1. Cyrus Configuration Parameters
7.3.2. Setting Cyrus Mailbox Quotas
7.3.3. Relocating the Cyrus Message Store

The Messaging Server installation sets initial configuration parameters for Messaging Server components. For most simple mail configurations, it is not necessary to alter these initial values or to configure Messaging Server components directly. The Server Manager enables you to manage most of the basic Messaging Server functionality, including mail administration of mail domains, mail accounts, mail aliases, and other general Messaging Server system settings as discussed in "System settings" and "Mail administration". In addition to its ease of use, we recommend using the Server Manager whenever possible because it is less error-prone than editing files directly.

Nonetheless, the Messaging Server supports advanced component configuration for customized installations. To configure the many features available for OpenLDAP, Postfix, and Cyrus, consult the individual documentation available for each configurable component. The following sections cover only those features directly managed by the Messaging Server and any integration issues which affect the operation of the Messaging Server:

For more information, see their respective documentation, available from the Messaging Server webpage in DocView.

7.1. Advanced OpenLDAP Configuration

This section discusses:

Caution

These are advanced configuration procedures that require extensive LDAP knowledge and experience.

7.1.1. OpenLDAP Configuration Parameters

The configuration file for OpenLDAP is /etc/ldap/slapd.conf. It is configured for operation with the Messaging Server upon installation. We recommend that you do not alter this configuration. In particular, changing the access directives defined for the Messaging Server database might disable the Messaging Server and the Server Manager. For more information, see the slapd.conf(5) manual page.

Note: The /etc/ldap.conf file is the configuration file for the LDAP PAM module and is configured for use with the Messaging Server. Do not change the settings in this file.

7.1.2. Relocating the OpenLDAP Database

By default, OpenLDAP is installed with its database in the directory /var/ldap/openldap-ldbm. You can relocate the queue to a different filesystem, although we recommend that you do so before configuring the Messaging Server and enabling mail delivery.

To relocate the OpenLDAP database before the Messaging Server is enabled:

  1. Shut down the LDAP directory server:

    /etc/rc.d/init.d/ldap stop

  2. Copy the existing database to the new location. Use the cp -p flag to maintain the proper permissions and ownership of files and directories. For example:

        
        mkdir -p /new/location
    cp -pR /var/ldap/openldap-ldbm /new/location

  3. Set the directory parameter in /etc/ldap/slapd.conf to the new path for the database and comment out the old path. For example:

        # relocated OpenLDAP database for Messaging Server use
        # directory       /var/ldap/openldap-ldbm
        directory       /new/location

  4. Start OpenLDAP:

    /etc/rc.d/init.d/ldap start

7.1.3. Configuring a Remote OpenLDAP Server

To configure a remote LDAP server:

  1. Install the Messaging Server on the remote server.

  2. On the remote server, run the command:

        
        /opt/lsb-caldera.com-volution/msg/bin/msgldaphost

    This will provide information about server passwords and user entities specific to the remote server.

  3. On the local system, run the same msgldaphost command to set the system to point to the remote host, and to specify passwords and user entities.

For more information, see the msgldaphost(8) manual page.

7.1.4. Configuring an Alternative LDAP Server

The Messaging Server can be configured to use a directory server other than OpenLDAP; for example, the Sun® iPlanet and Novell® eDirectory directory servers. To do so, you will need information contained in:

schema files 

Schema files for the Sun iPlanet and Novell eDirectory directory servers are installed in the /etc/ldap/schema/netscape and /etc/ldap/schema/nds subdirectories.

LDIF files 

An LDIF (LDAP Data Interchange Format) file containing additional information about the required directory content and structure is stored on installed systems as /etc/opt/lsb-caldera.com/volution/msg/ldif.base. See also the ldif(5) manual page.

slapd.conf 

The /etc/ldap/slapd.conf file contains useful information on the ACL's (Access Control Lists) enforced by the Messaging Server. See also the slapd.conf(5) manual page.

When you have assembled the required information, run the msgldaphost command as described in "Configuring a Remote OpenLDAP Server". For more information, see the msgldaphost(8) manual page.

7.2. Advanced Postfix Configuration

This section discusses:

7.2.1. Postfix Configuration Parameters

Postfix configuration is controlled by parameters in the/etc/postfix/main.cf file. Although there are around 100 parameters, they are set to reasonable defaults (by default or by the Messaging Server installation) and do not require modification. The Messaging Server supports advanced Postscript configuration, but note the constraints on the following parameters:

alias_maps 

Specifies the list of alias databases used by the local delivery agent. For the Messaging Server, this is defined to look up aliases stored in the LDAP directory. Normal Postfix alias files cannot be used with the Messaging Server, because Postfix has been altered for the Messaging Server to look up the entire address instead of just the local part. For example, if mail were to be sent to "alias@foo.com", the entire address "aliasname@foo.com" would be looked up in the aliases databases instead of just "aliasname". This is controlled by the postfix domain_in_alias parameter, which must be set to the value "yes" for correct operation of the Messaging Server.

bounce_notice_recipient, 2bounce_notice_recipient, delay_notice_recipient, error_notice_recipient
  

Specify the recipient for postmaster notices for the various errors that Postfix can report, based upon the notify_classes parameter configuration. Although Postfix assigns a default value of "postmaster" to these parameters if they are not configured, these parameters must be explicitly set for the operation of the Messaging Server. The Server Manager configures these parameters.

Note: We recommend that you not edit these parameters directly.

fallback_transport 

Specifies the optional transport agent to use for recipients that are not found in the Linux passwd database. The Messaging Server sets this parameter to the Cyrus delivery agent, so that the local delivery agent first attempts to deliver mail to a Linux system account mailbox; if this fails, then it attempts to deliver mail via the Cyrus delivery agent to a Messaging Server mail account. This also means that if a Linux account user and Messaging Server mail account user are created with the same uid, then mail will always go to the Linux account user. See mailbox_transport parameter below for more information.

Warning

Do not change the fallback_transport parameter; doing so might disable the mail server, and mail may fail to be delivered to Messaging Server mail accounts.

local_recipient_maps
  

Specifies optional lookup tables that define all addresses for which the machine will accept mail with respect to the values of the mydestination and inet_interfaces parameters. If this parameter is defined, then the SMTP server will reject mail for any addresses not found in the databases specified in local_recipient_maps. The Messaging Server sets this parameter to $alias_maps. To turn off this facility, comment out the local_recipient_maps parameter in the /etc/postfix/main.cf configuration file.

mailbox_transport
  

This Postfix parameter specifies the optional transport in the master.cf file to use for local delivery after processing aliases and .forward files. Because this parameter has precedence over the fallback_transport parameter, it is not used by the Messaging Server and should not be set manually.

Warning

If you set this to the Cyrus delivery agent, mail will not be delivered to any Linux system accounts. If you set this to anything else, mail will fail to be delivered to Messaging Server mail accounts.

mydestination 

Specifies what domains the machine will accept mail for and deliver locally, instead of forwarding to another machine. The Server Manager updates this parameter automatically when you create a new mail domain.

Note: We recommend that you not edit this parameter directly.

For more information about the/etc/postfix/main.cf file, see "Postfix Configuration - Basics" in the Wietse's Postfix Project documentation.

7.2.2. Relocating the Postfix Message Queue

By default, Postfix is installed with its message queue in the directory /var/spool/postfix. You can relocate the queue to a different filesystem, although we recommend that you do so before configuring the Messaging Server and enabling mail delivery.

To relocate the Postfix message queue before the Messaging Server is enabled:

  1. Stop Postfix:

    /etc/rc.d/init.d/postfix stop

  2. Set the queue_directory parameter in /etc/postfix/main.cf to the new path for the queue and comment out the old path. For example:

        # relocated Postfix message queue for Messaging Server use
        # queue_directory = /var/spool/postfix
        queue_directory = /new/location/postfix

  3. Create the new directory for the Postfix message queue using the same directory name. For example:


    mkdir /new/location/postfix chown postfix:postfix /new/location/postfix chmod 755 /new/location/postfix

  4. Start Postfix:

    /etc/rc.d/init.d/postfix start

7.3. Advanced Cyrus Configuration

This section discusses:

7.3.1. Cyrus Configuration Parameters

Cyrus configuration is controlled by parameters in the/etc/imapd.conf file. Although there are around 100 parameters, they are set to reasonable defaults (by default or by Messaging Server installation) and do not require modification. The Messaging Server supports advanced Cyrus configuration, but note the constraints on the following parameters:

admins 

Configures the list of user ids with administrative rights for Cyrus inboxes. For the Messaging Server this is configured to include the administrative user "admin". This user is necessary for proper operation of the Messaging Server Manager; do not delete "admin" from the the admins parameter.

sasl_pwcheck_method 

Defines the mechanism used by the Cyrus IMAP and POP servers to verify plain text passwords. For the Messaging Server, this parameter is set to the value "PAM" to allow Cyrus servers to authenticate via PAM (Pluggable Authentication Modules), which in turn is configured for these servers to use LDAP authentication. Do not change this parameter.

For more information, see the imapd.conf(5) manual page.

7.3.2. Setting Cyrus Mailbox Quotas

You can set quotas on the size of Cyrus mailboxes using the cyradm(1) administrative client. This utility can be invoked as a script or interactively, and it can be used to administer local or remote Cyrus servers.

To use cyradm interactively, you must login as the admin user; the LDAP password is the same as the admin password. For example, to log into cyradm, enter:

cyradm -user admin hostname

After entering your admin password for cyradm and LDAP, you see the cyradm command prompt with your system name.

Quota manipulation commands operate on quota roots, which can refer to a single mailbox or group of mailboxes. For example, the user susan might have a quota root of user.susan that includes the mailboxes name user.susan, user.susan.saved, and user.susan.todo. Quota roots are created automatically when they are designated in the cyradm setquota command.

The following cyradm commands can be used to manipulate quotas:

lm 

Lists mailboxes. INBOX is the admin account mailbox.

setquota  

Sets or removes storage limits for the specified quota root.

listquota 

Lists storage limits for root and mailboxes in the specified quota root.

listquotaroot 

Lists storage limits for a given mailbox in the specified quota root.

help or ? 

Lists cyradm commands.

For more information, see "Quotas" in Cyrus IMAP Server: Overview and Concepts and the cyradm(1) manual page.

7.3.3. Relocating the Cyrus Message Store

By default, Cyrus is installed with its message store in the directory /var/spool/imap. You can relocate the queue to a different filesystem, although we recommend that you do so before configuring the Messaging Server and enabling mail delivery.

To relocate the Cyrus message queue before the Messaging Server is enabled:

  1. Shut down the Cyrus master daemon to stop all IMAP/POP access:

        /etc/rc.d/init.d/cyrus stop

  2. Stop Postfix to halt all email delivery:

        /etc/rc.d/init.d/postfix stop

  3. Copy the existing message store to the new location. Using the cp -p flag will maintain the proper permissions and ownership of files and directories. For example:

        
        mkdir -p /new/location
        
        cp -pR /var/spool/imap /new/location/imap

  4. If you are on an Open UNIX 8 system, go to the next step.

    On an OpenLinux system, set the S attribute on the new message store hierarchy. When the S attribute is set on Linux ext2fs file systems, changes are written synchronously to the disk (this is equivalent to the sync mount option applied to a subset of the files). For example:

    chattr -R +S /new/location/imap

  5. Set the partition-default parameter in /etc/imapd.conf to the new path for the message store and comment out the old path. For example:

        # relocated Cyrus message store for Messaging Server use
        # partition-default: /var/spool/imap
        partition-default: /new/location/imap

  6. Start Cyrus:

        /etc/rc.d/init.d/cyrus start

  7. Start Postfix:

        /etc/rc.d/init.d/postfix start

Note: The /etc/pam.d/imap and /etc/pam.d/pop files define the PAM modules that will perform authentication for IMAP and POP services, respectively. For the Messaging Server, these are set to use the LDAP PAM module and should not be altered.