Original of this document is available from http://www.bowe.id.au/michael/isp/vpopmail-postgresql.htm
I am one of the developers for the vpopmail package. On my own servers I actually use the MySQL backend. I observed that the documentation included in the vpopmail package for PostgreSQL was fairly lacking, so I cobbled together these notes.
vpopmail and PostgreSQL are both running on the same machine.
You should not permit end-users to have shell access to this server. PostgreSQL by default allows any local user to access any database on the server. You can certainly tighten the security of the default PostgreSQL installation, but it is pretty much futile considering that vpopmail stores the PostgresSQL login/pass in the "libvpopmail.a" file. It is straightforward for any knowledgeable local user to be able to extract the user/pass from this file
I have successfully used these notes to build Redhat 7.2, 7.3 and 8.0 based servers
All the commands shown below have been run as root.
Follow these notes at your own risk...!
follow the setup instructions at "Life with qmail"
We will be using PostgreSQL to store all the domain and mailbox account information for vpopmail.
Setup an account for the PostgreSQL server to run under :
Download and unpack the source
cd /usr/local/src wget ftp://ftp.au.postgresql.org/pub/postgresql/v7.3.4/postgresql-7.3.4.tar.gz tar xzf postgresql-7.3.4.tar.gz chown -r root.root postgresql-7.3.4 cd postgresql-7.3.4
Compile source (installs to /usr/local/pgsql)
./configure gmake gmake install
Create the data directory
mkdir /usr/local/pgsql/data chown postgres /usr/local/pgsql/data
Run the installation script that creates/verifies all the various system-use tables etc
su postgres /usr/local/pgsql/bin/initdb -D /usr/local/pgsql/data
Fire up the server
/usr/local/pgsql/bin/postmaster -D /usr/local/pgsql/data > /usr/local/pgsql/data/serverlog 2>&1 &
At this point the PostgreSQL daemons should be running. A good way to verify this is to use this command :
If all is well, you should be able to see something like this :
388 pts/1 S 0:00 /usr/local/pgsql/bin/postmaster -D /usr/local/pgsql/data 389 pts/1 S 0:00 \_ postgres: stats buffer process 391 pts/1 S 0:00 \_ postgres: stats collector process
(If you received errors, look in the file /usr/local/pgsql/data/serverlog for debugging info)
Configure PostgreSQL so it is running all the time from bootup onwards
# exit back to the root user from the postgres su exitcp /usr/local/src/postgresql-7.3.4/contrib/start-scripts/linux /etc/rc.d/init.d/postgres chmod 744 /etc/rc.d/init.d/postgreschkconfig --add postgres
Then I like to use the ntsysv program to double-check that PostgreSQL is set to launch at boot time
Original Authors :
Current Development location : https://sourceforge.net/projects/vpopmail
(Original author's home page)
http://sourceforge.net/projects/vpopmail (The recent vpopmail development work is being done via Sourceforge)
Make the user accounts
# If you are using RH8.0, you will probably need to run this following command, # because RH8.0 comes preconfigured with UID/GID 89 allocated to postfix # # userdel postfixgroupadd -g 89 vchkpw useradd -g vchkpw -u 89 -d /home/vpopmail vpopmail# We recommend you use the user and group id's of 89. The FreeBSD folks # have reserved 89 for the group and 89 for the user for vpopmail. Feel # free to have the OS assign the group/user id (for example, Solaris won't # allow gid 89).
Download and unpack the source
cd /usr/local/src wget http://telia.dl.sourceforge.net/sourceforge/vpopmail/vpopmail-5.4.4.tar.gz tar xzf vpopmail-5.4.4.tar.gz chown -R root.root vpopmail-5.4.4 cd vpopmail-5.4.4
Create the a vpopmail database in PostgreSQL
/usr/local/pgsql/bin/createdb --username=postgres --owner=postgres vpopmail
Now, build the program
./configure \ --disable-roaming-users \ --enable-logging=p \ --disable-ip-alias-domains \ --disable-passwd=n \ --enable-clear-passwd \ --disable-domain-quotas=n \ --enable-auth-module=pgsql \ --disable-many-domains \ --enable-auth-logging \ --enable-pgsql-logging \ --enable-valias <-- We arent building roaming user support in this example <-- Log POP3 authentication errors to syslog (/var/log/maillog) <-- We don't want IP alias domain support for this example <-- Don't include /etc/passwd support. Our box doesnt have any "real" users, only vpopmail users <-- Enable storing passwords in cleartext. Makes your support staff's life much easier! <-- Disable support for domain-wide disk usage quotas <-- Store all the user and domain information in PostgreSQL rather than using disk-based "cdb" files <-- Tell vpopmail to create one PostgreSQL table per email domain <-- Maintain a lastauth table in PostgreSQL (shows when / how a user last accessed their email) <-- Maintain the vlog table in PostgreSQL (shows failed authentication requests) <-- Enable PostgreSQL valias processingmake make install-strip
Review the contents of the file is used to set the default limits for any domains / mailboxes in the vpopmail system. Make sure it contains reasonable defaults for your system.
Optionally, nominate a "default domain". Users in this domain can login to POP3 etc using just their username. Users from all other domains need to use their full email address as their login name.
echo "yourdomain.com" > /home/vpopmail/etc/defaultdomain
Setup the quota warning message that is sent to users when they are at 90% quota
vi quotawarn.msgFrom: SomeCompany Postmaster <firstname.lastname@example.org> Reply-To: email@example.com To: SomeCompany User:; Subject: Mail quota warning Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 7bit Your mailbox on the server is now more than 90% full. So that you can continue to receive mail, you need to remove some messages from your mailbox. If you require assistance with this, please contact our support department : email : firstname.lastname@example.org Tel : xx xxxx xxxxcp quotawarn.msg /home/vpopmail/domains/.quotawarn.msg
If you want, you can alter the standard message that gets sent to the sender in an overquota situation
echo "Message rejected. Not enough storage space in user's mailbox to accept message." > /home/vpopmail/domains/.over-quota.msg
OK, vpopmail is now installed!
Some example vpopmail commands :
To add a domain :/home/vpopmail/bin/vadddomain yourdomain.com yourpassword # this creates the domain and makes a mailbox email@example.com
To add a mailbox:/home/vpopmail/bin/vadduser firstname.lastname@example.org apassword
(Or you can do it via qmailadmin)
To remove a mailbox/home/vpopmail/bin/vdeluser email@example.com
(Or you can do it via qmailadmin)
To remove a domain :/home/vpopmail/bin/vdeldomain yourdomain.com
To change a user's password/home/vpopmail/bin/vpasswd firstname.lastname@example.org newpassword
(Or you can do it via qmailadmin)
To lookup info about a user/home/vpopmail/bin/vuserinfo email@example.com
This gives you info such as name, crypted password, cleartext password, dir, quota, usage%, last auth.
It has a number of flags to let you see the individual fields, or you can see them all if you dont use any flags.
It also creates the maildirsize file in the users dir
Logging in via POP3
When your users are setting up their POP3 email clients (eg Outlook Express), they should use settings like this :
My incoming mail server is a POP3 server
Incoming mail server (POP3): pop3.yourdomain.com
Outgoing mail server (SMTP): smtp.yourdomain.com
POP3 account name : firstname.lastname@example.org
When you configured vpopmail, you had the opportunity to nominate a "default" domain. When users from the default domain authenticate, it is optional for them to add the @yourdomain.com onto the end of their username. If vpopmail sees that no domain has been specified, then it will automatically perform the auth against the nominated default domain. If you are hosting multiple domains, then everyone who is NOT in the default domain MUST add their domain name onto the end of their username. (A small percentage of email programs eg Netscape Mail v4.7 do not permit the use of the @ symbol in account name. In this case you can use the % symbol instead of the @ symbol)
I would recommend that you use the pop3 daemon that is included with qmail. Note that there are a couple of important issues that you need to watch out for :
ISSUE 1 : Make sure you give your pop3d run script sufficient memory to execute successfully.
The error that is typically displayed in this situation is :
Mail server responded /vpopmail/bin/vchkpw: error while loading shared libraries libc.so.6: failed to map segment from shared object: cannot allocate memory.
Most configuration examples for the qmail POP3 server (eg "Life with qmail") will not work correctly when you are using vpopmail with PostgreSQL backend. The problem is that these sample POP3 supervise run scripts do not allocate enough memory for vpopmail with PostgreSQL to operate correctly.
If you were running vpopmail without PostgreSQL there would be no problems, but when you compile vpopmail with the PostgreSQL backend, quite a few additional libraries are linked in to the vpopmail code, meaning that it requires a larger softlimit setting to be able to run correctly.
Most examples show the POP3 supervise script with a softlimit of 2000000, but you will need to bump this up to 4000000 to allow vpopmail with PostgreSQL to run correctly.
eg /var/qmail/supervise/qmail-pop3d/run#!/bin/sh exec /usr/local/bin/softlimit -m 4000000 \ /usr/local/bin/tcpserver \ -H -l hostname.yourdomain.com \ -v -c 30 -R 0 pop3 \ /var/qmail/bin/qmail-popup hostname.yourdomain.com \ /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 2>&1# The line in orange should be used if you are running qmail on a computer # that is on a LAN that is using fake ips/masquerading. # It tells tcpserver not to bother trying to resolve ip addresses # to names when writing the pop3 log files. Usually with fake ips, # you cant resolve them to names, so it will make the POP3 services run # really slowly if it is always trying to resolve these addresses. # Alternatively, if you are eg an ISP and all your POP3 clients are # connecting from real IPs with resolvable names, then you can omit # the orange line and then then benefit from more readable logfiles.
ISSUE 2 : The qmail POP3 server needs to be patched to allow vpopmail's quotas to work correctly
You will need to apply a patch so that qmail's POP3 server will co-operate with vpopmail's mailbox quota system.
Unless you apply this patch, your vpopmail mailbox quotas wont be updated correctly when users POP mail out of their mailbox.# go to your qmail source directory cd /usr/local/src/qmail-1.03# grab the patch wget http://www.shupp.org/patches/qmail-maildir++.patch# apply patch to make qmail-pop3d compatible with the maildir++ quota # system that is used by vpopmail and courier-imap patch < qmail-maildir++.patch# stop your qmail server qmailctl stop # recompile qmail make setup check # start the qmail server qmailctl start
Back to Michael's ISP Links page
Last updated :
Please send me your feedback!
( I have an Amazon wish list )