Main Menu
PHP Tools
PHP Help Request
PHP Editors Newsletter
Editor Search
Reviewed PHP Editors
Latest News
Submit News
PHP Tutorials
PHP Book Reviews
Online Book Chapters
PHP Games

Forums
RSS 2.0
PHP Desktop Editors
Other PHP Tools
PHP Contests
PHP Programming Help
Linux Help
Apache Help
MySQL Help
PHP Games
PHP Jobs
PHP Forums Home

Programming Contest
PHP Contests
PHP Contests Archive

Documentation
PHP Manual
PEAR Manual
PHP-GTK Manual
Smarty Manual
PostgreSQL Manual
CSS 2 Reference
Redhat Linux 9
HTML 4.01
Apache 2 Manual

Partner Sites
Ajax Tutorials
Webmaster Resources
Web Templates
PHP Scripts
PHP Code Examples
Learn PHP playing Trivia
PHP & MySQL Forums
Web Development Index
web site templates

Sponsors

NuSphere

4

Incoming mail with POP and IMAP

Postfix will receive email and deliver it to the user's inbox, but additional software is required to read it with ease. There are two standards for retrieval of email from a host.
 
The first is called POP (Post Office Protocol). POP3 is most commonly used. This is normally used to read email from the server, store it in a client application, and remove the email from the server. This is often used by ISPs (Internet Service Providers). The email is subsequently manipulated by the client application, for example Outlook Express or Mozilla Thunderbird.

The second protocol is called IMAP (Internet Message Access Protocol). The IMAP system is usually used when the email is to stay on the server. IMAP allows users to create folders for email, and to move or copy emails between the folders. The client application accesses the email on the server, but does not have to store it on the client machine. The email server must be able to store all of the email for all of its users, and the amount of data is expected to grow constantly -users rarely delete email. IMAP is therefor more frequently used in large organizations with centralized

I.T. Facilities.

There are many POP3 and IMAP servers. Some perform only one of the tasks. The Courier suite of software contains both a POP3 and IMAP servers, and is covered in detail in this chapter.

Courier operates by accessing the maildir of the user. An overview of the operation is shown below:

(todo: nice diagram. Postfix putting email into maildir, courier accessing it, email client accessing it via POP3 and IMAP)

 

Downloading and Installing Courier

Courier is a suite of programs, and includes a fully-fledged MTA. This book assumes that Postfix is used. It is important that only the POP3 and IMAP components of Courier are installed and configured -an email system would be very unstable if there were two MTAs operating at once.

There are a couple of ways to install Courier. RPMs (Redhat Package Manager) of it are available for several different distributions of Linux. These will either be available from the manufacturer of the distribution, or may have been built by a third party, typically an enthusiast or developer of courier. If a package of Courier is not available in RPM, then it has to be built from source.

Installing Courier-IMAP from RPM

With RPMs, it is important to get one that matches the distribution in use. Using an RPM for another distribution may not work correctly, and may also make existing software unstable.

To locate an RPM of Courier-IMAP, first check if one is provided by the Linux distributer. If so, then download and use it. If the vendor does not provide a package, then it is possible that another may be provided. To check this, search the web. There is a database of RPMs available at www.rpmfind.net, and by searching for "courier", coupled with the name of the distribution, will locate any suitable packages. It is best to only use a package designed for a particular version of a distribution, for example a package for Mandrake Linux 8.0 should not be used for Mandrake Linux 8.1. If in doubt, it is best to install Courier-IMAP from source, as described in the next section.

To install Courier-IMAP from RPM, firstly download the RPM, and use a command prompt to change to the directory containing the file. As root, use the rpm command to install the RPM:

# rpm -ivh Courier-imap-mandrake-8.1.rpm

The RPM command may fail as prerequisite software may be required. In this case, the output will name the software required. The appropriate package can be downloaded and installed using the rpm command as above. Once all prerequisite software has been installed, then courier-imap can be installed using the rpm command shown above.

Due to the complexities of managing dependent packages, a graphical interface can be used to install Courier-IMAP. This may only work for Courier-IMAP if the RPM is provided by the distributer, but should be successful in installing prerequisite software.

If the rpm command was used to install Courier, then it can be used to uninstall it. The command will be similar to the following:

# rpm -e Courier-IMAP

Installing Courier-IMAP from source

Installing Courier-IMAP from source is not a difficult task on a modern Linux distribution. On older versions of Linux, and on other Unix platforms such as AIX, Solaris, and HP/UX, problems may arise, particularly if the rest of the system software is not up to date.

Prerequisites

The following are required to install Courier-IMAP:

  • A working C++ compiler. We recommend the Gnu C ++ Compiler, which is part of virtually every Linux distribution and is available free for most platforms. If an RPM or other package of gcc is available (and it almost certainly will) then it should be used in preference to building from source.
  • A make utility. We recommend the gnu make utility, which will be available for most platforms, or can be downloaded from www.gnu.org/software/gcc/gcc.html
  • The Gnu linker, available from www.gnu.org/software/binutils/.
  • Gnu libtool, available from www.gnu.org/software/libtool/.
  • Either the Berkeley DB library or the GDBM library. These are libraries that allow programs to make databases in files. Again, these should be available in packaged form, but can be downloaded from www.sleepycat.com and http://www.gnu.org/software/gdbm/gdbm.html respectively. One or both of these will almost certainly be installed already.
  • The Courier source code.

To successfully install Courier-IMAP, all the prerequisites must be installed first.

Installing Courier-IMAP versions below 4.0 from source

In January 2005, Courier-IMAP 4.0 was introduced. Generally, when a major version of an open-source package is released, distributions tend delay implementing it for a period of months or even years. However, the new package always offers major improvements and new features. We recommend that you install the latest version available, wherever possible. Often, only the latest version of a package is actively maintained, and bugs or security errors in a package may only be fixed in the latest version. For an application which listens for connections on an Internet connection, security vulnerabilities can be very serious.

However, there are often good reasons for using an older version -documentation is abundant and help is often readily available. An older version often has a "tried and tested" reputation that is appealing.

If you wish to install a version of Courier-IMAP below 4.0, then the instructions are similar to below, but there is no need to download and install the Courier Authentication library. Please skip the following section and proceed to "Building Courier-IMAP"

Building the Courier Authentication Library

There are two phases to installing Courier-IMAP. First of all, the Courier authentication library, called Courier-authlib, must be built. Once this is done, Courier-IMAP can be installed.

The Courier-authlib source should be downloaded from www.courier-mta.org/authlib/. As with many open-source packages, the Courier Authentication Library uses a configuration script to detect system capabilities, then uses the make command to build and install the software.

To build the Courier Authentication Library, enter the following commands. You should see responses similar to those below:

checking for a BSD-compatible install... /bin/install -c

checking whether build environment is sane... yes

checking for gawk... gawk

... (lots more output appears)

config.status: creating authlib.html

config.status: executing depfiles commands

config.status: creating README_authlib.html

config.status: executing depfiles commands

make[1]: Entering directory `/tmp/courier-authlib-0.52-r1/

Making all in libltdl

make[2]: Entering directory `/tmp//courier-authlib-0.52/libltdl'

make all-am

make[3]: Entering directory `/tmp/courier-authlib-0.52/libltdl'

( lots more output)

cp imap/pop3d.cnf .

cp -f ./maildir/quotawarnmsg quotawarnmsg.example

make[2]: Leaving directory `/var/tmp/portage/courier-imap-4.0.1/work/courier

imap-4.0.1'

make[1]: Leaving directory `/var/tmp/portage/courier-imap-4.0.1/work/courier

imap-4.0.1'

Making install in numlib

make[1]: Entering directory `/var/tmp/portage/courier-imap-4.0.1/work/courier

imap-4.0.1/numlib'

make[2]: Entering directory `/var/tmp/portage/courier-imap-4.0.1/work/courier

imap-4.0.1/numlib'

( lots more output)

usr/sbin/imaplogin

usr/sbin/pop3login

usr/sbin/courier-imapd

usr/sbin/courier-pop3d

usr/lib/courier-imap/makedatprog

usr/lib/courier-imap/couriertcpd

usr/bin/maildirmake

#

After the commands have executed successfully, the Courier Authentication Library will be installed. Before it can be started, some configuration is required.

Configuring the Courier Authentication Library

Several decisions need to be made once the authentication library is installed.

The Courier Authentication Library provides the system administrator with flexibility in how to authenticate users. Authentication is when a user proves their identity, typically by providing a valid username and corresponding password. The following options are available:

Authentication Method Description
authshadow Most Linux distributions hold user passwords in a system file called /etc/shadow by default. Using authshadow for authentication validates passwords against system accounts. This is suitable only when users have system accounts – i.e. they can log onto the machine using telnet or ssh.
authpwd On older systems, passwords were stored in the /etc/passwd file. The authpwd module allows users to be authenticated against their system password. Again, users must have system accounts.
authuserdb Unlike authshadow, where each user needs a system account, authuserdb stores user details seperately from the system accounts. This allows a ”virtual mailbox” facility, where users can be defined without having real accounts on the machine. A number of scripts are used to administer the database, which is held in two files.
Authmysql This is similar to authuserdb, but uses a MySQL database instead of the files used in authuserdb. MySQL is a popular relational database provided by most Linux distributions, and offers both advantages and disadvantages over the
authpam Authentication is provided by the programmable access method (PAM) library. PAM is a commonly used library, and should be provided by most Linux distributions. Pam is flexible, and can in turn authenticate users from a variety of sources, including the system password database (typically the /etc/passwd file).
authcustom This allows the system administrator to develop their own, custom authentication method.

Choosing an authentication method can be a difficult decision. Here a re some guidelines:

  • If all users will have system accounts, then authshadow, authpwd or authpam can be used. If PAM is already installed and configured, then it should be used in preference.
  • If a virtual email system is required, then use either authdb, or authmysql. For small sites, there is little advantage in choosing authmysql over authdb.

In this book, only simple authentication with authshadow (or authpwd) is covered, although if PAM is installed and configured, then no additional configuration will be required. Authuserdb and authmysql require further configuration, which is described in the documentation for the authentication library.

The directory /usr/local/etc/courier/authlib contains the configuration files for the Courier authentication library. For security purposes, it's best to make the whole directory readable only by certain users. The default authdaemonrc file can be copied from the installation directory.

# mkdir -p /usr/local/etc/courier/authlib# chown mail:mail /usr/local/etc/courier/authlib/# chmod 755 /usr/local/etc/courier/authlib/# cp /tmp/courier-authlib-0.52/authdaemonrc /usr/local/etc/courier/authlib

To complete the configuration, edit the file /usr/local/etc/courier/authlib/authdaemonrc and alter the following entries as appropriate:

authmodulelist="authshadow"daemons=3authdaemonvar=/var/lib/courier/authdaemonDEBUG_LOGIN=0DEFAULTOPTIONS=""

In the line beginning authmodulelist, enter only the module(s) that you wish to use.

The daemons= line lists how many processes should wait to authenticate users. Unless there will be a very high number of users, a value of 3 to 5 should suffice. The bigger the number of daemons, the more memory will be used up by the authentication library, and there will be less available for other processes, which may affect overall system performance.

The authdaemonvar line lists where the courier authentication library places its run-time files, in particular the socket used to connect to it. The directory listed here (in this example, it is /var/lib/courier/authdaemon) should exist and be only readable by the root user. Use the following commands as root to create the directory:

# mkdir -p /var/lib/courier/authdaemon# chmod 750 /var/lib/courier/authdaemon# chown mail:mail /var/lib/courier/authdaemon

For security purposes, it's best to make the authdaemonrc file readable only by certain users:

# chown mail:mail /usr/local/etc/courier/authlib/authdaemonrc

The authentication daemon needs to be started when the system boots. Typically, a script is placed in /etc/init.d/ to enable easy starting and stopping of a daemon. A sample script is included with the source of the authentication library, in ./courier-authlib.sysvinit.

This file should be placed in /etc/init.d:

# cd /tmp/courier-authlib-0.52# cp courier-authlib.sysvinit /etc/init.d/courier-auth

The service can in future be started and stopped with the commands:

# /etc/init.d/courier-auth start# /etc/init.d/courier-auth stop

Initially, we should run the daemon directly from the command line. Any errors will then be displayed.

# /usr/local/sbin/authdaemond start /usr/local/sbin/authdaemond: line 16: /usr/local/etc/authlib/authdaemonrc: No such file or directory

In the example above, the /usr/local/etc/authlib/authdaemonrc file was missing.

If the service is started correctly, then it can be stopped by passing it the parameter stop:

# /usr/local/sbin/authdaemond stop

To get the service to automatically start as Linux boots, consult the documentation for the distribution. On RedHat systems, the service command can be used to configure a service to start automatically:

# service courier-auth add default

For other distributions, the chkconfig command might be used:

# chkconfig -add imapd

 

Continue to Linux Email Part Two >>

 
© Copyright 2003-2023 www.php-editors.com. The ultimate PHP Editor and PHP IDE site.