Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen Revision Vorhergehende Überarbeitung Nächste Überarbeitung | Vorhergehende Überarbeitung | ||
zarafa [2011/05/05 16:23] admin |
zarafa [2014/07/09 08:07] (aktuell) admin |
||
---|---|---|---|
Zeile 1: | Zeile 1: | ||
====== Zarafa ====== | ====== Zarafa ====== | ||
+ | |||
+ | zypper in htop rsync mc nmap | ||
+ | |||
+ | === Zarafa Grundinstallation === | ||
+ | |||
+ | https://portal.zarafa.com/download-release | ||
+ | |||
+ | zypper in mysql apache2 libxml2 php5 apache2-mod_php5 php5-gettext php5-zlib php5-mysql xpdf-tools sysstat | ||
+ | |||
+ | === Postfix === | ||
+ | |||
+ | <file ini /etc/services> | ||
+ | ... | ||
+ | smtps 465/tcp # Secure SMTP | ||
+ | smtps 465/udp # Secure SMTP | ||
+ | ... | ||
+ | </file> | ||
+ | |||
+ | <file ini /etc/postfix/main.cf> | ||
+ | unknown_local_recipient_reject_code = 550 | ||
+ | local_recipient_maps = | ||
+ | |||
+ | mydestination = /etc/postfix/virtual/domains | ||
+ | virtual_alias_maps = hash:/etc/postfix/virtual/addresses | ||
+ | virtual_transport = lmtp:127.0.0.1:2003 | ||
+ | |||
+ | setgid_group = maildrop | ||
+ | queue_directory = /var/spool/postfix | ||
+ | command_directory = /usr/sbin | ||
+ | daemon_directory = /usr/lib/postfix | ||
+ | data_directory = /var/lib/postfix | ||
+ | mail_owner = postfix | ||
+ | mydomain = mail.bgweiz.at | ||
+ | myhostname = $mydomain | ||
+ | mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 | ||
+ | myorigin = mail.bgweiz.at | ||
+ | alias_maps = hash:/etc/aliases | ||
+ | alias_database = hash:/etc/aliases | ||
+ | relayhost = | ||
+ | relay_domains = $mydestination | ||
+ | mailbox_size_limit = 0 | ||
+ | recipient_delimiter = + | ||
+ | inet_interfaces = all | ||
+ | inet_protocols = ipv4 | ||
+ | |||
+ | mailbox_command = /usr/bin/zarafa-dagent "$USER" | ||
+ | mailbox_transport = zarafa: | ||
+ | zarafa_destination_recipient_limit = 1 | ||
+ | |||
+ | ## | ||
+ | smtpd_sasl_authenticated_header = yes | ||
+ | header_checks = regexp:/etc/postfix/header_checks | ||
+ | smtpd_sasl_local_domain = | ||
+ | smtpd_sasl_auth_enable = yes | ||
+ | smtpd_sasl_security_options = noanonymous | ||
+ | broken_sasl_auth_clients = yes | ||
+ | smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination | ||
+ | smtpd_tls_auth_only = no | ||
+ | smtp_tls_note_starttls_offer = yes | ||
+ | smtp_tls_security_level = may | ||
+ | smtpd_tls_security_level = may | ||
+ | smtpd_tls_cert_file = /etc/zarafa/ssl/server.crt | ||
+ | smtpd_tls_key_file = /etc/zarafa/ssl/server.key | ||
+ | smtp_tls_CApath = /etc/ssl/certs | ||
+ | smtpd_tls_loglevel = 1 | ||
+ | smtpd_tls_received_header = yes | ||
+ | </file> | ||
+ | |||
+ | <file ini /etc/postfix/master.cf> | ||
+ | # | ||
+ | # Postfix master process configuration file. For details on the format | ||
+ | # of the file, see the Postfix master(5) manual page. | ||
+ | # | ||
+ | # ========================================================================== | ||
+ | # service type private unpriv chroot wakeup maxproc command + args | ||
+ | # (yes) (yes) (yes) (never) (100) | ||
+ | # ========================================================================== | ||
+ | smtp inet n - n - - smtpd | ||
+ | #submission inet n - n - - smtpd | ||
+ | # -o smtpd_etrn_restrictions=reject | ||
+ | # -o smtpd_client_restrictions=permit_sasl_authenticated,reject | ||
+ | smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes | ||
+ | -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes | ||
+ | #submission inet n - n - - smtpd | ||
+ | # -o smtpd_etrn_restrictions=reject | ||
+ | # -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes | ||
+ | #628 inet n - n - - qmqpd | ||
+ | pickup fifo n - n 60 1 pickup | ||
+ | cleanup unix n - n - 0 cleanup | ||
+ | qmgr fifo n - n 300 1 qmgr | ||
+ | #qmgr fifo n - n 300 1 oqmgr | ||
+ | tlsmgr unix - - n 1000? 1 tlsmgr | ||
+ | rewrite unix - - n - - trivial-rewrite | ||
+ | bounce unix - - n - 0 bounce | ||
+ | defer unix - - n - 0 bounce | ||
+ | trace unix - - n - 0 bounce | ||
+ | verify unix - - n - 1 verify | ||
+ | flush unix n - n 1000? 0 flush | ||
+ | proxymap unix - - n - - proxymap | ||
+ | smtp unix - - n - - smtp | ||
+ | # When relaying mail as backup MX, disable fallback_relay to avoid MX loops | ||
+ | relay unix - - n - - smtp | ||
+ | -o fallback_relay= | ||
+ | # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 | ||
+ | showq unix n - n - - showq | ||
+ | error unix - - n - - error | ||
+ | discard unix - - n - - discard | ||
+ | local unix - n n - - local | ||
+ | virtual unix - n n - - virtual | ||
+ | lmtp unix - - n - - lmtp | ||
+ | anvil unix - - n - 1 anvil | ||
+ | #localhost:10025 inet n - n - - smtpd -o content_filter= | ||
+ | scache unix - - n - 1 scache | ||
+ | # | ||
+ | # ==================================================================== | ||
+ | # Interfaces to non-Postfix software. Be sure to examine the manual | ||
+ | # pages of the non-Postfix software to find out what options it wants. | ||
+ | # | ||
+ | # Many of the following services use the Postfix pipe(8) delivery | ||
+ | # agent. See the pipe(8) man page for information about ${recipient} | ||
+ | # and other message envelope options. | ||
+ | # ==================================================================== | ||
+ | # | ||
+ | # maildrop. See the Postfix MAILDROP_README file for details. | ||
+ | # Also specify in main.cf: maildrop_destination_recipient_limit=1 | ||
+ | # | ||
+ | maildrop unix - n n - - pipe | ||
+ | flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} | ||
+ | cyrus unix - n n - - pipe | ||
+ | user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} | ||
+ | uucp unix - n n - - pipe | ||
+ | flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) | ||
+ | ifmail unix - n n - - pipe | ||
+ | flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) | ||
+ | bsmtp unix - n n - - pipe | ||
+ | flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient | ||
+ | procmail unix - n n - - pipe | ||
+ | flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient} | ||
+ | retry unix - - n - - error | ||
+ | proxywrite unix - - n - 1 proxymap | ||
+ | |||
+ | # Zarafa | ||
+ | #zarafa unix - n n - 10 pipe | ||
+ | # flags=DRhu user=vmail argv=/usr/bin/zarafa-dagent -R ${recipient} | ||
+ | #zarafa unix - n n - - pipe | ||
+ | # flags= user=mail argv=/usr/bin/procmail -a ${user} | ||
+ | zarafa unix - n n - 10 pipe | ||
+ | flags= user=mail argv=/usr/bin/zarafa-dagent ${user} | ||
+ | </file> | ||
+ | |||
+ | <file ini /etc/postfix/virtual/domains> | ||
+ | bgweiz.at | ||
+ | mail.bgweiz.at | ||
+ | d4e.at | ||
+ | mail.d4e.at | ||
+ | </file> | ||
+ | |||
+ | <file ini /etc/postfix/virtual/addresses> | ||
+ | #bgweiz.at DOMAIN | ||
+ | direktion@bgweiz.at direktion | ||
+ | matthias.praunegger@bgweiz.at matthias | ||
+ | |||
+ | #d4e.at DOMAIN | ||
+ | info@d4e.at info | ||
+ | |||
+ | </file> | ||
+ | |||
+ | postmap /etc/postfix/virtual/addresses | ||
+ | |||
+ | /etc/init.d/postfix restart | ||
+ | |||
+ | === Zarafa-Konfiguration === | ||
+ | |||
+ | <file ini /etc/sysconfig/zarafa> | ||
+ | ZARAFA_LOCALE="de_DE.UTF-8" | ||
+ | ZARAFA_USERSCRIPT_LOCALE="de_DE.UTF-8" | ||
+ | </file> | ||
+ | |||
+ | <file ini /etc/zarafa/server.cfg> | ||
+ | ... | ||
+ | local_admin_users = root mail | ||
+ | mysql_password = mysqlpasswort | ||
+ | server_ssl_enabled = yes | ||
+ | server_ssl_key_pass = sslpasswort | ||
+ | server_ssl_ca_file = /etc/zarafa/ssl/ca.pem | ||
+ | user_plugin_config = | ||
+ | #/etc/zarafa/ldap.cfg | ||
+ | disabled_features = pop3 | ||
+ | ... | ||
+ | </file> | ||
+ | |||
+ | mkdir /etc/zarafa/ssl | ||
+ | cd /etc/zarafa/ssl | ||
+ | wget http://www.startssl.com/certs/ca.pem | ||
+ | wget http://www.startssl.com/certs/sub.class1.server.ca.pem | ||
+ | cat server.crt server.key > server.pem | ||
+ | |||
+ | mkdir /etc/apache2/ssl | ||
+ | cd /etc/apache2/ssl | ||
+ | wget http://www.startssl.com/certs/ca.pem | ||
+ | wget http://www.startssl.com/certs/sub.class1.server.ca.pem | ||
+ | |||
+ | <file ini /etc/zarafa/gateway.cfg> | ||
+ | ... | ||
+ | pop3_enable = no | ||
+ | imaps_enable = yes | ||
+ | ssl_private_key_file = /etc/zarafa/ssl/server.key | ||
+ | ssl_certificate_file = /etc/zarafa/ssl/server.crt | ||
+ | ... | ||
+ | </file> | ||
+ | |||
+ | |||
+ | <file ini /etc/sysconfig/apache2> | ||
+ | ... | ||
+ | APACHE_MODULES="actions alias auth_basic authn_file authz_host authz_groupfile authz_default authz_user authn_dbm autoindex cgi dir env expires include log_config mime negotiation setenvif ssl suexec userdir php5 proxy headers rewrite" | ||
+ | ... | ||
+ | </file> | ||
+ | |||
+ | <file ini /etc/apache2/listen.conf> | ||
+ | Listen 443 | ||
+ | Listen 80 | ||
+ | |||
+ | NameVirtualHost *:443 | ||
+ | </file> | ||
+ | |||
+ | <file ini /etc/apache2/vhosts.d/zarafa.conf> | ||
+ | <VirtualHost *:443> | ||
+ | DocumentRoot "/srv/www/htdocs" | ||
+ | ServerName mail.bgweiz.at:443 | ||
+ | ServerAdmin webmaster@bgweiz.at | ||
+ | ErrorLog /var/log/apache2/bgweiz.at-ssl-error_log | ||
+ | TransferLog /var/log/apache2/bgweiz.at-ssl-access_log | ||
+ | |||
+ | SSLEngine on | ||
+ | SSLProtocol all -SSLv2 | ||
+ | SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM | ||
+ | |||
+ | SSLCertificateFile /etc/apache2/ssl/server.crt | ||
+ | SSLCertificateKeyFile /etc/apache2/ssl/server.key | ||
+ | SSLCertificateChainFile /etc/apache2/ssl/sub.class1.server.ca.pem | ||
+ | SSLCACertificateFile /etc/apache2/ssl/ca.pem | ||
+ | SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown | ||
+ | CustomLog /var/log/apache2/bgweiz.at-ssl-custom_log \ | ||
+ | "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" | ||
+ | |||
+ | RewriteEngine On | ||
+ | RewriteCond %{SERVER_PORT} 80 | ||
+ | RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R,L] | ||
+ | </VirtualHost> | ||
+ | </file> | ||
+ | |||
+ | <file ini /etc/apache2/conf.d/zarafa-webaccess.conf> | ||
+ | Alias /webaccess /usr/share/zarafa-webaccess | ||
+ | |||
+ | RewriteEngine On | ||
+ | RewriteCond %{SERVER_PORT} 80 | ||
+ | RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R,L] | ||
+ | |||
+ | <Directory /usr/share/zarafa-webaccess/> | ||
+ | DirectoryIndex index.php | ||
+ | Options -Indexes +FollowSymLinks | ||
+ | AllowOverride Options | ||
+ | |||
+ | Order allow,deny | ||
+ | Allow from all | ||
+ | </Directory> | ||
+ | </file> | ||
+ | |||
+ | <file ini /etc/apache2/conf.d/z-push.conf> | ||
+ | Alias /Microsoft-Server-ActiveSync /usr/share/z-push/index.php | ||
+ | |||
+ | RewriteEngine On | ||
+ | RewriteCond %{SERVER_PORT} 80 | ||
+ | RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R,L] | ||
+ | |||
+ | <Directory /usr/share/z-push/> | ||
+ | DirectoryIndex index.php | ||
+ | Options -Indexes +FollowSymLinks | ||
+ | AllowOverride Options | ||
+ | |||
+ | Order allow,deny | ||
+ | Allow from all | ||
+ | </Directory> | ||
+ | </file> | ||
+ | |||
+ | cd /raid/zarafa | ||
+ | wget http://zarafa-deutschland.de/z-push-download/final/2.0/z-push-2.0.5-1541.tar.gz | ||
+ | tar xvfz z-push-2.0.5-1541.tar.gz | ||
+ | cp -av z-push-2.0.5-1541 /usr/share/z-push | ||
+ | chown -R wwwrun:www /usr/share/z-push/ | ||
+ | |||
+ | <file ini /usr/share/z-push/.htaccess> | ||
+ | php_flag magic_quotes_gpc off | ||
+ | php_flag register_globals off | ||
+ | php_flag magic_quotes_runtime off | ||
+ | php_flag short_open_tag on | ||
+ | </file> | ||
+ | |||
+ | <file php /usr/share/z-push/config.php> | ||
+ | ... | ||
+ | define('TIMEZONE', 'Europe/Vienna'); | ||
+ | ... | ||
+ | </file> | ||
+ | |||
+ | <file ini /srv/www/htdocs/.htaccess> | ||
+ | RewriteEngine On | ||
+ | RewriteCond %{SERVER_PORT} 80 | ||
+ | RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R,L] | ||
+ | </file> | ||
+ | |||
+ | <file php /srv/www/htdocs/index.php> | ||
+ | <?php | ||
+ | header("Location: /webaccess"); | ||
+ | ?> | ||
+ | </file> | ||
+ | |||
+ | mkdir /var/log/z-push/ | ||
+ | chown -R wwwrun:www /var/log/z-push/ | ||
+ | |||
+ | mkdir /var/lib/z-push/ | ||
+ | chmod 777 /var/lib/z-push/ | ||
+ | |||
+ | /etc/init.d/apache2 restart | ||
+ | /etc/init.d/zarafa-gateway restart | ||
+ | /etc/init.d/zarafa-server restart | ||
+ | |||
+ | |||
+ | ---- | ||
+ | alte Notizen: | ||
+ | ---- | ||
KROMER, Michael (Topalis) | KROMER, Michael (Topalis) | ||
Zeile 41: | Zeile 371: | ||
/usr/bin/zarafa-admin -c test -p password -e test@example.com -f "Zarafa Test"\\ | /usr/bin/zarafa-admin -c test -p password -e test@example.com -f "Zarafa Test"\\ | ||
+ | |||
+ | === Z-Push === | ||
+ | |||
+ | Mail wie SMS\ | ||
+ | Kontakte\\ | ||
+ | Kalender\\ | ||
+ | Funktioniert mit fast allen Active-Sync Geräten iPhone, WP7, Nokia, ---)\\ | ||
+ | |||
+ | == Clients für Android == | ||
+ | Touchdown!\\ | ||
+ | Moxier Mail\\ | ||
+ | Roadsync\\ | ||
+ | |||
+ | Remote winp - bei Verlust Handydaten löschen.\\ | ||
+ | markus@android01.info |