DBMail over PostgreSQL + Postfix + SASL on Debian. Part 2. DBMail.

Part 1. Introduction.
Part 2. DBMail.
Part 3. Postfix.
Part 4. SASL.
Part 5. SPF. DKIM. DMARC. Clear headers. DNS PTR.

nfgd.net repo was gone, so there are no compiled deb packages now. We need to build one manually.
Download the latest sources from official site or download 3.2.3 from my backup and unpack it.

cd /root
wget http://dbmail.org/download/3.2/dbmail-3.2.3.tar.gz
tar -xvzf dbmail-3.2.3.tar.gz
cd dbmail-3.2.3/

Install all appropriate tools to build a package.

apt install automake automake1.11 autoconf debhelper libncurses5-dev libldap2-dev libtool asciidoc xmlto po-debconf default-libmysqlclient-dev libpq-dev libsqlite3-dev libsieve2-dev libglib2.0-dev libgmime-2.6-dev libzdb-dev libmhash-dev libevent-dev pkg-config libssl-dev

Add missing debian changelog entry to the top of debian/changelog file.

dbmail (3.2.3-1) oneiric; urgency=low

  * upstream release

 -- Paul J Stevens <paul@nfg.nl>  Sun, 11 Mar 2012 09:01:44 +0100

Move sources, build package and install it.

mv ../dbmail-3.2.3.tar.gz ../dbmail_3.2.3.orig.tar.gz
dpkg-buildpackage -us -uc -d
apt install ../dbmail_3.2.3-1_amd64.deb

Or you can download package builded by me on Debian 9.9_amd64 machine.

Create PostgreSQL user, database and objects for DBMail.

su - postgres
psql -x -c "create user dbmail with encrypted password 'db_user_password';"
createdb -O dbmail dbmail
exit
psql -h 127.0.0.1 -U dbmail -d dbmail -a -f /root/dbmail-3.2.3/sql/postgresql/create_tables.pgsql

Edit /etc/dbmail/dbmail.conf config file.

[DBMAIL]
dburi = postgresql://dbmail:db_user_password@127.0.0.1:5432/dbmail
authdriver = sql
table_prefix = dbmail_
encoding = utf8
default_msg_encoding = utf8
sendmail = /usr/sbin/sendmail
file_logging_levels  = 7
syslog_logging_levels = 31
query_timeout = 300
effective_user = dbmail
effective_group = dbmail
#bind over IPv4 and IPv6 both
bindip = ::
timeout = 300
login_timeout  = 60
logfile = /var/log/dbmail/dbmail.log
errorlog = /var/log/dbmail/dbmail.err
pid_directory = /var/run/dbmail

tls_cafile = /etc/letsencrypt/live/mail.somewhere-in-the.space/fullchain.pem
tls_cert = /etc/letsencrypt/live/mail.somewhere-in-the.space/fullchain.pem
tls_key = /etc/letsencrypt/live/mail.somewhere-in-the.space/privkey.pem
tls_ciphers = ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS

[IMAP]
port = 143
tls_port = 993
timeout = 4000
imap_before_smtp = no
#Thunderbird needs it to work over 994 port, SASL needs it to auth users over IMAP.
login_disabled = no

[DELIVERY]
AUTO_NOTIFY = no
AUTO_REPLY = no

Edit /etc/default/dbmail file and enable IMAP daemon.

export EVENT_NOEPOLL=yes
START_IMAPD=true

Restart DBMail after certificates renewing. Edit /etc/letsencrypt/cli.ini.

###
post-hook = /bin/chmod -R 640 /etc/letsencrypt/archive/ > /dev/null 2>&1 && /bin/systemctl restart dbmail
###

Restart DBMail.

systemctl restart dbmail

Edit and fix /etc/logrotate.d/dbmail file create directive.

/var/log/dbmail/*.log {
         daily
         missingok
         rotate 7
         compress
         delaycompress
         notifempty
         create 640 dbmail adm
         sharedscripts
         postrotate
           /etc/init.d/dbmail restart > /dev/null
         endscript
}

Change existing log files permissions.

chown -R dbmail:adm /var/log/dbmail/*

Check DBMail is running.

ps aux | grep dbmail
dbmail   27668  0.0  2.0 152052 10416 ?        Sl   May17   1:11 /usr/sbin/dbmail-lmtpd

Check IMAP ports are open.

apt install net-tools
netstat -atun | grep "143\|993"
tcp6       0      0 :::143                  :::*                    LISTEN
tcp6       0      0 :::993                  :::*                    LISTEN

Check connection using openssl.

openssl s_client -connect mail.somewhere-in-the.space:993 -crlf
###Other output
###...
###...
* OK [CAPABILITY IMAP4rev1 AUTH=LOGIN AUTH=CRAM-MD5 STARTTLS ID LITERAL+] dbmail 3.2.3 ready.

Add DBMail user specifing the correct config file. Login name should match email name for config simplisity. Password stores as a plaintext, because SASL can’t work with encrypted passwords. In this sample we create one user for 3 mailboxes.

dbmail-users -a admin@somewhere-in-the.space -p plaintext -w fgh515_user_password -s admin@somewhere-in-the.space,root@somewhere-in-the.space,postmaster@somewhere-in-the.space -f /etc/dbmail/dbmail.conf

DBMail setup is done. Let’s setup postfix.

Leave a Reply

Your email address will not be published. Required fields are marked *