step-by-step guide

Timo Boettcher spida@gmx.net
Sat, 9 Mar 2002 14:14:30 +0100


Ok, here we go.

I worked this up from my .bash_history, my memory and the INSTALL and
README files found everywhere. I'm not sure that this is the method I
used, since I made many mistakes and had to turn back, and just now my
installation isn't quiet working.
I do not give you a guarantee that this does ANYTHING, so don't blame
me. But it is remoteley possible that you could end up having a
working webmail system. :-)
So: If something doesn't work or is stupid, please tell me. I'm still
working on it. If you wish, I will send you any updates/corrections I
get, until I have some webspace to put this document on.

Timo Boettcher <timo_boettcher@gmx.de>

Some small hints about installing horde/imp on Redhat 7.2

Required:
- Some Linux box, preferrably with Redhat 7.2 since this was written with a Redhat 7.2 box as reference
- working make environment
- internet-connection (or at least, the posiibility to obtain the mentioned files)
- wget, ftpget
- perl
- [aspell]
- time, nerves
- a working backup (since I refuse to give any warranty about this, even that this does anything)
- everything I have forgotten


First get and install openssl. You'll need it for various things.
        cd /usr/src
        wget http://www.openssl.org/source/openssl-0.9.6c.tar.gz
        tar xvzf openssl-0.9.6c.tar.gz
        cd openssl-0.9.6c
        ./config
        make
        make test
        make install

Let's create some self-signed certificate.
        cd /usr/local/ssl/certs/
        openssl req -new -x509 -nodes -out imapd.pem -keyout imapd.pem -days 365

Get and install libmcrypt.
        cd /usr/src
        ftpget ftp://mcrypt.hellug.gr/pub/mcrypt/libmcrypt/libmcrypt-2.4.22.tar.gz
        tar xvzf libmcrypt-2.4.22.tar.gz
        cd libmcrypt-2.4.22
        ./configure
        make
        make check
        make install

Get and install OpenSSH, since the versions in most distributions are not up-to-date and are said to be insecure.
        cd /usr/src
        ftpget ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.1p1.tar.gz
        tar xvzf openssh-3.1.1p1.tar.gz
        cd openssh-3.1.1p1
        ./configure
        make
Doing "make install" will generate a new host-key
        make install
        
Get and install some smtp-mailserver. Sendmail seems to be quiet bugggy, so I decided in favor of postfix.
        cd /usr/src
        wget http://postfix.portal-to-web.de/dist/official/postfix-20010228-pl08.tar.gz
        tar xvzf postfix-20010228-pl08.tar.gz
        cd postfix-20010228-pl08
"make" will ask you some questions. The defaults were OK for me.
        make
        

Configure it in /etc/postfix/main.cf
        mydomain = myserver.net

        myorigin = $mydomain

        mydestination = $myhostname, localhost.$mydomain $mydomain

This is for pop-before-smtp, which will be installed just after that
        smtpd_recipient_restrictions = permit_mynetworks,reject_non_fqdn_recipient,
                check_client_access hash:/etc/postfix/pop-before-smtp, check_relay_domain
Here is still some work to be done...

        
        
to start postfix, upon each reboot, let some script call
        /usr/sbin/postfix start


If you want to use your mailserver with clients except horde/imp from anywhere out of the internet, you should
put up some protective measures against being an "open-relay".
        cd /usr/src
        wget http://people.oven.com/bet/pop-before-smtp/pop-before-smtp-1.28.tar.gz
        tar xvzf pop-before-smtp-1.28.tar.gz
        cd pop-before-smtp-1.28
Install the script
        cp pop-before-smtp /usr/sbin/
Install the init-script 
        cp init-redhat-alex /etc/init.d/pop-before-smtp
        cd contrib
Get the necessary perl-modules
        ./getfromcpan
or
        perl -MCPAN -e 'install Time::HiRes'
        perl -MCPAN -e 'install File::Tail'
        perl -MCPAN -e 'install Date::Parse'
        perl -MCPAN -e 'install Net::Netmask'

Get an Imap-server (UW-Imapd includes the also-needed client-library)
        cd /usr/src
        ftpget ftp://ftp.cac.washington.edu/imap/imap-2001a.tar.Z
        tar xvzf imap-2001a.tar.Z
        cd imap-2001a/
        make slx PASSWDTYPE=pam SSLTYPE=unix
        touch /etc/cram-md5
        chmod 0600 /etc/cram-md5

Copy the compiled programs to /usr/sbin
         cp scr/imapd/imapd /usr/sbin
         cp src/ipopd/imapd /usr/sbin

Set your [x]inetd to launch these on incoming connections
/etc/xinetd/imap
         service imap
         {
                 disable = no
                 socket_type             = stream
                 wait                    = no
                 user                    = root
                 server                  = /usr/sbin/imapd
                 log_on_success          += DURATION USERID
                 log_on_failure          += USERID
         }
/etc/xinetd/ipop3
         service pop3
         {
                 disable = no
                 socket_type             = stream
                 wait                    = no
                 user                    = root
                 server                  = /usr/sbin/ipop3d
                 log_on_success          += USERID
                 log_on_failure          += USERID
         }



Get a db to store your user-settings. I decided to use postgres, but it should work with mysql just as fine.
        cd /usr/src
        ftpget ftp://ftp.postgresql.org/pub/source/v7.2/postgresql-7.2.tar.gz
        tar xvzf postgresql-7.2.tar.gz
        cd postgresql-7.2
        ./configure --with-perl --with-openssl
        make
        make install
        mkdir /usr/local/pgsql/data
        chown postgres:postgres /usr/local/pgsql/data
        /usr/local/pgsql/bin/initdb -D /usr/local/pgsql/data
        adduser postgres
        
Get a new apache-webserver
        cd /usr/src
        wget http://www.apache.org/dist/httpd/apache_1.3.23.tar.gz
        tar xvzf apache_1.3.23.tar.gz
        cd apache_1.3.23
        ./configure

Get mod_ssl
        wget http://www.modssl.org/source/mod_ssl-2.8.7-1.3.23.tar.gz
        tar xvzf mod_ssl-2.8.7-1.3.23.tar.gz
        cd mod_ssl-2.8.7-1.3.23
mod_ssl/configure gets the apache/configure options
        ../configure --with-apache=/usr/src/apache_1.3.23 --with-ssl=/usr/src/openssl-0.9.6c --prefix=/usr/local/apache --enable-module=most --enable-shared=max --enable-module=ssl
        #--activate-module=src/modules/php4/libphp4.a --enable-module=php4 --enable-module=rewrite --enable-shared=rewrite

Build apache with the PHP module and mod_ssl
        cd apache-1.3.23
        make
        
        make certificate TYPE=custom
        
Then there will be asked some things about the ca certificate:

        Signature Algorithm: R
        Country Name: "yourcountry"
        State or Province: "yourstate"
        Localty Name: "yourcity"
        Organization Name: "yourorganisation"
        Organizational Unit Name: "CA"
        Common Name: "yourorganisation CA"
        Email Address: "ca@yourserver.net"
        Certificate Validity: "365"
        
        Certificate Version: 3
        
A self-signed CA certificate will now be generated. Then there will be asked some things about the server certificate:
        
        Country Name: "yourcountry"
        State or Province: "youstate"
        Localty Name: "yourcity"
        Organization Name: "yourorganisation"
        Organizational Unit Name: "Webmaster"

        
        Common Name: "www.yourserver.net"
        Email Address: "webmaster@yourserver.net"
        Certificate Validity: "365"
        
        Certificate Version: 3
        

Now the CA-private-key:
        Encrypt the private key now: y
And the Server-private-key:
        Encrypt the private key now: y
If you encrypt the Server-private-key, this password will be asked, each time you restart the server.
        
Install apache
        make install


Get a new php and prepare to install 
        cd /usr/src
        wget http://www.php.net/do_download.php?download_file=php-4.1.2.tar.gz
        tar xvzf php-4.1.2.tar.gz
        cd php-4.1.2
Check your /usr/local/apache/bin/apxs according to http://www.php.net/manual/ro/faq.build.php#AEN78334        
        ./configure --with-pgsql=/usr/src/postgresql-7.2 --with-imap=/usr/src/imap-2001a/ --with-gettext --with-mcrypt=/usr/local/lib/libmcrypt --with-openssl=/usr/src/openssl-0.9.6c/ --enable-magic-quotes --enable-ftp --enable-trackvars --with-config-file-path=/etc --with-apxs=/usr/local/apache/bin/apxs

        make
        make install
Make sure that the max attachment-size in /etc/php.ini is set to something reasonable
        upload_max_filesize = 20M



Open /usr/local/apache/conf/httpd.conf with your favorite editor and make sure that the following settings are set.
        AddModule modules/php4/libphp4.a
        
        ServerName www.yourserver.net
        
        DocumentRoot "/usr/local/apache/htdocs"
        
        DirectoryIndex index.php
        
        AddType application/x-httpd-php .php
Save and close

Update Pear (some shared php-code)      
        cd /usr/src
        ftpget ftp://ftp.horde.org/pub/horde/tarballs/pear-4.1.0.tar.bz2
        cd pear-4.1.0
        cp * /usr/local/lib/php

Get extremly latest horde/turba/imp versions from cvs
        cd /usr/local/apache/htdocs
        cvs -d anoncvs@anoncvs.uk.horde.org:/cvs co -r RELENG_2 horde
        cd horde
        cvs -d anoncvs@anoncvs.uk.horde.org:/cvs co -r RELENG_3 imp
        cvs -d anoncvs@anoncvs.uk.horde.org:/cvs co -r RELENG_1 turba

        cd config/
        for foo in *.dist; do cp $foo `basename $foo .dist`; done
        
Open horde.php with your favorite editor and set
        $conf['auth']['driver'] = 'imap';
        
        $conf['auth']['params']['dsn'] = '{www.yourserver.net/imap:143}INBOX';
        
        $conf['prefs']['driver'] = 'sql';
        
        $conf['prefs']['params']['phptype'] = 'pgsql';
        $conf['prefs']['params']['hostspec'] = 'localhost';
        $conf['prefs']['params']['username'] = 'horde';
        $conf['prefs']['params']['password'] = 'yourpgsqlpassword';
        $conf['prefs']['params']['database'] = 'horde';
        $conf['prefs']['params']['table'] = 'horde_prefs';
        
        $conf['category']['driver'] = 'none';
        
        $conf['mailer']['params'] = array('sendmail_path' => '/usr/libexec/postfix/smtp');
Save and Close.

Open lang.php with your favorite editor and set your default language
        $nls['defaults']['language'] = 'de_DE';
Save and Close.

Open registry.php with your favorite editor and comment _in_ everything about imp and turba
Change login to imp, or you'll have to login twice
        $this->registry['auth']['login'] = 'imp';
        $this->registry['auth']['logout'] = 'imp';
        
        $this->registry['mail']['compose'] = 'imp';
        $this->registry['mail']['composePopup'] = 'imp';
        
        $this->registry['contacts']['search'] = 'turba';
        $this->registry['contacts']['add'] = 'turba';
        $this->registry['contacts']['sources'] = 'turba';
        $this->registry['contacts']['fields'] = 'turba';
                
        $this->applications['imp'] = array(
            'fileroot' => dirname(__FILE__) . '/../imp',
            'webroot' => $this->applications['horde']['webroot'] . '/imp',
            'icon' => '/horde/imp/graphics/imp.gif',
            'name' => _("Mail"),
            'allow_guests' => false,
            'show' => true
        );
        
        $this->applications['turba'] = array(
            'fileroot' => dirname(__FILE__) . '/../turba',
            'webroot' => $this->applications['horde']['webroot'] . '/turba',
            'icon' => '/horde/turba/graphics/turba.gif',
            'name' => _("Addressbook"),
            'allow_guests' => false,
            'show' => true
        );


Save and Close.

        cd ../imp/config/
        for foo in *.dist; do cp $foo `basename $foo .dist`; done
        
Open registry.php with your favorite editor and add your server. Comment out everything else
        $servers['_prompt'] = array(
            'name' => 'Choose a mail server:'
        );

        $servers['yourserver'] = array(
            'name' => 'yourserver.net',
            'server' => 'localhost',
            'protocol' => 'imap',
            'port' => 143,
            'folders' => 'mail/',
            'namespace' => '',
            'maildomain' => 'yourserver.net',
            'smtphost' => 'localhost',
            'realm' => 'yourserver.net',
            'preferred' => ''
        );
        
Save and close

Open conf.php with your favorite editor
        $conf['utils']['spellchecker'] = '/usr/bin/aspell';
Save and Close  

Initiallize the db
        su postgres
        /usr/local/pgsql/bin/createuser -P -D -A horde
Enter yourpgsqlpassword from /etc/httpd/horde/conf/horde.php when asked
        /usr/local/pgsql/bin/psql -d horde -U horde -f /usr/local/apache/htdocs/horde/scripts/db/auth.sql
        /usr/local/pgsql/bin/psql -d horde -U horde -f /usr/local/apache/htdocs/horde/scripts/db/prefs.sql
        /usr/local/pgsql/bin/psql -d horde -U horde -f /usr/local/apache/htdocs/horde/scripts/db/category.sql
        logout
to start postgres, upon each reboot, let some script call
        su postgres -c"/usr/local/pgsql/bin/pg_ctl start -D /usr/local/pgsql/data &"