ผลต่างระหว่างรุ่นของ "คู่มือการพัฒนา EAI Mail Server บน CentOS 8/en"

จาก Wiki_EAI
ไปยังการนำทาง ไปยังการค้นหา
(สร้างหน้าด้วย "Manual to Develop EAI Mail Server on CentOS 8")
 
(สร้างหน้าด้วย "3. Modify /etc/aliases by adding the lines '''# vi /etc/aliases'''")
 
(ไม่แสดง 10 รุ่นระหว่างกลางโดยผู้ใช้คนเดียวกัน)
แถว 1: แถว 1:
 
<languages/>
 
<languages/>
  
<div lang="th" dir="ltr" class="mw-content-ltr">
 
 
= EAI Email Server =
 
= EAI Email Server =
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
This manual is designed to guide how to install an Email Server to send Thai email addresses or Email Address Internationalization (EAI) using Opensource Software. It could be further developed on different set of softwares.
คู่มือนี้ได้จัดทำขึ้นมาเพื่อทดสอบและเป็นแนวทางการติดตั้ง Email Server ให้สามารถรับส่ง email address ภาษาไทย หรือ Email Address Internationalization (EAI) โดยใช้ Opensource Software เพื่อหาวิธีการที่สามารถใช้งานได้ และสามารถนำไปพัฒนาต่อยอดได้
 
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
== Required Software ==
== Software ที่นำมาทดสอบ ==
 
 
# CentOS8 for Virtualbox [[https://1drv.ms/u/s!AkENbjQNPN9dy8AAKqY20RgAWj7sxw?e=TZPQxS CentOS for VirtualBox]]  
 
# CentOS8 for Virtualbox [[https://1drv.ms/u/s!AkENbjQNPN9dy8AAKqY20RgAWj7sxw?e=TZPQxS CentOS for VirtualBox]]  
 
#* user: root
 
#* user: root
 
#* pass: rooteai
 
#* pass: rooteai
 
# VirtualBox [[https://download.virtualbox.org/virtualbox/6.1.18/VirtualBox-6.1.18-142142-Win.exe Win]] [[https://download.virtualbox.org/virtualbox/6.1.18/VirtualBox-6.1.18-142142-OSX.dmg Mac]]
 
# VirtualBox [[https://download.virtualbox.org/virtualbox/6.1.18/VirtualBox-6.1.18-142142-Win.exe Win]] [[https://download.virtualbox.org/virtualbox/6.1.18/VirtualBox-6.1.18-142142-OSX.dmg Mac]]
# VirtualBox Extension Pack [[https://download.virtualbox.org/virtualbox/6.1.18/Oracle_VM_VirtualBox_Extension_Pack-6.1.18.vbox-extpack ดาวน์โหลด]]
+
# VirtualBox Extension Pack [[https://download.virtualbox.org/virtualbox/6.1.18/Oracle_VM_VirtualBox_Extension_Pack-6.1.18.vbox-extpack Download]]
 
# Filezilla [[https://dl4.cdn.filezilla-project.org/client/FileZilla_3.52.2_win64-setup.exe?h=nRlrhWw7NLjal-h8S-C__A&x=1615717392 Win]] [[https://dl4.cdn.filezilla-project.org/client/FileZilla_3.52.2_macosx-x86.app.tar.bz2?h=jSIej0fAkYK7rWgFBbsUPA&x=1615717392 Mac]]
 
# Filezilla [[https://dl4.cdn.filezilla-project.org/client/FileZilla_3.52.2_win64-setup.exe?h=nRlrhWw7NLjal-h8S-C__A&x=1615717392 Win]] [[https://dl4.cdn.filezilla-project.org/client/FileZilla_3.52.2_macosx-x86.app.tar.bz2?h=jSIej0fAkYK7rWgFBbsUPA&x=1615717392 Mac]]
# putty [[https://the.earth.li/~sgtatham/putty/latest/w64/putty-64bit-0.74-installer.msi Win]] (เฉพาะเครื่อง windows)
+
# putty [[https://the.earth.li/~sgtatham/putty/latest/w64/putty-64bit-0.74-installer.msi Win]] (for Windows)
# Postfix 3.x [[http://www.postfix.org/download.html ดาวน์โหลด]]
+
# Postfix 3.x [[http://www.postfix.org/download.html Download]]
# Dovecot 2.x [[https://www.dovecot.org/download ดาวน์โหลด]]
+
# Dovecot 2.x [[https://www.dovecot.org/download Download]]
# MariaDB 10.x [[https://downloads.mariadb.org/ ดาวน์โหลด]]
+
# MariaDB 10.x [[https://downloads.mariadb.org/ Download]]
# Roundcube 1.4.x [[https://roundcube.net/download/ ดาวน์โหลด]] [[https://github.com/roundcube/roundcubemail/releases/download/1.4.11/roundcubemail-1.4.11-complete.tar.gz tar]]
+
# Roundcube 1.4.x [[https://roundcube.net/download/ Download]] [[https://github.com/roundcube/roundcubemail/releases/download/1.4.11/roundcubemail-1.4.11-complete.tar.gz tar]]
</div>
 
  
 
<div lang="th" dir="ltr" class="mw-content-ltr">
 
<div lang="th" dir="ltr" class="mw-content-ltr">
แถว 28: แถว 22:
 
</div>
 
</div>
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
== Setting up CentOS8 for Virtualbox ==
== ขั้นตอนการติดตั้ง CentOS8 for Virtualbox ==
+
# Download and install VirtualBox and VirtualBox Extension Pack
# ดาวน์โหลดและติดตั้ง VirtualBox และ VirtualBox Extension Pack
+
# Download CentOS8 for Virtualbox (centos-eai-wokshop.ova)  
# ดาวน์โหลดไฟล์ CentOS8 for Virtualbox (centos-eai-wokshop.ova) ที่จัดเตรียมไว้ให้ตามลิงค์ด้านบน
+
# Double click at centos-eai-wokshop.ova to import into Virtualbox [https://kon.in.th/%E0%B8%A7%E0%B8%B4%E0%B8%81%E0%B8%B4/1.png]
# ดับเบิ้ลคลิ๊กที่ไฟล์ centos-eai-wokshop.ova เพื่อ import เข้าโปรแกรม Virtualbox [https://kon.in.th/%E0%B8%A7%E0%B8%B4%E0%B8%81%E0%B8%B4/1.png]
+
# After importing, double click at centos-eai-wokshop on the left menu in the VirtualBox to open the server
# หลังจาก import เสร็จเรียบร้อยแล้ว ที่โปรแกรม VirtualBox ให้ดับเบิ้ลคลิ๊กที่ centos-eai-wokshop ด้านซ้ายมือ เพื่อเปิด server
+
# If an error found, due to cannot find network, select "Change network", then click "OK"[https://kon.in.th/%E0%B8%A7%E0%B8%B4%E0%B8%81%E0%B8%B4/2.png]
# ถ้าพบข้อผิดพลาด "ไม่สามารถเริ่มการทำงานเครื่อง centos-eai-workshop เนื่องจากไม่พบแผงวงจรเครือข่าย"  
+
# login with the provided user, pass, then use command line "ifconfig" to check IP address of the machine [https://kon.in.th/%E0%B8%A7%E0%B8%B4%E0%B8%81%E0%B8%B4/3.png]
# ให้กด "เปลี่ยนการติดตั้งเครือข่าย" จะขึ้นหน้าเปลี่ยนเครือข่าย ให้กด "ตกลง" [https://kon.in.th/%E0%B8%A7%E0%B8%B4%E0%B8%81%E0%B8%B4/2.png]
+
# remember this IP address for using ssh to access our server later
# เมื่อเปิดเครื่องได้แล้ว ให้ login ด้วย user, pass ที่เตรียมไว้ให้ข้างต้น และใช้คำสั่ง "ifconfig" เพื่อตรวจสอบ IP ของเครื่อง [https://kon.in.th/%E0%B8%A7%E0%B8%B4%E0%B8%81%E0%B8%B4/3.png]
+
(for mac, must allow virtualbox to work as show in this picture [https://kon.in.th/%E0%B8%A7%E0%B8%B4%E0%B8%81%E0%B8%B4/4.png])
# ให้จด IP นี้ไว้ใช้สำหรับ ssh เข้าเครื่อง Server ของเราในการทำงาน workshop (*แต่ละเครื่องจะได้ IP แตกต่างกัน)
 
(สำหรับเครื่อง mac ต้อง allow ให้ virtualbox ทำงานได้ตามนี้ [https://kon.in.th/%E0%B8%A7%E0%B8%B4%E0%B8%81%E0%B8%B4/4.png])
 
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
==== Remarks: ====
* หมายเหตุ
+
* This manual have no explanation for installing Centos 8
: คู่มือนี้ไม่ได้อธิบายถึงการติดตั้ง Centos 8
+
* Postfix Version 3.x.x and above will support EAI
: Postfix ต้องเป็น Version 3.x.x ขึ้นไป จะรองรับ EAI
+
: In real setting, DNS server is also required
: หากจะนำไปใช้งานจริงจะต้องจดทะเบียนโดเมน และมี dns server ด้วย
 
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
= Installing EAI Email Server =
= การติดตั้ง EAI Email Server =
 
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
== 1. Setting hostname ==
== 1. ตั้งค่า hostname ==
 
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
1. Update mail server packages to the latest version
1. อัพเดตแพคเกจของ mail serverให้เป็นเวอร์ชั่นล่าสุด ด้วยคำสั่ง
 
 
  '''# yum -y update'''
 
  '''# yum -y update'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
2. Define a hostname, e.g. mail.eai.in.th with command
2. กำหนดชื่อ hostname ในตัวอย่างนี้กำหนดชื่อว่า mail.eai.in.th ด้วยคำสั่ง
 
 
  '''# hostnamectl set-hostname ''[[mail.eai.in.th]]'''''
 
  '''# hostnamectl set-hostname ''[[mail.eai.in.th]]'''''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
3. Add the defined hostname to "hosts" file
3. เพิ่มค่า hostname ชื่อเดียวกับชื่อที่กำหนดข้างต้นในไฟล์ hosts  
 
 
  '''# vi /etc/hosts'''
 
  '''# vi /etc/hosts'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
''sample of hosts file''
''ตัวอย่างไฟล์ hosts''
 
 
  127.0.0.1  localhost localhost.localdomain localhost4 localhost4.localdomain4 '''''[[mail.eai.in.th]]'''''
 
  127.0.0.1  localhost localhost.localdomain localhost4 localhost4.localdomain4 '''''[[mail.eai.in.th]]'''''
 
  ::1        localhost localhost.localdomain localhost6 localhost6.localdomain6 '''''[[mail.eai.in.th]]'''''
 
  ::1        localhost localhost.localdomain localhost6 localhost6.localdomain6 '''''[[mail.eai.in.th]]'''''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
''*Depends on the environment of CenOS installation, you may need to install additional services e.g. you may not be able to use "vi" command
''*ระวัง envelopment ของทาง partner ว่าติดตั้ง centos ในรูปแบบใดมาให้ (อาจจะต้องติดตั้ง service เพิ่ม หากติดตั้งมาแบบ minimal เช่นใช้คำสั่ง vi ไม่ได้)''
 
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
4. Install wget to download additional necessary softwares
4. ติดตั้ง wget เพื่อใช้ดาวน์โหลดซอฟแวร์ที่จำเป็นต้องใช้งานเพิ่ม
 
 
  '''# yum -y install wget'''
 
  '''# yum -y install wget'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
5. Install telnet to test email server functionality
5. ติดตั้ง telnet เพื่อทดสอบการทำงานของ email server
 
 
  '''# yum -y install telnet'''
 
  '''# yum -y install telnet'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
== 2. Setting firewall ==
== 2. ตั้งค่า firewall ==
+
1. Verify "firewalld service" status on the mail server  
1. ตรวจสอบสถานะ firewalld service บน mail server  
+
*It must be active (running)  
*ต้องมีสถานะ active (running)
 
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  '''# systemctl status firewalld'''
'''# systemctl status firewalld'''
 
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
''Sample''
''ตัวอย่าง''
 
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  '''Active: <span style='color:red'>active (running)</span> since Mon 2019-11-18 14:12:03 +07; 1h 13min ago'''
'''Active: <span style='color:red'>active (running)</span> since Mon 2019-11-18 14:12:03 +07; 1h 13min ago'''
 
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
2. Check the ''firewall zone'' and ''network interface'' that are opened
2. ตรวจสอบ firewall zone และ network interface ที่เปิดอยู่
 
 
  '''# firewall-cmd --get-active-zones'''
 
  '''# firewall-cmd --get-active-zones'''
''ตัวอย่าง''
+
''example''
 
  '''public
 
  '''public
 
  '''interfaces: ens32
 
  '''interfaces: ens32
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
3. Check services of firewall in public zone  
3. ตรวจสอบรายการ services ของ firewall ที่เปิดอยู่ที่ zone public
 
 
  '''# firewall-cmd --zone=public --list-services'''
 
  '''# firewall-cmd --zone=public --list-services'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
''sample''
''ตัวอย่าง''
 
 
  ''' cockpit dhcpv6-client ssh '''
 
  ''' cockpit dhcpv6-client ssh '''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
4. Open firewall services at public zone of mail server (open on services that needed)
4. เปิด firewall services ที่ zone public ของ mail server (สามารถเปิดเท่าต้องการได้)
 
 
  '''# firewall-cmd --permanent --zone=public --add-service={http,https,mysql,smtp,smtps,imap,imaps}
 
  '''# firewall-cmd --permanent --zone=public --add-service={http,https,mysql,smtp,smtps,imap,imaps}
 
  '''# firewall-cmd --reload
 
  '''# firewall-cmd --reload
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
5. Check services list of the firewall at the public zone again, will find the just open services
5. ตรวจสอบรายการ services ของ firewall ที่เปิดอยู่ที่ zone public อีกครั้ง จะพบ services เปิดเพิ่มขึ้นมา
 
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
 
 
''*ref: configure firewall services for mail server (https://spalinux.com/2015/06/centos-7-basic-configure-firewall-by-firewall-cmd)''
 
''*ref: configure firewall services for mail server (https://spalinux.com/2015/06/centos-7-basic-configure-firewall-by-firewall-cmd)''
 
  '''# firewall-cmd --zone=public --list-services'''
 
  '''# firewall-cmd --zone=public --list-services'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
''example''
''ตัวอย่าง''
+
  ''' cockpit dhcpv6-client <span style='color:red'>http https imap imaps mysql smtp smtps</span> ssh '''  
  ''' cockpit dhcpv6-client <span style='color:red'>http https imap imaps mysql smtp smtps</span> ssh '''
 
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
6. In this example, we open SELinux for convenience in setting up (it is not recommended for production server)
6. ในตัวอย่างนี้เราแนะนำให้ปิดการทำงานของ SELinux เพื่อความสะดวกในการตั้งค่า (ไม่แนะนำให้ทำกับเครื่อง production)
+
*change ''SELinux=enforcing'' to ''SELinux=disabled''
*เปลี่ยน SELinux=enforcing เป็น SELinux=disabled
 
 
  '''# vi /etc/selinux/config'''
 
  '''# vi /etc/selinux/config'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
''example''
''ตัวอย่าง''
 
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  '''# This file controls the state of SELinux on the system.
'''# This file controls the state of SELinux on the system.
 
 
  '''# SELINUX= can take one of these three values:
 
  '''# SELINUX= can take one of these three values:
 
  '''#      enforcing - SELinux security policy is enforced.
 
  '''#      enforcing - SELinux security policy is enforced.
แถว 169: แถว 113:
 
  '''SELINUXTYPE=targeted
 
  '''SELINUXTYPE=targeted
 
 
7. ตรวจสอบสถานะ SELinux อีกครั้ง
+
7. Check SELinux status again
* สั่ง restart server และทำการตรวจสอบ
+
* restart server and check the status
 
  '''# reboot'''
 
  '''# reboot'''
 
  '''# sestatus'''
 
  '''# sestatus'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
''example''
''ตัวอย่าง''
 
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  ''' disabled '''
''' disabled '''
 
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
== 3. Create an SSL Cert ==
== 3. สร้าง SSL Cert ==
+
*The step is for creating SSL key for using with postfix and dovecot  
*เป็นขั้นตอนการสร้าง SSL key เตรียมไว้ใช้งานกับ postfix และ dovecot  
+
1. Create a private key
1. สร้าง private key
 
 
  '''# cd /etc/pki/tls/certs
 
  '''# cd /etc/pki/tls/certs
 
  '''# /usr/bin/openssl genrsa -aes128 2048 > '''[[eai.key]]'''
 
  '''# /usr/bin/openssl genrsa -aes128 2048 > '''[[eai.key]]'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
'' example ''
'' ตัวอย่าง ''
 
 
  '''Generating RSA private key, 2048 bit long modulus
 
  '''Generating RSA private key, 2048 bit long modulus
 
  '''...
 
  '''...
แถว 199: แถว 135:
 
  '''Enter pass phrase: '''[[#set passphrase]]'''
 
  '''Enter pass phrase: '''[[#set passphrase]]'''
 
  '''Verifying - Enter pass phrase:  '''[[#confirm]]'''
 
  '''Verifying - Enter pass phrase:  '''[[#confirm]]'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
2. Remove ''Passphase'' from the created private key  
2. ถอด Passphase ออกจาก private key ที่สร้างขึ้น
 
 
  '''# /usr/bin/openssl rsa -in '''[[eai.key]]''' -out '''[[eai.key]]'''
 
  '''# /usr/bin/openssl rsa -in '''[[eai.key]]''' -out '''[[eai.key]]'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
'' example ''
'' ตัวอย่าง ''
 
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  '''Enter pass phrase for eai.key:  '''[[#input passphrase]]'''
'''Enter pass phrase for eai.key:  '''[[#input passphrase]]'''
 
 
  '''writing RSA key'''
 
  '''writing RSA key'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
3. Create csr  
3. สร้าง csr  
 
 
  '''# /usr/bin/openssl req -utf8 -new -key '''[[eai.key]]''' -out '''[[eai.csr]]'''
 
  '''# /usr/bin/openssl req -utf8 -new -key '''[[eai.key]]''' -out '''[[eai.csr]]'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
'' example ''
'' ตัวอย่าง ''
 
 
  '''You are about to be asked to enter information that will be incorporated
 
  '''You are about to be asked to enter information that will be incorporated
 
  '''into your certificate request.
 
  '''into your certificate request.
แถว 240: แถว 166:
 
  '''A challenge password []: '''[[#Enter]]'''
 
  '''A challenge password []: '''[[#Enter]]'''
 
  '''An optional company name []: '''[[#Enter]]'''
 
  '''An optional company name []: '''[[#Enter]]'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
4. Generate key
4. ทำการ generate key
 
 
  '''# /usr/bin/openssl x509 -in '''[[eai.csr]]''' -out '''[[eai.crt]]''' -req -signkey '''[[eai.key]]''' -days 365'''
 
  '''# /usr/bin/openssl x509 -in '''[[eai.csr]]''' -out '''[[eai.crt]]''' -req -signkey '''[[eai.key]]''' -days 365'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
'' example ''
'' ตัวอย่าง ''
 
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  '''Signature ok
'''Signature ok
 
 
  '''subject=/C=JP/ST=Hiroshima/L=Hiroshima/O=GTS/OU=Server World/CN=www.srv.world/emailAddress=xxx@eai.in.th
 
  '''subject=/C=JP/ST=Hiroshima/L=Hiroshima/O=GTS/OU=Server World/CN=www.srv.world/emailAddress=xxx@eai.in.th
 
  '''Getting Private key'''
 
  '''Getting Private key'''
</div>
 
  
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
== 4. Install mariadb, Postfix and Dovecot ==
== 4. ติดตั้ง mariadb, postfix, dovecot ==
+
1. Install mariadb , Postfix , Dovecot and necessary packages
1. ติดตั้ง mariadb , Postfix , Dovecot และ Packet ที่จำเป็นกับ Server
 
 
  '''# yum -y install postfix dovecot mariadb-server dovecot-mysql postfix-mysql'''
 
  '''# yum -y install postfix dovecot mariadb-server dovecot-mysql postfix-mysql'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
2. Start service of Postfix, Dovecot, MariaDB every time that the server is started
2. สั่ง start service ของ postfix, dovecot, mariadb ทุกครั้งที่เปิด Server
 
 
  '''# systemctl start postfix && systemctl start dovecot && systemctl start mariadb'''
 
  '''# systemctl start postfix && systemctl start dovecot && systemctl start mariadb'''
 
  '''# systemctl enable postfix && systemctl enable dovecot && systemctl enable mariadb'''
 
  '''# systemctl enable postfix && systemctl enable dovecot && systemctl enable mariadb'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
3. Check status of the Postfix, Dovecot, MariaDB
3. ดูสถานะการทำงานของ postfix, dovecot, maridb
 
 
  '''# systemctl status postfix'''
 
  '''# systemctl status postfix'''
 
  '''# systemctl status dovecot'''
 
  '''# systemctl status dovecot'''
 
  '''# systemctl status mariadb'''
 
  '''# systemctl status mariadb'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
== 5. Setup MariaDB ==
== 5. ตั้งค่า mariadb ==
+
1. Set UTF8 for mysql to accept Unicode by adding the following command to /etc/my.cnf.d/maridb-server.cnf under [mysqld]
1. ตั้งค่า UTF8 ให้กับ mysql เพื่อให้รองรับภาษาไทย โดยเพิ่มคำสั่งด้าล่างลงใน /etc/my.cnf.d/maridb-server.cnf ใต้ [mysqld]
 
 
  '''# vi /etc/my.cnf.d/mariadb-server.cnf'''
 
  '''# vi /etc/my.cnf.d/mariadb-server.cnf'''
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  #
#
 
 
  # These groups are read by MariaDB server.
 
  # These groups are read by MariaDB server.
 
  # Use it for options that only the server (but not clients) should see
 
  # Use it for options that only the server (but not clients) should see
แถว 335: แถว 245:
 
  # use this group for options that older servers don't understand
 
  # use this group for options that older servers don't understand
 
  [mariadb-10.3]
 
  [mariadb-10.3]
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
2. Restart MariaDB
2. สั่ง restart mariadb
 
 
  '''# systemctl restart mariadb'''
 
  '''# systemctl restart mariadb'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
3. Set security access to mysql by setup password for root user (* define only new password, skip the rest by pressing ''enter'')
3. ตั้งค่าความปลอดภัยการเข้างาน mysql โดยจะมีการตั้ง password ของ root user เพื่อ login เข้าใช้งาน (*กำหนดเพียง password ใหม่ และในส่วนอื่นๆให้ enter ผ่านได้เลย)
 
 
  '''#  mysql_secure_installation'''
 
  '''#  mysql_secure_installation'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
4. Login to mysql using the new password  
4. Login ข้าใช้งาน mysql โดยใช้ password ของ root user ที่ได้ตั้งไว้
 
 
  '''# mysql -u root -p'''
 
  '''# mysql -u root -p'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
5. Create new DB for keeping records of Email Server usage
5. สร้าง DB เพื่อใช้งานการเก็บข้อมูลของการใช้งาน Email Server
 
 
  '''# CREATE DATABASE ''[[eaimail]]'';'''
 
  '''# CREATE DATABASE ''[[eaimail]]'';'''
 
  '''# USE ''[[eaimail]]'';'''
 
  '''# USE ''[[eaimail]]'';'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
6. Create a user with grants to the eaimail database
6. สร้าง user พร้อมกำหนดสิทธิ์การใช้งานให้กับ eaimail database ที่สร้างขึ้นมา
 
 
  '''# GRANT SELECT, INSERT, UPDATE, DELETE ON eaimail.* TO ''[['yourdbuser']]''@'localhost' IDENTIFIED BY ''[['yourdbpassword']]'';
 
  '''# GRANT SELECT, INSERT, UPDATE, DELETE ON eaimail.* TO ''[['yourdbuser']]''@'localhost' IDENTIFIED BY ''[['yourdbpassword']]'';
 
  '''# GRANT SELECT, INSERT, UPDATE, DELETE ON eaimail.* TO ''[['yourdbuser']]''@'localhost.localdomain' IDENTIFIED BY ''[['yourdbpassword']]'';'''
 
  '''# GRANT SELECT, INSERT, UPDATE, DELETE ON eaimail.* TO ''[['yourdbuser']]''@'localhost.localdomain' IDENTIFIED BY ''[['yourdbpassword']]'';'''
 
  '''# FLUSH PRIVILEGES;'''
 
  '''# FLUSH PRIVILEGES;'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
7. Check the created user
7. ตรวจสอบ userที่สร้างขึ้นใหม่โดย
 
 
  '''# SHOW GRANTS FOR ''[['yourdbuser']]''@'localhost';'''
 
  '''# SHOW GRANTS FOR ''[['yourdbuser']]''@'localhost';'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
8. Create tables for ''domains'', ''forwardings'' (to forward EAI email to ASCII email address), and ''users'' for creating mailboxes
8. สร้างตารางใช้เก็บค่า domains, forwardings สำหรับ forward อีเมลภาษาไทยไปภาษาอังกฤษ, users เพื่อใช้สร้าง mailbox
 
 
  '''# CREATE TABLE domains (domain varchar(50) NOT NULL, PRIMARY KEY (domain) );'''
 
  '''# CREATE TABLE domains (domain varchar(50) NOT NULL, PRIMARY KEY (domain) );'''
 
  '''# CREATE TABLE forwardings (source varchar(80) NOT NULL, destination TEXT NOT NULL, PRIMARY KEY (source) );'''
 
  '''# CREATE TABLE forwardings (source varchar(80) NOT NULL, destination TEXT NOT NULL, PRIMARY KEY (source) );'''
 
  '''# CREATE TABLE users (email varchar(80) NOT NULL, password varchar(20) NOT NULL, PRIMARY KEY (email) );'''
 
  '''# CREATE TABLE users (email varchar(80) NOT NULL, password varchar(20) NOT NULL, PRIMARY KEY (email) );'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
9. Select DB of a mail server and define EAI and English domains and email address with passwords to start using the email server
9. เลือก DB ของ mail server และกำหนด Domain ภาษาอังกฤษ และภาษาไทย และ Email-Account ภาษาอังกฤษ) พร้อม password เพื่อเริ่มใช้งาน
 
 
  '''# INSERT INTO domains (domain) VALUES ([['eai.in.th']]);'''
 
  '''# INSERT INTO domains (domain) VALUES ([['eai.in.th']]);'''
 
  '''# INSERT INTO domains (domain) VALUES ([['อีเอไอ.ไทย']]);'''
 
  '''# INSERT INTO domains (domain) VALUES ([['อีเอไอ.ไทย']]);'''
 
  '''# INSERT INTO users (email, password) VALUES ([['thai@eai.in.th']], ENCRYPT([['thaiuserpassword']]));'''
 
  '''# INSERT INTO users (email, password) VALUES ([['thai@eai.in.th']], ENCRYPT([['thaiuserpassword']]));'''
 
  '''# INSERT INTO users (email, password) VALUES ([['ไทย@อีเอไอ.ไทย']], ENCRYPT([['thaiuserpassword']]));'''
 
  '''# INSERT INTO users (email, password) VALUES ([['ไทย@อีเอไอ.ไทย']], ENCRYPT([['thaiuserpassword']]));'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
10. Setup a forwrding rule to forward all emails to EAI email address to ASCII email address, since the server can creat mailboxes in Unicode
10. กำหนด Email ที่เข้ามายัง Email Account ภาษาไทย ให้ forward เข้า Email-Account ภาษาอังกฤษ เนื่องจากระบบไม่สามารถสร้าง mailbox เป็น ภาษาไทยได้
 
 
  '''# INSERT INTO forwardings (source,destination) VALUES ([['ไทย@อีเอไอ.ไทย']],[['thai@eai.in.th']]);'''
 
  '''# INSERT INTO forwardings (source,destination) VALUES ([['ไทย@อีเอไอ.ไทย']],[['thai@eai.in.th']]);'''
 
  '''# quit'''
 
  '''# quit'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
== 6. Setup Postfix ==
== 6. ตั้งค่า postfix ==
+
=== Create connect file between Postfix and MariaDB ===
=== สร้างไฟล์เชื่อมต่อระหว่าง postfix และ mariadb ===
+
* Create a script file to get ''domain'' value from DB
* สร้างไฟล์ script เพื่อใช้สำหรับเรียกค่า domain จาก DB
 
 
  '''# vi /etc/postfix/mysql-virtual_domains.cf'''
 
  '''# vi /etc/postfix/mysql-virtual_domains.cf'''
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  user = '''''[[yourdbuser]]'''''
user = '''''[[yourdbuser]]'''''
 
 
  password = '''''[[yourdbpassword]]'''''
 
  password = '''''[[yourdbpassword]]'''''
 
  dbname = '''''[[eaimail]]'''''
 
  dbname = '''''[[eaimail]]'''''
 
  query = SELECT domain AS virtual FROM domains WHERE domain='%s'
 
  query = SELECT domain AS virtual FROM domains WHERE domain='%s'
 
  hosts = 127.0.0.1
 
  hosts = 127.0.0.1
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Create a script file to forward emails
* สร้างไฟล์ script เพื่อใช้สำหรับ forward email
 
 
  '''# vi /etc/postfix/mysql-virtual_forwardings.cf'''
 
  '''# vi /etc/postfix/mysql-virtual_forwardings.cf'''
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  user = '''''[[yourdbuser]]'''''
user = '''''[[yourdbuser]]'''''
 
 
  password = '''''[[yourdbpassword]]'''''
 
  password = '''''[[yourdbpassword]]'''''
 
  dbname = '''''[[eaimail]]'''''
 
  dbname = '''''[[eaimail]]'''''
 
  query = SELECT destination FROM forwardings WHERE source='%s'
 
  query = SELECT destination FROM forwardings WHERE source='%s'
 
  hosts = 127.0.0.1
 
  hosts = 127.0.0.1
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Create a script file for creating mailbox and use for login  
* สร้างไฟล์ script เพื่อใช้สำหรับ สร้าง mailbox และใช้ login  
 
 
  '''# vi /etc/postfix/mysql-virtual_mailboxes.cf'''
 
  '''# vi /etc/postfix/mysql-virtual_mailboxes.cf'''
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  user = '''''[[yourdbuser]] '''''
user = '''''[[yourdbuser]] '''''
 
 
  password = '''''[[yourdbpassword]]'''''
 
  password = '''''[[yourdbpassword]]'''''
 
  dbname = '''''[[eaimail]]'''''
 
  dbname = '''''[[eaimail]]'''''
 
  query = SELECT CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') FROM users WHERE email='%s'
 
  query = SELECT CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') FROM users WHERE email='%s'
 
  hosts = 127.0.0.1
 
  hosts = 127.0.0.1
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Create a script file for forwarding all email to another SMTP server (in the case that referring to a host as an IP address)
* สร้างไฟล์ script เพื่อใช้สำหรับ ส่งต่อ email ทั้งหมด ไปยัง smtp server อื่น ซึ่งใช้ในกรณีที่ host เป็น IP Address
 
 
  '''# vi /etc/postfix/mysql-virtual_email2email.cf'''
 
  '''# vi /etc/postfix/mysql-virtual_email2email.cf'''
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  user = '''''[[yourdbuser]] '''''
user = '''''[[yourdbuser]] '''''
 
 
  password = '''''[[yourdbpassword]]'''''
 
  password = '''''[[yourdbpassword]]'''''
 
  dbname = '''''[[eaimail]]'''''
 
  dbname = '''''[[eaimail]]'''''
 
  query = SELECT email FROM users WHERE email='%s'
 
  query = SELECT email FROM users WHERE email='%s'
 
  hosts = 127.0.0.1
 
  hosts = 127.0.0.1
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Set access control right to the created script
* กำหนดสิทธิ์ให้กับ script ที่สร้างขึ้น
 
 
  '''# chmod 640 /etc/postfix/mysql-virtual_*.cf && chgrp postfix /etc/postfix/mysql-virtual_*.cf'''
 
  '''# chmod 640 /etc/postfix/mysql-virtual_*.cf && chgrp postfix /etc/postfix/mysql-virtual_*.cf'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
=== Create user vmail for reading/writing the mailbox ===
=== สร้าง user vmail สำหรับอ่าน/เขียน mailbox ===
+
* Create group for using with the mailbox  
* สร้าง group เพื่อใช้กับ mailbox  
 
 
  '''# groupadd -g 5000 vmail'''
 
  '''# groupadd -g 5000 vmail'''
 
  '''# useradd -g vmail -u 5000 vmail -d /home/vmail -m'''
 
  '''# useradd -g vmail -u 5000 vmail -d /home/vmail -m'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
=== Modify "/etc/postfix/main.cf" ===
=== แก้ไขไฟล์ "/etc/postfix/main.cf" ===
 
 
  '''# postconf "myhostname=''[[mail.eai.in.th]]'''"
 
  '''# postconf "myhostname=''[[mail.eai.in.th]]'''"
 
  '''# postconf "mydomain='''[[eai.in.th]]'''"
 
  '''# postconf "mydomain='''[[eai.in.th]]'''"
แถว 489: แถว 359:
 
  '''# postconf "proxy_read_maps=\$local_recipient_maps \$mydestination \$virtual_alias_maps \$virtual_alias_domains \$virtual_mailbox_maps \$virtual_mailbox_domains \$relay_recipient_maps \$relay_domains \$canonical_maps \$sender_canonical_maps \$recipient_canonical_maps \$relocated_maps \$transport_maps \$mynetworks"
 
  '''# postconf "proxy_read_maps=\$local_recipient_maps \$mydestination \$virtual_alias_maps \$virtual_alias_domains \$virtual_mailbox_maps \$virtual_mailbox_domains \$relay_recipient_maps \$relay_domains \$canonical_maps \$sender_canonical_maps \$recipient_canonical_maps \$relocated_maps \$transport_maps \$mynetworks"
 
  '''# postconf "smtputf8_enable=yes"
 
  '''# postconf "smtputf8_enable=yes"
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Example file
* ตัวอย่างไฟล์
 
 
  smtp_tls_security_level = may
 
  smtp_tls_security_level = may
 
  meta_directory = /etc/postfix
 
  meta_directory = /etc/postfix
แถว 520: แถว 388:
 
  proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps  
 
  proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps  
 
  $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks
 
  $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
=== Modify "/etc/postfix/master.cf" ===
=== แก้ไขไฟล์ "/etc/postfix/master.cf" ===
 
 
  '''# postconf -M smtps/inet="smtps inet n - - - - smtpd"
 
  '''# postconf -M smtps/inet="smtps inet n - - - - smtpd"
 
  '''# postconf -P "smtps/inet/syslog_name=postfix/smtps"
 
  '''# postconf -P "smtps/inet/syslog_name=postfix/smtps"
แถว 532: แถว 398:
 
  '''# postconf -P "smtps/inet/milter_macro_daemon_name=ORIGINATING"
 
  '''# postconf -P "smtps/inet/milter_macro_daemon_name=ORIGINATING"
 
  '''# postconf -vM dovecot/unix="dovecot  unix  -      n      n      -      -      pipe flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient}"
 
  '''# postconf -vM dovecot/unix="dovecot  unix  -      n      n      -      -      pipe flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient}"
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Sample file
* ตัวอย่างไฟล์
 
 
  smtps inet n - - - - smtpd
 
  smtps inet n - - - - smtpd
 
     -o syslog_name=postfix/smtps
 
     -o syslog_name=postfix/smtps
แถว 545: แถว 409:
 
  dovecot  unix  -      n      n      -      -      pipe
 
  dovecot  unix  -      n      n      -      -      pipe
 
     flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient}'''
 
     flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient}'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
 
 
*  restart postfix  
 
*  restart postfix  
 
  '''# systemctl restart postfix'''
 
  '''# systemctl restart postfix'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
== 7. Setup Dovecot ==
== 7. ตั้งค่า dovecot ==
+
=== Create a connect file between Dovecot and Mariadb ===
=== สร้างไฟล์เชื่อมต่อระหว่าง dovecot และ mariadb ===
+
* Create a script to let Dovecot to be able to use with SQL  
* สร้าง script เพื่อให้ dovecot ใช้งานกับ SQL ที่เราได้กำหนดก่อนหน้านี้
 
 
  '''# vi /etc/dovecot/dovecot-sql.conf.ext'''
 
  '''# vi /etc/dovecot/dovecot-sql.conf.ext'''
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  '''driver = mysql'''
'''driver = mysql'''
 
 
  '''connect = host=127.0.0.1 dbname=''[[eaimail]]'' user=''[[yourdbuser]]'' password=''[[yourdbpassword]]'''''
 
  '''connect = host=127.0.0.1 dbname=''[[eaimail]]'' user=''[[yourdbuser]]'' password=''[[yourdbpassword]]'''''
 
  '''default_pass_scheme = CRYPT'''
 
  '''default_pass_scheme = CRYPT'''
 
  '''password_query = SELECT email as user, password FROM users WHERE email='%u';'''
 
  '''password_query = SELECT email as user, password FROM users WHERE email='%u';'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Allow users in the Dovecot group to use
* กำหนดสิทธิ์อนุญาตให้ user ที่อยู่ใน dovecot group ใช้งาน
 
 
  '''# chmod 640 /etc/dovecot/dovecot-sql.conf.ext && chgrp dovecot /etc/dovecot/dovecot-sql.conf.ext
 
  '''# chmod 640 /etc/dovecot/dovecot-sql.conf.ext && chgrp dovecot /etc/dovecot/dovecot-sql.conf.ext
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
=== Modify "/etc/dovecot/dovecot.conf" ===
=== แก้ไขไฟล์ "/etc/dovecot/dovecot.conf" ===
+
* Backup the exisitng configuration
* Backup ค่า config เดิมไว่ก่อน
 
 
  '''# mv /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf-backup'''
 
  '''# mv /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf-backup'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Config dovecot
* ตั้งค่า config dovecot โดยสร้างไฟล์ให้ และใส่คำสั่งตามด้านล่าง
 
 
  '''# vi /etc/dovecot/dovecot.conf'''
 
  '''# vi /etc/dovecot/dovecot.conf'''
''ตัวอย่าง''
+
''example''
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  '''protocols = imap pop3 lmtp
'''protocols = imap pop3 lmtp
 
 
  '''log_timestamp = "%Y-%m-%d %H:%M:%S "
 
  '''log_timestamp = "%Y-%m-%d %H:%M:%S "
 
  '''mail_location = maildir:/home/vmail/%d/%n/Maildir
 
  '''mail_location = maildir:/home/vmail/%d/%n/Maildir
แถว 631: แถว 481:
 
  '''    args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
 
  '''    args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
 
  '''}'''
 
  '''}'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Restart Dovecot
* สั่ง restart dovecot
 
 
  '''# systemctl restart dovecot'''
 
  '''# systemctl restart dovecot'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
== 8. Test the EAI Email Server ==
== 8. ทดสอบการทำงานของ EAI Email Server ==
+
1. Test imap
1. ทดสอบ imap
 
 
  '''# telnet localhost imap'''
 
  '''# telnet localhost imap'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
2. Should get the result, the use ''quit'' to quit from telnet
2. ได้ผลตามด้านล่าง และ ใช้คำสั่ง quit เพื่ออแกจาก telnet
 
 
  '''Trying 127.0.0.1...'''
 
  '''Trying 127.0.0.1...'''
 
  '''Connected to localhost.localdomain.'''
 
  '''Connected to localhost.localdomain.'''
 
  '''Escape character is '^]'.'''
 
  '''Escape character is '^]'.'''
 
  '''+OK Dovecot ready.'''
 
  '''+OK Dovecot ready.'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
3. Modify /etc/aliases by adding the lines
3. แก้ใขไฟล์ /etc/aliases โดยเพิ่มบรรทัดตามด้านล่าง
 
 
  '''# vi /etc/aliases'''
 
  '''# vi /etc/aliases'''
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  '''mailer-daemon: postmaster'''
'''mailer-daemon: postmaster'''
 
 
  '''postmaster: root'''
 
  '''postmaster: root'''
 
  '''''[[root: postmaster@eai.in.th]]'''''
 
  '''''[[root: postmaster@eai.in.th]]'''''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
4 Update aliases and restart postfix
4 สั่ง update aliases และ restart postfix
 
 
  '''# newaliases'''
 
  '''# newaliases'''
 
  '''# systemctl restart postfix'''
 
  '''# systemctl restart postfix'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
5. Test SMTP server
5. ทดสอบ smtp server
 
 
  '''# telnet localhost 25'''
 
  '''# telnet localhost 25'''
 
  '''# ehlo localhost'''
 
  '''# ehlo localhost'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
6. Should get the following results
6. จะได้ผลลัพธ์ตามด้านล่าง
 
 
  '''250-mail.eai.in.th'''
 
  '''250-mail.eai.in.th'''
 
  '''250-PIPELINING'''
 
  '''250-PIPELINING'''
แถว 687: แถว 521:
 
  '''250-DSN'''
 
  '''250-DSN'''
 
  '''250 SMTPUTF8'''
 
  '''250 SMTPUTF8'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
7. Install ''mailx'' and test sending emails
7. ติดตั้ง mailx และทดสอบส่ง email
 
 
  '''# yum install mailx'''
 
  '''# yum install mailx'''
 
  '''# mailx thai@eai.in.th ''(ใส่ subject แล้ว enter ตามด้วยเนื้อหา และใช้ Ctrl+D เพื่อส่งออก)'''''
 
  '''# mailx thai@eai.in.th ''(ใส่ subject แล้ว enter ตามด้วยเนื้อหา และใช้ Ctrl+D เพื่อส่งออก)'''''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
8. Check the log of email sending : /var/log/maillog as following:
8. ตรวจสอบ log ของการส่ง Email : /var/log/maillog ซึ้งจะได้ผลตามด้านล่าง
 
 
  '''Nov 13 15:19:07 mail postfix/pickup[31954]: E9AB020199E5: uid=0 from=<root>'''
 
  '''Nov 13 15:19:07 mail postfix/pickup[31954]: E9AB020199E5: uid=0 from=<root>'''
 
  '''Nov 13 15:19:07 mail postfix/cleanup[1938]: E9AB020199E5: message-id=<20171113081907.E9AB020199E5@mail.eai.in.th>'''
 
  '''Nov 13 15:19:07 mail postfix/cleanup[1938]: E9AB020199E5: message-id=<20171113081907.E9AB020199E5@mail.eai.in.th>'''
แถว 702: แถว 532:
 
  '''Nov 13 15:19:08 mail postfix/pipe[1946]: E9AB020199E5: to=<tanagan@eai.in.th>, relay=dovecot, delay=0.09, delays=0.04/0.01/0/0.03, dsn=2.0.0, status=sent (delivered via dovecot service)'''
 
  '''Nov 13 15:19:08 mail postfix/pipe[1946]: E9AB020199E5: to=<tanagan@eai.in.th>, relay=dovecot, delay=0.09, delays=0.04/0.01/0/0.03, dsn=2.0.0, status=sent (delivered via dovecot service)'''
 
  '''Nov 13 15:19:08 mail postfix/qmgr[21141]: E9AB020199E5: removed'''
 
  '''Nov 13 15:19:08 mail postfix/qmgr[21141]: E9AB020199E5: removed'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
9. Check log of dovecot sedning : /home/vmail/dovecot-deliver.log should get the following results
9. ตรวจสอบ log ผลการส่งของ dovecot : /home/vmail/dovecot-deliver.log ซึ่งจะได้ผลตามด้านล่าง
 
 
  '''2017-11-13 15:19:08 lda(tanagan@eai.in.th): Info: msgid=<20171113081907.E9AB020199E5@mail.eai.in.th>: saved mail to INBOX'''
 
  '''2017-11-13 15:19:08 lda(tanagan@eai.in.th): Info: msgid=<20171113081907.E9AB020199E5@mail.eai.in.th>: saved mail to INBOX'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
10. Check the mailbox. When there are sendings and receivings emails, you will see the results
10. ตรวจสอบ mailbox เมื่อมีการรับส่ง-ส่ง Email จะสร้างขึ้นโดย dovecot ซึ่งจะได้ผลตามภาพ
 
 
  '''# cd /home/vmail/eai.in.th/thai/Maildir'''
 
  '''# cd /home/vmail/eai.in.th/thai/Maildir'''
 
  '''# find'''
 
  '''# find'''
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  '''.'''
'''.'''
 
 
  '''./dovecot-uidlist'''
 
  '''./dovecot-uidlist'''
 
  '''./cur'''
 
  '''./cur'''
แถว 724: แถว 548:
 
  '''./dovecot.index.log'''
 
  '''./dovecot.index.log'''
 
  '''./tmp'''
 
  '''./tmp'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
11. Check mailbox by using mail client, mutt, to see emaila inside the mailbox  
11. ตรวจสอบ mailbox โดยใช้ mail client คือ mutt เพื่อดู email ภายใน mailbox  
 
 
  '''# yum install mutt'''
 
  '''# yum install mutt'''
 
  '''# mutt -f .'''
 
  '''# mutt -f .'''
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
12. Test sending an EAI mails
12. ทดสอบการส่งเมลในรูปแบบ eai
 
 
  '''# telnet localhost 25'''
 
  '''# telnet localhost 25'''
 
  '''# EHLO localhost'''
 
  '''# EHLO localhost'''
แถว 742: แถว 562:
 
  '''# เทสอีเมลส์ภาษาไทย'''
 
  '''# เทสอีเมลส์ภาษาไทย'''
 
  '''# .'''
 
  '''# .'''
*ใช้เครื่องหมาย “.” เพื่อจบข้อความและส่งข้อความ
+
*Use “.” to end and sending the message
*กด Ctrl+] เพื่อออก
+
*Press Ctrl+] to quit
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
== 9. Installing Roundcube Webmail ==
== 9. ติดตั้ง roundcube webmail ==
 
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
=== Installing Apache PHP ===
=== ติดตั้ง apache php ===
 
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Install repo of php 7.4 and all to install php 7.4  
* ติดตั้ง repo ของ php 7.4 เพิ่มเติม และเปิดให้สามารถติดตั้ง php 7.4 ได้
 
 
  '''# yum -y install https://rpms.remirepo.net/enterprise/remi-release-8.rpm  
 
  '''# yum -y install https://rpms.remirepo.net/enterprise/remi-release-8.rpm  
 
  '''# yum module reset php && yum module enable php:remi-7.4 -y
 
  '''# yum module reset php && yum module enable php:remi-7.4 -y
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Install php, php library and apache web server
* ใช้คำสั่งติดตั้ง php, php library และ apache web server
 
 
  '''# yum -y install httpd php php-common php-devel php-imap php-imagick php-json php-xml php-mbstring php-pear php-pdo php-intl php-ldap php-gd php-zip php-pdo_mysql php-curl php-bz2 php-gmp
 
  '''# yum -y install httpd php php-common php-devel php-imap php-imagick php-json php-xml php-mbstring php-pear php-pdo php-intl php-ldap php-gd php-zip php-pdo_mysql php-curl php-bz2 php-gmp
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Start service apache and php and set to start automatiacally
* ใช้คำสั่ง start service apache และ php และให้เริ่มทำงานโดยอัติโนมัติทุกครั้งที่เปิดเครื่อง
 
 
  '''# systemctl start httpd && systemctl start php-fpm
 
  '''# systemctl start httpd && systemctl start php-fpm
 
  '''# ​systemctl enable httpd && systemctl enable php-fpm
 
  '''# ​systemctl enable httpd && systemctl enable php-fpm
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Check apache status
* ตรวจสอบสถานะการทำงานของ apache และ
 
 
  '''# systemctl status httpd  
 
  '''# systemctl status httpd  
 
  '''# systemctl status php-fpm
 
  '''# systemctl status php-fpm
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
=== Setup php ===
=== ตั้งค่า php ===
+
* Setup timezone
* ตั้งค่า timezone (เราจะตั้งค่าเฉพาะส่วนที่จำเป็นต่อการใช้งาน roundcube)
+
  '''# vi /etc/php.ini  
  '''# vi /etc/php.ini
 
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  [Date]
[Date]
 
 
  ; Defines the default timezone used by the date functions
 
  ; Defines the default timezone used by the date functions
 
  ; http://php.net/date.timezone  
 
  ; http://php.net/date.timezone  
 
  date.timezone = Asia/Bangkok
 
  date.timezone = Asia/Bangkok
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
=== Setup MariaBD database ===
=== ตั้งค่า mariadb database ===
+
* Create database roundcubemail with username=rcmail, password=passrc
* สร้าง database roundcubemail โดยกำหนด username=rcmail, password=passrc
 
 
  '''# mysql -u root -p
 
  '''# mysql -u root -p
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  '''# CREATE DATABASE roundcubemail CHARACTER SET utf8 COLLATE utf8_general_ci;
'''# CREATE DATABASE roundcubemail CHARACTER SET utf8 COLLATE utf8_general_ci;
 
 
  '''# GRANT ALL PRIVILEGES ON roundcubemail.* TO rcmail@localhost IDENTIFIED BY 'passrc';
 
  '''# GRANT ALL PRIVILEGES ON roundcubemail.* TO rcmail@localhost IDENTIFIED BY 'passrc';
 
  '''# FLUSH PRIVILEGES;
 
  '''# FLUSH PRIVILEGES;
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
=== Setup RoundCube ===
=== ตั้งค่า roundcube ===
 
 
  '''# cd /var/www/html/
 
  '''# cd /var/www/html/
 
  '''# wget https://github.com/roundcube/roundcubemail/releases/download/1.4.4/roundcubemail-1.4.4-complete.tar.gz
 
  '''# wget https://github.com/roundcube/roundcubemail/releases/download/1.4.4/roundcubemail-1.4.4-complete.tar.gz
แถว 810: แถว 608:
 
  '''# cp /var/www/html/roundcubemail/config/config.inc.php.sample /var/www/html/roundcubemail/config/config.inc.php
 
  '''# cp /var/www/html/roundcubemail/config/config.inc.php.sample /var/www/html/roundcubemail/config/config.inc.php
 
  '''# chown -R apache:apache /var/www/html/roundcubemail
 
  '''# chown -R apache:apache /var/www/html/roundcubemail
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
=== Create virtualhost ===
=== สร้าง virtualhost ===
 
 
  '''# vi /etc/httpd/conf.d/rcmail.conf
 
  '''# vi /etc/httpd/conf.d/rcmail.conf
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  <VirtualHost *:80>
<VirtualHost *:80>
 
 
     ServerName mail.eai.in.th
 
     ServerName mail.eai.in.th
 
     ServerAdmin webmaster@eai.in.th
 
     ServerAdmin webmaster@eai.in.th
แถว 829: แถว 623:
 
     CustomLog /var/log/httpd/mail.eai.in.th-access.log combined
 
     CustomLog /var/log/httpd/mail.eai.in.th-access.log combined
 
  </VirtualHost>
 
  </VirtualHost>
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  '''# systemctl restart httpd
'''# systemctl restart httpd
 
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Test accessing host
* ทดสอบเข้าเว็บโซต์
 
 
  '''http://mail.eai.in.th/installer/
 
  '''http://mail.eai.in.th/installer/
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Setup to access the database
* ตั้งค่าเชื่อมต่อ database
 
</div>
 
  
  <div lang="th" dir="ltr" class="mw-content-ltr">
+
  host = localhost
host = localhost
 
 
  dbname =roundcubemail
 
  dbname =roundcubemail
 
  user = rcmail
 
  user = rcmail
 
  password = passrc
 
  password = passrc
 
  db_prefix = rc_
 
  db_prefix = rc_
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Setup IMAP
* ตั้งค่า IMAP
 
 
  ssl://mail.eai.in.th  
 
  ssl://mail.eai.in.th  
  993
+
  993  
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Setup SMTP
* ตั้งค่า SMTP
 
 
  ssl://mail.eai.in.th  
 
  ssl://mail.eai.in.th  
 
  465
 
  465
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
 
 
* user, pass ของ eai email
 
* user, pass ของ eai email
 
  thai@eai.in.th และ ไทย@อีเอไอ.ไทย
 
  thai@eai.in.th และ ไทย@อีเอไอ.ไทย
 
  thaiuserpassword
 
  thaiuserpassword
</div>
 
  
<div lang="th" dir="ltr" class="mw-content-ltr">
+
* Using self-sign SSL may cause Roundcube to not able to connect to the mail server. Additional configurations are needed
* การใช้ ssl แบบ self-sign อาจจะทำให้ roundcube ไม่สามารถเชื่อมต่อ mail server ได้ แก้ปัญหาโดยการ config เพิ่มเติม ดังนี้
+
$config
 
  '''# vi /var/www/html/roundcubemail/config/defaults.inc.php
 
  '''# vi /var/www/html/roundcubemail/config/defaults.inc.php
 
  $config['imap_conn_options'] = array(
 
  $config['imap_conn_options'] = array(
แถว 886: แถว 665:
 
   ),
 
   ),
 
  );
 
  );
</div>
 
  
  
 
[[Category: EAI]]
 
[[Category: EAI]]

รุ่นแก้ไขปัจจุบันเมื่อ 17:09, 12 กรกฎาคม 2564

ภาษาอื่น ๆ:
English • ‎ไทย

EAI Email Server

This manual is designed to guide how to install an Email Server to send Thai email addresses or Email Address Internationalization (EAI) using Opensource Software. It could be further developed on different set of softwares.

Required Software

  1. CentOS8 for Virtualbox [CentOS for VirtualBox]
    • user: root
    • pass: rooteai
  2. VirtualBox [Win] [Mac]
  3. VirtualBox Extension Pack [Download]
  4. Filezilla [Win] [Mac]
  5. putty [Win] (for Windows)
  6. Postfix 3.x [Download]
  7. Dovecot 2.x [Download]
  8. MariaDB 10.x [Download]
  9. Roundcube 1.4.x [Download] [tar]
  • ข้อ 1, 2, 3, 4, 5 แนะนำให้ติดตั้งเตรียมไว้ก่อนอบรม

Setting up CentOS8 for Virtualbox

  1. Download and install VirtualBox and VirtualBox Extension Pack
  2. Download CentOS8 for Virtualbox (centos-eai-wokshop.ova)
  3. Double click at centos-eai-wokshop.ova to import into Virtualbox [1]
  4. After importing, double click at centos-eai-wokshop on the left menu in the VirtualBox to open the server
  5. If an error found, due to cannot find network, select "Change network", then click "OK"[2]
  6. login with the provided user, pass, then use command line "ifconfig" to check IP address of the machine [3]
  7. remember this IP address for using ssh to access our server later

(for mac, must allow virtualbox to work as show in this picture [4])

Remarks:

  • This manual have no explanation for installing Centos 8
  • Postfix Version 3.x.x and above will support EAI
In real setting, DNS server is also required

Installing EAI Email Server

1. Setting hostname

1. Update mail server packages to the latest version

# yum -y update

2. Define a hostname, e.g. mail.eai.in.th with command

# hostnamectl set-hostname mail.eai.in.th

3. Add the defined hostname to "hosts" file

# vi /etc/hosts

sample of hosts file

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4 mail.eai.in.th
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6 mail.eai.in.th

*Depends on the environment of CenOS installation, you may need to install additional services e.g. you may not be able to use "vi" command

4. Install wget to download additional necessary softwares

# yum -y install wget

5. Install telnet to test email server functionality

# yum -y install telnet

2. Setting firewall

1. Verify "firewalld service" status on the mail server

  • It must be active (running)
# systemctl status firewalld

Sample

Active: active (running) since Mon 2019-11-18 14:12:03 +07; 1h 13min ago

2. Check the firewall zone and network interface that are opened

# firewall-cmd --get-active-zones

example

public
interfaces: ens32

3. Check services of firewall in public zone

# firewall-cmd --zone=public --list-services

sample

 cockpit dhcpv6-client ssh 

4. Open firewall services at public zone of mail server (open on services that needed)

# firewall-cmd --permanent --zone=public --add-service={http,https,mysql,smtp,smtps,imap,imaps}
# firewall-cmd --reload

5. Check services list of the firewall at the public zone again, will find the just open services

*ref: configure firewall services for mail server (https://spalinux.com/2015/06/centos-7-basic-configure-firewall-by-firewall-cmd)

# firewall-cmd --zone=public --list-services

example

 cockpit dhcpv6-client http https imap imaps mysql smtp smtps ssh  

6. In this example, we open SELinux for convenience in setting up (it is not recommended for production server)

  • change SELinux=enforcing to SELinux=disabled
# vi /etc/selinux/config

example

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#       targeted - Targeted processes are protected,
#       mls - Multi Level Security protection.
SELINUXTYPE=targeted

7. Check SELinux status again

  • restart server and check the status
# reboot
# sestatus

example

 disabled 

3. Create an SSL Cert

  • The step is for creating SSL key for using with postfix and dovecot

1. Create a private key

# cd /etc/pki/tls/certs
# /usr/bin/openssl genrsa -aes128 2048 > eai.key

example

Generating RSA private key, 2048 bit long modulus
...
...
e is 65537 (0x10001)
Enter pass phrase: #set passphrase
Verifying - Enter pass phrase:  #confirm

2. Remove Passphase from the created private key

# /usr/bin/openssl rsa -in eai.key -out eai.key

example

Enter pass phrase for eai.key:  #input passphrase
writing RSA key

3. Create csr

# /usr/bin/openssl req -utf8 -new -key eai.key -out eai.csr

example

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:TH		#country
State or Province Name (full name) []:Bangkok		   #state
Locality Name (eg, city) [Default City]:Dusit		#city
Organization Name (eg, company) [Default Company Ltd]:EAI  	#company
Organizational Unit Name (eg, section) []:IT  	 #department
Common Name (eg, your name or your server's hostname) []:mail.eai.in.th  	 #server's FQDN
Email Address []:xxx@eai.in.th		#email address
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:		#Enter
An optional company name []:		#Enter

4. Generate key

# /usr/bin/openssl x509 -in eai.csr -out eai.crt -req -signkey eai.key -days 365

example

Signature ok
subject=/C=JP/ST=Hiroshima/L=Hiroshima/O=GTS/OU=Server World/CN=www.srv.world/emailAddress=xxx@eai.in.th
Getting Private key


4. Install mariadb, Postfix and Dovecot

1. Install mariadb , Postfix , Dovecot and necessary packages

# yum -y install postfix dovecot mariadb-server dovecot-mysql postfix-mysql

2. Start service of Postfix, Dovecot, MariaDB every time that the server is started

# systemctl start postfix && systemctl start dovecot && systemctl start mariadb
# systemctl enable postfix && systemctl enable dovecot && systemctl enable mariadb

3. Check status of the Postfix, Dovecot, MariaDB

# systemctl status postfix
# systemctl status dovecot
# systemctl status mariadb

5. Setup MariaDB

1. Set UTF8 for mysql to accept Unicode by adding the following command to /etc/my.cnf.d/maridb-server.cnf under [mysqld]

# vi /etc/my.cnf.d/mariadb-server.cnf
#
# These groups are read by MariaDB server.
# Use it for options that only the server (but not clients) should see
#
# See the examples of server my.cnf files in /usr/share/mysql/
#
# this is read by the standalone daemon and embedded servers
[server]
# this is only for the mysqld standalone daemon
# Settings user and group are ignored when systemd is used.
# If you need to run mysqld under a different user or group,
# customize your systemd unit file for mysqld/mariadb according to the
# instructions in http://fedoraproject.org/wiki/Systemd
[mysqld]
character-set-server = utf8
collation-server = utf8_general_ci
skip-character-set-client-handshake
bind-address=127.0.0.1
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mariadb/mariadb.log
pid-file=/run/mariadb/mariadb.pid
#
# * Galera-related settings
#
[galera]
# Mandatory settings
#wsrep_on=ON
#wsrep_provider=
#wsrep_cluster_address=
#binlog_format=row
#default_storage_engine=InnoDB
#innodb_autoinc_lock_mode=2
#
# Allow server to accept connections on all interfaces.
#
#bind-address=0.0.0.0
#
# Optional setting
#wsrep_slave_threads=1
#innodb_flush_log_at_trx_commit=0 
# this is only for embedded server
[embedded]
# This group is only read by MariaDB servers, not by MySQL.
# If you use the same .cnf file for MySQL and MariaDB,
# you can put MariaDB-only options here
[mariadb]
# This group is only read by MariaDB-10.3 servers.
# If you use the same .cnf file for MariaDB of different versions,
# use this group for options that older servers don't understand
[mariadb-10.3]

2. Restart MariaDB

# systemctl restart mariadb

3. Set security access to mysql by setup password for root user (* define only new password, skip the rest by pressing enter)

#  mysql_secure_installation

4. Login to mysql using the new password

# mysql -u root -p

5. Create new DB for keeping records of Email Server usage

# CREATE DATABASE eaimail;
# USE eaimail;

6. Create a user with grants to the eaimail database

# GRANT SELECT, INSERT, UPDATE, DELETE ON eaimail.* TO 'yourdbuser'@'localhost' IDENTIFIED BY 'yourdbpassword';
# GRANT SELECT, INSERT, UPDATE, DELETE ON eaimail.* TO 'yourdbuser'@'localhost.localdomain' IDENTIFIED BY 'yourdbpassword';
# FLUSH PRIVILEGES;

7. Check the created user

# SHOW GRANTS FOR 'yourdbuser'@'localhost';

8. Create tables for domains, forwardings (to forward EAI email to ASCII email address), and users for creating mailboxes

# CREATE TABLE domains (domain varchar(50) NOT NULL, PRIMARY KEY (domain) );
# CREATE TABLE forwardings (source varchar(80) NOT NULL, destination TEXT NOT NULL, PRIMARY KEY (source) );
# CREATE TABLE users (email varchar(80) NOT NULL, password varchar(20) NOT NULL, PRIMARY KEY (email) );

9. Select DB of a mail server and define EAI and English domains and email address with passwords to start using the email server

# INSERT INTO domains (domain) VALUES ('eai.in.th');
# INSERT INTO domains (domain) VALUES ('อีเอไอ.ไทย');
# INSERT INTO users (email, password) VALUES ('thai@eai.in.th', ENCRYPT('thaiuserpassword'));
# INSERT INTO users (email, password) VALUES ('ไทย@อีเอไอ.ไทย', ENCRYPT('thaiuserpassword'));

10. Setup a forwrding rule to forward all emails to EAI email address to ASCII email address, since the server can creat mailboxes in Unicode

# INSERT INTO forwardings (source,destination) VALUES ('ไทย@อีเอไอ.ไทย','thai@eai.in.th');
# quit

6. Setup Postfix

Create connect file between Postfix and MariaDB

  • Create a script file to get domain value from DB
# vi /etc/postfix/mysql-virtual_domains.cf
user = yourdbuser
password = yourdbpassword
dbname = eaimail
query = SELECT domain AS virtual FROM domains WHERE domain='%s'
hosts = 127.0.0.1
  • Create a script file to forward emails
# vi /etc/postfix/mysql-virtual_forwardings.cf
user = yourdbuser
password = yourdbpassword
dbname = eaimail
query = SELECT destination FROM forwardings WHERE source='%s'
hosts = 127.0.0.1
  • Create a script file for creating mailbox and use for login
# vi /etc/postfix/mysql-virtual_mailboxes.cf
user = yourdbuser 
password = yourdbpassword
dbname = eaimail
query = SELECT CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') FROM users WHERE email='%s'
hosts = 127.0.0.1
  • Create a script file for forwarding all email to another SMTP server (in the case that referring to a host as an IP address)
# vi /etc/postfix/mysql-virtual_email2email.cf
user = yourdbuser 
password = yourdbpassword
dbname = eaimail
query = SELECT email FROM users WHERE email='%s'
hosts = 127.0.0.1
  • Set access control right to the created script
# chmod 640 /etc/postfix/mysql-virtual_*.cf && chgrp postfix /etc/postfix/mysql-virtual_*.cf

Create user vmail for reading/writing the mailbox

  • Create group for using with the mailbox
# groupadd -g 5000 vmail
# useradd -g vmail -u 5000 vmail -d /home/vmail -m

Modify "/etc/postfix/main.cf"

# postconf "myhostname=mail.eai.in.th"
# postconf "mydomain=eai.in.th"
# postconf "myorigin=\$mydomain"
# postconf "inet_interfaces=all"
# postconf "inet_protocols=ipv4"
# postconf "mydestination=localhost, localhost.localdomain"
# postconf "mynetworks=127.0.0.1"
# postconf "readme_directory=no"
# postconf "smtpd_tls_cert_file=/etc/pki/tls/certs/eai.crt"
# postconf "smtpd_tls_key_file=/etc/pki/tls/certs/eai.key"
# postconf "shlib_directory=no"
# postconf "smtpd_sasl_auth_enable=yes"
# postconf "smtpd_sasl_type=dovecot"
# postconf "smtpd_sasl_path=private/auth"
# postconf "smtpd_sasl_authenticated_header=yes"
# postconf "broken_sasl_auth_clients=yes"
# postconf "smtpd_use_tls=yes"
# postconf "smtpd_recipient_restrictions=permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination"
# postconf "smtpd_tls_auth_only=yes"
# postconf "smtpd_tls_loglevel=1"
# postconf "virtual_mailbox_base=/home/vmail"
# postconf "virtual_mailbox_maps=proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf"
# postconf "virtual_mailbox_domains=proxy:mysql:/etc/postfix/mysql-virtual_domains.cf"
# postconf "virtual_alias_maps=proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf"
# postconf "virtual_uid_maps=static:5000"
# postconf "virtual_gid_maps=static:5000"
# postconf "virtual_alias_domains=อีเอไอ.ไทย"
# postconf "virtual_transport=dovecot"
# postconf "proxy_read_maps=\$local_recipient_maps \$mydestination \$virtual_alias_maps \$virtual_alias_domains \$virtual_mailbox_maps \$virtual_mailbox_domains \$relay_recipient_maps \$relay_domains \$canonical_maps \$sender_canonical_maps \$recipient_canonical_maps \$relocated_maps \$transport_maps \$mynetworks"
# postconf "smtputf8_enable=yes"
  • Example file
smtp_tls_security_level = may
meta_directory = /etc/postfix
shlib_directory = no
myhostname = mail.eai.in.th 
mydomain = eai.in.th 
myorigin = $mydomain 
mynetworks = 127.0.0.1
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_authenticated_header = yes
broken_sasl_auth_clients = yes
smtpd_use_tls = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_tls_auth_only = yes
smtpd_tls_loglevel = 1
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_alias_domains = อีเอไอ.ไทย
virtual_transport = dovecot
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
smtputf8_enable = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps 
$sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks

Modify "/etc/postfix/master.cf"

# postconf -M smtps/inet="smtps inet n - - - - smtpd"
# postconf -P "smtps/inet/syslog_name=postfix/smtps"
# postconf -P "smtps/inet/smtpd_tls_wrappermode=yes"
# postconf -P "smtps/inet/smtpd_sasl_auth_enable=yes"
# postconf -P "smtps/inet/smtpd_client_restrictions=permit_sasl_authenticated,reject"
# postconf -P "smtps/inet/smtpd_relay_restrictions=permit_sasl_authenticated,reject"
# postconf -P "smtps/inet/milter_macro_daemon_name=ORIGINATING"
# postconf -vM dovecot/unix="dovecot   unix  -       n       n       -       -       pipe flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient}"
  • Sample file
smtps inet n - - - - smtpd
   -o syslog_name=postfix/smtps
   -o smtpd_tls_wrappermode=yes 
   -o smtpd_sasl_auth_enable=yes 
   -o smtpd_client_restrictions=permit_sasl_authenticated,reject 
   -o smtpd_relay_restrictions=permit_sasl_authenticated,reject 
   -o milter_macro_daemon_name=ORIGINATING
dovecot   unix  -       n       n       -       -       pipe
    flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient}
  • restart postfix
# systemctl restart postfix

7. Setup Dovecot

Create a connect file between Dovecot and Mariadb

  • Create a script to let Dovecot to be able to use with SQL
# vi /etc/dovecot/dovecot-sql.conf.ext
driver = mysql
connect = host=127.0.0.1 dbname=eaimail user=yourdbuser password=yourdbpassword
default_pass_scheme = CRYPT
password_query = SELECT email as user, password FROM users WHERE email='%u';
  • Allow users in the Dovecot group to use
# chmod 640 /etc/dovecot/dovecot-sql.conf.ext && chgrp dovecot /etc/dovecot/dovecot-sql.conf.ext

Modify "/etc/dovecot/dovecot.conf"

  • Backup the exisitng configuration
# mv /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf-backup
  • Config dovecot
# vi /etc/dovecot/dovecot.conf

example

protocols = imap pop3 lmtp
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:/home/vmail/%d/%n/Maildir

ssl_cert = </etc/pki/tls/certs/eai.crt
ssl_key = </etc/pki/tls/certs/eai.key
ssl_dh_parameters_length = 2048 
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
namespace {
    type = private
    separator = .
    prefix = INBOX.
    inbox = yes
}
service auth {
    unix_listener auth-master {
        mode = 0600
        user = vmail
    }
    unix_listener /var/spool/postfix/private/auth {
        mode = 0666
        user = postfix
        group = postfix
    }
user = root
}
auth_mechanisms = plain login
service auth-worker {
    user = root
}
protocol lda {
    log_path = /home/vmail/dovecot-deliver.log
    auth_socket_path = /var/run/dovecot/auth-master
    postmaster_address = postmaster@eai.in.th
}
protocol pop3 {
    pop3_uidl_format = %08Xu%08Xv
        pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
passdb {
    driver = sql
    args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
    driver = static
    args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
}
  • Restart Dovecot
# systemctl restart dovecot

8. Test the EAI Email Server

1. Test imap

# telnet localhost imap

2. Should get the result, the use quit to quit from telnet

Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
+OK Dovecot ready.

3. Modify /etc/aliases by adding the lines

# vi /etc/aliases
mailer-daemon:	postmaster
postmaster:	root
root: postmaster@eai.in.th

4 Update aliases and restart postfix

# newaliases
# systemctl restart postfix

5. Test SMTP server

# telnet localhost 25
# ehlo localhost

6. Should get the following results

250-mail.eai.in.th
250-PIPELINING
250-SIZE 30720000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8

7. Install mailx and test sending emails

# yum install mailx
# mailx thai@eai.in.th (ใส่ subject แล้ว enter ตามด้วยเนื้อหา และใช้ Ctrl+D เพื่อส่งออก)

8. Check the log of email sending : /var/log/maillog as following:

Nov 13 15:19:07 mail postfix/pickup[31954]: E9AB020199E5: uid=0 from=<root>
Nov 13 15:19:07 mail postfix/cleanup[1938]: E9AB020199E5: message-id=<20171113081907.E9AB020199E5@mail.eai.in.th>
Nov 13 15:19:07 mail postfix/qmgr[21141]: E9AB020199E5: from=<root@eai.in.th>, size=434, nrcpt=1 (queue active)
Nov 13 15:19:08 mail postfix/pipe[1946]: E9AB020199E5: to=<tanagan@eai.in.th>, relay=dovecot, delay=0.09, delays=0.04/0.01/0/0.03, dsn=2.0.0, status=sent (delivered via dovecot service)
Nov 13 15:19:08 mail postfix/qmgr[21141]: E9AB020199E5: removed

9. Check log of dovecot sedning : /home/vmail/dovecot-deliver.log should get the following results

2017-11-13 15:19:08 lda(tanagan@eai.in.th): Info: msgid=<20171113081907.E9AB020199E5@mail.eai.in.th>: saved mail to INBOX

10. Check the mailbox. When there are sendings and receivings emails, you will see the results

# cd /home/vmail/eai.in.th/thai/Maildir
# find
.
./dovecot-uidlist
./cur
./new
./new/1285609582.P6115Q0M368794.li172-137
./dovecot.index
./dovecot.index.log
./tmp

11. Check mailbox by using mail client, mutt, to see emaila inside the mailbox

# yum install mutt
# mutt -f .

12. Test sending an EAI mails

# telnet localhost 25
# EHLO localhost
# MAIL FROM: ธนากานต์@อีเอไอ.ไทย SMTPUTF8		
# RCPT TO: ธนากานต์@คน.ไทย
# data
# Subject: eai test
# เทสอีเมลส์ภาษาไทย
# .
  • Use “.” to end and sending the message
  • Press Ctrl+] to quit

9. Installing Roundcube Webmail

Installing Apache PHP

  • Install repo of php 7.4 and all to install php 7.4
# yum -y install https://rpms.remirepo.net/enterprise/remi-release-8.rpm 
# yum module reset php && yum module enable php:remi-7.4 -y
  • Install php, php library and apache web server
# yum -y install httpd php php-common php-devel php-imap php-imagick php-json php-xml php-mbstring php-pear php-pdo php-intl php-ldap php-gd php-zip php-pdo_mysql php-curl php-bz2 php-gmp
  • Start service apache and php and set to start automatiacally
# systemctl start httpd && systemctl start php-fpm
# ​systemctl enable httpd && systemctl enable php-fpm
  • Check apache status
# systemctl status httpd 
# systemctl status php-fpm

Setup php

  • Setup timezone
# vi /etc/php.ini 
[Date]
; Defines the default timezone used by the date functions
; http://php.net/date.timezone 
date.timezone = Asia/Bangkok

Setup MariaBD database

  • Create database roundcubemail with username=rcmail, password=passrc
# mysql -u root -p
# CREATE DATABASE roundcubemail CHARACTER SET utf8 COLLATE utf8_general_ci;
# GRANT ALL PRIVILEGES ON roundcubemail.* TO rcmail@localhost IDENTIFIED BY 'passrc';
# FLUSH PRIVILEGES;

Setup RoundCube

# cd /var/www/html/
# wget https://github.com/roundcube/roundcubemail/releases/download/1.4.4/roundcubemail-1.4.4-complete.tar.gz
# tar zvfx /var/www/html/roundcubemail-1.4.4-complete.tar.gz 
# mv /var/www/html/roundcubemail-1.4.4 /var/www/html/roundcubemail
# cp /var/www/html/roundcubemail/config/config.inc.php.sample /var/www/html/roundcubemail/config/config.inc.php
# chown -R apache:apache /var/www/html/roundcubemail

Create virtualhost

# vi /etc/httpd/conf.d/rcmail.conf
<VirtualHost *:80>
    ServerName mail.eai.in.th
    ServerAdmin webmaster@eai.in.th
    DocumentRoot /var/www/html/roundcubemail
    <Directory /var/www/html/roundcubemail>
        Options -Indexes +FollowSymLinks
        AllowOverride All
    </Directory>
    ErrorLog /var/log/httpd/mail.eai.in.th-error.log
    CustomLog /var/log/httpd/mail.eai.in.th-access.log combined
</VirtualHost>
# systemctl restart httpd
  • Test accessing host
http://mail.eai.in.th/installer/
  • Setup to access the database
host = localhost
dbname =roundcubemail
user = rcmail
password = passrc
db_prefix = rc_
  • Setup IMAP
ssl://mail.eai.in.th 
993 
  • Setup SMTP
ssl://mail.eai.in.th 
465
  • user, pass ของ eai email
thai@eai.in.th และ ไทย@อีเอไอ.ไทย
thaiuserpassword
  • Using self-sign SSL may cause Roundcube to not able to connect to the mail server. Additional configurations are needed

$config

# vi /var/www/html/roundcubemail/config/defaults.inc.php
$config['imap_conn_options'] = array(
  'ssl'         => array(
     'verify_peer'      => false,
     'verify_peer_name' => false,
  ),
);
 
$config['smtp_conn_options'] = array(
  'ssl'         => array(
     'verify_peer'      => false,
     'verify_peer_name' => false,
  ),
);