Andreas F. Bobak / Catch Your Wave
OpenBSD Man:

Longer Texts:
/essays/howto/openbsd/3.0:
Installing Cyrus IMAP Server
Sendmail + Cyrus IMAP + SMTP AUTH
/essays/howto/openbsd/3.2:
Installing the Cyrus IMAP Server v2.1.11
The Blog
2003/02/15
Wiki capability Posted at 12:51#
Added wiki capability for adding blog entries to my blogging tool. It's now very easy to add
  • for
  • example
  • a
  • simple
  • list
or even tables like this:
Titel 1Titel 2
Cell 1 Cell 2
Cell 3 Cell 4
Cell 5
without the need to code HTML.
2003/02/10
Secured my VNC Posted at 11:25#
Found a neat little tool which allows easy secure tunneling between Windows and Unix machines: Zebedee. Now my VNC sessions are a little securer than just plaintext communication. Cool.
2003/02/05
VNC, finally Posted at 15:09#
I am a big VNC fan (guess why), but for some reason I never installed it on my local Windows server (yes, I have one). Lazyness? Anyway, after I could not connect to the original VNC site, I stumbled accross TightVNC (yet another VNC clone) which suites my needs more or less perfect. More, because it also offers an NT service, less, because securing the connection is not really easy? This is on the local LAN, so there is no OpenBSD/Linux/Unix firewall in between.
2003/01/29
Installing the Cyrus IMAP Server v2.1.11 Posted at 19:19#
MINI-HOWTO OpenBSD 3.2, Installing the Cyrus IMAP Server v2.1.11
----------------------------------------------------------------

Prerequisites
=============

Download the ports-tarball ports.tar.gz from your favorite server.

Extract and update ports:
<SCRIPT>
cd /usr
tar -xvzfp ~/ports.tar.gz
cvs -d anoncvs@anoncvs1.ca.openbsd.org:/cvs update -r OPENBSD_3_2 -dP
<SCRIPT>

Install the following packages (autoconf, automake):
<SCRIPT>
#=== autoconf
cd /usr/ports/develop/autoconf-new
make
make install
make clean
#=== automake
cd /usr/ports/develop/automake
make
make install
make clean
#=== OpenLDAP
cd /usr/ports/database/openldap
make
make install
cd /usr/ports/packages/i386/All/
pkg_add openldap-server-2.0.27.tgz
<SCRIPT>

Add group 'mail':
> groupadd -g 12 mail

Add user 'cyrus':
> adduser
name=cyrus, id=8, group=mail,wheel,daemon

Install BDB 4.1.25
==================
cd db-4.1.25/build_unix
../dist/configure \
	--enable-compat185 \
	--enable-dump185 \
	--enable-cxx
make
su
make install

<BEGIN NOT-TESTED>
Install OpenLDAP
================
cd openldap-2.1.12
export CFLAGS=-O2
export CPPFLAGS='-I/usr/local/BerkeleyDB.4.1/include/ -I/usr/local/include'
export LDFLAGS='-L/usr/local/BerkeleyDB.4.1/lib/ -L/usr/local/lib -L/usr/lib'
./configure \
	--enable-ipv6 \
	--enable-slapd \
	--enable-cleartext \
	--enable-crypt \
	--enable-phonetic \
	--enable-dnssrv \
	--enable-ldap \
	--enable-shell \
	--enable-passwd \
	--enable-slurpd \
	--with-tls
</END>

Install Cyrus SASL2
===================
Go to the ports directory:
> cd /usr/ports/security/cyrus-sasl2

Edit the file 'Makefile' in your favorite editor and do the following changes:
1) Change "CONFIGURE_ARGS+=" to this:
CONFIGURE_ARGS+=	--with-saslauthd="/var/sasl2" \
		--with-staticsasl \
		--with-dblib=berkeley \
		--with-bdb-libdir=/usr/local/BerkeleyDB.4.1/lib \
		--with-bdb-incdir=/usr/local/BerkeleyDB.4.1/include \
		--enable-login \
		--with-ldap \
		--disable-krb4 \
		--disable-gssapi \
		--disable-sample

2) Change "CFLAGS+=" to this:
CFLAGS+= -I/usr/include/kerberosV -I/usr/local/include

In files 'pkg/PFRAG.shared' and 'pkg/PLIST':
	- remove all lines referencing to kerberos and gssapi.

Make and install Cyrus SASL:
> make
> make install

Create saslauthd.conf:
<CAT file="etc/saslauthd.conf">
ldap_servers: ldap://10.0.1.10/
ldap_bind_dn: cn=imap,ou=Accounts,dc=domain,dc=com
ldap_bind_pw: secret
ldap_scope: sub
ldap_search_base: ou=Accounts,dc=domain,dc=com
ldap_auth_method: bind
ldap_filter: (&(uid=%u)(|(role=mailUser)(role=mailAdmin)))
</CAT>

Add this to rc.local in order to startup SASL on boot
<SCRIPT>
cat >> /etc/rc.local << EOF

# Cyrus SASL Authentication Daemon
if [ -x /usr/local/sbin/saslauthd ]; then
        echo ' saslauthd'; /usr/local/sbin/saslauthd &
fi
EOF
<SCRIPT>

Installing Cyrus IMAP Server
============================
(I don't do this part as root.)

Extract the cyrus imapd tarball:
> tar xvzf cyrus-imapd-2.1.11.tgz

As OpenBSD doesn't have a makedepend binary, make the one included in the
cyrus package:
<SCRIPT>
cd cyrus-imapd-2.1.11/makedepend
./configure
make
su
cp makedepend /usr/local/bin
exit
cd ..
<SCRIPT>

In the file imtest/imtest.c:
 - remove line 79: #ifdef HAVE_SSL
 - remove line 86: #else /* HAVE_SSL */
 - remove line 94: #endif /* HAVE_SSL */

And now to the fun part, let's configure and build the imap server:
<SCRIPT>
./configure \
	--with-openssl=/usr \
	--with-cyrus-user=cyrus \
	--with-cyrus-group=mail \
	--with-auth=unix \
	--with-notify=no \
	--with-idle=idled \
	--with-dbdir=/usr/local/BerkeleyDB.4.1 \
	--with-sasl=/usr/local \
	--disable-gssapi
make depend
make all CFLAGS=-O2
<SCRIPT>

Change to root user and install the server:
> su
> make install

NOTE: you're still root.
Add the logging to /etc/syslog.conf and create initial logfile:
<SCRIPT>
cat >> /etc/syslog.conf << EOF

# Cyrus IMAP
local6.debug     /var/log/imapd
EOF
touch /var/log/imapd
<SCRIPT>

Create Cyrus IMAP config file:
<SCRIPT>
cat > /etc/imapd.conf << EOF
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: mailadm
sasl_pwcheck_method: saslauthd
sievedir: /usr/sieve
#tls_cert_file: /var/imap/cert.pem
#tls_key_file: /var/imap/key.pem
EOF
<SCRIPT>

Create spool and other directories:
<SCRIPT>
mkdir /var/spool/imap /var/imap /var/sieve
chown cyrus.mail /var/spool/imap
chown cyrus.mail /var/imap
chmod 750 /var/imap
chown cyrus.mail /var/sieve
chmod 750 /var/sieve
<SCRIPT>

Initialize directories:
<SCRIPT>
su cyrus
tools/mkimap
exit
<SCRIPT>

Create Cyrus IMAP master daemon config file:
> cp master/conf/prefork.conf /etc/cyrus.conf

Append the following services to /etc/services:
<SCRIPT>
cat >> /etc/services << EOF
#
# Cyrus IMAP additional services
#
imsp		406/tcp
acap		674/tcp
sieve		2000/tcp
lmtp		2003/tcp
fud		4201/udp
EOF
<SCRIPT>

In order to start the Cyrus master daemon at boot time, add the 
following lines to /etc/rc.local:
<SCRIPT>
cat >> /etc/rc.local << EOF

# Cyrus IMAP master daemon
if [ -x /usr/cyrus/bin/master ]; then
	echo ' master'; /usr/cyrus/bin/master &
fi
EOF
<SCRIPT>

Create the root mailbox:
> cyradm --user mailadm --auth login localhost
IMAP Password: <enter your mailadm password here>
localhost> cm user.root
localhost> exit

Done as root:
> exit

2003/01/25
My Own Blog Posted at 22:32#
Finally made a decision on the blog tool: I wrote my own. I do like the simplicity of blosxom, but I also wanted it to be a little more flexible regarding output and input. That's the thing you're looking at right now.