Scalix mit Debian Etch
Vorbereitung
Etch Installation in XEN DomU
Ich starte mit der Installation auf einer frischen Etch-Installation unter XEN. Der Einfachheit halber benutze ich die xen-tools.
apt-get install xen-tools vi /etc/xen-tools/xen-tools.conf # # ... lvm = vg debootstrap = 1 # ## # Disk and Sizing options. ## # size = 4Gb # Disk image size. memory = 128Mb # Memory size swap = 128Mb # Swap size # noswap = 1 # Don't use swap at all for the new system. fs = ext3 # use the EXT3 filesystem for the disk image. dist = etch # Default distribution to install. image = sparse # Specify sparse vs. full disk images. dhcp = 1 # # Default kernel and ramdisk to use for the virtual servers # kernel = /boot/vmlinuz-2.6.18-4-xen-686 initrd = /boot/initrd.img-2.6.18-4-xen-686 # # The default mirror for debootstrap which can be used to install # Debian Sid, Sarge, and Etch. # mirror = http://ftp.de.debian.org/debian/ # ...
Etch-DomU Image erstellen und anschliessend starten
xen-create-image --hostname=scx vi /etc/xen/scx.cfg xm create -c /etc/xen/scx.cfg ... ethtool -K eth0 tx off vi /etc/network/interfaces # uncomment ethtool # post-up ethtool -K eth0 tx off
Zusätzliche Pakete installieren
Jetzt die notwendigen Pakete installieren:
- Apache, Sendmail
- Postgres
- Kerberos
- SASL2
- diverse Libraries
- Sun Java
- gawk, wget, elinks, ethtool, less, host
apt-get install -u apache2 sendmail sendmail-doc apt-get install -u postgresql apt-get install -u krb5-config krb5-doc krb5-user libkadm55 libkrb53 apt-get install -u saslauthd libsasl2-modules libsasl2-gssapi-mit sasl2-bin libssl0.9.7 apt-get install -u libxml2 libglib2.0-0 libstdc++2.10-glibc2.2 libstdc++5 apt-get install -u sun-java5-jre apt-get install -u gawk elinks wget w3m less ethtool host
Folgendes habe ich angepasst (siehe unten):
- Sendmail-Dual Konfiguration
- Smarthost
- Masquerading
- Amavisd-new integrieren
Ich fange mit Amavisd-new, Spamassassin und Clamav an.
Sendmail mit Amavisd-New konfigurieren
Nach der Installation muss Amavis die zentrale Spamassassin-Konfigurationsdatei etc/spamassassin/local.cf untergeschoben werden und dem Benutzer clamav die Gruppe amavis zugeordnet werden:
apt-get install -u amavisd-new clamav clamav-daemon spamassassin adduser clamav amavis mkdir ~amavis/.spamassassin ln -s /etc/spamassassin/local.cf \ ~amavis/.spamassassin/user_prefs
Die Amavisd Konfiguration wird angepasst, unter /etc/amavis/conf.d/50-user:
use strict; # # Place your configuration directives here. They will override those in # earlier files. # # See /usr/share/doc/amavisd-new/ for documentation and examples of # the directives you can use in this file # @bypass_virus_checks_maps = ( \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re); @bypass_spam_checks_maps = ( \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re); $final_virus_destiny = D_DISCARD; # (data not lost, see virus quarantine) $final_banned_destiny = D_DISCARD; # D_REJECT when front-end MTA $final_spam_destiny = D_DISCARD; $final_bad_header_destiny = D_PASS; # False-positive prone (for spam) #------------ Do not modify anything below this line ------------- 1; # insure a defined return
Amavisd Neustart:
/etc/init.d/amavis restart
Sendmail-Dual-Konfiguration
Um Amavisd-New mit Spamassassin und Clamav in sendmail zu integrieren verwende ich das Sendmail-Dual Setup (welches der Konfiguration von Exim mit Amavisd-new entspricht).
Auszug aus /usr/share/doc/amavisd-new/README.sendmail-dual.gz:
The following setup is described in this document:
............................ ............................
: sendmail instance MTA-RX : : sendmail instance MTA-TX :
: : : :
25 -----> \ (mqueue-rx) : : (mqueue) / -------> forward
587 -----> > -queue- : : -queue- ->-----+ :
^ : / | MAIL_HUB, : : | \ -------> local
| : v SMART_HOST : : ^ : delivery
msp ...........|................ ....|.......................
| ^ loopback interface
v | port 10025
loopback interf.| port 10024 |
.....|.......................|.............
: $inet_socket_port=10024 | :
: | :
: $forward_method='smtp:127.0.0.1:10025' :
: $notify_method ='smtp:127.0.0.1:10025' :
: :
: amavisd-new :
...........................................
Die Sendmail Konfiguration ist unter /etc/mail/sendmail-rx.mc und /etc/mail/sendmail-tx.mc definiert.
Sendmail-RX
/etc/mail/sendmail-rx.mc
include(`/usr/share/sendmail/cf/m4/cf.m4')dnl VERSIONID(`$Id: sendmail-rx.mc, v 8.13.8-3 2006-12-08 20:21:10 neobiker Exp $') OSTYPE(`debian')dnl DOMAIN(`debian-mta')dnl dnl # dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE undefine(`confHOST_STATUS_DIRECTORY')dnl #DAEMON_HOSTSTATS= dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE dnl # define(`confRUN_AS_USER',`smmta:smmsp')dnl DAEMON_OPTIONS(`Family=inet, Name=MTA-RX, Port=smtp, Addr=127.0.0.1')dnl FEATURE(`access_db', , `skip')dnl FEATURE(`authinfo', `hash /etc/mail/auth/client-info')dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl dnl # include(`/etc/mail/sasl/sasl.m4')dnl include(`/etc/mail/tls/starttls.m4')dnl dnl # define(`confPID_FILE', `/var/run/sendmail/mta/sendmail-rx.pid')dnl Non-default pid file define(`STATUS_FILE', `/etc/mail/stat-rx')dnl Non-default stat file define(`QUEUE_DIR', `/var/spool/mqueue-rx')dnl Non-default queue area define(`confQUEUE_SORT_ORDER',`Modification')dnl Modif or Random are reasonable dnl # dnl Match the number of queue runners (R=) to the number of amavisd-new child dnl processes ($max_servers). 2 to 7 OK, 10 is plenty, 20 is too many QUEUE_GROUP(`mqueue', `P=/var/spool/mqueue-rx, R=2, F=f')dnl dnl # FEATURE(stickyhost)dnl define(`MAIL_HUB', `esmtp:[127.0.0.1]')dnl Forward all local mail to amavisd define(`SMART_HOST', `esmtp:[127.0.0.1]')dnl Forward all other mail to amavisd define(`LOCAL_RELAY',`esmtp:[127.0.0.1]')dnl define(`confDELIVERY_MODE',`q')dnl Delivery mode: queue only (a must, define(`ESMTP_MAILER_ARGS',`TCP $h 10024')dnl To tcp port 10024 instead of 25 MODIFY_MAILER_FLAGS(`ESMTP', `+z')dnl Speak LMTP (this is optional) define(`SMTP_MAILER_MAXMSGS',`10')dnl Max no. of msgs in a single connection define(`confTO_DATAFINAL',`20m')dnl 20 minute timeout for content checking dnl # undefine(`ALIAS_FILE')dnl No aliases file, all local mail goes to MAIL_HUB define(`confFORWARD_PATH')dnl Empty search path for .forward files undefine(`UUCP_RELAY')dnl undefine(`BITNET_RELAY')dnl undefine(`DECNET_RELAY')dnl MAILER(`smtp')dnl
Sendmail-TX
/etc/mail/sendmail-tx.mc
define(`_USE_ETC_MAIL_')dnl include(`/usr/share/sendmail/cf/m4/cf.m4')dnl VERSIONID(`$Id: sendmail-tx.mc, v 8.13.8-3 2006-12-08 20:21:10 neobiker Exp $') OSTYPE(`debian')dnl DOMAIN(`debian-mta')dnl dnl # dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE undefine(`confHOST_STATUS_DIRECTORY')dnl #DAEMON_HOSTSTATS= dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE dnl # FEATURE(`no_default_msa')dnl FEATURE(`access_db', , `skip')dnl DAEMON_OPTIONS(`Family=inet, Name=MTA-TX, Port=10025, Addr=127.0.0.1')dnl dnl # include(`/etc/mail/sasl/sasl.m4')dnl include(`/etc/mail/tls/starttls.m4')dnl dnl # include(`/etc/mail/m4/dialup.m4')dnl include(`/etc/mail/m4/provider.m4')dnl dnl # dnl # Masquerading options FEATURE(`always_add_domain')dnl MASQUERADE_AS(`scx.neobiker.de')dnl FEATURE(`allmasquerade')dnl FEATURE(`masquerade_envelope')dnl dnl # define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl FEATURE(`authinfo', `hash /etc/mail/auth/client-info')dnl define(`confREFUSE_LA',999)dnl Disable the feature, limiting belongs to MTA-RX define(`confMAX_DAEMON_CHILDREN',0)dnl Disable, limiting belongs to MTA-RX FEATURE(`nocanonify')dnl Host/domain names are considered canonical define(`confSMTP_LOGIN_MSG', `$w.tx.$m Sendmail $v/$Z; $b')dnl define(`confTO_IDENT', `0')dnl Disable IDENT dnl # dnl # Default Mailer setup MAILER_DEFINITIONS MAILER(scalix)dnl MAILER(`local')dnl MAILER(`smtp')dnl
Sendmail-Smarthost
Der Smarthost wird unter /etc/mail/m4/provider.m4 eintragen (und von dort importiert):
define(`SMART_HOST', `mail.1und1.de')
Sendmail konfigurieren und starten
cp -p /var/spool/mqueue /var/spool/mqueue-rx m4 /etc/mail/hostname-rx.mc > /etc/mail/sendmail-rx.cf m4 /etc/mail/hostname-tx.mc > /etc/mail/sendmail-tx.cf /usr/sbin/sendmail -C /etc/mail/sendmail-rx.cf -L sm-mta-rx -bd -qp /usr/sbin/sendmail -C /etc/mail/sendmail-tx.cf -L sm-mta-tx -bd -q15m /usr/sbin/sendmail -Ac -L sm-msp-queue -q10m
Sendmail-Dual Initscript
Ich habe das normale Sendmail-Initscript angepasst, damit der 2.te Sendmail-Prozess (MTA-RX zus. zu MTA-TX) berücksichtigt wird. Die Anpassungen sind im wesentlichen aus den normalen Prozeduren kopiert und angepasst. Im Original werden die Variablen MTAL_XXXX verwendet, ich habe für den zusätzlichen MTA-RX Prozess diese einfach als MTAR_XXXX wo nötig ergänzt und eingefügt.
Starten wie üblich, zum Debuggen den tail Befehl verwenden, monitoring mit ps:
# tail -f /var/log/mail.info & # /etc/init.d/sendmail-dual start # ps aux|grep -v grep|grep sendmail root 5885 0.0 1.5 8344 2604 ? Ss 19:11 0:00 sendmail: MTA: accepting connections smmta 5886 0.0 1.0 8336 1764 ? S 19:11 0:00 sendmail: MTA: running queue: /var/spool/mqueue-rx root 5890 0.0 1.5 8332 2612 ? Ss 19:11 0:00 sendmail: MTA: accepting connections #
/etc/init.d/sendmail-dual (Ich habe das normale /etc/init.d/sendmail File ersetzt).
#!/bin/sh -e
#
# $Sendmail: init.d,v 8.13.8 2006-12-08 20:21:10 cowboy Exp $
#
# Sendmail rc script for Debian (/etc/init.d/sendmail)
# all the work is done by the imbedded copy of /usr/share/sendmail/sendmail
#
# Copyright (c) 2001-2005, Richard Nelson <cowboy@debian.org>.
#
# Notes (to all):
# * *** Do not edit this file *** Instead edit /etc/mail/sendmail.conf
#
# Notes (to self):
# *
#
set -e;
# set -x;
PATH=/bin:/usr/bin:/sbin:/usr/sbin;
#!/bin/sh -e
#-----------------------------------------------------------------------------
# $Sendmail: sm_helper.sh,v 8.13.8 2006-12-08 20:21:10 cowboy Exp $
#
# Copyright (c) 1998-2005 Richard Nelson. All Rights Reserved.
#
# Debian helper function script for Debian Sendmail
# Note: this file supports 8.7.6 - 9.0.0
#
# Notes (to all):
# *
#
# Notes (to self):
# * clean_queues fubar, esp wrt MSP
#
#-----------------------------------------------------------------------------
#
set -e;
DEBUG=0;
# LSB compliance (kinda)
if [ -f /lib/lsb/init-functions ]; then
. /lib/lsb/init-functions;
else
log_begin_msg() { echo "$@"; };
log_success_msg() { echo "$@"; };
log_warning_msg() { echo "$@"; };
fi;
#------------------------------------------------------------------------------
# Parameters for the sendmail daemon
# Do *NOT* touch these lines, instead, edit /etc/mail/sendmail.conf
# The _PARMS lines are listed in precedence order
#------------------------------------------------------------------------------
Get_Parameters () {
# Main configuration parameters in /etc/mail/sendmail.conf
DAEMON_MODE='Daemon';
DAEMON_PARMS='';
DAEMON_UID='root';
QUEUE_MODE="$DAEMON_MODE";
QUEUE_INTERVAL='10m';
QUEUE_PARMS='';
MSP_MODE="$QUEUE_MODE";
MSP_INTERVAL="$QUEUE_INTERVAL";
MSP_PARMS="";
MISC_PARMS='';
CRON_PARMS='';
LOG_CMDS='No';
# Secondary (non-documented) parameters in /etc/mail/sendmail.conf
# Caveat Emptor: change these at your own risk - they impact several
# disjoint pieces parts...
SENDMAIL_ROOT='/var/run/sendmail';
MTA_DAEMON='/usr/sbin/sendmail-mta';
MTA_COMMAND='/usr/sbin/sendmail-mta';
MTA_A='-Am';
MTAR_L='-L sm-mta-rx';
MTAL_L='-L sm-mta-tx';
MTAL_L_QUEUE='-L sm-mta-queue';
MTAL_L_RUNQ='-L sm-mta-runq';
MTA_ROOT="${SENDMAIL_ROOT}/mta";
MTAR_PIDFILE="${MTA_ROOT}/sendmail-rx.pid";
MTAL_PIDFILE="${MTA_ROOT}/sendmail.pid";
MTAL_SOCKET="${MTA_ROOT}/smsocket";
MTAL_CNTL="${MTA_ROOT}/smcontrol";
MTAQ_L='-L sm-que';
MTAQ_L_RUNQ='-L sm-que-runq';
MTAQ_PIDFILE="${MTA_ROOT}/queue.pid";
MTAQ_SOCKET="${MTA_ROOT}/qusocket";
MTAQ_CNTL="${MTA_ROOT}/qucontrol";
MSP_DAEMON='/usr/sbin/sendmail-msp';
MSP_COMMAND='/usr/sbin/sendmail-msp';
MSP_A='-Ac';
MSP_L='-L sm-msp';
MSP_L_QUEUE='-L sm-msp-queue';
MSP_ROOT="${SENDMAIL_ROOT}/msp";
MSP_PIDFILE="${MSP_ROOT}/sendmail.pid";
MSP_SOCKET="${MSP_ROOT}/smsocket";
MSP_CNTL="${MSP_ROOT}/smcontrol";
# Pull in any user modified variables
if [ -f /etc/mail/sendmail.conf ]; then
. /etc/mail/sendmail.conf;
fi;
# These can't be user customized
SM_Get_Parameters='yes';
PATH='/bin:/usr/bin:/sbin:/usr/sbin';
STAMP_DIR="${SENDMAIL_ROOT}/stampdir";
START_MTAR_CMD="start-stop-daemon \
--pidfile $MTAR_PIDFILE \
--exec $MTA_DAEMON \
--startas $MTA_COMMAND \
--start";
STOP_MTAR_CMD="start-stop-daemon \
--pidfile $MTAR_PIDFILE \
--name sendmail-mta \
--stop";
SIGNAL_MTAR_CMD="start-stop-daemon \
--pidfile $MTAR_PIDFILE \
--name sendmail-mta \
--stop";
START_MTAL_CMD="start-stop-daemon \
--pidfile $MTAL_PIDFILE \
--exec $MTA_DAEMON \
--startas $MTA_COMMAND \
--start";
STOP_MTAL_CMD="start-stop-daemon \
--pidfile $MTAL_PIDFILE \
--name sendmail-mta \
--stop";
SIGNAL_MTAL_CMD="start-stop-daemon \
--pidfile $MTAL_PIDFILE \
--name sendmail-mta \
--stop";
START_MTAQ_CMD="start-stop-daemon \
--pidfile $MTAQ_PIDFILE \
--make-pidfile \
--exec $MTA_DAEMON \
--startas $MTA_COMMAND \
--start";
STOP_MTAQ_CMD="start-stop-daemon \
--pidfile $MTAQ_PIDFILE \
--name sendmail-mta \
--stop";
SIGNAL_MTAQ_CMD="start-stop-daemon \
--pidfile $MTAQ_PIDFILE \
--name sendmail-mta \
--stop";
START_MSP_CMD="start-stop-daemon \
--pidfile $MSP_PIDFILE \
--exec $MSP_DAEMON \
--startas $MSP_COMMAND \
--chuid smmsp \
--start";
STOP_MSP_CMD="start-stop-daemon \
--pidfile $MSP_PIDFILE \
--name sendmail-msp \
--stop";
SIGNAL_MSP_CMD="start-stop-daemon \
--pidfile $MSP_PIDFILE \
--name sendmail-msp \
--stop";
NAME='sendmail';
FLAGS='defaults 50';
# Sanitize some keyword entries
DAEMON_MODE=$(echo "$DAEMON_MODE" | tr '[:upper:]' '[:lower:]');
QUEUE_MODE=$(echo "$QUEUE_MODE" | tr '[:upper:]' '[:lower:]');
MSP_MODE=$(echo "$MSP_MODE" | tr '[:upper:]' '[:lower:]');
# See if we can share the listener and queue-runner daemon:
# * Both must be in daemon mode
# * They must have the same (possibly empty) parameters
if [ "$DAEMON_MODE" = "daemon" \
-a \( \( "$QUEUE_MODE" = "cron" -o "$QUEUE_MODE" = "none" \) \
-o \( "$QUEUE_MODE" != "cron" \
-a "$QUEUE_MODE" != "none" \
-a "$DAEMON_PARMS" = "$QUEUE_PARMS" \
\) \
\) ]; then
SPLIT_DAEMON=0;
else
SPLIT_DAEMON=1;
fi;
# Version dependant support:
# 8.12.0+ M{TA,MSP}_A
if [ ! -f /usr/share/sendmail/cf/feature/msp.m4 ]; then
MTA_A='';
MTAL_L='';
MTAL_L_QUEUE='';
MSP_A='';
MSP_L='';
MSP_L_QUEUE='';
fi;
};
#------------------------------------------------------------------------------
#------------------------------------------------------------------------------
# enhanced sendmail startup
#------------------------------------------------------------------------------
start_mta () {
#
# Make sure /var/run/sendmail/ exists
check_dirs;
#
# If already running, don't start it...
if is_running mta; then
log_warning_msg 'MTA is already running.';
return;
fi;
#
# Check if we're going to run a daemon (and how many):
daemon_check;
#
# Mark restarted for communication betwixt here and /etc/mail/Makefile
touch $STAMP_DIR/reload;
#
if [ "$DAEMON_MODE" = "daemon" ]; then
#
# Allow Unix (local) connections betwixt MSP/MTA:
touch $MTAL_SOCKET;
#
# We can only afford to clean the MTA queues if running daemon mode,
# otherwise, there is a chance that a cronjob might still be using
# the queue... Thats also why we don't clean the MSP queues herein.
#clean_queues;
#
# cd to a safe place to stash core files...
cd $MTA_ROOT;
#
# if running in -dual config, run the receive daemon
CMD="$START_MTAR_CMD -- $MTAR_PARMS";
if [ "$LOG_CMDS" = "Yes" ]; then
logger -i -p mail.debug -- "$0 $CMD";
fi;
$CMD &
CMD="$START_MTAL_CMD -- $MTAL_PARMS";
if [ "$LOG_CMDS" = "Yes" ]; then
logger -i -p mail.debug -- "$0 $CMD";
fi;
$CMD &
#
# Update permissions on smsocket
sleep 2;
chown $DAEMON_UID:smmsp $MTAL_SOCKET;
chmod 0666 $MTAL_SOCKET;
fi;
#
# Check for split daemon mode (separate listener/queue runner)
if [ "$SPLIT_DAEMON" -eq 1 ]; then
CMD="$START_MTAQ_CMD -- $MTAQ_PARMS";
if [ "$LOG_CMDS" = "Yes" ]; then
logger -i -p mail.debug -- "$0 $CMD";
fi;
$CMD &
sleep 2;
qp=`expr "${MTAQ_PARMS}" : '.*\(-qp[0-9]*[smhdw]\)'` || true;
if [ -z "$qp" ]; then
chmod 0664 $MTAQ_PIDFILE;
else
qc=`ps --no-headers -fCsendmail \
| egrep -e 'Queue control' \
| awk '{print $2}'`;
if [ -z "$qc" ]; then
rm -f $MTAQ_PIDFILE;
else
chmod 0664 $MTAQ_PIDFILE;
printf "$qc\n$MTA_COMMAND $MTAQ_PARMS" > $MTAQ_PIDFILE;
fi;
fi;
fi;
#
# if running split service, run the client queues (just to make sure)
if check_msp; then
$MSP_COMMAND -q $MSP_A $MSP_L_QUEUE $MSP_PARMS $MISC_PARMS;
fi;
};
start_msp () {
#
# Make sure /var/run/sendmail/ exists
check_dirs;
#
# If already running, don't start it...
if is_running msp; then
log_warning_msg 'MSP is already running.';
return;
fi;
#
# Check to see if MSP mode is indeed available
if ! check_msp; then
return;
fi;
#
# Check if we're going to run a daemon:
if [ "$MSP_MODE" != 'daemon' ]; then
return;
fi;
#
# We can only afford to clean the MSP queues if running daemon mode,
# otherwise, there is a chance that a cronjob might still be using
# the queue... Thats also why we don't clean the MTA queues herein.
#clean_queues /var/spool/mqueue-client;
#
# cd to a safe place to stash core files...
cd $MSP_ROOT;
$START_MSP_CMD -- \
$MSP_A $MSP_L -q${MSP_INTERVAL} $MSP_PARMS $MISC_PARMS &
};
start_sendmail () {
start_mta;
if check_msp; then
start_msp;
fi;
};
#------------------------------------------------------------------------------
#------------------------------------------------------------------------------
# enhanced sendmail reload
#------------------------------------------------------------------------------
reload_mta () {
#
# Make sure /var/run/sendmail/ exists
check_dirs;
#
# reload (signal -HUP) is *much* better/faster than stop/start
#
# Mark restarted for communication betwixt here and /etc/mail/Makefile
touch $STAMP_DIR/reload;
#
# If not running, just start it...
if ! is_running mta; then
start_mta;
fi;
#
# Is running, must signal it...
$SIGNAL_MTAL_CMD --signal HUP --oknodo --quiet || true;
sleep 2;
chown $DAEMON_UID:smmta $MTAL_SOCKET;
chmod 0666 $MTAL_SOCKET;
$SIGNAL_MTAR_CMD --signal HUP --oknodo --quiet || true;
#
# Check for split daemon mode (separate listener/queue runner)
if [ "$SPLIT_DAEMON" -eq 1 ]; then
$SIGNAL_MTAQ_CMD --signal HUP --oknodo --quiet || true;
fi;
};
reload_msp () {
#
# Make sure /var/run/sendmail/ exists
check_dirs;
#
# reload (signal -HUP) is *much* better/faster than stop/start
#
# If not running, just start it...
if ! is_running msp; then
start_msp;
fi;
#
# Is running, must signal it...
$SIGNAL_MSP_CMD --signal HUP --oknodo --quiet || true;
};
reload_sendmail () {
reload_mta;
if check_msp; then
reload_msp;
fi;
};
#------------------------------------------------------------------------------
#------------------------------------------------------------------------------
# enhanced sendmail shutdown
#------------------------------------------------------------------------------
stop_mta () {
local cnt;
stopped=0;
#
# Make sure /var/run/sendmail/ exists
check_dirs;
#
# If not running, don't stop it...
#if ! is_running mta; then
# return;
# fi;
#
# Is running, must stop it...
$STOP_MTAR_CMD --signal TERM --quiet --oknodo > /dev/null;
$STOP_MTAL_CMD --signal TERM --quiet --oknodo > /dev/null;
#
# Now we have to wait until sendmail has _really_ stopped.
#
sleep 2;
if $STOP_MTAL_CMD --signal TERM --quiet > /dev/null; then
echo -n ' Waiting .';
cnt=0;
while $STOP_MTAL_CMD --signal TERM --quiet > /dev/null; do
cnt=`expr $cnt + 1`;
if [ $cnt -gt 60 ]; then
#
# Waited 120 seconds now. Fail.
#
echo -n ' Failed ';
stopped=1;
break;
fi;
sleep 2;
echo -n '.';
done;
echo -n ' Done ';
fi;
# Remove pidfile if stopped
if ! $STOP_MTAL_CMD --signal TERM --quiet > /dev/null; then
rm -f "$MTAL_PIDFILE";
fi
#
# Now we have to wait until sendmail has _really_ stopped.
#
if $STOP_MTAR_CMD --signal TERM --quiet > /dev/null; then
echo -n ' Waiting .';
cnt=0;
while $STOP_MTAR_CMD --signal TERM --quiet > /dev/null; do
cnt=`expr $cnt + 1`;
if [ $cnt -gt 60 ]; then
#
# Waited 120 seconds now. Fail.
#
echo -n ' Failed ';
stopped=1;
break;
fi;
sleep 2;
echo -n '.';
done;
echo -n ' Done ';
fi;
# Remove pidfile if stopped
if ! $STOP_MTAR_CMD --signal TERM --quiet > /dev/null; then
rm -f "$MTAR_PIDFILE";
fi
};
stop_queue () {
local cnt;
stopped=0;
#
# Make sure /var/run/sendmail/ exists
check_dirs;
#
# If not running, don't stop it...
if ! is_running queue; then
return;
fi;
#
# Is running, must stop it...
$STOP_MTAQ_CMD --signal TERM --quiet --oknodo > /dev/null;
#
# Now we have to wait until sendmail has _really_ stopped.
#
sleep 2;
if $STOP_MTAQ_CMD --signal TERM --quiet > /dev/null; then
echo -n ' Waiting .';
cnt=0;
while $STOP_MTAQ_CMD --signal TERM --quiet > /dev/null; do
cnt=`expr $cnt + 1`;
if [ $cnt -gt 60 ]; then
#
# Waited 120 seconds now. Fail.
#
echo -n ' Failed ';
stopped=1;
break;
fi;
sleep 2;
echo -n '.';
done;
echo -n ' Done ';
fi;
# Remove pidfile iff stopped
if ! $STOP_MTAQ_CMD --signal TERM --quiet > /dev/null; then
rm -f "$MTAQ_PIDFILE";
fi
};
stop_msp () {
local cnt;
stopped=0;
#
# Make sure /var/run/sendmail/ exists
check_dirs;
#
# If not running, don't stop it...
if ! is_running msp; then
return;
fi;
#
# Is running, must stop it...
$STOP_MSP_CMD --signal TERM --quiet --oknodo > /dev/null;
#
# Now we have to wait until sendmail has _really_ stopped.
#
sleep 2;
if $STOP_MSP_CMD --signal TERM --quiet > /dev/null; then
echo -n 'Waiting .';
cnt=0;
while $STOP_MSP_CMD --signal TERM --quiet > /dev/null; do
cnt=`expr $cnt + 1`;
if [ $cnt -gt 60 ]; then
#
# Waited 120 seconds now. Fail.
#
echo -n ' Failed ';
stopped=1;
break;
fi;
sleep 2;
echo -n '.';
done;
echo -n ' Done ';
fi;
# Remove pidfile iff stopped
if ! $STOP_MSP_CMD --signal TERM --quiet > /dev/null; then
rm -f "$MSP_PIDFILE";
fi;
};
stop_sendmail () {
if check_msp; then
stop_msp;
fi;
stop_mta;
stop_queue;
};
#------------------------------------------------------------------------------
#------------------------------------------------------------------------------
# Check to see if sendmail is running
#------------------------------------------------------------------------------
is_running () {
local result;
result=1;
#
# Make sure /var/run/sendmail/ exists
check_dirs;
#
# Determine proper pidfile to check
who=$(echo "$1" | tr '[:upper:]' '[:lower:]');
case $who in
mta)
PIDFILE="$MTAL_PIDFILE";
PIDFILE2="$MTAR_PIDFILE";
;;
queue)
PIDFILE="$MTAQ_PIDFILE";
;;
msp)
PIDFILE="$MSP_PIDFILE";
;;
*)
PIDFILE="$1";
;;
esac;
#
# If no pidfile, not running
# Extract pid/command and see if still running
# Remove pidfile if app didn't
# Also remove any control sockets
for PIDFILE in $PIDFILE $PIDFILE2; do
if [ -s $PIDFILE ]; then
PID=`head -n 1 $PIDFILE 2>/dev/null`;
COMMAND=`tail -n 1 $PIDFILE`;
if [ ! -z "`ps --no-heading $PID`" ]; then
result=0;
else
rm -f $PIDFILE;
case $who in
mta)
rm -f $MTAL_SOCKET $MTAL_CNTL;
;;
queue)
rm -f $MTAQ_SOCKET $MTAQ_CNTL;
;;
msp)
rm -f $MSP_SOCKET $MSP_CNTL;
esac;
fi;
fi;
done
return $result;
};
#------------------------------------------------------------------------------
#------------------------------------------------------------------------------
# Check to see if running split service (MTA, MSP)
# Must be at 8.12.0+ for this support
#------------------------------------------------------------------------------
check_msp () {
local result;
result=1;
if [ ! -f /usr/share/sendmail/cf/feature/msp.m4 ]; then
result=1;
elif [ -s /etc/mail/submit.cf ] \
&& [ -s /etc/mail/submit.mc ]; then
if grep -qEe "^[[:space:]]*\`?FEATURE\([[:space:]]*\`?msp" \
/etc/mail/submit.mc; then
result=0;
fi;
fi;
return $result;
};
#------------------------------------------------------------------------------
#------------------------------------------------------------------------------
# Miscellaneous sendmail command support for MSP/MTA split
# mailstats, mailq, runq
#------------------------------------------------------------------------------
newaliases () {
#
# Obtain parameters IFF needed
if [ -z "$SM_Get_Parameters" ]; then
Get_Parameters;
fi;
#
$MTA_COMMAND $MTA_A -bi $*;
};
hoststat () {
#
# Obtain parameters IFF needed
if [ -z "$SM_Get_Parameters" ]; then
Get_Parameters;
fi;
#
$MTA_COMMAND $MTA_A -bh $*;
};
purgestat () {
local parms;
parms=$(echo "$1" | tr '[:upper:]' '[:lower:]');
case $parms in
n*) # Now
parms='-O Timeout.hoststatus=1s';
shift;
;;
*)
parms='';
;;
esac;
#
# Obtain parameters IFF needed
if [ -z "$SM_Get_Parameters" ]; then
Get_Parameters;
fi;
#
$MTA_COMMAND $MTA_A -bH $parms $*;
};
mailstats () {
#
# Obtain parameters IFF needed
if [ -z "$SM_Get_Parameters" ]; then
Get_Parameters;
fi;
#
#if running split service, show the client status first
if check_msp; then
echo 'MSP statistics...';
#check if we have a status file for the MSP
statusfile=$(grep -Ee '^O StatusFile=/.*' \
/etc/mail/submit.cf | cut -d= -f2);
if [ -n $statusfile ]; then
/usr/lib/sm.bin/mailstats -C \
/etc/mail/submit.cf $* || true;
fi;
echo 'MTA statistics...';
fi;
#check if we have a status file for the MTA
statusfile=$(grep -Ee '^O StatusFile=/.*' \
/etc/mail/sendmail.cf | cut -d= -f2);
if [ -n $statusfile ]; then
/usr/lib/sm.bin/mailstats $* || true;
fi;
};
mailq () {
#
# Obtain parameters IFF needed
if [ -z "$SM_Get_Parameters" ]; then
Get_Parameters;
fi;
#
# if running split service, show the client queues first
if check_msp; then
echo 'MSP Queue status...';
#
# Check to see if shared memory is in use (8.12.0+)
if grep -qEe "^[[:space:]]*\`?define\(\`?confSHAREDMEMORYKEY'?[[:space:]]*,[[:space:]]*\`?0*[1-9]+[0-9]*'?[[:space:]]*\)" \
/etc/mail/submit.mc; then
$MSP_COMMAND -bP || true;
fi;
$MSP_COMMAND -bp $MSP_A $MISC_PARMS $* || true;
echo 'MTA Queue status...';
fi;
#
# Check to see if shared memory is in use (8.12.0+)
if grep -qEe "^[[:space:]]*\`?define\(\`?confSHAREDMEMORYKEY'?[[:space:]]*,[[:space:]]*\`?0*[1-9]+[0-9]*'?[[:space:]]*\)" \
/etc/mail/sendmail.mc; then
$MTA_COMMAND -bP || true;
fi;
$MTA_COMMAND -bp $MTA_A $MISC_PARMS $* || true;
};
runq () {
#
# Obtain parameters IFF needed
if [ -z "$SM_Get_Parameters" ]; then
Get_Parameters;
fi;
#
# if running split service, run the client queues first
if check_msp; then
echo 'Running the MSP queue...';
$MSP_COMMAND -q $MSP_A \
$MSP_L_QUEUE $MSP_PARMS $MISC_PARMS $* || true;
echo 'Running the MTA queues...';
fi;
if [ "$SPLIT_DAEMON" -eq 0 ]; then
$MTA_COMMAND -q $MTA_A \
$MTAL_L_RUNQ $QUEUE_PARMS $MISC_PARMS $* || true;
else
$MTA_COMMAND -q $MTA_A \
$MTAQ_L_RUNQ $QUEUE_PARMS $MISC_PARMS $* || true;
fi;
};
control () {
#
# Obtain parameters IFF needed
if [ -z "$SM_Get_Parameters" ]; then
Get_Parameters;
fi;
local parms;
parms="$*";
if [ -z "$parms" ]; then
parms='help';
fi;
if is_running mta; then
/usr/share/sendmail/smcontrol.pl $parms;
else
echo 'MTA: is not running';
fi;
};
#------------------------------------------------------------------------------
#------------------------------------------------------------------------------
# Print status of running job(s)
#------------------------------------------------------------------------------
status () {
#
# Make sure /var/run/sendmail/ exists
check_dirs;
#
# Obtain parameters IFF needed
if [ -z "$SM_Get_Parameters" ]; then
Get_Parameters;
fi;
#
# if running split service, check the client status first
if check_msp; then
if is_running msp; then
echo "MSP: $PID $COMMAND";
ps -fwp $PID;
if [ -S ${MSP_CNTL} ]; then
/usr/share/sendmail/smcontrol.pl \
-f ${MSP_CNTL} status || true;
fi;
elif [ $MSP_MODE = 'cron' ]; then
echo "MSP: is run via cron ($MSP_INTERVAL)";
elif [ $MSP_MODE = 'none' ]; then
echo 'MSP: is disabled';
else
echo 'MSP: is not running';
fi;
fi;
#
# Check MTA listener
if is_running mta; then
echo "MTA: $PID $COMMAND";
ps -fwp $PID;
if [ -S ${MTAL_CNTL} ]; then
/usr/share/sendmail/smcontrol.pl \
-f ${MTAL_CNTL} status || true;
fi;
elif [ $DAEMON_MODE = 'inetd' ]; then
echo 'MTA: is run via inetd';
elif [ $DAEMON_MODE = 'none' ]; then
echo 'MTA: is disabled';
else
echo 'MTA: is not running';
fi;
#
# Check for split daemon mode (separate listener/queue runner)
if is_running queue; then
echo "QUE: $PID $COMMAND";
ps -fwp $PID;
if [ -S ${MTAQ_CNTL} ]; then
/usr/share/sendmail/smcontrol.pl \
-f ${MTAQ_CNTL} status || true;
fi;
elif [ $QUEUE_MODE = 'cron' ]; then
echo "QUE: is run via cron ($QUEUE_INTERVAL)";
elif [ $QUEUE_MODE = 'none' ]; then
echo 'QUE: is disabled';
elif [ "$SPLIT_DAEMON" -eq 0 ]; then
echo "QUE: Same as MTA";
else
echo 'QUE: is not running';
fi;
};
#------------------------------------------------------------------------------
#------------------------------------------------------------------------------
# Cronjob handling
#------------------------------------------------------------------------------
cron_mta () {
#
# Make sure /var/run/sendmail/ exists
check_dirs;
#
# Obtain parameters IFF needed
if [ -z "$SM_Get_Parameters" ]; then
Get_Parameters;
fi;
#
# If cron not needed, don't do queue running (though it wouldn't hurt)
if [ $QUEUE_MODE = 'cron' ]; then
#
# If running a split (MTA/MSP) setup, we need to make sure that
# messages not immediately accepted by the MTA get delivered.
# Only run the MSP queue if MSP_MODE=none
if check_msp; then
if [ $MSP_MODE = 'none' ]; then
# Make sure only *ONE* cronjob at a time
if [ ! -f $STAMP_DIR/cron_msp ]; then
touch $STAMP_DIR/cron_msp;
#clean_queues /var/spool/mqueue-client;
$MSP_COMMAND -qf $MSP_A $MSP_L_QUEUE \
$MSP_PARMS $MISC_PARMS \
$CRON_PARMS || true;
rm -f $STAMP_DIR/cron_msp;
fi;
fi;
fi;
# Make sure only *ONE* cronjob at a time
if [ ! -f $STAMP_DIR/cron_mta ]; then
touch $STAMP_DIR/cron_mta;
$MTA_COMMAND -qf $MTA_A $MTAL_L_QUEUE \
$QUEUE_PARMS $MISC_PARMS $CRON_PARMS || true;
rm -f $STAMP_DIR/cron_mta;
fi;
fi;
};
cron_msp () {
#
# Make sure /var/run/sendmail/ exists
check_dirs;
#
# Obtain parameters IFF needed
if [ -z "$SM_Get_Parameters" ]; then
Get_Parameters;
fi;
#
# If cron not needed, don't do queue running (though it wouldn't hurt)
if [ $MSP_MODE = 'cron' ]; then
#
# If running a split (MTA/MSP) setup, we need to make sure that
# messages not immediately accepted by the MTA get delivered.
if check_msp; then
# Make sure only *ONE* cronjob at a time
if [ ! -f $STAMP_DIR/cron_msp ]; then
touch $STAMP_DIR/cron_msp;
#clean_queues /var/spool/mqueue-client;
$MSP_COMMAND -qf $MSP_A $MSP_L_QUEUE \
$MSP_PARMS $MISC_PARMS \
$CRON_PARMS || true;
rm -f $STAMP_DIR/cron_msp;
fi;
fi;
fi;
};
#------------------------------------------------------------------------------
#------------------------------------------------------------------------------
# Determine how to run sendmail mta daemon
# * No daemon
# * As listener
# * As queue runner
# * As both listener and queue runner
#------------------------------------------------------------------------------
daemon_check () {
local run_daemon;
#
# Skip daemon run for the following:
# * sendmail hasn't been configured
# * DAEMON_MODE = (none | inet) & QUEUE_MODE = (none | cron)
if [ ! -s /etc/mail/sendmail.cf ] || \
[ ! -s /etc/mail/sendmail.mc ]; then
echo 'sendmail has not been configured, not started.';
echo 'To configure sendmail, type sendmailconfig';
exit 1;
fi;
MTAR_PARMS="-C/etc/mail/sendmail-rx.cf $MTAR_L";
MTAL_PARMS="-C/etc/mail/sendmail-tx.cf $MTAL_L";
MTAQ_PARMS="$MTA_A $MTAQ_L";
run_daemon=3;
case "$DAEMON_MODE" in
none* | \
inetd*)
run_daemon=`expr $run_daemon - 1`;
;;
daemon* | \
*)
MTAL_PARMS="$MTAL_PARMS -bd $DAEMON_PARMS";
MTAR_PARMS="$MTAR_PARMS -bd $DAEMON_PARMS";
;;
esac;
case "$QUEUE_MODE" in
none* | \
cron*)
run_daemon=`expr $run_daemon - 1`;
;;
daemon* | \
*)
# Check for split daemon mode (separate listener/queue runner)
if [ $SPLIT_DAEMON -eq 0 ]; then
if [ ! -z "$QUEUE_INTERVAL" ]; then
MTAL_PARMS="$MTAL_PARMS -q${QUEUE_INTERVAL}";
MTAR_PARMS="$MTAR_PARMS -qp";
fi;
MTAL_PARMS="$MTAL_PARMS $QUEUE_PARMS";
MTAR_PARMS="$MTAR_PARMS $QUEUE_PARMS";
else
if [ ! -z "$QUEUE_INTERVAL" ]; then
MTAQ_PARMS="$MTAQ_PARMS -q${QUEUE_INTERVAL}";
fi;
MTAQ_PARMS="$MTAQ_PARMS $QUEUE_PARMS";
fi;
;;
esac;
# Add any miscellanous (ie debugging) parameters
MTAR_PARMS="$MTAR_PARMS $MISC_PARMS";
MTAL_PARMS="$MTAL_PARMS $MISC_PARMS";
MTAQ_PARMS="$MTAQ_PARMS $MISC_PARMS";
# Add PidFile override for MTA queue runner
MTAQ_PARMS="$MTAQ_PARMS -O PidFile=$MTAQ_PIDFILE";
MTAQ_PARMS="$MTAQ_PARMS -O ControlSocketName=$MTAQ_CNTL";
if [ $run_daemon -lt 2 ]; then
echo 'sendmail listen/queue daemon not desired.';
exit 0;
fi;
};
#------------------------------------------------------------------------------
#------------------------------------------------------------------------------
# Clean sendmail queues (somewhat): does *not* support split qf/df/xf dirs.
# NOTE: This whole thing sucks with queue-groups, need to redo it!!!
# NOTE: Check for race conditions betwixt this code and queue-runners
#------------------------------------------------------------------------------
clean_queues () {
local QUEUE_ROOT QUEUE QUIET
# Obtain queue root directory
if [ -z "$1" ]; then
QUEUE_ROOT=/var/spool/mqueue
QUEUE=/var/spool/mqueue
QUIET=''
else
QUEUE_ROOT="$1"
QUEUE="$1"
QUIET='1'
fi
# remove lock files left because of kill/crash
# rm -f $QUEUE/[lnx]f* doesn't work with a plethora of files ;-(
for i in A B C D E F G H I J K L M N O P Q R S T U V W X Y Z \
a b c d e f g h i j k l m n o p q r s t u v w x y z; do
rm -f $QUEUE/[lnx]f${i}*
done
# remove zero length qf files
#for qffile in $QUEUE/qf*; do
for qffile in $(find $QUEUE_ROOT -type f -name 'qf*'); do
if [ -r "$qffile" ] && [ ! -s "$qffile" ]; then
if [ ! -z "$QUIET" ]; then
echo -n "<zero: $qffile> "; fi
rm -f "$qffile"
fi
done
# rename tf files to be qf if the qf does not exist
for tffile in $QUEUE/tf*; do
qffile=`echo "$tffile" | sed 's/\/tf\([[:alnum:]]*\)$/\/qf\1/'`
if [ -r "$tffile" ] && [ ! -f "$qffile" ]; then
if [ ! -z "$QUIET" ]; then
echo -n "<recovering: $tffile> "; fi
mv "$tffile" "$qffile"
elif [ -f "$tffile" ]; then
echo -n "<extra: $tffile> "
rm -f "$tffile"
fi
done
# remove df files with no corresponding qf files
for dffile in $QUEUE/df*; do
qffile=`echo "$dffile" | sed 's/\/df\([[:alnum:]]*\)$/\/qf\1/'`
Dffile=`echo "$dffile" | sed 's/\/df\([[:alnum:]]*\)$/\/Df\1/'`
if [ -r "$dffile" ] && [ ! -f "$qffile" ]; then
if [ ! -s "$dffile" ]; then
rm -f "$dffile"
else
if [ ! -z "$QUIET" ]; then
echo -n "<incomplete: $dffile> "; fi
mv "$dffile" "$Dffile";
fi
fi
done
# announce files that have been saved during disaster recovery
for xffile in $QUEUE/[A-Z]f*; do
if [ -f "$xffile" ]; then
if [ ! -z "$QUIET" ]; then
echo -n "<panic: $xffile> "; fi
fi
done
}
#------------------------------------------------------------------------------
#------------------------------------------------------------------------------
# check_dirs: Make sure /var/run/sendmail/{mta,msp,stampdir} exist
#------------------------------------------------------------------------------
check_dirs () {
if [ ! -d "${SENDMAIL_ROOT}" ]; then
mkdir -p "${SENDMAIL_ROOT}";
chown root:smmta "${SENDMAIL_ROOT}";
chmod 02755 "${SENDMAIL_ROOT}";
fi;
if [ ! -d "${MTA_ROOT}" ]; then
mkdir -p "${MTA_ROOT}";
chown $DAEMON_UID:smmta "${MTA_ROOT}";
chmod 02755 "${MTA_ROOT}";
fi;
if [ ! -d "${MSP_ROOT}" ]; then
mkdir -p "${MSP_ROOT}";
chown smmsp:smmsp "${MSP_ROOT}";
chmod 02775 "${MSP_ROOT}";
fi;
if [ ! -d "${STAMP_DIR}" ]; then
mkdir -p "${STAMP_DIR}";
chown root:smmsp "${STAMP_DIR}";
chmod 02775 "${STAMP_DIR}";
fi;
}
#------------------------------------------------------------------------------
# Why are we here ?
#------------------------------------------------------------------------------
# Some requisite initialization
if [ -z "$SM_Get_Parameters" ]; then
Get_Parameters;
fi;
if [ "$LOG_CMDS" = "Yes" ]; then
logger -i -p mail.debug -- "$0 $@";
fi;
#------------------------------------------------------------------------------
# Handle being called via an alias
#------------------------------------------------------------------------------
case $(basename $0) in
newaliases)
newaliases $*;
exit $?;
;;
hoststat)
hoststat $*;
exit $?;
;;
purgestat)
purgestat $*;
exit $?;
;;
mailstats)
mailstats $*;
exit $?;
;;
mailq)
mailq $*;
exit $?;
;;
runq)
runq $*;
exit $?;
;;
control|smcontrol)
control $*;
exit $?;
;;
status)
status $*
exit $?
;;
*)
;;
esac;
#------------------------------------------------------------------------------
# Handle being called via /etc/init.d/sendmail or directly
#------------------------------------------------------------------------------
# Ok, why are we here...
case "$1" in
#-----------------------------------------------------------------------
# Debian required/optional targets:
#-----------------------------------------------------------------------
start)
echo -n 'Starting Mail Transport Agent: sendmail';
start_sendmail;
echo '.'
;;
stop|force-stop)
echo -n 'Stopping Mail Transport Agent: sendmail';
stop_sendmail;
echo '.'
;;
restart)
echo -n 'Restarting Transport Agent: sendmail';
# reload is equivalent (but faster) than stop/start !
# but... it doesn't honor changes to /etc/mail/sendmail.conf
#reload_sendmail;
stop_sendmail;
start_sendmail;
echo '.';
;;
restart-if-running)
if ! is_running mta && ! is_running msp; then
echo 'Mail Transport Agent: sendmail is not running';
else
$0 restart;
fi;
;;
reload-if-running)
if ! is_running mta && ! is_running msp; then
echo 'Mail Transport Agent: sendmail is not running';
else
$0 reload;
fi;
;;
reload|force-reload)
echo -n 'Reloading Mail Transport Agent configuration: sendmail';
reload_sendmail;
echo '.';
;;
#-----------------------------------------------------------------------
# Local targets (sendmail commands/aliases) for MSP/MTA split support
# These targets will pass along any provided parameters
#-----------------------------------------------------------------------
newaliases)
shift;
newaliases $*;
;;
hoststat)
shift;
hoststat $*;
;;
purgestat)
shift;
purgestat $*;
;;
mailstats)
shift;
mailstats $*;
;;
mailq)
shift;
mailq $*;
;;
runq)
shift;
runq $*;
;;
control|smcontrol)
shift;
control $*;
;;
#-----------------------------------------------------------------------
# Local targets for extended support/debugging
#-----------------------------------------------------------------------
status)
shift;
status $*;
;;
debug)
#
# If not running, can't debug
if is_running msp; then
echo -n 'Dumping MSP state...';
$SIGNAL_MSP_CMD --signal USR1;
echo 'done.';
fi;
if is_running mta; then
echo -n 'Dumping MTA state...';
$SIGNAL_MTAL_CMD --signal USR1;
echo 'done.';
fi;
;;
clean|clean_que*|clean-que*)
#
# If running, don't clean the queues...
if is_running mta; then
echo 'MTA is running, queue cleaning ill advised...';
else
echo -n 'Cleaning up the queues...';
clean_queues;
echo 'done.';
fi;
;;
#-----------------------------------------------------------------------
# Local targets for cronjob support
#-----------------------------------------------------------------------
cron-msp)
cron_msp;
;;
cron-mta)
cron_mta;
;;
#-----------------------------------------------------------------------
# Default target - bitch and moan
#-----------------------------------------------------------------------
*)
echo "Invalid command <$1>";
echo "Usage: $0 <command>";
echo ' Where <command> is one of the following';
echo ' start|stop|restart|restart-if-running';
echo ' reload-if-running|reload|force-reload';
echo ' newaliases|hoststat|purgestat|mailstats|mailq|runq|control';
echo ' status|debug|clean';
exit 1;
;;
esac;
exit 0;
Scalix Installation
Sourcen laden
Sourcen laden und unter /usr/src auspacken:
cd /usr/src wget http://downloads.scalix.com/.community/11.0.2.1/scalix-11.0.4-GA-debian-intel.tgz tar xvzf scalix-11.0.4-GA-debian-intel.tgz
Installieren
Das Pakage war bei mir korrupt, in einem Tomcat-Paket ist ein Syntaxfehler. Den beheben wir zuerst:
cd /usr/src/scalix-debian-11.0.4-GA/software/scalix_server
mkdir -p new/DEBIAN old
mv scalix-tomcat_5.5.16-263_all.deb old
dpkg -x old/scalix-tomcat_5.5.16-263_all.deb new
dpkg -e old/scalix-tomcat_5.5.16-263_all.deb new/DEBIAN
vi new/DEBIAN/postinst
# ... Zeile 21 die überflüssige ')' entfernen
/opt/scalix-tomcat/bin/sxtomcat-create-instance ""
# ...
dpkg -b new scalix-tomcat_5.5.16-263_all_patched.deb
Jetzt könenn wir die Scalix-Pakete installieren:
cd /usr/src/scalix-debian-11.0.4-GA/software/scalix-server
dpkg -i ../../third_party/libical/i386/libical*.deb
dpkg -i scalix-server_*.deb
export PATH=/opt/scalix/bin:$PATH
echo -n "What should the name of your primary mailnode be? "; read mnode
echo -n "Please enter the admin password for the Scalix admin user (sxadmin)? "; read admpwd
echo -n "Please enter a password for the ldap query user? "; read ldappwd
echo -n "Please enter a password for the db user? "; read dbpwd
echo -n "Please enter the external ip address of your Scalix box? "; read ip
ldomain=$(hostname -d)
host=$(hostname)
fqdn=$(hostname -f)
short=${host:0:1}${host: -1:1}
# Initialize the Scalix Message Store
ommakeom
# Set Generation Rules for Display Name, Login Name and Internet Address
sxconfig --set -t general.usrl_cn_rule='S, G'
sxconfig --set -t general.usrl_authid_rule='gs@'
sxconfig --set -t orniasys.name_part_1='"C" <G.S>' -t orniasys.domain_part_1=$ldomain
# Creating the Default Mailnode
omaddmn -m $mnode
# Starting the Server Daemons
omrc -n
# Creating the Default Admin User
omaddu -n sxadmin/$mnode --class limited -c admin -p "$admpwd" sxadmin
# Configuring the Admin User
omconfenu -n "sxadmin/$mnode"
omlimit -u "sxadmin/$mnode" -o -i 0 -m 0
# Creating the LDAP Query User
omaddu -n sxqueryadmin/$mnode --class limited -c admin -p $ldappwd sxqueryadmin@$fqdn
# Creating the Standard Scalix Admin Groups
omaddpdl -l ScalixUserAdmins/$mnode
omaddpdl -l ScalixUserAttributesAdmins/$mnode
omaddpdl -l ScalixGroupAdmins/$mnode
omaddpdl -l ScalixAdmins/$mnode
cat >>/var/opt/scalix/${short}/s/sys/general.cfg <<EOF
#
# The CDA service (used for "type down" in some clients) is more
# efficient if it can check the directory change log before attempting
# to update the access tables that it uses. One slow machines, it may
# also be worth uncommenting the CDA_CHECKTIME tweak to reduce the check
# interval from five minutes to an hour.
#
CDA_USE_CHANGE_LOG=TRUE
# CDA_CHECKTIME=60
#
# These tweaks limit the number and rate of IMAP connections to the
# server. The IMAP_CONNECTION_LIMIT simply restricts the total number of
# connections to the server. Note that many IMAP clients have several
# connections for each IMAP session. The IMAP_CONNRATE_LIMIT restricts
# the rate at which clients can connect to the server, in this case, at
# most 10 connections per second. If clients try to connect faster
# than that, the IMAP server simply slows down the rate at which it will
# accept new connections.
#
IMAP_CONNECTION_LIMIT=500
IMAP_CONNRATE_LIMIT=10
#
# The IMAP_IDLE_TIMEOUT tweak is the maximum time an IMAP connection
# will wait for a command before terminating the connection. The default
# setting, and the minimum required setting, is 30 minutes. Some
# clients "refresh" their connection once every thirty minutes
# exactly -- but if they are a little bit late, the server drops their
# connection. Setting a timeout of 31 minutes avoids this problem.
#
IMAP_IDLE_TIMEOUT=31
#
# This tweak arranges for Local Delivery to automatically create a
# message store for users created without one.
# Users added with the bulk-add mechanism used by the
# wizard do not have a message store. So setting this tweak allows
# them to receive mail before they are initially signed on.
#
LD_CREATE_MESSAGE_STORE=TRUE
#
# These three tweaks allow users to sign on using an alias. Only
# system-defined aliases are permitted and it the alias name is ignored
# for the purposes of message creation and so on.
#
# Note that changing these settings normally requires restarting Scalix.
#
UAL_SIGNON_ALIAS=YES
UAL_SIGNON_ALIAS_CONFIG=SYS
UAL_USE_SIGNON_ALIAS=FALSE
EOF
# Starting Scalix Services
omon -s all
# Installing the Scalix Server package
# ein Deb-Paket (scalix-tomcat_*.deb) hat einen Fehler im Install-Skript.
# Der muss zuerst behoben werden (Deb auspacken, Syntax Error korrigieren, Deb-Paket neu erstellen)
dpkg -i scalix-postgres_*.deb scalix-tomcat-connector_*.deb scalix-tomcat_*.deb \
scalix-mobile_*.deb scalix-platform_*.deb scalix-res_*.deb scalix-sac_*.deb \
scalix-sis_*.deb scalix-swa_*.deb
# Setup DB
/opt/scalix-postgres/bin/sxpsql-init # To create the database and tables
/opt/scalix-postgres/bin/sxpsql-setpwd $dbpwd
/opt/scalix-postgres/bin/sxpsql-whitelist 127.0.0.1 $ip
# Setting up Scalix-Tomcat
# vi /etc/opt/scalix-tomcat/scalix-tomcat.conf
# Set RAM Usage to 50% of complete RAM (or other, e.g. 40M)
# JAVA_OPTS="-server -Xms40m -Xmx40m"
# Configure Scalix
tomcatport=80
base=/var/opt/scalix/${short}
files="$base/webmail/swa.properties \
$base/caa/scalix.res/config/ubermanager.properties \
$base/res/config/res.properties \
$base/platform/platform.properties \
$base/mobile/mobile.properties \
$base/sis/sis.properties"
for file in $files; do
sed -e "s;%LOCALDOMAIN%;$ldomain;g" \
-e "s;%LOCALHOST%;$fqdn;g" \
-e "s;%PLATFORMURL%;$fqdn;g" \
-e "s;__SECURED_MODE__;false;g" \
-e "s;ubermanager/__FQHN_HOST__@__KERBEROS_REALM__;;g" \
-e "s;__KERBEROS_REALM__;;g" \
-e "s;__FQHN_FOR_KDC_HOST__;;g" \
-e "s;__FQHN_QUERY_SERVER_NAME__;$fqdn;g" \
-e "s;__UBERMGR_USE_EXTERNAL_AUTH__;false;g" \
-e "s;__UBERMGR_ALLOW_EXTERNAL_AUTH__;false;g" \
-e "s;__UBERMGR_MAXLIST_SIZE__;100;g" \
-e "s;__UBERMGR_MAIL_DOMAINS_LIST__;$ldomain;g" \
-e "s;__UBERMGR_EXTERNAL_DOMAIN_AUTH_LIST__;;g" \
-e "s;__CONFIGURED__;true;g" \
-e "s;__FQHN_FOR_UBERMANAGER__;$fqdn;g" \
-e "s;__TOMCAT_PORT__;$tomcatport;g" \
-e "s;localhost;$fqdn;g" \
-e "s;%SIS-LANGUAGE%;German;g" \
-e "s;%INDEX-WHITELIST%;$fqdn;g" \
-e "s;%SEARCH-WHITELIST%;$fqdn;g" \
$file > $file.neu
mv $file.neu $file
done
# Write Ldappassword to psdata
cd ${base}/caa/scalix.res/config
echo "$ldappwd" > psdata
chown root:root psdata
chmod 400 psdata
cd
# Restart Tomcat
/etc/init.d/scalix-tomcat restart
# Setup Apache
ln -s /opt/scalix/global/httpd/scalix-web-client.conf /etc/apache2/conf.d
cat << EOF > /etc/apache2/conf.d/scalix-access.conf
<Location />
Allow from all
</Location>
EOF
/etc/init.d/apache2 restart
cat << EOT
#####################################################
# You should now be able to access scalix at:
# http://$fqdn/sac
# http://$fqdn/webmail
#####################################################
EOT
Jetzt sollte man sich in o.g. URL als sxadmin und dem vorher definierten Password einloggen können. Als sxadmin kann man in der Scalix Admin Console (SAC) neue User anlegen.
Um Ressourcen zu sparen, kann man den Speicherbedarf des Tomcat etwas zügeln: /etc/opt/scalix-tomcat/scalix-tomcat.conf
# Configuration file for Scalix Tomcat # The directory where Java is installed # (determined from /usr/bin/java managed by update-alternatives # by default, change to hardcoded path if needed): JAVA_HOME="`/opt/scalix-tomcat/bin/determine-java-home`" # Additional arguments to be passed to Java: JAVA_OPTS="-server -Xms40m -Xmx40m" # Maximum number of file descriptors ULIMIT_NUM_FILES="1000"
Quellen
[1] Scalix Wiki: Manuelle Installation unter Etch
[2] Linux Magazin Online: Mail Server