Gentoo Server Setup

From KdjWiki

After monitoring the situation for a while, I am now able to spin off this into my Gentoo Production Server Setup

Contents 1 Pre-Setup - Detached 2 HDD Setup (RAID) 2.1 RAID 1 2.2 RAID 5 2.3 RAID 1,5 3 Base System 4 Misc Services 4.1 Log Management 4.2 NTP 4.3 VPN (OpenVPN) 4.4 Shares (Samba & NFS) 4.5 Utilities 4.6 USB 4.7 MailX 4.8 Dynamic DNS 4.9 Config Backup (Rsync) 4.10 Proxy (Squid) 4.11 FTP (ProFTPd) 4.12 /tmp cleaner 4.13 Monitoring and other System Management 5 MySQL, Apache & PHP 5.1 MySQL 5.2 Apache/PHP 5.3 Log stats with awstats 6 VOIP with Asterisk (incomplete) 6.1 Asterisk 7 Mail Services with Postfix, MySQL, Fetchmail and Courier-IMAP (incomplete) 7.1 Postfix 7.2 MySQL Mail Settings 7.3 Checkpoint 7.4 Data 7.5 Fetchmail 7.6 Courier-IMAP 7.7 Webmail (SquirrelMail)

Pre-Setup - Detached

All configuration files (or samples at least) can be found on the Gentoo Config Files page.

1) Boot from CD
2) Set root password:

 # passwd

3) Start SSH Server:

 # /etc/init.d/sshd start

4) Determine IP address:

 # ifconfig | grep "inet addr" | grep -v "127.0.0.1"

5) Connect from other computer:

 $ ssh -l root {ip-address}

6) Detach Console:

 # screen

HDD Setup (RAID)

Configure the disks with fdisk:

RAID 1

Assume 2 HDD - /dev/hda and /dev/hdc

• /dev/hda1 : type fd, size 100MB, boot flag = on
• /dev/hda2 : type 82 (swap), size 2xRAM size
• /dev/hda3 : type fd, size = remainder

Duplicate for /dev/hdc:

 # sfdisk -d /dev/hda | sfdisk /dev/hdc

RAID-1 partitions (non-swap):

 # mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/hda1 /dev/hdc1
 # mdadm --create /dev/md2 --level=1 --raid-devices=2 /dev/hda3 /dev/hdc3

Make filesystems:

 # mke2fs -j /dev/md0
 # mkreiserfs /dev/md2
 # mkswap /dev/hda2
 # swapon /dev/hda2
 # mkswap /dev/hdc2
 # swapon /dev/hdc2

RAID 5

Note: This is unconfirmed

Assume 3 HDD - /dev/hda, /dev/hdb and /dev/hdc

• /dev/hda1 : type fd, size 100MB, boot flag = on
• /dev/hda2 : type 82 (swap), size 2xRAM size
• /dev/hda3 : type fd, size = remainder

Duplicate for /dev/hdb and /dev/hdc:

 # sfdisk -d /dev/hda | sfdisk /dev/hdb
 # sfdisk -d /dev/hda | sfdisk /dev/hdc

RAID-5 partitions (non-swap):

 # mdadm --create /dev/md0 --level=5 --raid-devices=3 /dev/hda1 /dev/hdb1 /dev/hdc1
 # mdadm --create /dev/md2 --level=5 --raid-devices=3 /dev/hda3 /dev/hdb3 /dev/hdc3

Make filesystems:

 # mke2fs -j /dev/md0
 # mkreiserfs /dev/md2
 # mkswap /dev/hda2
 # swapon /dev/hda2
 # mkswap /dev/hdb2
 # swapon /dev/hdb2
 # mkswap /dev/hdc2
 # swapon /dev/hdc2

RAID 1,5

Final setup is RAID-1 for /boot partition (with 1 partition spare) and RAID-5 / partition.

Assume 3 HDD - /dev/hda, /dev/hdb and /dev/hdc

• /dev/hda1 : type fd, size 100MB, boot flag = on
• /dev/hda2 : type 82 (swap), size 2xRAM size
• /dev/hda3 : type fd, size = remainder

Duplicate for /dev/hdb and /dev/hdc:

 # sfdisk -d /dev/hda | sfdisk /dev/hdb
 # sfdisk -d /dev/hda | sfdisk /dev/hdc

Create raidtab file:

 # nano -w /etc/raidtab

such as:

 # /boot (RAID 1 with hot-spare)
 raiddev    /dev/md0
 raid-level    1
 nr-raid-disks   2
 nr-spare-disks    1
 chunk-size    32
 persistent-superblock    1
 device    /dev/hda1
 raid-disk    0
 device    /dev/hdc1
 raid-disk    1
 device    /dev/hdb1
 spare-disk     0
 # / (RAID 5)
 raiddev    /dev/md2
 raid-level    5
 nr-raid-disks    3
 nr-spare-disks    1
 persistent-superblock    1
 chunk-size    32
 parity-algorithm    right-symmetric
 device    /dev/hda3
 raid-disk    0
 device    /dev/hdb3
 raid-disk    1
 device    /dev/hdcc
 raid-disk    2

Make RAID:

 # mkraid /dev/md0
 # mkraid /dev/md2

Make filesystems:

 # mke2fs -j /dev/md0
 # mkreiserfs /dev/md2
 # mkswap /dev/hda2
 # swapon /dev/hda2
 # mkswap /dev/hdb2
 # swapon /dev/hdb2
 # mkswap /dev/hdc2
 # swapon /dev/hdc2

Base System

Mount partitions:

 # mount /dev/md2 /mnt/gentoo
 # mkdir /mnt/gentoo/boot
 # mount /dev/md0 /mnt/gentoo/boot

Prepare for install:

 # date MMDDhhmmYYYY
 # cd /mnt/gentoo
 # tar -xvjpf /mnt/cdrom/stages/stage3*

Chroot to system:

 # mount -t proc none /mnt/gentoo/proc
 # cp -L /etc/resolv.conf /mnt/gentoo/etc/resolv.conf
 # chroot /mnt/gentoo /bin/bash
 # env-update
 # source /etc/profile

Set USE variables:

 # nano -w /etc/make.conf

• USE="apache2 php mysql ssl -X -qt -gtk -gnome"

NOTE: You may also need to change your CFLAGS from -march= to -mcpu=
NOTE: -mcpu is now deprecated so you should try and use -march or -mtune

Configure Kernel:

 # ln -sf /usr/share/zoneinfo/Australia/Sydney /etc/localtime
 # emerge gentoo-sources
 # emerge genkernel
 # zcat /proc/config.gz /usr/share/genkernel/x86/kernel-config-2.6
 # genkernel --udev --menuconfig all

TODO: Document kernel source modifications

 # emerge -k coldplug
 # rc-update add coldplug boot
 # emerge -k hotplug
 # rc-update add hotplug default

[OPTIONAL]:
Add any additional drivers:

 # echo ncr53c8xx >> /etc/modules.autoload/kernel-2.6

Configure Mounts:

 # nano -w /etc/fstab

something like:

 /dev/md0            /boot      ext3       noauto,noatime                1  2
 /dev/md2            /          reiserfs   noatime                       1  1
 /dev/hda2           none       swap       sw,pri=1                      0  0
 /dev/hdc2           none       swap       sw,pri=1                      0  0
 #/dev/sda           /mnt/key   auto       noauto,user,exec,gid=users    0  0
 /dev/cdroms/cdrom0  /mnt/cdrom  auto      noauto,user                   0  0
 #/dev/cdroms/cdrom1 /mnt/dvd    auto      noauto,user                   0  0
 none                /proc       proc      defaults                      0  0
 none                /dev shm    tmpfs     defaults                      0  0

Configure Network:

 # echo myserver > /etc/hostname
 # echo mydomain.com > /etc/dnsdomainname
 # rc-update add domainname default
 # nano -w /etc/conf.d/net

 iface_eth0="192.168.1.50 broadcast 192.168.1.255 netmask 255.255.255.0"
 gateway="eth0/192.168.1.1"

 # rc-update add net.eth0 default
 # nano -w /etc/hosts

 192.168.1.50 myserver.mydomain.com myserver
 127.0.0.1 localhost
 192.168.1.1 router
 ... other entries

Other System Tools:

 # emerge metalog
 # rc-update add metalog default
 # emerge vixie-cron
 # rc-update add vixie-cron default
 # emerge slocate
 # emerge reiserfsprogs
 # rc-update add sshd default
 # emerge app-admin/sudo
 # nano -w /etc/sudoers

 %wheel ALL=(ALL)    ALL

 # emerge -u mdadm
 # emerge -u raidtools

Install Bootloader:

 # cp /boot/kernel* /boot/kernel
 # cp /boot/initrd* /boot/initrd
 # emerge grub
 # nano -w /boot/grub/grub/conf

 timeout 5
 default 0
 fallback 1
 splashimage=(hd0,0)/grub/splash.xpm.gz
 title Gentoo Linux (hd0,0)
 root (hd0,0)
 kernel /kernel root=/dev/ram0 init=/linuxrc ramdisk=8192 read_root=/dev/md2 splash=verbose
 initrd /initrd
 title Gentoo Linux (hd1,0)
 root (hd1,0)
 kernel /kernel root=/dev/ram0 init=/linuxrc ramdisk=8192 read_root=/dev/md2 splash=verbose
 initrd /initrd

 # grub

 root (hd0,0)
 setup (hd0)
 quit

 # grub

 root (hd1,0)
 setup (hd1)
 quit

Personalise:

 # nano -w /etc/skel/.bashrc

 alias ll="ls --color -lh"
 alias slocate="slocate -i"
 [ -f /etc/profile.d/bash-completion ] && source /etc/profile.d/bash-completion

 # cp /etc/skel/.* ~
 # nano -w /etc/ssh/sshd_config

 Port 8070

Add user:

 # useradd user-name -m -c "full-name" -G users,wheel,audio,tty -s /bin/bash
 # passwd user-name

Finalise & Reboot:

 # exit
 # umount /mnt/gentoo/boot /mnt/gentoo/proc /mnt/gentoo
 # exit
 # reboot

[OPTIONAL]: USE file editor:

 $ sudo emerge ufed

and to edit the USE flags:

 $ sudo ufed

Misc Services

Log Management

Log Rotation

 $ sudo emerge logrotate

Log Sentry

 $ sudo emerge logsentry

Schedule hourly checks:

 $ sudo nano -w /etc/cron.hourly/logsentry.cron

change:

   #/bin/sh /etc/logcheck/logcheck.sh

to:

   /bin/sh /etc/logcheck/logcheck.sh

NTP

 $ sudo emerge ntp
 $ sudo cp /etc/ntp.conf /etc/ntp.conf.orig
 $ sudo cp /usr/share/ntp/ntp.conf /etc/ntp.conf
 $ sudo nano -w /etc/ntp.conf

restrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrap

 $ sudo /etc/init.d/ntpd start
 $ sudo rc-update add ntpd default
 $ sudo ntpq -p

VPN (OpenVPN)

Get the software:

 $ sudo emerge openvpn

Generate a static key:

 $ sudo openvpn --genkey --secret static.key

Shares (Samba & NFS)

Utilities

for uuencode

 $ sudo emerge sharutils

USB

 $ sudo modprobe usbcore
 $ sudo modprobe usb-storage
 $ sudo modprobe vfat
 $ sudo modprobe scsi_mod
 $ sudo modprobe sd_mod
 $ sudo mkdir /mnt/key
 $ sudo nano -w /etc/fstab

/dev/sda /mnt/key auto noauto,user,exec,gid=users 0 0

MailX

 $ sudo emerge mailx
 $ sudo nano -w /etc/mail/aliases

myname: myemail@mydomain.com

Dynamic DNS

Config Backup (Rsync)

Proxy (Squid)

 $ sudo emerge squid
 $ sudo nano -w /etc/squid/squid.conf

 http_port 8080
 icp_port 0
 cache_mem 64 MB
 cache_dir ufs /var/cache/squid 256 16 256
 acl my_network src 192.168.1.0/24
 http_access allow my_network
 icp_access allow my_network
 miss_access allow my_network

 $ sudo squid -z
 $ sudo rc-update add squid default
 $ sudo /etc/init.d/squid start

FTP (ProFTPd)

 $ sudo emerge proftpd
 $ sudo cp /etc/proftpd/proftpd.conf.distrib /etc/proftpd/proftpd.conf
 $ sudo nano -w /etc/proftpd/proftpd.conf

Here is my current /etc/proftpd/proftpd.conf.
And here is a sample config for allowing anonymous access:

ServerName		"ftp.mydomain.com"
ServerType		standalone		# or ServerType inetd
DefaultServer		on

RequireValidShell	off
AuthPAM			off
AuthPAMConfig		ftp

Port			21

TransferRate		RETR 15:5120	# limit d/l to 15k
DefaultTransferMode	binary

ServerIdent		off
RootLogin		off

AllowRetrieveRestart	on			# allow resuming downloads
AllowStoreRestart	on			# allow resuming uploads - dangerous for anonymous

Umask			022 022

MaxInstances		10
UseReverseDNS		off

User			proftpd			# (or nobody)
Group			users			# (or nogroup)

<Directory />
	AllowOverwrite off
</Directory>

<Anonymous ~ftp>
	User			ftp
	Group			users
	UserAlias		anonymous ftp
	MaxClients		10
	AllowRetrieveRestart	on
	AllowStoreRestart	off
	AllowOverwrite		on
	DisplayLogin		welcome.msg
	DisplayFirstChdir	.message
	<Directory *>
		<Limit WRITE>
			AllowAll		# (or DenyAll)
		</Limit>
	</Directory>
</Anonymous>

/tmp cleaner

See: http://gentoo-wiki.com/HOWTO_clean_/tmp

Monitoring and other System Management

System Resource Monitoring

 $ sudo emerge slmon

And to run:

 $ slmon

MySQL Monitor and Profiler This is (currently) masked for x86, so to emerge you need to run the following:

 $ su -
 # ACCEPT_KEYWORDS="~x86" emerge mtop
 # exit

And to run:

 $ mtop

Update : This doesn't currently appear to be working

MySQL, Apache & PHP

MySQL

 $ sudo emerge mysql
 $ sudo mysql_install_db
 $ sudo /etc/init.d/mysql start
 $ sudo rc-update add mysql default
 $ sudo nano -w /etc/mysql/my.cnf

• #bind-address = 127.0.0.1

 $ sudo mysqladmin -u root -h {myserver} password '{mypassword}'
 $ mysql -u root -p

Apache/PHP

 $ sudo emerge apache php mod_php
 $ sudo emerge -s mod_php (get version)
 $ sudo ebuild /var/db/pkg/dev-php/mod_php-x.x.x-rx/mod_php-x.x.x-rx.ebuild config
 $ sudo echo "APACHE_OPTS=\"-D SSL -D PHP4\"" >> /etc/conf.d/apache2

configure apache as defailed here

 $ sudo /etc/init.d/apache2 start
 $ sudo rc-update add apache2 default

Log stats with awstats

 $ sudo emerge awstats

awstats was installed into /usr/share/webapps/awstats/6.5/

Copy the config file to the apache configuration folder:

 $ sudo cp /usr/share/webapps/awstats/6.5/postinst-en.txt /etc/apache2/conf/awstats.conf

Include in your apache configuration file:

 $ sudo nano -w /etc/apache2/conf/apache2.conf
 Include conf/awstats.conf

Add that line in the virtual host you want to show stats.

Copy the awstats config file for each virtual host you want stats on:

 $ sudo cp /etc/awstats/awstats.model.conf /etc/awstats/awstats.www.mydomain.com.conf

Customise the config file:

 $ sudo nano -w /etc/awstats/awstats.www.mydomain.com.conf
 LogFile="/var/log/apache2/mydomain_access_log"
 SiteDomain="www.mydomain.com"
 HostAliases="www.mydomain.com localhost 127.0.0.1 REGEX[mydomain\.com$]"
 DirData="/var/log/apache2/mydomain"

Make stats data folder:

 $ sudo mkdir /var/log/apache2/mydomain
 $ sudo chmod 777 /var/log/apache2/mydomain

Build stats file:

 $ /usr/share/webapps/awstats/6.5/hostroot/cgi-bin/awstats.pl -config=www.mydomain.com -update

Test:

 http://www.mydomain.com/awstats/awstats.pl?config=www.mydomain.com

Create daily cron job to update:

 $ sudo nano -w /etc/cron.daily/awstats

such as:

 #!/bin/bash
 /usr/share/webapps/awstats/6.5/hostroot/cgi-bin/awstats.pl -config=www.mydomain.com -update > /var/log/awstats_update.log 2>&1

If you have log rotation happening, you should ensure this happens after the rotation, and against the old logfile.

VOIP with Asterisk (incomplete)

Asterisk

Firstly you have to emerge asterisk:

 $ sudo emerge asterisk

Add port (5060) forward on router

Configure a soft handset
Get softphone:

  windows: http://iaxclient.sourceforge.net/iaxcomm/

Add to /etc/asterisk/sip.conf:

  [iaxclient]
  type=friend
  username=iaxclient
  secret=mypassword
  context=iaxclient
  nat=yes
  host=dynamic
  defaultip=192.168.1.100

Add a default extension to /etc/asterisk/extensions.conf:

  [iaxclient]
  ;exten => _X.,1,Answer
  ;exten => _X.,2,Wait(2)
  ;exten => _X.,3,Playback(tt-monkeys)
  ;exten => _X.,4,Hangup

(Re)start Asterix:

  $ sudo /etc/init.d/asterisk restart

And test (dial home and see if you get the monkeys)

Other Things

Then get iptables:

  $ sudo emerge iptables

Configure iptables:

  $ sudo /etc/init.d/iptables save

Start (and auto-start):

  $ sudo /etc/init.d/iptables start
  $ sudo rc-update add iptables default

Allow iptables to set the ToS (Type of Service):

  $ sudo iptables -A OUTPUT -t mangle -p udp -m udp --dport 5060 -j DSCP --set-dscp 0x28
  $ sudo iptables -A OUTPUT -t mangle -p udp -m udp --sport 10000:20000 -j DSCP --set-dscp 0x28

Mail Services with Postfix, MySQL, Fetchmail and Courier-IMAP (incomplete)

Postfix

Firstly you may have to unmerge ssmtp:

 $ sudo emerge --unmerge ssmtp

Then emerge postfix:

 $ sudo emerge postfix

Now configure:

/etc/postfix/main.cf
Uncomment/update:

  # server details
  myhostname = server.mydomain.com		# my mail hostname
  myorigin = $mydomain				# the domain mail will be sent from

  # network details
  inet_interfaces = all				# accept connections from anywhere

  # for virtual domains
  mydestination =
  local_recipient_maps =
  unknown_local_recipient_reject_code = 450

  # mail relaying
  mynetworks_style = host			# only trust this machine
  relayhost = [smtp.myisp.com]			# relay all mail through my ISP (leave blank to send directly)

  # aliasing
  alias_maps = hash:/etc/mail/aliases
  alias_database = hash:/etc/mail/aliases

  # software settings
  smtpd_banner = $myhostname ESMTP $mail_name	# a simple banner to display to SMTP clients

Add:

  # address masquerading
  masquerade_domains = sub.domain.com !sub.dyndomain.com
  masquerade_exceptions = root

  # timings and other numbers
  delay_warning_time = 4h
  maximal_queue_lifetime = 3d
  minimal_backoff_time = 1000s
  maximal_backoff_time = 8000s
  smtp_helo_timeout = 60s
  smtpd_recipient_limit = 16
  smtpd_soft_error_limit = 3
  smtpd_hard_error_limit = 12

  # restrictions
  smtpd_sender_restrictions = reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_pipelining permit
  smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client relays.ordb.org, reject_rbl_client blackholes.easynet.nl, reject_rbl_client dnsbl.njabl.org, reject_rbl_client cbl.abuseat.org
  smtpd_recipient_restrictions = permit_mynetworks, reject_non_fqdn_recipient, reject_unauth_destination, check_relay_domains
  smtpd_helo_required = yes
  disable_vrfy_command = yes

  # maps and lookups for virtual domains
  virtual_mailbox_base = /var/spool/mail/virtual
  virtual_mailbox_maps = mysql:/etc/postfix/mysql_mailbox.cf
  virtual_uid_maps = mysql:/etc/postfix/mysql_uid.cf
  virtual_gid_maps = mysql:/etc/postfix/mysql_gid.cf
  virtual_alias_maps = mysql:/etc/postfix/mysql_alias.cf
  virtual_mailbox_domains = mysql:/etc/postfix/mysql_domains.cf

/etc/mail/aliases
map aliases like root to real addresses, then activate:

 $ sudo newaliases

Setup virtual mail folder:
if there is not a virtual user

 $ sudo mkdir /var/spool/mail/virtual
 $ sudo groupadd virtual -g 5000
 $ sudo useradd virtual -u 5000 -g 5000
 $ sudo chown -R virtual:virtual /var/spool/mail/virtual

if there is alread a virtual user

 $ sudo groupmod -g 5000 virtual
 $ sudo usermod -g virtual -u 5000 virtual
 $ sudo chown -R virtual:virtual /var/spool/mail/virtual

MySQL lookup files:

/etc/postfix/mysql_mailbox.cf

 user=mail
 password=apassword
 dbname=maildb
 table=users
 select_field=maildir
 where_field=id
 hosts=127.0.0.1
 additional_conditions=and enabled = 1

/etc/postfix/mysql_uid.cf

 user=mail
 password=apassword
 dbname=maildb
 table=users
 select_field=uid
 where_field=id
 hosts=127.0.0.1

/etc/postfix/mysql_gid.cf

 user=mail
 password=apassword
 dbname=maildb
 table=users
 select_field=gid
 where_field=id
 hosts=127.0.0.1

/etc/postfix/mysql_alias.cf

 user=mail
 password=apassword
 dbname=maildb
 table=aliases
 select_field=destination
 where_field=mail
 hosts=127.0.0.1
 additional_conditions=and enabled = 1

/etc/postfix/mysql_domains.cf

 user=mail
 password=apassword
 dbname=maildb
 table=domains
 select_field=domain
 where_field=domain
 hosts=127.0.0.1

Start and autostart:

 $ sudo /etc/init.d/postfix start
 $ sudo rc-update add postfix default

MySQL Mail Settings

Log in as root:

 mysql -u root -p

Create the mail database:

 create database maildb;

Create a new user: "mail":

 GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON maildb.* TO 'mail'@'localhost' IDENTIFIED by 'apassword';
 GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON maildb.* TO 'mail'@'%' IDENTIFIED by 'apassword';
 exit;

Log in to mysql as the new mail user:

 mysql -u mail -p maildb

Create the tables:

 CREATE TABLE `aliases` (
   `pkid` smallint(3) NOT NULL auto_increment,
   `mail` varchar(120) NOT NULL default ,
   `destination` varchar(120) NOT NULL default ,
   `enabled` tinyint(1) NOT NULL default '1',
   PRIMARY KEY (`pkid`),
   UNIQUE KEY `mail` (`mail`)
 );
 CREATE TABLE `domains` (
   `pkid` smallint(6) NOT NULL auto_increment,
   `domain` varchar(120) NOT NULL default ,
   `transport` varchar(120) NOT NULL default 'virtual:',
   PRIMARY KEY (`pkid`)
 );
 CREATE TABLE `users` (
   `id` varchar(128) NOT NULL default ,
   `crypt` varchar(128) NOT NULL default 'sdtrusfX0Jj66',
   `name` varchar(128) NOT NULL default ,
   `uid` smallint(5) unsigned NOT NULL default '5000',
   `gid` smallint(5) unsigned NOT NULL default '5000',
   `home` varchar(255) NOT NULL default '/var/spool/mail/virtual/',
   `maildir` varchar(255) NOT NULL default ,
   `quota` varchar(255) NOT NULL default ,
   `enabled` tinyint(3) unsigned NOT NULL default '1',
   `change_password` tinyint(3) unsigned NOT NULL default '1',
   `procmailrc` varchar(128) NOT NULL default ,
   `spamassassinrc` varchar(128) NOT NULL default ,
   `clear` varchar(128) NOT NULL default 'ChangeMe',
   PRIMARY KEY (`id`),
   UNIQUE KEY `id` (`id`)
 );

Update configuration (/etc/mysql/my.cnf):

 #skip-networking
 log = /var/log/mysql/mysql.log

Restart MySQL:

 $ sudo /etc/init.d/mysql restart

Checkpoint

(Re)start postfix:

 $ sudo /etc/init.d/postfix restart

Send yourself an email:

 $ echo "This is a test" | /bin/mailx -s "Test Subject" "{your email address}" --

Data

Add domains:

 INSERT INTO domains (
   domain
 ) VALUES (
   'localhost'
 ), (
   'localhost.localdomain'
 );

Add some aliases:

 INSERT INTO aliases (
   mail, destination
 ) VALUES (
   'postmaster@localhost','root@localhost'
 ), (
   'sysadmin@localhost','root@localhost'
 ), (
   'webmaster@localhost','root@localhost'
 ), (
   'abuse@localhost','root@localhost'
 ), (
   'root@localhost','root@localhost'
 ), (
   '@localhost','root@localhost'
 ), (
   '@localhost.localdomain','@localhost'
 );

Add the root user:

 INSERT INTO users (
   id, name, maildir, clear
 ) VALUES (
   'root@localhost', 'root', 'root/', 'apassword'
 );

Fetchmail

Get the software:

 $ sudo emerge fetchmail

Configure:

Adjust the polling frequency (change to 5 mins):
/etc/conf.d/fetchmail

 polling_period="3000"

Create fetchmail configuration file:
/etc/fetchmailrc

 set postmaster "mylogin"
 poll pop.isp.com with proto POP3 auth password user "mypoplogin" there with password "mypoppass" is mylogin here options warnings 3600

Set permissions:

 $ sudo chmod 600 /etc/fetchmailrc

Start and auto start:

 $ sudo /etc/init.d/fetchmail start
 $ sudo rc-update add fetchmail default

Courier-IMAP

Get the package:

 $ sudo emerge courier-imap

Configure:

/etc/courier/authlib/authdaemonrc

  authmodulelist="authmysql"

  # for testing
  DEBUG_LOGIN=2

/etc/courier/authlib/authmysqlrc

  MYSQL_SERVER localhost
  MYSQL_USERNAME mail
  MYSQL_PASSWORD apassword

  MYSQL_DATABASE maildb
  MYSQL_USER_TABLE users
  #MYSQL_CRYPT_PWFIELD crypt
  MYSQL_CLEAR_PWFIELD clear
  MYSQL_MAILDIR_FIELD concat(home, '/', maildir)
  MYSQL_WHERE_CLAUSE enabled=1

/etc/courier-imap/imapd

  MAXPERIP=20
  IMAPDSTART=YES

If you want to use POP and/or SSL, add that above to:

• /etc/courier-imap/pop3d
• /etc/courier-imap/pop3d-ssl
• /etc/courier-imap/imapd-ssl

Start (and auto-start):

 $ sudo /etc/init.d/courier-imapd start
 $ sudo rc-update add courier-imapd default

Webmail (SquirrelMail)

Get the software:

 $ sudo emerge squirrelmail

Configure:

 $ cd /var/www/localhost/htdocs/squirrelmail/config
 $ sudo perl conf.pl

1) Organization Preferences: => Edit as required 2) Server Settings: => Update domain 9) Database:

• DSN for Address book = mysql://mail:apassword@127.0.0.1/maildb
• DSN for Preferences = mysql://mail:apassword@127.0.0.1/maildb

Then save data (S) and quit (Q)

Create the required DB tables:

  $ mysql -u mail -p maildb

  CREATE TABLE `address` (
    `owner` varchar(128) NOT NULL default '',
    `nickname` varchar(16) NOT NULL default '',
    `firstname` varchar(128) NOT NULL default '',
    `lastname` varchar(128) NOT NULL default '',
    `email` varchar(128) NOT NULL default '',
    `label` varchar(255) default NULL,
    PRIMARY KEY (`owner`, `nickname`),
    KEY `firstname` (`firstname`, `lastname`)
  );

  CREATE TABLE `userprefs` (
    `user` varchar(128) NOT NULL default '',
    `prefkey` varchar(50) NOT NULL default '',
    `prefval` varchar(255) default NULL,
    `modified` timestamp(14) NOT NULL,
    PRIMARY KEY (`user`, `prefkey`)
  );

Create admin list:

 echo root > /var/www/localhost/htdocs/squirrelmail/config/admins

Fix the data folder permissions:

 $ sudo chown root:apache /var/www/localhost/htdocs/squirrelmail/data
 $ sudo chmod 775 /var/www/localhost/htdocs/squirrelmail/data

Other updates:

• plugins/retrieveuserdata/config.php

And test:

 http://localhost/squirrelmail/src/configtest.php

And run:

 http://localhost/squirrelmail/