[updated 28-Mar-06] Fixed some problems
[updated 29-Mar-06] Stopped some extra services, can now send / receive
[updated 30-Mar-06] Configure sendmail
Thanks for the suggestions, guys.
I finally got it working. But it seems to have broken some of the SME stuff:
This how-to is NOT RECOMMENDED on anything other than a test server. It can send and receive email, but does not integrate properly into the SME ldap (yet).
==== BEGIN HOWTO ====
# Using scalix 10 and SME server 7 pre-release 3 (other versions will
# probably work)
pico -w /etc/yum.conf
# change the relevant sections as shown
[addons], [base] and [centosplus]
enabled=1
gpgcheck=0
enablegroups=1
# remove qmail. (in a nasty way)
rpm -e qmail --nodeps
# Yum some required dependencies
yum install sendmail tcl tk compat-libstdc++-296 compat-libstdc++-33 cyrus-sasl-plain
# Get the scalix installer
http://www.scalix.com/communityedition/index.html# Scroll to the bottom, pick the Redhat Enterprise 3 or 4 version, enter
# your email address, and agree to the licence.
# Download and unpack the scalix tar.gz file
wget [link], tar -xzvf *.gz
# Change release version to fool scalix. (otherwise won't install)
cp /etc/redhat-release /etc/redhat-release.orig
pico /etc/redhat-release
# (Replace with "Red Hat Enterprise Linux ES release 4 (Nahant)" without
# quotes.)
# "Remember" changes to /etc/redhat-release on restart
cp -f /etc/redhat-release /etc/motd
# Stop SME conflicting services and also disable on startup.
cd /etc/init.d/
./imap svdisable
./pop3 svdisable
service ldap svdisable
./qpsmtpd svdisable
./smtp-auth-proxy svdisable
./sqpsmtpd svdisable
# NOTE: This may not actually disable the services.
# The SME developers might know...
# Change ldap port - service is stopped anyway, you can skip this
# pico /etc/e-smith/db/configuration/defaults/ldap/TCPPort
# change from 389 to 390
# Configure Tomcat:
# go to your scalix install directory and
./scalix-installer
# Accept the default settings, (except for warning, pick install anyway)
# Add scalix commands to shell path
PATH=/opt/scalix/bin:$PATH
# Run again to configure tomcat:
./scalix-installer
# Select option 3 - reconfigure
# Components > 1,2,3
# Accept defaults, but answer "no" to
#Do you want to integrate Tomcat with Apache using Scalix JK connector?
# and "yes" to "Are you sure you want to remove it (the JK connector)"
# Accept the other defaults.
# Make scalix startup automatically on restart
ln -s /etc/init.d/scalix /etc/rc.d/rc7.d/S82scalix
ln -s /etc/init.d/scalix-tomcat /etc/rc.d/rc7.d/S82scalix-tomcat
ln -s /etc/init.d/sendmail /etc/rc.d/rc7.d/S56sendmail
ln -s /etc/init.d/scalix /etc/rc.d/rc6.d/K03scalix
ln -s /etc/init.d/scalix-tomcat /etc/rc.d/rc6.d/K03scalix-tomcat
ln -s /etc/init.d/sendmail /etc/rc.d/rc6.d/K03sendmail
# Configure tcpwrappers to work with sendmail:
mkdir -p /etc/e-smith/templates-custom/etc/hosts.allow
pico /etc/e-smith/templates/etc/hosts.allow/sendmail
sendmail: 127.0.0.1
expand-template /etc/hosts.allow
# Then go to administration console:
http://your.webserver.com:8080/sac# set up your users. then logon to webmail:
http://your.webserver.com:8080/webmail=== Post installation tasks (optional) ===
All of this info was lifted from the Scalix Knowledgebase
http://portal.knowledgebase.net/display/1/index.asp?c=4664# * Get SSL working with scalix
cd /usr/java/jre1.5.0_04/bin
./keytool -genkey -alias tomcat -keyalg RSA
# (Enter the information required. Make a note of your keystore
# password - eg "newpassword")
pico -w /opt/scalix-tomcat/conf/server.xml
# Scroll down and uncomment the ssl section, also add
# keystorePass="newpassword"(as shown below)
<!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
<Connector port="8443" MaxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" debug="1" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystorePass="newpassword" />
<!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 -->
service scalix-tomcat restart
# Now you can access sac and webmail over SSL as follows:
# Administration console:
https://your.webserver.com:8443/sac# Webmail:
https://your.webserver.com:8443/webmail# Integrate clamav
pico -w /etc/group
# add clamav to the end of the scalix line so it reads something like:
scalix:x:454:clamav
cd /var/opt/scalix/rules
pico -w ALL-ROUTES.VIR
VIRUS-UNCLEANED=1 ACTION=REJECT NDN-INFO=!ndninfo.txt
VIRUS-UNCLEANED=0 VIRUS-FOUND=1 ACTION=ALLOW NOTIFY="A virus was found in your message. It was successfully cleaned and sent to the recipient. However we highly recommend that you install or update your virus protection software and scan your computer for viruses."
pico ndninfo.txt
A virus was found in your message. The virus could not be cleaned and thus the message was not sent to the recipient. We highly recommend that you install or update your virus protection software and scan your computer for viruses.
cp /opt/scalix/examples/general/omvscan.map /var/opt/scalix/rules
chown root omvscan.map
chmod 555 omvscan.map
# Restart clam
service clamd restart
#(clamav appears to work. Have tested by sending the clam.exe test file
# from the clamav tarball and got the "your message contains a virus"
# message. Need to test sending an infected msg TO the scalix server)
# * Integrate Spam Assassin
# Install some things:
yum install sendmail-devel
mkdir /root/rpm
cd /root/rpm
wget
http://dag.wieers.com/packages/spamass-milter/spamass-milter-0.3.0-1.2.el4.rf.i386.rpm(if it's not there try googling for spamass-milter.rpm - you want the redhat 4 version)
rpm -Uvh *.rpm
cd /var/opt/scalix/sys/
cp smtpd.cfg smtpd.cfg.orig
pico -w smtpd.cfg
Scroll to the bottom, add this line ...
SMTPFILTER=TRUE
... above the line: RELAY accept 127.0.0.1
cp /etc/mail/sendmail.cf /etc/mail/sendmail.cf.orig
pico -w /etc/mail/sendmail.cf
Change selected lines to the following:
O OperatorChars=.:%@!^/[]+
(delete the last =)
O InputMailFilters=Spamassassin
(delete #, append =Spamassassin)
then below O InputMailFilters=Spamassassin, add the following lines
# Milter options
#O Milter.LogLevel
O Milter.macros.connect=b, j, _, {daemon_name}, {if_name}, {if_addr}
O Milter.macros.helo={tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}
O Milter.macros.envfrom=i, {auth_type}, {auth_authen}, {auth_ssf}, {auth_author}, {mail_mailer}, {mail_host}, {mail_addr}
O Milter.macros.envrcpt={rcpt_mailer}, {rcpt_host}, {rcpt_addr}
In the section MAIL FILTER DEFINITIONS, add the following line:
Xspamassassin, S=local:/var/run/spamass.sock, F=, T=C:15m;S:4m;R:4m;E:10m
chkconfig --add spamass-milter
chkconfig --level 345 spamass-milter on
ln -s /etc/rc.d/init.d/spamass-milter /etc/rc.d/rc7.d/S91spamass-milter
ln -s /etc/rc.d/init.d/spamass-milter /etc/rc.d/rc6.d/K04spamass-milter
# Turn spam filtering on in the server manager
http://your-server.com/server-manager# Email > Change email filtering settings
# Enable spam filtering, alter other settings as you see fit,
# scroll down, click save
cd /etc/rc.d/init.d/
./sendmail restart
./spamass-milter restart
# Check spamd is running
netstat -lnp | grep spamd
# If you don't get a line like "tcp 0 0 127.0.0.1:783..."
# then run the following command
/usr/bin/spamd -d
omoff -d 0 smtpd
omon smtpd
(That seems to work. Log files look ok. )
=== end post installation tasks ===
==== END HOWTO =====
[UPDATE] I added some extra services to the "stop services" list, following the suggestions made by other posts in this forum (see below). Send / receive works from webmail and Outlook connector on local accounts. I haven't tested anything else.
I can log into Horde using the scalix admin details. This means it might be possible to point other SME services to the scalix LDAP and get a working system
However, at the moment, several SME services are broken.
[UPDATE] Scalix now reloads on restart. Hooray! However, I will leave the old "fix" instructions as a reference.
========================
To reinstall scalix, keeping existing mailboxes:
(Just in case SME ldap started, somehow)
service ldap stop
./scalix-installer
Option 4 (uninstall)
Remove everything but the mailbox store.
./scalix-installer
Accept defaults, use existing mailbox store
./scalix-installer
Select option 3 - reconfigure
Components > 1,2,3
Accept defaults, but answer "no" to
Do you want to integrate Tomcat with Apache using Scalix JK connector?
and "yes" to "Are you sure you want to remove it (the JK connector)"
Accept the other defaults.
It will then come back up again with all your users and emails intact
==========================
Anyone got any ideas about any of this?
[UPDATE] It has been suggested that having both LDAP servers running at the same time is the way to go. I think we would be better trying to get the SME server services to use the scalix ldap, after scalix has been installed.
Cheers,
Silas.