Chapter 5. Integration with External Systems

Table of Contents

1. Mail Servers
1.1. Washington IMAP+Sendmail
1.2. Cyrus IMAP+Postfix
1.3. Dovecot+Postfix
1.4. Microsoft Exchange
2. LDAP Integration
2.1. Installing Apache Directory Server
2.2. Installing LDAP Browser
2.3. Inputting User in LDAP Browser
2.4. Integration
3. Chat Portlet
4. CAS Server
5. Installation of Workflow services
5.1. Installation
5.2. Testing the installation
5.3. Configuration of the jBPM database
6. Alfresco

This chapter covers the steps necessary to integrate Liferay Portal with external systems. This configuration may be necessary for the correct operation provided by some the bundled portlets.

1. Mail Servers

Liferay Portal can integrate with Washington IMAP+Sendmail, Cyrus IMAP+Postfix, and Dovecot+Postfix. Support for integration with Microsoft Exchange and other IMAP servers are planned and will be implemented in the near future.

The portal synchronizes with the mail server's user authentication by adding a mail server account when a portal account is added, deleting a mail server account when a portal account is deleted, and updating a mail server account when a portal account is updated. To do this, the portal must have privileges to modify and to update the mail server's user database.

The portal must also keep track of how email addresses map to certain accounts. For example, in the default installation, the portal maps the user id liferay.com.1 to the email address test@liferay.com.

One possible deployment scenario is to run the mail EJBs on the mail server and run the portal EJBs on the web server. In this case, the mail server and web server are two different machines. The portal EJBs will give abstract commands (add/delete/update user) to the remote mail EJBs to carry out. The mail EJBs then run the appropriate system commands for the specific mail server and operating system.

Another possible deployment scenario is to have the mail EJBs and portal EJBs run on the same machine. This can all be configured by editing portal.properties.

Users access their email through an IMAP server. Access is limited to IMAP so that the portal does not have to be programmed to know where to persist the mail.

1.1. Washington IMAP+Sendmail

  1. Install Sendmail and Expect on your mail server. Expect allows you to add, delete, or update users in one command. An example script for Red Hat is included in /mail-ejb/scripts/redhat.

  2. Configure /portal-ejb/classes/portal.properties for your mail server.

  3. The following instructions assume:

    • The server envronment is linux

    • The server name is called PORTAL_HOST

    • You are logged in as root

    • The distribution is Liferay Portal Professional 3.2.0 (Bundled with Tomcat)

    • Tomcat is installed at /usr/local/tomcat

    • Tomcat is running under the user named tomcat, group name tomcat

    • You are using sendmail for email

    • Portal sendmail users are created under the path /home/liferay/users

    • sendmail is running on PORTAL_HOST

# Install expect command
apt-get install expect


# Give tomcat user a password
passwd tomcat




#give tomcat user a login shell
vi /etc/passwd
tomcat:x:500:500::/usr/local/tomcat:/bin/bash




# Use sudo to allow tomcat to add users
visudo

Defaults logfile=/var/log/sudolog
Defaults:tomcat    timestamp_timeout=-1, passwd_tries=1
tomcat  ALL=/usr/sbin/adduser, /usr/sbin/userdel, /usr/bin/passwd




# Enable UW-imap
vi /etc/xinet.d/imap

# default: off
# description: The IMAP service allows remote users to access their mail using \
#              an IMAP client such as Mutt, Pine, fetchmail, or Netscape \
#              Communicator.
service imap
{
       socket_type             = stream
       wait                    = no
       user                    = root
       server                  = /usr/sbin/imapd
       log_on_success  += HOST DURATION
       log_on_failure  += HOST
       disable                 = no
}


# Restart the xinetd deamon
/etc/rc.d/init.d/xinetd restart




# Add Tomcat mail/MailSession settings
vi /usr/local/tomcat/conf/Catalina/localhost/liferay.xml
               <parameter>
                       <name>mail.smtp.host</name>
                       <value>localhost</value>
               </parameter>
               <parameter>
                       <name>mail.imap.host</name>
                       <value>localhost</value>
               </parameter>
               <parameter>
                       <name>mail.store.protocol</name>
                       <value>imap</value>
               </parameter>
               <parameter>
                       <name>mail.transport.protocol</name>
                       <value>smtp</value>
               </parameter>
               <parameter>
                       <name>mail.pop3.host</name>
                       <value>localhost</value>
               </parameter>



# Make the email mapping table writable by tomcat
chmod 664    /etc/mail/virtusertable
chmod 664    /etc/mail/virtusertable.db
chgrp tomcat /etc/mail/virtusertable



# Create lucent paths
mkdir /usr/local/tomcat/liferay/lucene


# Create sendmail users path
mkdir /home/liferay
mkdir /home/liferay/users

chown -R tomcat /home/liferay
chgrp -R tomcat /home/liferay
chmod -R 660    /home/liferay





# Create custom portal properties
# see http://www.liferay.com/static/content/portal.properties.html

vi /usr/local/tomcat/common/classes/portal-ext.properties

mail.hook.impl=com.liferay.mail.util.SendmailHook
mail.mx.update=true
mail.hook.sendmail.add.user=/usr/local/tomcat/bin/autouseradd %1%
mail.hook.sendmail.change.password=/usr/local/tomcat/bin/autopasswd %1% %2%
mail.hook.sendmail.delete.user=/usr/local/tomcat/bin/autouserdel %1%
mail.hook.sendmail.home=/home/liferay/users
mail.hook.sendmail.virtusertable=/etc/mail/virtusertable
mail.box.style=mail/
mail.username.replace=true
passwords.allow.dictionary.word=false
mail.junk-mail.warning.size=512000
mail.trash.warning.size=512000
mail.attachments.max.size=3072000
mail.audit.trail=root@PORTAL_HOST
lucene.dir /usr/local/tomcat/liferay/lucene/








# Create change password command
vi /usr/local/tomcat/bin/autopasswd

#!/usr/bin/expect -f
set password [lindex $argv 1]

spawn sudo /usr/bin/passwd [lindex $argv 0]
expect -i  $spawn_id "password:"
sleep .5
send "$password\r"
expect "password:"W
sleep .5
send "$password\r"
expect eof





# Create user add command
vi /usr/local/tomcat/bin/autouseradd

#!/usr/bin/expect -f
# 1st argument is the user id to add.
# Note: setting mail.username.replace=true in /common/classes/portal-ext.properties
#   will replace the .'s with _'s in userid, which is required for linux

set userid [lindex $argv 0]
spawn sudo /usr/sbin/adduser $userid -s /bin/false
expect eof






# Create user remove command
vi /usr/local/tomcat/bin/autouserdel

#!/usr/bin/expect -f
# 1st argument is the user id to remove
# Note: setting mail.username.replace=true in /common/classes/portal-ext.properties
#   will replace the .'s with _'s in userid, which is required for linux

set userid [lindex $argv 0]
spawn sudo /usr/sbin/userdel -r $userid
expect eof




# Set command file permissions
chmod 700    /usr/local/tomcat/bin/autopasswd
chown tomcat /usr/local/tomcat/bin/autopasswd
chgrp tomcat /usr/local/tomcat/bin/autopasswd
chmod 700    /usr/local/tomcat/bin/autouseradd
chown tomcat /usr/local/tomcat/bin/autouseradd
chgrp tomcat /usr/local/tomcat/bin/autouseradd
chmod 700    /usr/local/tomcat/bin/autouserdel
chown tomcat /usr/local/tomcat/bin/autouserdel
chgrp tomcat /usr/local/tomcat/bin/autouserdel





# Activate tomcat sudo, so it never prompts again
su tomcat
/usr/local/tomcat/bin/autouseradd badusername
/usr/local/tomcat/bin/autopasswd  badusername asst1453
/usr/local/tomcat/bin/autouserdel badusername
exit

1.2. Cyrus IMAP+Postfix

  1. Install Fedora Core 4.

    For a minimal installation, choose to install a custom server. Deselect all packages groups. Select the package groups: Text-based Internet, Mail Server, DNS Name Server, FTP Server, MySQL Database, Network Servers, Development Tools, Legacy Software Development, Administration Tools, and System Tools.

    Make sure the following RPMs are also selected. The packages cyrus-imapd and cyrus-imapd-utils are only available in Fedora Core 2 and Fedora Core 4. They were not part of Fedora Core 1 and needed to be compiled manually. In Fedora Core 4, they were moved to Extras and you will need to use yum to install these packages.

    Mail Server: +cyrus-imapd, +cyrus-imapd-utils

    MySQL Database: +mysql-server

    Development Tools: +expect

  2. Update Fedora. This may take a while even if you have a fast connection.

    rpm --import /usr/share/rhn/RPM-GPG-KEY-fedora yum list yum upgrade

  3. Turn off Sendmail.

    chkconfig --level 3 sendmail off
    /etc/rc.d/init.d/sendmail stop
  4. Edit /etc/sysconfig/saslauthd.

    Replace MECH=shadow with MECH=pam.

    Turn on Cyrus SASL.

    chkconfig --level 3 saslauthd on
    /etc/rc.d/init.d/saslauthd start
  5. Download Cyrus IMAP. If you are using Fedora Core 2 or later, you can use the RPMs from Fedora: cyrus-imapd and cyrus-imapd-utils. If you are using Fedora Core 1 or an earlier version of Red Hat, download cyrus-imapd-2.1.16-6.src.rpm and build the RPM for your environment from the source distribution.

    Build Cyrus IMAP.

    rpmbuild --rebuild cyrus-imapd-2.1.16-6.src.rpm

    Install Cyrus IMAP.

    rpm -i cyrus-imapd-2.1.16-6.i386.rpm

    rpm -i cyrus-imapd-utils-2.1.16-6.i386.rpm

    Turn on Cyrus IMAP.

    chkconfig --level 3 cyrus-imapd on

    /etc/rc.d/init.d/cyrus-imapd start

  6. Download the source distribution of Postfix.

    Install Postfix with support for MySQL and Cyrus SASL.

    rpm -ivh postfix-2.1.6-1.src.rpm

    cd /usr/src/redhat/SOURCES

    bash

    export POSTFIX_MYSQL_REDHAT=1

    export POSTFIX_SASL=2

    export POSTFIX_TLS=1

    sh make-postfix.spec

    exit

    cd /usr/src/redhat/SPECS

    rpmbuild -ba postfix.spec

    cd /usr/src/redhat/RPMS/i386

    rpm -i --force postfix-2.1.6-1.mysql.sasl2.tls.fc4.i386.rpm

  7. Download the source distribution of PAM MySQL.

    Install PAM MySQL.

    rpm -ivh pam_mysql-0.5-0.src.rpm

    cd /usr/src/redhat/SPECS

    rpmbuild -ba pam_mysql.spec

    cd /usr/src/redhat/RPMS/i386

    rpm -i pam_mysql-0.5-0.i386.rpm

  8. Copy /mail-ejb/scripts/fedora/cyrus/mysql_virtual.cf to /etc/postfix/mysql_virtual.cf. Modify mysql_virtual.cf to point to your MySQL database.

    Edit /etc/postfix/virtual. Add the line yourdomain.com anything for each virtual domain that Postfix will manage. A correspending entry is needed in the MySQL database so that email to postmaster@yourdomain.com can be delivered to a Cyrus IMAP account.

    Transform /etc/postfix/virtual to a format Postfix can read.

    postmap /etc/postfix/virtual

    Edit /etc/postfix/master.cf. Replace the two instances of /cyrus/bin/deliver with /usr/lib/cyrus-imapd/deliver. Add these two lines:

    procmail  unix  -       n       n       -       -       pipe
      flags=R user=cyrus argv=/usr/bin/procmail -t -m USER=${user}
    EXTENSION=${extension} /home/cyrus/procmailrc

    Edit /etc/postfix/main.cf. Add these lines:

    #
    # Custom Settings
    #
    
    mynetworks = 127.0.0.0/8, 192.168.0.0/16, 128.135.12.7/32
    
    mailbox_command = /usr/bin/procmail -t -a "$EXTENSION"
    mailbox_transport = procmail
    
    virtual_maps = hash:/etc/postfix/virtual, mysql:/etc/postfix/mysql_virtual.cf
    
    smtpd_recipient_restrictions = permit_mynetworks, check_client_access hash:/etc/postfix/pop-before-smtp, check_relay_domains

    Set mynetworks to the IPs that are allowed to connect to Postfix. Turn on Postfix.

    chkconfig --level 3 postfix on

    /etc/rc.d/init.d/postfix start

  9. Copy /mail-ejb/scripts/fedora/cyrus/procmailrc to /home/cyrus/procmailrc. Make sure the cyrus user can access the script.

    chown cyrus:mail /home/cyrus

    chown cyrus:mail /home/cyrus/procmailrc.

    Copy /mail-ejb/scripts/fedora/cyrus/cyrus_adduser to /usr/bin/cyrus_adduser. Edit cyrus_adduser and replace localhost with the mail server's host name. Make sure the script can be executed.

    chmod u+x /usr/bin/cyrus_adduser.

    Copy /mail-ejb/scripts/fedora/cyrus/cyrus_userdel to /usr/bin/cyrus_userdel. Edit cyrus_userdel and replace localhost with the mail server's host name. Make sure the script can be executed.

    chmod u+x /usr/bin/cyrus_userdel.

    [Note]Note

    If you copy cyrus_adduser and cyrus_userdel from a Windows environment to a Linux environment, you need to run dos2unix cyrus_adduser to convert the file so that Linux can read the file correctly.

  10. Edit /etc/pam.d/pop so that POP authentication is checked via MySQL. Remove the current lines and add these lines:

    #%PAM-1.0
    auth sufficient pam_mysql.so user=dbuser passwd=dbpassword host=127.0.0.1 db=cyrus
    table=CyrusUser usercolumn=userId passwdcolumn=password_ crypt=0
    
    account required pam_mysql.so user=dbuser passwd=dbpassword host=127.0.0.1 db=cyrus
    table=CyrusUser usercolumn=userId passwdcolumn=password_ crypt=0

    Edit /etc/pam.d/imap so that IMAP authentication is checked via MySQL. Remove the current lines and add these lines:

    #%PAM-1.0
    auth sufficient pam_mysql.so user=dbuser passwd=dbpassword host=127.0.0.1 db=cyrus
    table=CyrusUser usercolumn=userId passwdcolumn=password_ crypt=0
    
    account required pam_mysql.so user=dbuser passwd=dbpassword host=127.0.0.1 db=cyrus
    table=CyrusUser usercolumn=userId passwdcolumn=password_ crypt=0
  11. Turn on MySQL.

    chkconfig --level 3 mysqld on

    /etc/rc.d/init.d/mysqld start

    Configure MySQL so that it can be accessed by the username dbuser and password dbpassword.

    use mysql;

    insert into user values ('127.0.0.1', "dbuser", password("dbpassword"), "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y");

    Create the database and tables that will be used to authenticate IMAP users.

    create database cyrus;

    use cyrus;

    create table CyrusUser ( userId varchar(75) not null primary key, password_ varchar(75) not null );

    create table CyrusVirtual ( emailAddress varchar(75) not null primary key, userId varchar(75) not null );

    The Expect scripts cyrus_adduser and cyrus_userdel that are used to add and delete Cyrus IMAP users require a default cyrus user to authenticate with.

    insert into CyrusUser (userId, password_) values ('cyrus', 'cyrus_password');

    Every virtual domain requires a postmaster@yourdomain.com entry so that email to postmaster@yourdomain.com can be delivered to a Cyrus IMAP account.

    insert into CyrusVirtual (emailAddress, userId) values ('postmaster@yourdomain.com', 'your_domain_1');

    Create a default account for your_domain_1.

    insert into CyrusUser (userId, password_) values ('your_domain_1', 'your_password');

    insert into CyrusVirtual (emailAddress, userId) values ('joe.blogs@yourdomain.com', 'your_domain_1');

    quit;

    cyrus_adduser cyrus_password your_domain_1

  12. Turn on SpamAssassin.

    chkconfig --level 3 spamassassin on

    /etc/rc.d/init.d/spamassassin start

  13. Download ClamAV.

    Install ClamAV.

    rpm -i clamav-0.86.1-1.i386.rpm

    Turn on ClamAV.

    chkconfig --level 3 clamd on

    /etc/rc.d/init.d/clamd start

    Download ClamAssassin.

    Install ClamAssassin.

    gunzip clamassassin-1.2.2.tar.gz

    tar xvf clamassassin-1.2.2.tar

    cd clamassassin-1.2.2

    ./configure

    cp clamassassin /usr/local/bin

    Edit /usr/local/bin/clamassassin.

    Set SUBJECTHEAD to "[VIRUS] ".

  14. Copy /mail-ejb/scripts/fedora/cyrus/procmail_vacation to /usr/local/bin/procmail_vacation. Make sure the script can be executed.

    chmod u+x /usr/local/bin/procmail_vacation.

    Download SendEmail.

    Install SendEmail.

    gunzip sendEmail-v1.52.tar.gz

    tar xvf sendEmail-v1.52.tar

    cd sendEmail-v1.52

    chmod u+x sendEmail

    chown cyrus:mail sendEmail

    cp sendEmail /usr/local/bin

  15. Download the source distribution of Pop-before-smtp.

    Pop-before-smtp requires perl-TimeDate and perl-Net-Netmask.

    Install perl-TimeDate from the distributed RPM.

    Install perl-Net-Netmask.

    perl -MCPAN -e 'install Net::Netmask'

    Install Pop-before-smtp.

    gunzip pop-before-smtp-1.38.tar.gz

    tar xvf pop-before-smtp-1.38.tar

    cd pop-before-smtp-1.38

    chown root:root *

    cp pop-before-smtp.init /etc/rc.d/init.d/pop-before-smtp

    cp pop-before-smtp /usr/sbin/

    cp pop-before-smtp-conf.pl /etc

    Edit /etc/pop-before-smtp-conf.pl by uncommenting and modifying certain sections so it matches the following information.

    $dbfile = '/etc/postfix/pop-before-smtp';
    
    $grace = 120*60;
    
    # Set the log file we will watch for pop3d/imapd records.
    $file_tail{'name'} = '/var/log/maillog';
    
    # For Cyrus (including a tweak for IP addrs that don't resolve):
    $pat = '^(... .. ..:..:..) \S+ (?:pop3d|imapd)\[\d+\]: ' .

    Turn on Pop-before-smtp.

    chkconfig --level 3 pop-before-smtp on

    /etc/rc.d/init.d/pop-before-smtp start

  16. Restart your mail server.

    shutdown -r now

1.3. Dovecot+Postfix

First build a generic Liferay email hook, ShellHook.java, that shells out all of the email methods. You install it by adding these lines to portal-ext.properties: mail.hook.impl=com.liferay.mail.util.ShellHook

mail.hook.shell.script=/usr/sbin/mailadmin.ksh

mail.box.style=INBOX

We next built a generic Korn Shell Script, mailadmin.ksh, that implements each method for Dovecot, or any other email system you want. It supports an interactive command line interface for testing:

mailadmin.ksh --help

mailadmin.ksh

mailadmin.ksh addForward [userId] [emailAddresses]

mailadmin.ksh addUser [userId] [password] [firstName] [middleName] [lastName] [emailAddress]

mailadmin.ksh addVacationMessage [userId] [emailAddress] [vacationMessage]

mailadmin.ksh deleteEmailAddress [userId]

mailadmin.ksh deleteUser [userId]

mailadmin.ksh updateBlocked [userId] [blockedEmailAddress]

mailadmin.ksh updateEmailAddress [userId] [emailAddress]

mailadmin.ksh updatePassword [userId] [password]

All of the code is in SVN. mailadmin is at: mail-ejb/scripts/fedora/ksh/mailadmin.ksh Here are the step-by-step installation instructions:


# Edit SASL-auth authentication to use MySQL with the Postfix setup

vi /etc/pam.d/smtp
#%PAM-1.0
auth sufficient pam_mysql.so user=DBUSR passwd=DBPASSWD host=127.0.0.1 db=mail table=postfix_users usercolumn=email passwdcolumn=clear crypt=0
account required pam_mysql.so user=DBUSR passwd=DBPASSWD host=127.0.0.1 db=mail table=postfix_users usercolumn=email passwdcolumn=clear crypt=0





# CONFIGURE VMAIL USER AND EMAIL PATHS

groupadd -g 510 vmail
useradd  -u 510 -g vmail vmail
mkdir -p /var/vmail/EMAILDOMAIN
chown -R vmail:vmail /var/vmail
chmod -R 770         /var/vmail

# Add vmail user to tomcat group and tomcat user to vmail group
# Note the vmail uid, 510, is inserted into the postfix_users table below
vi /etc/group
tomcat:x:500:vmail
vmail:x:510:tomcat




# CONFIGURE MYSQL

#  Add DBUSR to MySql database for managing email tables

mysql -u root -p
use mysql;
insert into user values ('127.0.0.1', "DBUSR", old_password("DBPASSWD"), "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y");
commit;
quit


# Login as email user and build email database, "mail", and postfix tables
mysql -u DBUSR -p

create database mail;
use mail;

CREATE TABLE postfix_alias (
 id int(11) unsigned NOT NULL auto_increment,
 alias varchar(128) NOT NULL default '',
 destination varchar(128) NOT NULL default '',
 PRIMARY KEY (id)
) TYPE=MyISAM;
CREATE TABLE postfix_relocated (
 id int(11) unsigned NOT NULL auto_increment,
 email varchar(128) NOT NULL default '',
 destination varchar(128) NOT NULL default '',
 PRIMARY KEY (id)
) TYPE=MyISAM;

CREATE TABLE postfix_transport (
 id int(11) unsigned NOT NULL auto_increment,
 domain varchar(128) NOT NULL default '',
 destination varchar(128) NOT NULL default '',
 PRIMARY KEY (id),
 UNIQUE KEY domain (domain)
) TYPE=MyISAM;

CREATE TABLE postfix_users (
 id int(11) unsigned NOT NULL auto_increment,
 email varchar(128) NOT NULL default '',
 clear varchar(128) NOT NULL default '',
 crypt varchar(128) NOT NULL default '',
 name tinytext NOT NULL,
 uid int(11) unsigned NOT NULL default '1004',
 gid int(11) unsigned NOT NULL default '1004',
 homedir tinytext NOT NULL,
 maildir tinytext NOT NULL,
 quota tinytext NOT NULL,
 access enum('Y','N') NOT NULL default 'Y',
 postfix enum('Y','N') NOT NULL default 'Y',
 PRIMARY KEY (id),
 UNIQUE KEY email (email)
) TYPE=MyISAM;

CREATE TABLE postfix_virtual (
 id int(11) unsigned NOT NULL auto_increment,
 email varchar(128) NOT NULL default '',
 destination varchar(128) NOT NULL default '',
 PRIMARY KEY (id)
) TYPE=MyISAM;

CREATE TABLE postfix_access (
 id int(10) unsigned NOT NULL auto_increment,
 source varchar(128) NOT NULL default '',
 access varchar(128) NOT NULL default '',
 type enum('recipient','sender','client') NOT NULL default 'recipient',
 PRIMARY KEY (id)
) TYPE=MyISAM

commit;

#  Add an email domain
INSERT INTO `postfix_transport` VALUES
(3,'EMAILDOMAIN','virtual:');
#  Add an email user (automated by Liferay using ShellHook, and mailadmin.ksh)
#  vmail uid is 510
INSERT INTO `postfix_users` VALUES
(17,'LIFERAYUSR@EMAILDOMAIN','LIFERAYPWD','','',510,510,'/var/vmail','EMAILDOMAIN/LIFERAYUSR/Maildir/','','Y','Y');
#  Add an email forward
INSERT INTO `postfix_virtual` VALUES
(27,'LIFERAYLOGIN','LIFERAYUSR@EMAILDOMAIN');

commit;
quit








# CONFIGURE POSTFIX

cd /etc/postfix/
rm -rf ssl/
rm -rf sasl/


vi /etc/postfix/mysql-aliases.cf
user = DBUSR
password = DBPASSWD
dbname = mail
table = postfix_alias
select_field = destination
where_field = alias
hosts = 127.0.0.1

vi /etc/postfix/mysql-client.cf
user = DBUSR
password = DBPASSWD
dbname = mail
table = postfix_access
select_field = access
where_field = source
additional_conditions = and type = 'client'
hosts = 127.0.0.1

vi /etc/postfix/mysql-recipient.cf
user = DBUSR
password = DBPASSWD
dbname = mail
table = postfix_access
select_field = access
where_field = source
additional_conditions = and type = 'recipient'
hosts = 127.0.0.1

vi /etc/postfix/mysql-relocated.cf
user = DBUSR
password = DBPASSWD
dbname = mail
table = postfix_relocated
select_field = destination
where_field = email
hosts = 127.0.0.1

vi /etc/postfix/mysql-sender.cf
user = DBUSR
password = DBPASSWD
dbname = mail
table = postfix_access
select_field = access
where_field = source
additional_conditions = and type = 'sender'
hosts = 127.0.0.1

vi /etc/postfix/mysql-transport.cf
user = DBUSR
password = DBPASSWD
dbname = mail
table = postfix_transport
select_field = destination
where_field = domain
hosts = 127.0.0.1

vi /etc/postfix/mysql-virtual-gid.cf
user = DBUSR
password = DBPASSWD
dbname = mail
table = postfix_users
select_field = gid
where_field = email
additional_conditions = and postfix = 'y'
hosts = 127.0.0.1

vi /etc/postfix/mysql-virtual-maps.cf
user = DBUSR
password = DBPASSWD
dbname = mail
table = postfix_users
select_field = maildir
where_field = email
additional_conditions = and postfix = 'y'
hosts = 127.0.0.1

vi /etc/postfix/mysql-virtual-uid.cf
user = DBUSR
password = DBPASSWD
dbname = mail
table = postfix_users
select_field = uid
where_field = email
additional_conditions = and postfix = 'y'
hosts = 127.0.0.1

vi /etc/postfix/mysql-virtual.cf
user = DBUSR
password = DBPASSWD
dbname = mail
table = postfix_virtual
select_field = destination
where_field = email
hosts = 127.0.0.1

chmod 640          /etc/postfix/mysql-*
chown root:postfix /etc/postfix/mysql-*


vi /etc/postfix/main.cf
# see /usr/share/postfix/main.cf.dist for a commented, fuller version of this file.
# Do not change these directory settings - they are critical to Postfix operation.
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
program_directory = /usr/libexec/postfix
smtpd_banner = $myhostname ESMTP $mail_name
setgid_group = postdrop
biff = no
append_dot_mydomain = no
myhostname = EMAILDOMAIN
myorigin = $myhostname
mydestination = EMAILDOMAIN, $transport_maps
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command =
mailbox_size_limit = 0
recipient_delimiter = +
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-recipient.cf, reject_unauth_destination, permit
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-sender.cf
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-client.cf
alias_maps = mysql:/etc/postfix/mysql-aliases.cf
relocated_maps = mysql:/etc/postfix/mysql-relocated.cf
transport_maps = mysql:/etc/postfix/mysql-transport.cf
virtual_maps = mysql:/etc/postfix/mysql-virtual.cf
virtual_mailbox_base = /var/vmail
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf
virtual_uid_maps = mysql:/etc/postfix/mysql-virtual-uid.cf
virtual_gid_maps = mysql:/etc/postfix/mysql-virtual-gid.cf
local_recipient_maps = $alias_maps $virtual_mailbox_maps



chmod 644        /etc/postfix/main.cf
chown root:root  /etc/postfix/main.cf


vi /etc/postfix/master.cf
smtp     inet  n       -       n       -       -       smtpd
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
maildrop  unix  -       n       n       -       -       pipe
 flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
old-cyrus unix  -       n       n       -       -       pipe
 flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
cyrus     unix  -       n       n       -       -       pipe
 user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
uucp      unix  -       n       n       -       -       pipe
 flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail.postfix ($recipient)
ifmail    unix  -       n       n       -       -       pipe
 flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
 flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
procmail  unix  -       n       n       -       -       pipe
 flags=R user=cyrus argv=/usr/bin/procmail -t -m USER=${user} EXTENSION=${extension} /home/cyrus/procmailrc




chmod 644       /etc/postfix/master.cf
chown root:root /etc/postfix/master.cf




# CONFIGURE DOVECOT

cd
wget http://dag.wieers.com/packages/dovecot/dovecot-0.99.13-1.1.el3.rf.i386.rpm
apt-get install rh-postgresql-libs
rpm -Uvh dovecot-0.99.13-1.1.el3.rf.i386.rpm


vi /etc/dovecot.conf
protocols =  imaps pop3s imap pop3
ssl_disable = yes
ssl_cert_file = /etc/ssl/certs/dovecot.pem
ssl_key_file = /etc/ssl/private/dovecot.pem
login = imap
login_executable = /usr/libexec/dovecot/imap-login
login = pop3
login_executable = /usr/libexec/dovecot/pop3-login
mail_extra_groups = mail
default_mail_env = maildir:/var/vmail/%d/%n/Maildir
imap_executable = /usr/libexec/dovecot/imap
pop3_executable = /usr/libexec/dovecot/pop3
auth = default
auth_mechanisms = plain
auth_default_realm = EMAILDOMAIN
auth_userdb = mysql /etc/dovecot-mysql.conf
auth_passdb = mysql /etc/dovecot-mysql.conf
auth_user = root
auth_verbose = yes



vi /etc/dovecot-mysql.conf
db_host = 127.0.0.1
db_port = 3306
db = mail
db_user = DBUSR
db_passwd = DBPASSWD
db_client_flags = 0
default_pass_scheme = PLAIN
password_query = SELECT clear FROM postfix_users WHERE email = '%n@%d' or email = '%n@EMAILDOMAIN'
user_query = SELECT maildir, uid, gid FROM postfix_users WHERE email = '%n@%d' or email = '%n@EMAILDOMAIN'



# CONFIGURE LIFERAY

# configure mailadmin.ksh
cp mailadmin.ksh /usr/sbin
vi  /usr/sbin/mailadmin.ksh
DOMAIN=EMAILDOMAIN              # Domain being managed
MYSQL_USERNAME=DBUSR              # MySQL user
MYSQL_PASSWORD=DBPASSWD             # MySQL password
TOMCAT_UID=500                       # Mail File Creation user id - tomcat
VMAIL_GID=510                       # Mail File Creation group id - vmail


chmod 750           /usr/sbin/mailadmin.ksh
chown tomcat:tomcat /usr/sbin/mailadmin.ksh

# create mailadmin log file
touch               /var/log/mailadmin.log
chmod 660           /var/log/mailadmin.log
chown tomcat:tomcat /var/log/mailadmin.log

# configure Liferay to use mailadmin.ksh
vi /usr/local/tomcat/common/classes/portal-ext.properties
  mail.hook.impl=com.liferay.mail.util.ShellHook
  mail.hook.shell.script=/usr/sbin/mailadmin.ksh
  mail.box.style=INBOX

# update these JARs with latest from SVN HEAD  
/usr/local/tomcat/common/lib/ext/mail-ejb.jar   -> add com.liferay.mail.util.ShellHook.class
/usr/local/tomcat/common/lib/ext/portal-ejb.jar -> update com.liferay.portal.util.PropsUtil.class
/usr/local/tomcat/common/lib/ext/portal-ejb.jar -> update com.liferay.util.StringUtil.class


# Configure Tomcat

#add mail/MailSession settings
vi /usr/local/tomcat/conf/Catalina/localhost/liferay.xml
<parameter>
       <name>mail.smtp.host</name>
       <value>localhost</value>
</parameter>
<parameter>
       <name>mail.imap.host</name>
       <value>localhost</value>
</parameter>
<parameter>
       <name>mail.store.protocol</name>
       <value>imap</value>
</parameter>
<parameter>
       <name>mail.transport.protocol</name>
       <value>smtp</value>
</parameter>
<parameter>
       <name>mail.pop3.host</name>
       <value>localhost</value>
</parameter>







# Enable autostart on reboots

chkconfig postfix on
chkconfig dovecot on


# Verify Install Commands

tail -f 50 /var/log/maillog
tail -f 50 /var/log/messages



# Restart saslauthd before Postfix, so that Postfix doesn't start with
# a bad SASL setup, otherwise it doesn't answer smtp requests
/etc/init.d/saslauthd restart

# make sure saslauthd restarts
ps -ef | grep saslauthd | grep -v grep



# make sure postfix restarts
/etc/init.d/postfix restart
ps -ef | grep postfix | grep -v grep


# make sure dovecot restarts
/etc/init.d/dovecot restart
ps -ef | grep dovecot | grep -v grep


reboot


# make sure everything starts
ps -ef | grep postfix   | grep -v grep
ps -ef | grep dovecot   | grep -v grep
ps -ef | grep saslauthd | grep -v grep




# Test SMTP by sending an email to LIFERAYUSR@EMAILDOMAIN

telnet localhost 25
EHLO EMAILDOMAIN
MAIL FROM:test@test.com
RCPT TO:LIFERAYUSR@EMAILDOMAIN
DATA
Test msg
.

quit



# Test SMTP by sending an email to alias LIFERAYLOGIN

telnet localhost 25
EHLO EMAILDOMAIN
MAIL FROM:test@test.com
RCPT TO:LIFERAYLOGIN
DATA
Test msg
.

quit




#TEST IMAP by logging in as LIFERAYUSR@EMAILDOMAIN

telnet localhost imap
x LOGIN LIFERAYUSR@EMAILDOMAIN LIFERAYPWD
x STATUS "INBOX" (MESSAGES)
x SELECT "INBOX"
x FETCH 1 BODY[HEADER]
x LOGOUT

# Test using usedId without a Domain name
telnet localhost imap
x LOGIN LIFERAYUSR LIFERAYPWD
x STATUS "INBOX" (MESSAGES)
x SELECT "INBOX"
x FETCH 1 BODY[HEADER]
x LOGOUT

1.4. Microsoft Exchange

Coming soon...