blog:set_up_davmail_gateway
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
blog:set_up_davmail_gateway [2018-10-11 15:02] – brb | blog:set_up_davmail_gateway [2018-10-11 16:40] (current) – brb | ||
---|---|---|---|
Line 16: | Line 16: | ||
Then, install DavMail with dpkg: | Then, install DavMail with dpkg: | ||
- | '' | + | |
===== Basic Configuration ===== | ===== Basic Configuration ===== | ||
DavMail' | DavMail' | ||
+ | sudoedit / | ||
- | '' | ||
Set DavMail to server mode so it doesn' | Set DavMail to server mode so it doesn' | ||
- | + | | |
- | '' | + | |
Enable remote mode and set the bind address to your servers IP address or set it blank: | Enable remote mode and set the bind address to your servers IP address or set it blank: | ||
- | + | | |
- | '' | + | davmail.bindAddress= |
- | '' | + | |
Set '' | Set '' | ||
+ | davmail.url=https:// | ||
- | <code class=" | ||
Set your connection mode: | Set your connection mode: | ||
- | + | | |
- | <code class=" | + | |
Set your port options: | Set your port options: | ||
- | + | | |
- | <code class=" | + | davmail.smtpPort=465 |
- | davmail.smtpPort=465 | + | davmail.ldapPort=636 |
- | davmail.ldapPort=636 | + | davmail.popPort=995 |
- | davmail.popPort=995 | + | davmail.caldavPort=8443 |
- | davmail.caldavPort=8443</ | + | |
Save and close the configuration file. | Save and close the configuration file. | ||
===== Create A SSL Certificate ===== | ===== Create A SSL Certificate ===== | ||
- | In order to enable SSL encryption, you will need a SSL certificate and SSL private key in the PEM format. If you have purchased a certificate from a Certificate Authority, then you should already have your certificate and key. If so, continue | + | Use the Letsencrypt Certbot |
- | Generate a RSA key with OpenSSL: | ||
- | |||
- | <code class=" | ||
- | Make sure the key is owned by root and permissions are set properly: | ||
- | |||
- | <code class=" | ||
- | sudo chmod 600 / | ||
- | Now, create a certificate signing request: | ||
- | |||
- | <code class=" | ||
- | OpenSSL will now ask you several questions. The only important field is **Common Name**, which should be set to the domain name or IP address of your droplet which will be accessed by your E-mail clients (e.g. davmail.mydomain.com or 123.123.123.123). The other fields can be left at their defaults by just pressing enter or can be filled in with anything: | ||
- | |||
- | <code class=" | ||
- | What you are about to enter is what is called a Distinguished Name or a DN. | ||
- | There are quite a few fields but you can leave some blank | ||
- | For some fields there will be a default value, | ||
- | If you enter ' | ||
- | ----- | ||
- | Country Name (2 letter code) [XX]:US | ||
- | State or Province Name (full name) []:New York | ||
- | Locality Name (eg, city) [Default City]:New York City | ||
- | Organization Name (eg, company) [Default Company Ltd]: | ||
- | Organizational Unit Name (eg, section) []:Keyboard Cat Department | ||
- | Common Name (eg, your name or your server' | ||
- | Email Address []: | ||
- | |||
- | Please enter the following ' | ||
- | to be sent with your certificate request | ||
- | A challenge password []: | ||
- | An optional company name []:</ | ||
- | Sign the certificate request using your private key, setting the expiration date with the '' | ||
- | |||
- | <code class=" | ||
- | With the settings above, the certificate will expire in 365 days (a year). | ||
- | |||
- | You now have your own SSL certificate! | ||
===== Configuring SSL ===== | ===== Configuring SSL ===== | ||
- | Now that you have your SSL certificate, | + | cd to '' |
- | Start by combining your certificate and key file with cat: | + | <code bash> |
+ | # | ||
+ | sudo openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -certfile cert.pem -out / | ||
+ | </ | ||
- | <code class=" | ||
- | exit</ | ||
- | Once again, set permissions so only root can access the key file: | ||
- | |||
- | <code class=" | ||
- | sudo chmod 600 / | ||
- | Now convert your combined key and certificate to a pkcs12 file: | ||
- | |||
- | <code class=" | ||
- | You will be prompted to enter an export password. This can not be blank! | ||
- | |||
- | You must set a password or DavMail will not work properly. | ||
- | |||
- | Set permissions: | ||
- | |||
- | <code class=" | ||
- | sudo chmod 600 / | ||
- | Now open your DavMail configuration again: | ||
- | |||
- | <code class=" | ||
Add the following configuration options to inform DavMail of the location of the pkcs12 file you just generated and the passphrase you set: | Add the following configuration options to inform DavMail of the location of the pkcs12 file you just generated and the passphrase you set: | ||
<code class=" | <code class=" | ||
davmail.ssl.keystoreFile=/ | davmail.ssl.keystoreFile=/ | ||
- | davmail.ssl.keyPass=password | + | davmail.ssl.keyPass=PASSWORD |
- | davmail.ssl.keystorePass=password</ | + | davmail.ssl.keystorePass=PASSWORD</ |
Both '' | Both '' | ||
Line 126: | Line 72: | ||
The Debian package we downloaded eariler does not contain an init script, so we must create our own. | The Debian package we downloaded eariler does not contain an init script, so we must create our own. | ||
+ | |||
+ | You can also try starting davmail using | ||
+ | sudo davmail / | ||
+ | | ||
+ | To have a proper startup job is better, of course: | ||
Create a new file with your favorite text editor: | Create a new file with your favorite text editor: | ||
<code class=" | <code class=" | ||
- | Copy and paste the following into the file: | + | Copy and paste the following into the file: [[: |
- | <code class=" | ||
- | ### BEGIN INIT INFO | ||
- | # Provides: | ||
- | # Required-Start: | ||
- | # Required-Stop: | ||
- | # Default-Start: | ||
- | # Default-Stop: | ||
- | # Short-Description: | ||
- | # Description: | ||
- | ### END INIT INFO | ||
- | # Author: Jesse TeKrony <jesse ~at~ jtekrony ~dot~ com> | ||
- | |||
- | PATH=/ | ||
- | DESC=" | ||
- | NAME=davmail | ||
- | CONFIG=/ | ||
- | DAEMON=/ | ||
- | DAEMON_ARGS=" | ||
- | PIDFILE=/ | ||
- | SCRIPTNAME=/ | ||
- | LOGFILE=/ | ||
- | |||
- | # Exit if the package is not installed | ||
- | [ -x " | ||
- | |||
- | # Read configuration variable file if it is present | ||
- | [ -r / | ||
- | |||
- | # Load the VERBOSE setting and other rcS variables | ||
- | . / | ||
- | |||
- | # Define LSB log_* functions | ||
- | . / | ||
- | |||
- | # | ||
- | # Function that starts the daemon/ | ||
- | # | ||
- | do_start() | ||
- | { | ||
- | start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ | ||
- | || return 1 | ||
- | start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ | ||
- | $DAEMON_ARGS >> $LOGFILE 2>&1 & | ||
- | [ $? != 0 ] && return 2 | ||
- | echo $! > $PIDFILE | ||
- | exit 0 | ||
- | } | ||
- | |||
- | # | ||
- | # Function that stops the daemon/ | ||
- | # | ||
- | do_stop() | ||
- | { | ||
- | start-stop-daemon --stop --quiet --retry=TERM/ | ||
- | RETVAL=" | ||
- | [ " | ||
- | start-stop-daemon --stop --quiet --oknodo --retry=0/ | ||
- | [ " | ||
- | rm -f $PIDFILE | ||
- | return " | ||
- | } | ||
- | |||
- | case " | ||
- | start) | ||
- | [ " | ||
- | do_start | ||
- | case " | ||
- | 0|1) [ " | ||
- | 2) [ " | ||
- | esac | ||
- | ;; | ||
- | stop) | ||
- | [ " | ||
- | do_stop | ||
- | case " | ||
- | 0|1) [ " | ||
- | 2) [ " | ||
- | esac | ||
- | ;; | ||
- | status) | ||
- | | ||
- | ;; | ||
- | restart|force-reload) | ||
- | log_daemon_msg " | ||
- | do_stop | ||
- | case " | ||
- | 0|1) | ||
- | do_start | ||
- | case " | ||
- | 0) log_end_msg 0 ;; | ||
- | 1) log_end_msg 1 ;; # Old process is still running | ||
- | *) log_end_msg 1 ;; # Failed to start | ||
- | esac | ||
- | ;; | ||
- | *) | ||
- | # Failed to stop | ||
- | log_end_msg 1 | ||
- | ;; | ||
- | esac | ||
- | ;; | ||
- | *) | ||
- | echo " | ||
- | exit 3 | ||
- | ;; | ||
- | esac</ | ||
Save and close the file. | Save and close the file. | ||
Line 245: | Line 91: | ||
sudo service davmail start | sudo service davmail start | ||
sudo update-rc.d davmail defaults</ | sudo update-rc.d davmail defaults</ | ||
+ | |||
===== Client Configuration ===== | ===== Client Configuration ===== | ||
- | Now that the server is running, you are ready to configure your E-mail clients. Create a new account, using the " | + | Now that the server is running, you are ready to configure your E-mail clients. |
- | You will get warnings from your E-mail | + | ==== Mail setup ==== |
+ | |||
+ | Create a new account, using the " | ||
Specific instructions for Thunderbird, | Specific instructions for Thunderbird, | ||
Line 255: | Line 104: | ||
You should now be able to send/ | You should now be able to send/ | ||
+ | ==== Calendar setup in Thunderbird ==== | ||
+ | In the thundebird calendar create a new networked calendar | ||
+ | Name: your-company | ||
+ | Location: https:// | ||
+ | | ||
+ | ==== LDAP Directory setup in Thunderbird ==== | ||
- | < | + | The following worked for me to connect to an exchange server through davmail. |
- | < | + | |
- | By: | + | |
- | + | ||
- | Jesse TeKrony | + | |
- | + | ||
- | < | + | |
- | + | ||
- | + | ||
- | + | ||
- | Upvote2 | + | |
- | + | ||
- | | + | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | [[#| Share]] | + | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | ===== Spin up an SSD cloud server | + | In the address book set up a new server |
+ | Name: your-company | ||
+ | Hostname: your-server | ||
+ | Base DN: ou=people | ||
+ | Port number: 636 | ||
+ | Bind DN: your-name@your-company | ||
- | Simple setup. Full root access. Straightforward pricing. | ||
- | [[https:// | ||
- | ===== Related Tutorials ===== | ||
- | * [[community/ | ||
- | * [[community/ | ||
- | * [[community/ | ||
- | * [[community/ | ||
- | * [[community/ | ||
- | Ref: [[https:// | + | Ref: Original by Jesse TeKrony |
blog/set_up_davmail_gateway.1539262955.txt.gz · Last modified: 2018-10-11 15:02 by brb