Hello Everyone,
I was using OpenGroupware but just hosed my system. Since I'm starting from scratch I would like to know what everyone's using for web based mail. I currently implemented cyrus-imapd and postfix which I used before. I was going to give dovecot a try but it wouldn't start even though it was supposed to be easier.
I would like to move my postfix to a chroot but have never done a chroot so I would appreciate any examples. Also how to get spamassassin working or any alternatives.
I have the mail server up and can access email with a client so I guess it's up.
Thanks,
James
BTW - I'm running the latest CentOS distro
On Sat, 2006-08-19 at 12:19, James Marcinek wrote:
I was using OpenGroupware but just hosed my system. Since I'm starting from scratch I would like to know what everyone's using for web based mail. I currently implemented cyrus-imapd and postfix which I used before. I was going to give dovecot a try but it wouldn't start even though it was supposed to be easier.
I would like to move my postfix to a chroot but have never done a chroot so I would appreciate any examples. Also how to get spamassassin working or any alternatives.
I have the mail server up and can access email with a client so I guess it's up.
If you want an appliance-like system, look at SME Server at http://www.contribs.org. It is based on Centos but all administration is done through a simple web interface and it includes a highly customized mail service that includes web access.
You may also be interested in:
There are setup scripts and guides for CentOS. I've been running "toasters" for years now, very good package.
cya, TR
On Saturday 19 August 2006 1:19 pm, James Marcinek wrote:
Hello Everyone,
I was using OpenGroupware but just hosed my system. Since I'm starting from scratch I would like to know what everyone's using for web based mail. I currently implemented cyrus-imapd and postfix which I used before. I was going to give dovecot a try but it wouldn't start even though it was supposed to be easier.
I would like to move my postfix to a chroot but have never done a chroot so I would appreciate any examples. Also how to get spamassassin working or any alternatives.
I have the mail server up and can access email with a client so I guess it's up.
Thanks,
James
BTW - I'm running the latest CentOS distro
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
James Marcinek wrote:
I have the mail server up and can access email with a client so I guess it's up.
you have 2 'easy' options here, 1 is to go with squirrel mail - which is included in the distro, just yum install it - its mostly setup to work out of the box, if you imap server is local to the machine
the second option, is to use the Horde+imp application hosted in CentOS-Extras, also available as a simple yum install. ( more info about the app at http://www.horde.org/ )
w.r.t your spamassassin querry, you can setup postfix to use spamassassin as an interim step to mail delivery, ( there are a few examples on the spamassassin website. if you have problems with that - let us know and someone will post a short howto ).
On Sat, 19 Aug 2006 13:19:45 -0400 James Marcinek jmarc1@jemconsult.biz wrote:
Hello Everyone,
I was using OpenGroupware but just hosed my system. Since I'm starting from scratch I would like to know what everyone's using for web based mail.
Take a look at: http://www.zimbra.org Postfix based, includes clamav, spamassassin and a great user interface. Runs on Centos. The have a free version: the open source.
centos@911networks.com wrote:
On Sat, 19 Aug 2006 13:19:45 -0400 James Marcinek jmarc1@jemconsult.biz wrote:
Hello Everyone,
I was using OpenGroupware but just hosed my system. Since I'm starting from scratch I would like to know what everyone's using for web based mail.
Take a look at: http://www.zimbra.org Postfix based, includes clamav, spamassassin and a great user interface. Runs on Centos. The have a free version: the open source.
how many users do you have running on there ? the last time I tried Zimbra on a P-4/3.0ghz machine with 2 Gigs of ram, it choked on anything more than 8 concurrent users.
On Sat, 19 Aug 2006 23:32:01 +0100 Karanbir Singh mail-lists@karan.org wrote:
Take a look at: http://www.zimbra.org Postfix based, includes clamav, spamassassin and a great user interface. Runs on Centos. The have a free version: the open source.
how many users do you have running on there ? the last time I tried Zimbra on a P-4/3.0ghz machine with 2 Gigs of ram, it choked on anything more than 8 concurrent users.
I have 3 systems in production: They all are Zimbra 3.1, 1 running on Centos 4.3 and 2 running on SuSE 10.0 * 1 small: only 6 users: ~ 500 emails/day: p3 - 667Mhz, 512Mb * 1 medium: 52 active users ~ 8,000 emails/day: p3 - 667Mhz, 512Mb RAM * 1 medium larger: 117 very active users ~ 23,000 emails/day: p4 - 1.2 Gb, 512Mb Ram, 500Gb disk space. Quite a few mailing lists and no problem, no complaint from the users as the system being too slow.
Hello Everyone,
I was using OpenGroupware but just hosed my system. Since I'm starting from scratch I would like to know what everyone's using for web based mail.
Hello, James.
I use SquirrelMail. Have a look, I find it very good personnally, and has a lot of features. It seems to be a very mature project to me: http://www.squirrelmail.org
It is compatible with Postfix/exim/qmail. Else, here is what they say:
SquirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no JavaScript required) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. SquirrelMail has all the functionality you would want from an email client, including strong MIME support, address books, and folder manipulation.
And these are the features: http://www.squirrelmail.org/wiki/SquirrelMailFeatures
Hope this helps.. Daniel
dan1 wrote:
Hello Everyone,
I was using OpenGroupware but just hosed my system. Since I'm starting from scratch I would like to know what everyone's using for web based mail.
Hello, James.
I use SquirrelMail. Have a look, I find it very good personnally, and has a lot of features. It seems to be a very mature project to me: http://www.squirrelmail.org
It is compatible with Postfix/exim/qmail. Else, here is what they say:
SquirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no JavaScript required) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. SquirrelMail has all the functionality you would want from an email client, including strong MIME support, address books, and folder manipulation.
And these are the features: http://www.squirrelmail.org/wiki/SquirrelMailFeatures
Hope this helps.. Daniel
I'm not thrilled with the interface.. a little old fashioned these days, but it is functional and if you want ease of operation, it is a standard package within CentOS. Just yum install it and it works. You can get to it via any virtualhost by using the included apache alias which allows
http://www.example.com/webmail
Easy for customers to remember. It does have different skins/themes. Some make it look better than others. And, yes, there are tons of add-ons.
Second to this, I would look at Horde. I think it looks better and has a few other nice features. I think Johnny is maintaining a CentOS install for this in extras. I have considered switching many times.. but Squirrelmail is just so easy...
Best, John Hinton
James Marcinek wrote:
Hello Everyone,
I was using OpenGroupware but just hosed my system. Since I'm starting from scratch I would like to know what everyone's using for web based mail. I currently implemented cyrus-imapd and postfix which I used before. I was going to give dovecot a try but it wouldn't start even though it was supposed to be easier.
I would like to move my postfix to a chroot but have never done a chroot so I would appreciate any examples. Also how to get spamassassin working or any alternatives.
I have the mail server up and can access email with a client so I guess it's up.
I am using Scalix community edition.
On Saturday 19 August 2006 13:19, James Marcinek wrote:
I was using OpenGroupware but just hosed my system. Since I'm starting from scratch I would like to know what everyone's using for web based mail.
Scalix Community Edition here. Works very very well.
Also exist the sun suite of email for free (http://www.sun.com/software/javaenterprisesystem/communications_suite/index....) but the support are too high $$$$$.$$$$.$$$$$.
and
Qmailtoaster work well now (www.qmailtoaster.com) but the sync password with AD are complex..., i search on internet and the best recipe is (teory) :
postfix + fedora directory server (sync AD) + courier imap + mailscanner / panda + antispam...
this i believe work well...
-- Questions :
Simbra is complex to backup ? the only step missing on i migrate zimbra, is the backup online.. somebody have a tool or method ?
if a user use sun communication suite, please post the experience ... i think this suite work great but not install in a real environment, is good or bad solution ?
Lamar Owen wrote:
On Saturday 19 August 2006 13:19, James Marcinek wrote:
I was using OpenGroupware but just hosed my system. Since I'm starting from scratch I would like to know what everyone's using for web based mail.
Scalix Community Edition here. Works very very well.
I was looking at Qmailtoaster and was going through the process of installing but decided against it for some reason. I was doing the install scripts and was looking at some of the ports the guy had open... Does it use Squirrelmail as a front end? If so, that was before OpenGroupware for me and I'm looking for something different.
Thanks,
James
Cesar Lagarrigue wrote:
Also exist the sun suite of email for free (http://www.sun.com/software/javaenterprisesystem/communications_suite/index....) but the support are too high $$$$$.$$$$.$$$$$.
and
Qmailtoaster work well now (www.qmailtoaster.com) but the sync password with AD are complex..., i search on internet and the best recipe is (teory) :
postfix + fedora directory server (sync AD) + courier imap + mailscanner / panda + antispam...
this i believe work well...
-- Questions :
Simbra is complex to backup ? the only step missing on i migrate zimbra, is the backup online.. somebody have a tool or method ?
if a user use sun communication suite, please post the experience ... i think this suite work great but not install in a real environment, is good or bad solution ?
Lamar Owen wrote:
On Saturday 19 August 2006 13:19, James Marcinek wrote:
I was using OpenGroupware but just hosed my system. Since I'm starting from scratch I would like to know what everyone's using for web based mail.
Scalix Community Edition here. Works very very well.
I am actually taking a look at it.
Was it easy to install? I currently have postfix and cyrus-imapd running but could make changes.
I just changed from a linux Samba DC to an Active Directory one to change things up a bit. Does this Zimbra integrate with AD (or vice-a-versa)?
I have a lot of material to cover but these could help me out with a decision. It looks good so far.
Thanks,
James
Lamar Owen wrote:
On Saturday 19 August 2006 13:19, James Marcinek wrote:
I was using OpenGroupware but just hosed my system. Since I'm starting from scratch I would like to know what everyone's using for web based mail.
Scalix Community Edition here. Works very very well.
On Monday 21 August 2006 15:58, James Marcinek wrote:
I am actually taking a look at it.
Was it easy to install? I currently have postfix and cyrus-imapd running but could make changes.
It will replace yrus-imapd with its own IMAP4 server. Installation was avery simple; but, you have to trick the installer into thinking you have a Red Hat Enterprise Linux installation (by editing /etc/redhat-release).
I just changed from a linux Samba DC to an Active Directory one to change things up a bit. Does this Zimbra integrate with AD (or vice-a-versa)?
Scalix can integrate with AD. Don't know about Zimbra.
I have a lot of material to cover but these could help me out with a decision. It looks good so far.
The Scalix community forums are a good place to start learning about Scalix, at www.scalix.com.
could you tell me what you put in the redhat-release file to make sure I don't mess it up?
Thanks,
James
Lamar Owen wrote:
On Monday 21 August 2006 15:58, James Marcinek wrote:
I am actually taking a look at it.
Was it easy to install? I currently have postfix and cyrus-imapd running but could make changes.
It will replace yrus-imapd with its own IMAP4 server. Installation was avery simple; but, you have to trick the installer into thinking you have a Red Hat Enterprise Linux installation (by editing /etc/redhat-release).
I just changed from a linux Samba DC to an Active Directory one to change things up a bit. Does this Zimbra integrate with AD (or vice-a-versa)?
Scalix can integrate with AD. Don't know about Zimbra.
I have a lot of material to cover but these could help me out with a decision. It looks good so far.
The Scalix community forums are a good place to start learning about Scalix, at www.scalix.com.
On Monday 21 August 2006 16:17, James Marcinek wrote:
could you tell me what you put in the redhat-release file to make sure I don't mess it up?
Sorry for the delay: $cat /etc/redhat-release Red Hat Enterprise Linux ES release 4 (Nahant) $
On Mon, 21 Aug 2006 15:58:15 -0400 James Marcinek jmarc1@jemconsult.biz wrote:
Was it easy to install? I currently have postfix and cyrus-imapd running but could make changes.
Extremely easy if you have the right RPM andright OS, just RH [CentOS] or SUSE. Disable your existing postfix..., they provide everything.
I just changed from a linux Samba DC to an Active Directory one to change things up a bit. Does this Zimbra integrate with AD (or vice-a-versa)?
No experience, my customers do not have ADs, but Zimbra claims easy integration. Take a look @ http://www.zimbra.com/forums/showthread.php?t=1614 and http://www.google.ca/search?q=zimbra+active+directories
Anyone have a tool or something for backup zimbra or scalix online ?
If anyone have a solution for this, i choose this solutions... but if not have backup method this told the app in the community editions....
http://www.zimbra.com/products/product_editions.html
Online backup/restore
Ability to backup/restore a single mailbox or set of mailboxes such that any mailbox not actively being processed remains online and accessible
centos@911networks.com wrote:
On Mon, 21 Aug 2006 15:58:15 -0400 James Marcinek jmarc1@jemconsult.biz wrote:
Was it easy to install? I currently have postfix and cyrus-imapd running but could make changes.
Extremely easy if you have the right RPM andright OS, just RH [CentOS] or SUSE. Disable your existing postfix..., they provide everything.
I just changed from a linux Samba DC to an Active Directory one to change things up a bit. Does this Zimbra integrate with AD (or vice-a-versa)?
No experience, my customers do not have ADs, but Zimbra claims easy integration. Take a look @ http://www.zimbra.com/forums/showthread.php?t=1614 and http://www.google.ca/search?q=zimbra+active+directories
Easy for you to say! I was up late last night trying to figure out why no mail was coming in? I think it has to do with the kerberos integration with AD (which is what provides the single sign on).
I followed the directions and even saw users but for the life of me I could not logon to webmail?
Using the sxadmin I noticed that no mail was active at all in the queue? Do you have any idea to what could be the cause?
All of the mail coming in was being flat out rejected. Was there some additional steps that had to be done on 'sendmail' I had not configured the sendmail.mc which I would have typically done to get a mail server running with sendmail.
I hate sendmail (though I have a big hefty sendmail book) and moved to postfix for the ease of admin...
Perhaps I do not understand what is going on with the imap service and mta. I noticed that there is a modififed sendmail.cf that contains information of scalix. This makes me think that scalix 'should' (key word) be setting up what it needs to. By default sendmail will only accept mail from localhost. Does scalix take care of this or is it one more thing that I have to do? The docs and knowledge base do not really talk about it, which makes me believe that this thing should be working out of the box.
I would like to give another shot (this time try it without the AD intergration) to see how it works.
Thanks,
James
centos@911networks.com wrote:
On Mon, 21 Aug 2006 15:58:15 -0400 James Marcinek jmarc1@jemconsult.biz wrote:
Was it easy to install? I currently have postfix and cyrus-imapd running but could make changes.
Extremely easy if you have the right RPM andright OS, just RH [CentOS] or SUSE. Disable your existing postfix..., they provide everything.
I just changed from a linux Samba DC to an Active Directory one to change things up a bit. Does this Zimbra integrate with AD (or vice-a-versa)?
No experience, my customers do not have ADs, but Zimbra claims easy integration. Take a look @ http://www.zimbra.com/forums/showthread.php?t=1614 and http://www.google.ca/search?q=zimbra+active+directories
James Marcinek wrote:
Easy for you to say! I was up late last night trying to figure out why no mail was coming in? I think it has to do with the kerberos integration with AD (which is what provides the single sign on).
I followed the directions and even saw users but for the life of me I could not logon to webmail?
Using the sxadmin I noticed that no mail was active at all in the queue? Do you have any idea to what could be the cause?
All of the mail coming in was being flat out rejected. Was there some additional steps that had to be done on 'sendmail' I had not configured the sendmail.mc which I would have typically done to get a mail server running with sendmail.
First have you read the TP Authentication and Anti-spam Protection section of the admin guide (pg 211) and looked at ~scalix/sys/smtpd.cfg?
Start there.
hate sendmail (though I have a big hefty sendmail book) and moved to postfix for the ease of admin...
Perhaps I do not understand what is going on with the imap service and mta. I noticed that there is a modififed sendmail.cf that contains information of scalix. This makes me think that scalix 'should' (key word) be setting up what it needs to. By default sendmail will only accept mail from localhost. Does scalix take care of this or is it one more thing that I have to do? The docs and knowledge base do not really talk about it, which makes me believe that this thing should be working out of the box.
I would like to give another shot (this time try it without the AD intergration) to see how it works.
Thanks,
James
centos@911networks.com wrote:
On Mon, 21 Aug 2006 15:58:15 -0400 James Marcinek jmarc1@jemconsult.biz wrote:
Was it easy to install? I currently have postfix and cyrus-imapd running but could make changes.
Extremely easy if you have the right RPM andright OS, just RH [CentOS] or SUSE. Disable your existing postfix..., they provide everything.
I just changed from a linux Samba DC to an Active Directory one to change things up a bit. Does this Zimbra integrate with AD (or vice-a-versa)?
No experience, my customers do not have ADs, but Zimbra claims easy integration. Take a look @ http://www.zimbra.com/forums/showthread.php?t=1614 and http://www.google.ca/search?q=zimbra+active+directories
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Robert,
I had downloaded the 11.0 (draft), which was much smaller. I do recall hitting viewing the file.
Since I didn't have the docs I had didn't have the authentication section I followed instructions on a posting from the knowledge base. I think the real problem is with the kerberos part.
BTW - Thanks for the help
Robert Moskowitz wrote:
James Marcinek wrote:
Easy for you to say! I was up late last night trying to figure out why no mail was coming in? I think it has to do with the kerberos integration with AD (which is what provides the single sign on).
I followed the directions and even saw users but for the life of me I could not logon to webmail?
Using the sxadmin I noticed that no mail was active at all in the queue? Do you have any idea to what could be the cause?
All of the mail coming in was being flat out rejected. Was there some additional steps that had to be done on 'sendmail' I had not configured the sendmail.mc which I would have typically done to get a mail server running with sendmail.
First have you read the TP Authentication and Anti-spam Protection section of the admin guide (pg 211) and looked at ~scalix/sys/smtpd.cfg?
Start there.
hate sendmail (though I have a big hefty sendmail book) and moved to postfix for the ease of admin...
Perhaps I do not understand what is going on with the imap service and mta. I noticed that there is a modififed sendmail.cf that contains information of scalix. This makes me think that scalix 'should' (key word) be setting up what it needs to. By default sendmail will only accept mail from localhost. Does scalix take care of this or is it one more thing that I have to do? The docs and knowledge base do not really talk about it, which makes me believe that this thing should be working out of the box.
I would like to give another shot (this time try it without the AD intergration) to see how it works.
Thanks,
James
centos@911networks.com wrote:
On Mon, 21 Aug 2006 15:58:15 -0400 James Marcinek jmarc1@jemconsult.biz wrote:
Was it easy to install? I currently have postfix and cyrus-imapd running but could make changes.
Extremely easy if you have the right RPM andright OS, just RH [CentOS] or SUSE. Disable your existing postfix..., they provide everything.
I just changed from a linux Samba DC to an Active Directory one to change things up a bit. Does this Zimbra integrate with AD (or vice-a-versa)?
No experience, my customers do not have ADs, but Zimbra claims easy integration. Take a look @ http://www.zimbra.com/forums/showthread.php?t=1614 and http://www.google.ca/search?q=zimbra+active+directories
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
James,
When you say mail is not coming in do you mean that scalix is not accepting mail for your users? Did you provision your users in the Scalix SAC? What sort of error message is Scalix giving you when it rejects email?
Also, sendmail is most likely not the issue as sendmail is only used to process outbound mail. Scalix has its own smtpd that handles processing inbound mail and relaying. Let me know if I can help.
Ed Bailey
-----Original Message----- From: James Marcinek [mailto:jmarc1@jemconsult.biz] Sent: Tuesday, August 22, 2006 7:31 AM To: centos@centos.org Subject: Re: [CentOS] web based mail packages for CentOS
Easy for you to say! I was up late last night trying to figure out why no mail was coming in? I think it has to do with the kerberos integration with AD (which is what provides the single sign on).
I followed the directions and even saw users but for the life of me I could not logon to webmail?
Using the sxadmin I noticed that no mail was active at all in the queue? Do you have any idea to what could be the cause?
All of the mail coming in was being flat out rejected. Was there some additional steps that had to be done on 'sendmail' I had not configured the sendmail.mc which I would have typically done to get a mail server running with sendmail.
I hate sendmail (though I have a big hefty sendmail book) and moved to postfix for the ease of admin...
Perhaps I do not understand what is going on with the imap service and mta. I noticed that there is a modififed sendmail.cf that contains information of scalix. This makes me think that scalix 'should' (key word) be setting up what it needs to. By default sendmail will only accept mail from localhost. Does scalix take care of this or is it one more thing that I have to do? The docs and knowledge base do not really talk about it, which makes me believe that this thing should be working out of the box.
I would like to give another shot (this time try it without the AD intergration) to see how it works.
Thanks,
James
centos@911networks.com wrote:
On Mon, 21 Aug 2006 15:58:15 -0400 James Marcinek jmarc1@jemconsult.biz wrote:
Was it easy to install? I currently have postfix and cyrus-imapd running but could make changes.
Extremely easy if you have the right RPM andright OS, just RH [CentOS] or SUSE. Disable your existing postfix..., they provide everything.
I just changed from a linux Samba DC to an Active Directory one to change things up a bit. Does this Zimbra integrate with AD (or vice-a-versa)?
No experience, my customers do not have ADs, but Zimbra claims easy integration. Take a look @ http://www.zimbra.com/forums/showthread.php?t=1614 and http://www.google.ca/search?q=zimbra+active+directories
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Ed,
I saw no activity though the sac queue (I kept refreshing) but no luck. I had created 2 users in SAC to hopefully catch all of the mail that I was no longer recieving while I was trying to get the kerberos going... I believe what could have been the cause is: 1 the post I read on setting this up wasn't correct or some part of the process was not the same 2) I configured scalix to authenticate against the kerberos. So when I tried to logon I kept getting rejected as password or userid not found 3) not understanding what I am getting -> do I have to create an account and 'tie' it to the kerberos?
The sendmail was rejecting to my userid even though the user existed on both the sac and AD, which supports my idea that it's not 'authenticating' with the AD server...
As I mentioned sendmail isn't my favorite but I did run for some time before moving to postfix. From what I've read scalix takes care of this. Are there any post install scalix scripts that I have to run?
I see that there is a component called Scalix ForestPrep. Is this included in the open source distro? I would prefer this if possible. A single sign on is ok if that's all I can get but having true integration with the directory server would be preferable as I would like to have a single entry for ease of admin.
Edward R. Bailey wrote:
James,
When you say mail is not coming in do you mean that scalix is not accepting mail for your users? Did you provision your users in the Scalix SAC? What sort of error message is Scalix giving you when it rejects email?
Also, sendmail is most likely not the issue as sendmail is only used to process outbound mail. Scalix has its own smtpd that handles processing inbound mail and relaying. Let me know if I can help.
Ed Bailey
-----Original Message----- From: James Marcinek [mailto:jmarc1@jemconsult.biz] Sent: Tuesday, August 22, 2006 7:31 AM To: centos@centos.org Subject: Re: [CentOS] web based mail packages for CentOS
Easy for you to say! I was up late last night trying to figure out why no mail was coming in? I think it has to do with the kerberos integration with AD (which is what provides the single sign on).
I followed the directions and even saw users but for the life of me I could not logon to webmail?
Using the sxadmin I noticed that no mail was active at all in the queue? Do you have any idea to what could be the cause?
All of the mail coming in was being flat out rejected. Was there some additional steps that had to be done on 'sendmail' I had not configured the sendmail.mc which I would have typically done to get a mail server running with sendmail.
I hate sendmail (though I have a big hefty sendmail book) and moved to postfix for the ease of admin...
Perhaps I do not understand what is going on with the imap service and mta. I noticed that there is a modififed sendmail.cf that contains information of scalix. This makes me think that scalix 'should' (key word) be setting up what it needs to. By default sendmail will only accept mail from localhost. Does scalix take care of this or is it one more thing that I have to do? The docs and knowledge base do not really talk about it, which makes me believe that this thing should be working out of the box.
I would like to give another shot (this time try it without the AD intergration) to see how it works.
Thanks,
James
centos@911networks.com wrote:
On Mon, 21 Aug 2006 15:58:15 -0400 James Marcinek jmarc1@jemconsult.biz wrote:
Was it easy to install? I currently have postfix and cyrus-imapd running but could make changes.
Extremely easy if you have the right RPM andright OS, just RH [CentOS] or SUSE. Disable your existing postfix..., they provide everything.
I just changed from a linux Samba DC to an Active Directory one to change things up a bit. Does this Zimbra integrate with AD (or vice-a-versa)?
No experience, my customers do not have ADs, but Zimbra claims easy integration. Take a look @ http://www.zimbra.com/forums/showthread.php?t=1614 and http://www.google.ca/search?q=zimbra+active+directories
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
James,
Looks like you have more then one problem here so I am going start with your AD/SSO integration issue - BTW - have you tried the Scalix Community forum at http://www.scalix.com/commnity? It offers an excellent source of help and many of the Scalix developers and support personal hang out there.
You do need to run Forest Prep in order to integrate Scalix into AD. For Scalix version 10.0.1 go to page 102 of the admin guide and start from there. I am guessing you setup SSO and Kerberos without integrating AD first so Scalix is not recognizing any of your users.
Once you run though the AD integration steps you can get SSO to work. Below is a short version of the instructions that I used. The admin guide includes more detailed instructions. Let me know how it goes.
Ed
For SSO integration with AD - here are the instructions I used to get it working
SSO AD INSTRUCTIONS
Step 1. Make sure you have created Forward Lookup Zones for your domains and created Host records for all Scalix Servers in the appropriate Forward Lookup Zone. Step 2. Under Forward Lookup Zones, select a Scalix Server Single Sign-on domain and go to Action > New Alias. Step 3. Create a new Alias called scalix-default-mail in the Alias name field, and the fully qualified name of the Scalix Server with which you are using Single Signon in the Fully qualified name for target host field (for example, scalixserver.acme.net). Step 4. Create reverse lookup zone for the Scalix server. Step 5. Go to Active directory User and Computers and create a new OU and call it Scalix services. Step 6. Select the Scalix service OU and Action > New > User. Step 7. Create the user, enter scalix-ual in the first name field. You can also enter the name of the Single Sign-on Scalix Server in the Last Name field. This allows you to identify the keytabs you generate for multiple Scalix Servers. Click next and Enter and confirm a password for the user. Make sure that the password you enter is sufficiently complex and that; User must change password at next logon field is not selected User cannot change password field is not selected Password never expires field is selected Click next and clear the create an Exchange mailbox field, then click next and then click finish. The user has successfully been created for the Scalix UAL service. Step 8. Generate a Kerberos keytab, enter:
ktpass princ scalix-ual/scalixservername.domain@REALM mapuser scalix-ual -pass password out path\filename -kvno 3 For example: ktpass -princ scalix-ual/scalixserver.acme.net@ACME.NET -mapuser scalix-ual -pass password -out scalix-ual.keytab -kvno 3 Step 9. Copy the keytab to the home directory of the Single Sign on Scalix Server.
Step 10. Run the command. ommergekeys /path/filename.keytab Where /path is the location that you copied the keytab too.
Step 11. omkrbconf -r REALM -s servername.domain -d domain
-r specifies the realm that the Kerberos database controls. For example, if your domain name is acme.com, your realm is ACME or ACME.NET.
-s specifies the fully qualified host name of the Kerberos KDC machine. For Single Sign-on, the KDC is the Domain Controller with Active Directory installed. Step 12. In order for Single Signon to work , the authentication ID for a scalix server mailbox must match the domain identity (Active Directory ID) for the user. For example, if jsmith@acme.net is the user logon ID for a user in AD then enter the following on the Scalix server:
ommodu o jsmith -authid jsmith@ACME.NET
Note: The realm MUST be in uppercase. To view the user; omshowu Joe Smith/mailnode
Step 13. Test out the connection. Run the command ; kinit your AD user ID for example kinit jsmith @ACME.NET You should be prompted for your AD password, enter it and it should just come back to you. Step 14. Modify the /var/opt/scalix/sys/pam.d/ual.remote file. The only lines that are needed are these four; auth required om_krb5 user_unknown=ignore auth optional om_auth use_first_pass account required om_auth password required om_auth
Now save that file and now edit the pop3 file and make sure it has the same entries as the ual.remote. Now save that po3 file and edit the omslapdeng file and make sure it has the same 4 entries. Now save the omslapdeng file and edit the smtpd.auth file and make sure it has the same 4 entries. Now save that file and we are done.
TESTING. You can now log onto scalix using your AD logon credentials. Log into SWA via your AD id and AD password to test. To Test Outlook, create a new profile and enter in the scalix-default-mail as the server and that should automatically finish.
-----Original Message----- From: James Marcinek [mailto:jmarc1@jemconsult.biz] Sent: Tuesday, August 22, 2006 10:19 AM To: CentOS mailing list Subject: Re: [CentOS] web based mail packages for CentOS
Ed,
I saw no activity though the sac queue (I kept refreshing) but no luck. I had created 2 users in SAC to hopefully catch all of the mail that I was no longer recieving while I was trying to get the kerberos going... I believe what could have been the cause is: 1 the post I read on setting this up wasn't correct or some part of the process was not the same 2) I configured scalix to authenticate against the kerberos. So when I tried to logon I kept getting rejected as password or userid not found 3) not understanding what I am getting -> do I have to create an account and 'tie' it to the kerberos?
The sendmail was rejecting to my userid even though the user existed on both the sac and AD, which supports my idea that it's not 'authenticating' with the AD server...
As I mentioned sendmail isn't my favorite but I did run for some time before moving to postfix. From what I've read scalix takes care of this. Are there any post install scalix scripts that I have to run?
I see that there is a component called Scalix ForestPrep. Is this included in the open source distro? I would prefer this if possible. A single sign on is ok if that's all I can get but having true integration with the directory server would be preferable as I would like to have a single entry for ease of admin.
Edward R. Bailey wrote:
James,
When you say mail is not coming in do you mean that scalix is not accepting mail for your users? Did you provision your users in the Scalix SAC? What sort of error message is Scalix giving you when it rejects email?
Also, sendmail is most likely not the issue as sendmail is only used to process outbound mail. Scalix has its own smtpd that handles processing inbound mail and relaying. Let me know if I can help.
Ed Bailey
-----Original Message----- From: James Marcinek [mailto:jmarc1@jemconsult.biz] Sent: Tuesday, August 22, 2006 7:31 AM To: centos@centos.org Subject: Re: [CentOS] web based mail packages for CentOS
Easy for you to say! I was up late last night trying to figure out why no mail was coming in? I think it has to do with the kerberos integration with AD (which is what provides the single sign on).
I followed the directions and even saw users but for the life of me I could not logon to webmail?
Using the sxadmin I noticed that no mail was active at all in the queue? Do you have any idea to what could be the cause?
All of the mail coming in was being flat out rejected. Was there some additional steps that had to be done on 'sendmail' I had not configured the sendmail.mc which I would have typically done to get a mail server running with sendmail.
I hate sendmail (though I have a big hefty sendmail book) and moved to postfix for the ease of admin...
Perhaps I do not understand what is going on with the imap service and mta. I noticed that there is a modififed sendmail.cf that contains information of scalix. This makes me think that scalix 'should' (key word) be setting up what it needs to. By default sendmail will only accept mail from localhost. Does scalix take care of this or is it one more thing that I have to do? The docs and knowledge base do not really talk about it, which makes me believe that this thing should be working out of the box.
I would like to give another shot (this time try it without the AD intergration) to see how it works.
Thanks,
James
centos@911networks.com wrote:
On Mon, 21 Aug 2006 15:58:15 -0400 James Marcinek jmarc1@jemconsult.biz wrote:
Was it easy to install? I currently have postfix and cyrus-imapd running but could make changes.
Extremely easy if you have the right RPM andright OS, just RH [CentOS] or SUSE. Disable your existing postfix..., they provide everything.
I just changed from a linux Samba DC to an Active Directory one to change things up a bit. Does this Zimbra integrate with AD (or vice-a-versa)?
No experience, my customers do not have ADs, but Zimbra claims easy integration. Take a look @ http://www.zimbra.com/forums/showthread.php?t=1614 and http://www.google.ca/search?q=zimbra+active+directories
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Ed,
I tried creating an account last evening but never recieved a confirmation email. I do not see the Forest prep tool that they mention. Where is it located? I downloaded my open source distro and looked in the software folder and did not find it.
Thanks,
James ----- Original Message ----- From: Edward R. Bailey ed@commercescience.com To: centos centos@centos.org Sent: Tuesday, August 22, 2006 10:45:11 AM GMT-0500 Subject: RE: [CentOS] web based mail packages for CentOS
James,
Looks like you have more then one problem here so I am going start with your AD/SSO integration issue - BTW - have you tried the Scalix Community forum at http://www.scalix.com/commnity? It offers an excellent source of help and many of the Scalix developers and support personal hang out there.
You do need to run Forest Prep in order to integrate Scalix into AD. For Scalix version 10.0.1 go to page 102 of the admin guide and start from there. I am guessing you setup SSO and Kerberos without integrating AD first so Scalix is not recognizing any of your users.
Once you run though the AD integration steps you can get SSO to work. Below is a short version of the instructions that I used. The admin guide includes more detailed instructions. Let me know how it goes.
Ed
For SSO integration with AD - here are the instructions I used to get it working
SSO AD INSTRUCTIONS
Step 1. Make sure you have created Forward Lookup Zones for your domains and created Host records for all Scalix Servers in the appropriate Forward Lookup Zone. Step 2. Under Forward Lookup Zones, select a Scalix Server Single Sign-on domain and go to Action > New Alias. Step 3. Create a new Alias called scalix-default-mail in the Alias name field, and the fully qualified name of the Scalix Server with which you are using Single Signon in the Fully qualified name for target host field (for example, scalixserver.acme.net). Step 4. Create reverse lookup zone for the Scalix server. Step 5. Go to Active directory User and Computers and create a new OU and call it Scalix services. Step 6. Select the Scalix service OU and Action > New > User. Step 7. Create the user, enter scalix-ual in the first name field. You can also enter the name of the Single Sign-on Scalix Server in the Last Name field. This allows you to identify the keytabs you generate for multiple Scalix Servers. Click next and Enter and confirm a password for the user. Make sure that the password you enter is sufficiently complex and that; User must change password at next logon field is not selected User cannot change password field is not selected Password never expires field is selected Click next and clear the create an Exchange mailbox field, then click next and then click finish. The user has successfully been created for the Scalix UAL service. Step 8. Generate a Kerberos keytab, enter:
ktpass princ scalix-ual/scalixservername.domain@REALM mapuser scalix-ual -pass password out path\filename -kvno 3 For example: ktpass -princ scalix-ual/scalixserver.acme.net@ACME.NET -mapuser scalix-ual -pass password -out scalix-ual.keytab -kvno 3 Step 9. Copy the keytab to the home directory of the Single Sign on Scalix Server.
Step 10. Run the command. ommergekeys /path/filename.keytab Where /path is the location that you copied the keytab too.
Step 11. omkrbconf -r REALM -s servername.domain -d domain
-r specifies the realm that the Kerberos database controls. For example, if your domain name is acme.com, your realm is ACME or ACME.NET.
-s specifies the fully qualified host name of the Kerberos KDC machine. For Single Sign-on, the KDC is the Domain Controller with Active Directory installed. Step 12. In order for Single Signon to work , the authentication ID for a scalix server mailbox must match the domain identity (Active Directory ID) for the user. For example, if jsmith@acme.net is the user logon ID for a user in AD then enter the following on the Scalix server:
ommodu o jsmith -authid jsmith@ACME.NET
Note: The realm MUST be in uppercase. To view the user; omshowu Joe Smith/mailnode
Step 13. Test out the connection. Run the command ; kinit your AD user ID for example kinit jsmith @ACME.NET You should be prompted for your AD password, enter it and it should just come back to you. Step 14. Modify the /var/opt/scalix/sys/pam.d/ual.remote file. The only lines that are needed are these four; auth required om_krb5 user_unknown=ignore auth optional om_auth use_first_pass account required om_auth password required om_auth
Now save that file and now edit the pop3 file and make sure it has the same entries as the ual.remote. Now save that po3 file and edit the omslapdeng file and make sure it has the same 4 entries. Now save the omslapdeng file and edit the smtpd.auth file and make sure it has the same 4 entries. Now save that file and we are done.
TESTING. You can now log onto scalix using your AD logon credentials. Log into SWA via your AD id and AD password to test. To Test Outlook, create a new profile and enter in the scalix-default-mail as the server and that should automatically finish.
-----Original Message----- From: James Marcinek [mailto:jmarc1@jemconsult.biz] Sent: Tuesday, August 22, 2006 10:19 AM To: CentOS mailing list Subject: Re: [CentOS] web based mail packages for CentOS
Ed,
I saw no activity though the sac queue (I kept refreshing) but no luck. I had created 2 users in SAC to hopefully catch all of the mail that I was no longer recieving while I was trying to get the kerberos going... I believe what could have been the cause is: 1 the post I read on setting this up wasn't correct or some part of the process was not the same 2) I configured scalix to authenticate against the kerberos. So when I tried to logon I kept getting rejected as password or userid not found 3) not understanding what I am getting -> do I have to create an account and 'tie' it to the kerberos?
The sendmail was rejecting to my userid even though the user existed on both the sac and AD, which supports my idea that it's not 'authenticating' with the AD server...
As I mentioned sendmail isn't my favorite but I did run for some time before moving to postfix. From what I've read scalix takes care of this. Are there any post install scalix scripts that I have to run?
I see that there is a component called Scalix ForestPrep. Is this included in the open source distro? I would prefer this if possible. A single sign on is ok if that's all I can get but having true integration with the directory server would be preferable as I would like to have a single entry for ease of admin.
Edward R. Bailey wrote:
James,
When you say mail is not coming in do you mean that scalix is not accepting mail for your users? Did you provision your users in the Scalix SAC? What sort of error message is Scalix giving you when it rejects email?
Also, sendmail is most likely not the issue as sendmail is only used to process outbound mail. Scalix has its own smtpd that handles processing inbound mail and relaying. Let me know if I can help.
Ed Bailey
-----Original Message----- From: James Marcinek [mailto:jmarc1@jemconsult.biz] Sent: Tuesday, August 22, 2006 7:31 AM To: centos@centos.org Subject: Re: [CentOS] web based mail packages for CentOS
Easy for you to say! I was up late last night trying to figure out why no mail was coming in? I think it has to do with the kerberos integration with AD (which is what provides the single sign on).
I followed the directions and even saw users but for the life of me I could not logon to webmail?
Using the sxadmin I noticed that no mail was active at all in the queue? Do you have any idea to what could be the cause?
All of the mail coming in was being flat out rejected. Was there some additional steps that had to be done on 'sendmail' I had not configured the sendmail.mc which I would have typically done to get a mail server running with sendmail.
I hate sendmail (though I have a big hefty sendmail book) and moved to postfix for the ease of admin...
Perhaps I do not understand what is going on with the imap service and mta. I noticed that there is a modififed sendmail.cf that contains information of scalix. This makes me think that scalix 'should' (key word) be setting up what it needs to. By default sendmail will only accept mail from localhost. Does scalix take care of this or is it one more thing that I have to do? The docs and knowledge base do not really talk about it, which makes me believe that this thing should be working out of the box.
I would like to give another shot (this time try it without the AD intergration) to see how it works.
Thanks,
James
centos@911networks.com wrote:
On Mon, 21 Aug 2006 15:58:15 -0400 James Marcinek jmarc1@jemconsult.biz wrote:
Was it easy to install? I currently have postfix and cyrus-imapd running but could make changes.
Extremely easy if you have the right RPM andright OS, just RH [CentOS] or SUSE. Disable your existing postfix..., they provide everything.
I just changed from a linux Samba DC to an Active Directory one to change things up a bit. Does this Zimbra integrate with AD (or vice-a-versa)?
No experience, my customers do not have ADs, but Zimbra claims easy integration. Take a look @ http://www.zimbra.com/forums/showthread.php?t=1614 and http://www.google.ca/search?q=zimbra+active+directories
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
James,
I have bad news for you - the community edition does not support AD integration using the MMC plugin. What you can do is use AD's LDAP interface which the Scalix community edition can use for password authorization. You will have to create email accounts in the Scalix SAC, but all passwords would come from AD.
Thanks
Ed
-----Original Message----- From: James Marcinek [mailto:jmarc1@jemconsult.biz] Sent: Tuesday, August 22, 2006 12:35 PM To: CentOS mailing list Subject: Re: [CentOS] web based mail packages for CentOS
Ed,
I tried creating an account last evening but never recieved a confirmation email. I do not see the Forest prep tool that they mention. Where is it located? I downloaded my open source distro and looked in the software folder and did not find it.
Thanks,
James ----- Original Message ----- From: Edward R. Bailey ed@commercescience.com To: centos centos@centos.org Sent: Tuesday, August 22, 2006 10:45:11 AM GMT-0500 Subject: RE: [CentOS] web based mail packages for CentOS
James,
Looks like you have more then one problem here so I am going start with your AD/SSO integration issue - BTW - have you tried the Scalix Community forum at http://www.scalix.com/commnity? It offers an excellent source of help and many of the Scalix developers and support personal hang out there.
You do need to run Forest Prep in order to integrate Scalix into AD. For Scalix version 10.0.1 go to page 102 of the admin guide and start from there. I am guessing you setup SSO and Kerberos without integrating AD first so Scalix is not recognizing any of your users.
Once you run though the AD integration steps you can get SSO to work. Below is a short version of the instructions that I used. The admin guide includes more detailed instructions. Let me know how it goes.
Ed
For SSO integration with AD - here are the instructions I used to get it working
SSO AD INSTRUCTIONS
Step 1. Make sure you have created Forward Lookup Zones for your domains and created Host records for all Scalix Servers in the appropriate Forward Lookup Zone. Step 2. Under Forward Lookup Zones, select a Scalix Server Single Sign-on domain and go to Action > New Alias. Step 3. Create a new Alias called _scalix-default-mail_ in the Alias name field, and the fully qualified name of the Scalix Server with which you are using Single Signon in the Fully qualified name for target host field (for example, scalixserver.acme.net). Step 4. Create reverse lookup zone for the Scalix server. Step 5. Go to Active directory User and Computers and create a new OU and call it Scalix services. Step 6. Select the Scalix service OU and Action > New > User. Step 7. Create the user, enter _scalix-ual_ in the first name field. You can also enter the name of the Single Sign-on Scalix Server in the Last Name field. This allows you to identify the keytabs you generate for multiple Scalix Servers. Click next and Enter and confirm a password for the user. Make sure that the password you enter is sufficiently complex and that; User must change password at next logon field is not selected User cannot change password field is not selected Password never expires field is selected Click next and clear the create an Exchange mailbox field, then click next and then click finish. The user has successfully been created for the Scalix UAL service. Step 8. Generate a Kerberos keytab, enter:
ktpass _princ scalix-ual/scalixservername.domain@REALM _mapuser scalix-ual -pass password _out path\filename -kvno 3 For example: ktpass -princ scalix-ual/scalixserver.acme.net@ACME.NET -mapuser scalix-ual -pass password -out scalix-ual.keytab -kvno 3 Step 9. Copy the keytab to the home directory of the Single Sign on Scalix Server.
Step 10. Run the command. ommergekeys /path/filename.keytab Where /path is the location that you copied the keytab too.
Step 11. omkrbconf -r REALM -s servername.domain -d domain
-r specifies the realm that the Kerberos database controls. For example, if your domain name is acme.com, your realm is ACME or ACME.NET.
-s specifies the fully qualified host name of the Kerberos KDC machine. For Single Sign-on, the KDC is the Domain Controller with Active Directory installed. Step 12. In order for Single Signon to work , the authentication ID for a scalix server mailbox must match the domain identity (Active Directory ID) for the user. For example, if jsmith@acme.net is the user logon ID for a user in AD then enter the following on the Scalix server:
ommodu _o jsmith -_authid jsmith@ACME.NET
Note: The realm MUST be in uppercase. To view the user; omshowu _Joe Smith/mailnode_
Step 13. Test out the connection. Run the command ; kinit _your AD user ID_ for example kinit jsmith @ACME.NET You should be prompted for your AD password, enter it and it should just come back to you. Step 14. Modify the /var/opt/scalix/sys/pam.d/ual.remote file. The only lines that are needed are these four; auth required om_krb5 user_unknown=ignore auth optional om_auth use_first_pass account required om_auth password required om_auth
Now save that file and now edit the pop3 file and make sure it has the same entries as the ual.remote. Now save that po3 file and edit the omslapdeng file and make sure it has the same 4 entries. Now save the omslapdeng file and edit the smtpd.auth file and make sure it has the same 4 entries. Now save that file and we are done.
TESTING. You can now log onto scalix using your AD logon credentials. Log into SWA via your AD id and AD password to test. To Test Outlook, create a new profile and enter in the scalix-default-mail as the server and that should automatically finish.
-----Original Message----- From: James Marcinek [mailto:jmarc1@jemconsult.biz] Sent: Tuesday, August 22, 2006 10:19 AM To: CentOS mailing list Subject: Re: [CentOS] web based mail packages for CentOS
Ed,
I saw no activity though the sac queue (I kept refreshing) but no luck. I had created 2 users in SAC to hopefully catch all of the mail that I was no longer recieving while I was trying to get the kerberos going... I believe what could have been the cause is: 1 the post I read on setting this up wasn't correct or some part of the process was not the same 2) I configured scalix to authenticate against the kerberos. So when I tried to logon I kept getting rejected as password or userid not found 3) not understanding what I am getting -> do I have to create an account and 'tie' it to the kerberos?
The sendmail was rejecting to my userid even though the user existed on both the sac and AD, which supports my idea that it's not 'authenticating' with the AD server...
As I mentioned sendmail isn't my favorite but I did run for some time before moving to postfix. From what I've read scalix takes care of this. Are there any post install scalix scripts that I have to run?
I see that there is a component called Scalix ForestPrep. Is this included in the open source distro? I would prefer this if possible. A single sign on is ok if that's all I can get but having true integration with the directory server would be preferable as I would like to have a single entry for ease of admin.
Edward R. Bailey wrote:
James,
When you say mail is not coming in do you mean that scalix is not accepting mail for your users? Did you provision your users in the Scalix SAC? What sort of error message is Scalix giving you when it rejects email?
Also, sendmail is most likely not the issue as sendmail is only used to process outbound mail. Scalix has its own smtpd that handles processing inbound mail and relaying. Let me know if I can help.
Ed Bailey
-----Original Message----- From: James Marcinek [mailto:jmarc1@jemconsult.biz] Sent: Tuesday, August 22, 2006 7:31 AM To: centos@centos.org Subject: Re: [CentOS] web based mail packages for CentOS
Easy for you to say! I was up late last night trying to figure out why no mail was coming in? I think it has to do with the kerberos integration with AD (which is what provides the single sign on).
I followed the directions and even saw users but for the life of me I could not logon to webmail?
Using the sxadmin I noticed that no mail was active at all in the queue? Do you have any idea to what could be the cause?
All of the mail coming in was being flat out rejected. Was there some additional steps that had to be done on 'sendmail' I had not configured the sendmail.mc which I would have typically done to get a mail server running with sendmail.
I hate sendmail (though I have a big hefty sendmail book) and moved to postfix for the ease of admin...
Perhaps I do not understand what is going on with the imap service and mta. I noticed that there is a modififed sendmail.cf that contains information of scalix. This makes me think that scalix 'should' (key word) be setting up what it needs to. By default sendmail will only accept mail from localhost. Does scalix take care of this or is it one more thing that I have to do? The docs and knowledge base do not really talk about it, which makes me believe that this thing should be working out of the box.
I would like to give another shot (this time try it without the AD intergration) to see how it works.
Thanks,
James
centos@911networks.com wrote:
On Mon, 21 Aug 2006 15:58:15 -0400 James Marcinek jmarc1@jemconsult.biz wrote:
Was it easy to install? I currently have postfix and cyrus-imapd running but could make changes.
Extremely easy if you have the right RPM andright OS, just RH [CentOS] or SUSE. Disable your existing postfix..., they provide everything.
I just changed from a linux Samba DC to an Active Directory one to change things up a bit. Does this Zimbra integrate with AD (or vice-a-versa)?
No experience, my customers do not have ADs, but Zimbra claims easy integration. Take a look @ http://www.zimbra.com/forums/showthread.php?t=1614 and http://www.google.ca/search?q=zimbra+active+directories
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Ed,
Thanks for your help. I learned a lot yesterday about both applications but in the end I deployed Zimbra. It's supposedly integrated with AD as my tests indicate successful. Still not sure how to use it as I still have to create user id's.
This wasn't really the main factor, it was a nice thing to have. When I deployed scalix the mail didn't work even after creating accounts?
Zimbra did and installed the whole package (amavisd, spamassasin, postfix, imap, etc).
I know Scalix mentions it as a capability but I wasn't sure if this required more configuration as well as other packages...
It was a tough call and I give kudo's to both. Scalix has a nice installer GUI which shows a level of maturity. It also has the ability to start and stop services which I don't think Zimbra can do from the webGUI.
On the other hand Zimbra has some good webGUI queue management tools as well as letting you see what's going on.
In the end the presentation of the user web interface looked a little better to me.
I believe both have a good command line environment.
That's my 60 second take on the matter. I could have missed some things I went back and forth 3 or 4 times yesterday to finalize my decision.
Oh in both cases uninstall was very easy...
thanks,
James
----- Original Message ----- From: Edward R. Bailey ed@commercescience.com To: centos centos@centos.org Sent: Wednesday, August 23, 2006 11:47:35 AM GMT-0500 Subject: RE: [CentOS] web based mail packages for CentOS
James,
I have bad news for you - the community edition does not support AD integration using the MMC plugin. What you can do is use AD's LDAP interface which the Scalix community edition can use for password authorization. You will have to create email accounts in the Scalix SAC, but all passwords would come from AD.
Thanks
Ed
-----Original Message----- From: James Marcinek [mailto:jmarc1@jemconsult.biz] Sent: Tuesday, August 22, 2006 12:35 PM To: CentOS mailing list Subject: Re: [CentOS] web based mail packages for CentOS
Ed,
I tried creating an account last evening but never recieved a confirmation email. I do not see the Forest prep tool that they mention. Where is it located? I downloaded my open source distro and looked in the software folder and did not find it.
Thanks,
James ----- Original Message ----- From: Edward R. Bailey ed@commercescience.com To: centos centos@centos.org Sent: Tuesday, August 22, 2006 10:45:11 AM GMT-0500 Subject: RE: [CentOS] web based mail packages for CentOS
James,
Looks like you have more then one problem here so I am going start with your AD/SSO integration issue - BTW - have you tried the Scalix Community forum at http://www.scalix.com/commnity? It offers an excellent source of help and many of the Scalix developers and support personal hang out there.
You do need to run Forest Prep in order to integrate Scalix into AD. For Scalix version 10.0.1 go to page 102 of the admin guide and start from there. I am guessing you setup SSO and Kerberos without integrating AD first so Scalix is not recognizing any of your users.
Once you run though the AD integration steps you can get SSO to work. Below is a short version of the instructions that I used. The admin guide includes more detailed instructions. Let me know how it goes.
Ed
For SSO integration with AD - here are the instructions I used to get it working
SSO AD INSTRUCTIONS
Step 1. Make sure you have created Forward Lookup Zones for your domains and created Host records for all Scalix Servers in the appropriate Forward Lookup Zone. Step 2. Under Forward Lookup Zones, select a Scalix Server Single Sign-on domain and go to Action > New Alias. Step 3. Create a new Alias called _scalix-default-mail_ in the Alias name field, and the fully qualified name of the Scalix Server with which you are using Single Signon in the Fully qualified name for target host field (for example, scalixserver.acme.net). Step 4. Create reverse lookup zone for the Scalix server. Step 5. Go to Active directory User and Computers and create a new OU and call it Scalix services. Step 6. Select the Scalix service OU and Action > New > User. Step 7. Create the user, enter _scalix-ual_ in the first name field. You can also enter the name of the Single Sign-on Scalix Server in the Last Name field. This allows you to identify the keytabs you generate for multiple Scalix Servers. Click next and Enter and confirm a password for the user. Make sure that the password you enter is sufficiently complex and that; User must change password at next logon field is not selected User cannot change password field is not selected Password never expires field is selected Click next and clear the create an Exchange mailbox field, then click next and then click finish. The user has successfully been created for the Scalix UAL service. Step 8. Generate a Kerberos keytab, enter:
ktpass _princ scalix-ual/scalixservername.domain@REALM _mapuser scalix-ual -pass password _out path\filename -kvno 3 For example: ktpass -princ scalix-ual/scalixserver.acme.net@ACME.NET -mapuser scalix-ual -pass password -out scalix-ual.keytab -kvno 3 Step 9. Copy the keytab to the home directory of the Single Sign on Scalix Server.
Step 10. Run the command. ommergekeys /path/filename.keytab Where /path is the location that you copied the keytab too.
Step 11. omkrbconf -r REALM -s servername.domain -d domain
-r specifies the realm that the Kerberos database controls. For example, if your domain name is acme.com, your realm is ACME or ACME.NET.
-s specifies the fully qualified host name of the Kerberos KDC machine. For Single Sign-on, the KDC is the Domain Controller with Active Directory installed. Step 12. In order for Single Signon to work , the authentication ID for a scalix server mailbox must match the domain identity (Active Directory ID) for the user. For example, if jsmith@acme.net is the user logon ID for a user in AD then enter the following on the Scalix server:
ommodu _o jsmith -_authid jsmith@ACME.NET
Note: The realm MUST be in uppercase. To view the user; omshowu _Joe Smith/mailnode_
Step 13. Test out the connection. Run the command ; kinit _your AD user ID_ for example kinit jsmith @ACME.NET You should be prompted for your AD password, enter it and it should just come back to you. Step 14. Modify the /var/opt/scalix/sys/pam.d/ual.remote file. The only lines that are needed are these four; auth required om_krb5 user_unknown=ignore auth optional om_auth use_first_pass account required om_auth password required om_auth
Now save that file and now edit the pop3 file and make sure it has the same entries as the ual.remote. Now save that po3 file and edit the omslapdeng file and make sure it has the same 4 entries. Now save the omslapdeng file and edit the smtpd.auth file and make sure it has the same 4 entries. Now save that file and we are done.
TESTING. You can now log onto scalix using your AD logon credentials. Log into SWA via your AD id and AD password to test. To Test Outlook, create a new profile and enter in the scalix-default-mail as the server and that should automatically finish.
-----Original Message----- From: James Marcinek [mailto:jmarc1@jemconsult.biz] Sent: Tuesday, August 22, 2006 10:19 AM To: CentOS mailing list Subject: Re: [CentOS] web based mail packages for CentOS
Ed,
I saw no activity though the sac queue (I kept refreshing) but no luck. I had created 2 users in SAC to hopefully catch all of the mail that I was no longer recieving while I was trying to get the kerberos going... I believe what could have been the cause is: 1 the post I read on setting this up wasn't correct or some part of the process was not the same 2) I configured scalix to authenticate against the kerberos. So when I tried to logon I kept getting rejected as password or userid not found 3) not understanding what I am getting -> do I have to create an account and 'tie' it to the kerberos?
The sendmail was rejecting to my userid even though the user existed on both the sac and AD, which supports my idea that it's not 'authenticating' with the AD server...
As I mentioned sendmail isn't my favorite but I did run for some time before moving to postfix. From what I've read scalix takes care of this. Are there any post install scalix scripts that I have to run?
I see that there is a component called Scalix ForestPrep. Is this included in the open source distro? I would prefer this if possible. A single sign on is ok if that's all I can get but having true integration with the directory server would be preferable as I would like to have a single entry for ease of admin.
Edward R. Bailey wrote:
James,
When you say mail is not coming in do you mean that scalix is not accepting mail for your users? Did you provision your users in the Scalix SAC? What sort of error message is Scalix giving you when it rejects email?
Also, sendmail is most likely not the issue as sendmail is only used to process outbound mail. Scalix has its own smtpd that handles processing inbound mail and relaying. Let me know if I can help.
Ed Bailey
-----Original Message----- From: James Marcinek [mailto:jmarc1@jemconsult.biz] Sent: Tuesday, August 22, 2006 7:31 AM To: centos@centos.org Subject: Re: [CentOS] web based mail packages for CentOS
Easy for you to say! I was up late last night trying to figure out why no mail was coming in? I think it has to do with the kerberos integration with AD (which is what provides the single sign on).
I followed the directions and even saw users but for the life of me I could not logon to webmail?
Using the sxadmin I noticed that no mail was active at all in the queue? Do you have any idea to what could be the cause?
All of the mail coming in was being flat out rejected. Was there some additional steps that had to be done on 'sendmail' I had not configured the sendmail.mc which I would have typically done to get a mail server running with sendmail.
I hate sendmail (though I have a big hefty sendmail book) and moved to postfix for the ease of admin...
Perhaps I do not understand what is going on with the imap service and mta. I noticed that there is a modififed sendmail.cf that contains information of scalix. This makes me think that scalix 'should' (key word) be setting up what it needs to. By default sendmail will only accept mail from localhost. Does scalix take care of this or is it one more thing that I have to do? The docs and knowledge base do not really talk about it, which makes me believe that this thing should be working out of the box.
I would like to give another shot (this time try it without the AD intergration) to see how it works.
Thanks,
James
centos@911networks.com wrote:
On Mon, 21 Aug 2006 15:58:15 -0400 James Marcinek jmarc1@jemconsult.biz wrote:
Was it easy to install? I currently have postfix and cyrus-imapd running but could make changes.
Extremely easy if you have the right RPM andright OS, just RH [CentOS] or SUSE. Disable your existing postfix..., they provide everything.
I just changed from a linux Samba DC to an Active Directory one to change things up a bit. Does this Zimbra integrate with AD (or vice-a-versa)?
No experience, my customers do not have ADs, but Zimbra claims easy integration. Take a look @ http://www.zimbra.com/forums/showthread.php?t=1614 and http://www.google.ca/search?q=zimbra+active+directories
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Good to hear you found something you like. Zimbra is a good choice and has a lot of features so I don't think you will be disappointed. Scalix and Zimbra compare well on some points and not so well on others (ease of installation) so the needs of the end user determine which tool to go with. Zimbra is easier to install and manage then Scalix but in my experience Scalix scales much better and has better Outlook support. I am very impressed with Zimbra's mashup tools/open API and I think it has a lot of integration possibilities. Scalix is releasing a set of APIs in Scalix 11 that should provide the same capability. Have playing with Zimbra, you will have enjoy the experience.
Ed Bailey
-----Original Message----- From: James Marcinek [mailto:jmarc1@jemconsult.biz] Sent: Wednesday, August 23, 2006 12:34 PM To: CentOS mailing list Subject: Re: [CentOS] web based mail packages for CentOS
Ed,
Thanks for your help. I learned a lot yesterday about both applications but in the end I deployed Zimbra. It's supposedly integrated with AD as my tests indicate successful. Still not sure how to use it as I still have to create user id's.
This wasn't really the main factor, it was a nice thing to have. When I deployed scalix the mail didn't work even after creating accounts?
Zimbra did and installed the whole package (amavisd, spamassasin, postfix, imap, etc).
I know Scalix mentions it as a capability but I wasn't sure if this required more configuration as well as other packages...
It was a tough call and I give kudo's to both. Scalix has a nice installer GUI which shows a level of maturity. It also has the ability to start and stop services which I don't think Zimbra can do from the webGUI.
On the other hand Zimbra has some good webGUI queue management tools as well as letting you see what's going on.
In the end the presentation of the user web interface looked a little better to me.
I believe both have a good command line environment.
That's my 60 second take on the matter. I could have missed some things I went back and forth 3 or 4 times yesterday to finalize my decision.
Oh in both cases uninstall was very easy...
thanks,
James
----- Original Message ----- From: Edward R. Bailey ed@commercescience.com To: centos centos@centos.org Sent: Wednesday, August 23, 2006 11:47:35 AM GMT-0500 Subject: RE: [CentOS] web based mail packages for CentOS
James,
I have bad news for you - the community edition does not support AD integration using the MMC plugin. What you can do is use AD's LDAP interface which the Scalix community edition can use for password authorization. You will have to create email accounts in the Scalix SAC, but all passwords would come from AD.
Thanks
Ed
-----Original Message----- From: James Marcinek [mailto:jmarc1@jemconsult.biz] Sent: Tuesday, August 22, 2006 12:35 PM To: CentOS mailing list Subject: Re: [CentOS] web based mail packages for CentOS
Ed,
I tried creating an account last evening but never recieved a confirmation email. I do not see the Forest prep tool that they mention. Where is it located? I downloaded my open source distro and looked in the software folder and did not find it.
Thanks,
James ----- Original Message ----- From: Edward R. Bailey ed@commercescience.com To: centos centos@centos.org Sent: Tuesday, August 22, 2006 10:45:11 AM GMT-0500 Subject: RE: [CentOS] web based mail packages for CentOS
James,
Looks like you have more then one problem here so I am going start with your AD/SSO integration issue - BTW - have you tried the Scalix Community forum at http://www.scalix.com/commnity? It offers an excellent source of help and many of the Scalix developers and support personal hang out there.
You do need to run Forest Prep in order to integrate Scalix into AD. For Scalix version 10.0.1 go to page 102 of the admin guide and start from there. I am guessing you setup SSO and Kerberos without integrating AD first so Scalix is not recognizing any of your users.
Once you run though the AD integration steps you can get SSO to work. Below is a short version of the instructions that I used. The admin guide includes more detailed instructions. Let me know how it goes.
Ed
For SSO integration with AD - here are the instructions I used to get it working
SSO AD INSTRUCTIONS
Step 1. Make sure you have created Forward Lookup Zones for your domains and created Host records for all Scalix Servers in the appropriate Forward Lookup Zone. Step 2. Under Forward Lookup Zones, select a Scalix Server Single Sign-on domain and go to Action > New Alias. Step 3. Create a new Alias called _scalix-default-mail_ in the Alias name field, and the fully qualified name of the Scalix Server with which you are using Single Signon in the Fully qualified name for target host field (for example, scalixserver.acme.net). Step 4. Create reverse lookup zone for the Scalix server. Step 5. Go to Active directory User and Computers and create a new OU and call it Scalix services. Step 6. Select the Scalix service OU and Action > New > User. Step 7. Create the user, enter _scalix-ual_ in the first name field. You can also enter the name of the Single Sign-on Scalix Server in the Last Name field. This allows you to identify the keytabs you generate for multiple Scalix Servers. Click next and Enter and confirm a password for the user. Make sure that the password you enter is sufficiently complex and that; User must change password at next logon field is not selected User cannot change password field is not selected Password never expires field is selected Click next and clear the create an Exchange mailbox field, then click next and then click finish. The user has successfully been created for the Scalix UAL service. Step 8. Generate a Kerberos keytab, enter:
ktpass _princ scalix-ual/scalixservername.domain@REALM _mapuser scalix-ual -pass password _out path\filename -kvno 3 For example: ktpass -princ scalix-ual/scalixserver.acme.net@ACME.NET -mapuser scalix-ual -pass password -out scalix-ual.keytab -kvno 3 Step 9. Copy the keytab to the home directory of the Single Sign on Scalix Server.
Step 10. Run the command. ommergekeys /path/filename.keytab Where /path is the location that you copied the keytab too.
Step 11. omkrbconf -r REALM -s servername.domain -d domain
-r specifies the realm that the Kerberos database controls. For example, if your domain name is acme.com, your realm is ACME or ACME.NET.
-s specifies the fully qualified host name of the Kerberos KDC machine. For Single Sign-on, the KDC is the Domain Controller with Active Directory installed. Step 12. In order for Single Signon to work , the authentication ID for a scalix server mailbox must match the domain identity (Active Directory ID) for the user. For example, if jsmith@acme.net is the user logon ID for a user in AD then enter the following on the Scalix server:
ommodu _o jsmith -_authid jsmith@ACME.NET
Note: The realm MUST be in uppercase. To view the user; omshowu _Joe Smith/mailnode_
Step 13. Test out the connection. Run the command ; kinit _your AD user ID_ for example kinit jsmith @ACME.NET You should be prompted for your AD password, enter it and it should just come back to you. Step 14. Modify the /var/opt/scalix/sys/pam.d/ual.remote file. The only lines that are needed are these four; auth required om_krb5 user_unknown=ignore auth optional om_auth use_first_pass account required om_auth password required om_auth
Now save that file and now edit the pop3 file and make sure it has the same entries as the ual.remote. Now save that po3 file and edit the omslapdeng file and make sure it has the same 4 entries. Now save the omslapdeng file and edit the smtpd.auth file and make sure it has the same 4 entries. Now save that file and we are done.
TESTING. You can now log onto scalix using your AD logon credentials. Log into SWA via your AD id and AD password to test. To Test Outlook, create a new profile and enter in the scalix-default-mail as the server and that should automatically finish.
-----Original Message----- From: James Marcinek [mailto:jmarc1@jemconsult.biz] Sent: Tuesday, August 22, 2006 10:19 AM To: CentOS mailing list Subject: Re: [CentOS] web based mail packages for CentOS
Ed,
I saw no activity though the sac queue (I kept refreshing) but no luck. I had created 2 users in SAC to hopefully catch all of the mail that I was no longer recieving while I was trying to get the kerberos going... I believe what could have been the cause is: 1 the post I read on setting this up wasn't correct or some part of the process was not the same 2) I configured scalix to authenticate against the kerberos. So when I tried to logon I kept getting rejected as password or userid not found 3) not understanding what I am getting -> do I have to create an account and 'tie' it to the kerberos?
The sendmail was rejecting to my userid even though the user existed on both the sac and AD, which supports my idea that it's not 'authenticating' with the AD server...
As I mentioned sendmail isn't my favorite but I did run for some time before moving to postfix. From what I've read scalix takes care of this. Are there any post install scalix scripts that I have to run?
I see that there is a component called Scalix ForestPrep. Is this included in the open source distro? I would prefer this if possible. A single sign on is ok if that's all I can get but having true integration with the directory server would be preferable as I would like to have a single entry for ease of admin.
Edward R. Bailey wrote:
James,
When you say mail is not coming in do you mean that scalix is not accepting mail for your users? Did you provision your users in the Scalix SAC? What sort of error message is Scalix giving you when it rejects email?
Also, sendmail is most likely not the issue as sendmail is only used to process outbound mail. Scalix has its own smtpd that handles processing inbound mail and relaying. Let me know if I can help.
Ed Bailey
-----Original Message----- From: James Marcinek [mailto:jmarc1@jemconsult.biz] Sent: Tuesday, August 22, 2006 7:31 AM To: centos@centos.org Subject: Re: [CentOS] web based mail packages for CentOS
Easy for you to say! I was up late last night trying to figure out why no mail was coming in? I think it has to do with the kerberos integration with AD (which is what provides the single sign on).
I followed the directions and even saw users but for the life of me I could not logon to webmail?
Using the sxadmin I noticed that no mail was active at all in the queue? Do you have any idea to what could be the cause?
All of the mail coming in was being flat out rejected. Was there some additional steps that had to be done on 'sendmail' I had not configured the sendmail.mc which I would have typically done to get a mail server running with sendmail.
I hate sendmail (though I have a big hefty sendmail book) and moved to postfix for the ease of admin...
Perhaps I do not understand what is going on with the imap service and mta. I noticed that there is a modififed sendmail.cf that contains information of scalix. This makes me think that scalix 'should' (key word) be setting up what it needs to. By default sendmail will only accept mail from localhost. Does scalix take care of this or is it one more thing that I have to do? The docs and knowledge base do not really talk about it, which makes me believe that this thing should be working out of the box.
I would like to give another shot (this time try it without the AD intergration) to see how it works.
Thanks,
James
centos@911networks.com wrote:
On Mon, 21 Aug 2006 15:58:15 -0400 James Marcinek jmarc1@jemconsult.biz wrote:
Was it easy to install? I currently have postfix and cyrus-imapd running but could make changes.
Extremely easy if you have the right RPM andright OS, just RH [CentOS] or SUSE. Disable your existing postfix..., they provide everything.
I just changed from a linux Samba DC to an Active Directory one to change things up a bit. Does this Zimbra integrate with AD (or vice-a-versa)?
No experience, my customers do not have ADs, but Zimbra claims easy integration. Take a look @ http://www.zimbra.com/forums/showthread.php?t=1614 and http://www.google.ca/search?q=zimbra+active+directories
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
James Marcinek wrote:
Ed,
in the end I deployed Zimbra. It's supposedly integrated with AD as my tests indicate successful. Still not sure how to use it as I still have to create user id's.
I read on their site that the AD integration was only in the pay products, not the open source one. Just a FYI.
-
Bbt Lists -
centos@911networks.com -
Cesar Lagarrigue -
dan1 -
Edward R. Bailey -
Feizhou -
James Marcinek -
John Hinton -
Karanbir Singh -
Lamar Owen -
Les Mikesell -
Robert Moskowitz -
Todd Rittinger