Differences

This shows you the differences between two versions of the page.

--- courier_imaps_server_-_maildir [2022/07/19 21:13] – external edit 127.0.0.1
+++ courier_imaps_server_-_maildir [2022/07/20 22:48] (current) – admin
@@ Line 1: / Line 1: @@
-====== Courier_IMAPS_Server_-_Maildir ======
+===== Courier_IMAPS_Server_-_Maildir =====
-. Install Courier (done using this page: http://www.unixreview.com/documents/s=9811/ur0506m/)
+. Install Courier
- apt-get install courier-imap-ssl
+<code>
+ apt-get install courier-imap
  This will pull down all relevant packages
- Chose defaults when installing
+ Chose defaults when installing. No to web-based administration. Ok to default cert. (see more later)
+</code>
 . Main Config is naturly enough in /etc/courier
  Nothing is chanced in Courier Configs
 . To get postfix handing off to Courier:
+<code>
  Config Postfix (done using this page: http://www.samba.netfirms.com/courier/courier.html)
  /etc/postfix/main.cnf
- Comment out #mailbox_command = /user/bin/ procaine's-Y -a $DOMAIN
+ Comment out #mailbox_command = /user/bin/...
  Include or uncomment home_mailbox = Maildir/
+</code>
 . Step 3 should automatically make a Maildir in /home/user when mail is recieved
+<code>
  If you want to make the maildir manually, because a maildir is required for IMAP Login:
  Done using this website: http://archives.free.net.ph/message/20050807.151155.5ecafcf2.en.html
@@ Line 18: / Line 23: @@
  maildirmake Maildir
  This can be done for defauly users in the skeleton account /etc/skel/
-. IMAP login and recieving emails should work ok using thunderbird
+</code>
+. IMAP login and receiving emails should work ok using telnet (see [[postfix_smtp]] for info on sending email with telnet)
+<del>
 . Fix for courier.
  So thunderbird gave me the error: "Alert from account: Filesystem notification initialization error -- contact your mail administrator (check for configuration errors with the FAM/Gamin library).
@@ Line 25: / Line 32: @@
  Ref: http://zeldor.biz/2010/12/fix-filesystem-notification-initialization-error/   http://www.tutorialnut.com/index.php/2010/05/18/quick-fix-filesystem-notification-initialization-error-contact-your-mail-administrator-check-for-configuration-errors-with-the-famgamin-library/
-<del>
 . Now there does seem to be a load in PROCMAIL that I'm not using.
  Rules can be made as to what folder to sort incoming email.
@@ Line 33: / Line 39: @@
 </del>
-= Install and Config for Procmail =
+===== Install and Config for Procmail =====
+<code>
  apt-get install procmail
  vi /etc/postfix/main.cf
- <nowiki>//</nowiki>add the line:
+ #add the line:
  mailbox_command = /usr/bin/procmail -a "$EXTENSION" DEFAULT=$HOME/Maildir/ MAILDIR=$HOME/Maildir
 restart postfix and test.
+</code>
-====== Quick config for procmail ======
+==== Quick config for procmail ====
+<code>
  vi /home/$USER/.procmailrc
  #Start of Procmailrc script.
@@ Line 49: / Line 58: @@
  :0 c
  !email@gmail.com
-This above procmail reciepie creates a procmail log for the user. It also forwards a copy of all email to email@gmail.com
+</code>
+This above procmail recipe creates a procmail log for the user. It also forwards a copy of all email to email@gmail.com
 More procmail rules at http://wiki.kartbuilding.net/index.php/Procmail
+<del>
 ===== Update Cert =====
 Even though I'm sure its not the best practice, I copy the newly updated apache.pem cert and use it for courier-ssl.
  cp /etc/apache2/ssl/apache2.pem /etc/courier/imapd.pem
  /etc/init.d/courier-imap-ssl restart
+</del>
+===== Secure IMAPs =====
+Mandate secure imapds
+<code>
+vi /etc/courier/imapd-ssl
+IMAP_TLS_REQUIRED=1
+</code>
+On installing courier via apt-get it creates a test ssl cert. However its not self-signed.
+To create a self-signed cert:
+<code>
+cd /root/
+openssl req -x509 -newkey rsa:1024 -keyout  imapd.pem -out imapd.pem -days 9999 -nodes
+#rename /etc/courier/imapd.pem to -old
+#move from /root into /etc/courier
+chown courier /etc/courier/imapd.pem
+chmod 600 /etc/courier/imapd.pem
+/etc/init.d/postfix restart
+/etc/init.d/courier-imap-ssl restart
+</code>
+[[https://annvix.com/using_courier-imap_and_ssl| Ref]]
+==== Testing imaps via a client PC and problems ====
+Testing with thunderbird did not go to plan. I normally use thunderbird portable to login and test.
+It hung and did not create the account.
+In /var/log/mail.info, it showed: **imapd-ssl: ip=[::ffff:], Certificate is bad**
+After a lot of testing, it turned out it was nothing to do with imapd.pem, but a problem with thunderbird and self-signed certs. Thunderbird did not prompt to allow exception.
+Solution 1 - Use Mailbird - it prompted to allow and store exception.
+Solution 2 - Fix for Thunderbird for imaps self-signed certs:
+<code>
+go to Options > Composition > Addressing
+Check Directory server and Edit Directories > Add new
+set name to: 'fakeLdapDirectory'
+specify server address: mail.mydomain.com
+Base DN: cn=base
+Check 'Use secure connection(SSL)'
+set port: 993
+Bind DN: cn=user,cn=base
+Base and Bind DN does not need to exist, cn=user,cn=base will doe the trick. Click OK, close Edit connections dialog.
+Select directory server in the list
+Go to Inbox Tab > Address Book
+Select fakeLdapDirectory in the list and type something into the search input on top right. If asked for password type anything e.g. 'letMeIn'
+You should get 'confirm certificate exception dialog', confirm it, now mail messages should be downloadable
+</code>
+Ref: https://bugzilla.mozilla.org/show_bug.cgi?id=1694023#c3
+===== Final Config =====
+For final additions to postfix with courier and procmail, please see: [[postfix_smtp#debian_bullseye_config]]