Understanding Islam 4 dummies

Ref :
http://fullwhitemoon.deviantart.com/art/Understanding-Islam-4-dummies1-156897768?q=gallery%3AFullWhiteMoon+sort%3Atime&qo=15
http://fullwhitemoon.deviantart.com/art/Understanding-Islam-4-dummies2-156994329

Iklan
Ditulis dalam Dakwah. Leave a Comment »

Zarafa + Ubuntu 8.04

Sekarang saatnya installasi zarafa di ubuntu 8.04. Ada baiknya untuk menerapkan shorewall sehingga dapat lebih mengingkatkan keamanannya.

Zarafa + Postfix + OpenLDAP + AMaViS + SpamAssassin + Razor + ClamAV + phpLDAPadmin + Apache + PHP + MySQL + OpenSSL + dan lain lain … 😛

Menuju proses installasi …
download zarafa pada http://www.zarafa.com/download-zarafa
zarafa-6.40.1-ubuntu8.04-i386 pada ubuntu 8.04 32bit

apt-get update
apt-get upgrade
tasksel install lamp-server
mysql -u root -p
mysql> create database zarafa;
mysql> grant all privileges on zarafa.* to ‘zarafa’@’localhost’ identified by ‘password’;
mysql> quit
apt-get install wget
tar cfvz zarafa-6.40.1-ubuntu8.04-i386.tar.gz
cd zarafa-6.40.1-ubuntu8.04-i386
./install.sh

#postfix & postfix-ldap
apt-get install postfix postfix-ldap

cat > /etc/postfix/ldap-aliases.cf < /etc/postfix/ldap-users.cf < /etc/postfix/access_table <SetValue($i,’login’,’anon_bind’,false);

#slapd
apt-get install install slapd ldap-utils

#tambahkan pada file /etc/ldap/slapd.conf
include /etc/ldap/schema/zarafa.schema
loglevel 0

cp /usr/share/doc/zarafa/zarafa.schema.gz /etc/ldap/schema/
gunzip /etc/ldap/schema/zarafa.schema.gz

ref : http://www.zarafa.com/wiki/index.php/LDAP_integration

#download template untuk phpldapadmin zarafa
apt-get install unzip phpldapadmin
wget http://www.zarafa.com/wiki/images/2/2d/Phpldapadmintemplates.zip
unzip Phpldapadmintemplates.zip
cp -R templates/* /etc/phpldapadmin/templates

ref : http://www.zarafa.com/wiki/index.php/PhpLDAPadmin_Template

#create user
ref : https://help.ubuntu.com/community/Zarafa
http://www.zarafa.com/wiki/index.php/ZCP_on_Ubuntu_8.04_LTS

#zarafa ldap
cp /etc/zarafa/ldap.openldap.cfg /etc/zarafa/ldap.cfg

#ubah file /etc/zarafa/ldap.cfg
ldap_user_unique_attribute = uid
ldap_loginname_attribute = uid
ldap_groupmembers_relation_attribute = uid
ldap_user_type_attribute_value = zarafa-user
ldap_bind_user = cn=admin,dc=company,dc=com
ldap_bind_passwd =
ldap_search_base = dc=company,dc=com
ldap_user_search_filter = (objectClass=zarafa-user)
ldap_group_search_filter = (objectClass=zarafa-group)
ldap_company_search_filter = (objectClass=zarafa-company)
ldap_company_system_admin_relation_attribute = uid

ref : http://doc.zarafa.com/6.40/Administrator_Manual/en-US/html/_ConfigureOpenLDAP.html

#ubah file /etc/zarafa/ldap.cfg untuk quota
ldap_quota_multiplier = 1048576

http://forums.zarafa.com/viewtopic.php?f=11&t=1443

#buat serifikat untuk outlook
mkdir /etc/zarafa/ssl
chmod 700 /etc/zarafa/ssl
cd /etc/zarafa/ssl
sh /usr/share/doc/zarafa/ssl-certificates.sh server

ref : http://doc.zarafa.com/6.40/Administrator_Manual/en-US/html/_configure_language.html#_ssl_connections_and_certificates

#ubah /etc/zarafa/server.cfg untuk menggunakan mode ssl untuk outlook
server_ssl_enabled = yes
server_ssl_port = 237
server_ssl_ca_file = /etc/zarafa/ssl/server.pem
server_ssl_key_file = /etc/zarafa/ssl/demoCA/cacert.pem
server_ssl_key_pass =

#buat serifikat untuk webaccess, phpldapadmin, pop3s, imaps, smtp auth
openssl genrsa -out /etc/ssl/private/privkey.pem 2048
openssl req -new -x509 -key /etc/ssl/private/privkey.pem -out /etc/ssl/certs/cert.pem -days 1095

#ubah /etc/zarafa/gateway.cfg untuk pop3s dan imaps
pop3s_enable = yes
imaps_enable = yes
ssl_private_key_file = /etc/ssl/private/privkey.pem
ssl_certificate_file = /etc/ssl/certs/cert.pem
ssl_verify_client = no

ref : http://doc.zarafa.com/6.40/Administrator_Manual/en-US/html/_configure_zarafa_gateway_imap_and_pop3.html
http://doc.zarafa.com/6.40/Administrator_Manual/en-US/html/_configure_zarafa_caldav.html

#postfix & sasl2-bin untuk smtp auth melaui zarafa imap
apt-get install sasl2-bin
gpasswd -a postfix sasl

#ubah file /etc/default/saslauthd
START=yes
MECHANISMS=”rimap”
MECH_OPTIONS=”127.0.0.1″
THREADS=0
OPTIONS=”-c -m /var/spool/postfix/var/run/saslauthd -r”

#buat file /etc/postfix/sasl/smtpd.conf
cat > /etc/postfix/sasl/smtpd.conf << EOF
pwcheck_method: saslauthd
mech_list: plain login
EOF

#ubah /etc/postfix/main.cf
smtpd_tls_auth_only = yes

smtpd_tls_security_level = may
smtpd_tls_key_file = /etc/ssl/private/privkey.pem
smtpd_tls_cert_file = /etc/ssl/certs/cert.pem
smtpd_tls_session_cache_database = sdbm:/var/lib/postfix/smtpd_scache
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

#smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated

smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes

#ubah /etc/postfix/main.cf
#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
#smtpd_use_tls=yes
#smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

#ubah file /etc/postfix/master.cf dan sisipkan
submission inet n – – – – smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o broken_sasl_auth_clients=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject_unauth_destination
-o smtpd_sender_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
smtps inet n – – – – smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o broken_sasl_auth_clients=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject_unauth_destination
-o smtpd_sender_restrictions=permit_sasl_authenticated,reject_unauth_destination
-o milter_macro_daemon_name=ORIGINATING

ref : http://www.kitserve.org.uk/content/zarafa-debian-how-part-2-sasl-and-autolearning-spamassassin
http://forums.zarafa.com/viewtopic.php?f=9&t=918

#ubah apache untuk menggunakan mode ssl untuk webaccess
a2enmod ssl rewrite

#ubah file /etc/apache2/sites-available/default
#NameVirtualHost *
NameVirtualHost *:80
NameVirtualHost *:443

#ubah file /etc/apache2/sites-available/zarafa-webaccess

SSLEngine On
SSLCertificateFile /etc/ssl/certs/cert.pem
SSLCertificateKeyFile /etc/ssl/private/privkey.pem

#ubah file /etc/apache2/conf.d/phpldapadmin

SSLEngine On
SSLCertificateFile /etc/ssl/certs/cert.pem
SSLCertificateKeyFile /etc/ssl/private/privkey.pem

ref : http://www.zarafa.com/wiki/index.php/Securing_Zarafa_WebAccess_with_SSL

#spamassassin, clamav & amavisd-new
apt-get install amavisd-new spamassassin clamav-daemon
apt-get install arj bzip2 cabextract cpio file gzip lha nomarch pax rar unrar unzip unzoo zip zoo lzop

gpasswd -a amavis clamav
gpasswd -a clamav amavis

#ubah /etc/postfix/main.cf
content_filter = smtp-amavis:[127.0.0.1]:10024

#ubah /etc/postfix/master.cf
#pickup fifo n – – 60 1 pickup
pickup fifo n – – 60 1 pickup
-o content_filter=
-o receive_override_options=no_header_body_checks

smtp-amavis unix – – – – 5 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n – – – – smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks

#tambahkan file /etc/amavis/conf.d/50-user
$max_servers = 5;
@local_domains_acl = ( “company.com”, “company.org”, “company.net” );

#ubah file /etc/amavis/conf.d/15-content_filter_mode
@bypass_virus_checks_maps = (
\%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
@bypass_spam_checks_maps = (
\%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

#ubah file /etc/amavis/conf.d/20-debian_defaults
$final_spam_destiny = D_PASS;

#razor
apt-get install libnet-dns-perl libmail-spf-query-perl pyzor razor

razor-admin -home=/etc/razor -create
razor-admin -home=/etc/razor -register

#ubah /etc/default/spamassassin
ENABLED=1

#ubah file /etc/spamassassin/local.cf
required_score 8.0
razor_config /etc/razor/razor-agent.conf

#ubah file /etc/zarafa/dagent.cfg
spam_header_name =

ref : https://help.ubuntu.com/community/PostfixAmavisNew
http://chiralsoftware.com/linux-system-administration/ubuntu-postfix-imap-dovecot-setup.seam
http://www.kitserve.org.uk/content/how-install-zarafa-debian-lenny-postfix-procmail-spamassassin-clamassassin-spam-learning-and
https://help.ubuntu.com/9.04/serverguide/C/mail-filtering.html
http://spamassassin.apache.org/gtube/

reboot

untuk passwd pada webaccess .. bisa akses disini http://forums.zarafa.com/viewtopic.php?f=16&t=5205

*setelah 20 harian dan beberapa kali rebuild vps di magnet* 😀
*go magnet .. go*
*nice*

Ditulis dalam Tutorial. 2 Comments »