2002 10 31


                    LINUX NEWS
            http://www.Cramsession.com
          October 31, 2002 -- Issue #105


TABLE OF CONTENTS

1) Sean’s Notes

2) Linux News

OpenBSD 3.2 Release
Mandrake Announces Cluster Distro
SuSE Improves Desktop Integration
Stalman Runs For GNOME Board... again

3) Linux Resources

SSH and SFTP
Give Up Those Privileges!
Yahoo! Looks at PHP
Linux Survival
Build a Secure Webmail Service Supporting IMAP and SSL

4) App o’ the Week

~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~

Deploy, configure, and support Linux! Linux Administration Resource Kit, yours for $9.99, a $119.97 value. Featuring 3 best-selling industry guides, along with 5 CDs. Plus a free gift! The 5 CDs include various Linux distributions, applications, and tools for managing networks and systems. Click for details:

http://ad.brainbuzz.com/?RC06&AIW38







For information on how to advertise in this newsletter
please contact mailto:adsales@CramSession.com or visit
http://cramsession.com/marketing/default.asp

-------------------------
1) Sean's Notes
-------------------------

Earlier this month, we talked about email in three parts:

SMTP:
http://newsletters.cramsession.com/Newsletters/NewsletterArchive/Li
nuxNews/october-3-2002linux.txt

PostFix:
http://newsletters.cramsession.com/Newsletters/NewsletterArchive/Li
nuxNews/october-10-2002linux.txt

POP:
http://newsletters.cramsession.com/Newsletters/NewsletterArchive/Li
nuxNews/october-17-2002linux.txt

That leaves us with webmail.  You're probably familiar with it
if you've used Hotmail or any number of other similar services.
You can set up the same thing at home!  It's very handy if you
want to check your email from work, or on the road.

Three components are needed for this.  The first is a webserver
that has PHP with the IMAP module loaded.  The second is an IMAP
server.  The third is the actual Webmail software itself.

The first component, I'm going to leave to your distribution.
With RedHat, you'll need the apache, php, and php_imap RPMs
loaded.  If you want to build from source, I can't speak highly
enough about Apache Toolbox:

http://www.apachetoolbox.com/

The next part, IMAP, is fairly easy.  Like POP, IMAP is designed
to let you access your mailbox over the network.  However, IMAP
lets you handle folders, and is designed to handle a long-lived
connection.  That is, with POP you check your mail every N
minutes and copy it to your local computer.  With IMAP, you open
a connection, and poll the server over that connection every N
minutes.  Rather than downloading the mail, you can read it
online.  Very handy for our purposes here.

If your distro has an IMAP RPM, all the more power to you.
imap-2001a has worked well for me.  Otherwise, grab:

ftp://ftp.cac.washington.edu/imap/imap.tar.Z

# tar -xzf imap.tar.Z
# cd imap-2002.RC10
# make lrh     (if this fails, try "make slx" or "make lnx
#SSLTYPE=none instead")
...
# strip imapd/imapd
# cp imapd/imapd /usr/sbin

The UWashington IMAPD is different from most installations,
hence the non-standard way of building.  The last two commands
strip the binary of debugging symbols (making it smaller), and
copies it to /usr/sbin.

Either way, rpm or source, you have to tell inetd that imap is
there.  If you're using inetd, add the following line to
/etc/inetd.conf if it's not already there:

imap stream tcp nowait root /usr/sbin/tcpd imapd

If you're using xinetd, then create (or edit) /etc/xinetd.d/imap

service imap
{
        flags           = REUSE
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/sbin/imapd
        log_on_failure  += USERID
        disable         = no
}

Restart inetd (killall -HUP inetd) or xinetd (killall -HUP
xinetd) and you should be able to telnet to port 143 and get a
banner:

$ telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
\* OK \[CAPABILITY IMAP4 IMAP4REV1 LOGIN-REFERRALS AUTH=LOGIN] localhost

Let's limit connections to only the localhost:

# echo "imapd: ALL" >> /etc/hosts.deny
# echo "imapd: localhost" >> /etc/hosts.allow

This will prevent other people from connecting to your imap
server.  Why take chances?

Now that IMAP is built, grab SquirrelMail.  The name sounds odd,
but believe me, this is one kick ass piece of software.

http://www.squirrelmail.org

Go into the root of your web server, this is probably
/var/www/html or /usr/local/apache/htdocs.  Uncompress
Squirrelmail:

# tar -xzf squirrelmail-1.2.9.tar.gz

rename it to something nice, such as mail:

# mv squirrelmail-1.2.9 mail
# cd mail

Since some directories have to be written to, you have to open
up access by the web server (this is right out of the INSTALL
file, well worth a read).

# chown -R nobody data
# chgrp -R nobody data

All we're doing is making sure that nobody owns all the
directories and files under "data".  If your web server runs as
a different user (ps -ef will tell you that), substitute the
user and group in the commands above.

Now, somewhere to temporarily store attachments:

# cd /var/spool
# mkdir squirrel
# chgrp -R nobody squirrel
# chmod 730 squirrel

Finally, get back to your install directory, change to
"config" and run the setup script:

# ./conf.pl

Here's where most of the config goes.  The important stuff to
change is under option 2:

Server Settings
1.  Domain               : mydomain.com
2.  IMAP Server          : localhost
3.  IMAP Port            : 143
4.  Use Sendmail/SMTP    : SMTP
6.    SMTP Server        : localhost
7.    SMTP Port          : 25
8.    Authenticated SMTP : false
9.    POP Before SMTP    : false
10. Server               : cyrus
11. Invert Time          : false
12. Delimiter            : detect

#1 and #10 will need changing.  Set #1 to your domain, and #10
is "uw" since we're using the UW IMAP server.

's'ave and then 'q'uit.  Test your installation:

http://localhost/mail/

You should see a friendly screen asking you to log in.  Log in
with your username and password, and presto!

The INSTALL file has help on troubleshooting.  Most often, the
problems are with the installation of PHP.

We haven't addressed security, namely that you're transmitting
your username and password over the Internet, not to mention
reading your mail that way.  Setting up SSL would be a good
thing at some point, and the topic of a future newsletter.

I'd also be interested in hearing how helpful you find these
tutorials, and if the level of detail is enough (or too much).
Ideas for topics are also welcome.

Happy Halloween!

Long live the Penguin,

Sean
mailto:swalberg@cramsession.com


-------------------------
2) Linux News
-------------------------

-------------------
OpenBSD 3.2 Release
-------------------

Tomorrow (Nov 1) marks the release of OpenBSD 3.2. OpenBSD's
main focus is on security, and boasts an impressive track
record. They've also got the coolest tee's and golf shirts that
I've seen in a while.

http://www.openbsd.org/


---------------------------------
Mandrake Announces Cluster Distro
---------------------------------

I never know what to expect next from these guys. They've just
announced a distribution targeted to parallel processing
clusters. It looks like they've partnered with some academic
institutions, meaning this may be used to further research,
which I highly approve.

http://www.mandrakesoft.com/company/press/pr?n=/pr/products/2398


---------------------------------
SuSE Improves Desktop Integration
---------------------------------

"SuSE Linux, the international Open Source technology leader and
solutions provider, announced a multi-stage product campaign for
the corporate desktop deployment of SuSE Linux. Starting January
2003, small and medium-scale enterprises will be able to migrate
to Linux on desktops using the 'SuSE Linux Office Desktop'.
'SuSE Linux Enterprise Desktop', a Linux version optimized for
desktop deployment in large-scale enterprises, is expected to be
released in the first quarter of 2003."

http://www.suse.com/us/company/press/press_releases/archive02/offic
e_desktop.html


-------------------------------------
Stalman Runs For GNOME Board... Again
-------------------------------------

I know I give the guy a hard time, but here's another
attempt at grabbing the spotlight. I have to admit, I'd love
to be a fly on the wall when RMS and Miguel de Icaza
(spearheading the port of C# and .NET to Linux) duke it out.

http://newsforge.com/newsforge/02/10/30/1341223.shtml?tidQ


-------------------------
3) Linux Resources
-------------------------


------------
SSH and SFTP
------------

You've probably heard of SSH, the Secure SHell, which is a
secure replacement for telnet. Did you know about the other
things it can do, such as passwordless authentication and
replacing FTP? Here is an article on how to set this all up.

http://www.linuxgazette.com/issue64/dellomodarme.html


-------------------------
Give Up Those Privileges!
-------------------------

Sound words from the Cramsession Security newsletter. Do you
log in as root? Here's a good article explaining why that is a
bad idea.

http://infocenter.cramsession.com/techlibrary/gethtml.asp?ID28


-------------------
Yahoo! Looks at PHP
-------------------

Here's a pointer to a slideshow from one of Yahoo!'s engineers,
who is making a case to move the portal's C++ software to use PHP.
Interesting stuff, and would certainly be a boost to the already
popular web scripting language.

http://public.yahoo.com/~radwin/talks/yahoo-phpcon2002.htm


--------------
Linux Survival
--------------

Here's an interesting series of Java applets that form a Linux
CBT course. There is some good content in here for those just
beginning, and the interface is friendly.

http://linuxsurvival.com/


------------------------------------------------------
Build a Secure Webmail Service Supporting IMAP and SSL
------------------------------------------------------

Here's a setup similar to one we set up this week, using UW IMAP
and Aeromail. They added SSL, something I'll cover in the future.

http://www.linuxjournal.com/article.php?sidc95&mode=thread&order=0


-------------------------
4) App o' the Week
-------------------------

This week's app is more of an application note. It seems that
there is a problem with the stock Open Office and Red Hat 8.0.
The RPM is fine, but if you download the binary from
openoffice.org, you might find some crashes.

http://www.openoffice.org/issues/show_bug.cgi?id98


-------------------------
(C) 2002 BrainBuzz.com, Inc. All Rights Reserved.
-------------------------
-------------------------

          This message is from CramSession

You are currently subscribed to the following list
   Hottest Linux News and Resources
   as: sean@ertw.com

To un-subscribe from this newsletter by e-mail,
   send a blank email message to:
   mailto:leave-linuxnews-3825955Y@list.cramsession.com

To subscribe to this newsletter and many others visit
our site at:
http://newsletters.cramsession.com/signup/default.asp

-------------------------------------------------------