Cramsession Linux Newsletter

home

Oct 31 2002

                    LINUX NEWS
            http://www.Cramsession.com
          October 31, 2002 -- Issue #105

TABLE OF CONTENTS

1) Sean’s Notes

2) Linux News

OpenBSD 3.2 Release
Mandrake Announces Cluster Distro
SuSE Improves Desktop Integration
Stalman Runs For GNOME Board... again

3) Linux Resources

SSH and SFTP
Give Up Those Privileges!
Yahoo! Looks at PHP
Linux Survival
Build a Secure Webmail Service Supporting IMAP and SSL

4) App o’ the Week

~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~

Deploy, configure, and support Linux! Linux Administration Resource Kit, yours for $9.99, a $119.97 value. Featuring 3 best-selling industry guides, along with 5 CDs. Plus a free gift! The 5 CDs include various Linux distributions, applications, and tools for managing networks and systems. Click for details:

http://ad.brainbuzz.com/?RC06&AIW38

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

For information on how to advertise in this newsletter please contact mailto:adsales@CramSession.com or visit http://cramsession.com/marketing/default.asp

1) Sean’s Notes

Earlier this month, we talked about email in three parts:

SMTP: http://newsletters.cramsession.com/Newsletters/NewsletterArchive/Li nuxNews/october-3-2002linux.txt

PostFix: http://newsletters.cramsession.com/Newsletters/NewsletterArchive/Li nuxNews/october-10-2002linux.txt

POP: http://newsletters.cramsession.com/Newsletters/NewsletterArchive/Li nuxNews/october-17-2002linux.txt

That leaves us with webmail. You’re probably familiar with it if you’ve used Hotmail or any number of other similar services. You can set up the same thing at home! It’s very handy if you want to check your email from work, or on the road.

Three components are needed for this. The first is a webserver that has PHP with the IMAP module loaded. The second is an IMAP server. The third is the actual Webmail software itself.

The first component, I’m going to leave to your distribution. With RedHat, you’ll need the apache, php, and php_imap RPMs loaded. If you want to build from source, I can’t speak highly enough about Apache Toolbox:

http://www.apachetoolbox.com/

The next part, IMAP, is fairly easy. Like POP, IMAP is designed to let you access your mailbox over the network. However, IMAP lets you handle folders, and is designed to handle a long-lived connection. That is, with POP you check your mail every N minutes and copy it to your local computer. With IMAP, you open a connection, and poll the server over that connection every N minutes. Rather than downloading the mail, you can read it online. Very handy for our purposes here.

If your distro has an IMAP RPM, all the more power to you. imap-2001a has worked well for me. Otherwise, grab:

ftp://ftp.cac.washington.edu/imap/imap.tar.Z

tar -xzf imap.tar.Z

cd imap-2002.RC10

make lrh (if this fails, try “make slx” or “make lnx

SSLTYPE=none instead”)

strip imapd/imapd

cp imapd/imapd /usr/sbin

The UWashington IMAPD is different from most installations, hence the non-standard way of building. The last two commands strip the binary of debugging symbols (making it smaller), and copies it to /usr/sbin.

Either way, rpm or source, you have to tell inetd that imap is there. If you’re using inetd, add the following line to /etc/inetd.conf if it’s not already there:

imap stream tcp nowait root /usr/sbin/tcpd imapd

If you’re using xinetd, then create (or edit) /etc/xinetd.d/imap

service imap { flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin/imapd log_on_failure += USERID disable = no }

Restart inetd (killall -HUP inetd) or xinetd (killall -HUP xinetd) and you should be able to telnet to port 143 and get a banner:

$ telnet localhost 143 Trying 127.0.0.1… Connected to localhost. Escape character is ‘^]’. * OK [CAPABILITY IMAP4 IMAP4REV1 LOGIN-REFERRALS AUTH=LOGIN] localhost

Let’s limit connections to only the localhost:

echo “imapd: ALL” » /etc/hosts.deny

echo “imapd: localhost” » /etc/hosts.allow

This will prevent other people from connecting to your imap server. Why take chances?

Now that IMAP is built, grab SquirrelMail. The name sounds odd, but believe me, this is one kick ass piece of software.

http://www.squirrelmail.org

Go into the root of your web server, this is probably /var/www/html or /usr/local/apache/htdocs. Uncompress Squirrelmail:

tar -xzf squirrelmail-1.2.9.tar.gz

rename it to something nice, such as mail:

mv squirrelmail-1.2.9 mail

cd mail

Since some directories have to be written to, you have to open up access by the web server (this is right out of the INSTALL file, well worth a read).

chown -R nobody data

chgrp -R nobody data

All we’re doing is making sure that nobody owns all the directories and files under “data”. If your web server runs as a different user (ps -ef will tell you that), substitute the user and group in the commands above.

Now, somewhere to temporarily store attachments:

cd /var/spool

mkdir squirrel

chgrp -R nobody squirrel

chmod 730 squirrel

Finally, get back to your install directory, change to “config” and run the setup script:

./conf.pl

Here’s where most of the config goes. The important stuff to change is under option 2:

Server Settings

  1. Domain : mydomain.com
  2. IMAP Server : localhost
  3. IMAP Port : 143
  4. Use Sendmail/SMTP : SMTP
  5. SMTP Server : localhost
  6. SMTP Port : 25
  7. Authenticated SMTP : false
  8. POP Before SMTP : false
  9. Server : cyrus
  10. Invert Time : false
  11. Delimiter : detect

1 and #10 will need changing. Set #1 to your domain, and #10

is “uw” since we’re using the UW IMAP server.

’s’ave and then ‘q’uit. Test your installation:

http://localhost/mail/

You should see a friendly screen asking you to log in. Log in with your username and password, and presto!

The INSTALL file has help on troubleshooting. Most often, the problems are with the installation of PHP.

We haven’t addressed security, namely that you’re transmitting your username and password over the Internet, not to mention reading your mail that way. Setting up SSL would be a good thing at some point, and the topic of a future newsletter.

I’d also be interested in hearing how helpful you find these tutorials, and if the level of detail is enough (or too much). Ideas for topics are also welcome.

Happy Halloween!

Long live the Penguin,

Sean mailto:swalberg@cramsession.com

2) Linux News

OpenBSD 3.2 Release

Tomorrow (Nov 1) marks the release of OpenBSD 3.2. OpenBSD’s main focus is on security, and boasts an impressive track record. They’ve also got the coolest tee’s and golf shirts that I’ve seen in a while.

http://www.openbsd.org/

Mandrake Announces Cluster Distro

I never know what to expect next from these guys. They’ve just announced a distribution targeted to parallel processing clusters. It looks like they’ve partnered with some academic institutions, meaning this may be used to further research, which I highly approve.

http://www.mandrakesoft.com/company/press/pr?n=/pr/products/2398

SuSE Improves Desktop Integration

“SuSE Linux, the international Open Source technology leader and solutions provider, announced a multi-stage product campaign for the corporate desktop deployment of SuSE Linux. Starting January 2003, small and medium-scale enterprises will be able to migrate to Linux on desktops using the ‘SuSE Linux Office Desktop’. ‘SuSE Linux Enterprise Desktop’, a Linux version optimized for desktop deployment in large-scale enterprises, is expected to be released in the first quarter of 2003.”

http://www.suse.com/us/company/press/press_releases/archive02/offic e_desktop.html

Stalman Runs For GNOME Board… Again

I know I give the guy a hard time, but here’s another attempt at grabbing the spotlight. I have to admit, I’d love to be a fly on the wall when RMS and Miguel de Icaza (spearheading the port of C# and .NET to Linux) duke it out.

http://newsforge.com/newsforge/02/10/30/1341223.shtml?tidQ

3) Linux Resources

SSH and SFTP

You’ve probably heard of SSH, the Secure SHell, which is a secure replacement for telnet. Did you know about the other things it can do, such as passwordless authentication and replacing FTP? Here is an article on how to set this all up.

http://www.linuxgazette.com/issue64/dellomodarme.html

Give Up Those Privileges!

Sound words from the Cramsession Security newsletter. Do you log in as root? Here’s a good article explaining why that is a bad idea.

http://infocenter.cramsession.com/techlibrary/gethtml.asp?ID28

Yahoo! Looks at PHP

Here’s a pointer to a slideshow from one of Yahoo!’s engineers, who is making a case to move the portal’s C++ software to use PHP. Interesting stuff, and would certainly be a boost to the already popular web scripting language.

http://public.yahoo.com/~radwin/talks/yahoo-phpcon2002.htm

Linux Survival

Here’s an interesting series of Java applets that form a Linux CBT course. There is some good content in here for those just beginning, and the interface is friendly.

http://linuxsurvival.com/

Build a Secure Webmail Service Supporting IMAP and SSL

Here’s a setup similar to one we set up this week, using UW IMAP and Aeromail. They added SSL, something I’ll cover in the future.

http://www.linuxjournal.com/article.php?sidc95&mode=thread&order=0

4) App o’ the Week

This week’s app is more of an application note. It seems that there is a problem with the stock Open Office and Red Hat 8.0. The RPM is fine, but if you download the binary from openoffice.org, you might find some crashes.

http://www.openoffice.org/issues/show_bug.cgi?id98

(C) 2002 BrainBuzz.com, Inc. All Rights Reserved.

      This message is from CramSession

You are currently subscribed to the following list Hottest Linux News and Resources as: sean@ertw.com

To un-subscribe from this newsletter by e-mail, send a blank email message to: mailto:leave-linuxnews-3825955Y@list.cramsession.com

To subscribe to this newsletter and many others visit our site at: http://newsletters.cramsession.com/signup/default.asp

github.com/swalberg
twitter.com/seanwalberg