Perdition is an IMAP/POP proxy written in C, and it offers map user connections to another mail servers where store the email inbox. The clients will connect to perdition server and this will distribute the connections to the corresponding server. In this scenario is configured one server mail.mydomain.com with ip 192.168.1.51 running postfix and perdition, this will accept the IMAP4/IMAP4S and POP3/POP3S connections and will redistribute to the mailboxes mbox1 and mbox2 with ip 192.168.0.16 and 192.168.0.17 with another internal network, this process is transparent for the end user and the mail clients will have the same configuration.

Image

Installing perdition

1.- Install perdition and other dependencies:

# yum install gcc make wget popt popt-static gettext perl mysql-server mysql-devel openssl openssl-devel postfix

– Install logging library:

# cd /tmp ; wget http://horms.net/projects/vanessa/download/vanessa_logger/latest/
vanessa_logger-0.0.10.tar.gz
# tar -xzvf vanessa_logger-0.0.10.tar.gz && cd vanessa_logger-0.0.10/
# ./configure
# make && make install

– Installing data type library:

# cd /tmp ; wget http://horms.net/projects/vanessa/download/vanessa_adt/latest/
vanessa_adt-0.0.9.tar.gz
# tar -xzvf vanessa_adt-0.0.9.tar.gz && cd vanessa_adt-0.0.9/
# ./configure
# make && make install

– Installing a socket tcp library:

# cd /tmp ; wget http://horms.net/projects/vanessa/download/vanessa_socket/latest/
vanessa_socket-0.0.12.tar.gz
# tar -xzvf vanessa_socket-0.0.12.tar.gz && cd vanessa_socket-0.0.12/
# ./configure
# make && make install

2.- Download perdition package:

# cd /tmp ; wget http://horms.net/projects/perdition/download/
1.18/perdition-1.18.tar.gz

3.- Exctract package and install:

# tar -xzvf perdition-1.18.tar.gz && cd perdition-1.18/
# ./configure --enable-static --prefix=/usr/local
# make && make install

4.- Add the path /usr/local/lib to the system library path:

# vi /etc/ld.so.conf.d/perdition.conf
/usr/local/lib
# ldconfig

5.- Configuring services:

# chkconfig --levels 235 postfix on
# chkconfig --levels 235 mysqld on
# service mysqld start
# service postfix start

6.- Setup a password for root user to mysql and running script preparation to mysql database:

# mysqladmin -u root password root
# /usr/local/sbin/perditiondb_mysql_makedb
Database server: localhost
Database name: dbPerdition
Database table: tblPerdition
Database user: perdition
Connections allowed from: localhost
Proceed (May destroy existing data in database) [y/n]? y
To insert rows into tblPerdition use the following once
logged into dbPerdition
insert into tblPerdition values ("user", "servername", "port");
where:
user: name of user. Up to 128 characters. May not be NULL.
servername: name of server for user. Up to 255 characters. May not be NULL.
port: port to connect to on server. May be NULL.

– Create another table for imap protocol connections:

# mysql -u root -p
mysql> CREATE TABLE 'tblPerditionImap4' (
mysql> 'user' varchar(128) NOT NULL,
mysql> 'servername' varchar(255) NOT NULL,
mysql> 'port' varchar(8) DEFAULT NULL,
mysql> PRIMARY KEY ('user'),
mysql> KEY 'idxtblPerdition_user' ('user')
mysql> ) ENGINE=MyISAM DEFAULT CHARSET=latin1;
mysql> INSERT INTO tblPerditionImap4 VALUES ('usu1','192.168.0.16','143'),('usu2','192.168.0.17','143');
mysql> INSERT INTO tblPerdition VALUES ('usu1','192.168.0.16','110'),('usu2','192.168.0.17','110');

7.- Create user and directories:

# mkdir -p /usr/local/var/run/perdition/
# groupadd perdition
# useradd -d /usr/local/var/run/perdition/ -s /bin/false -g perdition perdition
# chown perdition:perdition /usr/local/var/run/perdition/

8- Generate certificates:

# openssl req -new -x509 -nodes -out /usr/local/etc/perdition/perdition.crt.pem -keyout perdition.key.pem -days 365

9.- Edit /usr/local/etc/perdition/perdition.*.conf:

# vi /usr/local/etc/perdition/perdition.pop3.conf
listen_port 110
map_library /usr/local/lib/libperditiondb_mysql.so.0
map_library_opt "localhost:3306:dbPerdition:tblPerdition:perdition:perdition:
servername:user:port"
username perdition
username_from_database
pid_file /var/run/perdition.pop3/perdition.pop3.pid 
 # vi /usr/local/etc/perdition/perdition.imap4.conf 
listen_port 143
map_library /usr/local/lib/libperditiondb_mysql.so.0
map_library_opt "localhost:3306:dbPerdition:tblPerditionImap4:perdition:perdition:
servername:user:port"
username perdition
username_from_database
pid_file /var/run/perdition.imap4/perdition.imap4.pid
# vi /usr/local/etc/perdition/perdition.pops.conf
listen_port 995
map_library /usr/local/lib/libperditiondb_mysql.so.0
map_library_opt "localhost:3306:dbPerdition:tblPerdition:perdition:perdition:
servername:user:port"
username perdition
username_from_database
pid_file /var/run/perdition.pop3s/perdition.pop3s.pid
ssl_mode ssl_listen
ssl_no_cn_verify
ssl_cert_file /usr/local/etc/perdition/perdition.crt.pem
ssl_cert_accept_self_signed
ssl_cert_accept_expired
ssl_cert_accept_not_yet_valid
ssl_key_file /usr/local/etc/perdition/perdition.key.pem
# vi /usr/local/etc/perdition/perdition.imaps.conf
listen_port 993
map_library /usr/local/lib/libperditiondb_mysql.so.0
map_library_opt "localhost:3306:dbPerdition:tblPerditionImap4:perdition:perdition:
servername:user:port"
username perdition
username_from_database
pid_file /var/run/perdition.imap4s/perdition.imap4s.pid
ssl_mode ssl_listen
ssl_no_cn_verify
ssl_cert_file /usr/local/etc/perdition/perdition.crt.pem
ssl_cert_accept_self_signed
ssl_cert_accept_expired
ssl_cert_accept_not_yet_valid
ssl_key_file /usr/local/etc/perdition/perdition.key.pem

10.- Edit /etc/sysconfig/perdition:

# vi /etc/sysconfig/perdition 
#!/bin/sh
RUN_PERDITION="${RUN_PERDITION:=yes}"
FLAGS="${FLAGS:=}"
POP3="${POP3:=yes}"
POP3_FLAGS="${POP3_FLAGS:= -f /usr/local/etc/perdition/perdition.pop3.conf}"
POP3S="${POP3S:=yes}"
POP3S_FLAGS="${POP3S_FLAGS:= -f /usr/local/etc/perdition/perdition.pops.conf}"
IMAP4="${IMAP4:=yes}"
IMAP4_FLAGS="${IMAP4_FLAGS:= -f /usr/local/etc/perdition/perdition.imap4.conf}"
IMAP4S="${IMAP4S:=yes}"
IMAP4S_FLAGS="${IMAP4S_FLAGS:= -f /usr/local/etc/perdition/perdition.imaps.conf}"
MANAGESIEVE="${MANAGESIEVE:=no}"
MANAGESIEVE_FLAGS="${MANAGESIEVE_FLAGS:=}" 
# chmod +x /etc/sysconfig/perdition

11.- Create init script:

# vi /etc/init.d/perdition 
#!/bin/sh
PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/sbin
NAME=perdition
DAEMON=/usr/local/sbin/perdition
test -f $DAEMON || exit 0
if [ -e /etc/sysconfig/perdition ]; then
. /etc/sysconfig/perdition
fi
# Please do not edit the values below.
# Rather, please edit /etc/sysconfig/perdition
if [ "$RUN_PERDITION" != "yes" ]; then
exit 0
fi
case "$1" in
start)
if [ "$POP3" = "yes" ]; then
/usr/local/sbin/perdition.pop3 $POP3_FLAGS > /dev/null 2> /var/log/maillog
if [ ! -e /var/run/perdition.pop3/perdition.pop3.pid ]; then
echo "Unable to start POP3 Daemon (maybe another process is listening to the same port?)"
fi
if [ $? ] ; then
echo -e "perdition.pop3 startedn"
fi
fi
if [ "$POP3S" = "yes" ]; then
/usr/local/sbin/perdition.pop3s $POP3S_FLAGS
if [ ! -e /var/run/perdition.pop3s/perdition.pop3s.pid ]; then
echo "Unable to start POP3S Daemon (maybe another process is listening to the same port?)"
fi
if [ $? ] ; then
echo -e "perdition.pop3s startedn"
fi
fi
if [ "$IMAP4" = "yes" ]; then
/usr/local/sbin/perdition.imap4 $IMAP4_FLAGS
if [ ! -e /var/run/perdition.imap4/perdition.imap4.pid ]; then
echo "Unable to start IMAP4 Daemon (maybe another process is listening to the same port?)"
fi
if [ $? ] ; then
echo -e "perdition.imap4 startedn"
fi
fi
if [ "$IMAP4S" = "yes" ]; then
/usr/local/sbin/perdition.imap4s $IMAP4S_FLAGS
if [ ! -e /var/run/perdition.imaps/perdition.imaps.pid ]; then
echo "Unable to start IMAP4S Daemon (maybe another process is listening to the same port?)"
fi
if [ $? ] ; then
echo -e "perdition.imap4s startedn"
fi
fi
;;
stop)
if [ "$POP3" = "yes" ]; then
kill -9 `cat /var/run/perdition.pop3/perdition.pop3.pid`
if [ $? ] ; then
echo -e "perdition.pop3 stoppedn"
fi
fi
if [ "$POP3S" = "yes" ]; then
kill -9 `cat /var/run/perdition.pop3s/perdition.pop3s.pid`
if [ $? ] ; then
echo -e "perdition.pop3s stoppedn"
fi
fi
if [ "$IMAP4" = "yes" ]; then
kill -9 `cat /var/run/perdition.imap4/perdition.imap4.pid`
if [ $? ] ; then
echo -e "perdition.imap4 stoppedn"
fi
fi
if [ "$IMAP4S" = "yes" ]; then
kill -9 `cat /var/run/perdition.imap4s/perdition.imap4s.pid`
if [ $? ] ; then
echo -e "perdition.imap4s stoppedn"
fi
fi
;;
restart)
$0 stop
$0 start
;;
force-reload|reload)
echo "Reloading $NAME configuration files"
if [ "$POP3" = "yes" ]; then
kill -1 `cat /var/run/perdition.pop3/perdition.pop3.pid`
fi
if [ "$POP3S" = "yes" ]; then
kill -1 `cat /var/run/perdition.pop3s/perdition.pop3s.pid`
fi
if [ "$IMAP4" = "yes" ]; then
kill -1 `cat /var/run/perdition.imap4/perdition.imap4.pid`
fi
if [ "$IMAP4S" = "yes" ]; then
kill -1 `cat /var/run/perdition.imap4s/perdition.imap4s.pid`
fi
;;
*)
echo "Usage: /etc/init.d/$NAME {start|stop|restart|reload|force-reload}"
exit 1
;;
esac
exit 0
# chmod +x /etc/init.d/perdition
# chkconfig --levels 235 perdition on
# service perdition start

12.- Edit /etc/postfix/transports:

# vi /etc/postfix/transports
[email protected] smtp:192.168.0.16
[email protected] smtp:192.168.0.17
# postmap /etc/postfix/transports
# vi /etc/postfix/main.cf
hostname=smtp.mydomain.com
transport_maps=hash:/etc/postfix/transport
# service postfix restart

13.- Add iptables rules:

# vi /etc/sysconfig/iptables
-A INPUT -m tcp -p tcp --dport 995 -j ACCEPT
-A INPUT -m tcp -p tcp --dport 25 -j ACCEPT
-A INPUT -m tcp -p tcp --dport 993 -j ACCEPT
-A INPUT -m tcp -p tcp --dport 110 -j ACCEPT
-A INPUT -m tcp -p tcp --dport 143 -j ACCEPT
# service iptables restart

Installing server mailboxes

1.- Installing dovecot and postfix:

# yum install dovecot postfix

2.- Edit /etc/postfix/main.cf:

# vi /etc/postfix/main.cf
myhostname=mbox1.mydomain.com
mydestination=mydomain.com
inet_interfaces=localhost, 192.168.0.17
home_mailbox = Maildir/

3.- Edit Dovecot configuration:

# vi /etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = no
# vi /etc/dovecot/conf.d/10-master.conf
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
#port = 995
#ssl = yes
}
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
#port = 993
#ssl = yes
}
# vi /etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:~/Maildir

4.- Restart services:

# service postfix restart
# service dovecot restart
# chkconfig --levels 235 postfix on
# chkconfig --levels 235 dovecot on

5.- Add iptables rules:

# vi /etc/sysconfig/iptables
-A INPUT -m tcp -p tcp --dport 25 -j ACCEPT
-A INPUT -m tcp -p tcp --dport 110 -j ACCEPT
-A INPUT -m tcp -p tcp --dport 143 -j ACCEPT
# service iptables restart

Final testing

Image

official web page of perdition project:

http://horms.net/projects/perdition/

Configuring an IMAP/POP Proxy with perdition and MySQL
Tagged on:                             

5 thoughts on “Configuring an IMAP/POP Proxy with perdition and MySQL

  • December 26, 2012 at 16:30
    Permalink

    great tutorial, thanks

    Reply
  • March 20, 2013 at 15:16
    Permalink

    This is the only page I could find explaining the entire Perdition setup, THANKS!

    It’s a bit different on CentOS/RH. Here are the changes:
    Overall directories are /usr, /var, /etc (instead of /usr/local /usr/local/var /usr/local/etc )

    1-3) All of these have RPMs that can be downloaded from the perdition web site. The perdition RPM is slightly broken, need to upack it and remove the dash from the version (1.19-rc5 should be 1.19rc5). I don’t think they tested the RPMs, there are some quirks in them. Too long to go into here, google to find answers as you find problems. 🙂

    4) Not necessary as far as I can tell, but the mysql library is not installed where needed, so needs to be copied. Need to extract it from the tar then copy…
    cp perdition/db/mysql/.libs/libperditiondb_mysql.so.0 /var/lib

    6) The script is not installed by RPM, needs to be extracted from tar…
    perdition/db/mysql/perditiondb_mysql_makedb

    7) Not needed, already done by RPM

    10 & 11) Not needed, already done by RPM, except need to modify /etc/sysconfig/perdition to disable managesieve.
    Also note: there are bugs with the init script related to managesieve, you won’t be able to get status nor stop it until fixed. One of the problems is CentOS/RH only provide 15 characters of the process name in the “pidof” function. The other problem is “status” is looking at imaps instead of managesieve.

    I didn’t use postfix, so don’t know about any changes related to that.

    Ed.

    Reply
    • March 20, 2013 at 21:10
      Permalink

      Hi Ed!!

      Thanks for your comment!! The OS used in this post I think was Centos 6.0, the directories you mentioned, you can change with –prefix flag in the configure process for compile perdition. Very useful your info, If I’ve to install from rpm packages, I will keep your tips in mind!

      Reply
  • May 17, 2013 at 10:25
    Permalink

    hi i got the below message..
    the predition is using 110.. then not able to start dovecot. any idea ?
    thanks

    Starting DovecotError: service(pop3-login): listen(*, 110) failed: Address already in use
    Error: socket() failed: Address family not supported by protocol

    Reply

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Follow

Get every new post delivered to your Inbox

Join other followers: