Perdition is an IMAP/POP proxy written in C, and it offers map user connections to another mail servers where store the email inbox. The clients will connect to perdition server and this will distribute the connections to the corresponding server. In this scenario is configured one server mail.mydomain.com with ip 192.168.1.51 running postfix and perdition, this will accept the IMAP4/IMAP4S and POP3/POP3S connections and will redistribute to the mailboxes mbox1 and mbox2 with ip 192.168.0.16 and 192.168.0.17 with another internal network, this process is transparent for the end user and the mail clients will have the same configuration.
Installing perdition
1.- Install perdition and other dependencies:
# yum install gcc make wget popt popt-static gettext perl mysql-server mysql-devel openssl openssl-devel postfix
– Install logging library:
# cd /tmp ; wget http://horms.net/projects/vanessa/download/vanessa_logger/latest/ vanessa_logger-0.0.10.tar.gz # tar -xzvf vanessa_logger-0.0.10.tar.gz && cd vanessa_logger-0.0.10/ # ./configure # make && make install
– Installing data type library:
# cd /tmp ; wget http://horms.net/projects/vanessa/download/vanessa_adt/latest/ vanessa_adt-0.0.9.tar.gz # tar -xzvf vanessa_adt-0.0.9.tar.gz && cd vanessa_adt-0.0.9/ # ./configure # make && make install
– Installing a socket tcp library:
# cd /tmp ; wget http://horms.net/projects/vanessa/download/vanessa_socket/latest/ vanessa_socket-0.0.12.tar.gz # tar -xzvf vanessa_socket-0.0.12.tar.gz && cd vanessa_socket-0.0.12/ # ./configure # make && make install
2.- Download perdition package:
# cd /tmp ; wget http://horms.net/projects/perdition/download/ 1.18/perdition-1.18.tar.gz
3.- Exctract package and install:
# tar -xzvf perdition-1.18.tar.gz && cd perdition-1.18/ # ./configure --enable-static --prefix=/usr/local # make && make install
4.- Add the path /usr/local/lib to the system library path:
# vi /etc/ld.so.conf.d/perdition.conf /usr/local/lib # ldconfig
5.- Configuring services:
# chkconfig --levels 235 postfix on # chkconfig --levels 235 mysqld on # service mysqld start # service postfix start
6.- Setup a password for root user to mysql and running script preparation to mysql database:
# mysqladmin -u root password root
# /usr/local/sbin/perditiondb_mysql_makedb
Database server: localhost
Database name: dbPerdition
Database table: tblPerdition
Database user: perdition
Connections allowed from: localhost
Proceed (May destroy existing data in database) [y/n]? y
To insert rows into tblPerdition use the following once
logged into dbPerdition
insert into tblPerdition values ("user", "servername", "port");
where:
user: name of user. Up to 128 characters. May not be NULL.
servername: name of server for user. Up to 255 characters. May not be NULL.
port: port to connect to on server. May be NULL.
– Create another table for imap protocol connections:
# mysql -u root -p
mysql> CREATE TABLE 'tblPerditionImap4' (
mysql> 'user' varchar(128) NOT NULL,
mysql> 'servername' varchar(255) NOT NULL,
mysql> 'port' varchar(8) DEFAULT NULL,
mysql> PRIMARY KEY ('user'),
mysql> KEY 'idxtblPerdition_user' ('user')
mysql> ) ENGINE=MyISAM DEFAULT CHARSET=latin1;
mysql> INSERT INTO tblPerditionImap4 VALUES ('usu1','192.168.0.16','143'),('usu2','192.168.0.17','143');
mysql> INSERT INTO tblPerdition VALUES ('usu1','192.168.0.16','110'),('usu2','192.168.0.17','110');
7.- Create user and directories:
# mkdir -p /usr/local/var/run/perdition/ # groupadd perdition # useradd -d /usr/local/var/run/perdition/ -s /bin/false -g perdition perdition # chown perdition:perdition /usr/local/var/run/perdition/
8- Generate certificates:
# openssl req -new -x509 -nodes -out /usr/local/etc/perdition/perdition.crt.pem -keyout perdition.key.pem -days 365
9.- Edit /usr/local/etc/perdition/perdition.*.conf:
# vi /usr/local/etc/perdition/perdition.pop3.conf
listen_port 110 map_library /usr/local/lib/libperditiondb_mysql.so.0 map_library_opt "localhost:3306:dbPerdition:tblPerdition:perdition:perdition: servername:user:port" username perdition username_from_database pid_file /var/run/perdition.pop3/perdition.pop3.pid
# vi /usr/local/etc/perdition/perdition.imap4.conf
listen_port 143 map_library /usr/local/lib/libperditiondb_mysql.so.0 map_library_opt "localhost:3306:dbPerdition:tblPerditionImap4:perdition:perdition: servername:user:port" username perdition username_from_database pid_file /var/run/perdition.imap4/perdition.imap4.pid
# vi /usr/local/etc/perdition/perdition.pops.conf
listen_port 995 map_library /usr/local/lib/libperditiondb_mysql.so.0 map_library_opt "localhost:3306:dbPerdition:tblPerdition:perdition:perdition: servername:user:port" username perdition username_from_database pid_file /var/run/perdition.pop3s/perdition.pop3s.pid ssl_mode ssl_listen ssl_no_cn_verify ssl_cert_file /usr/local/etc/perdition/perdition.crt.pem ssl_cert_accept_self_signed ssl_cert_accept_expired ssl_cert_accept_not_yet_valid ssl_key_file /usr/local/etc/perdition/perdition.key.pem
# vi /usr/local/etc/perdition/perdition.imaps.conf
listen_port 993 map_library /usr/local/lib/libperditiondb_mysql.so.0 map_library_opt "localhost:3306:dbPerdition:tblPerditionImap4:perdition:perdition: servername:user:port" username perdition username_from_database pid_file /var/run/perdition.imap4s/perdition.imap4s.pid ssl_mode ssl_listen ssl_no_cn_verify ssl_cert_file /usr/local/etc/perdition/perdition.crt.pem ssl_cert_accept_self_signed ssl_cert_accept_expired ssl_cert_accept_not_yet_valid ssl_key_file /usr/local/etc/perdition/perdition.key.pem
10.- Edit /etc/sysconfig/perdition:
# vi /etc/sysconfig/perdition
#!/bin/sh
RUN_PERDITION="${RUN_PERDITION:=yes}"
FLAGS="${FLAGS:=}"
POP3="${POP3:=yes}"
POP3_FLAGS="${POP3_FLAGS:= -f /usr/local/etc/perdition/perdition.pop3.conf}"
POP3S="${POP3S:=yes}"
POP3S_FLAGS="${POP3S_FLAGS:= -f /usr/local/etc/perdition/perdition.pops.conf}"
IMAP4="${IMAP4:=yes}"
IMAP4_FLAGS="${IMAP4_FLAGS:= -f /usr/local/etc/perdition/perdition.imap4.conf}"
IMAP4S="${IMAP4S:=yes}"
IMAP4S_FLAGS="${IMAP4S_FLAGS:= -f /usr/local/etc/perdition/perdition.imaps.conf}"
MANAGESIEVE="${MANAGESIEVE:=no}"
MANAGESIEVE_FLAGS="${MANAGESIEVE_FLAGS:=}"
# chmod +x /etc/sysconfig/perdition
11.- Create init script:
# vi /etc/init.d/perdition
#!/bin/sh
PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/sbin NAME=perdition DAEMON=/usr/local/sbin/perdition
test -f $DAEMON || exit 0
if [ -e /etc/sysconfig/perdition ]; then . /etc/sysconfig/perdition fi
# Please do not edit the values below. # Rather, please edit /etc/sysconfig/perdition
if [ "$RUN_PERDITION" != "yes" ]; then exit 0 fi
case "$1" in start) if [ "$POP3" = "yes" ]; then
/usr/local/sbin/perdition.pop3 $POP3_FLAGS > /dev/null 2> /var/log/maillog if [ ! -e /var/run/perdition.pop3/perdition.pop3.pid ]; then echo "Unable to start POP3 Daemon (maybe another process is listening to the same port?)" fi if [ $? ] ; then echo -e "perdition.pop3 startedn" fi
fi if [ "$POP3S" = "yes" ]; then /usr/local/sbin/perdition.pop3s $POP3S_FLAGS if [ ! -e /var/run/perdition.pop3s/perdition.pop3s.pid ]; then echo "Unable to start POP3S Daemon (maybe another process is listening to the same port?)" fi
if [ $? ] ; then echo -e "perdition.pop3s startedn" fi fi if [ "$IMAP4" = "yes" ]; then /usr/local/sbin/perdition.imap4 $IMAP4_FLAGS if [ ! -e /var/run/perdition.imap4/perdition.imap4.pid ]; then echo "Unable to start IMAP4 Daemon (maybe another process is listening to the same port?)" fi if [ $? ] ; then echo -e "perdition.imap4 startedn" fi
fi if [ "$IMAP4S" = "yes" ]; then /usr/local/sbin/perdition.imap4s $IMAP4S_FLAGS if [ ! -e /var/run/perdition.imaps/perdition.imaps.pid ]; then echo "Unable to start IMAP4S Daemon (maybe another process is listening to the same port?)" fi
if [ $? ] ; then
echo -e "perdition.imap4s startedn"
fi
fi
;;
stop)
if [ "$POP3" = "yes" ]; then
kill -9 `cat /var/run/perdition.pop3/perdition.pop3.pid`
if [ $? ] ; then
echo -e "perdition.pop3 stoppedn"
fi
fi
if [ "$POP3S" = "yes" ]; then
kill -9 `cat /var/run/perdition.pop3s/perdition.pop3s.pid`
if [ $? ] ; then
echo -e "perdition.pop3s stoppedn"
fi
fi
if [ "$IMAP4" = "yes" ]; then
kill -9 `cat /var/run/perdition.imap4/perdition.imap4.pid`
if [ $? ] ; then
echo -e "perdition.imap4 stoppedn"
fi
fi
if [ "$IMAP4S" = "yes" ]; then
kill -9 `cat /var/run/perdition.imap4s/perdition.imap4s.pid`
if [ $? ] ; then
echo -e "perdition.imap4s stoppedn"
fi
fi
;;
restart)
$0 stop
$0 start
;;
force-reload|reload)
echo "Reloading $NAME configuration files"
if [ "$POP3" = "yes" ]; then
kill -1 `cat /var/run/perdition.pop3/perdition.pop3.pid`
fi
if [ "$POP3S" = "yes" ]; then
kill -1 `cat /var/run/perdition.pop3s/perdition.pop3s.pid`
fi
if [ "$IMAP4" = "yes" ]; then
kill -1 `cat /var/run/perdition.imap4/perdition.imap4.pid`
fi
if [ "$IMAP4S" = "yes" ]; then
kill -1 `cat /var/run/perdition.imap4s/perdition.imap4s.pid`
fi
;;
*)
echo "Usage: /etc/init.d/$NAME {start|stop|restart|reload|force-reload}"
exit 1
;;
esac
exit 0
# chmod +x /etc/init.d/perdition # chkconfig --levels 235 perdition on # service perdition start
12.- Edit /etc/postfix/transports:
# vi /etc/postfix/transports
[email protected] smtp:192.168.0.16 [email protected] smtp:192.168.0.17
# postmap /etc/postfix/transports # vi /etc/postfix/main.cf
hostname=smtp.mydomain.com transport_maps=hash:/etc/postfix/transport
# service postfix restart
13.- Add iptables rules:
# vi /etc/sysconfig/iptables
-A INPUT -m tcp -p tcp --dport 995 -j ACCEPT -A INPUT -m tcp -p tcp --dport 25 -j ACCEPT -A INPUT -m tcp -p tcp --dport 993 -j ACCEPT -A INPUT -m tcp -p tcp --dport 110 -j ACCEPT -A INPUT -m tcp -p tcp --dport 143 -j ACCEPT
# service iptables restart
Installing server mailboxes
1.- Installing dovecot and postfix:
# yum install dovecot postfix
2.- Edit /etc/postfix/main.cf:
# vi /etc/postfix/main.cf myhostname=mbox1.mydomain.com mydestination=mydomain.com inet_interfaces=localhost, 192.168.0.17 home_mailbox = Maildir/
3.- Edit Dovecot configuration:
# vi /etc/dovecot/conf.d/10-auth.conf disable_plaintext_auth = no
# vi /etc/dovecot/conf.d/10-master.conf
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
#port = 995
#ssl = yes
}
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
#port = 993
#ssl = yes
}
# vi /etc/dovecot/conf.d/10-mail.conf mail_location = maildir:~/Maildir
4.- Restart services:
# service postfix restart # service dovecot restart # chkconfig --levels 235 postfix on # chkconfig --levels 235 dovecot on
5.- Add iptables rules:
# vi /etc/sysconfig/iptables -A INPUT -m tcp -p tcp --dport 25 -j ACCEPT -A INPUT -m tcp -p tcp --dport 110 -j ACCEPT -A INPUT -m tcp -p tcp --dport 143 -j ACCEPT
# service iptables restart
Final testing
official web page of perdition project:
http://horms.net/projects/perdition/
Configuring an IMAP/POP Proxy with perdition and MySQL
great tutorial, thanks
Hey yusef!! Thank you!!
This is the only page I could find explaining the entire Perdition setup, THANKS!
It’s a bit different on CentOS/RH. Here are the changes:
Overall directories are /usr, /var, /etc (instead of /usr/local /usr/local/var /usr/local/etc )
1-3) All of these have RPMs that can be downloaded from the perdition web site. The perdition RPM is slightly broken, need to upack it and remove the dash from the version (1.19-rc5 should be 1.19rc5). I don’t think they tested the RPMs, there are some quirks in them. Too long to go into here, google to find answers as you find problems. 🙂
4) Not necessary as far as I can tell, but the mysql library is not installed where needed, so needs to be copied. Need to extract it from the tar then copy…
cp perdition/db/mysql/.libs/libperditiondb_mysql.so.0 /var/lib
6) The script is not installed by RPM, needs to be extracted from tar…
perdition/db/mysql/perditiondb_mysql_makedb
7) Not needed, already done by RPM
10 & 11) Not needed, already done by RPM, except need to modify /etc/sysconfig/perdition to disable managesieve.
Also note: there are bugs with the init script related to managesieve, you won’t be able to get status nor stop it until fixed. One of the problems is CentOS/RH only provide 15 characters of the process name in the “pidof” function. The other problem is “status” is looking at imaps instead of managesieve.
I didn’t use postfix, so don’t know about any changes related to that.
Ed.
Hi Ed!!
Thanks for your comment!! The OS used in this post I think was Centos 6.0, the directories you mentioned, you can change with –prefix flag in the configure process for compile perdition. Very useful your info, If I’ve to install from rpm packages, I will keep your tips in mind!
hi i got the below message..
the predition is using 110.. then not able to start dovecot. any idea ?
thanks
Starting DovecotError: service(pop3-login): listen(*, 110) failed: Address already in use
Error: socket() failed: Address family not supported by protocol