From SynologyWiki

Contents 1 Warning 2 Introduction 2.1 Topics 2.2 Audience 2.3 Requirements 3 Ipkg 3.1 Installation 3.2 Configuration 4 Postfix 4.1 Installation 4.2 Configuration 5 Dovecot 5.1 Installation 5.2 Configuration 5.3 SSL Certification Generation 6 RoundCube 6.1 Installation 6.2 Configuration 6.2.1 SSL Certification Generation 6.2.2 Apache and PHP Integration 6.2.3 Permissions 6.2.4 MySQL Integration 6.2.5 Installer 6.2.6 Logging In 7 Creating Accounts

Warning

This article is not 100% verified.

This article is not compliant with Synologys guidlines for 3rd-Party Apps Integration [1]

Introduction

Topics

This guide describes the installation and configuration of email and web mail software on a Linux server, specifically a Synology DS NAS device. The guide covers the following software:

• Ipkg for software installation
• Postfix 2.3.6 for SMTP
• Dovecot 1.0.3 for IMAP and SSL IMAP
• RoundCube 0.1.1 for web mail

Audience

This guide assumes basic Linux system administration skills, including familiarity with the console and text editing abilities.

Requirements

This guide assumes that the following software is pre-installed on the Linux server:

• BusyBox 1.1.0
• PHP 5.2.0 with support for MySQL, PCRE, and OpenSSL
• MySQL 5.0.51
• Apache 2.2.3
• a text editor such as vi

Furthermore, in order to carry out any of the installation instructions, you should first connect to the server via SSH or telnet and successfully login as root. Note that in some cases, the paths to certain configuration files or commands may be different on your server than as described below. If this occurs, you may have to alter the paths accordingly.

Ipkg

These Ipkg installation instructions are only necessary if you do not yet have Ipkg, apt, yum, or another package manager installed on the server. See the Synology NAS Community Forum [2] for more detailed information on Ipkg installation.

If you already have a package manager, skip this section.

Installation

First, download an Ipkg bootstrap archive designed for Synology NAS devices:

wget http://www.maartendamen.com/synoware/ds armmarvell-bootstrap 1.0.xsh

Next, run the downloaded archive to install Ipkg on your server:

sh ds armmarvell-bootstrap 1.0.xsh

You should see several messages about the creation of an Ipkg repository and the installation of OpenSSL. Once that process completes, edit the Ipkg configuration file to allow the installation of more programs:

Configuration

vi /opt/etc/ipkg.conf

Add the following line to the ipkg.conf file, and then save and close the file:

src packages http://ipkg.nslu2-linux.org/feeds/optware/syno-x07/cross/unstable/

Update Ipkg with the newest list of available packages:

ipkg update

Postfix

Installation

Start by installing Postfix with your package manager. For instance, to install Postfix with Ipkg:

ipkg install postfix

Configuration

Configure Postfix:

vi /opt/etc/postfix/main.cf

Find a line that contains “myhostname =” and alter it to be the following, replacing myserver.example.com with the fully qualified domain name of your server.

myhostname = myserver.example.com

Find a line that contains “mydomain =” and alter it to be the following, replacing example.com with just your domain name:

mydomain = example.com

Find a line that contains “myorigin =” and alter it to be the following:

myorigin = $mydomain

Find a line that contains “mydestination =” and alter it to be the following:

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

Find a line that contains “mynetworks =” and alter it to be the following, replacing 1.2.3.4.0 with the IP address of a network that you would like to trust to send outgoing mail through this mail server. For instance, changing the value to 5.4.3.0 would allow the range of addresses from 5.4.3.0 to 5.4.3.254 to send outgoing mail through your server:

mynetworks = 1.2.3.0/24, 127.0.0.0/8

There are other ways to configure Postfix to allow email clients to send outgoing mail other than by IP address, but that is outside the scope of this document. See the Postfix SASL HOWTO [3] for more information. Find a line that contains “home mailbox =” and alter it to be the following:

home mailbox = Maildir/

For all of the above modifications, make sure that the lines you change don’t start with “#” after your changes are made. Save and close the configuration file. Finally, restart the Postfix server process to pick up the configuration changes you have made:

/opt/etc/init.d/postfix restart

Dovecot

Installation

Start by installing Dovecot with your package manager. For instance, to install Dovecot with Ipkg:

ipkg install dovecot

Configuration

Edit Dovecot’s configuration file:

vi /opt/dovecot/dovecot.conf

Find the line that contains “protocols =” and alter it to be the following:

protocols = imap imaps

Find the line that contains “default mail env =” and alter it to be the following:

default mail env = maildir:˜/Maildir

Find the line that contains “listen =” and alter it to be the following:

listen = *

Find the line that contains “ssl listen =” and alter it to be the following:

ssl listen = *

Find the line that contains “ssl disable =” and alter it to be the following:

ssl disable = no

Find the lines that contains “ssl cert file =” and “ssl key file =” and alter them to be the following:

ssl cert file = /opt/etc/ssl/certs/dovecot.pem
ssl key file = /opt/etc/ssl/private/dovecot.pem

Find the line that contains “ssl cipher list =” and alter it to be the following:

ssl cipher list = all:!low

For all of the above modifications, make sure that the lines you change don’t start with “#” after your changes are made.

Save and close the configuration file.

SSL Certification Generation

In order to support SSL IMAP access, you need an SSL certificate installed on the server. The following instructions describe how to create a self-signed SSL certificate for use with Dovecot. Note that because this certificate is self-signed, it will cause a warning message to appear when accessed with an email client. Start by issuing the following command all on one line:

openssl req -new -x509 -days 9999 -nodes -out /opt/etc/ssl/certs/dovecot.pem -keyout /opt/etc/ssl/private/dovecot.pem

This will prompt you for several values:

• Enter your country’s 2-letter code, such as “NO”.
• Enter your province name.
• Enter your city name.
• Enter your organization name.
• Enter your unit or department name, or just press enter.
• For Common Name, enter the fully qualified domain name of your server, and not your name.
• Enter your email address, or just press enter.

This will place SSL certificate files in the location expected by Dovecot. Finally, restart the Dovecot server process to pick up the configuration changes you have made:

/opt/etc/init.d/dovecot restart

You should now be able to configure an email client to retrieve email from the server via IMAP or IMAP SSL.

RoundCube

Installation

RoundCube is not currently available as an Ipkg package, so the following instructions describe installing and configuring RoundCube manually. Start by changing to your Apache document root directory:

cd /var/www

Note that your Apache installation may be configured with a different document root. Look for the value of the DocumentRoot directive within the /opt/etc/apache2/sites-available/default file to find out what it is. If it is different than /var/www, then cd to that directory instead. Also, you should alter any subsequent commands that refer to /var/www as well.

Next, download RoundCube. Note that this command should be entered all on one line, with the only space in the line after “wget”:

wget http://internap.dl.sourceforge.net/sourceforge/roundcubemail/
roundcubemail-0.1.1.tar.gz

Uncompress the downloaded file:

tar xzf roundcubemail-0.1.1.tar.gz

Rename the uncompressed directory:

mv roundcubemail-0.1.1 mail

Configuration

SSL Certification Generation

In order to support SSL web mail access, you need an SSL certificate installed on the server. The following instructions describe how to create a self-signed SSL certificate for use with Apache. Note that because this certificate is self-signed, it will cause a warning message to appear when accessed with a web browser. Start by issuing the following command all on one line:

openssl req -new -x509 -days 9999 -nodes -out /opt/etc/apache2/apache.pem -keyout /opt/etc/apache2/apache.pem

This will prompt you for several values:

• Enter your country’s 2-letter code, such as “NO”.
• Enter your province name.
• Enter your city name.
• Enter your organization name.
• Enter your unit or department name, or just press enter.
• For Common Name, enter the fully qualified domain name of your server, and not your name.
• Enter your email address, or just press enter.

Apache and PHP Integration

To make use of the SSL certificate, enable Apache’s mod ssl support:

a2enmod ssl

Next, configure Apache to listen on port 443 for SSL connections:

vi /opt/etc/apache2/ports.conf

Add the following line to the file, and then save and close the file:

Listen 443

To enable a virtual host with support for SSL:

vi /opt/etc/apache2/sites-available/default

Find the lines that look like this:

NameVirtualHost *

<VirtualHost *>

And change them to look like this:

NameVirtualHost *:80
<VirtualHost *:80>
Then, at the bottom of the file, add the following lines:
NameVirtualHost *:443
<VirtualHost *:443>
DocumentRoot /var/www/mail
<Directory /var/www/mail>
Options Indexes
AllowOverride None
</Directory>
SSLEngine on
SSLCertificateFile /opt/etc/apache2/apache.pem
</VirtualHost>

Save and close the configuration file. Next, reconfigure PHP to support RoundCube:

vi /opt/etc/php5/apache2/php.ini

Find the line that starts with “magic quotes gpc” and and change its value from “On” to “Off”. Save and close the file. Finally, restart the Apache server process to pick up the configuration changes you have made:

/opt/etc/init.d/apache2 restart

Permissions

Change to the RoundCube directory:

cd /var/www/mail

Update the permissions on Roundcube’s temp and logs directories so Apache has access to them:

chown -R www-data.www-data temp logs
chmod -R g+w temp logs

Note that your Apache installation may be configured with a different user and group than www data. Look for the value of the User and Group directives within the /opt/etc/apache2/apache2.conf file to find out what they are. If they are different than www-data, then alter the chown command accordingly. Note that the first www-data in that command is the user, and the second is the group.

MySQL Integration

While still in the RoundCube directory, create and initialize a MySQL database for RoundCube by issuing the following commands. Note that you should replace “yourpassword” with a new RoundCube database password you create for this purpose. Also note that you can break the commands across multiple lines (except for the last command), as long as you break them only on spaces:

mysql
CREATE DATABASE roundcubemail DEFAULT CHARACTER SET utf8 COLLATE utf8 general ci;
GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost IDENTIFIED BY
’yourpassword’;
quit
mysql roundcubemail < SQL/mysql5.initial.sql

If you have trouble getting MySQL to accept the GRANT command, try retyping the single quotations around the password, as cutting and pasting from a PDF may cause the quotations to be entered incorrectly.

Installer

Open a web browser and go to the following URL, replacing example.com with the fully qualified domain name of your server:

https://example.com/installer

You should see the page for the “RoundCube Webmail Installer”. Click the “START INSTALLATION” button at the bottom of the page. The next page will show you whether the RoundCube environment has missing or misconfigured dependencies. You may be able to install missing packages with Ipkg or change PHP’s configuration as per RoundCube’s requests. You can reload or refresh the web page to see if any changes have taken effect. When RoundCube’s depdencies are properly installed and configured, click the “NEXT” button at the bottom of the page. You will see a page to create RoundCube’s configuration. You can leave all of the configuration values at their defaults, except for the following:

• Under Database setup, change the value of the Database password to the password you entered when originally creating the RoundCube MySQL database.
• Under IMAP Settings, change the value of default host to localhost
• Under SMTP Settings, change the value of stmp server to localhost

Then click the “CREATE CONFIG” button at the bottom of the page. On the next page, the two generated config files are displayed. Copy and paste the entire contents of the first text area into a new file at /var/www/mail/config/main.inc.php Copy and paste the entire contents of the second text area into a new file at /var/www/mail/config/db.inc.php Make sure that you copy the whole file and don’t leave out any parts. The RoundCube installer is complete, and you can close your web browser window at this point. For security reasons, it’s a good idea to move the installer directory out of RoundCube’s directory so no one else can access the installer:

mv /var/www/mail/installer /root/

Logging In

To use RoundCube, open a web browser and go to the following URL, replacing example.com with the fully qualified domain name of your server:

https://example.com/

You should be able to login to RoundCube with the username and password of any of the server’s existing Unix user accounts. You may want to click “Personal Settings” and then “Identities” to change the configured email address, display name, and other settings for your account.

Creating Accounts

In order to make use of the newly installed email and web mail software, you will have to create accounts for any people who you would like to have email addresses on your server. User administration is outside the scope of the document, but all you should need to do is create a standard Unix user with a command such as adduser.