bengreen.eu Circle Device

 

Quick Reference

Installing Courier-IMAP from Source

Installing Courier-IMAP (the hard way)

I have need of an IMAP server for my XMail server, some clients want access to their email via IMAP and XMail only supports POP3 I could use bincimap but it has long since died a death.

Downloading Required Packages

You will need the following:

  • courier-unicode
  • courier-authlib
  • courier-imap

Compilation

On Alpine Linux you must install some build tools and libraries before you can build Courier-IMAP.

apk add gcc build-base libtool gdbm gdbm-dev

*** Courier IMAP cannot be compiled on Alpine Linux ***
*** Some problem with wait() and wait3() ***

Next we want to compile it... you can go ahead and compile it as normal but I am wanting a little more control and have decided that all the files should be installed in /opt/courier.

Compile courier-unicode:

./configure --prefix=/opt/courier
make
sudo make install

Compile courier-authlib, to do this you first need to tell the configure script the location of courier-unicode:

LDFLAGS=-L/opt/courier/lib CFLAGS=-I/opt/courier/include ./configure --prefix=/opt/courier
make
sudo make install-strip

Compile courier-imap, again this will need some libraries and tools that have been installed earlier so you must alter some environment variables:

export PATH=$PATH:/opt/courier/bin
export LD_LIBRARY_PATH=/opt/courier/lib:/opt/courier/lib/courier-authlib
LDFLAGS=-L/opt/courier/lib CFLAGS=-I/opt/courier/include CPPFLAGS=-I/opt/courier/include ./configure --prefix=/opt/courier
make
sudo make install-strip

Compile maildrop this is used to put emails in the right place and should be invoked by your SMTP server... I think.

LDFLAGS=-L/opt/courier/lib CFLAGS=-I/opt/courier/include CPPFLAGS=-I/opt/courier/include ./configure --prefix=/opt/courier
make
sudo make install-strip

You can also compile a console client, cone.

LDFLAGS=-L/opt/courier/lib CFLAGS=-I/opt/courier/include CPPFLAGS=-I/opt/courier/include ./configure --prefix=/opt/courier
export LD_LIBRARY_PATH=/opt/courier/lib
make
sudo make install-strip

I use urxvt or st for my terminal emulation requirements and cone does not like these terminals so I don't use it.

Configuration

Now that the whole thing is installed in our /opt/courier directory we must now configure the server.

cp /opt/courier/etc/authlib/authdaemonrc.dist /opt/courier/etc/authlib/authdaemonrc
cp /opt/courier/etc/imapd.dist /opt/courier/etc/imapd
cp /opt/courier/etc/imapd-ssl.dist /opt/courier/etc/imapd-ssl

Authentication and Authorisation

By following the above configuration the default pam authentication module will be enabled.

By installing sqlite a sqlite authentication module will be available I do not know how to configure this one yet ;-).

imapd and imapd-ssl Configuration

Yes, this will work but it is probably not recommended.

cd /opt/courier/share
./mkdhparams
./mkimapdcert

The ./mkimapdcert will create a default self signed certificate but if you have one from LetsEncrypt or something like that you can make your own file by simply cating your cert and key files (they must be in PEM format though):

cat server.key server.cert > /opt/courier/share/imapd.pem

You can find how these files are referenced from the configuration files located in the /opt/courier/etc/ directory:

TLS_CERTFILE=/opt/courier/share/imapd.pem
TLS_DHPARAMS=/opt/courier/share/dhparams.pem

Then you can start your server everything should work just fine. Without further configuration the system should allow you to access a Maildir directory in your home directory after you login using the credentials for a local account.

Here is a simple script for starting the server up:

#!/bin/bash
export PATH=$PATH:/opt/courier/bin
export LD_LIBRARY_PATH=/opt/courier/lib
/opt/courier/sbin/authdaemond start
/opt/courier/libexec/imapd.rc start
/opt/courier/libexec/imapd-ssl.rc start

I wonder if you can guess what to do to stop it?

Testing

Firstly make sure that the authentication services are working properly this is fairly simple, in the source directory for courier-authlib there will be two executables that can be used to test the service is working properly:

./authdaemontest 1 1 ./authtest ben secret

Here ben is the username and secret is the password and should be run as the same user who started the service or root. Commuication is through a socket in /opt/courier/var/spool/authdaemon/.

You should make sure you have a Maildir compatible directory in the home directory of the user you wish to use to connect to the IMAP server. A Maildir directory can be created with some of the tools we just installed.

/opt/courier/bin/maildirmake -S /home/ben/Maildir

To check the server is working as you would like, connect to it with OpenSSL (we want to check that our certificate is correct too don't we?):

openssl s_client -starttls imap -connect 127.0.0.1:143 -crlf

or

openssl s_client -connect 127.0.0.1:993 -crlf

Then you may use the normal IMAP commands to verify that your new Courier IMAP service is working correctly:

1 LOGIN ben secret
2 LIST "" "*"
3 SELECT "INBOX"
4 FETCH 1:* (FLAGS)
5 FETCH 1 (ENVELOPE)
6 FETCH 1 (RFC822)
7 CLOSE
8 LOGOUT

Excellent!

Using maildrop

I had a small problem because I could not find a default .mailfilter example file. It is easy if you read the manual but I was in a hurry and so I did not really fancy reading all the details I just wanted a summary and a simple solution for the default Courier-IMAP configuration (Maildir in$HOME).

So, here it is:

MAILBOX="$HOME/Maildir"
to $MAILBOX

This file must have rw permissions for that user only (if the file is in their home directory). To test this you can run maildrop with the -V9 command line option (as the intended recipient):

cat PROPERLYFORMATTEDEMAIL.eml |maildrop -V9

You should now find a new file in Maildir/new or see some messages that should give you a hint as to what went wrong.

Then you can do it for real as root:

cat PROPERLYFORMATTEDEMAIL.eml |maildrop -d ben

That last command should put a file in /home/ben/Maildir/new.

References

Quick Links: Techie Stuff | General | Personal | Quick Reference