Mithril Install Notes

Follow these steps to install Mithril:

  1. Install RedHat 6.1. Apache should also be installed.
  2. Make the /dist directory
    mkdir /dist
    
  3. Download the Mithril software.
    cd /dist
    wget --passive-ftp ftp://ftp.antivore.com/pub/mithril/CURRENT/RedHat_Linux-6.1-i386/mithril-0.9-bin.tar
    tar xzf mithril-0.9-bin.tar
    
  4. Download the third-party software.
    cd /dist
    wget --passive-ftp ftp://ftp.antivore.com/pub/mithril/CURRENT/RedHat_Linux-6.1-i386/third-party.tar 
    tar xzf third-party.tar 
    
  5. Upgrade the following third-party RPM's:
    cd /dist
    rpm --upgrade apache-1.3.12-2.i386.rpm apache-devel-1.3.12-2.i386.rpm \
      apache-manual-1.3.12-2.i386.rpm
    
  6. Install the following third-party RPM's:
    cd /dist
    rpm --install MySQL-3.22.32-1.i386.rpm MySQL-client-3.22.32-1.i386.rpm \
      MySQL-devel-3.22.32-1.i386.rpm MySQL-shared-3.22.32-1.i386.rpm \
      openssl-0.9.5a-1.i386.rpm openssl-devel-0.9.5a-1.i386.rpm \
      perl-DBI-1.13-1.i386.rpm perl-MD5-1.7-2.i386.rpm \
      perl-MIME-Base64-2.11-2.i386.rpm perl-MailTools-1.13-2.i386.rpm \
      perl-Mysql-1.2202-1.i386.rpm perl-SHA-1.2-2.i386.rpm \
      php-mysql-pgsql-4.0.1p2-1.i386.rpm
    
  7. Install tcpserver, an inetd replacement. Inetd is not currently supported by Mithril (the startup files assume tcpserver). Run the included script install-tcpserver.sh.
    sh install-tcpserver.sh
    
  8. Install all the following Mithril RPM's:
    rpm --install gnupg-0.9.8-1.i386.rpm gpg-tools-adduser-0.9-1.i386.rpm \
      gpg-tools-hash-0.9-1.i386.rpm imapproxy-0.9-1.i386.rpm \
      libcrypt-client-0.9-1.i386.rpm libcrypt-client-devel-0.9-1.i386.rpm \
      libdbd-0.9-1.i386.rpm libdbd-devel-0.9-1.i386.rpm \
      libfixup-mime-0.9-1.i386.rpm libfixup-mime-devel-0.9-1.i386.rpm \
      libmime-0.9-1.i386.rpm libmime-devel-0.9-1.i386.rpm \
      popproxy-0.9-1.i386.rpm smtpcrypt-0.9-1.i386.rpm \
      pksphpd-0.9-1.i386.rpm
    

    Note that this should only leave the following Mithril RPM'S uninstalled:


  9. Install your MTA. Choose one of the following:
  10. Download and install stunnel.
    cd /usr/local/src
    tar xzf /dist/stunnel-3.8p4.tgz
    cd stunnel-3.8p4
    ./configure
    make
    make install
    
  11. Install your mail access server. Choose one of the following:
  12. Edit /etc/mithril files:
  13. Set up certificates - you may have your own server certificates, or you may have to create self-signed certificates. To create your own, try this:
    1. Generate random data
      dd if=/dev/urandom bs=128k count=1 >rand.dat
    2. Generate a key
      openssl genrsa -rand rand.dat -out key.pem 1024
    3. Generate a signing request
      openssl req -new -key key.pem -out req.csr
    4. Generate the certificate
      openssl x509 -req -days 730 -in req.csr -signkey key.pem -out cert.pem
    5. Make the combined cert/key file
      (cat key.pem; echo ""; cat cert.pem; echo "") >stunnel.pem

    Now install the certificates

    cp stunnel.pem /var/ssl/certs
    cp cert.pem /var/ssl/certs/smtpcrypt.cert
    cp key.pem /var/ssl/certs/smtpcrypt.key
    chmod 0600 /var/ssl/certs/smtpcrypt.key /var/ssl/certs/stunnel.pem
    
  14. Install key management scripts
    tar xvvzf /dist/key_front_end.tar.gz -C /home/httpd
    echo 'Alias /keys /home/httpd/key_front_end' >>/etc/httpd/conf/httpd.conf
    
  15. If cyrus is installed, you will need to create a "root" user (this user can then be used with the cyradm tool to create mailboxes):
    # Make sure gpgd is running
    /etc/rc.d/init.d/gpgd start
    adduser-gpg root
    # Crypt-client will prompt you for a passphrase on stdin
    crypt-client root genkey "Root" "Administrator" "root@yourdomain"