- Install RedHat 6.1. Apache should also be installed.
- Make the /dist directory
mkdir /dist
- Download the Mithril software.
cd /dist
wget --passive-ftp ftp://ftp.antivore.com/pub/mithril/CURRENT/RedHat_Linux-6.1-i386/mithril-0.9-bin.tar
tar xzf mithril-0.9-bin.tar
- Download the third-party software.
cd /dist
wget --passive-ftp ftp://ftp.antivore.com/pub/mithril/CURRENT/RedHat_Linux-6.1-i386/third-party.tar
tar xzf third-party.tar
- Upgrade the following third-party RPM's:
cd /dist
rpm --upgrade apache-1.3.12-2.i386.rpm apache-devel-1.3.12-2.i386.rpm \
apache-manual-1.3.12-2.i386.rpm
- Install the following third-party RPM's:
cd /dist
rpm --install MySQL-3.22.32-1.i386.rpm MySQL-client-3.22.32-1.i386.rpm \
MySQL-devel-3.22.32-1.i386.rpm MySQL-shared-3.22.32-1.i386.rpm \
openssl-0.9.5a-1.i386.rpm openssl-devel-0.9.5a-1.i386.rpm \
perl-DBI-1.13-1.i386.rpm perl-MD5-1.7-2.i386.rpm \
perl-MIME-Base64-2.11-2.i386.rpm perl-MailTools-1.13-2.i386.rpm \
perl-Mysql-1.2202-1.i386.rpm perl-SHA-1.2-2.i386.rpm \
php-mysql-pgsql-4.0.1p2-1.i386.rpm
- Install tcpserver, an inetd replacement. Inetd is not currently
supported by Mithril (the startup files assume tcpserver). Run the included
script install-tcpserver.sh.
sh install-tcpserver.sh
- Install all the following Mithril RPM's:
rpm --install gnupg-0.9.8-1.i386.rpm gpg-tools-adduser-0.9-1.i386.rpm \
gpg-tools-hash-0.9-1.i386.rpm imapproxy-0.9-1.i386.rpm \
libcrypt-client-0.9-1.i386.rpm libcrypt-client-devel-0.9-1.i386.rpm \
libdbd-0.9-1.i386.rpm libdbd-devel-0.9-1.i386.rpm \
libfixup-mime-0.9-1.i386.rpm libfixup-mime-devel-0.9-1.i386.rpm \
libmime-0.9-1.i386.rpm libmime-devel-0.9-1.i386.rpm \
popproxy-0.9-1.i386.rpm smtpcrypt-0.9-1.i386.rpm \
pksphpd-0.9-1.i386.rpm
Note that this should only leave the following Mithril RPM'S uninstalled:
- dpipe
- dpipe-mod-in-reply-to
- dpipe-mod-user-exists
- gpg-tools-pwcheck
- Install your MTA. Choose one of the following:
- qmail (Recommended)
- Remove sendmail from your system
rpm --nodeps -e sendmail
- Extract qmail-patches.tar.gz in /usr/local/src
cd /usr/local/src
tar xzf /dist/qmail-patches.tar.gz
- Run install-qmail.sh script
sh install-qmail.sh
- Install the Delivery Pipe Mithril RPM's:
rpm --install dpipe-0.9-1.i386.rpm dpipe-mod-in-reply-to-0.9-1.i386.rpm \
dpipe-mod-user-exists-0.9-1.i386.rpm
- sendmail
- Sendmail should already be installed on your RedHat system.
- Edit /etc/sysconfig/sendmail. The variable "DAEMON" should be set to "no".
- external - you may also use an external MTA (off of the Mithril box). No
further setup is required at this point.
- Download and install stunnel.
cd /usr/local/src
tar xzf /dist/stunnel-3.8p4.tgz
cd stunnel-3.8p4
./configure
make
make install
- Install your mail access server. Choose one of the following:
- cyrus (Recommended)
- Download and install libsasl. A script, install-sasl.sh,
is included.
sh install-sasl.sh
- Download and install the cyrus IMAP/POP daemons. Use the
install-cyrus.sh script included.
sh install-cyrus.sh
- Install the replacement for cyrus pwcheck.
rpm --install gpg-tools-pwcheck-0.9-1.i386.rpm
- UW-IMAP
- UW-IMAP is available in RPM format on your RedHat CD (if you haven't
installed it already).
- external - An external IMAP/POP server may be used. No additional
configuration is necessary at this point.
- Edit /etc/mithril files:
- popproxy.conf - The only setting that needs to be changed immediately is
the "path" setting if /usr/cyrus/bin/pop3d is not correct (i.e., if you are
not using cyrus). The appropriate value for UW-IMAP is "/usr/sbin/ipop3d".
For an external server, set the address field. See the configuration
documentation for more details.
- imapproxy.conf - The only setting that needs to be changed immediately is
the "path" setting if /usr/cyrus/bin/imapd is not correct (i.e., if you are
not using cyrus). The appropriate value for UW-IMAP is "/usr/sbin/imapd".
For an external server, set the address field. See the configuration
documentation for more details.
- dpipe.conf - no additional configuration should be necessary.
- smtpcrypt.conf - The only setting that needs to be changed immediately is
the "exec" setting if /var/qmail/bin/qmail-smtpd is not correct (i.e., you
are not using qmail). The appropriate value for Sendmail is
"/usr/sbin/sendmail -bs". For an external server, set the address field. See
the configuration documentation for more details.
- Set up certificates - you may have your own server certificates, or you
may have to create self-signed certificates. To create your own, try this:
- Generate random data
dd if=/dev/urandom bs=128k count=1 >rand.dat
- Generate a key
openssl genrsa -rand rand.dat -out key.pem 1024
- Generate a signing request
openssl req -new -key key.pem -out req.csr
- Generate the certificate
openssl x509 -req -days 730 -in req.csr -signkey key.pem -out cert.pem
- Make the combined cert/key file
(cat key.pem; echo ""; cat cert.pem; echo "") >stunnel.pem
Now install the certificates
cp stunnel.pem /var/ssl/certs
cp cert.pem /var/ssl/certs/smtpcrypt.cert
cp key.pem /var/ssl/certs/smtpcrypt.key
chmod 0600 /var/ssl/certs/smtpcrypt.key /var/ssl/certs/stunnel.pem
- Install key management scripts
tar xvvzf /dist/key_front_end.tar.gz -C /home/httpd
echo 'Alias /keys /home/httpd/key_front_end' >>/etc/httpd/conf/httpd.conf
- If cyrus is installed, you will need to create a "root" user (this user
can then be used with the cyradm tool to create mailboxes):
# Make sure gpgd is running
/etc/rc.d/init.d/gpgd start
adduser-gpg root
# Crypt-client will prompt you for a passphrase on stdin
crypt-client root genkey "Root" "Administrator" "root@yourdomain"