For those who wants to give it a try, here is the best way to have a (fast) setup of the DTC control panel. But first, to make it very quick for experts, here's the steps:
- Check that your hostname is mx.example.com (unless you know what you are doing)
- Add GPLHost's Debian repo (see addresses below) and apt-get update (use "gplhost-archive-keyring" package for our repo. key)
- apt-get install dtc-toaster
- apache2ctl start
- Enjoy and browse: https://dtc.example.com/dtcadmin/
Now, the more detailed explanations to make sure every point is 100% clear.
You will need a freshly installed Debian stable with a hard drive partition of at least 1.2 GB, plus all the space you will need for you hosted files (mail, web and db). The absolute minimum amount of RAM to run DTC is 128 MB of RAM with 256 MB of swap space, but it's highly recommended to use it with 6 or 700 MB of RAM, so you have enough to do mail content scanning and filtering. DTC doesn't use some memory by itself (as it's made only of sh and php scripts), but there's a lot of daemon running to run all the system. To give a rough idea, with about 1000 domains, you will absolutely need something like 2GB as a start, but with a reasonable traffic, 4 or even 8GB seems a good idea.
DO NOT INSTALL on DEBIAN 7. DTC is not ready for it. If you are ready to see some breakage, and put some time in fixing various things, you can take a look at this temporary page regarding installation on Wheezy: Wheezy installation specific notes
If you are using Etch, first of all, add the debian repository (select the closest to you, the .fr and .sg mirrors are synchronized hourly). Note that if you are using Lenny, DTC is directly available from your closest Debian mirror, BUT it's version is outdated and you'd better use the GPLHost repositories below, unless you want to use something older than the stable release. If you are using Squeeze, DTC has been removed from it upon request from the DTC developers (because the new version couldn't get in).
Here are the addresses of our mirrors:
PLEASE, use FTP as much as possible.
Let's say you are using our Tampa mirror (if you don't replace ftp.gplhost.com in all what is below by the mirror you have selected):
echo "deb ftp://ftp.gplhost.com/debian lenny main" >>/etc/apt/sources.list
If you are using Squeeze, replace "lenny" by "squeeze":
echo "deb ftp://ftp.gplhost.com/debian squeeze main" >>/etc/apt/sources.list
NEW: add our repository key:
wget -q ftp://ftp.gplhost.com/debian/repository_key.asc -O - | apt-key add -
Then OF COURSE, run apt-get update. Alternatively, you can run:
apt-get install gplhost-archive-keyring
Here is a full /etc/apt/sources.list for lenny (replace CC by your country code):
# Binary repositories:
deb http://ftp.CC.debian.org/debian/ lenny main
deb http://security.debian.org/debian-security lenny/updates main
deb http://volatile.debian.org/debian-volatile lenny/volatile main
deb ftp://ftp.gplhost.com/debian lenny main
# Source repositories:
#deb-src http://ftp.CC.debian.org/debian/ lenny main
#deb-src http://security.debian.org/debian-security lenny/updates main
#deb-src http://volatile.debian.org/debian-volatile lenny/volatile main
#deb-src ftp://ftp.gplhost.com/debian lenny main
Note that you don't really need the source repositories, or contrib and non-free. DTC and it's dependencies are all fully free, included in "main". If you are using Squeeze, you can use the following:
# Binary repositories:
deb http://ftp.CC.debian.org/debian/ squeeze main
deb http://security.debian.org/debian-security squeeze/updates main
# volatile has been discontinued on squeeze
# see: http://lists.debian.org/debian-volatile-announce/2012/msg00000.html(approve sites)
# deb http://volatile.debian.org/debian/ squeeze-updates main
deb ftp://ftp.gplhost.com/debian squeeze main
# Source repositories:
#deb-src http://ftp.CC.debian.org/debian/ squeeze main
#deb-src http://security.debian.org/debian-security squeeze/updates main
#deb-src http://volatile.debian.org/debian squeeze-updates main
#deb-src ftp://ftp.gplhost.com/debian squeeze main
You will notice that DTC pulls really A LOT of dependencies. This is because by default, Lenny install all the packages that are in the Recommends: section of each dependencies. If you want to avoid that, simply put this in your /etc/apt/apt.conf.d/20norecommends:
Another way to do it is:
echo 'APT::Install-Recommends "0";' >> /etc/apt/apt.conf
this 2nd way seems working better on latest Debian.
Doing this will pull 100 less (not really needed) packages at least, and save a lot of disk space by pulling only what is absolutely necessary, which is best in a server environment.
Open ports !!!
DNS - 53, SMTP - 25 (TLS - 465), IMAP - 143 (TLS - 993), POP3 - 110 (TLS - 995), FTP -21
Check that you have a valid hostname entered, or amavisd-new will complain about it and refuse to setup. Try this command, as this is the one that amavis will use:
it should return the fully qualified domain name of your mx server that should be something like "mx.example.com" (this is best option). Check that
returns mx.example.com and that
returns something like:
10.2.3.4 mx.example.com mx
The order of the host names after the IP seems to matter.
The below reverse order does NOT seem to work on Debian Etch
when running "hostname --fqdn":
10.2.3.4 mx mx.example.com
Also, you can make it so the reverse DNS for 22.214.171.124 also replies mx.example.com as many SMTP servers out there check for it. The reverse for the DNS server is less important, and you can always use mx instead of ns1 (in that case, you will change it later in dtc -> general configuration -> named zone files once DTC is installed).
check your hostname ( /etc/hostname )
hostname -d gives only example.com
hostname -s gives only mx
hostname -f gives the mx.example.com
if not, correct it by editing /etc/hostname then run /etc/init.d/hostname.sh start
Something like "mx.example.com" in /etc/hostname sounds to be the correct setup (otherwise you need some more customization).
Don't forget that once you've changed /etc/hosts or /etc/hostname you'll have to reboot your server so the changes are effective.
Then check that "uname -a" is returning the correct FQDN.
If you are still running a kernel older than 2.6.24 (for example if you run Etch), the capability module has to be loaded. Another way is to recompile pure-ftpd-mysql with the option not to use this kernel module. You can find how to do this here.
the default debconf is set to high, dtc will miss some questions. Resolve this with:
choose Dialog, the default, and then medium. This way you dont miss questions when configuring your packages at install time.
Remember that you HAVE to use the debian volatile repository to have clamav and spamassassin working. The default one simply does NOT work. So don't forget to add this repository:
deb http://volatile.debian.org/debian-volatile lenny/volatile main
For Debian "Squeeze," the volatile repository has been eliminated and has been merged into squeeze-updates, so use this:
deb http://ftp.debian.org/debian/ squeeze-updates main
Then do a apt-get update and apt-get install dtc-toaster. Answer the few questions, and that's it, you are DONE !
If you have the issue that exim4 is on the way, you might need to explicitely install postfix as well, doing like this:
apt-get install postfix postfix-tls dtc-toaster
If you want a server using a lot less memory, then you can use dtc-core. It has as few dependencies as possible, to allow you to have a minimal install. It even doesn't have a dependency on mysql, so you can use a remote MySQL server. It also allows you to choose what kind of package you want for everything. Here's an example on how to setup:
apt-get install dtc-core postfix postfix-tls postfix-mysql mysql-server-5.0
Then the rest of is as usual, knowing that you wont have mail content scanning and such. Note that if you are running a not-so-busy server, then 256 MB of RAM is enough with this kind of setup, while dtc-toaster requires quite more RAM.
This is a very common mistake: dtc-xen is NOT to be setup under the same server where dtc is installed. It's to be setup on your dom0, while dtc itself would be typically installed in a domU. If you don't know what dom0 is, read the Xen documentation.
Here is some side notes about what to answer to debconf when doing the setup.
- Create directories for web-based administration ? -> yes.
- Postfix general type of configuration? -> Internet Site. Answer mx.example.com when it asks for the mail name as this is the default in DTC.
- Run pure-ftpd from inetd or as a standalone server? -> standalone. Note you will need the capability kernel module to run pure-ftpd (can be found under the security screen in the make menuconfig).
Later, you will need to activate spamassassin and saslauthd in /etc/default, as Debian leave it not activated at boot time (See Post Install section).
The other options don't matter a lot, select what you feel is good for you.
Note that if you didn't had any question for the MySQL root password, or for pure-ftpd-mysql, that means that your debconf priority was set to high and that you need to reconfigure these package:
- dpkg-reconfigure pure-ftpd-common
- dpkg-reconfigure mysql-server-5.0
Its a good idea to run the "dpkg-reconfigure pure-ftpd-common" regarless, as the config has been known to periodically fail.
If you use Roundcube with a MySQL back-end, and it gives a database error at runtime, try installing php-mdb2-driver-mysql, but in the normal case, you'd be using roundcube-sqlite, which doesn't need it.
Debian has a policy which prevents a required post-install script from running. To complete the setup of DTC, the following script must be run as administrator:
** Note - You may need to open /etc/courier/authdaemonrc and change a line to read: \\ authmodulelist="authmysql"
to avoid the "pop3 login error" as the configuration generation screen.
When done, you should also initialize the sbox_copy folder in /var/lib/dtc. This is done like this:
Note that you should run the update_sbox_bootstrap_copy after an upgrade of DTC, since this script might have been updated with new features.
You should also check that you have the aufs module installed. In Squeeze, it's there by default, but in Lenny, you should do:
apt-get install aufs-modules-2.6-amd64
If you are running DTC in a Xen server, you could do instead:
Now, you may want to learn more about SBOX and how it works! It's very important that you read this document, so that you understand the basic concept of the Apache chroot under DTC:
Someone wrote here:
"I get root@ubuntu:/usr/share/dtc/admin/install# ./install
bash: ./install: Permission denied so I chmod 777 install, then it worked but failed at the end with -> Managing ldconfig
exec: 17: /sbin/ldconfig.real: not found.
In Kubuntu ldconfig is a script that calls ldconfig.real - Rename ldconfig to ldconfig.real in the /usr/share/dtc/admin/install/functions script"
This is because the Ubuntu package was never updated. We DID the necessary modifications in our package, but it didn't reach Ubuntu yet. In that case, make sure to use the package from GPLHost, and not the outdated one from Ubuntu.
You should also check the /etc/default folder so it starts daemons automaticaly. These files must have the excute bit set. If they dont, run these commands:
chmod +x /etc/default/saslauthd
chmod +x /etc/default/spamassassin
chmod +x /etc/default/apache2
In ubuntu Maildrop requires rights to function correctly:
Add them to /etc/rc.local so that they run each time on startup
chown dtc.dtcgrp /var/run/courier/authdaemon/
chown dtc.dtcgrp /var/run/courier/authdaemon/socket
YOU SHOULD BE ALL DONE INSTALLING DTC-TOASTER
Log in with:
Password: What you chose during the package configuration.
If it doesn't work, try using the IP address directly instead of dtc.example.com (as your DNS setting might be wrong). Something like: https://10.2.3.4/dtcadmin/
Now if you want to help gplhost, you can "vote" for us by installing the popcon package (apt-get install popcon) to participate to the Debian packages popularity contest.
These are just optional things you may want to do to clean up your installation:
Add "-4" in /etc/default/bind9 options to look like this OPTIONS="-4 -u bind" . This will prevent you geting your syslog flooded with "named: error (network unreachable) resolving" error messages.
Add "|| [ $? -eq 1 ]" to the fetchmail command line in /etc/cron.d/dtc. Mine looks like this: */15 * * * * dtc [ -d /usr/share/dtc/admin -a -s /var/lib/dtc/etc/fetchmailrc ] && fetchmail -N -n -f /var/lib/dtc/etc/fetchmailrc || [ $? -eq 1 ] 2>&1
This is because when there is no mail to fetch the fetchmail program exits with code 1 which denotes an error to cron and get reported.
Squirrelmail won't install most of the time from the META package pull. So you may have have to do it manuall with "apt-get install squirrelmail"
Finally, if you want to help us, install the popularity-contest package to report to Debian that you are using our packages. This will help us to get a higher score and help people to see that many are using our packages.
Note that dtc-toaster is a meta package that will install apache 2, mysql 5.0, postfix and courier. If you want to use cyrus, qmail, dovecot, apache 1.3, or any other specific things, you need to install them first with apt-get, then apt-get install dtc-core and it will detect what you have selected. This is also the way to go when you want to use the Cyrus delivery and pop3/imap system.
Here is the link to the howto for Debian Express Setup Old Version. If you want more explanations, you can go on the forums install faq here or on the dtc faq on this wiki (see the left menu...).
Editing this page means accepting its license.