PROBLEM
What are the system requirements for installing atmail products onto my own server?
ENVIRONMENT
- atmail suite - webmail
- atmail suite - API server
- atmail suite - DAV server
- atmail mail server
CAUSE
Installation requirements.
RESOLUTION
Minimum system hardware requirements
Consider the installation type required for your atmail on-premises setup. Review the Installation Type guide for more details.
Minimum system hardware requirements
- atmail suite - webmail
- CPU: 2 core
- RAM: 4 GB
- SSD: 20 GB
- atmail suite - API server
- CPU: 2 core
- RAM: 4 GB
- SSD: 40 GB
- atmail suite - DAV server
- CPU: 2 core
- RAM: 4 GB
- SSD: 40 GB
- atmail mail server
- CPU: 2 core
- RAM: 4 GB
- SSD: 40 GB (excluding mail storage)
Minimum system software requirements
- Operating System
- CentOS 7.x only
- Redhat Enterprise 7.x only
-
Postfix
If you are planning to use the atmail mail server, you will need to remove the Postifx MTA daemon, that is installed by default on CentOS 7.
As you will notice, Postfix is started and listens on localhost on port 25. Proceed with Postfix MTA service removal by issuing the following commands.
systemctl stop postfix
systemctl disable postfix yum remove postfix -y - MariaDB
MariaDB must be installed and configured before installation of atmail suite or atmail mail server software.
yum install mariadb mariadb-server -y -qOnce the installation is complete, enable MariaDB to start on boot and start the service:systemctl enable mariadb
Ensure that the MariaDB service is active:
systemctl start mariadbsystemctl status mariadb
Finally, run the mysql_secure_installation script:
● mariadb.service - MariaDB database server
Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2019-12-09 16:05:34 AEST; 2s ago
Process: 18325 ExecStartPost=/usr/libexec/mariadb-wait-ready $MAINPID (code=exited, status=0/SUCCESS)
Process: 18237 ExecStartPre=/usr/libexec/mariadb-prepare-db-dir %n (code=exited, status=0/SUCCESS)
Main PID: 18324 (mysqld_safe)
CGroup: /system.slice/mariadb.service
├─18324 /bin/sh /usr/bin/mysqld_safe --basedir=/usr
└─18487 /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --log-error=/var/log/mariadb/mariadb.log --pid-file...
mysql_secure_installation
If you set a password, you will need to remember to supply it when installing mail server and atmail suite.
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password: *********
Re-enter new password: *********
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] n
... skipping.
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
Test if you are able to run mariaDB:mysql -u root -p
Enter password:*********
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 20
Server version: 5.5.64-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> exit
Bye - OpenSSL
OpenSSL must be installed and configured before installation of atmail suite or atmail mail server software.
yum install openssl openssl-libs -y -q - Firewalld
Ensure you have the appropriate firewalld configuration as this will ensure that the correct ports are opened. By default, all ports other than 22 will be closed.
Check if firewalld is enabled and started
systemctl is-enabled firewalld
enabled
If this command do not return enabled you should perform the next command
systemctl enable firewalld
Created symlink from /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service to /usr/lib/systemd/system/firewalld.service.
Created symlink from /etc/systemd/system/basic.target.wants/firewalld.service to /usr/lib/systemd/system/firewalld.service.Start firewalld
systemctl start firewalld
systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2017-06-27 16:53:32 AEST; 5s agoList allowed services
firewall-cmd --list-service
dhcpv6-client sshAdd required services: HTTPS, SMTP, IMAP, POP3, DAV, DHCP (May be required in a testing environment).
firewall-cmd --zone=public --add-service=smtp --add-service=smtps --add-service=imap --add-service=imaps --add-service=pop3 --add-service=pop3s --add-service=https --add-service=dhcp --permanent
success
firewall-cmd --zone=public --add-port=587/tcp --add-port=8443/tcp --permanent
successReload firewalld
firewall-cmd --reload
successList allowed services and ports. Check for previously added additions. Please note, by default Exim does not have a service running on 587/tcp so this addition is optional.
firewall-cmd --list-all | grep 'services\|ports' | head -n 2
services: dhcp dhcpv6-client https imap imaps pop3 pop3s smtp smtps ssh
ports: 8443/tcp 587/tcpFurther information on the use of firewalld can be seen at on our Help Centre page firewalld
-
Extra Packages for Enterprise Linux (EPEL)
Some packages are available from the EPEL repository which needs to be accessible.
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm -y
-
- atmail suite - webmail
- NGINX - Installed during atmail suite rpm installation.
- atmail suite - API server
- browsers
- chrome (latest)
- firefox (latest)
- safari (latest)
- microsoft edge (latest)
- internet explorer 11
- mobile (latest per device)
- atmail suite - API server
- MariaDB
- redis (recommended but optional. Although optional, warnings will be shown in the api server logs)
- atmail DAV (optional)
- supported IMAP backend
- dovecot 2.2.19+
- required extensions
- IDLE
- QRESYNC
- CONDSTORE
- CHILDREN
- STARTTLS
- THREAD=REFS
- UIDPLUS
- SORT
- UID SORT
- LIST-STATUS
- SPECIAL-USE
- MOVE
- atmail suite - DAV server
- PHP 5.4 - Installed during atmail suite rpm installation.
- MariaDB - MariaDB must be installed and configured before installation of atmail suite or atmail mail server software.
- NGINX - Installed during atmail suite rpm installation.
- atmail mail server
- PHP 5.4 - Installed during atmail suite rpm installation.
- MariaDB - MariaDB must be installed and configured before installation of atmail suite or atmail mail server software.
- NGINX - Installed during atmail suite rpm installation.
Comments