FreeNAS: Installing Dovecot

Various notes on installing dovecot on FreeNAS 11. I understand this has no dovecot security applied. This is a tutorial for a LAN lab environment.

    1. If the FreeNAS is a VM, make sure the virtual network adapter permits permiscuous mode. This allows jails to network.
    2. Create dataset.
    3. Adjust Jails Setting, disable DHCP fn-jails
    4. Create a jail with an IP address and allow.raw_sockets=true. This allows ping. Make sure that VIMAGE is unselected.fn-jail1fn-jail2
    5. Add storage to jail. Both /usr/ports and /mnt/pool/jails/foo.
    6. Install vim:
      1. jls
      2. sudo jexec foo sh
      3. # cd /usr/ports/editors/vim
      4. make install
    7. Update pkg metadata for jail
      1. # pkg update
    8. Install screen, dovecot from package
      1. # pkg install dovecot
      2. # pkg install screen
    9. Edit dovecot stuff
    10. Message from dovecot-2.2.33.2_2:
      ---------------------------------------------------------------------
      You must create the configuration files yourself. Copy them over
      to /usr/local/etc/dovecot and edit them as desired:
      
      cp -R /usr/local/etc/dovecot/example-config/* \
      /usr/local/etc/dovecot
      
      The default configuration includes IMAP and POP3 services, will
      authenticate users agains the system's passwd file, and will use
      the default /var/mail/$USER mbox files.
      
      Next, enable dovecot in /etc/rc.conf:
      dovecot_enable="YES"
      ---------------------------------------------------------------------
      To avoid a risk of mailbox corruption, do not enable the
      security.bsd.see_other_uids or .see_other_guids sysctls if Dovecot
      is storing mail for multiple concurrent users (PR 218392).
      ---------------------------------------------------------------------
      If you want to be able to search within attachments using the
      decode2text plugin, you'll need to install textproc/catdoc, and
      one of graphics/xpdf or graphics/poppler-utils.
      ---------------------------------------------------------------------
    11. We’ll skip the imap search features for now
    12. Let’s create a user inside this jail
      1. adduser, nologin, use a password
    13. Verify /var/mail/kathy exists
    14. Check in on QuickConfiguration
    15. in /usr/local/etc/dovecot…
      1. should be using conf.d/auth-system
      2. conf.d/10-auth: disable_plaintext = no
    16. /etc/pam.d
      1. create dovecot:
      2. auth    required        pam_unix.so
        account required        pam_unix.so
    17. conf.d/10-mail.conf : mail_location = maildir:~/Maildir
    18. 10-master.conf: comment out pop3
    19. 10-ssl.conf : ssl=no
    20. in ../dovecot.conf: remove ‘::’ as interface to listen on
    21. # service dovecot restart
    22. Now attempt to hit it with thunderbird, use configs like this:fn-tbird-imap

Next is Outlook

Follow these directions on adding a IMAP account to Outlook.

If it’s really old, microsoft suggests this article.

 

Advertisements

File System Thots

A brief experiment in calculating a histogram of file sizes:

$ find -type f -size -128000c -printf "%k\n" \
| sort -n \
| perl -ne 'BEGIN{ %h=(); } 
{chomp $_; $h{$_}++;} 
END { foreach my $k (sort {$h{$a} <=> $h{$b}} keys(%h)) { 
      print "$k $h{$k}\n"; }}'
137 3
145 3
121 3
129 5
113 7
25 10
105 14
97 21
89 29
81 35
73 38
65 60
57 92
49 165
1 221
41 317
33 781
9 4220

Ubuntu 14.04 Bonding is Bonkers

It took reading through this launchpad bug to find ideas on how to get a bonding interface working on Ubuntu. This is dumb and why people hate computers: could they at least have provided a more useful syntax or better warning messages?

auto eth7
allow-bond0 eth7
iface eth7 inet manual
   bond-master    bond0
   mtu            9000

auto eth8
allow-bond0 eth8
iface eth8 inet manual
   bond-master    bond0
   mtu            9000

auto bond0
iface bond0 inet static
   address        10.52.0.1
   netmask        255.255.255.0
   network        10.52.0.0
   gateway        10.52.0.2
   bond-slaves    eth7 eth8
   bond-mode      balance-rr
   bond-miimon    100
   bond-downdelay 200
   bond-updelay   200
   mtu            9000
   use-carrier    1
   pre-up (sleep 2 && ifup eth7) &
   pre-up (sleep 2 && ifup eth8) &

And you want to make sure all interfaces are down. Then rmmod bonding. At this point, ifup bond0 should complain a bit but it should work.

Challenge of Two Cases

Small and portable PCs are an attractive computing option. Unfortunately, they are at odds with much of the technical networking world. If you merely need one large graphics card or one beefy 10GbE networking card, you can get away with your MiniITX form factor system.

Contrast that with doing WiFi and wired network testing: often you want a system that can emulate an upstream network and emulate user clients on WiFi. This means two 1GbE ports to bond with a 4×4 Access Point these days. You can maybe get by with a mini ITX if it somehow had multiple 1GbE ports (like an AsRock Rack motherboard would), but that’s not the common request I’m hearing.

Let’s go for two 4×4 nics, 1 3×3 nic, and one 2x 10GbE card. Four slots. First challenge: a reliable MicroATX motherboard: a SuperMicro x11ssm-f will work pretty well. Second challenge: a case. Well, people often don’t consider a 2U rack mount case “portable.” The dimensions on that are often 17x14x3.5in. Most home theater PC cases are actually quite close to that size, or larger. Most of SilverStones HTPC cases are 18x15x4.5.

Antec has an attractive case: VSK2000-u3: 14 x 13 x 4in. This case can sit horizontal or vertical. It appears to be the smallest MicroATX case on the market. It comes with a 92mm case fan that is PWM* (once you strip and re-wire the plug). It requires a TFX power supply which limits us to 350W. This is sufficient, but we lack air draw thru such a small PSU.

Rosewill has a very small MicroATX case that might be more useful: 15.74 x 14.4 x 7.3in. This case is bigger. It’s a mini-tower and has a vertical tower orientation. Anything bigger might be harder to ship, but doesn’t have much bearing on the weight. We can fit an ATX power supply in this case, allowing us up to 750W with ease, and plenty of air draw through all parts of the case.

A desktop environment is the typical setting for a portable case unit. Fans are a challenge, and the premium silent fans (think Noctua) just don’t produce adequate airflow for such high heat density. We’re combining an 80W processor plus ~50W of network cards right next to each other with only about 30-50 CFM airflow through the whole case. Coolers that fit a HTPC form factor case come with 92mm x 15mm fans which move about 28-35CFM, and tend barely to keep the system below 73C. That is not adequate. A 2U server does a much better job at cooling at the cost of noise, however, with 3000RPM fans.

So which case is better? The smaller case that you have to discard your stock fans out of (discard the vertical heat sink fan for a 92x25mm ~50CFM fan, along with case fan)? Extra effort, waste. Or the bigger system that will allow a 120mm fan on a tower cooler?

Beware the Hubris of FreeBSD

I hear a lot of very proud talk from various BSD zealots, mostly about how if you want better uptime/throughput/correctness, you should drop Linux like a rock crawling with centipedes and pick up the shinny golden nugget of FreeBSD. This will not work for me.

While Linux might be “only good enough” in their eyes, in my eyes its been better than windows for over 20 years. I hear quiet, off-hand mumbling about the state of graphics drivers and laptop support on FreeBSD. I hear they just recently got preliminary support for UEFI booting.

Various interviews with FreeBSD proponents often start with “oh, I started with Linux in the early nineties and it was a trash fire and I loved FreeBSD 4.x and haven’t looked back.” And “I hear Linux lacks proper jail support” and “Linux has a broken security model” and “SystemD is going to be the death of Linux.” Are these actually helpful points of view?

Not everyone is suffering under Linux. I’ve been putting Linux under punishing workloads for decades now and the important bit of wisdom I want to remind you of is this:

You cannot support something you are not familiar with.

Linux still makes a great desktop, server and embedded system. It’s got great tools. It runs zillions of servers and there is not a mass exodus to FreeBSD. To give a BSD or Linux box the kind of uptime, performance or security you want takes years of experience and knowledge of the subtleties of the platform. If you’re actually considering switching, start by doing a pilot project: build an evaluation stack and see if your workflow matches up to it. Bet you a buck the first thing you find is that paths, utilities and configuration defaults are going to get in your way for months until you build up your mental tree.

FreeBSD zealots behave just as much like Linux zealots behave to Windows users. Often haughty, rude and dismissive. Let’s none of us be that way.