Email with Citadel on Debian 6 (Squeeze)

Select distribution:
Traducciones al Español
Estamos traduciendo nuestros guías y tutoriales al Español. Es posible que usted esté viendo una traducción generada automáticamente. Estamos trabajando con traductores profesionales para verificar las traducciones de nuestro sitio web. Este proyecto es un trabajo en curso.
Deprecated

This guide has been deprecated and is no longer being maintained.

Citadel is a groupware suite that provides system administrators with an easy method to set up and manage email, calendars, mailing lists and other collaboration tools. It is assumed that you have followed our Setting Up and Securing a Compute Instance. If you are new to Linux server administration, you may be interested in our introduction to Linux concepts guide, beginner’s guide and administration basics guide.

Set the Hostname

Before you begin installing and configuring the components described in this guide, please make sure you’ve followed our instructions for setting your hostname. Issue the following commands to make sure it is set properly:

hostname
hostname -f

The first command should show your short hostname, and the second should show your fully qualified domain name (FQDN).

Install Citadel

Issue the following commands to install any outstanding package updates:

apt-get update
apt-get upgrade

Issue the following commands to install the citadel-suite, spamassassin and amavisd-new packages:

apt-get install citadel-suite spamassassin amavisd-new

The installation process will prompt you for several configuration items. Recommended answers for these prompts are as follows.

Please note: The HTTP and HTTPS port options are particularly important. If you have already installed a web server package such as Apache or nginx that will use ports 80 and 443, please do not specify these ports for your Citadel installation.

  • Listen address - 0.0.0.0
  • Authentication method - Internal
  • Citadel administrator username - admin
  • Integration with Apache webservers - Internal
  • Webcit HTTP port - 80 if you are not running another web server, 8080 otherwise
  • Webcit HTTPS port - 443 if you are not running another web server, 4343 otherwise

If you need to reconfigure any of these options later, you can use the following command:

/usr/lib/citadel-server/setup

Check the file /etc/default/webcit to make sure the installer correctly set your desired HTTP and HTTPS ports. You may need to update the following lines:

File: /etc/default/webcit
1
2
export WEBCIT_HTTPS_PORT='443'
export WEBCIT_HTTP_PORT='80'

Finally, edit the /etc/mailname file to reflect your system’s fully qualified domain name:

File: /etc/mailname
1
hostname.example.com

Enable Spamassassin Filtering

You’ll need to edit the SpamAssassin configuration file to enable spamd:

File: /etc/default/spamassassin
1
2
# Change to one to enable spamd
ENABLED=1

Start the spamassassin service as follows:

/etc/init.d/spamassassin start

Please note that you’ll finish enabling SpamAssassin support within Citadel later in the “Notes” section.

Configure SSL

Issue the following commands to back up the default Citadel SSL files.

cd /etc/ssl/citadel
mkdir backup
mv citadel* backup

Commercial Certificate Instructions

Issue the following commands to generate a key and certificate signing request.

openssl req -new -nodes -newkey rsa:4096 -days 365 -keyout citadel.key -out citadel.csr
chmod 600 citadel.key

As part of this process, you will be prompted to enter several values, as shown below. Please take special care to specify your server’s fully qualified domain name for the “Common Name” setting.

Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:New Jersey
Locality Name (eg, city) []:Galloway
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Example Org
Organizational Unit Name (eg, section) []:Network Services
Common Name (eg, YOUR name) []:hostname.example.com
Email Address []:support@example.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Submit the citadel.csr file to your SSL certificate provider for signing. They will send you a signed certificate file; save it as /etc/ssl/citadel/citadel.cer. Once this has been done, issue the following command to copy the required files to the webcit directory:

cp -a citadel* /etc/ssl/webcit/

Self-Signed Certificate Instructions

Issue the following commands to generate a key and certificate signing request.

openssl req -new -nodes -newkey rsa:4096 -days 365 -keyout citadel.key -out citadel.csr
chmod 600 citadel.key

As part of this process, you will be prompted to enter several values, as shown below. Please take special care to specify your server’s fully qualified domain name for the “Common Name” setting.

Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:New Jersey
Locality Name (eg, city) []:Galloway
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Example Org
Organizational Unit Name (eg, section) []:Network Services
Common Name (eg, YOUR name) []:hostname.example.com
Email Address []:support@example.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Issue the following command to create a self-signed certificate and copy required files to the webcit directory:

openssl x509 -req -days 365 -in citadel.csr -signkey citadel.key -out citadel.cer
cp -a citadel* /etc/ssl/webcit/

Running Citadel

Customize the logon banner for your Citadel server by editing the /etc/citadel/messages/hello file:

File: /etc/citadel/messages/hello
1
2
3
Welcome to ^humannode!

This logon banner resides in ^bbsdir/hello -- please customize it for your site.

Issue the following commands to initialize Citadel.

/etc/init.d/citadel restart
/etc/init.d/webcit start

Visit the web interface in your web browser. Using our preceding example, the Web address to visit would resemble the following URL (append “:4343” if necessary):

https://hostname.example.com

At this point, your email system should be fully functional and can be configured through the web interface. To finish enabling SpamAssassin support, select “Administration” in the control panel. Next, click “Domain names and Internet mail configuration”. Enter “127.0.0.1” in the box for the SpamAssassin host.

Lost Password Recovery

If you lose the password to your administrator account, issue the following command:

/usr/lib/citadel-server/setup

When prompted for administrative account information, specify a new username and password. You may accept all other default settings. You should be able to log in as the new admin user. You may then reset the password for your original administrator account. After this is done, log back in as the original administrator and delete the temporary admin account.

More Information

You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.

This page was originally published on


Your Feedback Is Important

Let us know if this guide was helpful to you.


Join the conversation.
Read other comments or post your own below. Comments must be respectful, constructive, and relevant to the topic of the guide. Do not post external links or advertisements. Before posting, consider if your comment would be better addressed by contacting our Support team or asking on our Community Site.
The Disqus commenting system for Linode Docs requires the acceptance of Functional Cookies, which allow us to analyze site usage so we can measure and improve performance. To view and create comments for this article, please update your Cookie Preferences on this website and refresh this web page. Please note: You must have JavaScript enabled in your browser.