IRedMail/FAQ/Install.and.configure.Cluebringer/RHEL

From iRedMail
Revision as of 02:59, 31 December 2013 by ZhangHuangbin (Talk | contribs)

Jump to: navigation, search

Contents


Summary

Cluebringer (a.k.a. Policyd v2) is a multi-platform policy server for popular MTAs (e.g. Postfix). This policy daemon is designed mostly for large scale mail hosting environments. The main goal is to implement as many spam combating and email compliance features as possible while at the same time maintaining the portability, stability and performance required for mission critical email hosting of today. Most of the ideas and methods implemented in Policyd v2 stem from Policyd v1 as well as the authors' long time involvement in large scale mail hosting industry.

Requirements

This tutorial is applicable to Red Hat Enterprise Linux 6, CentOS 6.

Install Cluebringer

Please make sure you have iRedMail yum repository and enabled on your server:

File: /etc/yum.repos.d/iRedMail.repo
[iRedMail]
name=iRedMail
baseurl=http://www.iredmail.org/yum/rpms/6/
enabled=1
gpgcheck=0

You can now install Cluebringer with yum directly:

Terminal:
# yum install cluebringer
  • Main config file of Cluebringer is /etc/policyd/cluebringer.conf.
  • Init script is /etc/init.d/cbpolicyd.

Create SQL database for Cluebringer

  • Cluebringer stores blacklist/whitelist/greylisting and other data in SQL database, so we have to create one for it.
  • Cluebringer RPM package ships a SQL file for sample SQL tables, what we need to do is creating a database then importing this sample SQL file.

For iRedMail with OpenLDAP or MySQL backend

If you're running iRedMail with OpenLDAP or MySQL backend, you have to create a MySQL database to store Cluebringer data.

  • Find the sample SQL file:
Terminal:
# rpm -ql cluebringer | grep 'policyd.mysql.sql'
/usr/share/doc/cluebringer-2.0.14/database/policyd.mysql.sql
  • Newest MySQL server doesn't recognize 'TYPE=MyISAM' or 'TYPE=InnoDB' while creating SQL table, so we'd better convert them to 'ENGINE=' before importing it.
Terminal:
# perl -pi -e 's#TYPE=#ENGINE=#g' /usr/share/doc/cluebringer-2.0.14/database/policyd.mysql.sql
  • Now create a SQL database for Cluebringer and import SQL sample file. Important note: iRedAdmin-Pro detects Policyd/Cluebringer by dataabse name, so please do NOT use other database name.
Terminal:
# mysql -uroot -p
mysql> CREATE DATABASE cluebringer;
mysql> USE cluebringer;
mysql> SOURCE /usr/share/doc/cluebringer-2.0.14/database/policyd.mysql.sql;
Terminal:
mysql> USE cluebringer;
mysql> SOURCE /tmp/extra.sql;
mysql> SOURCE /tmp/column_character_set.mysql;
  • Create SQL user "cluebringer" (with password 'cb_password') for Cluebringer database and grant necessary privileges. Important note: Please 'cb_password' by a long, complex password.
Terminal:
mysql> GRANT SELECT,INSERT,UPDATE,DELETE ON cluebringer.* TO "cluebringer"@"localhost" IDENTIFIED BY 'cb_password';
mysql> FLUSH PRIVILEGES;
  • Make sure you can connect to MySQL server with this new SQL username and password:
Terminal:
# mysql -u cluebringer -p

For iRedMail with PostgreSQL backend

If you're running iRedMail with PostgreSQL backend, you have to create a PostgreSQL database to store Cluebringer data.

  • Find the sample SQL file:
Terminal:
# rpm -ql cluebringer | grep 'policyd.pgsql.sql'
/usr/share/doc/cluebringer-2.0.14/database/policyd.pgsql.sql
  • This sample file uses incorrect comment mark (#), we should fix it before importing:
Terminal:
# perl -pi -e 's=^(#.*)=/*${1}*/=' /usr/share/doc/cluebringer-2.0.14/database/policyd.pgsql.sql
  • Now create a SQL database for Cluebringer and import SQL sample file. Important note: iRedAdmin-Pro detects Policyd/Cluebringer by dataabse name, so please do NOT use other database name.
Terminal:
# su - postgres
$ psql
sql> CREATE DATABASE cluebringer WITH TEMPLATE template0 ENCODING 'UTF8';
sql> \c cluebringer;
sql> \i /usr/share/doc/cluebringer-2.0.14/database/policyd.pgsql.sql;
Terminal:
sql> \c cluebringer;
sql> \i /tmp/extra.sql;
  • Create SQL user "cluebringer" (with password 'cb_password') for Cluebringer database and grant necessary privileges. Important note: Please 'cb_password' by a long, complex password.
Terminal:
sql> CREATE USER cluebringer WITH ENCRYPTED PASSWORD 'cb_password' NOSUPERUSER NOCREATEDB NOCREATEROLE;
  • Make sure you can connect to PostgreSQL server with this new SQL username and password:
Terminal:
$ psql -U cluebringer -W

Configure Cluebringer

Open Cluebringer config file /etc/policyd/cluebringer.conf, set proper values for below parameters:

File: /etc/policyd/cluebringer.conf
# User to run this daemon as
user = cluebringer
group = cluebringer

# Filename to store pid of parent process
pid_file=/var/run/cbpolicyd.pid

# Log level:
# 0 - Errors only
# 1 - Warnings and errors
# 2 - Notices, warnings, errors
# 3 - Info, notices, warnings, errors
# 4 - Debugging 
log_level= 0

# File to log to instead of stdout
log_file=/var/log/cbpolicyd.log

# Log destination for mail logs...
log_mail=mail@syslog:native

# IP to listen on, * for all
host=127.0.0.1

# Port to run on
port=10031

[database]
DSN=DBI:mysql:database=cluebringer;host=localhost;user=cluebringer;password=cb_password
Username=cluebringer
Password=cb_password

Now it's ready to start Cluebringer service. NOTE: If you have Policyd-1.8 running, you have to disable it first.

Terminal:
# /etc/init.d/cbpolicyd restart
Personal tools