Linux HOWTOs

About | Home | Search


ERROR: Slooooow dooooown... this page load was delayed.

HOWTO: up-imapproxy
Description: Commonly used with webmail apps to re-use IMAP connections
Click here for ChangeLog
NOTE: I use GNU tar >= 1.13.25 so it's -j for .tar.bz2 files,
it's safe to assume that make, gcc, binutils, fileutils/coreutils, gawk, sed, and grep are prerequisites for almost everything


# up-imapproxy 1.2.6
# ==================
# Prerequisites:
# tcp wrappers (optional)
# OpenSSL
# ncurses

cd
test -f installed/up-imapproxy-1.2.6.tar.gz &&
 mv installed/up-imapproxy-1.2.6.tar.gz .
test ! -f up-imapproxy-1.2.6.tar.gz &&
 wget http://www.imapproxy.org/downloads/up-imapproxy-1.2.6.tar.gz
mkdir -p -m 0700 src
cd src
find -maxdepth 1 -type d -name "up-imapproxy-*" -exec rm -r {} \;
tar xzvf ~/up-imapproxy-1.2.6.tar.gz
cd up-imapproxy-1.2.6
test $UID = 0 && chown -R root:root .
find -type f -perm 755 -exec chmod 640 {} \;
chmod 755 configure

# If your OpenSSL is installed under the usual source-installed location
# of /usr/local/ssl, pass --with-openssl=/usr/local/ssl to configure,
# otherwise just running configure should be enough

./configure --with-openssl=/usr/local/ssl
make

# Become root to install it
su

# Back up existing configuration file, if there is one:
test -f /etc/imapproxy.conf &&
 ( mkdir -p -m 0700 ~/backup
   cp /etc/imapproxy.conf ~/backup/imapproxy.conf-`date +%Y%m%d` )

# Install it
make install

# Install a sample configuration file ('make install-conf' uses mode 755 and
# root:bin, so I like to do it "manually") if there isn't already one there:
test ! -f /etc/imapproxy.conf &&
 install -m 0600 ./scripts/imapproxy.conf /etc/

# If your basename binary is in /usr/bin and not in /bin (sometimes
# there's a symlink from one to the other), fix it's path in the
# sample init script.  Not necessary if yours is in /bin/basename or
# you have a symlink there pointing to the real binary.
cat scripts/imapproxy.init | sed 's|/bin/basename|/usr/bin/basename|' \
 > scripts/imapproxy.init.new
test -s scripts/imapproxy.init.new &&
 ( mv -f scripts/imapproxy.init scripts/imapproxy.init.old
   mv -f scripts/imapproxy.init.new scripts/imapproxy.init )

# When you set up up-imapproxy to start on boot-up, if it will be running
# on the same host that the IMAP server is, make sure it starts after the
# IMAP server does.  So if you use the SysV-init type of script to start it,
# make sure your IMAP server starts that way too (if not, use rc.imapproxy
# instead), and that it's SXXname symlink has a lower number than
# imapproxy's (99).
#
# Copy the sample init script to /etc/rc.d/rc.imapproxy, then add something
# to rc.local to start it:
cp scripts/imapproxy.init /etc/rc.d/rc.imapproxy
chmod 700 /etc/rc.d/rc.imapproxy
rm -f /etc/rc.d/init.d/imapproxy /etc/rc.d/rc?.d/S99imapproxy \
 /etc/rc.d/rc?.d/K10imapproxy
grep -q "/etc/rc.d/rc.imapproxy start" /etc/rc.d/rc.local ||
 cat << EOF >>  /etc/rc.d/rc.local

# up-imapproxy
if [ -x /etc/rc.d/rc.imapproxy ]; then
  /etc/rc.d/rc.imapproxy start
fi
EOF
#
# ...OR set it up the SysV-init way:
install -o root -g sys -m 0755 ./scripts/imapproxy.init \
 /etc/rc.d/init.d/imapproxy
for rl 2 3 4 5; do
  ( cd /etc/rc.d/rc${rl}.d ; ln -sf ../init.d/imapproxy S99imapproxy )
done
( cd /etc/rc.d/rc0.d ; ln -sf ../init.d/imapproxy K10imapproxy )

# Create a user and group for the proxy server to run as:
getent group | grep "^imapproxy:" > /dev/null 2>&1 || groupadd imapproxy
id imapproxy > /dev/null 2>&1 || useradd -g imapproxy imapproxy

# Create the empty chroot directory if not already there (openssh commonly
# uses the same one):
test ! -d /var/empty && install -d -o root -g sys /var/empty

## If you installed imapproxy for the first time, you'll find a heavily
## commented imapproxy.conf in /etc.  Here's an example of one that I'm using
## for a server that has IMP running on it for webmail:
# server_hostname localhost
# cache_size 3072
# listen_port 1143
# server_port 143
# cache_expiration_time 300
# proc_username imapproxy
# proc_groupname imapproxy
# stat_filename /var/run/pimpstats
# protocol_log_filename /var/log/imapproxy_protocol.log
# syslog_facility LOG_MAIL
# send_tcp_keepalives no
# enable_select_cache no
# foreground_mode no
# force_tls no
# chroot_directory /var/empty
# enable_admin_commands no
#
# Then you set up the client (IMP, SquirrelMail, whatever) to connect to
# localhost:1143

# If this was an upgrade, stop the running imapproxy:
test -x /etc/rc.d/init.d/imapproxy && /etc/rc.d/init.d/imapproxy stop
test -x /etc/rc.d/rc.imapproxy && /etc/rc.d/rc.imapproxy stop

# (re-)Start it:
test -x /etc/rc.d/init.d/imapproxy && /etc/rc.d/init.d/imapproxy start
test -x /etc/rc.d/rc.imapproxy && /etc/rc.d/rc.imapproxy start

# If you have stat_filename set in your config file, you can now run
# /usr/local/sbin/pimpstat to monitor connections to it

# If you have logrotate, set it to rotate the log file:
cat << EOF > /etc/logrotate.d/imapproxy
/var/log/imapproxy_protocol.log {
    rotate 6
    daily
    notifempty
}
EOF

# Make sure your non-root user can remove the source later
chown -R $USER .
chmod -R u+w .

# Become yourself again
exit

cd
mkdir -p -m 0700 installed
rm -f installed/up-imapproxy-*.tar.*
mv up-imapproxy-1.2.6.tar.gz installed/

# To enable protocol logging for a user, you must first enable
# 'enable_admin_commands' in the config file and restart imapproxy.
# If you do this (and if you don't), you should restrict use of the proxy
# server's listening port using iptables, tcp_wrappers, etc.  Once it's
# restarted, telnet to the 'listen_port' (1143) of 'server_hostname'
# (localhost) and enable it with P_TRACE.  Once it starts, logging will
# appear in 'protocol_log_filename' (/var/log/imapproxy_protocol.log).
# Here's an example of this procedure:
telnet localhost 1143
. P_TRACE jason
. LOGOUT
#
# At this point, it will be logging activity for jason to the log file.
# (if Jason is using the IMAP proxy and/or IMAP server)
#
# To turn off protocol logging:
telnet localhost 1143
. P_TRACE
. LOGOUT

Back to the list


Last updated: Tue, 07 Aug 2018 12:06:17 -0400
Jason Englander <jason at englanders dot us>