cd
test -f installed/up-imapproxy-1.2.6.tar.gz &&
mv installed/up-imapproxy-1.2.6.tar.gz .
test ! -f up-imapproxy-1.2.6.tar.gz &&
wget http://www.imapproxy.org/downloads/up-imapproxy-1.2.6.tar.gz
mkdir -p -m 0700 src
cd src
find -maxdepth 1 -type d -name "up-imapproxy-*" -exec rm -r {} \;
tar xzvf ~/up-imapproxy-1.2.6.tar.gz
cd up-imapproxy-1.2.6
test $UID = 0 && chown -R root:root .
find -type f -perm 755 -exec chmod 640 {} \;
chmod 755 configure
# If your OpenSSL is installed under the usual source-installed location
# of /usr/local/ssl, pass --with-openssl=/usr/local/ssl to configure,
# otherwise just running configure should be enough
./configure --with-openssl=/usr/local/ssl
make
# Become root to install it
su
# Back up existing configuration file, if there is one:
test -f /etc/imapproxy.conf &&
( mkdir -p -m 0700 ~/backup
cp /etc/imapproxy.conf ~/backup/imapproxy.conf-`date +%Y%m%d` )
# Install it
make install
# Install a sample configuration file ('make install-conf' uses mode 755 and
# root:bin, so I like to do it "manually") if there isn't already one there:
test ! -f /etc/imapproxy.conf &&
install -m 0600 ./scripts/imapproxy.conf /etc/
# If your basename binary is in /usr/bin and not in /bin (sometimes
# there's a symlink from one to the other), fix it's path in the
# sample init script. Not necessary if yours is in /bin/basename or
# you have a symlink there pointing to the real binary.
cat scripts/imapproxy.init | sed 's|/bin/basename|/usr/bin/basename|' \
> scripts/imapproxy.init.new
test -s scripts/imapproxy.init.new &&
( mv -f scripts/imapproxy.init scripts/imapproxy.init.old
mv -f scripts/imapproxy.init.new scripts/imapproxy.init )
# When you set up up-imapproxy to start on boot-up, if it will be running
# on the same host that the IMAP server is, make sure it starts after the
# IMAP server does. So if you use the SysV-init type of script to start it,
# make sure your IMAP server starts that way too (if not, use rc.imapproxy
# instead), and that it's SXXname symlink has a lower number than
# imapproxy's (99).
#
# Copy the sample init script to /etc/rc.d/rc.imapproxy, then add something
# to rc.local to start it:
cp scripts/imapproxy.init /etc/rc.d/rc.imapproxy
chmod 700 /etc/rc.d/rc.imapproxy
rm -f /etc/rc.d/init.d/imapproxy /etc/rc.d/rc?.d/S99imapproxy \
/etc/rc.d/rc?.d/K10imapproxy
grep -q "/etc/rc.d/rc.imapproxy start" /etc/rc.d/rc.local ||
cat << EOF >> /etc/rc.d/rc.local
# up-imapproxy
if [ -x /etc/rc.d/rc.imapproxy ]; then
/etc/rc.d/rc.imapproxy start
fi
EOF
#
# ...OR set it up the SysV-init way:
install -o root -g sys -m 0755 ./scripts/imapproxy.init \
/etc/rc.d/init.d/imapproxy
for rl 2 3 4 5; do
( cd /etc/rc.d/rc${rl}.d ; ln -sf ../init.d/imapproxy S99imapproxy )
done
( cd /etc/rc.d/rc0.d ; ln -sf ../init.d/imapproxy K10imapproxy )
# Create a user and group for the proxy server to run as:
getent group | grep "^imapproxy:" > /dev/null 2>&1 || groupadd imapproxy
id imapproxy > /dev/null 2>&1 || useradd -g imapproxy imapproxy
# Create the empty chroot directory if not already there (openssh commonly
# uses the same one):
test ! -d /var/empty && install -d -o root -g sys /var/empty
## If you installed imapproxy for the first time, you'll find a heavily
## commented imapproxy.conf in /etc. Here's an example of one that I'm using
## for a server that has IMP running on it for webmail:
# server_hostname localhost
# cache_size 3072
# listen_port 1143
# server_port 143
# cache_expiration_time 300
# proc_username imapproxy
# proc_groupname imapproxy
# stat_filename /var/run/pimpstats
# protocol_log_filename /var/log/imapproxy_protocol.log
# syslog_facility LOG_MAIL
# send_tcp_keepalives no
# enable_select_cache no
# foreground_mode no
# force_tls no
# chroot_directory /var/empty
# enable_admin_commands no
#
# Then you set up the client (IMP, SquirrelMail, whatever) to connect to
# localhost:1143
# If this was an upgrade, stop the running imapproxy:
test -x /etc/rc.d/init.d/imapproxy && /etc/rc.d/init.d/imapproxy stop
test -x /etc/rc.d/rc.imapproxy && /etc/rc.d/rc.imapproxy stop
# (re-)Start it:
test -x /etc/rc.d/init.d/imapproxy && /etc/rc.d/init.d/imapproxy start
test -x /etc/rc.d/rc.imapproxy && /etc/rc.d/rc.imapproxy start
# If you have stat_filename set in your config file, you can now run
# /usr/local/sbin/pimpstat to monitor connections to it
# If you have logrotate, set it to rotate the log file:
cat << EOF > /etc/logrotate.d/imapproxy
/var/log/imapproxy_protocol.log {
rotate 6
daily
notifempty
}
EOF
# Make sure your non-root user can remove the source later
chown -R $USER .
chmod -R u+w .
# To enable protocol logging for a user, you must first enable
# 'enable_admin_commands' in the config file and restart imapproxy.
# If you do this (and if you don't), you should restrict use of the proxy
# server's listening port using iptables, tcp_wrappers, etc. Once it's
# restarted, telnet to the 'listen_port' (1143) of 'server_hostname'
# (localhost) and enable it with P_TRACE. Once it starts, logging will
# appear in 'protocol_log_filename' (/var/log/imapproxy_protocol.log).
# Here's an example of this procedure:
telnet localhost 1143
. P_TRACE jason
. LOGOUT
#
# At this point, it will be logging activity for jason to the log file.
# (if Jason is using the IMAP proxy and/or IMAP server)
#
# To turn off protocol logging:
telnet localhost 1143
. P_TRACE
. LOGOUT