1. Desktop selection|Other|Text Mode.
2. Change the Installation source:

ftp://mirror.pacific.net.au/linux/opensuse/distribution/SL-10.1/inst-source/

3.Install the followwing packages
postfix dovecote horde
Apache2: apache2, apache2-devel, apache2-mod_ php5, apache2-prefork.
Mysql: mysql, php5-mysql.
Php: php5, php5-ctype, php5-devel, php5-dom, php5-ftp, php5-gd, php5-gettext, php5-iconv, php5-imap, php5-mbstring, php5-mcrypt, php5-mhash, php5-mysql, php5-openssl, php5-pear, php5-zlib.
automake, autoconf.
xorg-x11-libs.
NX.
wget.
4. Firewall disabled.
5. Run the Online update now. Intall the recommended + mysql. Update kernel.(no update available)

6. Install PEAR packages, required by horde.

pear5 install -a Log Mail Mail_Mime DB Date File Services_Weather

pear5 channel-update pear.php.net
##> The followings about PEAR may change in time as PEAR is continuously updating.
Update Pear:
pear5 upgrade-all
(ignore the warnings)
pear upgrade XML_RPC
pear config-set preferred_state alpha
pear install -a PEAR_Frontend_Web PEAR_Frontend_Gtk
pear install -a Auth_SASL Net_SMTP HTTP_Request

7. Install horde packages.
mkdir /root/download/horde-download
cd /root/download/horde-download
wget -c ftp://ftp.horde.org/pub/horde/horde-3.1.1.tar.gz
wget -c ftp://ftp.horde.org/pub/imp/imp-h3-4.1.1.tar.gz
wget -c ftp://ftp.horde.org/pub/ingo/ingo-h3-1.1.1.tar.gz
wget -c ftp://ftp.horde.org/pub/turba/turba-h3-2.1.1.tar.gz
wget -c ftp://ftp.horde.org/pub/gollem/gollem-h3-1.0.2.tar.gz
wget -c ftp://ftp.horde.org/pub/accounts/accounts-2.1.2.tar.gz
wget -c ftp://ftp.horde.org/pub/forwards/forwards-h3-3.0.tar.gz
wget -c ftp://ftp.horde.org/pub/passwd/passwd-h3-3.0.tar.gz
wget -c ftp://ftp.horde.org/pub/vacation/vacation-h3-3.0.tar.gz
wget -c ftp://ftp.horde.org/pub/kronolith/kronolith-h3-2.1.1.tar.gz
wget -c ftp://ftp.horde.org/pub/mnemo/mnemo-h3-2.1.tar.gz
wget -c ftp://ftp.horde.org/pub/nag/nag-h3-2.1.tar.gz

If another host have those packages,then use followwing.
on the host which no horde packages:(if the host 192.168.27.25 have all needed packagers)
mkdir /root/download
scp -r root@192.168.27.25:/root/download/horde-download /root/download



cd /srv/www/htdocs
tar zxvf /root/download/horde-download/horde-3.1.1.tar.gz
mv horde-3.1.1 horde

cd horde
tar zxvf /root/download/horde-download/imp-h3-4.1.1.tar.gz
tar zxvf /root/download/horde-download/ingo-h3-1.1.1.tar.gz
tar zxvf /root/download/horde-download/turba-h3-2.1.1.tar.gz
tar zxvf /root/download/horde-download/gollem-h3-1.0.2.tar.gz
tar zxvf /root/download/horde-download/accounts-2.1.2.tar.gz
tar zxvf /root/download/horde-download/forwards-h3-3.0.tar.gz
tar zxvf /root/download/horde-download/passwd-h3-3.0.tar.gz
tar zxvf /root/download/horde-download/vacation-h3-3.0.tar.gz
tar zxvf /root/download/horde-download/kronolith-h3-2.1.1.tar.gz
tar zxvf /root/download/horde-download/mnemo-h3-2.1.tar.gz
tar zxvf /root/download/horde-download/nag-h3-2.1.tar.gz

mv imp-h3-4.1.1 imp
mv ingo-h3-1.1.1 ingo
mv turba-h3-2.1.1 turba
mv gollem-h3-1.0.2 gollem
mv accounts-2.1.2 accounts
mv forwards-h3-3.0 forwards
mv passwd-h3-3.0 passwd
mv vacation-h3-3.0 vacation
mv kronolith-h3-2.1.1 kronolith
mv mnemo-h3-2.1 mnemo
mv nag-h3-2.1 nag
Use all the default configuration files. There should be 2 warnings as there are no .dist files in "vacation" and "forware".
cd /srv/www/htdocs/horde
for a in . imp ingo turba gollem accounts forwards passwd vacation kronolith mnemo nag; do cd /srv/www/htdocs/horde/$a/config; for f in *.dist; do cp $f `basename $f .dist`; done; done


8.
chown -R wwwrun:www horde
chmod -R o-rwx horde

9. Using YaST, enable PHP5 and mime_magic module. Start HTTP server.

10.  Use YaST to enable MySQL in System Services (Runlevel).
     Start MySQL by: /etc/rc.d/mysql start (if not already start).
    cd /srv/www/htdocs/horde/scripts/sql
    vi create.mysql.sql
Modify line 28, chanage:
        PASSWORD('horde')
to:
        PASSWORD('1*****')
    mysqladmin -u root password 't********'
    mysqladmin -u root -p -h localhost password 't********'
    mysql -u root -p < create.mysql.sql
11.
Make sure in /etc/apache2/httpd.conf, there is:
DirectoryIndex index.html index.html.var index.php

12. In /etc/php5/apache2/php.ini, change:
memory_limit            800M
post_max_size           800M
upload_max_filesize     800M
/etc/rc.d/apache2 restart

13. http://192.168.27.30/horde/test.php
Install all the missing modules. And also the missing modules for other projects.
pear install -a XML_Serializer
pear install -f Cache Services_Weather

14. http://192.168.27.30/horde/
Go to Administration->Setup. Initialize all the Horde config file.
Server name from which reminder emails should be sent:  
mail.hasux.com
Email address from which reminder emails should be sent:
fengmx@hasux.com  
In Authentication:
Which users should be treated as administrators (root, super-user) by Horde? tun@hasux.com (or add more)
What backend should we use for authenticating users to Horde? IMAP authentication
Configuration type | Separate values
The hostname or IP address of the server | mail.hasux.com(write the exist e-mail included administrators,for example:username fengmx@hasux.com is already exist in mail.hasux.com)

Database
* What database backend should we use?      MySQL
Request persistent connections?         yes
* Database server/host                 localhost
* Username to connect to the database as     horde
Password to connect with             1*****
* Database name to use                 horde


Custom Session Handler
* What sessionhandler driver should we use?   MySQL based sessions
* Request persistent connections?      yes
*Should we use row-level locking and transactions? This is strongly recommended, but requires a table type that is transaction-safe and supports row-level locking, like InnoDB. If you don't have such a table type, disable this setting and we will use table-level locking and no locking instead                     yes
*What protocol will we use to connect to the database? UNIX Sockets
* What hostname is the database server running on, or what is the name of the system DSN to use?    localhost
* What username do we authenticate to the database server as?    horde
*What password do we authenticate to the database server with?  123456
*What database name/tablespace are we using?  horde    


Enable all packages to use MySQL.
Request persistent connections? y


15.
vi /srv/www/htdocs/horde/imp/config/prefs.php
change:
    'value' => 'sent-mail',
to:
    'value' => 'Sent',

change:
    'value' => 'drafts',
 to:
    'value' => 'Drafts',

16.    
vi /srv/www/htdocs/horde/imp/config/servers.php
$servers['imap'] = array(
    'name' => 'Hasux Mail Server',
    'server' => 'mail.hasux.com',
    'hordeauth' => 'full',
    'protocol' => 'imap/notls',
    'port' => 143,
    'maildomain' => 'hasux.com',
    'smtphost' => 'mail.hasux.com',
    'smtpport' => 25,
    'realm' => '',
    'preferred' => '',
);

Repair the /srv/www/htdocs/horde/vacation/config/conf.php file on line 6.

17.
Configure the Apache so that user a access the horde using only the URL http://host.domain.com instead of http://host.domain.com/horde/.

Enable rewrite module of apache2 by using YaST.
Add a virtual host, webmail.antivs.com, in Apache using YaST.
 yast->Hosts
 â”ŒServer Identification────────────────────────────────â”?â”? │Server Name:                                         â”?â”? │mail.positive.com.cn▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒│ â”? │Server Contents Root:                                â”?â”? â”?srv/www/htdocsâ–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’â–’[Browse...]â”?â”? │Administrator E-Mail:                                â”?â”? │fengmx@hasux.com▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒│ â”? └─────────────────────────────────────────────────────â”?â”?                                                         â”? ┌Server Resolution────────────────────────────────────â”?â”? │IP Address:                                          â”?â”? â”?68.27.30â–’v                                          â”?â”? â”?x) Determine Request Server by HTTP Headers         â”?â”? â”? ) Determine Request Server by Server IP Address    â”?â”? └─────────────────────────────────────────────────────â”?â”?
vi /etc/apache2/vhosts.d/yast2_vhosts.conf
Inside the VirtualHost of mail.positive.com.cn
Add:
RewriteEngine on
RewriteRule   ^/$  /horde/  [R]

/etc/rc.d/apache2 restart
Try it by:
http://mail.positive.com.cn
If the web browser can't work or it turn on incorrect website,you can modify you file :/etc/hosts
vi /etc/hosts
in the end of the file add:
192.168.27.30    mail.positive.com.cn
and don't forget clear all data of your web browser.

After the first time login, user must press the "reflash" button of the browser to reload the web page in order to see the Horde Side Panel.


18. Configure to use SSL.
Using YaST, enable ssl module of Apache2.

o make sure that apache starts with mod_ssl loaded
  - Use yast enable module ssl
  - vi /etc/sysconfig/apache2 '+/^APACHE_MODULES'
    and add "ssl" (unless already there)

o make sure that the SSL configuration is active
  - vi /etc/sysconfig/apache2 +/APACHE_SERVER_FLAGS
    and add "SSL"

o The following steps will create _dummy_ keys in a very simple way:
  - /usr/bin/gensslcert
  - it will (over)write /etc/apache2/ssl.crt/ca.crt
                        /etc/apache2/ssl.key/server.key
                        /etc/apache2/ssl.crt/server.crt
                        /etc/apache2/ssl.csr/server.csr
  - a copy of ca.crt will be installed as /srv/www/htdocs/CA.crt for download.(automatically)
  - cp vhosts.d/vhost-ssl.template vhosts.d/vhost-ssl.conf
  - adapt vhosts.d/vhost-ssl.conf and default-server.conf al gusto(do follows)

vi /etc/apache2/default-server.conf:
Change:
NameVirtualHost 192.168.27.29
to:
NameVirtualHost 192.168.27.29:80

vi /etc/apache2/vhosts.d/yast2_vhosts.conf:
Change the first to:
<VirtualHost 192.168.27.29:80>

vi /etc/apache2/listen.conf:
Under:
            Listen 443
add:
            NameVirtualHost *:443
vi /etc/apache2/vhosts.d/vhost-ssl.conf
Before the ErrorLog, add follows:

 DocumentRoot /srv/www/htdocs
 ServerName webmail.antivs.com
 ServerAdmin fengmx@hasux.com
RewriteEngine on
RewriteRule   ^/$  /horde/  [R]
# YaST created entry
 <Directory "/srv/www/htdocs">
  Options None
  AllowOverride None
  Order allow,deny
  Allow from all
 </Directory>


o to check your vhost setup, use "httpd2 -S -DSSL"

/etc/rc.d/apache2 restart

#In /etc/apache2/vhosts.d/vhost.conf
#Below ServerName, add:
#  RewriteEngine on
#  ReWriteCond %{SERVER_PORT} !^443$
#  RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
#
#In /etc/apache2/vhosts.d/vhost-ssl.conf, in each VirtualHost, below ServerName,
#add:
# RewriteEngine On
# RewriteRule ^/$  /horde/  [R]


19. OpenVPN
Install OpenVPN using YaST.

Obtain the clients key for the OpenVPN server:
scp root@192.168.27.54:/etc/openvpn/t30.* /etc/openvpn
scp root@192.168.27.54:/etc/openvpn/ca.crt /etc/openvpn

Obtain the clients config file:
scp root@192.168.27.54:/etc/openvpn/client.conf /etc/openvpn
*alert:it is importment to get these five files:(can get from other machines which installed openvpn)

ca.crt  client.conf  scarlet.crt  scarlet.csr  scarlet.key

vi /etc/openvpn/client.conf
Make sure the followings are correct:

dev tap
proto udp
remote 202.82.144.90 1196
ca /etc/openvpn/ca.crt  (modify path if nessarily)
cert /etc/openvpn/scarlet.crt  (modify path if nessarily)
key /etc/openvpn/scarlet.key   (modify path if nessarily)

Test the obtained files:
/etc/rc.d/openvpn start   (if failed,see log)

Use ifconfig to see if obtained the IP address 202.82.144.86 on tap0.

20. Policy routing

vi /etc/rc.d/openvpn, add:
##> Added by Yiu Tun. Start bridge after OpenVPN started. ###
        sleep 15
        ip rule add from 202.82.144.86 table 200
        ip route add default via 202.82.144.94 table 200
        ip route add 202.82.144.80/28 dev tap0 table 200
        ip route del 202.82.144.80/28
        ip route add 202.82.144.90 via 192.168.27.1
        /etc/rc.d/postfix start
##> Added by Yiu Tun. END ###
before:
        ;;
    stop)
And add:
##> Added by Yiu Tun. Stop bridge before OpenVPN stopped. ###
        /etc/rc.d/postfix stop
        ip rule del from 202.82.144.86 table 200
        ip route del default via 202.82.144.94 table 200
        ip route del 202.82.144.80/28 dev tap0 table 200
        ip route del 202.82.144.90 via 192.168.27.1
##> Added by Yiu Tun. END ###
after:
    stop)

Use:
> ip rule
and
> ip route show table 200
to see if the policy is correct.

> ping -I 202.82.144.86 203.218.1.254
to the connectivity is OK.

21. Reconfigure Apache2.

vi /etc/apache2/default-server.conf
Change the NameVirtualHost to:
NameVirtualHost *:80

vi /etc/apache2/vhosts.d/yast2_vhosts.conf
Change the first line to:
<VirtualHost *:80>

/etc/rc.d/apache2 restart

22. Create data tables for the applications,run follows seperately :

  mysql -u root -p horde < /srv/www/htdocs/horde/kronolith/scripts/sql/kronolith.mysql.sql
  mysql -u root -p horde < /srv/www/htdocs/horde/turba/scripts/sql/turba_objects.mysql.sql
  mysql -u root -p horde < /srv/www/htdocs/horde/mnemo/scripts/sql/mnemo.sql
  mysql -u root -p horde < /srv/www/htdocs/horde/nag/scripts/sql/nag.sql

************************************************************

23. Install Postfix Admin
Install postfix-mysql package using YaST.
Download Postfix Admin and install it:
  cd /srv/www/htdocs/
  wget -c http://high5.net/postfixadmin/download.php?\
file=postfixadmin-2.1.0.tgz -O postfixadmin-2.1.0.tgz
  tar zxvf postfixadmin-2.1.0.tgz
  mv postfixadmin-2.1.0 postfixadmin
  cd postfixadmin
  mysql -u root -p < DATABASE_MYSQL.TXT

  cp config.inc.php.sample config.inc.php
  vi config.inc.php:
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';

Following the instructions in http://192.168.27.25/postfixadmin to initiate it.
Don't forget delete file /srv/www/htdocs/postfixadmin/setup.php
 
   rm setup.php

Use postfixadmin add domain mail.positive.com.cn
Add mailbox for user.
23a. Configure Postfix.(use hash)
  vi /etc/postfix/main.cf
myhostname = localhost

virtual_mailbox_domains = /etc/postfix/vhosts(if have errors,change into its contents,for example: positive.com.cn)
virtual_mailbox_base = /var/spool/vmail
virtual_mailbox_maps = hash:/etc/postfix/vmaps
virtual_uid_maps = static:1000
virtual_gid_maps = static:1000

Make new files: vhosts, vmail, vmaps
  vi /etc/postfix/vhosts
Add:
antivs.com
alert: if your e-mail name is mail.positive.com.cn,please write positive.com.cn

  vi /etc/postfix/vmaps
Add:
tun@positive.com antivs.com/tun/
fengmx@positive.com antivs.com/fengmx/
 .
 .
 .
create vmaps.db:
  postmap /etc/postfix/vmaps

Create a user named virtual, uid=1000, gid=1000.
 yast->security and users->user management add user: virtual
 yast->security and users->group management add group: virtual
  set user virtual is a member of group virtual and the user only belongs to the group virtual.
  mkdir /var/spool/vmail
  cd /var/spool/vmail
  mkdir positive.com.cn(your e-mail name's domain name)
 cd /var/spool/vmail/positive.com.cn
 for foo in tun fengmx; do mkdir $foo; for goo in new cur tmp; do mkdir $foo/$goo; done; done

 chown -R virtual:virtual /var/spool/vmail/positive.com.cn/

23b. Hook up Postfix to a MySQL database
Install postfix-mysql package using YaSY.

vi /etc/postfix/main.cf
virtual_mailbox_maps = mysql:/etc/postfix/vmaps-mysql.cf

vi /etc/postfix/vmaps-mysql.cf
  add follows:
user = postfix
password = 123456
dbname = postfix
query = SELECT maildir FROM mailbox WHERE username ='%s' AND active=1


24a. Install and configure Dovecot
If the version of dovecot is dovecot-0.99.14-5,user follows:
begin
vi /etc/dovecot/dovecot.conf
default_mail_env = maildir:/var/spool/vmail/%d/%n
auth = default
auth_mechanisms = plain digest-md5
auth_userdb = passwd-file /etc/dovecot/users
auth_passdb = passwd-file /etc/dovecot/passwd
auth_executable = /usr/lib/dovecot/dovecot-auth
auth_user = root
auth_verbose = yes
end.
if the version of dovecot is dovecot-1.0.beta3-13,add follows at the end of the file.

begin
  vi /etc/dovecot/dovecot.conf
  default_mail_env = maildir:/var/spool/vmail/%d/%n
  auth default {
  mechanisms = plain digest-md5
  userdb  passwd-file {
  args = /etc/dovecot/users
}
 passdb  passwd-file {
 args = /etc/dovecot/passwd
}
}
auth_executable = /usr/lib/dovecot/dovecot-auth

auth_verbose = yes
end.

Note: Comment out those parameters if present above,or write in the file.
alert: you'd best to comment out the "auth default userdb  passdb  and so on",and add above from begin to end to the file.

Install whois rpm using YaST. We will be using the mkpasswd command in it.
yast->software management->install whois

vi /etc/dovecot/users
tun@positive.com.cn::1000:1000::/var/spool/vmail/positive.com.cn/:/bin/false::
fengmx@positive.com.cn::1000:1000::/var/spool/vmail/positive.com.cn/:/bin/false::
testblock@positive.com.cn::1000:1000::/var/spool/vmail/positive.com.cn/:/bin/false::

vi /etc/dovecot/passwd
tun@positive.com.cn:$1$M44jzMfP$eU.ORkpzjElr0GuELU7ec0
fengmx@positive.com.cn:$1$wBICJajI$MiieSFOxRxKYKz9kDYLCg.
testblock@positive.com.cn:$1$7jrop72o$1Rj65Q0QOBzcJAnu.qu8d0

Use:
  mkpasswd -H md5
to create the MD5 passwords for erery users you added in /etc/dovecot/users manauely.

Start Dovecot.
vi /srv/www/htdocs/horde/imp/config/servers.php
change:
'server' => 'mail.positive.com.cn',
to :
'server' => 'localhost',

24b. Configure Dovecot to use MySQL
If the version of dovecot is dovecot-0.99.14-5,user follows:
begin
vi /etc/dovecot/dovecot.conf
#auth_userdb = passwd-file /etc/dovecot/users
auth_userdb = mysql /etc/dovecot/dovecot-mysql.conf
#auth_passdb = passwd-file /etc/dovecot/passwd
auth_passdb = passwd-file /etc/dovecot/dovecot-mysql.conf

  vi /etc/dovecot/dovecot-mysql.conf
db_host = localhost
db_port = 3306
#db_unix_socket = /var/tmp/mysql.sock
db_unix_socket = /var/lib/mysql/mysql.sock
db = postfix
db_user = postfix
db_passwd = postfix
db_client_flags = 0

password_query = SELECT password FROM mailbox WHERE username = '%u'
user_query = SELECT 1000 AS uid, 1000 AS gid FROM mailbox WHERE username = '%u'
default_pass_scheme = MD5
end.
  If the version of dovecot is dovecot-1.0.beta3-13,do as follows write.
begin
vi /etc/dovecot/dovecot.conf

default_mail_env = maildir:/var/spool/vmail/%d/%n
auth  default {
mechanisms = plain digest-md5
userdb  sql {
args = /etc/dovecot/dovecot-sql.conf
}
passdb  sql  {
args = /etc/dovecot/dovecot-sql.conf
}
}
auth_executable = /usr/lib/dovecot/dovecot-auth

auth_verbose = yes
vi /etc/dovecot/dovecot-sql.conf,add follows at the end of the file.
driver = mysql 
connect = host=localhost port=3306  dbname=postfix user=postfix password=postfix client_flags=0
or
{connect = host=/var/lib/mysql/mysql.sock dbname=postfix user=postfix password=postfix client_flags=0}

password_query = SELECT password FROM mailbox WHERE username = '%u'
user_query = SELECT 1000 AS uid, 1000 AS gid FROM mailbox WHERE username = '%u'
default_pass_scheme = MD5

If you have follows errors in /var/log/mail
  Aug  2 11:17:01 scarlet dovecot: auth-worker(default): mysql: Connect failed to localhost (postfix): Access denied for user 'postfix'@'localhost' (using password: YES) - waiting for 1 seconds before retry
then use follows:
{
mysql -u root -p
SET PASSWORD FOR 'postfix'@'localhost' =old_password('123456');
restart mysql
#modify user postfix's password
#mysql -u root -p
# SET PASSWORD FOR 'postfix'@'localhost' = PASSWORD('123456');
# SET PASSWORD FOR 'postfix'@'localhost' =0LD_PASSWORD('123456');
# GRANT ALL  ON postfix.*  TO 'postfix'@'localhost';
referred website:
http://wiki.dovecot.org/MysqlProblems
}

Restart Dovecot.

25. Auto select mail server.

At Horde -> Administration -> Setup -> Imp -> Mail Server, set "Should we display a list of servers" to Shown.

vi /srv/www/htdocs/horde/imp/config/servers.php:
At the 'preferred' of each $servers, put the name of server you login to for each domain.
For hasux.com, put webmail.hasux.com after 'preferred' and for antivs.com, use webmail.antivs.com.
the example is :{
$servers['imap'] = array(
    'name' => 'Antivs Mail Server',
    'server' => 'localhost',
    'hordeauth' => 'full',
    'protocol' => 'imap/notls',
    'port' => 143,
    'maildomain' => 'antivs.com',
    'smtphost' => 'localhost',
    'smtpport' => 25,
    'realm' => 'antivs.com',
    'preferred' => 'webmail.antivs.com',
);
$servers['imap1'] = array(
    'name' => 'Hasux Mail Server',
    'server' => 'mail.hasux.com',
    'hordeauth' => true,
    'protocol' => 'imap/notls',
    'port' => 143,
    'maildomain' => 'hasux.com',
    'smtphost' => 'mail.hasux.com',
    'smtpport' => 25,
    'realm' => 'hasux.com',
    'preferred' => 'webmail.hasux.com',
);
configuration file in this example:
$servers['imap'] = array(
    'name' => 'Positive Mail Server',
    'server' => 'localhost',(importent)
    'hordeauth' => 'full',
    'protocol' => 'imap/notls',
    'port' => 143,
    'maildomain' => 'positive.com.cn',
    'smtphost' => 'mail.hasux.com',
    'smtpport' => 25,
    'realm' => '',
    'preferred' => 'mail.positive.com.cn',
}
Then, when openning web page the corresponding option in the select box will be selected for login.

26. Login with only user name ( without domain name)(let it come true,do follows)

In Horde -> Administration -> Setup -> Authentication
modify :
What backend should we use for authenticating users to Horde? 
change imap authentication into let a Horde application handle authentication
The application which is providing authentication
imp   
 vi /srv/www/htdocs/horde/config/hooks.php
Add:
if (!function_exists('_horde_hook_preauthenticate')) {
   function _horde_hook_preauthenticate($userID, $credential, $realm)
   {
        $_SESSION['imp']['user'] = $userID;

        return true;
    }
}

 vi /srv/www/htdocs/horde/imp/config/servers.php:
Add the corresponding domain name for each realm of the $servers.

After testing of login and successful, at Horde -> Administration -> Setup -> Imp -> Mail Server, set "Should we display a list of servers" to Hidden.

Enable DDNS
vi /etc/crontab. At the end of file, add:
*/5 * * * * lynx -mime_header -nolog -auth=yiutun:n0cla1 "http://www.3322.org/dyndns/update?system=dyndns&hostname=hasux.3322.org"
















configuration example:
 cd /srv/www/htdocs/postfixadmin/
 config.inc.php
begin
<?php
//
// Postfix Admin
// by Mischa Peters <mischa at high5 dot net>
// Copyright (c) 2002 - 2005 High5!
// License Info: http://www.postfixadmin.com/?file=LICENSE.TXT
//
// File: config.inc.php
//
if (ereg ("config.inc.php", $_SERVER['PHP_SELF']))
{
   header ("Location: login.php");
   exit;
}

// Postfix Admin Path
// Set the location to your Postfix Admin installation here.
$CONF['postfix_admin_url'] = '';
$CONF['postfix_admin_path'] = '';

// Language config
// Language files are located in './languages'.
scarlet:/srv/www/htdocs/postfixadmin # more config.inc.php <?php
//
// Postfix Admin
// by Mischa Peters <mischa at high5 dot net>
// Copyright (c) 2002 - 2005 High5!
// License Info: http://www.postfixadmin.com/?file=LICENSE.TXT
//
// File: config.inc.php
//
if (ereg ("config.inc.php", $_SERVER['PHP_SELF']))
{
   header ("Location: login.php");
   exit;
}

// Postfix Admin Path
// Set the location to your Postfix Admin installation here.
$CONF['postfix_admin_url'] = '';
$CONF['postfix_admin_path'] = '';

// Language config
// Language files are located in './languages'.
$CONF['default_language'] = 'en';

// Database Config
// mysql = MySQL 3.23 and 4.0
// mysqli = MySQL 4.1
// pgsql = PostgreSQL
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfixadmin';
$CONF['database_password'] = 'postfixadmin';
$CONF['database_name'] = 'postfix';
$CONF['database_prefix'] = '';

// Site Admin
// Define the Site Admins email address below.
// This will be used to send emails from to create mailboxes.
$CONF['admin_email'] = 'postmaster@change-this-to-your.domain.tld';

// Mail Server
// Hostname (FQDN) of your mail server.
// This is used to send email to Postfix in order to create mailboxes.
$CONF['smtp_server'] = 'localhost';
$CONF['smtp_port'] = '25';

// Encrypt
// In what way do you want the passwords to be crypted?
// md5crypt = internal postfix admin md5
// system = whatever you have set as your PHP system default
// cleartext = clear text passwords (ouch!)
$CONF['encrypt'] = 'md5crypt';

// Generate Password
// Generate a random password for a mailbox and display it.
// If you want to automagically generate paswords set this to 'YES'.
$CONF['generate_password'] = 'NO';

// Page Size
// Set the number of entries that you would like to see
// in one page.
$CONF['page_size'] = '10';

// Default Aliases
// The default aliases that need to be created for all domains.
$CONF['default_aliases'] = array (
        'abuse' => 'abuse@change-this-to-your.domain.tld',
        'hostmaster' => 'hostmaster@change-this-to-your.domain.tld',
        'postmaster' => 'postmaster@change-this-to-your.domain.tld',
        'webmaster' => 'webmaster@change-this-to-your.domain.tld'
);

// Mailboxes
// If you want to store the mailboxes per domain set this to 'YES'.
// Example: /usr/local/virtual/domain.tld/username@domain.tld
$CONF['domain_path'] = 'YES';
// If you don't want to have the domain in your mailbox set this to 'NO'.
// Example: /usr/local/virtual/domain.tld/username
$CONF['domain_in_mailbox'] = 'NO';

// Default Domain Values
// Specify your default values below. Quota in MB.
$CONF['aliases'] = '10';
$CONF['mailboxes'] = '10';
$CONF['maxquota'] = '10';

// Quota
// When you want to enforce quota for your mailbox users set this
to 'YES'.
$CONF['quota'] = 'NO';
// You can either use '1024000' or '1048576'
$CONF['quota_multiplier'] = '1024000';

// Transport
// If you want to define additional transport options for a domain set this to 'YES'.
// Read the transport file of the Postfix documentation.
$CONF['transport'] = 'NO';

// Virtual Vacation
// If you want to use virtual vacation for you mailbox users set this to 'YES'.
// NOTE: Make sure that you install the vacation module. http://high5.net/postfixadmin/
$CONF['vacation'] = 'NO';
// This is the autoreply domain that you will need to set in your
Postfix
// transport maps to handle virtual vacations. It does not need to be a
// real domain (i.e. you don't need to setup DNS for it).
$CONF['vacation_domain'] = 'autoreply.change-this-to-your.domain.tld';

// Alias Control
// Postfix Admin inserts an alias in the alias table for every mailbox it creates.
// The reason for this is that when you want catch-all and normal
mailboxes
// to work you need to have the mailbox replicated in the alias table.
// If you want to take control of these aliases as well set this to 'YES'.
$CONF['alias_control'] = 'NO';

// Special Alias Control
// Set to 'NO' if you don't want your domain admins to change the
default aliases.
$CONF['special_alias_control'] = 'YES';

// Logging
// If you don't want logging set this to 'NO';
$CONF['logging'] = 'YES';

// Header
$CONF['show_header_text'] = 'NO';
$CONF['header_text'] = ':: Postfix Admin ::';

// Footer
// Below information will be on all pages.
// If you don't want the footer information to appear set this to
'NO'.
$CONF['show_footer_text'] = 'YES';
$CONF['footer_text'] = 'Return to change-this-to-your.domain.tld';$CONF['footer_link'] = 'http://change-this-to-your.domain.tld';

// Welcome Message
// This message is send to every newly created mailbox.
// Change the text between EOM.
$CONF['welcome_text'] = <<<EOM
Hi,

Welcome to your new account.
EOM;

//
// END OF CONFIG FILE
//
?>

end.
 cd /etc/postfix/
begin

readme_directory = /usr/share/doc/packages/postfix/README_FILES
inet_protocols = all
biff = no
mail_spool_directory = /var/mail
canonical_maps = hash:/etc/postfix/canonical
virtual_maps = hash:/etc/postfix/virtual
relocated_maps = hash:/etc/postfix/relocated
transport_maps = hash:/etc/postfix/transport
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
myhostname = localhost
program_directory = /usr/lib/postfix
#inet_interfaces = 202.82.144.86 127.0.0.1
masquerade_domains =
mydestination = $myhostname, localhost.$mydomain
defer_transports =
disable_dns_lookups = no
relayhost =
mailbox_command =
mailbox_transport =
strict_8bitmime = no
disable_mime_output_conversion = no
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_client_restrictions =
smtpd_helo_required = no
smtpd_helo_restrictions =
strict_rfc821_envelopes = no
smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = no
smtpd_use_tls = no
smtp_use_tls = no
alias_maps = hash:/etc/aliases
mailbox_size_limit = 1024000000
message_size_limit = 1024000000
#virtual_alias_maps = hash:/etc/postfix/virtual
#virtual_alias_domains = hash:/etc/postfix/virtual
mynetworks_style = subnet

virtual_mailbox_domains = positive.com.cn
virtual_mailbox_base = /var/spool/vmail
#virtual_mailbox_maps = hash:/etc/postfix/vmaps
virtual_mailbox_maps = mysql:/etc/postfix/vmaps-mysql.cf
virtual_uid_maps = static:1000
virtual_gid_maps = static:1000
#virtual_alias_maps = hash:/etc/postfix/valias

virtual_mailbox_limit = 1024000000

end.
cd /etc/dovecot
dovecot.conf
begin

default_mail_env = maildir:/var/spool/vmail/%d/%n
auth  default {
mechanisms = plain login digest-md5
userdb  sql {
args = /etc/dovecot/dovecot-sql.conf
}
passdb  sql  {
args = /etc/dovecot/dovecot-sql.conf
}
}
auth_executable = /usr/lib/dovecot/dovecot-auth

auth_verbose = yes

end.
cd /etc/dovecot
dovecot-sql.conf
begin
driver = mysql
connect = host=localhost port=3306 dbname=postfix user=postfix password=123456 client_flags=0

password_query = SELECT password FROM mailbox WHERE username = '%u'
user_query = SELECT 1000 AS uid, 1000 AS gid FROM mailbox WHERE username = '%u'
default_pass_scheme = CRYPT
#default_pass_scheme = DIGEST-MD5
end.
cd /srv/www/htdocs/horde/config
conf.php
begin
<?php
/* CONFIG START. DO NOT CHANGE ANYTHING IN OR AFTER THIS LINE. */
// $Horde: horde/config/conf.xml,v 1.74.2.33 2006/03/25 12:14:25 jan Exp $
$conf['debug_level'] = E_ALL;
$conf['max_exec_time'] = 0;
$conf['use_ssl'] = 2;
$conf['server']['name'] = $_SERVER['SERVER_NAME'];
$conf['server']['port'] = $_SERVER['SERVER_PORT'];
$conf['compress_pages'] = true;
$conf['umask'] = 077;
$conf['session']['name'] = 'Horde';
$conf['session']['cache_limiter'] = 'nocache';
$conf['session']['timeout'] = 0;
$conf['cookie']['domain'] = $_SERVER['SERVER_NAME'];
$conf['cookie']['path'] = '/horde';
$conf['sql']['persistent'] = true;
$conf['sql']['hostspec'] = 'localhost';
$conf['sql']['username'] = 'horde';
$conf['sql']['password'] = '123456';
$conf['sql']['protocol'] = 'unix';
$conf['sql']['database'] = 'horde';
$conf['sql']['charset'] = 'iso-8859-1';
$conf['sql']['phptype'] = 'mysql';
$conf['auth']['admins'] = array('Administrator', 'fengmx@hasux.com', 'tun@hasux.com');
$conf['auth']['checkip'] = true;
$conf['auth']['checkbrowser'] = true;
$conf['auth']['alternate_login'] = false;
$conf['auth']['redirect_on_logout'] = false;
$conf['auth']['params']['app'] = 'imp';
$conf['auth']['driver'] = 'application';
$conf['signup']['allow'] = false;
$conf['log']['priority'] = PEAR_LOG_NOTICE;
$conf['log']['ident'] = 'HORDE';
$conf['log']['params'] = array();
$conf['log']['name'] = '/tmp/horde.log';
$conf['log']['params']['append'] = true;
$conf['log']['type'] = 'file';
$conf['log']['enabled'] = true;
$conf['log_accesskeys'] = false;
$conf['prefs']['params']['driverconfig'] = 'horde';
$conf['prefs']['driver'] = 'sql';
$conf['datatree']['params']['driverconfig'] = 'horde';
$conf['datatree']['driver'] = 'sql';
$conf['group']['driver'] = 'datatree';
$conf['cache']['default_lifetime'] = 1800;
$conf['cache']['params']['dir'] = Horde::getTempDir();
$conf['cache']['params']['gc'] = 86400;
$conf['cache']['driver'] = 'file';
$conf['token']['params']['driverconfig'] = 'horde';
$conf['token']['driver'] = 'sql';
$conf['mailer']['params']['sendmail_path'] = '/usr/lib/sendmail';
$conf['mailer']['params']['sendmail_args'] = '-oi';
$conf['mailer']['type'] = 'sendmail';
$conf['vfs']['params']['driverconfig'] = 'horde';
$conf['vfs']['type'] = 'sql';
$conf['sessionhandler']['params']['persistent'] = true;
$conf['sessionhandler']['params']['rowlocking'] = true;
$conf['sessionhandler']['params']['protocol'] = 'unix';
$conf['sessionhandler']['params']['hostspec'] = 'localhost';
$conf['sessionhandler']['params']['username'] = 'horde';
$conf['sessionhandler']['params']['password'] = '123456';
$conf['sessionhandler']['params']['database'] = 'horde';
$conf['sessionhandler']['type'] = 'mysql';
$conf['problems']['email'] = 'webmaster@example.com';
$conf['problems']['maildomain'] = 'example.com';
$conf['problems']['tickets'] = false;
$conf['menu']['apps'] = array();
$conf['menu']['always'] = false;
$conf['menu']['links']['help'] = 'all';
$conf['menu']['links']['help_about'] = true;
$conf['menu']['links']['options'] = 'authenticated';
$conf['menu']['links']['problem'] = 'all';
$conf['menu']['links']['login'] = 'all';
$conf['menu']['links']['logout'] = 'authenticated';
$conf['hooks']['permsdenied'] = false;
$conf['hooks']['username'] = false;
$conf['hooks']['preauthenticate'] = false;
$conf['hooks']['postauthenticate'] = false;
$conf['hooks']['authldap'] = false;
$conf['portal']['fixed_blocks'] = array();
$conf['accounts']['driver'] = 'null';
$conf['imsp']['enabled'] = false;
$conf['kolab']['enabled'] = false;
/* CONFIG END. DO NOT CHANGE ANYTHING IN OR BEFORE THIS LINE. */

end.
cd /srv/www/htdocs/horde/imp/config
conf.php
begin
 <?php
/* CONFIG START. DO NOT CHANGE ANYTHING IN OR AFTER THIS LINE. */
// $Horde: imp/config/conf.xml,v 1.53.2.12 2006/03/22 21:37:38 slusarz Exp $
$conf['utils']['gnupg_keyserver'] = array('wwwkeys.pgp.net');
$conf['utils']['gnupg_timeout'] = '10';
$conf['menu']['apps'] = array();
$conf['user']['select_sentmail_folder'] = false;
$conf['user']['allow_resume_all_in_drafts'] = false;
$conf['user']['allow_folders'] = true;
$conf['user']['allow_resume_all'] = false;
$conf['user']['allow_view_source'] = true;
$conf['user']['alternate_login'] = false;
$conf['user']['redirect_on_logout'] = false;
$conf['server']['server_list'] = 'shown';
$conf['server']['sort_limit'] = '0';
$conf['server']['cache_folders'] = false;
$conf['server']['cache_msgbody'] = false;
$conf['mailbox']['show_attachments'] = false;
$conf['mailbox']['show_preview'] = false;
$conf['mailbox']['show_xpriority'] = false;
$conf['fetchmail']['show_account_colors'] = false;
$conf['fetchmail']['size_limit'] = '4000000';
$conf['msgsettings']['filtering']['words'] = './config/filter.txt';
$conf['msgsettings']['filtering']['replacement'] = '****';
$conf['spam']['reporting'] = false;
$conf['notspam']['reporting'] = false;
$conf['msg']['prepend_header'] = true;
$conf['msg']['append_trailer'] = true;
$conf['compose']['allow_cc'] = true;
$conf['compose']['allow_bcc'] = true;
$conf['compose']['allow_receipts'] = true;
$conf['compose']['special_characters'] = true;
$conf['compose']['use_vfs'] = false;
$conf['compose']['link_all_attachments'] = false;
$conf['compose']['link_attachments_notify'] = true;
$conf['compose']['link_attachments'] = true;
$conf['compose']['add_maildomain_to_unexpandable'] = false;
$conf['compose']['attach_size_limit'] = '0';
$conf['compose']['attach_count_limit'] = '0';
$conf['hooks']['vinfo'] = false;
$conf['hooks']['signature'] = false;
$conf['hooks']['trailer'] = false;
$conf['hooks']['fetchmail_filter'] = false;
$conf['hooks']['mbox_redirect'] = false;
$conf['hooks']['mbox_icon'] = false;
$conf['hooks']['spam_bounce'] = false;
$conf['maillog']['use_maillog'] = true;
$conf['tasklist']['use_tasklist'] = true;
$conf['notepad']['use_notepad'] = true;

end.
servers.php
begin

$servers['imap'] = array(
    'name' => 'Positive Mail Server',
    'server' => 'localhost',
    'hordeauth' => 'full',
    'protocol' => 'imap/notls',
    'port' => 143,
    'maildomain' => 'positive.com.cn',
    'smtphost' => 'mail.positive.com.cn',
    'smtpport' => 25,
    'realm' => '',
    'preferred' => 'mail.positive.com.cn',
);
$servers['cyrus'] = array(
    'name' => 'Cyrus IMAP Server',
    'server' => 'cyrus.example.com',
    'hordeauth' => false,
    'protocol' => 'imap/notls',
    'port' => 143,
    'maildomain' => 'example.com',
    'smtphost' => 'smtp.example.com',
    'smtpport' => 25,
    'realm' => '',
    'preferred' => '',
    'admin' => array(
        'params' => array(
            'login' => 'cyrus',
            'password' => 'cyrus_pass',
            'userhierarchy' => 'user.'
        )
    ),
    'quota' => array(
        'driver' => 'cyrus',
        'params' => array(
            'login' => 'cyrus',
            'password' => 'cyrus_pass',
            'userhierarchy' => 'user.'
        )
    ),
    'acl' => array(
        'driver' => 'rfc2086',
    ),
);

$servers['pop'] = array(
    'name' => 'POP3 Server',
    'server' => 'pop.example.com',
    'hordeauth' => false,
    'protocol' => 'pop3',
    'port' => 110,
    'maildomain' => 'example.com',
    'smtphost' => 'smtp.example.com',
    'smtpport' => 25,
    'realm' => '',
    'preferred' => '',
);

$servers['exchange'] = array(
    'name' => 'Exchange 5.5 server',
    'server' => 'exchange.example.com',
    'hordeauth' => false,
    'protocol' => 'imap',
    'port' => 143,
    'maildomain' => '',
    'smtphost' => 'smtp.example.com',
    'realm' => '',
    'preferred' => '',
);

if ($GLOBALS['conf']['kolab']['enabled']) {
    $servers['kolab'] = array(
        'name' => 'Kolab Cyrus IMAP Server',
        'server' => $GLOBALS['conf']['kolab']['imap']['server'],
        'hordeauth' => 'full',
        'protocol' => 'imap/notls/novalidate-cert',
        'port' => $GLOBALS['conf']['kolab']['imap']['port'],
        'maildomain' => $GLOBALS['conf']['kolab']['imap']['maildomain'],
        'realm' => '',
        'preferred' => '',
        'quota' => array(
            'driver' => 'cyrus',
            'params' => array(
                'login' => $GLOBALS['conf']['kolab']['imap']['adminuser'],
                'password' => $GLOBALS['conf']['kolab']['imap']['adminpw'],
                'userhierarchy' => 'user.'
            )
        ),
        'acl' => array(
            'driver' => 'rfc2086',
        ),
    );
}

end.

in this test,there are many warnings in file /var/log/mail, see follows:
Aug  3 09:37:17 scarlet postfix/qmgr[14364]: warning: connect to transport virtual: Operation not permitted
Aug  3 09:38:17 scarlet postfix/qmgr[14364]: warning: connect to transport virtual: Operation not permitted

The method to resolve above problems is :
In default, AppArmor is enabled after installation of SuSE 10.1. The AppArmor prevent the "virtual(static:1000)" user access the /var/spool/postfix/private/virtual socket. Install apparmor-utils using YaST and enable the /usr/lib/postfix/qmgr to have write access right to /var/spool/postfix/private/virtual,but file /var/log/messages can also have error:

Aug  3 17:16:39 e-mail kernel: audit(1154596599.319:89): REJECTING x access to /usr/lib/postfix/virtual (master(21718) profile /usr/lib/postfix/master active /usr/lib/postfix/master)

you should give enough x right to profile usr/lib/postfix/master on  /usr/lib/postfix/virtual.

other warnings:
Aug  4 09:47:38 e-mail dovecot: auth-worker(default): password(fengmx@positive.com.cn,127.0.0.1): Requested DIGEST-MD5 scheme, but we have only MD5

you should modify file /etc/dovecot/dovecot.conf,do follows:

cd /etc/dovecot
vi dovecot.conf
change: mechanisms = plain digest-md5
to:     mechanisms = plain




 

±¾Îijö×Ô ¡°doff¡± ²©¿Í£¬Ð»¾øתÔØ£¡

±¾Îijö×Ô 51CTO.COM¼¼Êõ²©¿Í