FreeBSD. Setup a mail server based on Exim + Dovecot + SpamAssassin + Clamav with Vexim + RoundCube web UI | [email protected]

We put nginx
lifestar# cd /usr/ports/www/nginx
lifestar# make install clean

add to/etc/rc.conf:

lifestar# cd /usr/ports/databases/mysql51-server
lifestar# make install clean

add to/etc/rc.conf:
Launch MySQL

lifestar# /usr/local/etc/rc.d/mysql-server start

Set the password for root in MySQL (in parentheses, the password itself)
lifestar# mysqladmin -u root password 'password'

Install PHP (note [*] FPM Build FPM version)
lifestar# cd /usr/ports/lang/php5
lifestar# make install clean

add to/etc/rc.conf:

Let’s bring the file/usr/local/etc/php-fpm.conf to such a view:

[global] pid = run/ error_log = /var/log/php-fpm.log events.mechanism = kqueue


We create a directory in which pool descriptions for PHP-FPM will lie (someone may be useful if there are more than one users for sites):

lifestar# mkdir -p/usr/local/etc/php-fpm.d/ and describe the pool
lifestar# ee /usr/local/etc/php-fpm.d/www.conf

[www] user = www group = www listen = /tmp/php-fpm.sock listen.backlog = -1 pm = dynamic pm.max_children = 2 pm.start_servers = 1 pm.min_spare_servers = 1 pm.max_spare_servers = 2 pm.max_requests = 500 php_admin_value[error_log] = /var/log/fpm-php.www.log

php_admin_value[memory_limit] = 128M

We run PHP-FPM:
lifestar# /usr/local/etc/php-fpm start

Put Vexim (note MySQL):
lifestar# cd /usr/ports/mail/vexim/
lifestar# make install clean

We install the module p5-DBD-mysql51
lifestar# cd /usr/ports/databases/p5-DBD-mysql51/
lifestar# make

lifestar# make install clean

Run the script:
perl /usr/local/share/vexim/ --act=newdb --dbtype=mysql -uid=110 --gid=110 --mailstore=/usr/local/mail
lifestar# Please enter the username of the mysql superuser: root Please enter the password of the mysql superuser: Please enter the name of your NEW database: vexim -------------------------------------------------- Database: vexim will be created --------------------------------------------------

Is this correct? (Y = continue / anykey = exit ): Y

Please enter a password for the 'vexim' database user: Confirm password: Please enter a password for the 'siteadmin' user: Confirm password: The user 'siteadmin' has been added with the password

Database created successfully!

Create a directory with virtual hosts for nginx

lifestar# mkdir -p /usr/local/etc/nginx/vhosts

Let’s bring /usr/local/etc/nginx/nginx.conf to this form:

worker_processes 2;

events { use kqueue; worker_connections 2048;


http { include mime.types; default_type application/octet-stream; sendfile on; client_body_buffer_size 16K; client_header_buffer_size 1k; client_max_body_size 32M; large_client_header_buffers 2 1k; client_body_timeout 10; client_header_timeout 10; keepalive_timeout 5 5; send_timeout 10; reset_timedout_connection on; server_tokens off;

gzip on;

# Close calls to IP address server { listen 80 default_server; server_name _; return 444;


# PHP-FPM upstream php-fpm { server unix:/tmp/php-fpm.sock;


# We will include files with virtual hosts include /usr/local/etc/nginx/vhosts/*; }

Making a virtual host in nginx for Vexim

lifestar# ee /usr/local/etc/nginx/vhosts/

server { listen 80; server_name; access_log /var/log/nginx/exim-access.log; error_log /var/log/nginx/exim-error.log; root /usr/local/www/vexim; index index.php;

charset utf-8;

location ~ .php$ { fastcgi_pass php-fpm; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include /usr/local/etc/nginx/fastcgi_params;


location ~ /.ht { deny all; } }

Editing the Vexim config
lifestar# ee /usr/local/www/vexim/config/variables.php "; and enter the data you entered earlier to connect to the database. Create a group and user exim:
lifestar# pw groupadd vexim -g 90
lifestar# pw useradd vexim -u 90 -g vexim -d /usr/local/mail -m -s /nonexistant

Install Exim (mark the SA-EXIM option for SpamAssasin) :
lifestar# cd /usr/ports/mail/exim && make install clean Add in /etc/rc.conf:


We copy and edit the configuration
lifestar# cd /usr/local/etc/exim/ lifestar# cp /usr/local/share/doc/vexim/docs/*.conf ./ lifestar# cp /usr/local/share/doc/vexim/docs/configure ./

lifestar# ee /usr/local/etc/exim/configure

We find the line:

MY _ IP = CHANGE describe your ip

MY_IP => Find: trusted_users = avleen:www
and remove avleen. It remains:

trusted_users = www exim_user = mailnull exim_group = mail

never_users = root

We find a timed string responsible for connecting to the MySQL server, decompose it and put our password there:

hide mysql_servers = localhost::(/tmp/mysql.sock)/vexim/vexim/vexim

Let’s unwind:

AINS = SELECT DISTINCT domain FROM domains WHERE type = 'relay' AND domain = '${quote_mysql:$domain}' ALIAS_DOMAINS = SELECT DISTINCT alias FROM domainalias WHERE alias = '${quote_mysql:$domain}'timeout_frozen_after = 2d

log_selector = +subject

We change the path to the ClamAV antivirus: Find:

av_scanner = clamd:/var/run/clamav/clamd и меняем на av_scanner = clamd:/var/run/clamav/clamd.sock

Add to/etc/rc.conf
spamd _ enable = "YES" and run
exim# /usr/local/etc/rc.d/sa-spamd start

We put ClamAV:
lifestar# cd /usr/ports/security/clamav && make install clean Add to/etc/rc.conf:


and launch
lifestar# /usr/local/etc/rc.d/clamav-clamd start Start updating ClamAV databases

lifestar# /usr/local/etc/rc.d/clamav-freshclam start

Add in /etc/rc.conf

Install Dovecot:
lifestar# cd /usr/ports/mail/dovecot && make install clean Settings are stored in a file /usr/local/etc/dovecot.conf

We bring the config to this type

base_dir = /var/run/dovecot/ protocols = imap pop3 imaps pop3s protocol imap { listen=*:143 } protocol pop3 { listen=*:110 } disable_plaintext_auth = no log_path =/var/log/dovecot log_timestamp = "%b %d %H:%M:%S " syslog_facility = mail ssl = no ssl_parameters_regenerate = 0 mail_location = maildir:~/Maildir mail_privileged_group = mail mail_debug = yes mail_log_prefix = "%Us(%u): " dotlock_use_excl = yes verbose_proctitle = yes first_valid_uid = 90 first_valid_gid = 90 maildir_copy_with_hardlinks = yes protocol imap { mail_executable = /usr/local/libexec/dovecot/imap imap_client_workarounds = delay-newmail netscape-eoh tb-extra-mailbox-sep


protocol pop3 { mail_executable = /usr/local/libexec/dovecot/pop3 pop3_uidl_format = %08Xu%08Xv pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } protocol lda {

postmaster_address = [email protected]

sendmail_path = /usr/sbin/sendmail } auth_username_format = %Lu auth_verbose = yes auth_debug = yes auth default { ssl_require_client_cert=no ssl_username_from_cert=no mechanisms = plain login passdb pam { args = session=yes dovecot } passdb sql { args = /usr/local/etc/dovecot-sql.conf } userdb passwd { args = blocking=yes } userdb sql { args = /usr/local/etc/dovecot-sql.conf } user = root socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 } client { path = /var/run/dovecot/auth-client mode = 0660 } } } dict { } plugin {


We configure the connection to MySQL in the file dovecot-sql.conf

lifestar# ee /usr/local/etc/dovecot-sql.conf

driver = mysql connect = host=/tmp/mysql.sock user=vexim password=PASSWORD dbname=vexim default_pass_scheme = MD5-CRYPT password_query = SELECT crypt as `password` FROM users,domains WHERE users.username = '%u' AND users.enabled = '1' AND users.type = 'local' and domains.enabled = '1' and domains.domain_id = users.domain_id

user_query = SELECT pop as home, uid, gid FROM users WHERE username = '%u'

Add an entry to/etc/rc.conf:
Launch Dovecot:

lifestar# /usr/local/etc/rc.d/dovecot start

Put RoundCube (select MySQL):

lifestar# cd /usr/ports/mail/roundcube/
lifestar# make install clean

And then the commands in order:

lifestar#cd /usr/local/www/roundcube
lifestar# chmod 777 logs/

lifestar# chmod 777 temp/

Create database

lifestar# mysql -p Enter password: Welcome to the MySQL monitor. Commands end with ; or g. mysql> CREATE DATABASE roundcubemail DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;

Query OK, 1 row affected (0.01 sec)

mysql> GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost IDENTIFIED BY ‘password’;
Query OK, 0 rows affected (0.00 sec)

mysql> quit

lifestar# cd /usr/local/www/roundcube/
lifestar# mysql -p roundcubemail < SQL/mysql.initial.sql

lifestar# cp config/ config/
lifestar# ee config/
Edit the configuration file/usr/local/www/roundcube/config/, which is responsible for connecting to the database:
$rcmail_config['db_dsnw'] = 'mysql://roundcube:pass@localhost/roundcubemail';

Edit the file containing the basic settings:
lifestar# ee config/

$rcmail_config[‘default_host’] = ‘localhost’; #Host with mail server
$rcmail_config[‘username_domain’] = ‘’; #Domain automatically added to username $rcmail_config[‘mail_domain’] = ‘’; #Mail domain
$rcmail_config[‘default_port’] = 143; #Port IMAP
$rcmail_config[‘imap_auth_type’] = null; #Authorization type IMAP
$rcmail_config[‘smtp_server’] = ‘localhost’; #SMTP server
$rcmail_config[‘smtp_user’] = ‘%u’; $rcmail_config[‘smtp_pass’] = ‘%p’; $rcmail_config[‘smtp_auth_type’] = ‘CRAM-MD5’; #Authorization type SMTP
$rcmail_config[‘create_default_folders’] = TRUE; #By first login making default mail folders (Inbox, Outbox, Trash etc)
$rcmail_config[‘language’] = en_EN; #Localization

And add a virtual host to nginx for Roundcube

lifestar# ee /usr/local/etc/nginx/vhosts/

server { listen 80; server_name; access_log /var/log/nginx/mail-access.log; error_log /var/log/nginx/mail-error.log; root /usr/local/www/roundcube; index index.php;

charset utf-8;

location ~ .php$ { fastcgi_pass php-fpm; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include /usr/local/etc/nginx/fastcgi_params;


location ~ /.ht { deny all; } }

Restart PHP-FPM and NGINX
lifestar# /usr/local/etc/rc.d/nginx restart && usr/local/etc/rc.d/php-fpm restart

Roundcube is now available at and Vexim by

We go to the address We log in under siteadmin and the password that we set earlier

Click Add local domain

We spell out the domain, the administrator name (by default postmaster, you can change to any, the postmaster @ domain box will also be created, and let’s create, for example, admin) write out the password (for example pass) repeat the password

note antispam and antivirus (optional) and press Submit

We have a mail account admin@domain with a password pass

To create another mailbox for the created domain, let’s log in under the login of the domain administrator, in our case – admin

Жмем Add, delete and manage POP/IMAP accounts
Then Add User Write the name (any, it’s just for displaying in the list of users) login (for example user) twice password (for example userpass) Has domain admin privileges? – note, we want to make the user also domain admin And press Submit.

We have a user@domain email account with a userpass password

Now you can go to the roundcube using the link under the user@domain login and userpass password

Autologin and autostart of Xorg in FreeBSD | [email protected]

In /etc/gettytab we enter after the lines
PlPclPc console: :ht:np:sp#115200: Here is an entry where lifestar is the username under which you need to login

Pc-autologin|Pc console with autologin: :ht:np:sp#115200:al=lifestar:

Then, in /etc/ttys, edit the line

ttyv0 "/usr/libexec/getty Pc" cons25r on secure


ttyv0 "/usr/libexec/getty Pc-autologin" cons25r on secure

And in the ~/.profile at the end add the line:


To run for example kde4, then in ~/.xinitrc we write the following

exec "/usr/local/kde4/bin/startkde"

Installing Game-server Counter-Strike 1.6 on FreeBSD | [email protected]

counter strike 1.6 on freebsd

1) System preparation Install Linux emulator linux_base-fc10

# cd /usr/ports/emulators/linux_base-f10 && make install clean

Enter the startup strings of the linux emulator when the system boots

in /etc/rc.conf:
linux_enable=”YES” , В /etc/sysctl.conf:

compat.linux.osrelease=2.6.16 ,

And in /etc/fstab:
linproc /usr/compat/linux/proc linprocfs rw 0 0 next, we put commands:

mkdir -p /usr/compat/linux/proc mount /usr/compat/linux/proc /etc/rc.d/abi start /etc/rc.d/sysctl start

Add the following options to the kernel configuration
options DEVICE_POLLING options HZ=1000

Download these files
1) The server itself is hlds_l_1120_full.bin 424Mb
NoSteam – 8mb

Unpack the archive, create a directory and update it.
# mkdir /usr/steam

Copy the hlds_l_1120_full.bin file to the created directory, then install the launch rights to it and launch it.
# chmod 700 hlds_l_1120_full.bin
# ./hlds_l_1120_full.bin

We answer the license question “YES.” After a while hlds_l_1120_full.tgz a file will appear that needs to be unpacked

# tar zxvf hlds_l_1120_full.tgz

The folder hlds_l you want to browse to
# cd /usr/steam/hlds_l/

Updating Steam

Put from under any user except root otherwise will not update!!!

#./steam -update[/color]

After starting, the system will write the following:
Checking bootstrapper version... Getting version 9 of Steam HLDS Update Tool Downloading. . . . . . . . . . . Steam Linux Client updated, please retry the command < br > If you do not have an account in the stimulus, you can create it, if necessary. But we don’t need to, so NoSteam will be below.

Counter-Strike Update < br > < code > # ./steam -command update -game strike -dir/ usr/steam/hlds_l A successful update message appears.

Verifying: /usr/steam/hlds_l\valve\valvecomm.lst Downloading: /usr/steam/hlds_l\valve\violence.cfg Verifying: /usr/steam/hlds_l\valve\xeno.wad

HLDS installation up to date

NoSteam If you start the server immediately and try to connect a client to it, an interesting Invalid CD key plate will appear. It must be removed To do this, unpack the contents of the file replacing the original files
# tar zxvf /usr/steam/hlds_l[/color]

Start We start not from the root user, but from another created user, because firstly it will be safer, and secondly, there will be fewer problems when starting the server!

# cd /usr/steam/hlds_l
# ./hlds_run -game cstrike -insecure -nomaster +sv_lan 1 +maxplayers 12 +map de_dust

If the output is without errors, then I congratulate you – the server up in order
Auto detecting CPU Using Pentium II Optimised binary.

Auto-restarting the server on crash

Console initialized. scandir failed:/usr/home/911/hlds_l/./valve/SAVE scandir failed:/usr/home/911/hlds_l/./platform/SAVE Protocol version 47 Exe version (cstrike) Exe build: 20:02:49 Oct 24 2006 (3651) STEAM Auth Server couldn’t exec language.cfg Server IP address scandir failed:/usr/home/911/hlds_l/./valve/SAVE

scandir failed:/usr/home/911/hlds_l/./platform/SAVE

couldn’t exec listip.cfg couldn’t exec banned.cfg Master server communication disabled. 0 fps — host(6401) sv( 0) cl( 0) gfx( 0) snd( 0) ents(101) You can also look as follows.

# sockstat |grep hlds 911 hlds_i686 2067 4 udp4 *:27015 *:* 911 hlds_i686 2067 7 udp4 *:* 911 hlds_i686 2066 4 udp4 *:27015 *:* 911 hlds_i686 2066 7 udp4 *:* 911 hlds_i686 2065 4 udp4 *:27015 *:* 911 hlds_i686 2065 7 udp4 *:*

game cstrike – the mode to run. -insecure – disables VAC -nomaster – the server does not log into the WON. + sv _ lan 1 – running in LAN mode + maxplayers – number of players

+ map de_dust – starting map

Run in background
# ./hlds_run -game cstrike -insecure -nomaster +sv_lan 1 +maxplayers 12 +map de_dust > /dev/null 2>&1 &[/color]
Or with logs, like that

# ./hlds_run -game cstrike -insecure -nomaster +sv_lan 1 +maxplayers 12 +map de_dust > hlds.log 2>&1 &



The main config of the server, all the main parameters of its operation are set here. See Cmds & amp; Cvars hlds_l/cstrike/motd.txt Here is the text of the message that is displayed when connected to the game. hlds_l/cstrike/mapcycle.txt List of cards in rotation in the game. want to add delete and duplicate as you like. hlds_l/cstrike/map/

Actually, the path where the maps are located

Startup scripts
/usr/steam/hlds_l/hlds_run -game cstrike -insecure -nomaster +sv_lan 1 +maxplayers 12 +map de_dust >/dev/null 2>&1 &

# chmod +x
# sh