ECM3 email, web, ftp and
dns server installation on macOS Catalina

Page 1 - Brew, Apache, Mysql, phpMyAdmin
Page 2 - Exim, Dovecot, Spamassassin, Clamav, Roundcube
Page 3 - PowerDNS Recursor and Authoritative Server
Page 4 - Nginx (optional)
Page 5 - PureFTPd and Webalizer (optional)
Page 6 - SSL Certificates using Let'sEncrypt
Upgrades - How to upgrade brew modules


Exim

Install the following brew module:

$ brew install libidn2

pkg exim-4.94.pkg | June 12, 2020   (Must use configure file from this package)

Via terminal, create a user called 'email_users' with a password differrent than your mysql root password that will be used for exim and some other modules.

mysql -h 127.0.0.1 -u root -pPASSWORD
CREATE USER 'email_users'@'localhost' IDENTIFIED BY 'password_here';
GRANT ALL ON ecm3.* TO 'email_users'@'localhost'; FLUSH PRIVILEGES;

EDIT: Exim configuration file

$ sudo -s
$ nano /usr/local/exim/configure

SERVER_IP = 0.0.0.0
primary_hostname = example.com
hide mysql_servers = localhost::(/tmp/mysql.sock)/ecm3/email_users/password_here
tls_certificate = ${if exists{/private/etc/certificates/${tls_sni}.crt} \ 
{/private/etc/certificates/${tls_sni}.crt}{/private/etc/certificates/example.com.crt}}
tls_privatekey = ${if exists{/private/etc/certificates/${tls_sni}.key} \ 
{/private/etc/certificates/${tls_sni}.key}{/private/etc/certificates/example.com.key}}

EDIT: Add path to php.ini file so exim can be used as a sendmail replacement/dropin.

$ open -e /usr/local/etc/php/7.4/php.ini

sendmail_path = /usr/local/sbin/sendmail -t -i    

$ sudo launchctl load /Library/LaunchDaemons/net.captainnet.exim.plist
$ sudo launchctl load /Library/LaunchDaemons/net.captainnet.exim-logrotate.plist




Dovecot

pkg dovecot-2.3.14.pkg | March 6, 2021 
pkg dovecot-2.3.13.pkg | February 24, 2021 

Both Exim and Dovecot comes with a generic self signed ssl certificate called 'mailserver.crt' and 'mailserver.key' otherwise the installation would not start. Click for more info for generating your own self signed domain cert.

EDIT:
$ sudo -s
$ nano /usr/local/dovecot/etc/dovecot/dovecot-sql.conf.ext

connect = host=/tmp/mysql.sock dbname=ecm3 user=email_users password=password_here

EDIT:
$ nano /usr/local/dovecot/etc/dovecot/conf.d/10-ssl.conf

Replace 'example1.com' with your domain name you have created a certificate for already during earlier installation.

local_name example1.com {
ssl_cert = </private/etc/certificates/example1.com.crt
ssl_key = </private/etc/certificates/example1.com.key
}

EDIT:
$ nano /usr/local/dovecot/etc/dovecot/conf.d/15-lda.conf

postmaster_address = postmaster@example1.com   

$ sudo launchctl load /Library/LaunchDaemons/net.captainnet.dovecot.plist




SpamAssassin

pkg SpamAssassin-3.4.4.pkg | June 12, 2020

$ sudo ln -s /usr/local/opt/openssl/lib/libcrypto.dylib /usr/local/opt/mysql/lib
$ sudo ln -s /usr/local/opt/openssl/lib/libssl.dylib /usr/local/opt/mysql/lib

$ brew install cmake

Cpan will require you to go through a series of question of which almost all is "default" except the first one: What approach do you want? Type "sudo" and hit return to continue.

pkg

$ sudo -s
$ cpan
$ install DBI
$ install DBD::mysql
$ install IO::Socket::IP
$ install Net::Patricia
$ install Net::DNS

Login as user:

$ echo 'export PATH=/usr/local/spamassassin/bin:$PATH' >> ~/.zshrc

EDIT:
$ open -e /usr/local/spamassassin/etc/mail/spamassassin/sql.cf

Replace the word CHANGE with your password for email_users at three differrent places.

$ sudo /usr/local/spamassassin/bin/sa-update --no-gpg
$ sudo launchctl load /Library/LaunchDaemons/net.captainnet.spamassassin.plist

Reboot computer.




ClamAV

$ brew install clamav
$ sudo -s
$ chown clamav:admin /usr/local/opt/clamav/share/clamav
$ /usr/local/opt/clamav/bin/freshclam -v

pkg clamav-start_7-3-20.pkg | July 3, 2020

$ sudo -s
$ launchctl load /Library/LaunchDaemons/net.captainnet.clamd.plist
$ launchctl load /Library/LaunchDaemons/net.captainnet.freshclam.plist




Roundcubemail

pkg roundcubemai-1.4.10.pkg | December 28, 2020 - Security Update

Create database for roundcubemail

mysql -h 127.0.0.1 -u root -pPASSWORD
CREATE database roundcube; use roundcube; \. /usr/local/share/roundcubemail/SQL/mysql.initial.sql

In the following three instances use your root mysql password.

EDIT:
$ open -e /usr/local/share/roundcubemail/config/config.inc.php

$config['db_dsnw'] = 'mysql://root:password_here@localhost/roundcube';

EDIT:
$ open -e /usr/local/share/roundcubemail/plugins/SAUserPrefs/config.inc.php

$config['sauserprefs_db_dsnw'] = 'mysql://root:password_here@localhost/ecm3';