FreeBSD 9 and Mail Toaster 6 in a VM

Create VM
Each virtualization environment is different. Tweak the components below as necessary.
 * Download the FreeBSD 9.1-RELEASE-amd64 DVD ISO (from here) and transfer it to your VM server.
 * Create a new VM:
 * CPU: dual-socket or dual-core (minimum)
 * RAM: 2GB (minimum)
 * Network: Intel e1000 (bridged)
 * Create a 50GB primary disk (ide/scsi)
 * Add FreeBSD 9.1-RELEASE-amd64 DVD ISO as an optical drive (ide/scsi).

Install FreeBSD

 * Power on the VM.
 * It should boot to the FreeBSD 9.1-RELEASE-amd64 DVD ISO.
 * System Components: Add "src".
 * Disks: Guided, use entire disk.
 * Network: Use ipv4 only (unless you also use ipv6).
 * Services: Add ntpd.
 * This should leave you with FreeBSD 9.1-RELEASE-amd64 installed on the 50GB VHD.
 * Shut down the VM after installation.
 * Remove the ISO from the VM's optical drive (set to empty).
 * Verify the VM's boot order is set to use the primary VHD first.

First Boot
ntpdate -s pool.ntp.org freebsd-update fetch freebsd-update install
 * Power on the VM and log in as root.
 * Set the time:
 * Update the system:
 * Reboot

Configure Virtual IO Drivers
Each hypervisor has it's own way of getting the best I/O between a VM and the host. These drivers primarily improve block (disk) and network performance, however, other VM functions (such as memory and video) can also be improved.

KVM/QEMU on Proxmox
For KVM/QEMU on ProxmoxVE, follow the virtio steps here.

VMware
For VMware, install VMware Tools or Open VM Tools. cd /usr/ports/lang/perl5.16 && make install clean
 * Install Perl
 * attach the 'VM guest tools', often with a '[Re]install VMware Tools' menu item
 * mount_cd9660 /dev/cd0 /mnt
 * cd /tmp && tar -xzf /mnt/vmware-freebsd-tools.tar.gz
 * cd /tmp/vmware-tools-distrib && perl vmware-install.pl

Xen
For Xen, be sure to install FreeBSD 9.0+ amd64, a XENHVM kernel, and the two xen ports: xen-tools & xen-guest-utilities
 * echo 'KERNCONF=XENHVM' >> /etc/make.conf
 * cd /usr/src/ && make kernel
 * cd /usr/ports/sysutils/xen-tools/ && make install clean
 * cd /usr/ports/sysutils/xe-guest-utilities/ && make install clean
 * echo 'xenguest_enable="YES"' >> /etc/rc.conf

Install Mail-Toaster
Note: This section was written and tested with mail-toaster 5.41. It will be updated when mail-toaster 6 is released. perl -v cd /usr/ports/lang/perl5.16 && make install clean mkdir -p /usr/local/src cd /usr/local/src fetch http://mail-toaster.org/Mail-Toaster.tar.gz tar -xzf Mail-Toaster.tar.gz cd Mail-Toaster-N-NN perl Makefile.PL make deps ** make test make install bin/toaster_setup.pl -s ports bin/toaster_setup.pl -s portmaster portmaster -a
 * Install (or verify existing version of) Perl:
 * Install mail-toaster:
 * Install ports:
 * Log out and back in (to update $PATH) and update installed ports:
 * Install MT config files:
 * Note: Enable MySQL support. You must enter passwords for all DBs!

bin/toaster_setup.pl -s config bin/toaster_setup.pl -s ssl bin/toaster_setup.pl -s pre bin/toaster_setup.pl -s mysql bin/toaster_setup.pl -s ucspi bin/toaster_setup.pl -s ezmlm bin/toaster_setup.pl -s vpopmail bin/toaster_setup.pl -s qmail bin/toaster_setup.pl -s maildrop bin/toaster_setup.pl -s dovecot bin/toaster_setup.pl -s webmail bin/toaster_setup.pl -s lighttpd bin/toaster_setup.pl -s qmailadmin bin/toaster_setup.pl -s squirrelmail --> IMPORTANT: Edit /usr/ports/mail/squirrelmail/Makefile and comment out IGNORE_WITH_PHP=5 first. bin/toaster_setup.pl -s roundcube bin/toaster_setup.pl -s filter bin/toaster_setup.pl -s maillogs bin/toaster_setup.pl -s supervise
 * Edit MT config files (PUT NON-DEFAULT TWEAKS HERE)
 * Install mail server software:
 * Install webmail applications:
 * REBOOT (Roundcube needs a restart or you get a blank page)
 * Install mail filtering:
 * Enable mail filtering:
 * Edit
 * Set "filtering_method" to "smtp"
 * Set "smtpd_qmail_queue" to "/var/qmail/bin/simscan"
 * Save and exit the file.
 * Run toaster-watcher.pl (or wait 5m) and filtering will be enabled.
 * Install logging:
 * Install cron entries

Test Mail-Toaster
bin/toaster_setup.pl -s test

Set Time Zone in PHP
date.timezone = America/New_York
 * Edit the php config file:
 * Look for  and change it to your server's timezone
 * Example:

Configure Squirrelmail for Dovecot IMAP
The folder prefix that Dovecot uses is not the same as Squirrelmail's default. cd /usr/local/www/squirrelmail ./configure
 * Run the Squirrelmail config:
 * Press "D" [enter]
 * Type "dovecot" [enter]
 * [enter]
 * Press "S" [enter]

Configure SpamAssassin Per-User Settings
(Click the title above to go to SpamAssassin setup page)

Configure a Signed SSL Cert
This gets rid of the self-signed SSL cert warning in all web browsers by setting your server up with a "proper" SSL vendor signed certificate. mkdir -p /usr/local/etc/lighttpd/certs chown root:wheel /usr/local/etc/lighttpd/certs chmod 770 /usr/local/etc/lighttpd/certs
 * Create certificate storage:

cd /usr/local/etc/lighttpd/certs chown root * chmod 600 *
 * Copy your domain SSL keys and certs into the new certs directory. Set restrictive permissions on them:

cat domain.key domain.crt > domain.pem
 * Merge both the (passwordless) SSL private key and the signed SSL cert into a single PEM file:


 * Edit lighttpd config
 * Look for  and set it to:

ssl.pemfile = "/usr/local/etc/lighttpd/certs/domain.pem"
 * Optional: Add a  line if your ssl cert requires a chain cert. Example:

ssl.ca-file = "/usr/local/etc/lighttpd/certs/gd_bundle.crt" service lighttpd configtest service lighttpd stop service lighttpd start
 * Restart lighttpd: