sudo useradd james
Installing James as a service of CentOSTweet
Posted on Thursday Feb 05, 2015 at 05:16PM in Technology
In previous posting, I set up James as a plain standalone application on OS X. this time I’m going to install James as a service on CentOS 6.6, and expose its SMTP, POP3 and IMAP ports to external network.
Create a user for James
java process of James will run
james user which added in this step.
james-server-app-3.0.0-beta5-SNAPSHOT-app.tar.gz which built in previous posting.
sudo tar zxvf james-server-app-3.0.0-beta5-SNAPSHOT-app.tar.gz -C /usr/local --no-same-owner sudo chown -R james:james /usr/local/james-server-app-3.0.0-beta5-SNAPSHOT sudo ln -s /usr/local/james-server-app-3.0.0-beta5-SNAPSHOT /usr/local/james
Change ports that James will listen
Add offset of
bind element in
imapserver.xml respectively as I did in previous posting.
Reduce heap size
Default maximum heap size of James is 512MB but it’s too large for me because I have only small amount of memory on the server so I reduced it to more smaller. this can be done with modifying the file
$JAMES_HOME/conf/wrapper.conf as follows:
Define user to startup script
$JAMES_HOME/bin/james there’s a variable which defines the user to run the process of James. so set it to
james as follows:
Register the startup script
sudo ln -s /usr/local/james/bin/james /etc/init.d sudo chkconfig --add james sudo chkconfig james on
Now we can control James with
service command as follows:
sudo service james start sudo service james stop
Also James will be launched / shutdown automatically at every boot/shutdown process of CentOS.
NOTE on some environment, following error may occur.
$ sudo service james start Starting Apache James :: Server :: App... /usr/local/james-server-app-3.0.0-beta5-SNAPSHOT/bin/james: /usr/local/james-server-app-3.0.0-beta5-SNAPSHOT/bin/./wrapper-linux-x86-32: /lib/ld-linux.so.2: bad ELF interpreter: No such file or directory $
According to this discussion, it related to the environment which used in build. then the problem should be fixed with issuing following command:
sudo yum install glibc.i686
Configure port forwarding
This makes SMTP, POP3 and IMAP ports to be forwarded to ports of James listening. this enables us to launch James process as a regular user owning process, not root process. here’s an example of
*nat :PREROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] -A PREROUTING -i eth0 -p tcp --dport 25 -j DNAT --to-destination :10025 -A PREROUTING -i eth0 -p tcp --dport 110 -j DNAT --to-destination :10110 -A PREROUTING -i eth0 -p tcp --dport 143 -j DNAT --to-destination :10143 COMMIT *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 10025 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 10110 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 10143 -j ACCEPT COMMIT
After update the
/etc/sysconfig/iptables file, restart the iptables serivce as follows:
sudo service iptables restart
Remaining tasks such as registering shutdown hook of Derby, creating domains, users…
NOTE: You should make James to use secured connection
Currently all of communication between the server and client is clear text so any data including credentials can be sniffed. I would try to configure James to use secured connection in another post later.