Important Note

Please note that these manual installation instructions should only be used on Ubuntu distributions, such as Ubuntu Gutsy Gibbon 7.10 server, the distribution the document was written for. It is highly recommended to perform installation using the Scalix Installer on all supported platforms. If you manually install any version of Scalix, this may invalidate your ability to receive Scalix support for that software. Thank you for your understanding and compliance.

This document might be inaccurate and under construction. Do not trust this document.

Manual Installation on Ubuntu 7.10 Server (Gutsy Gibbon)

As Ubuntu 7.10 is an unsupported platform there is currently no manual describing the installation on this platform. It took me a lot of time to have the Scalix Community Edition installed on my Ubuntu server. To do so I had to combine the information of a lot of sources (wiki pages, forums posts, etc) together. At last I managed to get Scalix it up and running and just felt like sharing this with the community. Simply my way to give something back.

So below you'll find a how-to that describes the manual installation of Scalix on Ubuntu 7.10 server.

Applicable Environments

These Installation instructions have been tested with

• Scalix CE 11.3.0
• Ubuntu 7.10 Server (Gutsy Gibbon)

They might not apply unmodified to any other version of Scalix or Ubuntu.

Hardware

Scalix Community Edition software is currently available as an i386 build only. It will run on i386 and x86_64 Intel and AMD platforms.

System Preparation

The following items may be helpful in preparing your system for Scalix Installation:

Network Configuration

• Make sure you have at least one properly configured network interface.
• Use a static IP address; running a Scalix server on a machine using DHCP is not recommended.
• Correct hostname resolution/DNS setup is vital. It is also best to use DNS in a Scalix/mail environment. File-based hostname resolution can be used (/etc/hosts). However, the following should always be true:
  • Your system should have a fully-qualified hostname
  • The 'hostname' command should return the short hostname, while the 'hostname --fqdn' command should return the fully-qualified hostname
  • Both the hostname and the fully-qualified hostname should resolve to the system's IP address (not the loopback 127.0.0.1 IP address).
  • The special name 'localhost' should resolve to 127.0.0.1
  • The IP address of the system should reverse-resolve to the fully-qualified hostname (not the short hostname or localhost)

To achieve this your /etc/hosts file should contain at least the following two lines:

127.0.0.1         localhost
<yourexternalip>  <hostname.domain.com> <hostname>

Disk/File System Configuration

• Scalix Software is installed in /opt. You need 200 MB in this directory
• Scalix Data is kept in /var/opt/scalix. You need a minimum of 200 MB plus the size of any mailboxes.

Disabling Conflicting Services

Scalix comes with its own POP3, IMAP, LDAP and SMTP services. These might conflict with components already installed on the system.

• To check for processes listening on the POP3 and IMAP ports, use the

  sudo lsof -i :110  or  sudo netstat -anp | grep 110

  and

  sudo lsof -i :143  or  sudo netstat -anp | grep 143 

  commands. If you see any process/service running, shut it down and disable it from starting with system startup
• To check for processes listening on the standard LDAP port, use the

  sudo lsof -i :389  or  sudo netstat -anp | grep 389

  command. If you see any process/service running, you can use an alternate port number for Scalix LDAP. Please see this Wiki article.
• To check for processes listening on the standard SMTP port, use the

  sudo lsof -i :25  or  sudo netstat -anp | grep 25

  command. If sendmail listens on 127.0.0.1:25 it's allright, you can leave it the way it is. However, it should not listen on your external IP address. If you see a sendmail process/service listening on the external IP address, reconfigure your MTA. If you see another proces (MTA) than sendmail, make sure you remove your current MTA to replace it by sendmail (described below).

Software Selection

Note: Make sure you have the multiverse repository and the universe repository active in /etc/apt/sources.list and run:

sudo apt-get update

The following additional packages that come with Ubuntu are needed after base installation.

• Apache Webserver 2.x: the apache2 package

• Gnu AWK: the gawk package

• Kerberos (MIT Kerberos 5): the krb5-config, krb5-doc, krb5-user, libkadm55 and libkrb53 packages

• libglib2: the libglib2.0-0 package

• libstdc++: the libstdc++2.10-glibc2.2, gcc-4.2-base and libstdc++6 packages are also required

• libxml2: the libxml2, sgml-base and xml-core packages

• Postgres: the postgresql and postgresql-client packages

• SASL2 and modules for plain, crammd5 and gssapi (for MIT Kerberos): the libsasl2-modules and libsasl2-modules-gssapi-mit packages

• Tk: the tk8.3 package

• Tcl: the libfreetype6 and tcl8.3 packages

• text-based web browser: the elinks package

• Apache Tomcat mod_jk connector: the libapache2-mod-jk package

• Sun Java Runtime Environment: the sun-java5-jre package

• sendmail (if not installed yet, see Disabling Conflicting Services above): the sendmail package

To install all these packages together with their dependencies run the following command:

sudo apt-get install apache2 gawk krb5-config krb5-doc krb5-user libkadm55 libkrb53 libglib2.0-0 libstdc++2.10-glibc2.2
gcc-4.2-base libstdc++6 libxml2 sgml-base xml-core postgresql postgresl-client libsasl2-modules libsasl2-modules-gssapi-mit
libfreetype6 tcl8.3 tk8.3 elinks libapache2-mod-jk sun-java5-jre

If it is necessary to install sendmail as well, run also:

sudo apt-get install sendmail

Extra dependency

Scalix depends on a package called libsasl-2. Unfortunately is this package not available for Ubuntu 7.10. Sure, there is a replacement, so in fact there's no problem regarding the actual library dependencies, but the replacement package is called libsasl-2-2. It seems stupid, but the Scalix server won't install with this package and we really have to install a package called libsasl-2 next to it. As said, there's no such package available, so I created a kind of fake package (see also this forumthread on ubuntuforums.org) to install instead and prevent problems later on. Download the package here and install it using this command:

sudo dpkg -i libsasl2_2.1.22.dfsg1-9ubuntu2_i386.deb

Other preparation steps

The Scalix message store depends on the libssl0.9.7 package. As the 0.9.7 version is not available for this Ubuntu version, you have to sym-link the libcrypto.so.0.9.8 library to libcrypto.so.0.9.7 instead. This can be done by:

sudo ln -s /usr/lib/libcrypto.so.0.9.8 /usr/lib/libcrypto.so.0.9.7

Under Ubuntu the standard shell /bin/sh is linked to dash instead of bash. This will cause problems runing the scripts later on. To prevent this, please link /bin/sh temporarily to /bin/bash, after saving the original link of course (don't worry, we will restore the original state afterwards):

sudo mv /bin/sh /bin/SH
sudo ln -s /bin/bash /bin/sh

Download the Scalix Software

The Scalix 11.3.0 packages can be downloaded here. You will need to download the installer package for Debian, called: scalix-11.3.0-U1-GA-unsupported-debian-intel.bin.

Unpack the Scalix software

Start the downloaded installer:

sudo bash scalix-11.3.0-U1-GA-unsupported-debian-intel.bin

This will take you to the license agreement, to proceed:

• press the space bar repeatedly to scroll down if you want to read the license agreement, or press q to skip to the end immediately
• at the end of the agreement, at the prompt, accept the agreement by entering yes
• next, launch the readme file by pressing enter
• when prompted to run the package, say no

Install the Scalix Server package

Before installing the scalix-server package, we have to install the last two dependencies (scalix-chardet and scalix-libical). They come with the Scalix installer and can be installed by:

sudo dpkg -i scalix-debian-11.3.0-GA/software/scalix_server/scalix-chardet_1.0.20071031-2_i386.deb
sudo dpkg -i scalix-debian-11.3.0-GA/software/scalix_server/scalix-libical_0.27.20071008-1_i386.deb

After that, we can (finally) install the scalix-server package using dpkg, do so using this command:

sudo dpkg -i scalix-debian-11.3.0-GA/software/scalix_server/scalix-server_11.3.0.11339_i386.deb

Create and configure the initial Scalix Server Instance

Initialize the Scalix Message Store

To initialize the Scalix message store, use the

sudo /opt/scalix/bin/ommakeom

command. This creates an empty message store in /var/opt/scalix and also adds config file templates for all components into this directory tree. The process takes 3-15 minutes, depending on the speed of your system. Please check the screen output for any errors or problems during the process. A log of the message store creation is located in /var/opt/scalix/sys/install/log. In case of an error, correct the problem and restart message store creation by using the command:

sudo /opt/scalix/bin/ompatchom

Set generation rules for Display Name, Login Name and Internet Address

Before creating any new user, set the default rules for generating the display name (shown in the 'from' email header and address book display), the login name (used to log in to Scalix clients) and the Internet address.

See the following list of user attributes you can use in those rules:

• G represents the given name in mixed/original casing
• S represents the surname in mixed/original casing
• I represents the middle initial(s) in mixed/original casing
• C represents the common name/display name in mixed/original casing (this cannot be used in the display name generation)
• g, s, i and c represent the first character of the given name/surname/initials/common name in lower case
• f and l represent the full given name/last name in lowercase

1. To set up generation rules for the display name, use the

   sudo /opt/scalix/bin/sxconfig --set -t general.usrl_cn_rule='<rule>'

   command, e.g.

   sudo /opt/scalix/bin/sxconfig --set -t general.usrl_cn_rule='G S'

   to set the display name generation rule to <name> <surname>.
   
   
2. To set up generation rules for the login name, use the

   sudo /opt/scalix/bin/sxconfig --set -t general.usrl_authid_rule='<rule>'

   command, e.g.

   sudo /opt/scalix/bin/sxconfig --set -t general.usrl_authid_rule='sg'

   to set the login name generation rule to use the initials of the user in lowercase. If you add a @ character behind the <rule> (e.g. sg@), the fully-qualified domain name of the server appends to the login name.
   
   
3. To set up generation rules for the Internet address, use the

   sudo /opt/scalix/bin/sxconfig --set -t orniasys.name_part_<n>='<rule>' -t orniasys.domain_part_<n>='<domain>'

   command, e.g.

   sudo /opt/scalix/bin/sxconfig --set -t orniasys.name_part_1='"G S" <G.S>' -t orniasys.domain_part_1='mydomain.com'

   to set the Internet address generation rule to generate addresses in the form "First Last" <First.Last@mydomain.com>.
   
   

Create default mailnode

The mailnode is a organizational unit grouping users. For single-server systems, creating a single, default mailnode is usually sufficient. It is best to use the organization name (without any 8-bit or special characters, also underscores are not allowed) as the mailnode name. To create the initial mailnode and make it the default, use the

sudo /opt/scalix/bin/omaddmn -m <mailnode>

command, e.g.

sudo /opt/scalix/bin/omaddmn -m mydomain

Start server daemons

Before creating the first set of users, you'll have to start the server daemons. Do so using the

omrc -n

command. The -n option makes sure that the mail delivery and user sign-on services are not started because these are not usable yet at this time.

Create a default admin user

To create a default admin account, use the command

sudo /opt/scalix/bin/omaddu -n "<fullname>/<mailnode>" --class <class> -c admin -p <password> <loginname>

command, like below

sudo /opt/scalix/bin/omaddu -n "sxadmin/mydomain" --class limited -c admin -p password sxadmin

where

• sxadmin is the full name of the admin user as displayed in the address book
• mydomain is the default mailnode created in the previous step
• limited is either full or limited. Note that when the admin user is a full user, this will use one of the 10 free premium users available in the Scalix Community Edition. Although, if the admin user is a limited user, the admin user cannot be used to connect via Outlook for example.
• -c admin sets full admin capabilities for the user
• password is the users initial password
• sxadmin is the users login name

Configure the admin user

Set up the admin user as a 'postmaster' to receive system error messages:

sudo /opt/scalix/bin/omconfenu -n "sxadmin/mydomain"

. To make sure this user is excluded from system-wide inbox quota checking, use:

sudo /opt/scalix/bin/omlimit -u "sxadmin/mydomain" -o -i 0 -m 0

Create a LDAP query user

To allow the Scalix Admin Server and Admin Console to access user information through Scalix LDAP, create a system user as follows:

sudo /opt/scalix/bin/omaddu -n sxqueryadmin/<mailnode> --class limited -c admin -p <passwd> sxqueryadmin@<fqdn>

This user's password can be anything, but the username (sxqueryadmin) and the login name (sxqueryname) must match the values provided. The <fqdn> should match the FQDN of your server as returned by the hostname --fqdn command. The user can always be created as a limited user because the only server he is allowed to log in to is LDAP, that does not require a premium user account.

Create the standard Scalix admin groups

Next, create the standard Scalix admin groups for the Scalix Admin Server. The names of these groups are fixed, so you must create them as follows:

sudo /opt/scalix/bin/omaddpdl -l ScalixUserAdmins/mydomain
sudo /opt/scalix/bin/omaddpdl -l ScalixUserAttributesAdmins/mydomain
sudo /opt/scalix/bin/omaddpdl -l ScalixGroupAdmins/mydomain
sudo /opt/scalix/bin/omaddpdl -l ScalixAdmins/mydomain

Adding Standard Tweak Settings

We recommend adding the following tweak settings to /var/opt/scalix/<instance>/s/sys/general.cfg . For details on these settings, please refer to the Scalix Administration Guide.

#
# The CDA service (used for "type down" in some clients) is more
# efficient if it can check the directory change log before attempting
# to update the access tables that it uses.   One slow machines, it may
# also be worth uncommenting the CDA_CHECKTIME tweak to reduce the check
# interval from five minutes to an hour.
#
CDA_USE_CHANGE_LOG=TRUE
# CDA_CHECKTIME=60
#
# These tweaks limit the number and rate of IMAP connections to the
# server. The IMAP_CONNECTION_LIMIT simply restricts the total number of
# connections to the server. Note that many IMAP clients have several
# connections for each IMAP session. The IMAP_CONNRATE_LIMIT restricts
# the rate at which clients can connect to the server, in this case, at
# most 10 connections per second. If clients try to connect faster
# than that, the IMAP server simply slows down the rate at which it will
# accept new connections.
#
IMAP_CONNECTION_LIMIT=500
IMAP_CONNRATE_LIMIT=10
#
# The IMAP_IDLE_TIMEOUT tweak is the maximum time an IMAP connection
# will wait for a command before terminating the connection. The default
# setting, and the minimum required setting, is 30 minutes. Some
# clients "refresh" their connection once every thirty minutes
# exactly -- but if they are a little bit late, the server drops their
# connection. Setting a timeout of 31 minutes avoids this problem.
#
IMAP_IDLE_TIMEOUT=31
#
# This tweak arranges for Local Delivery to automatically create a
# message store for users created without one.
# Users added with the bulk-add mechanism used by the
# wizard do not have a message store. So setting this tweak allows
# them to receive mail before they are initially signed on.
#
LD_CREATE_MESSAGE_STORE=TRUE
#
# These three tweaks allow users to sign on using an alias. Only
# system-defined aliases are permitted and it the alias name is ignored
# for the purposes of message creation and so on.
# 
# Note that changing these settings normally requires restarting Scalix.
#
UAL_SIGNON_ALIAS=YES
UAL_SIGNON_ALIAS_CONFIG=SYS
UAL_USE_SIGNON_ALIAS=FALSE

Starting Scalix Services

As a final step, start all services now using the following command:

omon -s all