Tribal Chicken

Security. Malware Research. Digital Forensics.

Setup of SOGo (with iRedMail)

I seem to have some kind of technological ADD, and change things up every few months. At least this time I have an excuse, my MS Exchange 2010 eval period is up soon so I’ll be using this as a chance to switch back to and Open Source email solution.

I like Exchange because it integrates easily with mobile devices, so I’ve been looking for an Open Source package that does a similar thing.

Then I found SOGo

**“SOGo** is **[fully supported]( "Opens internal link in current window")** and **[trusted]( "Opens internal link in current window")** groupware server with a focus on scalability and open standards. SOGo is released under the GNU GPL/LGPL v2 and above.
**SOGo** provides a rich AJAX-based Web interface and supports multiple native clients through the use of standard protocols such as CalDAV, CardDAV and GroupDAV.”
The brilliant thing about SOGo is it doesn’t try to be a complete proprietary package. It doesn’t come with or force you to use any kind of email infrastructure (Though it does use an LDAP and SQL solution of your choosing). This means you need to/are free to setup your own email infrastructure for SOGo to integrate into.

Since I am a little bit lazy have setup Postfix/Dovecot from scratch more times than I could poke a stick at, I decided to use iRedMail and throw SOGo over the top (Note: This is not implying that there is anything wrong with iRedMail. On the contrary, I think it’s bloody brilliant)….

“[iRedMail is] A ZERO COST, fully fledged, full-featured mail server solution. All used packages are free and open source, provided by the Linux/BSD distribution venders you trust.”
I began by configuring iRedMail as per the documentation. Setting up iRedMail is very, very simple. You just need to run the install script and follow the prompts.  I chose not to install the webmail component (Roundcube).

Once iRedMail configuration is complete, install sogo using YUM (You need to configure the SOGo repo first, see this link). You also need to install the SOPE MySQL connector and memcached

#> yum install sogo sope49-gdl1-mysql memcached

Set memcached to start on boot

#>chkconfig --levels 235 memcached on

Next is to create the MySQL Database for SOGo (Use whichever tool you prefer, I used the CLI for this):

NOTE: If this is a clean install, you probably set the MySQL root PW during the iRedMail install.

#>mysql -u root -p

mysql> CREATE DATABASE sogo;

mysql>GRANT ALL ON sogo.* TO [email protected] IDENTIFIED BY "password";



Once installed you need to actually configure SOGo. This is fairly straightforward. It uses a GNUstepDefaults file in the users home directory (usually /home/sogo/GNUstep/Defaults/.GNUstepDefaults). If the file does not exist it will be created when you issue the first config command. For example, if you issue:

#> su - sogo

$>defaults write sogod SOGoTimeZone "Australia/Perth"

It will create the file and the basic structure. There are two ways to generate the file, either using the defaults write command or by editing the file direct. You can download my .GNUstepDefaults file here, which I find works well for the basic install. Further information can be find in the SOGo documentation.

The major thing for getting SOGo to work with iRedMail is the LDAP config. Because we are using iRedMail’s schema and not the one generated for SOGo, we need to customise the SOGoUserSources parameter:

<key>SOGoUserSources</key>         <array>             <dict>                 <key>CNFieldName</key>                 <string>cn</string>                 <key>IDFieldName</key>                 <string>mail</string>                 <key>UIDFieldName</key>                 <string>uid</string>                 <key>baseDN</key>                 <string>o=domains,dc=tribalchicken,dc=net</string>                 <key>bindDN</key>                 <string>cn=Manager,dc=tribalchicken,dc=net</string>                 <key>bindFields</key>                 <string>mail</string>                 <key>bindPassword</key>                 <string>password</string>                 <key>canAuthenticate</key>                 <string>YES</string>                 <key>displayName</key>                 <string>Global Address List</string>                 <key>hostname</key>                 <string></string>                 <key>id</key>                 <string>public</string>                 <key>isAddressBook</key>                 <string>YES</string>                 <key>port</key>                 <string>389</string>                 <key>scope</key>                 <string>sub</string>             </dict>         </array>

You should restart SOGo after this.

Last thing to configure is the Apache Server. The installation should put a pre-configured include file in /etc/httpd/conf.d/SOGo.conf, but you will need to change the server name.

Open up /etc/httpd/conf.d/SOGO.d and edit the following to reflect your environment:

<Proxy> ## adjust the following to your configuration   RequestHeader set "x-webobjects-server-port" "443"   RequestHeader set "x-webobjects-server-name" ""   RequestHeader set "x-webobjects-server-url" ""

That’s it for the basic setup! Restart services (sogod, httpd) and you should be able to access your installation at http://server.blah/SOGo

And yet there’s more…

Other things I did with my installation:

  • Installed my SSL certificate: This was a simple as importing the cert and changing the config files for Apache, Postfix and Dovecot. Though exporting from IIS was interesting, might cover that in another article.
  • Added a redirect for Apache: Simply added this to the bottom of /etc/httpd/conf.d/SOGo.conf/
Redirect permanent /index.html

Big thanks to the following:



Luciano Pedron: