SQL Authentication Howto

NOTE: This page is a work in progress, and has not been tested. It may or may not be of any use, may contain numerous errors, and may turn your tongue a strange color. Use at your own risk.

First, install and configure MySQL (root user and password, access rules, firewall rules, etc) following the directions found on numerous web sites on the internet. This will be operating system dependent, and vary based on your needs.

Next, install Horde and IMP, following directions found elsewhere on this wiki. Specific instructions vary by operating system and your access to the system.

Then, install dovecot, following the instructions on http://wiki.dovecot.org/ and configure dovecot to use MySQL as per the directions at http://wiki.dovecot.org/AuthDatabase/SQL

Now, configure IMP:

• Backup horde/imp/config/servers.php and imp/config/conf.php
  • Edit horde/imp/config/servers.php and set 'hordeauth' => 'full' so users only need to login once (Horde passes authentication data to IMP)

Now, configure Horde:

• Backup your horde/config/conf.php file
  • Backup any relevant MySQL databases, if they have live/important data in them
  • Log in to Horde as an administrative user
  • Navigate: Administration -> Setup -> Horde, and select the Authentication tab.
  • Switch the authentication backend driver to "SQL authentication w/custom-made queries"
  • Set the phptype setting to "MySQL"
  • Set the protocol setting to "TCP/IP"
  • Leave port as the default "3306"
  • Set the hostspec to "localhost" (or to your SQL host if it is not on the same machine)
  • Set the username and password paramters to the SQL database username and password you set when creating the database
  • Set the encryption to use to store the password in the table to crypt-md5 (is this correct?)
  • Set the database field to the one defined when you configured dovecot's SQL database (in this case, we will use "users" like on the dovecot website)
  • For query_auth, enter: SELECT * FROM users WHERE userid = \L AND password = MD5(\P);
  • For query_add, enter: INSERT INTO users (domain,userid,password) VALUES ('example.org', \L, MD5(\P)); NB: Change the domain to your domain in the above query.
  • For query_update, enter: UPDATE users SET password = MD5(\P) WHERE userid = TRIM('@example.org' FROM \L) LIMIT 1; NB: Change the domain to your domain in the above query.
  • For query_remove, enter: DELETE FROM users WHERE userid = TRIM('@example.org' FROM \L) LIMIT 1;
  • For query_list, enter: SELECT * FROM users;
  • and so on for the other queries...

If you need to use multiple virtual domains, you might see the web page http://wiki.vpslink.com/HOWTO:_ISP-style_Email_Server_with_Debian-Etch_and_Postfix_2.3 which could provide much inspiration for the sql database setup.