====== Separate Web and Email server with ispCP ======
Please note that this describes the run through I did, changes may need to be made. (Packages may also need to be added as extra functionality is added to ISPCP).

Firstly I have built 2 identical servers in VMWare, all have 512MB RAM, 40GB Harddisks and have a fresh install of Debian Etch from the Netinst CD. The servers have an internet connection during the build.

The partitions are set up as follows though you can alter these to suit:

100MB - /boot \\
2GB - / \\
768MB – SWAP \\
768MB – SWAP \\
2GB - /tmp \\
1GB - /var/log \\

Remainder - /var
At package selection I de-selected all options.

The servers are called:

1) web.testdom.co.uk
2) email.testdom.co.uk

Web has the IP address of 192.168.1.1
Email has the IP address of 192.168.1.2

As this is a test run, this guide is a “quick and dirty” way to test the concept. Please feel free to offer feedback or edit this document.

Once all servers have Debian installed, login as root and type:
apt-get install ssh

This will allow us to ssh into the servers and this will allow an easier install. (i.e. you can copy and paste).

Once ssh is installed, exit and ssh into the 3 servers.

Add the following lines to /etc/apt/sources on all 3 servers.

<code>
deb http://ftp.de.debian.org/debian/ stable main contrib non-free
deb http://security.debian.org/ stable/updates main contrib non-free
</code>

Run the following on all 3 servers.

<code>
apt-get update && apt-get upgrade
</code>

(If the kernel updates be sure to reboot before continuing).

Run the following on the web server:
<code>
apt-get install apache2 apache2-mpm-worker apache2.2-common apache2-utils bind9 bzip2 diff dnsutils gcc gzip iptables libapache2-mod-fastcgi libberkeleydb-perl libc6-dev libcrypt-blowfish-perl libcrypt-cbc-perl libcrypt-passwdmd5-perl libdate-calc-perl libdate-manip-perl libdbd-mysql-perl libdbi-perl libio-stringy-perl libmail-sendmail-perl libmailtools-perl libmcrypt4 libmd5-perl libmime-perl libnet-dns-perl libnet-netmask-perl libnet-perl libnet-smtp-server-perl libperl5.8 libsasl2 libsasl2-modules libsnmp-session-perl libterm-readkey-perl libterm-readpassword-perl libtimedate-perl libmysqlclient15off make mysql-client original-awk patch perl perl-base perl-modules php4 php4-cgi php4-gd php4-mcrypt php4-mysql php4-pear php5-cgi php5-gd php5-imap php5-mcrypt php5-mhash php5-mysql proftpd-mysql rkhunter sasl2-bin ssh tar wget bash libnet-libidn-perl nfs-common postfix courier-base rkhunter mysql-common mysql-server
</code>

Run the following on the mail server:
<code>
apt-get install bind9 bzip2 courier-authdaemon courier-base courier-imap courier-maildrop courier-pop diff dnsutils gcc postgrey gzip iptables libberkeleydb-perl libc6-dev libcrypt-blowfish-perl libcrypt-cbc-perl libcrypt-passwdmd5-perl libdate-calc-perl libdate-manip-perl libdbd-mysql-perl libdbi-perl libio-stringy-perl libmail-sendmail-perl libmailtools-perl libmcrypt4 libmd5-perl libmime-perl libnet-dns-perl libnet-netmask-perl libnet-perl libnet-smtp-server-perl libperl5.10 libsasl2-2 libsasl2-modules libsnmp-session-perl libterm-readkey-perl libterm-readpassword-perl libtimedate-perl libmysqlclient15off make original-awk patch perl perl-base perl-modules postfix postfix-tls postgrey procmail rkhunter sasl2-bin ssh tar wget bash libnet-libidn-perl nfs-common nfs-kernel-server
</code>
==== Firstly we focus on the Mail Server ====
 
Edit
<code>
/etc/exports
</code>

Add lines:
<code>
/etc/courier 192.168.1.1(rw,no_root_squash)
/etc/postfix 192.168.1.1(rw,no_root_squash)
/var/mail 192.168.1.1(rw,no_root_squash)
</code>


Edit:
<code>
/etc/hosts.allow
</code>

Add lines:
<code>
portmap: 192.168.1.1
lockd: 192.168.1.1
rquotad: 192.168.1.1
mountd: 192.168.1.1
statd: 192.168.1.1
</code>

Edit:
<code>
/etc/hosts.deny
</code>

Add lines:
<code>
portmap:ALL
lockd:ALL
mountd:ALL
rquotad:ALL
statd:ALL
</code>

Run:
<code>
/etc/init.d/portmap restart
/etc/init.d/nfs-common restart
/etc/init.d/nfs-kernel-server restart
</code>

(Expect some errors in ref to subtree_check)


====  Now we focus on the web server ====


Edit: 
<code>
/etc/fstab
</code>

Add lines:
<code>
192.168.1.2:/var/mail /var/mail nfs rw 0 0
192.168.1.2:/etc/courier /etc/courier nfs rw 0 0
192.168.1.2:/etc/postfix /etc/postfix nfs rw 0 0
</code>

Run:
<code>
mount -a
</code>

Download ispCP.

Enter the directory with the ISPCP files and

<code>
make install
cp -Rv /tmp/ispcp/* /
cd /var/www/ispcp/engine/setup
mysqladmin -u root password WHATEVERYOUWANTTHEPASSWORDTOBE
perl ispcp-setup


Enter the required details, note that when asked.
</code>

==== Now we need to reconfigure Squirrelmail ====


Edit:
<code>
/var/www/ispcp/gui/tools/webmail/config/config.php
</code>

Locate line:
<code>
$smtpServerAddress = 'localhost';
Replace localhost with mail server ip
</code>

Locate line:
<code>
$imapServerAddress = 'localhost';
Replace localhost with mail server ip
</code>


Back on the mail server.

Edit:
<code>
/etc/postfix/main.cf
</code>

Change entries myhostname and mydomain to show email server name

Run:
<code>
/etc/init.d/postfix restart
</code>

Job done. The end.

When rebooting/powering on the servers, make sure the mail server comes up first before powering up the web server.

Useful bits that could do with adding:
DNS/Bind Sync between web and email server
A way of combining the traffic usage of both servers to be reported in ISPCP Control panel.