Sharing large files with the convinience of email

In today’s world email became preferred way of communication in public and private sectors. With the progress and ever increased popularity of multimedia content on the network average email size increased. Many organization face the dilemma of keeping up to date their software and hardware to meet this ever changing requirements. I this article I would be focusing on mid- to large business organizations that have their own email private infrastructure. How to share large files with the convenience factor of email when your current email infrastructure can’t support it.

Facing reality

Classical problem that many organizations face: your users need to share large files with the clients and the only way is email. One option is to increase email size limits but it doesn’t mean that recipients email server will be accepting large files. For example, in my organization we have aging and now discontinued Microsoft Exchange Server 2000 Standard Edition. For those unfamiliar with this product: it has database storage limit of 16GB. We have approximately 175 mailboxes and thus keeping user’s mailbox as small as possible is one of the essentials. We implemented a 5mb limit for all incoming and outgoing emails, which is craziness if you ask me. In 21st century, where business is populated with multimedia and large files this can bring everything to a stillness.

Solution

There are a lot of ways you can share files: ftp, web-based file upload but neither one can match convince and simplicity of email. On the internet there are services such as Yousendit that allow someone share large files with the “convenience of email. This means that users will have to upload private and sensitive  data to “external” servers. Many organization, just like mine, wouldn’t allow this. The only way is to have similar in-house solution that can be monitored and kept secure. ZendTo is one of the products that does it all and more.

ZendTo

This is a web-based package that will let you provide a secure and easy method for your users to be able to exchange files with other people, even with external members that do not have any login rights at your organization. Unlike other commercial services, you do not have to trust your files or login rights to any other services; you keep system in-house. It will integrate with any Active Directory, LDAP or IMAP system you already have in place. Best of all it is Open Source and free.

Installation

This example will be based on Ubuntu Server 10.04 LTS, ZendTo 3.63 and current setup in my organization. The following software will be used:

1. Apache 2.2.17
2. MySQL 5.5
3. ClamAV 0.96
4. PHP 5.2.6
5. phpMyAdmin 3.3.9.2
6. Postfix 2.8

I am not covering installation of basic Ubuntu server, there are plenty of articles and manuals describing it. Assuming that you have instance of Ubuntu server running. We will be using Active Directory as means for our users to authenticate. i will be using the following in my examples:

• ZendTo server ip address: 192.168.1.4
• ZendTo server’s FQDN: zendto.gptnet.net
• Domain controlers: dc1.gptnet.ltd, dc2.gptnet.ltd
• install directory /home/zendto (create if you don’t have it)
• dropoffs directory /data (in my case on the separate harddrive)
• postfix relays email to our gateway (emailgate.gptnet.ltd)

Lets start by installing postfix, clamav and rrdtool

apt-get install postfix, postfix-doc

Select “Internet site” and enter your system mail name (zendto.gptnet.net in my case).

Edit /etc/postfix/main.cf to work with your email infrastructure. In my case all email will be relayed to our email gateway. Config file:

myhostname = zendto.gptnet.ltd
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = zendto.gptnet.ltd
mydestination =
relayhost = emailgate.gptnet.ltd
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
local_transport = errot:No local mail delivery
smtpd_helo_required = yes
virtual_alias_maps = hash:/etc/postfix/virtual

Secondly we need to install apache and php components:

apt-get install apache2, php5, libapache2-mod-php5, php5-ldap, php5-cli

verify that apache working is with php by creating inside /var/www  test.php file with the following content:

<?php phpinfo(); ?>

and the going to http://zendto.gptnet.net/test.php and you should see output.

Next step is to install MySQL:

apt-get install mysql-server, mysql-client

Please take note of the root password.

More installation:

apt-get install clamav, clamav-daemon, rrdtool

now lets get ZendTo

cd /tmp
wget http://www.zend.to/files/ZendTo-3.63-1.tgz
tar xvfz ZendTo-3.65-1.tgz
mv -R ZendTo-3.65-1 /home/zendto

install php admin for SQL management and backup

wget http://downloads.sourceforge.net/project/phpmyadmin/phpMyAdmin/3.3.9.2/phpMyAdmin-3.3.9.2-all-languages.tar.gz
tar xvfz phpMyAdmin-3.3.9.2*
mv -r phpMyAdmin-3.3.9.2 /var/www/sqlmgr

now lets configure apache: we will be having 2 websites running, one hosting phpmyadmin and another ZendTo application. To secure phpmyadmin we will be running this website on non-standard port (port 777 in my case).

cd /etc/apache2/sites-available

cp default zendto

edit default website to listen to port 777 by editing the following line: <VirtualHost *:777>

vi /etc/apache2/sites-available/default

make apache listen to port 777 by adding the following 2 lines in /etc/apache/hosts.conf

NameVirtualHost *:777

Listen 777

edit zendto website to point to a different folder

vi /etc/apache2/site-available/zendto

and change line 4 to look like this:

DocumentRoot: /home/zendto/www

Next we need to fix php.ini settings. Edit the following file: /etc/php5/apache2/php.ini

# error_reporting = E_ALL & ~E_DEPRECATED & ~E_NOTICE
# allow_call_time_pass_reference = On
# max_execution_time = 7200
# max_input_time = 7200
# memory_limit = 300M
# error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED
# display_errors = On
# post_max_size = 2000M
# upload_max_filesize = 2GB

Finally you need to enable zendto website and restart apache to implement the changes:

a2ensite zendto
service apache2 restart

Now Log into phpMyadmin and create user and database (please note these values). Then execute file /home/zendto/sql/zendto.mysql to create MySQL tables.

Now we need to register website for reCAPTCHA service. Its free all you need is google account. You can do that by following this link:

https://admin.recaptcha.net/recaptcha/createsite/

Now you need to edit the following lines in /home/zendto/config/preferences.php

define(‘NSSDROPBOX_BASE_DIR’,’/home/zendto/’);
define(‘NSSDROPBOX_LIB_DIR’,’/home/zendto/lib/’);
define(‘NSSDROPBOX_DATA_DIR’,’/data/zendto/’);
define(‘SqlBackend’, ‘MySQL’);
‘MySQLhost’ => ‘localhost’,
‘MySQLuser’ => ‘yourvalue’,
‘MySQLpassword’ => ‘yourvalue’,
‘MySQLdb’ => ‘yourvalue’,
‘maxBytesForDropoff’ => 2147483647,
‘maxBytesForFile’ => 2147483647,
‘recaptchaPublicKey’ => ‘yourownvalue’,
‘recaptchaPrivateKey’ => ‘yourownvalue’,
‘authenticator’ => ‘AD’,
‘authLDAPAdmins’ => array(‘itboss’),
‘authLDAPBaseDN1’ => ‘DC=gptnet,DC=ltd’,
‘authLDAPServers1’ => array(‘dc1.gptnet.ltd’,’dc2.gptnet.ltd’),
‘authLDAPAccountSuffix1’ => ‘@gptnet.ltd’,
‘authLDAPUseSSL1’ => false,
‘authLDAPBindUser1’ => ‘bind@gptnet.ltd’,
‘authLDAPBindPass1’ => ‘STRONGPAssword’,
‘defaultEmailDomain’ => ‘gptnet.net’
’emailDomainRegexp’ => ‘/gptnet/’,
‘cookieName’ => ‘yourvalue’,
‘cookieSecret’ => ‘yourvalue’,

Now lets update permissions and create dropoff folders:

chown -R www-data /home/zendto
chgrp -R www-data /home/zendto
chmod -R 755 www-data /home/zendto
mkdir /data/zendto
mkdir /data/zendto/dropoffs
chown -R www-data /data/zendto
chgrp -R www-data /data/zendto
chmod -R 777 /data/zendto

That’s all. Now you can fully access it from your browser by hitting http://zendto.gptnet.net

Please note that your ZendTo web server needs to have access to google.com in order for reCAPTCHA to work. Please configure your firewall accordingly.