Postfix
smtpd (smtp + daemon) = server = Postfix receives mail from a client
smtp = client = Postfix sends mail to another mailserver
Edit /etc/postfix/main.cf
queue_directory = /var/spool/postfix command_directory = /usr/sbin daemon_directory = /usr/libexec/postfix mail_owner = postfix smtpd_banner = mail.example.org myhostname = mail.example.org myorigin = example.org mydestination = mail.example.org mynetworks = 127.0.0.0/8, 10.0.0.0/8 alias_maps = hash:/etc/aliases, ldap:virtualaliases alias_database = hash:/etc/aliases virtual_mailbox_limit = 50000000000 message_size_limit = 25728640 virtual_mailbox_domains = example.org, test.example.org ** Achtung: an Cyrus anpassen ** virtual_mailbox_base = /var/vmail ** Achtung: an Cyrus anpassen ** virtual_uid_maps = static:800 ** Achtung: an Cyrus anpassen ** virtual_gid_maps = static:800 mailbox_size_limit = 50000000000 recipient_delimiter = inet_interfaces = all ** Achtung: an Cyrus anpassen ** home_mailbox = Maildir/ smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, permit # RFC standars smtpd_helo_required = yes strict_rfc821_envelopes = yes disable_vrfy_command = yes # RBL checks and restrictions smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_rbl_client combined.njabl.org, reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client zen.spamhaus.org, reject_rbl_client opm.blitzed.org, reject_rbl_client dialups.mail-abuse.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client bl.spamcop.net, reject_unauth_pipelining # Transport config [L]_destination_concurrency_limit = 1 [L]_destination_recipient_limit = 1 [VL]_destination_concurrency_limit = 1 [VL]_destination_recipient_limit = 1 virtual_transport = [L] local_transport = [L] virtual_maps = hash:/etc/postfix/virtual, ldap:virtualaliases transport_maps = hash:/etc/postfix/transport, ldap:tmap # LDAP transport source tmap_server_host = 127.0.0.1 tmap_search_base = dc=jrios,dc=com,dc=co tmap_query_filter = (|(mail=%s)(gosaMailAlternateAddress=%s)) tmap_result_attribute = gosaMailDeliveryMode tmap_cache = no tmap_bind = yes tmap_bind_dn = cn=admin,dc=example,dc=org tmap_bind_pw = IveGotASecret # GoSA main LDAP source virtualaliases_server_host = 127.0.0.1 virtualaliases_server_port = 389 virtualaliases_bind = no virtualaliases_timeout = 5 virtualaliases_search_base = dc=jrios,dc=com,dc=co virtualaliases_query_filter = (|(mail=%s)(gosaMailAlternateAddress=%s)) virtualaliases_result_attribute = gosaMailForwardingAddress,mail # SSL/TLS config smtp_use_tls = yes smtpd_use_tls = yes smtp_tls_note_starttls = yes smtpd_tls_key_file = /etc/postfix/ssl/smtpdkey.pem smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem smtpd_tls_loglevel = 1 # SASL config smtpd_sasl_auth_enable = yes smtpd_sasl_application_name = smtpd smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = broken_sasl_auth_clients = yes
Create SSL certificates for Postfix
First, make sure that file openssl.cnf is in the specified path, otherwise find it
# mkdir /etc/postfix/ssl # /usr/bin/openssl req -config /etc/pki/tls/openssl.cnf -new -x509 -nodes -out /etc/postfix/ssl/smtpd.pem \ -keyout /etc/postfix/ssl/smtpdkey.pem -pem -days 999999
Edit /etc/postfix/master.cf
Make sure that you have the following lines:
smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes submission inet n - n - - smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o smtpd_etrn_restrictions=reject
Testing
station7:/ # smtptest -u root -a root station7.example.com
S: 220 station7.example.com ESMTP Example Inc. Mailserver
C: EHLO example.com
S: 250-station7.example.com
S: 250-PIPELINING
S: 250-SIZE 30000000
S: 250-VRFY
S: 250-ETRN
S: 250 8BITMIME
Authenticated.
Security strength factor: 0
telnet station7.example.com 25 Trying 127.0.0.1... Connected to station7.example.com. Escape character is '^]'. 220 station7.example.com ESMTP Example Inc. Mailserver ehlo station7.example.com 250-station7.example.com 250-PIPELINING 250-SIZE 30000000 250-VRFY 250-ETRN 250 8BITMIME
Sending mail:
mail from: christoph.haas@example.com 250 Ok rcpt to: susann.meissner@example.com 250 Ok data 354 End data with <CR><LF>.<CR><LF> Hello Susi, this is just a test-email from station7.example.com ... Yours Christoph . 250 Ok: queued as E16F74D867 quit
← zurück