conerted moin to mdwn format
[debienna.git] / LittleMailserver / index.mdwn
1
2
3 # Postfix Dovecot Pam
4
5 ** master.cf ** 
6
7 # xxx.xxx.xxx.xxx = ipadresse; um den smtp server auf eine ip zu binden 
8 [[!format txt """
9 xxx.xxx.xxx.xxx:smtp        inet  n       -       -       -       -       smtpd
10
11 dovecot unix    -       n       n       -       -      pipe
12   flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}
13 """]]
14 ** virtual_domains ** 
15
16
17 [[!format txt """
18 example.net ACCEPT
19 domain.com  ACCEPT
20 """]]
21 postmap /etc/postfix/virtual_domains 
22
23 ** main.cf ** 
24
25
26 [[!format txt """
27 myhostname = mail.example.net
28 myorigin = /etc/mailname
29
30 virtual_mailbox_domains         = hash:/etc/postfix/virtual_domains
31 virtual_mailbox_base            = /srv/vmail
32
33 virtual_uid_maps                = static:8
34 virtual_gid_maps                = static:8
35
36 virtual_transport               = dovecot
37
38 dovecot_destination_recipient_limit = 1
39
40 mydestination = localhost
41 mynetworks = 127.0.0.0/8,
42
43 smtpd_banner = $myhostname ESMTP Mailserver
44
45 mailbox_size_limit = 512000000
46 message_size_limit = 10240000
47
48 smtpd_sender_restrictions = reject_unknown_address
49 smtpd_client_restrictions = reject_invalid_hostname
50
51 smtpd_helo_required = yes
52 smtpd_helo_restrictions = reject_invalid_hostname,
53         reject_non_fqdn_hostname,
54         reject_invalid_hostname,
55         permit
56
57 smtpd_recipient_restrictions =
58         reject_invalid_hostname,
59         reject_non_fqdn_hostname,
60         reject_non_fqdn_sender,
61         reject_non_fqdn_recipient,
62         reject_unknown_sender_domain,
63         reject_unknown_recipient_domain,
64         reject_unauth_destination,
65         permit_mynetworks,
66         reject_rbl_client list.dsbl.org,
67         reject_rbl_client sbl-xbl.spamhaus.org,
68         reject_rbl_client cbl.abuseat.org,
69         reject_rbl_client dul.dnsbl.sorbs.net,
70         permit
71
72 strict_rfc821_envelopes = yes
73
74 home_mailbox = mails/
75
76 #smtpd_tls_cert_file = /etc/postfix/mail.csr
77 #smtpd_tls_key_file = /etc/postfix/mail.key
78
79 smtpd_use_tls = yes
80 smtpd_enforce_tls = no
81 smtpd_tls_auth_only = no
82
83 smtpd_error_sleep_time = 1s
84 smtpd_soft_error_limit = 10
85 smtpd_hard_error_limit = 20
86
87 # http://www.mailscanner.info
88 header_checks = regexp:/etc/postfix/header_checks
89 body_checks surf to http://www.malware.com.br
90
91 """]]
92 ** /etc/postfix/header_checks ** 
93
94
95 [[!format txt """
96 /^Received:/ HOLD
97 /^X-Spam-Level: (\*){8,}/   REDIRECT sa-spam
98 """]]
99 ** dovecot.cf ** 
100 [[!format txt """
101 base_dir = /var/run/dovecot/
102 #log_path = /var/log/dovecot.log
103 protocols = imap
104 ssl_disable = no
105 verbose_proctitle = yes
106 #first_valid_uid = 3000
107 #last_valid_uid = 3000
108 #first_valid_gid = 8
109 #last_valid_gid = 8
110 #valid_chroot_dirs = /var/mail
111 mail_location = maildir:~/Maildir
112 maildir_copy_with_hardlinks = yes
113
114 #protocol imap {
115 #}
116
117 auth_verbose = yes
118
119 auth default {
120         socket listen {
121                 master {
122                 path = /var/run/dovecot/auth-master
123                 mode = 0600
124                 user = vmail
125                 }
126         }
127         mechanisms = plain login
128         passdb pam {
129         }
130         userdb static {
131           args = uid=vmail gid=vmail home=/srv/vmail/%u
132         }
133 }
134
135 protocol lda {
136         postmaster_address = host@example.net
137 }
138
139 """]]
140 ** addmailuser.sh **  
141 [[!format txt """
142 #!/bin/sh -x
143
144 echo "usage: $0 <newusername>"
145
146 mkdir /srv/vmail/$1
147 maildirmake /srv/vmail/$1/Maildir
148 chown vmail:vmail /srv/vmail/$1 -R
149
150 htpasswd /etc/dovecot/dovecot.passwd $1
151 """]]
152 ** pam.d/dovecot ** 
153
154 aptitude install libpam_pwdfile 
155
156
157 [[!format txt """
158 #%PAM-1.0
159
160 auth required pam_pwdfile.so pwdfile=/etc/dovecot/dovecot.passwd debug
161
162 session sufficient pam_permit.so
163 account sufficient pam_permit.so
164
165 #@include common-auth
166 #@include common-account
167 #@include common-session
168 """]]
169
170 [[!format txt """
171 aptitude install policyd-weight
172 """]]
173 [[postgrey-unter-debian-einrichten|http://rikman.mtb-news.de/archives/2005/12/13/postgrey-unter-debian-einrichten/]] 
174
175 [[MailScanner Debian-package|http://packages.debian.org/etch/mailscanner]] 
176
177 [[MailScanner With Postfix on Etch|http://www.delodder.be/index.php/2007/10/18/mailscanner-with-postfix-on-etch/#more-86]] 
178
179 [[Add Anti-Virus support to MailScanner|http://www.delodder.be/index.php/2007/10/22/add-anti-virus-support-to-mailscanner/#more-88]] 
180
181 Um noch den Usern zu ermöglichen ihre Mails über den Server zu relayen sollte man eine SMTP Authentifizierung benutzen. Falls die Clients statisce IPs besitzen kann man diese natürlich auch in der main.cf unter my_networks eintragen. Wie eine mögliche SMTP Auth ausehen kann findet sich unter [[LittleMailserverSMTP|LittleMailserverSMTP]] 
182
183
184
185 ---
186
187  [[CategoryCodeSnippets|CategoryCodeSnippets]] [[CategoryTipsAndTricks|CategoryTipsAndTricks]]