a453e4e768b4074e29498ba127082ecabd0557d9
[debienna.git] / LittleMailserver / index.mdwn
1 = Postfix Dovecot Pam =\r
2 \r
3 ''' master.cf '''\r
4 \r
5 # xxx.xxx.xxx.xxx = ipadresse; um den smtp server auf eine ip zu binden\r
6 {{{\r
7 xxx.xxx.xxx.xxx:smtp        inet  n       -       -       -       -       smtpd\r
8 \r
9 dovecot unix    -       n       n       -       -      pipe\r
10   flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}\r
11 }}}\r
12 \r
13 ''' virtual_domains '''\r
14 \r
15 {{{\r
16 example.net ACCEPT\r
17 domain.com  ACCEPT\r
18 }}}\r
19 \r
20 postmap /etc/postfix/virtual_domains\r
21 \r
22 \r
23 ''' main.cf '''\r
24 \r
25 {{{\r
26 myhostname = mail.example.net\r
27 myorigin = /etc/mailname\r
28 \r
29 virtual_mailbox_domains         = hash:/etc/postfix/virtual_domains\r
30 virtual_mailbox_base            = /srv/vmail\r
31 \r
32 virtual_uid_maps                = static:8\r
33 virtual_gid_maps                = static:8\r
34 \r
35 virtual_transport               = dovecot\r
36 \r
37 dovecot_destination_recipient_limit = 1\r
38 \r
39 mydestination = localhost\r
40 mynetworks = 127.0.0.0/8,\r
41 \r
42 smtpd_banner = $myhostname ESMTP Mailserver\r
43 \r
44 mailbox_size_limit = 512000000\r
45 message_size_limit = 10240000\r
46 \r
47 smtpd_sender_restrictions = reject_unknown_address\r
48 smtpd_client_restrictions = reject_invalid_hostname\r
49 \r
50 smtpd_helo_required = yes\r
51 smtpd_helo_restrictions = reject_invalid_hostname,\r
52         reject_non_fqdn_hostname,\r
53         reject_invalid_hostname,\r
54         permit\r
55 \r
56 smtpd_recipient_restrictions =\r
57         reject_invalid_hostname,\r
58         reject_non_fqdn_hostname,\r
59         reject_non_fqdn_sender,\r
60         reject_non_fqdn_recipient,\r
61         reject_unknown_sender_domain,\r
62         reject_unknown_recipient_domain,\r
63         reject_unauth_destination,\r
64         permit_mynetworks,\r
65         reject_rbl_client list.dsbl.org,\r
66         reject_rbl_client sbl-xbl.spamhaus.org,\r
67         reject_rbl_client cbl.abuseat.org,\r
68         reject_rbl_client dul.dnsbl.sorbs.net,\r
69         permit\r
70 \r
71 strict_rfc821_envelopes = yes\r
72 \r
73 home_mailbox = mails/\r
74 \r
75 #smtpd_tls_cert_file = /etc/postfix/mail.csr\r
76 #smtpd_tls_key_file = /etc/postfix/mail.key\r
77 \r
78 smtpd_use_tls = yes\r
79 smtpd_enforce_tls = no\r
80 smtpd_tls_auth_only = no\r
81 \r
82 smtpd_error_sleep_time = 1s\r
83 smtpd_soft_error_limit = 10\r
84 smtpd_hard_error_limit = 20\r
85 \r
86 # http://www.mailscanner.info\r
87 header_checks = regexp:/etc/postfix/header_checks\r
88 body_checks surf to http://www.malware.com.br\r
89 \r
90 }}}\r
91 \r
92 ''' /etc/postfix/header_checks '''\r
93 \r
94 {{{\r
95 /^Received:/ HOLD\r
96 /^X-Spam-Level: (\*){8,}/   REDIRECT sa-spam\r
97 }}}\r
98 \r
99 ''' dovecot.cf '''\r
100 {{{\r
101 base_dir = /var/run/dovecot/\r
102 #log_path = /var/log/dovecot.log\r
103 protocols = imap\r
104 ssl_disable = no\r
105 verbose_proctitle = yes\r
106 #first_valid_uid = 3000\r
107 #last_valid_uid = 3000\r
108 #first_valid_gid = 8\r
109 #last_valid_gid = 8\r
110 #valid_chroot_dirs = /var/mail\r
111 mail_location = maildir:~/Maildir\r
112 maildir_copy_with_hardlinks = yes\r
113 \r
114 #protocol imap {\r
115 #}\r
116 \r
117 auth_verbose = yes\r
118 \r
119 auth default {\r
120         socket listen {\r
121                 master {\r
122                 path = /var/run/dovecot/auth-master\r
123                 mode = 0600\r
124                 user = vmail\r
125                 }\r
126         }\r
127         mechanisms = plain login\r
128         passdb pam {\r
129         }\r
130         userdb static {\r
131           args = uid=vmail gid=vmail home=/srv/vmail/%u\r
132         }\r
133 }\r
134 \r
135 protocol lda {\r
136         postmaster_address = host@example.net\r
137 }\r
138 \r
139 }}}\r
140 ''' addmailuser.sh ''' \r
141 {{{\r
142 #!/bin/sh -x\r
143 \r
144 echo "usage: $0 <newusername>"\r
145 \r
146 mkdir /srv/vmail/$1\r
147 maildirmake /srv/vmail/$1/Maildir\r
148 chown vmail:vmail /srv/vmail/$1 -R\r
149 \r
150 htpasswd /etc/dovecot/dovecot.passwd $1\r
151 }}}\r
152 \r
153 ''' pam.d/dovecot '''\r
154 \r
155 aptitude install libpam_pwdfile\r
156 \r
157 {{{\r
158 #%PAM-1.0\r
159 \r
160 auth required pam_pwdfile.so pwdfile=/etc/dovecot/dovecot.passwd debug\r
161 \r
162 session sufficient pam_permit.so\r
163 account sufficient pam_permit.so\r
164 \r
165 #@include common-auth\r
166 #@include common-account\r
167 #@include common-session\r
168 }}}\r
169 \r
170 {{{\r
171 aptitude install policyd-weight\r
172 }}}\r
173 \r
174 [[http://rikman.mtb-news.de/archives/2005/12/13/postgrey-unter-debian-einrichten/|postgrey-unter-debian-einrichten]]\r
175 \r
176 [[http://packages.debian.org/etch/mailscanner|MailScanner Debian-package]]\r
177 \r
178 [[http://www.delodder.be/index.php/2007/10/18/mailscanner-with-postfix-on-etch/#more-86|MailScanner With Postfix on Etch]]\r
179 \r
180 [[http://www.delodder.be/index.php/2007/10/22/add-anti-virus-support-to-mailscanner/#more-88|Add Anti-Virus support to MailScanner]]\r
181 \r
182 \r
183 \r
184 Um noch den Usern zu ermöglichen ihre Mails über den Server zu relayen sollte man eine SMTP Authentifizierung benutzen. Falls die Clients statisce IPs besitzen kann man diese natürlich auch in der main.cf unter my_networks eintragen. Wie eine mögliche SMTP Auth ausehen kann findet sich unter [[LittleMailserverSMTP]]\r
185 \r
186 ----\r
187 CategoryCodeSnippets CategoryTipsAndTricks