LittleMailserver/index.mdwn

   1 = Postfix Dovecot Pam =
   2
   3 ''' master.cf '''
   4
   5 # xxx.xxx.xxx.xxx = ipadresse; um den smtp server auf eine ip zu binden
   6 {{{
   7 xxx.xxx.xxx.xxx:smtp        inet  n       -       -       -       -       smtpd
   8
   9 dovecot unix    -       n       n       -       -      pipe
  10   flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}
  11 }}}
  12
  13 ''' virtual_domains '''
  14
  15 {{{
  16 example.net ACCEPT
  17 domain.com  ACCEPT
  18 }}}
  19
  20 postmap /etc/postfix/virtual_domains
  21
  22
  23 ''' main.cf '''
  24
  25 {{{
  26 myhostname = mail.example.net
  27 myorigin = /etc/mailname
  28
  29 virtual_mailbox_domains         = hash:/etc/postfix/virtual_domains
  30 virtual_mailbox_base            = /srv/vmail
  31
  32 virtual_uid_maps                = static:8
  33 virtual_gid_maps                = static:8
  34
  35 virtual_transport               = dovecot
  36
  37 dovecot_destination_recipient_limit = 1
  38
  39 mydestination = localhost
  40 mynetworks = 127.0.0.0/8,
  41
  42 smtpd_banner = $myhostname ESMTP Mailserver
  43
  44 mailbox_size_limit = 512000000
  45 message_size_limit = 10240000
  46
  47 smtpd_sender_restrictions = reject_unknown_address
  48 smtpd_client_restrictions = reject_invalid_hostname
  49
  50 smtpd_helo_required = yes
  51 smtpd_helo_restrictions = reject_invalid_hostname,
  52         reject_non_fqdn_hostname,
  53         reject_invalid_hostname,
  54         permit
  55
  56 smtpd_recipient_restrictions =
  57         reject_invalid_hostname,
  58         reject_non_fqdn_hostname,
  59         reject_non_fqdn_sender,
  60         reject_non_fqdn_recipient,
  61         reject_unknown_sender_domain,
  62         reject_unknown_recipient_domain,
  63         reject_unauth_destination,
  64         permit_mynetworks,
  65         reject_rbl_client list.dsbl.org,
  66         reject_rbl_client sbl-xbl.spamhaus.org,
  67         reject_rbl_client cbl.abuseat.org,
  68         reject_rbl_client dul.dnsbl.sorbs.net,
  69         permit
  70
  71 strict_rfc821_envelopes = yes
  72
  73 home_mailbox = mails/
  74
  75 #smtpd_tls_cert_file = /etc/postfix/mail.csr
  76 #smtpd_tls_key_file = /etc/postfix/mail.key
  77
  78 smtpd_use_tls = yes
  79 smtpd_enforce_tls = no
  80 smtpd_tls_auth_only = no
  81
  82 smtpd_error_sleep_time = 1s
  83 smtpd_soft_error_limit = 10
  84 smtpd_hard_error_limit = 20
  85
  86 # http://www.mailscanner.info
  87 header_checks = regexp:/etc/postfix/header_checks
  88 body_checks surf to http://www.malware.com.br
  89
  90 }}}
  91
  92 ''' /etc/postfix/header_checks '''
  93
  94 {{{
  95 /^Received:/ HOLD
  96 /^X-Spam-Level: (\*){8,}/   REDIRECT sa-spam
  97 }}}
  98
  99 ''' dovecot.cf '''
 100 {{{
 101 base_dir = /var/run/dovecot/
 102 #log_path = /var/log/dovecot.log
 103 protocols = imap
 104 ssl_disable = no
 105 verbose_proctitle = yes
 106 #first_valid_uid = 3000
 107 #last_valid_uid = 3000
 108 #first_valid_gid = 8
 109 #last_valid_gid = 8
 110 #valid_chroot_dirs = /var/mail
 111 mail_location = maildir:~/Maildir
 112 maildir_copy_with_hardlinks = yes
 113
 114 #protocol imap {
 115 #}
 116
 117 auth_verbose = yes
 118
 119 auth default {
 120         socket listen {
 121                 master {
 122                 path = /var/run/dovecot/auth-master
 123                 mode = 0600
 124                 user = vmail
 125                 }
 126         }
 127         mechanisms = plain login
 128         passdb pam {
 129         }
 130         userdb static {
 131           args = uid=vmail gid=vmail home=/srv/vmail/%u
 132         }
 133 }
 134
 135 protocol lda {
 136         postmaster_address = host@example.net
 137 }
 138
 139 }}}
 140 ''' addmailuser.sh '''
 141 {{{
 142 #!/bin/sh -x
 143
 144 echo "usage: $0 <newusername>"
 145
 146 mkdir /srv/vmail/$1
 147 maildirmake /srv/vmail/$1/Maildir
 148 chown vmail:vmail /srv/vmail/$1 -R
 149
 150 htpasswd /etc/dovecot/dovecot.passwd $1
 151 }}}
 152
 153 ''' pam.d/dovecot '''
 154
 155 aptitude install libpam_pwdfile
 156
 157 {{{
 158 #%PAM-1.0
 159
 160 auth required pam_pwdfile.so pwdfile=/etc/dovecot/dovecot.passwd debug
 161
 162 session sufficient pam_permit.so
 163 account sufficient pam_permit.so
 164
 165 #@include common-auth
 166 #@include common-account
 167 #@include common-session
 168 }}}
 169
 170 {{{
 171 aptitude install policyd-weight
 172 }}}
 173
 174 [[http://rikman.mtb-news.de/archives/2005/12/13/postgrey-unter-debian-einrichten/|postgrey-unter-debian-einrichten]]
 175
 176 [[http://packages.debian.org/etch/mailscanner|MailScanner Debian-package]]
 177
 178 [[http://www.delodder.be/index.php/2007/10/18/mailscanner-with-postfix-on-etch/#more-86|MailScanner With Postfix on Etch]]
 179
 180 [[http://www.delodder.be/index.php/2007/10/22/add-anti-virus-support-to-mailscanner/#more-88|Add Anti-Virus support to MailScanner]]
 181
 182
 183
 184 Um noch den Usern zu ermöglichen ihre Mails über den Server zu relayen sollte man eine SMTP Authentifizierung benutzen. Falls die Clients statisce IPs besitzen kann man diese natürlich auch in der main.cf unter my_networks eintragen. Wie eine mögliche SMTP Auth ausehen kann findet sich unter [[LittleMailserverSMTP]]
 185
 186 ----
 187 CategoryCodeSnippets CategoryTipsAndTricks