# Postfix Dovecot Pam ** master.cf ** # xxx.xxx.xxx.xxx = ipadresse; um den smtp server auf eine ip zu binden [[!format txt """ xxx.xxx.xxx.xxx:smtp inet n - - - - smtpd dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} """]] ** virtual_domains ** [[!format txt """ example.net ACCEPT domain.com ACCEPT """]] postmap /etc/postfix/virtual_domains ** main.cf ** [[!format txt """ myhostname = mail.example.net myorigin = /etc/mailname virtual_mailbox_domains = hash:/etc/postfix/virtual_domains virtual_mailbox_base = /srv/vmail virtual_uid_maps = static:8 virtual_gid_maps = static:8 virtual_transport = dovecot dovecot_destination_recipient_limit = 1 mydestination = localhost mynetworks = 127.0.0.0/8, smtpd_banner = $myhostname ESMTP Mailserver mailbox_size_limit = 512000000 message_size_limit = 10240000 smtpd_sender_restrictions = reject_unknown_address smtpd_client_restrictions = reject_invalid_hostname smtpd_helo_required = yes smtpd_helo_restrictions = reject_invalid_hostname, reject_non_fqdn_hostname, reject_invalid_hostname, permit smtpd_recipient_restrictions = reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_destination, permit_mynetworks, reject_rbl_client list.dsbl.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client dul.dnsbl.sorbs.net, permit strict_rfc821_envelopes = yes home_mailbox = mails/ #smtpd_tls_cert_file = /etc/postfix/mail.csr #smtpd_tls_key_file = /etc/postfix/mail.key smtpd_use_tls = yes smtpd_enforce_tls = no smtpd_tls_auth_only = no smtpd_error_sleep_time = 1s smtpd_soft_error_limit = 10 smtpd_hard_error_limit = 20 # http://www.mailscanner.info header_checks = regexp:/etc/postfix/header_checks body_checks surf to http://www.malware.com.br """]] ** /etc/postfix/header_checks ** [[!format txt """ /^Received:/ HOLD /^X-Spam-Level: (\*){8,}/ REDIRECT sa-spam """]] ** dovecot.cf ** [[!format txt """ base_dir = /var/run/dovecot/ #log_path = /var/log/dovecot.log protocols = imap ssl_disable = no verbose_proctitle = yes #first_valid_uid = 3000 #last_valid_uid = 3000 #first_valid_gid = 8 #last_valid_gid = 8 #valid_chroot_dirs = /var/mail mail_location = maildir:~/Maildir maildir_copy_with_hardlinks = yes #protocol imap { #} auth_verbose = yes auth default { socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = vmail } } mechanisms = plain login passdb pam { } userdb static { args = uid=vmail gid=vmail home=/srv/vmail/%u } } protocol lda { postmaster_address = host@example.net } """]] ** addmailuser.sh ** [[!format txt """ #!/bin/sh -x echo "usage: $0 " mkdir /srv/vmail/$1 maildirmake /srv/vmail/$1/Maildir chown vmail:vmail /srv/vmail/$1 -R htpasswd /etc/dovecot/dovecot.passwd $1 """]] ** pam.d/dovecot ** aptitude install libpam_pwdfile [[!format txt """ #%PAM-1.0 auth required pam_pwdfile.so pwdfile=/etc/dovecot/dovecot.passwd debug session sufficient pam_permit.so account sufficient pam_permit.so #@include common-auth #@include common-account #@include common-session """]] [[!format txt """ aptitude install policyd-weight """]] [[postgrey-unter-debian-einrichten|http://rikman.mtb-news.de/archives/2005/12/13/postgrey-unter-debian-einrichten/]] [[MailScanner Debian-package|http://packages.debian.org/etch/mailscanner]] [[MailScanner With Postfix on Etch|http://www.delodder.be/index.php/2007/10/18/mailscanner-with-postfix-on-etch/#more-86]] [[Add Anti-Virus support to MailScanner|http://www.delodder.be/index.php/2007/10/22/add-anti-virus-support-to-mailscanner/#more-88]] Um noch den Usern zu ermöglichen ihre Mails über den Server zu relayen sollte man eine SMTP Authentifizierung benutzen. Falls die Clients statisce IPs besitzen kann man diese natürlich auch in der main.cf unter my_networks eintragen. Wie eine mögliche SMTP Auth ausehen kann findet sich unter [[LittleMailserverSMTP|LittleMailserverSMTP]] --- [[CategoryCodeSnippets|CategoryCodeSnippets]] [[CategoryTipsAndTricks|CategoryTipsAndTricks]]