|
Guides All Guides and HOWTO's. |
|
Thread Tools | Display Modes |
|
|||
Postfix, Dovecot, spamassassin, mysql and maildrop
Hi,
I while back I created a small how-to that I used to setup a mail server at work, I have also used the same how-to on my own server. This how-to will show you in a few quick step how to setup a Postfix mail server using Dovecot for imap and pop3, clamav and spamassassin to combat viruses and spam and maildrop for delivering the mail to your users. I will assume that you have MySQL, Apache and PHP already installed and working and that you have updated your ports tree. First we will install Dovecot Code:
# cd /usr/ports/mail/dovecot; make install clean Add dovecot to your rc.conf file so that it start automatically when you boot the system Code:
# vim /etc/rc.conf dovecot_enable="YES" Code:
# cd /usr/local/etc/ # cp dovecot-example.conf dovecot.conf # cp dovecot-sql-example.conf dovecot-sql.conf Edit /usr/local/share/dovecot/dovecot-openssl.cnf Code:
# vim /usr/local/share/dovecot/dovecot-openssl.cnf [ req ] default_bits = 1024 encrypt_key = yes distinguished_name = req_dn x509_extensions = cert_type prompt = no [ req_dn ] ## country (2 letter code) C=DE ## State or Province Name (full name) ST= ## Locality Name (eg. city) L=Berlin ## Organization (eg. company) O=Example ## Organizational Unit Name (eg. section) OU=IMAP server ## Common Name (*.example.com is also possible) ## NOTE: must be a FQDN CN=imap.example.com ## E-mail contact emailAddress=postmaster@example.com [ cert_type ] nsCertType = server Code:
# mkdir /etc/ssl/certs /etc/ssl/private Code:
# /usr/local/share/dovecot/mkcert.sh Edit the following file Code:
# vim /usr/local/etc/dovecot.conf base_dir = /var/run/dovecot/ protocols = imap imaps pop3 pop3s listen = * disable_plaintext_auth = no shutdown_clients = yes ssl_disable = no ssl_cert_file = /etc/ssl/certs/dovecot.pem ssl_key_file = /etc/ssl/private/dovecot.pem login_greeting = Imap server ready. mail_location = maildir:/usr/local/virtual/%d/%n mail_extra_groups = mail verbose_proctitle = yes ## This is the same uid and gid as postfix first_valid_uid = 125 first_valid_gid = 125 protocol imap { mail_plugins = quota imap_quota imap_client_workarounds = delay-newmail outlook-idle netscape-eoh tb-extra-mailbox-sep } protocol pop3 { pop3_uidl_format = %08Xu%08Xv mail_plugins = quota pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } protocol lda { postmaster_address = postmaster@example.com sendmail_path = /usr/sbin/sendmail } auth default { mechanisms = plain login passdb sql { args = /usr/local/etc/dovecot-sql.conf } userdb sql { args = /usr/local/etc/dovecot-sql.conf } user = root socket listen { client { path = /var/spool/postfix/private/auth user = postfix group = postfix mode = 0660 } } } dict { } plugin { } Code:
# vim /usr/local/etc/dovecot-sql.conf driver = mysql connect = host=localhost dbname=postfix user=postfix password=ch@ngeMe default_pass_scheme = MD5 password_query = SELECT password FROM mailbox WHERE username = '%u' user_query = SELECT maildir, 125 AS uid, 125 AS gid, CONCAT('dirsize:storage=', ROUND( mailbox.quota / 1024 ) ) AS quota FROM mailbox WHERE username = '%u' AND active = '1' Thats all you have to do to get Dovecot up and running Next install Postfix Code:
# cd /usr/ports/mail/postfix; make install clean After the Postfix application is finished building and preparing to be finished installing, it will prompt you with a question similar to: Would you like to activate Postfix in /etc/mail/mailer.conf [n]? Press "y" and then continue with the install Stop sendmail and add Postfix to your rc.conf file so that it start automatically when you boot the system Code:
# vim /etc/rc.conf sendmail_enable="NO" sendmail_submit_enable="NO" sendmail_outbound_enable="NO" sendmail_msp_queue_enable="NO" postfix_enable="YES" Code:
# vim /etc/periodic.conf daily_clean_hoststat_enable="NO" daily_status_mail_rejects_enable="NO" daily_status_include_submit_mailq="NO" daily_submit_queuerun="NO" Code:
# ldd /usr/local/libexec/postfix/smtpd /usr/local/libexec/postfix/smtpd: libpcre.so.0 => /usr/local/lib/libpcre.so.0 (0x280c3000) libssl.so.4 => /usr/lib/libssl.so.4 (0x280e9000) libcrypto.so.4 => /lib/libcrypto.so.4 (0x28117000) libdb41.so.1 => /usr/local/lib/libdb41.so.1 (0x2820a000) libmysqlclient.so.15 => /usr/local/lib/mysql/libmysqlclient.so.15 (0x282a7000) libz.so.3 => /lib/libz.so.3 (0x28302000) libcrypt.so.3 => /lib/libcrypt.so.3 (0x28313000) libm.so.4 => /lib/libm.so.4 (0x2832b000) libc.so.6 => /lib/libc.so.6 (0x28341000) Code:
# mkdir /usr/local/etc/postfix/ssl # cd /usr/local/etc/postfix/ssl # openssl req -new -x509 -nodes -out smtpd.pem -keyout smtpd.pem -days 3650 # chmod 750 /usr/local/etc/postfix/ssl # chmod 640 /usr/local/etc/postfix/ssl/smtpd.pem # chgrp -R postfix /usr/local/etc/postfix/ssl Code:
# vim /usr/local/etc/postfix/main.cf ## SASL CONFIG broken_sasl_auth_clients = yes smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname, reject_rbl_client list.dsbl.org, reject_rbl_client bl.spamcop.net, reject_rbl_client sbl-xbl.spamhaus.org smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sasl_path = /var/spool/postfix/private/auth ## TLS CONFIG ## smtp_use_tls = yes smtpd_use_tls = yes smtp_tls_note_starttls_offer = yes smtpd_tls_key_file = /usr/local/etc/postfix/ssl/smtpd.pem smtpd_tls_cert_file = /usr/local/etc/postfix/ssl/smtpd.pem smtpd_tls_CAfile = /usr/local/etc/postfix/ssl/smtpd.pem smtpd_tls_loglevel = 2 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom ## MySQL Configuration virtual_alias_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf virtual_gid_maps = static:125 virtual_mailbox_base = /usr/local/virtual virtual_mailbox_domains = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_limit = 51200000 virtual_mailbox_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_minimum_uid = 125 virtual_transport = virtual virtual_uid_maps = static:125 relay_domains = proxy:mysql:/usr/local/etc/postfix/mysql_relay_domains_maps.cf ## Additional for quota support virtual_create_maildirsize = yes virtual_mailbox_extended = yes virtual_mailbox_limit_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps virtual_mailbox_limit_override = yes virtual_maildir_limit_message = Sorry, this user has overdrawn their diskspace quota. Please try again later. virtual_overquota_bounce = yes spamassassin_destination_recipient_limit = 1 queue_directory = /var/spool/postfix command_directory = /usr/local/sbin daemon_directory = /usr/local/libexec/postfix mail_owner = postfix myhostname = mail.example.com mydomain = example.com myorigin = $myhostname inet_interfaces = all unknown_local_recipient_reject_code = 550 mynetworks_style = host mynetworks = 10.0.0.0/8, 127.0.0.0/8 transport_maps = hash:/usr/local/etc/postfix/transport vacation_destination_recipient_limit = 1 debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5 sendmail_path = /usr/local/sbin/sendmail newaliases_path = /usr/local/bin/newaliases mailq_path = /usr/local/bin/mailq setgid_group = maildrop html_directory = no manpage_directory = /usr/local/man sample_directory = /usr/local/etc/postfix readme_directory = no ## clamd content_filter = scan:localhost:10025 receive_override_options = no_address_mappings Code:
# vim /usr/local/etc/postfix/master.cf smtp inet n - n - - smtpd -o content_filter=spamassassin smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o fallback_relay= showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache vacation unix - n n - - pipe flags=DRhu user=vacation argv=/var/spool/vacation/vacation.pl ## AV scan filter (used by content_filter) scan unix - - n - 16 smtp -o smtp_send_xforward_command=yes ## For injecting mail back into postfix from the filter localhost:10026 inet n - n - 16 smtpd -o content_filter= -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_helo_restrictions= -o smtpd_client_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks_style=host -o smtpd_authorized_xforward_hosts=127.0.0.0/8 ## SpamAssassin spamassassin unix - n n - - pipe user=nobody argv=/usr/local/bin/spamc -u ${recipient} -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient} Code:
# touch /usr/local/etc/postfix/mysql_virtual_alias_maps.cf # vim /usr/local/etc/postfix/mysql_virtual_alias_maps.cf user = postfix password = ch@ngeMe hosts = localhost dbname = postfix query = SELECT goto FROM alias WHERE address='%s' AND active = '1' Code:
# touch /usr/local/etc/postfix/mysql_virtual_domains_maps.cf # vim /usr/local/etc/postfix/mysql_virtual_domains_maps.cf user = postfix password = ch@ngeMe hosts = localhost dbname = postfix query = SELECT domain FROM domain WHERE domain='%s' ##optional query to use when relaying for backup MX ##query = SELECT domain FROM domain WHERE domain='%s' and backupmx = '0' and active = '1' Code:
# touch /usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf # vim /usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf user = postfix password = ch@ngeMe hosts = localhost dbname = postfix query = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1' Code:
# touch /usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf # vim /usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf user = postfix password = ch@ngeMe hosts = localhost dbname = postfix query = SELECT quota FROM mailbox WHERE username='%s' Code:
# touch /usr/local/etc/postfix/mysql_relay_domains_maps.cf # vim /usr/local/etc/postfix/mysql_relay_domains_maps.cf user = postfix password = ch@ngeMe hosts = localhost dbname = postfix query = SELECT domain FROM domain WHERE domain='%s' and backupmx = '1' Code:
# chmod 640 /usr/local/etc/postfix/mysql_* # chgrp postfix /usr/local/etc/postfix/mysql_* Code:
# postmap /usr/local/etc/postfix/transport Code:
# /etc/aliases root: you@example.com Code:
# /usr/bin/newaliases Code:
# mkdir /usr/local/virtual 'The lay out will be as you\'ve specified in your Dovecot config file %d/%n' 'This will give you something like "/usr/local/virtual/example.com/you/"' # chown -R postfix:postfix /usr/local/virtual # chmod -R 700 /usr/local/virtual The next step will be to install postfixadmin Here you have two options, one install it from ports or go and download the latest version, I'm using the latest one. Go to http://postfixadmin.sourceforge.net/ and download the latest version Untar it some where in your home directory and then copy it to /usr/local/www/ Next we need to setup the database for Postfix, Dovecot and Postfixadmin, they all use one database called postfix There is a nice file called "DATABASE_MYSQL.TXT", edit it to suite your needs, I used this file to create the postfix database, the postfix user and the postfixadmin user as well as the tables. After editing the file all you need to do is insert it into MySQL Code:
# mysql -u root -p < DATABASE_MYSQL.TXT Code:
# vim /usr/local/etc/apache22/extra/httpd-autoindex.conf Alias /postfixadmin "/usr/local/www/postfixadmin/" <Directory "/usr/local/www/postfixadmin"> Options Indexes AllowOverride AuthConfig Allow from all </Directory> I will only list the changes I've made here Code:
# vim /usr/local/www/postfixadmin/config.inc.php $CONF['configured'] = true; $CONF['postfix_admin_url'] = 'http://www.example.com/postfixadmin/'; $CONF['database_type'] = 'mysqli'; $CONF['database_host'] = 'localhost'; $CONF['database_user'] = 'postfixadmin'; $CONF['database_password'] = 'Ple@seCh@ngeMe'; $CONF['database_name'] = 'postfix'; $CONF['database_prefix'] = ''; $CONF['database_prefix'] = ''; $CONF['admin_email'] = 'me@example.com'; $CONF['smtp_server'] = 'mail.example.com'; $CONF['generate_password'] = 'YES'; $CONF['show_password'] = 'YES'; $CONF['page_size'] = '15'; $CONF['default_aliases'] = array ( 'abuse' => 'abuse@example.com', 'hostmaster' => 'hostmaster@example.com', 'postmaster' => 'postmaster@example.com', 'webmaster' => 'webmaster@example.com' ); $CONF['domain_path'] = 'YES'; $CONF['domain_in_mailbox'] = 'NO'; $CONF['vacation'] = 'YES'; $CONF['vacation_domain'] = 'autoreply.example.com'; $CONF['alias_control'] = 'YES'; $CONF['alias_control_admin'] = 'YES'; $CONF['special_alias_control'] = 'YES'; $CONF['fetchmail'] = 'NO'; $CONF['fetchmail_extra_options'] = 'NO'; $CONF['user_footer_link'] = "http://www.example.com/webmail/"; $CONF['show_footer_text'] = 'YES'; $CONF['footer_text'] = 'Return to example.com'; $CONF['footer_link'] = 'http://www.example.com'; $CONF['welcome_text'] = <<<EOM Hi, Welcome to your new account. If you have any questions please email me at you@example.com EOM; Code:
# pw groupadd vacation # pw useradd vacation -c Virtual\ Vacation -d /nonexistent -g vacation -s /sbin/nologin Code:
# mkdir /var/spool/vacation # cp /usr/local/www/postfixadmin/VIRTUAL_VACATION/vacation.pl /var/spool/vacation/ # chown -R vacation:vacation /var/spool/vacation/ # chmod -R 700 /var/spool/vacation/ # touch /var/log/vacation.log /var/log/vacation.debug # chown vacation:vacation /var/log/vacation.* Code:
# vim /var/spool/vacation/vacation.pl my $db_type = 'mysql'; my $db_host = 'localhost'; my $db_username = 'postfixadmin'; my $db_password = 'Ple@seCh@ngeMe'; my $db_name = 'postfix'; my $logfile = "/var/log/vacation.log"; my $debugfile = "/var/log/vacation.debug"; At this stage of the setup you can go and comment out all the ClamAV and SpamAssassin stuff in the "/usr/local/etc/postfix/main.cf" and "/usr/local/etc/postfix/master.cf" files After you've commented them out we can go and start Postfix and Dovecot Code:
# /usr/local/etc/rc.d/postfix start # /usr/local/etc/rc.d/dovecot start Code:
# tail -1000 /var/log/maillog Last edited by hamba; 7th May 2008 at 12:06 PM. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
MySQL / Dovecot connection problem | DrKrall | FreeBSD Ports and Packages | 2 | 12th July 2009 06:40 PM |
Maildir with Postfix/Dovecot/procmail/mutt | bsdperson | FreeBSD Ports and Packages | 3 | 8th July 2009 07:05 PM |
Postfix error on 7.1 | windependence | FreeBSD Ports and Packages | 3 | 2nd February 2009 10:42 AM |
[DOVECOT] How to choose the ports? | Sunsawe | FreeBSD Ports and Packages | 2 | 7th July 2008 02:41 PM |
postfix + dovecot LDA: bounce, user unknown | cbrace | FreeBSD General | 1 | 9th May 2008 05:19 PM |