



Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

Beide Seiten der vorigen Revision Vorhergehende Überarbeitung
Nächste Überarbeitung
Vorhergehende Überarbeitung
Nächste Überarbeitung Beide Seiten der Revision
linux:grundkonfiguration [2007-07-29 11:03]
linux:grundkonfiguration [2010-05-17 12:36]
Zeile 1: Zeile 1:
-====== ​Postfix mit MySQL-Unterstützung ​====== +====== ​Grundkonfiguration des Systems ​====== 
-  * Pakete ​installieren (MySQL und Postfix) +===== Verschiedenes ​===== 
-    * <code bash>​apt-get ​install mysql-client-5.0 mysql-server-5.0 +  * Alle Pakete ​updaten 
-apt-get ​install postfix postfix-mysql postfix-tls sasl2-bin libsasl2 libsasl2-modules courier-maildrop courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl</​code>​ +    * <code bash>​apt-get ​update 
-  * Benutzer und Gruppe ​''​vmail''​ anlegen ​(UID/GID 1500) +apt-get --o APT::Force-LoopBreak=true upgrade</​code>​ 
-    * Home-Verzeichnis erstellen: ​<code bash>mkdir /​home/​vmail +  * ''​~/bin''​ anlegen ​für eigene Scripts 
-chown vmail.vmail /​home/​vmail +  * Nützliche Pakete ​ 
-chmod 0700 /home/vmail</​code>​ +    * <code bash>apt-get install bzip2 unzip less patch traceroute ssh vim locate dnsutils host telnet</​code>​ 
-  * Zertifikate etc. von alter Installation kopieren oder neu erstellen +  * Zeiten für automatische Scripts in ''​/etc/crontab'' ​anpassen
-    * smtpd.cert, smtpd.key, ​/etc/courier/* +
-  * Zugriffsrechte für ''​maildrop''​ setzen  +
-    * <code bash>​chmod u+s /​usr/​bin/​maildrop +
-touch /​var/​log/​maildrop.log +
-chown vmail /​var/​log/​maildrop.log</​code>  ​+
-===== Konfigurationsdateien ​===== +===== ~/​.bashrc ​===== 
-==== ​==== +<​code ​bash>export PS1='\u:\w\$ ' ​                # Prompt anpassen 
-<​code>​myorigin ​                       ​/​etc/​mailname +export PATH=${PATH}:~/bin             # eigene Scripts in den PATH
-myhostname ​                     = +
-mydestination ​                  = localhost.localdomain,​,​,​ localhost +
-mynetworks ​                     =​8,​​32 +
-virtual_alias_domains ​          = +
-virtual_alias_maps ​             = mysql:/​etc/​postfix/​ +
-                                  mysql:/​etc/​postfix/​ +
-virtual_mailbox_domains ​        mysql:/etc/​postfix/​ +
-virtual_mailbox_maps ​           = mysql:/​etc/​postfix/​ +
-virtual_mailbox_base ​           = /​home/​vmail +
-virtual_uid_maps ​               = static:​1500 +
-virtual_gid_maps ​               = static:1500+
-alias_maps ​                     = hash:/​etc/​aliases +umask 022
-alias_database ​                 = hash:/​etc/​aliases +
-relayhost ​                      = +
-mailbox_command ​                = procmail -a "​$EXTENSION"​ +
-mailbox_size_limit ​             = 0 +
-message_size_limit ​             = 20480000 +
-recipient_delimiter ​            = + +
-inet_interfaces ​                = all +
-inet_protocols ​                 = ipv4+
-smtpd_banner ​                   ​= $myhostname ESMTP $mail_name (Debian/​GNU) +export LS_OPTIONS='​--color=auto' ​     # '​ls'​ Ausgabe farbig machen 
-biff                            ​no+eval "​`dircolors`"​ 
 +alias ls='​ls ​$LS_OPTIONS'​ 
 +alias ll='​ls ​$LS_OPTIONS -l' 
 +alias l='ls $LS_OPTIONS -lA'
-# appending .domain is the MUA's job. +alias vi='vim' ​                       # immer vim nutzen 
-append_dot_mydomain ​            no+alias cdsrc='cd /​usr/​local/​src'</​code>​
-# TLS parameters +===== Vim ===== 
-smtpd_use_tls ​                  yes +==== ~/.vimrc ==== 
-smtpd_tls_cert_file ​            = /etc/​postfix/​smtpd.cert +<​code>​set wrap 
-smtpd_tls_key_file ​             ​/​etc/​postfix/​smtpd.key +set tabstop=4 
-smtpd_enforce_tls ​              no +set shiftwidth=4 
-smtpd_tls_auth_only ​            yes +set expandtab 
-smtpd_tls_session_cache_databasebtree:​${queue_directory}/​smtpd_scache +set autoindent 
-smtp_tls_session_cache_database ​btree:​${queue_directory}/smtp_scache+set wildchar=<Tab> 
 +set nonumber 
 +set foldmethod=marker 
 +set hidden 
 +set wmh=
 +filetype on</code>
 +==== /​etc/​vim/​vimrc ====
 +<​code>"​ This line should not be removed as it ensures that various options are
 +" properly set to work with the Vim-related packages available in Debian.
 +runtime! debian.vim
-# restrictions +syntax on
-smtpd_helo_required ​            = yes +
-disable_vrfy_command ​           = yes +
-smtpd_etrn_restrictions ​        = reject +
-show_user_unknown_table_name ​   = no+
-default_rbl_reply ​              = $rbl_code RBLTRAP: Your server is listed ​on a blacklist...+set autoindent ​        "​ always set autoindenting ​on 
 +set textwidth=0 ​       " Don't wrap words by default 
 +set nobackup ​          "​ Don't keep a backup file 
 +set viminfo='​20,​\"​50 ​  "​ read/​write ​a .viminfo file, don't store more than 50 lines of registers 
 +set history=50 ​        "​ keep 50 lines of command line history 
 +set ruler              " show the cursor position all the time 
 +set nopaste 
 +set pastetoggle=<​F2>​
-smtpd_client_restrictions ​      =+" Suffixes that get lower priority when doing tab completion for filenames. 
 +" These are files we are not likely to want to edit or read. 
 +set suffixes=.bak,​~,​.swp,​.o,​.info,​.aux,​.log,​.dvi,​.bbl,​.blg,​.brf,​.cb,​.ind,​.idx,​.ilg,​.inx,​.out,​.toc
-smtpd_helo_restrictions ​        = reject_invalid_hostname,​ +" If using a dark background within the editing area and syntax highlighting 
-                                  #​reject_non_fqdn_hostname +" turn on this option as well 
-                                  #​reject_unknown_hostname+set background=dark
-smtpd_sender_restrictions ​      reject_non_fqdn_sender,​ +" Uncomment the following to have Vim jump to the last position when 
-                                  # reject_rbl_client,​ +" reopening a file 
-                                  # reject_unknown_sender_domain+if has("​autocmd"​) 
 +  au BufReadPost * if line("'​\""​) > 0 && line("'​\""​) <line("​$"​) 
 +    \| exe "​normal g'​\""​ | endif 
-smtpd_recipient_restrictions ​   = permit_mynetworks,​ +" Uncomment the following to have Vim load indentation rules according to the 
-                                  ​permit_sasl_authenticated,​ +" detected filetype. Per default Debian Vim only load filetype specific 
-                                  ​reject_unauth_destination,​ +" plugins. 
-                                  ​reject_non_fqdn_recipient,​ +if has("​autocmd"​) 
-                                  ​reject_unknown_recipient_domain+  ​filetype plugin on 
 +  filetype indent on 
-smtpd_data_restrictions ​        = reject_unauth_pipelining+" The following are commented out as they cause vim to behave a lot 
 +" differently from regular Vi. They are highly recommended though. 
 +set showcmd ​        ​" Show (partial) command in status line. 
 +set showmatch ​      "​ Show matching brackets. 
 +set ignorecase ​     " Do case insensitive matching 
 +"set smartcase ​     " Do smart case matching 
 +set incsearch ​      "​ Incremental search 
 +set autowrite ​      "​ Automatically save before commands like :next and :make 
 +"set hidden ​        "​ Hide buffers when they are abandoned 
 +"set mouse=a        " Enable mouse usage (all modes) in terminals 
 +set hlsearch
-# SASL +" Konfiguration für Syntax Highlighting ​=> HTML 
-smtpd_sasl_auth_enable ​         = yes +let use_xhtml ​1 
-smtpd_sasl_security_options ​    noanonymous +let html_number_lines ​1 
-smtpd_sasl_local_domain ​        +let html_use_css ​1</​code>​
-smtp_sasl_auth_enable ​          no +
-broken_sasl_auth_clients ​       ​yes+
-maildrop_destination_recipient_limit ​+===== logrotate ===== 
-virtual_transport ​maildrop</​code>​+todo
-==== ==== 
-<​code>​maildrop ​ unix  -       ​n ​      ​n ​      ​- ​      ​- ​      pipe 
-  flags=DRhu user=vmail argv=/​usr/​bin/​maildrop -d ${user}@${nexthop} 
-        ${sender} ${recipient} ${extension} ${user} ${nexthop}</​code>​ 
-==== sasl/​smtpd.conf ==== 
-<​code>​pwcheck_method:​ auxprop 
-auxprop_plugin:​ sql 
-mech_list: plain login cram-md5 digest-md5 
-sql_engine: mysql 
-sql_user: mail 
-sql_passwd: password 
-sql_database:​ mail 
-sql_select: select password from users where email='​%u@%r'</​code>​ 
-==== ==== 
-<​code>​user = mail 
-password = password 
-dbname = mail 
-table = domains 
-select_field = '​virtual'​ 
-where_field = domain 
-hosts = unix:/​var/​run/​mysqld/​mysqld.sock</​code>​ 
-==== ==== 
-<​code>​user = mail 
-password = password 
-dbname = mail 
-table = users 
-select_field = email 
-where_field = email 
-hosts = unix:/​var/​run/​mysqld/​mysqld.sock</​code>​ 
-==== ==== 
-<​code>​user = mail 
-password = password 
-dbname = mail 
-table = forwardings 
-select_field = destination 
-where_field = source 
-hosts = unix:/​var/​run/​mysqld/​mysqld.sock</​code>​ 
-==== ==== 
-<​code>​user = mail 
-password = password 
-dbname = mail 
-table = users 
-select_field = CONCAT(SUBSTRING_INDEX(email,'​@',​-1),'/',​SUBSTRING_INDEX(email,'​@',​1),'/'​) 
-where_field = email 
-hosts = unix:/​var/​run/​mysqld/​mysqld.sock</​code>​ 
-==== /​etc/​maildroprc ==== 
-logfile "/​var/​log/​maildrop.log"​ 
-`test -d $INBOXDIR/` 
-if ($RETURNCODE != 0) 
-        `mkdir -p $INBOXDIR` 
-        `rmdir $INBOXDIR` 
-        `/​usr/​bin/​maildirmake $INBOXDIR` 
-to "​$INBOXDIR/"</​code>​ 
-==== /​etc/​courier/​authdaemonrc ==== 
-authmodulelistorig="​authuserdb authpam authpgsql authldap authmysql authcustom authpipe"​ 
-==== /​etc/​courier/​authmodulelist ==== 
-==== /​etc/​courier/​authmysqlrc ==== 
-<​code>​MYSQL_SERVER ​           localhost 
-MYSQL_USERNAME ​         mail 
-MYSQL_PASSWORD ​         password 
-MYSQL_SOCKET ​           /​var/​run/​mysqld/​mysqld.sock 
-MYSQL_OPT ​              0 
-MYSQL_DATABASE ​         mail 
-MYSQL_USER_TABLE ​       users 
-MYSQL_CLEAR_PWFIELD ​    ​password 
-MYSQL_UID_FIELD ​        1500 
-MYSQL_GID_FIELD ​        1500 
-MYSQL_LOGIN_FIELD ​      email 
-MYSQL_HOME_FIELD ​       "/​home/​vmail"​ 
-MYSQL_MAILDIR_FIELD ​    ​CONCAT(SUBSTRING_INDEX(email,'​@',​-1),'/',​SUBSTRING_INDEX(email,'​@',​1),'/'​)</​code>​ 
-==== /​etc/​courier/​maildropmysql.config ==== 
-<​code>​hostname ​            ​localhost 
-socket ​              /​var/​run/​mysqld/​mysqld.sock 
-database ​            mail 
-dbuser ​              mail 
-dbpw                 ​password 
-dbtable ​             users 
-default_uidnumber ​   1500 
-default_gidnumber ​   1500 
-uid_field ​           email 
-uidnumber_field ​     uid 
-gidnumber_field ​     gid 
-maildir_field ​       maildir 
-homedirectory_field ​ homedir 
-quota_field ​         quota 
-mailstatus_field ​    ​postfix 
-where_clause ​        AND postfix = '​Y'​ 
-logfile ​             /​var/​log/​maildrop.log</​code>​ 
-===== Datenbanktabellen ===== 
-<code sql>​CREATE TABLE `domains` ( 
-  `domain` varchar(50) NOT NULL, 
-  PRIMARY KEY  (`domain`) 
-DROP TABLE IF EXISTS `forwardings`;​ 
-CREATE TABLE `forwardings` ( 
-  `source` varchar(80) NOT NULL, 
-  `destination` text NOT NULL, 
-  PRIMARY KEY  (`source`) 
-CREATE TABLE `users` ( 
-  `email` varchar(80) NOT NULL, 
-  `password` varchar(20) NOT NULL, 
-  PRIMARY KEY  (`email`) 
-GRANT all privileges on mail.* TO mail@localhost IDENTIFIED BY '​password';​ 
-GRANT all privileges on mail.* TO mail@ IDENTIFIED BY '​password';</​code>​ 
linux/grundkonfiguration.txt · Zuletzt geändert: 2014-04-05 11:42 (Externe Bearbeitung)