====== Postfix mit MySQL-Unterstützung ======
  * Pakete installieren (MySQL und Postfix)
    * <code bash>apt-get install mysql-client-5.0 mysql-server-5.0
apt-get install postfix postfix-mysql postfix-tls sasl2-bin libsasl2 libsasl2-modules courier-maildrop courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl</code>
  * Benutzer und Gruppe ''vmail'' anlegen (UID/GID 1500)
    * Home-Verzeichnis erstellen: <code bash>mkdir /home/vmail
chown vmail.vmail /home/vmail
chmod 0700 /home/vmail</code>
  * Zertifikate etc. von alter Installation kopieren oder neu erstellen
    * smtpd.cert, smtpd.key, /etc/courier/*
  * Zugriffsrechte für ''maildrop'' setzen 
    * <code bash>chmod u+s /usr/bin/maildrop
touch /var/log/maildrop.log
chown vmail /var/log/maildrop.log</code>  

===== Konfigurationsdateien =====
==== main.cf ====
<code>myorigin                        = /etc/mailname
myhostname                      = v2429.v-server.info
mydestination                   = localhost.localdomain, v2429.v-server.info, localhost.v-server.info, localhost
mynetworks                      = 127.0.0.0/8,85.119.152.89/32
virtual_alias_domains           =
virtual_alias_maps              = mysql:/etc/postfix/mysql-virtual_forwardings.cf
                                  mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains         = mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps            = mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base            = /home/vmail
virtual_uid_maps                = static:1500
virtual_gid_maps                = static:1500

alias_maps                      = hash:/etc/aliases
alias_database                  = hash:/etc/aliases
relayhost                       =
mailbox_command                 = procmail -a "$EXTENSION"
mailbox_size_limit              = 0
message_size_limit              = 20480000
recipient_delimiter             = +
inet_interfaces                 = all
inet_protocols                  = ipv4

smtpd_banner                    = $myhostname ESMTP $mail_name (Debian/GNU)
biff                            = no

# appending .domain is the MUA's job.
append_dot_mydomain             = no

# TLS parameters
smtpd_use_tls                   = yes
smtpd_tls_cert_file             = /etc/postfix/smtpd.cert
smtpd_tls_key_file              = /etc/postfix/smtpd.key
smtpd_enforce_tls               = no
smtpd_tls_auth_only             = yes
smtpd_tls_session_cache_database= btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache


# restrictions
smtpd_helo_required             = yes
disable_vrfy_command            = yes
smtpd_etrn_restrictions         = reject
show_user_unknown_table_name    = no

default_rbl_reply               = $rbl_code RBLTRAP: Your server is listed on a blacklist...

smtpd_client_restrictions       =

smtpd_helo_restrictions         = reject_invalid_hostname,
                                  #reject_non_fqdn_hostname
                                  #reject_unknown_hostname

smtpd_sender_restrictions       = reject_non_fqdn_sender,
                                  # reject_rbl_client relays.ordb.org,
                                  # reject_unknown_sender_domain

smtpd_recipient_restrictions    = permit_mynetworks,
                                  permit_sasl_authenticated,
                                  reject_unauth_destination,
                                  reject_non_fqdn_recipient,
                                  reject_unknown_recipient_domain

smtpd_data_restrictions         = reject_unauth_pipelining

# SASL
smtpd_sasl_auth_enable          = yes
smtpd_sasl_security_options     = noanonymous
smtpd_sasl_local_domain         =
smtp_sasl_auth_enable           = no
broken_sasl_auth_clients        = yes

maildrop_destination_recipient_limit = 1
virtual_transport = maildrop</code>

==== master.cf ====
<code>maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${user}@${nexthop}
        ${sender} ${recipient} ${extension} ${user} ${nexthop}</code>

==== sasl/smtpd.conf ====
<code>pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: mail
sql_passwd: password
sql_database: mail
sql_select: select password from users where email='%u@%r'</code>

==== mysql-virtual_domains.cf ====
<code>user = mail
password = password
dbname = mail
table = domains
select_field = 'virtual'
where_field = domain
hosts = unix:/var/run/mysqld/mysqld.sock</code>

==== mysql-virtual_email2email.cf ====
<code>user = mail
password = password
dbname = mail
table = users
select_field = email
where_field = email
hosts = unix:/var/run/mysqld/mysqld.sock</code>


==== mysql-virtual_forwardings.cf ====
<code>user = mail
password = password
dbname = mail
table = forwardings
select_field = destination
where_field = source
hosts = unix:/var/run/mysqld/mysqld.sock</code>


==== mysql-virtual_mailboxes.cf ====
<code>user = mail
password = password
dbname = mail
table = users
select_field = CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')
where_field = email
hosts = unix:/var/run/mysqld/mysqld.sock</code>

==== mnt_postfix.sh ====
<code bash>#!/bin/bash
mount --bind /var/run/saslauthd/ /var/spool/postfix/var/run/saslauthd/
mount --bind /var/run/mysqld/ /var/spool/postfix/var/run/mysqld/</code>


==== /etc/maildroprc ====
<code>DEFAULT="$HOME/Maildir/"

logfile "/var/log/maildrop.log"

SENDER="$1"
RECIPIENT="$2"
EXTENSION="$3"
USER=tolower("$4")
DOMAIN=tolower("$5")
INBOXDIR="$HOME/$DOMAIN/$USER"

`test -d $INBOXDIR/`
if ($RETURNCODE != 0)
{
        `mkdir -p $INBOXDIR`
        `rmdir $INBOXDIR`
        `/usr/bin/maildirmake $INBOXDIR`
}

to "$INBOXDIR/"</code>

==== /etc/courier/authdaemonrc ====
<code>authmodulelist="authmysql"
authmodulelistorig="authuserdb authpam authpgsql authldap authmysql authcustom authpipe"
daemons=5
authdaemonvar=/var/run/courier/authdaemon
DEBUG_LOGIN=0
DEFAULTOPTIONS=""
LOGGEROPTS=""</code>

==== /etc/courier/authmodulelist ====
<code>authdaemon</code>

==== /etc/courier/authmysqlrc ====
<code>MYSQL_SERVER            localhost
MYSQL_USERNAME          mail
MYSQL_PASSWORD          password
MYSQL_SOCKET            /var/run/mysqld/mysqld.sock
MYSQL_OPT               0
MYSQL_DATABASE          mail
MYSQL_USER_TABLE        users
MYSQL_CLEAR_PWFIELD     password
MYSQL_UID_FIELD         1500
MYSQL_GID_FIELD         1500
MYSQL_LOGIN_FIELD       email
MYSQL_HOME_FIELD        "/home/vmail"
MYSQL_MAILDIR_FIELD     CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')</code>


==== /etc/courier/maildropmysql.config ====
<code>hostname             localhost
socket               /var/run/mysqld/mysqld.sock
database             mail
dbuser               mail
dbpw                 password
dbtable              users
default_uidnumber    1500
default_gidnumber    1500
uid_field            email
uidnumber_field      uid
gidnumber_field      gid
maildir_field        maildir
homedirectory_field  homedir
quota_field          quota
mailstatus_field     postfix
where_clause         AND postfix = 'Y'
logfile              /var/log/maildrop.log</code>

===== Datenbanktabellen =====
<code sql>CREATE TABLE `domains` (
  `domain` varchar(50) NOT NULL,
  PRIMARY KEY  (`domain`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;

DROP TABLE IF EXISTS `forwardings`;
CREATE TABLE `forwardings` (
  `source` varchar(80) NOT NULL,
  `destination` text NOT NULL,
  PRIMARY KEY  (`source`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;

CREATE TABLE `users` (
  `email` varchar(80) NOT NULL,
  `password` varchar(20) NOT NULL,
  PRIMARY KEY  (`email`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;

GRANT all privileges on mail.* TO mail@localhost IDENTIFIED BY 'password';
GRANT all privileges on mail.* TO mail@127.0.0.1 IDENTIFIED BY 'password';</code>