Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
— |
linux:postfix [2014-04-05 11:42] (aktuell) |
||
---|---|---|---|
Zeile 1: | Zeile 1: | ||
+ | ====== Postfix mit MySQL-Unterstützung ====== | ||
+ | * Pakete installieren (MySQL und Postfix) | ||
+ | * <code bash>apt-get install mysql-client-5.0 mysql-server-5.0 | ||
+ | apt-get install postfix postfix-mysql postfix-tls sasl2-bin libsasl2 libsasl2-modules courier-maildrop courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl</code> | ||
+ | * Benutzer und Gruppe ''vmail'' anlegen (UID/GID 1500) | ||
+ | * Home-Verzeichnis erstellen: <code bash>mkdir /home/vmail | ||
+ | chown vmail.vmail /home/vmail | ||
+ | chmod 0700 /home/vmail</code> | ||
+ | * Zertifikate etc. von alter Installation kopieren oder neu erstellen | ||
+ | * smtpd.cert, smtpd.key, /etc/courier/* | ||
+ | * Zugriffsrechte für ''maildrop'' setzen | ||
+ | * <code bash>chmod u+s /usr/bin/maildrop | ||
+ | touch /var/log/maildrop.log | ||
+ | chown vmail /var/log/maildrop.log</code> | ||
+ | ===== Konfigurationsdateien ===== | ||
+ | ==== main.cf ==== | ||
+ | <code>myorigin = /etc/mailname | ||
+ | myhostname = v2429.v-server.info | ||
+ | mydestination = localhost.localdomain, v2429.v-server.info, localhost.v-server.info, localhost | ||
+ | mynetworks = 127.0.0.0/8,85.119.152.89/32 | ||
+ | virtual_alias_domains = | ||
+ | virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_forwardings.cf | ||
+ | mysql:/etc/postfix/mysql-virtual_email2email.cf | ||
+ | virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domains.cf | ||
+ | virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailboxes.cf | ||
+ | virtual_mailbox_base = /home/vmail | ||
+ | virtual_uid_maps = static:1500 | ||
+ | virtual_gid_maps = static:1500 | ||
+ | |||
+ | alias_maps = hash:/etc/aliases | ||
+ | alias_database = hash:/etc/aliases | ||
+ | relayhost = | ||
+ | mailbox_command = procmail -a "$EXTENSION" | ||
+ | mailbox_size_limit = 0 | ||
+ | message_size_limit = 20480000 | ||
+ | recipient_delimiter = + | ||
+ | inet_interfaces = all | ||
+ | inet_protocols = ipv4 | ||
+ | |||
+ | smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) | ||
+ | biff = no | ||
+ | |||
+ | # appending .domain is the MUA's job. | ||
+ | append_dot_mydomain = no | ||
+ | |||
+ | # TLS parameters | ||
+ | smtpd_use_tls = yes | ||
+ | smtpd_tls_cert_file = /etc/postfix/smtpd.cert | ||
+ | smtpd_tls_key_file = /etc/postfix/smtpd.key | ||
+ | smtpd_enforce_tls = no | ||
+ | smtpd_tls_auth_only = yes | ||
+ | smtpd_tls_session_cache_database= btree:${queue_directory}/smtpd_scache | ||
+ | smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache | ||
+ | |||
+ | |||
+ | # restrictions | ||
+ | smtpd_helo_required = yes | ||
+ | disable_vrfy_command = yes | ||
+ | smtpd_etrn_restrictions = reject | ||
+ | show_user_unknown_table_name = no | ||
+ | |||
+ | default_rbl_reply = $rbl_code RBLTRAP: Your server is listed on a blacklist... | ||
+ | |||
+ | smtpd_client_restrictions = | ||
+ | |||
+ | smtpd_helo_restrictions = reject_invalid_hostname, | ||
+ | #reject_non_fqdn_hostname | ||
+ | #reject_unknown_hostname | ||
+ | |||
+ | smtpd_sender_restrictions = reject_non_fqdn_sender, | ||
+ | # reject_rbl_client relays.ordb.org, | ||
+ | # reject_unknown_sender_domain | ||
+ | |||
+ | smtpd_recipient_restrictions = permit_mynetworks, | ||
+ | permit_sasl_authenticated, | ||
+ | reject_unauth_destination, | ||
+ | reject_non_fqdn_recipient, | ||
+ | reject_unknown_recipient_domain | ||
+ | |||
+ | smtpd_data_restrictions = reject_unauth_pipelining | ||
+ | |||
+ | # SASL | ||
+ | smtpd_sasl_auth_enable = yes | ||
+ | smtpd_sasl_security_options = noanonymous | ||
+ | smtpd_sasl_local_domain = | ||
+ | smtp_sasl_auth_enable = no | ||
+ | broken_sasl_auth_clients = yes | ||
+ | |||
+ | maildrop_destination_recipient_limit = 1 | ||
+ | virtual_transport = maildrop</code> | ||
+ | |||
+ | ==== master.cf ==== | ||
+ | <code>maildrop unix - n n - - pipe | ||
+ | flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${user}@${nexthop} | ||
+ | ${sender} ${recipient} ${extension} ${user} ${nexthop}</code> | ||
+ | |||
+ | ==== sasl/smtpd.conf ==== | ||
+ | <code>pwcheck_method: auxprop | ||
+ | auxprop_plugin: sql | ||
+ | mech_list: plain login cram-md5 digest-md5 | ||
+ | sql_engine: mysql | ||
+ | sql_hostnames: 127.0.0.1 | ||
+ | sql_user: mail | ||
+ | sql_passwd: password | ||
+ | sql_database: mail | ||
+ | sql_select: select password from users where email='%u@%r'</code> | ||
+ | |||
+ | ==== mysql-virtual_domains.cf ==== | ||
+ | <code>user = mail | ||
+ | password = password | ||
+ | dbname = mail | ||
+ | table = domains | ||
+ | select_field = 'virtual' | ||
+ | where_field = domain | ||
+ | hosts = unix:/var/run/mysqld/mysqld.sock</code> | ||
+ | |||
+ | ==== mysql-virtual_email2email.cf ==== | ||
+ | <code>user = mail | ||
+ | password = password | ||
+ | dbname = mail | ||
+ | table = users | ||
+ | select_field = email | ||
+ | where_field = email | ||
+ | hosts = unix:/var/run/mysqld/mysqld.sock</code> | ||
+ | |||
+ | |||
+ | ==== mysql-virtual_forwardings.cf ==== | ||
+ | <code>user = mail | ||
+ | password = password | ||
+ | dbname = mail | ||
+ | table = forwardings | ||
+ | select_field = destination | ||
+ | where_field = source | ||
+ | hosts = unix:/var/run/mysqld/mysqld.sock</code> | ||
+ | |||
+ | |||
+ | ==== mysql-virtual_mailboxes.cf ==== | ||
+ | <code>user = mail | ||
+ | password = password | ||
+ | dbname = mail | ||
+ | table = users | ||
+ | select_field = CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') | ||
+ | where_field = email | ||
+ | hosts = unix:/var/run/mysqld/mysqld.sock</code> | ||
+ | |||
+ | ==== mnt_postfix.sh ==== | ||
+ | <code bash>#!/bin/bash | ||
+ | mount --bind /var/run/saslauthd/ /var/spool/postfix/var/run/saslauthd/ | ||
+ | mount --bind /var/run/mysqld/ /var/spool/postfix/var/run/mysqld/</code> | ||
+ | |||
+ | |||
+ | ==== /etc/maildroprc ==== | ||
+ | <code>DEFAULT="$HOME/Maildir/" | ||
+ | |||
+ | logfile "/var/log/maildrop.log" | ||
+ | |||
+ | SENDER="$1" | ||
+ | RECIPIENT="$2" | ||
+ | EXTENSION="$3" | ||
+ | USER=tolower("$4") | ||
+ | DOMAIN=tolower("$5") | ||
+ | INBOXDIR="$HOME/$DOMAIN/$USER" | ||
+ | |||
+ | `test -d $INBOXDIR/` | ||
+ | if ($RETURNCODE != 0) | ||
+ | { | ||
+ | `mkdir -p $INBOXDIR` | ||
+ | `rmdir $INBOXDIR` | ||
+ | `/usr/bin/maildirmake $INBOXDIR` | ||
+ | } | ||
+ | |||
+ | to "$INBOXDIR/"</code> | ||
+ | |||
+ | ==== /etc/courier/authdaemonrc ==== | ||
+ | <code>authmodulelist="authmysql" | ||
+ | authmodulelistorig="authuserdb authpam authpgsql authldap authmysql authcustom authpipe" | ||
+ | daemons=5 | ||
+ | authdaemonvar=/var/run/courier/authdaemon | ||
+ | DEBUG_LOGIN=0 | ||
+ | DEFAULTOPTIONS="" | ||
+ | LOGGEROPTS=""</code> | ||
+ | |||
+ | ==== /etc/courier/authmodulelist ==== | ||
+ | <code>authdaemon</code> | ||
+ | |||
+ | ==== /etc/courier/authmysqlrc ==== | ||
+ | <code>MYSQL_SERVER localhost | ||
+ | MYSQL_USERNAME mail | ||
+ | MYSQL_PASSWORD password | ||
+ | MYSQL_SOCKET /var/run/mysqld/mysqld.sock | ||
+ | MYSQL_OPT 0 | ||
+ | MYSQL_DATABASE mail | ||
+ | MYSQL_USER_TABLE users | ||
+ | MYSQL_CLEAR_PWFIELD password | ||
+ | MYSQL_UID_FIELD 1500 | ||
+ | MYSQL_GID_FIELD 1500 | ||
+ | MYSQL_LOGIN_FIELD email | ||
+ | MYSQL_HOME_FIELD "/home/vmail" | ||
+ | MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')</code> | ||
+ | |||
+ | |||
+ | ==== /etc/courier/maildropmysql.config ==== | ||
+ | <code>hostname localhost | ||
+ | socket /var/run/mysqld/mysqld.sock | ||
+ | database mail | ||
+ | dbuser mail | ||
+ | dbpw password | ||
+ | dbtable users | ||
+ | default_uidnumber 1500 | ||
+ | default_gidnumber 1500 | ||
+ | uid_field email | ||
+ | uidnumber_field uid | ||
+ | gidnumber_field gid | ||
+ | maildir_field maildir | ||
+ | homedirectory_field homedir | ||
+ | quota_field quota | ||
+ | mailstatus_field postfix | ||
+ | where_clause AND postfix = 'Y' | ||
+ | logfile /var/log/maildrop.log</code> | ||
+ | |||
+ | ===== Datenbanktabellen ===== | ||
+ | <code sql>CREATE TABLE `domains` ( | ||
+ | `domain` varchar(50) NOT NULL, | ||
+ | PRIMARY KEY (`domain`) | ||
+ | ) ENGINE=MyISAM DEFAULT CHARSET=utf8; | ||
+ | |||
+ | DROP TABLE IF EXISTS `forwardings`; | ||
+ | CREATE TABLE `forwardings` ( | ||
+ | `source` varchar(80) NOT NULL, | ||
+ | `destination` text NOT NULL, | ||
+ | PRIMARY KEY (`source`) | ||
+ | ) ENGINE=MyISAM DEFAULT CHARSET=utf8; | ||
+ | |||
+ | CREATE TABLE `users` ( | ||
+ | `email` varchar(80) NOT NULL, | ||
+ | `password` varchar(20) NOT NULL, | ||
+ | PRIMARY KEY (`email`) | ||
+ | ) ENGINE=MyISAM DEFAULT CHARSET=utf8; | ||
+ | |||
+ | GRANT all privileges on mail.* TO mail@localhost IDENTIFIED BY 'password'; | ||
+ | GRANT all privileges on mail.* TO mail@127.0.0.1 IDENTIFIED BY 'password';</code> |