[[postfix]]
 
Zuletzt angesehen:»start
Inhaltsverzeichnis

Postfix

Absendeadresse

Die Absendeadresse wird aus dem Namen des Benutzers und dem Mailnamen zusammengesetzt (benutzer@maildomain.de).

Den Mailnamen (maildomain.de) kann man bei Ubuntu auf zwei Arten ändern: 

# sudo dpkg-reconfigure postfix

oder so: 

# echo "maildomain.de" > /etc/mailname
# sed -i -e 's/^[^#.]*myorigin/#&/g' /etc/postfix/main.cf
# echo "myorigin = /etc/mailname" >> /etc/postfix/main.cf

Dann den Restart des Dienstes nicht vergessen: 

# /etc/init.d/postfix restart

Exitcodes

Wenn Postfix eine Mail per Pipe an ein externes Script weitergeben möchte, es aber aber zu Zwischenfällen kommt, hat das Return-Mails zur Folge, die folgende Exitcodes enthalten können:

Status $? Description
EX_OK 0 successful termination
EX_USAGE 64 command line usage error
EX_DATAERR 65 data format error
EX_NOINPUT 66 cannot open input
EX_NOUSER 67 addressee unknown
EX_NOHOST 68 host name unknown
EX_UNAVAILABLE 69 service unavailable
EX_SOFTWARE 70 internal software error
EX_OSERR 71 system error (e.g., can't fork)
EX_OSFILE 72 critical OS file missing
EX_CANTCREAT 73 can't create (user) output file
EX_IOERR 74 input/output error
EX_TEMPFAIL 75 temp failure; user is invited to retry
EX_PROTOCOL 76 remote error in protocol
EX_NOPERM 77 permission denied
EX_CONFIG 78 configuration error

Installation

# portinstall -prO mail/postfix

oder so 

# portupgrade -NRO mail/postfix

Da ich Sieve-Unterstützung in Dovecot brauche und zur Zeit nur Dovecot in der Version 1 Sieve unterstützt, muss hier „DOVECOT“ markiert werden. Und SSL-Unterstützung brauche ich selbstverständlich auch: 

[*] PCRE       Perl Compatible Regular Expressions
[*] SASL2      Cyrus SASLv2 (Simple Auth. and Sec. Layer)
[*] DOVECOT    Dovecot 1.x SASL authentication method
...
[*] TLS        Enable SSL and TLS support
...
    Warning: you still need to edit myorigin/mydestination/mynetworks
    parameter settings in /usr/local/etc/postfix/main.cf.
    See also http://www.postfix.org/STANDARD_CONFIGURATION_README.html
    for information about dialup sites or about sites inside a
    firewalled network.
    BTW: Check your /etc/aliases file and be sure to set up aliases
    that send mail for root and postmaster to a real person, then
    run /usr/local/bin/newaliases.
install  -o root -g wheel -m 555 /usr/ports/mail/postfix/work/postfix-2.8.4/auxiliary/rmail/rmail /usr/local/bin/rmail
install  -o root -g wheel -m 555 /usr/ports/mail/postfix/work/postfix-2.8.4/auxiliary/qshape/qshape.pl /usr/local/bin/qshape
install  -o root -g wheel -m 444 /usr/ports/mail/postfix/work/postfix-2.8.4/man/man1/qshape.1 /usr/local/man/man1
===> Installing rc.d startup script(s)
Would you like to activate Postfix in /etc/mail/mailer.conf [n]? y
To enable postfix startup script please add postfix_enable="YES" in
your rc.conf
If you not need sendmail anymore, please add in your rc.conf:
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
And you can disable some sendmail specific daily maintenance routines in your
/etc/periodic.conf file:
daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"
If /etc/periodic.conf does not exist please create it and add those values.
If you are using SASL, you need to make sure that postfix has access to read
the sasldb file.  This is accomplished by adding postfix to group mail and
making the /usr/local/etc/sasldb* file(s) readable by group mail (this should
be the default for new installs).
If you are upgrading from Postfix 2.6 or earlier, review the RELEASE_NOTES to
familiarize yourself with new features and incompatabilities. 
      This port has installed the following startup scripts which may cause
      these network services to be started at boot time.
/usr/local/etc/rc.d/postfix
      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.
      For more information, and contact details about the security
      status of this software, see the following webpage: 
http://www.postfix.org/
===>  Cleaning for postfix-2.8.4,1
# ldd /usr/local/libexec/postfix/smtp
        libsasl2.so.2 => /usr/local/lib/libsasl2.so.2 (0x4002d000)
        ...
# postconf -A
cyrus
# postconf -a
dovecot

LDA Postfix

Diese Informationen finden Sie in der aktuellen Version in FreeBSD unter /usr/local/share/doc/dovecot/wiki

System users

You can use deliver with a few selected system users (ie. user is found from '/etc/passwd' / NSS) by calling deliver in the user's '~/.forward' file: 

| "/usr/local/libexec/dovecot/deliver"

This should work with any MTA which supports per-user '.forward' files. (For qmail's per-user setup, see LDA.Qmail.txt.)

This method doesn't require the authentication socket explained below since it's executed as the user itself.

If you wish you use 'deliver' for all system users on a single domain mail host you can do it by editing 'mailbox_command' parameter in

“/etc/postfix/main.cf“ (postconf(5) http://www.postfix.org/postconf.5.html): 

mailbox_command = /usr/local/libexec/dovecot/deliver

Then run 'postfix reload' and that is it.

Some detailed config files and examples at

Virtual users

Dovecot LDA is very easy to use on large scale installations with Postfix virtual domains support, just add a 'dovecot' service in “/etc/postfix/master.cf“ (master(5) http://www.postfix.org/master.5.html): 

dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient}

An example using address extensions (ie user+extension@domain.com) to deliver to the folder 'extension' in your maildir (If you wish to preserve the case of ${extension}, remove the 'hu'flags [http://www.postfix.org/pipe.8.html], and be sure to utilize<Modifiers> [Variables.txt] in your dovecot.conf for mail locations and other configuration parameters that are expecting lower case): 

dovecot unix    -       n       n       -       -      pipe
  flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m ${extension}
# or with v1.1.2+ if you have a INBOX/ namespace prefix:
dovecot unix    -       n       n       -       -      pipe
  flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m INBOX/${extension}

This example ignores address extensions (ie user+extension@domain.com delivers just like user@domain.com): 

dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop}
dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -d ${user}

Replace 'vmail' above with your virtual mail user account.

Then set 'virtual_transport' to 'dovecot' in '/etc/postfix/main.cf': 

dovecot_destination_recipient_limit = 1
virtual_mailbox_domains = your.domain.here
virtual_transport = dovecot

And remember to run 

postfix reload

authentication socket

protocol lda {
...
  # UNIX socket path to master authentication server to find users.
  #auth_socket_path = /var/run/dovecot/auth-master
}
auth default {
...
  socket listen {
    # Note that we're setting a master socket. SMTP AUTH for Postfix and Exim uses client sockets.
    master {
      path = /var/run/dovecot/auth-master
      # Auth master socket can be used to look up userdb information for
      # given usernames. This probably isn't very sensitive information
      # for most systems, but still try to restrict the socket access if possible.
      mode = 0600
      user = vmail # User running deliver
      #group = mail # Or alternatively mode 0660 + deliver user in this group
    }
  }
...
}

weitere Links

http://bsdinn.com/postfix/index.php

Beispiel aus Ubuntu 09.10

postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = Maildir/
inet_interfaces = all
mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot-postfix.conf -n -m "${EXTENSION}"
mailbox_size_limit = 0
mydestination = hostname, localhost.localdomain, localhost
myhostname = hostname
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
readme_directory = no
recipient_delimiter = +
relayhost = 
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/ssl-mail.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
 
Falls nicht anders bezeichnet, ist der Inhalt dieses Wikis unter der folgenden Lizenz veröffentlicht:GNU Free Documentation License 1.2
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki