postfix
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
postfix [2006/10/16 23:13] – 209.8.40.23 | postfix [2008/04/19 17:43] (current) – 85.178.128.191 | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Postfix ====== | ||
+ | #> apt-get install postfix postfix-tls postfix-pcre libsasl2 libsasl2-modules sasl2-bin | ||
+ | |||
+ | ===== SASL authd ===== | ||
+ | |||
+ | Make saslauthd work with changerooted postfix: | ||
+ | |||
+ | Edit ''/ | ||
+ | |||
+ | < | ||
+ | # This needs to be uncommented before saslauthd will be run automatically | ||
+ | START=yes | ||
+ | |||
+ | # You must specify the authentication mechanisms you wish to use. | ||
+ | # This defaults to " | ||
+ | # " | ||
+ | # MECHANISMS=" | ||
+ | |||
+ | MECHANISMS=" | ||
+ | |||
+ | PWDIR=/ | ||
+ | PARAMS=" | ||
+ | </ | ||
+ | |||
+ | Use '' | ||
+ | |||
+ | #> dpkg-statoverride --add root sasl 710 / | ||
+ | |||
+ | Add the postfix user to the group sasl | ||
+ | |||
+ | #> usermod -g postfix -G sasl postfix | ||
+ | |||
+ | Create a ''/ | ||
+ | |||
+ | < | ||
+ | pwcheck_method: | ||
+ | mech_list: plain login | ||
+ | </ | ||
+ | |||
+ | |||
+ | Start the sasldaemon and restart postfix | ||
+ | |||
+ | #> / | ||
+ | #> / | ||
+ | |||
+ | ===== TLS ===== | ||
+ | |||
+ | Create a private key and a certificate as described [[sslca|here]]. | ||
+ | |||
+ | #> mkdir / | ||
+ | #> cp cp postfixCert.pem postfixKey.pem / | ||
+ | #> chmod 400 / | ||
+ | #> cp / | ||
+ | |||
+ | Add the following to the ''/ | ||
+ | |||
+ | < | ||
+ | # Enable TLS support | ||
+ | smtpd_tls_key_file | ||
+ | smtpd_tls_cert_file = / | ||
+ | smtpd_tls_CAfile | ||
+ | smtpd_use_tls | ||
+ | </ | ||
+ | |||
+ | Comment in the following three lines in ''/ | ||
+ | |||
+ | < | ||
+ | tlsmgr | ||
+ | smtps | ||
+ | 587 | ||
+ | </ | ||
+ | |||
+ | ===== Spam prevention ===== | ||
+ | |||
+ | Follow the tutorial at http:// | ||
+ | |||
+ | The SPF script which comes with the postfix-doc package is broken ((It produces the following error: '' | ||
+ | |||
+ | Go to the following URL : | ||
+ | |||
+ | http:// | ||
+ | |||
+ | and download the most recent version of this file (click on " | ||
+ | |||
+ | To make it work install the needed Perl lib and make the script executable. | ||
+ | |||
+ | #> apt-get install libmail-spf-query-perl | ||
+ | #> chmod 755 / | ||
+ | |||
+ | Then add the following to ''/ | ||
+ | |||
+ | < | ||
+ | spfpolicy unix - | ||
+ | |||
+ | Add the following entry | ||
+ | |||
+ | < | ||
+ | check_policy_service unix: | ||
+ | </ | ||
+ | |||
+ | to ''/ | ||
+ | |||
+ | e.g. | ||
+ | |||
+ | < | ||
+ | smtpd_recipient_restrictions = | ||
+ | reject_unauth_destination | ||
+ | reject_unknown_recipient_domain | ||
+ | reject_unverified_recipient | ||
+ | check_policy_service unix: | ||
+ | </ |