Postfix: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Rkr (Diskussion | Beiträge) K (→Siehe auch) |
Rkr (Diskussion | Beiträge) K (→SMTP Auth) |
||
Zeile 111: | Zeile 111: | ||
== SMTP Auth == | == SMTP Auth == | ||
*saslauthd muss gestartet sein | *''saslauthd'' muss gestartet sein oder dovecot wird verwendet | ||
*Postfix | *Postfix und Dovecot Konfiguration | ||
**http://wiki1.dovecot.org/HowTo/PostfixAndDovecotSASL | |||
**http://www.postfix.org/SASL_README.html | |||
**http://postfix.state-of-mind.de/patrick.koetter/smtpauth/ | **http://postfix.state-of-mind.de/patrick.koetter/smtpauth/ | ||
**http://postfix.state-of-mind.de/patrick.koetter/smtpauth/smtp_auth_mailclients.html | **http://postfix.state-of-mind.de/patrick.koetter/smtpauth/smtp_auth_mailclients.html | ||
Dovecot'' /usr/local/etc/dovecot/conf.d/10-master.conf'': | |||
<pre> | |||
service auth { | |||
unix_listener auth-userdb { | |||
#mode = 0600 | |||
#user = | |||
#group = | |||
} | |||
# Postfix smtp-auth | |||
unix_listener /var/spool/postfix/private/auth { | |||
mode = 0666 | |||
user = postfix | |||
group = postfix | |||
} | |||
# Auth process is run as this user. | |||
#user = $default_internal_user | |||
} | |||
</pre> | |||
Postfix ''main.cf'' für ''saslauthd'': | |||
<pre> | |||
smtpd_sasl_type = dovecot | |||
smtpd_sasl_path = private/auth | |||
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination | |||
smtpd_sasl_auth_enable = yes | |||
smtpd_sasl_security_options = noanonymous | |||
smtpd_sasl_local_domain = $myhostname | |||
</pre> | |||
Postfix ''main.cf'' für ''Dovecot'': | |||
<pre> | |||
smtpd_sasl_type = dovecot | |||
smtpd_sasl_path = private/auth | |||
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination | |||
smtpd_sasl_auth_enable = yes | |||
smtpd_sasl_security_options = noanonymous | |||
smtpd_sasl_local_domain = $myhostname | |||
</pre> | |||
== STARTTLS == | == STARTTLS == |
Version vom 13. April 2011, 07:39 Uhr
Postfix ist ein Open-Source SMTP Email-Server (MTA).
SpamAssassin Integration
Siehe Anleitung hier.
Zusammenfassung der Schritte
- Spamassassins von openSUSE verwenden
- User und Gruppe filter angelegt mit $HOME=/home/filter
- spool Verzeichnis anlegen
mkdir /var/spool/filter chown -R filter.filter /var/spool/filter
- Datei /home/filter/sc/filter.sh angelegt mit 755 Permissions und filter:filter Owner. Dateininhalt:
#!/bin/sh INSPECT_DIR=/var/spool/filter SENDMAIL=/usr/sbin/sendmail SPAMASSASSIN=/usr/bin/spamc # Exit codes from <sysexits.h> EX_TEMPFAIL=75 EX_UNAVAILABLE=69 cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit $EX_TEMPFAIL; } # Clean up when done or when aborting. trap "rm -f in.$$; rm -f out.$$" 0 1 2 3 15 # Parameter for $SPAMASSASSIN # -P Pipe message, don't deliver # -x Disable user config files # -a Use auto-whitelists cat | $SPAMASSASSIN > out.$$ || { echo Message content rejected; exit $EX_UNAVAILABLE; } $SENDMAIL -i "$@" < out.$$ exit $?
- /etc/mail/spamassassin/local.cf angelegt mit Inhalt:
required_score 4.0 rewrite_header Subject ****SPAM(_SCORE_)**** report_safe 1 use_bayes 1 skip_rbl_checks 0 use_razor2 1 use_dcc 1 use_pyzor 1 ok_locales en bayes_auto_learn 1 # SUSE default ifplugin Mail::SpamAssassin::Plugin::URIDNSBL uridnsbl_skip_domain suse.de opensuse.org suse.com suse.org uridnsbl_skip_domain novell.com novell.org novell.ru novell.de novell.hu novell.co.uk endif # Mail::SpamAssassin::Plugin::URIDNSBL
- spamd starten und in runlevel setzen:
/etc/init.d/spamd start insserv spamd
- Postfix master.cf anpassen:
smtp inet n - n - - smtpd -o content_filter=filter: ... ... # SPAMASSASIN filter unix - n n - - pipe user=filter argv=/home/filter/sc/filter.sh -f ${sender} -- ${recipient}
- Auto-Update der Bayes-Filter in /etc/cron.daily/spamassassins-update, siehe SpamAssassin.
- Spamassassin-Installation überprüfen:
spamassassin -D --lint
- Sieve-Filter für SPAM-Emails einrichten, siehe auch Dovecot LDA-Integration, z.B.
require "fileinto"; if exists "X-Spam-Flag" { fileinto "SPAM"; }
Unitymedia/ISH Konfiguration
Siehe mein Posting bei Fedoraforum.de.
Mit TLS und CRAM-MD5
Einträge in main.cf:
relayhost = smtp.ish.de smtp_sasl_auth_enable = yes smtp_sasl_security_options = noanonymous smtp_sasl_mechanism_filter = cram-md5 smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_use_tls = yes smtp_tls_CAfile = /etc/postfix/cacert_class3.crt smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
Es geht auch so:
smtp_sasl_mechanism_filter = plain,login,cram-md5
Eintrag in /etc/postfix/sasl_passwd:
smtp.ish.de user:password
Und dann noch /etc/postfix/sasl_passwd.db erzeugen:
postmap /etc/postfix/sasl_passwd
Siehe auch [1].
Ohne TLS , PLAIN/LOGIN
Einträge in main.cf:
relayhost = smtp.ish.de smtp_sasl_auth_enable = yes smtp_use_tls = no smtp_sasl_security_options = noanonymous smtp_sasl_mechanism_filter = plain,login,cram-md5
SMTP Auth
- saslauthd muss gestartet sein oder dovecot wird verwendet
- Postfix und Dovecot Konfiguration
Dovecot /usr/local/etc/dovecot/conf.d/10-master.conf:
service auth { unix_listener auth-userdb { #mode = 0600 #user = #group = } # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0666 user = postfix group = postfix } # Auth process is run as this user. #user = $default_internal_user }
Postfix main.cf für saslauthd:
smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname
Postfix main.cf für Dovecot:
smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname
STARTTLS
IPv6
Siehe IPv6#Postfix.
Administration
Lookup Table Management
DB-Dateien erzeugen mittels
postmap
Beispiel:
cd /etc/postfix postmap virtual
Siehe auch: