Difference between revisions of "HowTos/Postfix"
From Scalix Wiki
m |
m |
||
Line 5: | Line 5: | ||
Follow these steps: | Follow these steps: | ||
− | == | + | == stop all sendmail services == |
/etc/init.d/spamass-milter stop | /etc/init.d/spamass-milter stop | ||
/etc/init.d/sendmail stop | /etc/init.d/sendmail stop | ||
/etc/init.d/scalix-sendmail stop | /etc/init.d/scalix-sendmail stop | ||
+ | omoff -d 0 smtpd | ||
− | + | == deinstall the packets == | |
− | == | + | |
dpkg -P --force-depends sendmail | dpkg -P --force-depends sendmail | ||
dpkg -P sensible-mda | dpkg -P sensible-mda | ||
Line 21: | Line 21: | ||
dpkg -P spamass-milter | dpkg -P spamass-milter | ||
− | + | == cleaning == | |
− | == | + | |
3.1. remove the remaining folders: | 3.1. remove the remaining folders: | ||
Line 34: | Line 33: | ||
/etc/init.d/scalix-sendmail | /etc/init.d/scalix-sendmail | ||
− | + | == install then Postfix packets == | |
− | == | + | |
apt-get install postfix | apt-get install postfix | ||
apt-get install postfix-tls (needed for secure relaying) | apt-get install postfix-tls (needed for secure relaying) | ||
apt-get install sasl2-bin (for authentication) | apt-get install sasl2-bin (for authentication) | ||
− | + | == Configure your Postfix == | |
− | == | + | |
5.1. add this line to you master.cf: | 5.1. add this line to you master.cf: | ||
Line 83: | Line 80: | ||
5.4. restart postfix | 5.4. restart postfix | ||
− | + | == i use a script to create the recipient list == | |
− | == | + | |
ldapsearch -h 127.0.0.1 -p 3890 -x omMailnode=Headquarters mail | grep -F mail: | cut -c 7- | awk '{print $0"\t\tOK"}' > /etc/postfix/recipients | ldapsearch -h 127.0.0.1 -p 3890 -x omMailnode=Headquarters mail | grep -F mail: | cut -c 7- | awk '{print $0"\t\tOK"}' > /etc/postfix/recipients | ||
postmap /etc/postfix/recipients | postmap /etc/postfix/recipients | ||
− | + | == SMTP-Auth == | |
− | == | + | |
7.1. create this file '/etc/postfix/sasl/smtpd.conf': | 7.1. create this file '/etc/postfix/sasl/smtpd.conf': | ||
Line 114: | Line 109: | ||
7.4. restart sasl daemon | 7.4. restart sasl daemon | ||
− | + | == Testing Authentication == | |
− | == | + | |
testsaslauthd -f /var/spool/postfix/var/run/saslauthd/mux -u user -p password | testsaslauthd -f /var/spool/postfix/var/run/saslauthd/mux -u user -p password | ||
good luck! | good luck! |
Revision as of 15:40, 5 February 2007
Scalix Wiki -> How-Tos -> Postfix Integration
Contents
Replacing Sendmail with Postfix
This ist only a short discription (based on Debian), additions are highly appreciated. Follow these steps:
stop all sendmail services
/etc/init.d/spamass-milter stop /etc/init.d/sendmail stop /etc/init.d/scalix-sendmail stop omoff -d 0 smtpd
deinstall the packets
dpkg -P --force-depends sendmail dpkg -P sensible-mda dpkg -P rmail dpkg -P sendmail-bin dpkg -P sendmail-cf dpkg -P sendmail-base dpkg -P m4 dpkg -P spamass-milter
cleaning
3.1. remove the remaining folders:
/var/run/sendmail/stampdir /var/run/sendmail/mta /var/lib/sendmail /usr/share/doc/sendmail /etc/mail
3.2. remove remaining files:
/etc/init.d/scalix-sendmail
install then Postfix packets
apt-get install postfix apt-get install postfix-tls (needed for secure relaying) apt-get install sasl2-bin (for authentication)
Configure your Postfix
5.1. add this line to you master.cf:
127.0.0.1:10001 inet n n n - - spawn user=scalix argv=/opt/scalix/bin/unix.in
5.2. main.cf:
alias_maps = local_recipient_maps = mailbox_transport = smtp:[127.0.0.1]:10001 ## transport_maps = hash:/etc/postfix/transport ## when you want to define additional mail-routing use transport_maps
## some rule against SPAM smtpd_recipient_restrictions = reject_unauth_pipelining permit_mynetworks permit_sasl_authenticated reject_unauth_destination
reject_rbl_client relays.ordb.org reject_rbl_client bl.spamcop.net reject_rbl_client dnsbl.sorbs.net reject_rbl_client cbl.abuseat.org reject_rbl_client sbl.spamhaus.org reject_rbl_client opm.blitzed.org reject_rbl_client l1.spews.dnsbl.sorbs.net
reject_invalid_hostname reject_unknown_sender_domain reject_unknown_client reject_non_fqdn_sender
## use a recipent table to prevent mail-loops! check_recipient_access hash:/etc/postfix/recipient_access
reject
5.3. content of an optinal transport map:
@domain.tld smtp:[127.0.0.1]:10001
5.4. restart postfix
i use a script to create the recipient list
ldapsearch -h 127.0.0.1 -p 3890 -x omMailnode=Headquarters mail | grep -F mail: | cut -c 7- | awk '{print $0"\t\tOK"}' > /etc/postfix/recipients postmap /etc/postfix/recipients
SMTP-Auth
7.1. create this file '/etc/postfix/sasl/smtpd.conf': pwcheck_method: saslauthd mech_list: plain, login saslauthd_path: /var/run/saslauthd/mux
7.2. modify the '/etc/default/saslauthd' (for Debian):
# This needs to be uncommented before saslauthd will be run automatically START=yes
# You must specify the authentication mechanisms you wish to use. # This defaults to "pam" for PAM support, but may also include # "shadow" or "sasldb", like this: # MECHANISMS="pam shadow"
MECHANISMS="ldap" PARAMS="-m /var/spool/postfix/var/run/saslauthd"
7.3. create the '/etc/saslauthd.conf': (!!! UNTESTED !!!)
ldap_servers: ldap://127.0.0.1:389 ldap_filter: UL-AUTHID=%u
7.4. restart sasl daemon
Testing Authentication
testsaslauthd -f /var/spool/postfix/var/run/saslauthd/mux -u user -p password
good luck!