HowTos/Postfix
From Scalix Wiki
Scalix Wiki -> How-Tos -> Postfix Integration
Contents
Replacing Sendmail with Postfix
This ist only a short discription (based on Debian), additions are highly appreciated. Follow these steps:
stop all sendmail services
/etc/init.d/spamass-milter stop /etc/init.d/sendmail stop /etc/init.d/scalix-sendmail stop omoff -d 0 smtpd
deinstall the packets
dpkg -P --force-depends sendmail dpkg -P sensible-mda dpkg -P rmail dpkg -P sendmail-bin dpkg -P sendmail-cf dpkg -P sendmail-base dpkg -P m4 dpkg -P spamass-milter
cleaning
3.1. remove the remaining folders:
/var/run/sendmail/stampdir /var/run/sendmail/mta /var/lib/sendmail /usr/share/doc/sendmail /etc/mail
3.2. remove remaining files:
/etc/init.d/scalix-sendmail
install then Postfix packets
apt-get install postfix apt-get install postfix-tls (needed for secure relaying) apt-get install sasl2-bin (for authentication)
Configure your Postfix
5.1. add this line to you master.cf:
127.0.0.1:10001 inet n n n - - spawn user=scalix argv=/opt/scalix/bin/unix.in
5.2. main.cf:
alias_maps = local_recipient_maps = mailbox_transport = smtp:[127.0.0.1]:10001 ## transport_maps = hash:/etc/postfix/transport ## when you want to define additional mail-routing use transport_maps
## some rule against SPAM smtpd_recipient_restrictions = reject_unauth_pipelining permit_mynetworks permit_sasl_authenticated reject_unauth_destination
reject_rbl_client relays.ordb.org reject_rbl_client bl.spamcop.net reject_rbl_client dnsbl.sorbs.net reject_rbl_client cbl.abuseat.org reject_rbl_client sbl.spamhaus.org reject_rbl_client opm.blitzed.org reject_rbl_client l1.spews.dnsbl.sorbs.net
reject_invalid_hostname reject_unknown_sender_domain reject_unknown_client reject_non_fqdn_sender
## use a recipent table to prevent mail-loops! check_recipient_access hash:/etc/postfix/recipient_access
reject
5.3. content of an optinal transport map:
@domain.tld smtp:[127.0.0.1]:10001
5.4. restart postfix
i use a script to create the recipient list
ldapsearch -h 127.0.0.1 -p 3890 -x omMailnode=Headquarters mail | grep -F mail: | cut -c 7- | awk '{print $0"\t\tOK"}' > /etc/postfix/recipients postmap /etc/postfix/recipients
SMTP-Auth
7.1. create this file '/etc/postfix/sasl/smtpd.conf': pwcheck_method: saslauthd mech_list: plain, login saslauthd_path: /var/run/saslauthd/mux
7.2. modify the '/etc/default/saslauthd' (for Debian):
# This needs to be uncommented before saslauthd will be run automatically START=yes
# You must specify the authentication mechanisms you wish to use. # This defaults to "pam" for PAM support, but may also include # "shadow" or "sasldb", like this: # MECHANISMS="pam shadow"
MECHANISMS="ldap" PARAMS="-m /var/spool/postfix/var/run/saslauthd"
7.3. create the '/etc/saslauthd.conf': (!!! UNTESTED !!!)
ldap_servers: ldap://127.0.0.1:389 ldap_filter: UL-AUTHID=%u
7.4. restart sasl daemon
Testing Authentication
testsaslauthd -f /var/spool/postfix/var/run/saslauthd/mux -u user -p password
good luck!