Difference between revisions of "HowTos/Postfix"
From Scalix Wiki
m |
m |
||
| Line 1: | Line 1: | ||
[[Scalix Wiki]] -> [[How-Tos]] -> '''Postfix Integration''' | [[Scalix Wiki]] -> [[How-Tos]] -> '''Postfix Integration''' | ||
| − | + | = Replacing Sendmail with Postfix = | |
This ist only a short discription (based on Debian), additions are highly appreciated. | This ist only a short discription (based on Debian), additions are highly appreciated. | ||
Follow these steps: | Follow these steps: | ||
| − | = 1. stop all sendmail services = | + | == 1. stop all sendmail services == |
| − | /etc/init.d/spamass-milter stop | + | /etc/init.d/spamass-milter stop |
| − | /etc/init.d/sendmail stop | + | /etc/init.d/sendmail stop |
| − | /etc/init.d/scalix-sendmail stop | + | /etc/init.d/scalix-sendmail stop |
| − | = 2. deinstall the packets = | + | == 2. deinstall the packets == |
| − | dpkg -P --force-depends sendmail | + | dpkg -P --force-depends sendmail |
| − | dpkg -P sensible-mda | + | dpkg -P sensible-mda |
| − | dpkg -P rmail | + | dpkg -P rmail |
| − | dpkg -P sendmail-bin | + | dpkg -P sendmail-bin |
| − | dpkg -P sendmail-cf | + | dpkg -P sendmail-cf |
| − | dpkg -P sendmail-base | + | dpkg -P sendmail-base |
| − | dpkg -P m4 | + | dpkg -P m4 |
| − | dpkg -P spamass-milter | + | dpkg -P spamass-milter |
| − | = 3. cleaning = | + | == 3. cleaning == |
3.1. remove the remaining folders: | 3.1. remove the remaining folders: | ||
| − | /var/run/sendmail/stampdir | + | /var/run/sendmail/stampdir |
| − | /var/run/sendmail/mta | + | /var/run/sendmail/mta |
| − | /var/lib/sendmail | + | /var/lib/sendmail |
| − | /usr/share/doc/sendmail | + | /usr/share/doc/sendmail |
| − | /etc/mail | + | /etc/mail |
3.2. remove remaining files: | 3.2. remove remaining files: | ||
| − | /etc/init.d/scalix-sendmail | + | /etc/init.d/scalix-sendmail |
| − | = 4. install then Postfix packets = | + | == 4. install then Postfix packets == |
| − | apt-get install postfix | + | apt-get install postfix |
| − | apt-get install postfix-tls (needed for secure relaying) | + | apt-get install postfix-tls (needed for secure relaying) |
| − | apt-get install sasl2-bin (for authentication) | + | apt-get install sasl2-bin (for authentication) |
| − | = 5. Configure your Postfix = | + | == 5. Configure your Postfix == |
5.1. add this line to you master.cf: | 5.1. add this line to you master.cf: | ||
| Line 47: | Line 47: | ||
5.2. main.cf: | 5.2. main.cf: | ||
| − | alias_maps = | + | alias_maps = |
| − | local_recipient_maps = | + | local_recipient_maps = |
| − | mailbox_transport = smtp:[127.0.0.1]:10001 | + | mailbox_transport = smtp:[127.0.0.1]:10001 |
| − | ## transport_maps = hash:/etc/postfix/transport | + | ## transport_maps = hash:/etc/postfix/transport |
| − | ## when you want to define additional mail-routing use transport_maps | + | ## when you want to define additional mail-routing use transport_maps |
| − | ## some rule against SPAM | + | ## some rule against SPAM |
| − | smtpd_recipient_restrictions = | + | smtpd_recipient_restrictions = |
reject_unauth_pipelining | reject_unauth_pipelining | ||
permit_mynetworks | permit_mynetworks | ||
| Line 73: | Line 73: | ||
reject_non_fqdn_sender | reject_non_fqdn_sender | ||
| − | ## use a recipent table to prevent mail-loops! | + | ## use a recipent table to prevent mail-loops! |
check_recipient_access hash:/etc/postfix/recipient_access | check_recipient_access hash:/etc/postfix/recipient_access | ||
| Line 79: | Line 79: | ||
5.3. content of an optinal transport map: | 5.3. content of an optinal transport map: | ||
| − | @domain.tld smtp:[127.0.0.1]:10001 | + | @domain.tld smtp:[127.0.0.1]:10001 |
5.4. restart postfix | 5.4. restart postfix | ||
| − | = 6. i use a script to create the recipient list = | + | == 6. i use a script to create the recipient list == |
| − | ldapsearch -h 127.0.0.1 -p 3890 -x omMailnode=Headquarters mail | grep -F mail: | cut -c 7- | awk '{print $0"\t\tOK"}' > /etc/postfix/recipients | + | ldapsearch -h 127.0.0.1 -p 3890 -x omMailnode=Headquarters mail | grep -F mail: | cut -c 7- | awk '{print $0"\t\tOK"}' > /etc/postfix/recipients |
| − | postmap /etc/postfix/recipients | + | postmap /etc/postfix/recipients |
| − | = 7. SMTP-Auth = | + | == 7. SMTP-Auth == |
7.1. create this file '/etc/postfix/sasl/smtpd.conf': | 7.1. create this file '/etc/postfix/sasl/smtpd.conf': | ||
| Line 97: | Line 97: | ||
7.2. modify the '/etc/default/saslauthd' (for Debian): | 7.2. modify the '/etc/default/saslauthd' (for Debian): | ||
| − | # This needs to be uncommented before saslauthd will be run automatically | + | # This needs to be uncommented before saslauthd will be run automatically |
| − | START=yes | + | START=yes |
| − | # You must specify the authentication mechanisms you wish to use. | + | # You must specify the authentication mechanisms you wish to use. |
| − | # This defaults to "pam" for PAM support, but may also include | + | # This defaults to "pam" for PAM support, but may also include |
| − | # "shadow" or "sasldb", like this: | + | # "shadow" or "sasldb", like this: |
| − | # MECHANISMS="pam shadow" | + | # MECHANISMS="pam shadow" |
| − | MECHANISMS="ldap" | + | MECHANISMS="ldap" |
| − | PARAMS="-m /var/spool/postfix/var/run/saslauthd" | + | PARAMS="-m /var/spool/postfix/var/run/saslauthd" |
7.3. create the '/etc/saslauthd.conf': (!!! UNTESTED !!!) | 7.3. create the '/etc/saslauthd.conf': (!!! UNTESTED !!!) | ||
| Line 115: | Line 115: | ||
| − | = 8. Testing Authentication = | + | == 8. Testing Authentication == |
| − | testsaslauthd -f /var/spool/postfix/var/run/saslauthd/mux -u user -p password | + | testsaslauthd -f /var/spool/postfix/var/run/saslauthd/mux -u user -p password |
good luck! | good luck! | ||
Revision as of 15:27, 5 February 2007
Scalix Wiki -> How-Tos -> Postfix Integration
Contents
Replacing Sendmail with Postfix
This ist only a short discription (based on Debian), additions are highly appreciated. Follow these steps:
1. stop all sendmail services
/etc/init.d/spamass-milter stop /etc/init.d/sendmail stop /etc/init.d/scalix-sendmail stop
2. deinstall the packets
dpkg -P --force-depends sendmail dpkg -P sensible-mda dpkg -P rmail dpkg -P sendmail-bin dpkg -P sendmail-cf dpkg -P sendmail-base dpkg -P m4 dpkg -P spamass-milter
3. cleaning
3.1. remove the remaining folders:
/var/run/sendmail/stampdir /var/run/sendmail/mta /var/lib/sendmail /usr/share/doc/sendmail /etc/mail
3.2. remove remaining files:
/etc/init.d/scalix-sendmail
4. install then Postfix packets
apt-get install postfix apt-get install postfix-tls (needed for secure relaying) apt-get install sasl2-bin (for authentication)
5. Configure your Postfix
5.1. add this line to you master.cf:
127.0.0.1:10001 inet n n n - - spawn user=scalix argv=/opt/scalix/bin/unix.in
5.2. main.cf:
alias_maps = local_recipient_maps = mailbox_transport = smtp:[127.0.0.1]:10001 ## transport_maps = hash:/etc/postfix/transport ## when you want to define additional mail-routing use transport_maps
## some rule against SPAM smtpd_recipient_restrictions = reject_unauth_pipelining permit_mynetworks permit_sasl_authenticated reject_unauth_destination
reject_rbl_client relays.ordb.org reject_rbl_client bl.spamcop.net reject_rbl_client dnsbl.sorbs.net reject_rbl_client cbl.abuseat.org reject_rbl_client sbl.spamhaus.org reject_rbl_client opm.blitzed.org reject_rbl_client l1.spews.dnsbl.sorbs.net
reject_invalid_hostname reject_unknown_sender_domain reject_unknown_client reject_non_fqdn_sender
## use a recipent table to prevent mail-loops! check_recipient_access hash:/etc/postfix/recipient_access
reject
5.3. content of an optinal transport map:
@domain.tld smtp:[127.0.0.1]:10001
5.4. restart postfix
6. i use a script to create the recipient list
ldapsearch -h 127.0.0.1 -p 3890 -x omMailnode=Headquarters mail | grep -F mail: | cut -c 7- | awk '{print $0"\t\tOK"}' > /etc/postfix/recipients
postmap /etc/postfix/recipients
7. SMTP-Auth
7.1. create this file '/etc/postfix/sasl/smtpd.conf': pwcheck_method: saslauthd mech_list: plain, login saslauthd_path: /var/run/saslauthd/mux
7.2. modify the '/etc/default/saslauthd' (for Debian):
# This needs to be uncommented before saslauthd will be run automatically START=yes
# You must specify the authentication mechanisms you wish to use. # This defaults to "pam" for PAM support, but may also include # "shadow" or "sasldb", like this: # MECHANISMS="pam shadow"
MECHANISMS="ldap" PARAMS="-m /var/spool/postfix/var/run/saslauthd"
7.3. create the '/etc/saslauthd.conf': (!!! UNTESTED !!!) ldap_servers: ldap://127.0.0.1:3890/ ldap_filter: UL-AUTHID=%u
7.4. restart sasl daemon
8. Testing Authentication
testsaslauthd -f /var/spool/postfix/var/run/saslauthd/mux -u user -p password
good luck!
