Documente Academic
Documente Profesional
Documente Cultură
links http://www.geroleo.com/?p=304
Introduction
With all of the tutorials posted here, this is one of the most complex setup that I want to share
with you. If you haven’t read my previous post regarding “DNS Installation and Configuration”
please have a look at it because mail required a valid MX record. I am not saying that, you need
to install your own name server. You can use name server somewhere but the most important
thing is that, there must be an MX record pointing to the IP address of your mail server.
o Pyzor
o Razor
The mail server which I am going to build supports multiple domains. Each domain has their
own unique users which means that user@domain1 is totally different from user@domain2, they
have separate mailboxes.
Procedure
1. Database Installation & Configuration;
Modify postgresql.conf
# vi /var/lib/pgsql/data/postgresql.conf
listen_addresses = ‘localhost’
port = 5432
datestyle = ’sql, mdy’
Modify pg_hba.conf
# vi /var/lib/pgsql/data/pg_hba.conf
3. cPanel is my custom web application to manage domain, users and mail aliases. You can
use this program at your own risk. I will not be liable if your server explodes due to the
use of this program. I want you to know that cPanel runs in suid mode as “root” which
means that even though httpd process is owned by user and group “apache” this program
has the access level as root which has access to everything in the server.
Modify /etc/dovecot.conf
# vi /etc/dovecot.conf
Create /etc/dovecot-sql.conf
# vi /etc/dovecot-sql.conf
Start the dovecot daemon
# service dovecot start
You can download squirrelmail web client from http://www.squirrelmail.org/ but I have a
copy of squirrelmail which is built with MS Outlook skin and a password changer
designed to fit my PostgreSQL database. The following procedure is applicable if you use
the copy from here;
Fix permissions;
# chown -R root:root /usr/local/squirrelmail/
# chown -R apache:apache /usr/local/squirrelmail/data
# chmod 0755 /usr/local/squirrelmail/data
# chcon -R -u system_u -t httpd_sys_content_t /usr/local/squirrelmail/
Configure clamsmtpd;
# vi /etc/clamsmtpd.conf
7. Postfix Installation;
Download and extract the source, please check the site and
take the latest as possible;
# wget -O –
http://puzzle.dl.sourceforge.net/sourceforge/pam-pgsql/pam-
pgsql-0.7.tar.gz | tar -zxf -
Start to compile;
# ./configure
# make
Install now;
# make install
Configure pam_pgsql;
# vi /etc/pam_pgsql.conf
host = localhost
database = mail
user = mail
table = users
user_column = userid
pwd_column = password
expired_column = expired
newtok_column = newtok
debug = 0
pw_type = crypt
#%PAM-1.0
#auth include system-auth
#account include system-auth
Configure /usr/lib/sasl2/smtpd.conf;
# vi /usr/lib/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: login plain
SOCKETDIR=/var/run/saslauthd
MECH=pam
FLAGS=-r
Disable selinux protection for saslauthd;
# setsebool -P saslauthd_disable_trans=on && service
saslauthd restart
Test SASL;
# testsaslauthd -u test@geroleo.com -p 1234 -s smtp
10. Postfix Configuration, the heart of the system. Please read the documents located
in /usr/share/doc/postfix*/ to learn more about postfix and to know how it works.
# cd /etc/postfix
myorigin = $myhostname
mynetworks = localhost.localdomain $myhostname
mydestination = localhost.localdomain $myhostname
mailbox_size_limit = 0
message_size_limit = 0
virtual_mailbox_limit = 0
#Cyrus SASL
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $mydomain
unknown_local_recipient_reject_code = 450
# SpamAssassin
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
smtpd_helo_required = yes
# ClamAV
content_filter = scan:[127.0.0.1]:10025
receive_override_options = no_address_mappings
# Others
header_checks = regexp:/etc/postfix/regexp_header
# Added by postfix
readme_directory = /usr/share/doc/postfix-
2.3.3/README_FILES
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail
html_directory = no
setgid_group = postdrop
command_directory = /usr/sbin
manpage_directory = /usr/share/man
daemon_directory = /usr/libexec/postfix
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
queue_directory = /var/spool/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 450
# vi transport.cf
user=mail
password=”
dbname=mail
table=transport
select_field=transport
where_field=domain
hosts=localhost
# vi uids.cf
user=mail
password=”
dbname=mail
table=users
select_field=uid
where_field=userid
hosts=localhost
# vi gids.cf
user=mail
password=”
dbname=mail
table=users
select_field=gid
where_field=userid
hosts=localhost
# vi mailboxes.cf
user=mail
password=”
dbname=mail
table=mailboxes
select_field=mailbox
where_field=userid
hosts=localhost
# vi virtual_domains.cf
user=mail
password=”
dbname=mail
table=domains
select_field=domain
where_field=domain
hosts=localhost
# vi virtual_aliases.cf
user=mail
password=”
dbname=mail
table=aliases
select_field=address
where_field=userid
hosts=localhost
#!/bin/bash
spamassassin -e | /usr/sbin/sendmail.postfix -i “$@”
exit $?
Add user & group spamassassin with uid/gid 106, this is for
security reasons;
# groupadd -g 106 spamassassin
# useradd -g 106 -u 106 spamassassin
dGVzdEBnZXJvbGVvLmNvbQB0ZXN0QGdlcm9sZW8uY29tADEyMzQ=
0 5 * * * /var/dcc/libexec/cron-dccd
Switch to terminal 1;
$ pyzor discover
Switch to terminal 2;
# vi /etc/mail/spamassassin/local.cf
use_bayes 1
bayes_auto_learn 1
bayes_auto_learn 1
bayes_path /var/lib/spamassassin/bayes/bayes
bayes_file_mode 0666
use_razor2 1
use_pyzor 1
use_dcc 1
dcc_path /usr/local/bin/dccproc
dcc_body_max 999999
dcc_timeout 10
dcc_fuz1_max 999999
dcc_fuz2_max 999999
dcc_home /var/dcc
# mkdir /var/lib/spamassassin/bayes/
# touch /var/lib/spamassassin/bayes/bayes
# chown -R spamassassin:spamassassin
/var/lib/spamassassin/bayes/
# tail -f /var/log/maillog