Skip to content

Recentste berichten

  • After 13 and a bit it’s time for 13!
  • Na 13 en een beetje, komt 13?
  • Dining-out!
  • Lekker eten
  • Special night

Most Used Categories

  • Algemeen (190)
  • Algemeen @en (106)
  • Werk (83)
  • Lekker (eten en drinken) (55)
    • Recepten (8)
  • Motor (36)
  • Trouwen (27)
  • Fiets (25)
Skip to content

tom.scholten.nu

Tom's personal log

Subscribe
  • About me
  • Archief
    • CMS Framework
    • Postfix LDAP Howto
      • Postfix LDAP Howto
      • Postfix LDAP Howto v2.0 part two
    • Scroller.txt
  • Archive
  • aXBo – Testing
  • Cookie Policy
  • iPad
  • iPad
  • iPhone
    • iPhone (1.0)
      • Modem/proxy usage
    • iPhone (2.0)
  • iPhone
  • LoBySS
  • LoBySS
  • Music
  • Muziek
    • Never ending story (Limahl)
    • SnoWMusic
    • The Load out / Stay (just a little bit longer)
  • OSX Tools and Stuff
  • OSX Tools and Stuff
  • Over mij
  • Postfix LDAP Howto v2.1
  • Postfix LDAP Howto v2.1
  • Postfix MySQL howto v1.0
  • Recipes
  • Speedtouch SIP spoof (716)
  • WPG2
  • Wiki

Postfix LDAP Howto v2.0 part two

.

.

.

.

.

.

.

.

.

.

.This howto is outdated and kept here for historical purposes, please proceed to the newer version by following this link.

.

.

.

.

.

.

[lang_en]

ClamAV, virusscanner

ClamAV uses /usr/local/etc/clamav.conf for configuration, the only changes made were

  • changed localsocket to /var/amavis/clamd
  • changed user to vscan

OpenLDAP scripts

Using the script provide below we can add users, according to the domain setup shown below using the following commands example

  • ./ldapadduser.pl vivian example.org “Secret123” mailbox | ldapadd -x -D ‘cn=Manager,dc=example,dc=org’ -w secret
  • ./ldapadduser.pl alexander example.org “Dog=Cr@zy” mailbox | ldapadd -x -D ‘cn=Manager,dc=example,dc=org’ -w secret
  • ./ldapadduser.pl roland_dg example.org “a1zihw” mailbox | ldapadd -x -D ‘cn=Manager,dc=example,dc=org’ -w secret
  • ./ldapadduser.pl postmaster example.org alexander@example.org,vivian@example.org alias | ldapadd -x -D ‘cn=Manager,dc=example,dc=org’ -w secret
  • ./ldapadduser.pl webmaster example.org john@webbuilders.com alias | ldapadd -x -D ‘cn=Manager,dc=example,dc=org’ -w secret
  • ./ldapadduser.pl “*” example.org vivian@example.org alias | ldapadd -x -D ‘cn=Manager,dc=example,dc=org’ -w secret

somenudomain.nu

  • ./ldapadduser.pl ian somenudomain.nu “vivian” mailbox | ldapadd -x -D ‘cn=Manager,dc=example,dc=org’ -w secret
  • ./ldapadduser.pl postmaster somenudomain.nu alexander@example.org alias | ldapadd -x -D ‘cn=Manager,dc=example,dc=org’ -w secret
  • ./ldapadduser.pl webmaster somenudomain.nu “w3bs1t3” mailbox | ldapadd -x -D ‘cn=Manager,dc=example,dc=org’ -w secret

someoldaccount.demon.org

  • ./ldapadduser.pl “*” someoldaccount.demon.org @somenudomain.nu alias | ldapadd -x -D ‘cn=Manager,dc=example,dc=org’ -w secret

domain3.org

  • ./ldapadduser.pl postmaster domain3.org alexander@example.org alias | ldapadd -x -D ‘cn=Manager,dc=example,dc=org’ -w secret
  • ./ldapadduser.pl webmaster domain3.org alexander@example.org alias | ldapadd -x -D ‘cn=Manager,dc=example,dc=org’ -w secret

And so, we should have created a tree looking like this, with vivian@example.org receiving all ‘non-existing-mailbox’ mail from example.org and all mail from ‘someoldaccount.demon.org’ delivered to somenudomain.nu (so you can email ian@someoldaccount.demon.org and still reach ian, whom (ofcourse) should have procmail or so set up to warn people about his changed domain name, but that’s outside the scope of this document). Also mind that postmaster@example.org is delivered to BOTH alexander AND vivian. The add-script just makes to ‘maildrop’s in the LDAP tree!


Configure postfix

Changes to postfix’ main.cf, also change other settings to customize you’re requirements. Setting ‘soft_bounce=yes’ for testing purposes while starting out using you’re new mailserver would be a wise decision!

# Transports

transport_server_host = localhost

transport_search_base = dc=mail,dc=example,dc=org

transport_query_filter = (&(dc=%s)(objectClass=mailDomain)(accountActive=TRUE)(delete=FALSE))

transport_result_attribute = postfixTransport

#transport_cache = yes

transport_bind = no

transport_scope = one

# Aliases

aliases_server_host = localhost

aliases_search_base = dc=mail,dc=example,dc=org

aliases_query_filter = (&(objectClass=mailAlias)(mail=%s)(accountActive=TRUE))

aliases_result_attribute = maildrop

aliases_bind = no

#aliases_cache = yes

# Accounts

accounts_server_host = localhost

accounts_search_base = dc=mail,dc=example,dc=org

accounts_query_filter = (&(objectClass=mailAccount)(mail=%s)(accountActive=TRUE)(delete=FALSE))

accounts_result_attribute = mailbox

accounts_bind = no

#accounts_cache = yes

accountsmap_server_host = localhost

accountsmap_search_base = dc=mail,dc=example,dc=org

accountsmap_query_filter = (&(objectClass=mailAccount)(mail=%s)(accountActive=TRUE)(delete=FALSE))

accountsmap_result_attribute = mail

accountsmap_bind = no

#accountsmap_cache = yes

# Transport map

transport_maps = ldap:transport

mydestination = $myhostname, localhost.$mydomain, $mydomain, mail.$mydomain, $transport_maps

# Virtual maps

virtual_maps = ldap:aliases, ldap:accountsmap

# Virtual accounts

virtual_mailbox_base = /usr/virtual

virtual_mailbox_maps = ldap:accounts

virtual_minimum_uid = 2000

virtual_uid_maps = static:2000

virtual_gid_maps = static:2000

# Local accounts

local_alias_maps = hash:/etc/aliases

local_recipient_maps = $local_alias_maps unix:passwd.byname

# local_transport should set to "virtual" to deliver mail to local VirtualAccount

# 's $HOME direcotry . or not set here, mail delivery would be failure

local_transport = virtual

local_recipient_maps = $alias_maps unix:passwd.byname $virtual_mailbox_maps

# AMAVIS

content_filter = smtp-amavis:[127.0.0.1]:10024

Changes to postfix’ master.cf (optionally replace the ‘y’ with ‘n’ depending on you’re chroot wishes). Make sure ‘virtual’ and ‘maildrop’ also exist in master.cf

smtp-amavis unix -      -       y     -       2  smtp

-o smtp_data_done_timeout=1200

-o smtp_send_xforward_command=yes

-o disable_dns_lookups=yes

127.0.0.1:10025 inet n  -       y     -       -  smtpd

-o content_filter=

-o local_recipient_maps=

-o relay_recipient_maps=

-o smtpd_restriction_classes=

-o smtpd_client_restrictions=

-o smtpd_helo_restrictions=

-o smtpd_sender_restrictions=

-o smtpd_recipient_restrictions=permit_mynetworks,reject

-o mynetworks=127.0.0.0/8

-o strict_rfc821_envelopes=yes

-o smtpd_error_sleep_time=0

-o smtpd_soft_error_limit=1001

-o smtpd_hard_error_limit=1000

Starting you’re mailserver

Next again edit /etc/rc.conf to disable sendmail and enable postfix Insert

  • sendmail_enable=”NONE”

Comment out/remove

  • sendmail_enable=”YES”
  • sendmail_flags=”-bd”
  • sendmail_pidfile=”/var/spool/postfix/pid/master.pid”
  • sendmail_outbound_enable=”NO”
  • sendmail_submit_enable=”NO”
  • sendmail_msp_queue_enable=”NO”

Now would be a great time to start postfix, but before you do touch /var/log/maillog and open a second terminal, screen or whatever and do a tail -f /var/log/maillog there (as well as maybe a tail on /var/log/messages) to see what’s going on. Now you’re ready to start postfix simply by typing postfix start


Verify mail sending and receiving

Verify that you can send mail by sending yourself mail. If using an address@example.org which is an alias (pointing outside one of the domains for wich your new postfix server receives mail) please check you’re headers and confirm their ok. If receiving on a mailbox address (at your new postfix server), look in /usr/virtual and confirm you have a new directory named example.org (depending on the recipient). Below that directory your mailbox name (as a directory) should emerge, containing various maildir files. Besides checking that your mail was received also check the headers!

Note that users of a mailbox should have received at least one email to have their directory (and maildir files) in place When you create a new mailbox (not alias), you should send the new user a ‘welcome’ mail of some kind to let postfix create their ‘homedirectory’ in /usr/virtual. When omitted the user will receive an error when checking mail (either via imap/pop or when using webmail)


Documents and resources used

Besides RTFM on various packages used to install a number of special resources will be named below the packages linklist; (in no particular order)

  • Postfix, MTA used
  • Spam tagging software
  • LDAP software
  • Webmail software
  • Mailinglist software (when done, you could add mailinglists, not captured in this document)
  • ClamAV Antivirus software
  • Short for [A] [MA]il [VI]rus [S]canner
  • Apache webserver for webmail and admin (php) interface
  • The admin interface was build using php

Most usefull to produce this document was :http://janus.errornet.de/ with his pdf and schema ((mirrored here) pdf and schema)


Others resources used

  • http://jamm.sourceforge.net everything else seems to be based upon this
  • http://www.vriesman.tk detailed enough for me

Tom Scholten is Unix specialist with Snow B.V., a Dutch Technical Consultancy Company supplying specialists in the field of Networking and Unix
 

 

 


[/lang_en]

 

 

 

Geef een reactie

Your email address will not be published. Required fields are marked *

Copyright All Rights Reserved | Theme: BlockWP by Candid Themes.