DokuWiki

Site Tools

Trace:
service:postfix

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
service:postfix [2016/07/08 07:48] – created sloaderservice:postfix [2024/01/02 06:25] (current) – [install] sloader
Line 1: Line 1:
 +==== install ====
 +<code>
 +net-libs/courier-authlib ldap
 +net-mail/courier-imap fam gdbm
 +dev-libs/cyrus-sasl authdaemond openldap ssl urandom
 +mail-mta/postfix ldap sasl ssl eai lmdb
 +</code>
 +==== set in /etc/postfix/main.cf ====
 +<code>
 +myhostname = post.lionsoft.org
 +mydomain = lionsoft.org
 +mynetworks_style = host
 +
 +virtual_uid_maps = static:5000
 +virtual_gid_maps = static:5000
 +virtual_mailbox_base = /var/vmail
 +virtual_mailbox_domains = lionsoft.org,forgottenroots.de,mightymice.org,metzmachers.de,watzhahn.de,post.lionsoft.org
 +virtual_mailbox_maps = ldap:/etc/postfix/ldap_mailbox_maps.cf
 +virtual_alias_maps = ldap:/etc/postfix/ldap_alias_maps.cf
 +
 +smtp_tls_security_level = may
 +tls_random_source = dev:/dev/urandom
 +smtp_tls_loglevel = 1
 +smtpd_tls_loglevel = 1
 +smtpd_tls_cert_file = /etc/postfix/cert-20160309-074522.pem
 +smtpd_tls_received_header = yes
 +smtpd_tls_security_level = may
 +smtpd_use_tls = yes
 +smtpd_tls_key_file = /etc/postfix/key-20160309-074522.pem
 +smtpd_tls_auth_only = yes
 +smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3
 +smtp_tls_mandatory_protocols=!SSLv2,!SSLv3
 +smtpd_tls_protocols=!SSLv2,!SSLv3
 +smtp_tls_protocols=!SSLv2,!SSLv3
 +
 +smtpd_sasl_auth_enable = yes
 +smtpd_sasl_security_options = noanonymous, noplaintext
 +smtpd_sasl_tls_security_options = noanonymous
 +smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
 +</code>
 +
 +==== set in /etc/postfix/ldap_mailbox_maps.cf ====
 +<code>
 +server_host = ldap://127.0.0.1/
 +search_base = ou=mailuser,dc=lionsoft,dc=org
 +version = 3
 +bind = yes
 +bind_dn = cn=mailadmin,dc=lionsoft,dc=org
 +bind_pw = test1234
 +query_filter = (&(objectclass=inetOrgPerson)(uid=%s))
 +result_attribute = mail
 +debug_level = 0
 +</code>
 +
 +==== set in /etc/postfix/ldap_alias_maps.cf ====
 +<code>
 +server_host = ldap://127.0.0.1/
 +search_base = ou=mailvirtual,dc=lionsoft,dc=org
 +version = 3
 +bind = yes
 +bind_dn = cn=mailadmin,dc=lionsoft,dc=org
 +bind_pw = test1234
 +query_filter = (&(objectclass=inetOrgPerson)(cn=%s))
 +result_attribute = mail
 +debug_level = 0
 +</code>
 +
 +==== set in /etc/sasl2/smtpd.conf ====
 +<code>
 +pwcheck_method:authdaemond
 +mech_list: PLAIN LOGIN
 +log_level: 0
 +authdaemond_path: /var/lib/courier/authdaemon/socket
 +</code>
 +
 +==== set in /etc/conf.d/saslauthd ====
 +<code>
 +SASLAUTHD_OPTS="-a rimap -O localhost"
 +</code>
 +
 +
 +==== set in /etc/courier/authlib/authdaemonrc ====
 +<code>
 +authmodulelist="authldap"
 +</code>
 +
 +==== set in /etc/courier/authlib/authldaprc ====
 +<code>
 +LDAP_URI ldap://127.0.0.1/
 +LDAP_BASEDN ou=mailuser,dc=lionsoft,dc=org
 +LDAP_BINDDN cn=mailadmin,dc=lionsoft,dc=org
 +LDAP_BINDPW test1234
 +LDAP_MAIL uid
 +LDAP_GLOB_UID vmail
 +LDAP_GLOB_GID vmail
 +LDAP_MAILDIR mail
 +#LDAP_CLEARPW clearPassword
 +
 +</code>
 +
 +
 ==== test postfix for tls ==== ==== test postfix for tls ====
 <code> <code>
Line 25: Line 126:
 AGptczFAam1zMS5uZXQAbm90Lm15LnJlYWwucGFzc3dvcmQ= AGptczFAam1zMS5uZXQAbm90Lm15LnJlYWwucGFzc3dvcmQ=
  
-% openssl s_client -starttls smtp -crlf -connect lionsoft.org:25+% openssl s_client -starttls smtp -crlf -ign_eof -connect lionsoft.org:25
 ... ...
 % EHLO post.lionsoft.org % EHLO post.lionsoft.org
service/postfix.1467964123.txt.gz · Last modified: by sloader