Postfix: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
Line 10: | Line 10: | ||
apt-get install popa3d | apt-get install popa3d | ||
# get rid of the postfix pop daemon | # get rid of the postfix pop daemon | ||
/etc/logrotate.d/postfix: | |||
------------------------------ | |||
/var/log/mail/popa3d.log /var/log/mail/mail.err /var/log/mail/mail.info /var/log/mail/mail.warn /var/log/mail/mail.log { | |||
prerotate | |||
/opt/triphost/statisticstripghostmail.sh | |||
endscript | |||
daily | |||
missingok | |||
rotate 7 | |||
compress | |||
delaycompress | |||
notifempty | |||
create 640 root adm | |||
------------------------------ | |||
add the following to /etc/rsyslogd.conf | |||
!popa3d | |||
*.* /var/log/mail/popa3d.log | |||
touch /var/log/mail/popa3d.log | |||
</pre> | </pre> | ||
Revision as of 13:00, 15 September 2009
Changes for a new install on Debian: /etc/postfix touch relay-domains touch virtual touch virtual-domains touch transport #This is the list of domains we will transport mail for over smtp, using different protocols. # This is a hashfile, so postmap transport after editing. apt-get install popa3d # get rid of the postfix pop daemon /etc/logrotate.d/postfix: ------------------------------ /var/log/mail/popa3d.log /var/log/mail/mail.err /var/log/mail/mail.info /var/log/mail/mail.warn /var/log/mail/mail.log { prerotate /opt/triphost/statisticstripghostmail.sh endscript daily missingok rotate 7 compress delaycompress notifempty create 640 root adm ------------------------------ add the following to /etc/rsyslogd.conf !popa3d *.* /var/log/mail/popa3d.log touch /var/log/mail/popa3d.log
Check configuration postconf -n /etc/postfix/virtual # In order to translate any mailbox address from one domain to a mapped user on another domain add the following entries: # account1@olddomain.ext account1 # account2@olddomain.ext account2 # newdomain.ext DOMAIN # @newdomain.ext @olddomain.ext # this will ensure that account1@olddomain.ext AND account1@newdomain.ext is delivered to account1 and account2@[newdomain or olddomain].ext goes to account2 # After changing this file run # postmap virtual # Catchalls are set up with # @domain.ext userid /etc/postfix/virtual-domains # This file contains the domains for which postfix will accept email # It's not a hash file, so no need to run postmap on it.
These are the /etc/postfix/main.cf edits
# Tripany edits sage_size_limit = 15000000 # Add virtual accounts and all the domains into these two files virtual_alias_maps = hash:/etc/postfix/virtual virtual_alias_domains = /etc/postfix/virtual-domains virtual_mailbox_base = /var/spool/mail smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, permit smtpd_client_restrictions = permit_mynetworks, reject_rbl_client sbl.spamhaus.org, permit smtpd_helo_restrictions = reject_invalid_hostname, permit smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname, permit smtpd_sender_restrictions = reject_unknown_sender_domain, permit smtpd_sender_restrictions = warn_if_reject, reject_unknown_sender_domain, permit smtpd_helo_required = yes disable_vrfy_command = yes default_process_limit = 100 # This is what postfix will act as an SMTP server for relay_domains = /etc/postfix/relay-domains # For delayed delivery using etrn defer_transports = etrn-only fast_flush_domains = $relay_domains smtpd_etrn_restrictions = permit_mynetworks, reject # This is all added for Mailman transport_maps = hash:/etc/postfix/transport mailman_destination_recipient_limit = 1 maximal_queue_lifetime = 5d ### ANTI SPAM MEASURES # # The commented lines kills a tad too much # (kept for educaitonal use) # # smtpd_helo_required = yes smtpd_sender_restrictions = reject_unknown_address smtpd_recipient_restrictions = # reject_invalid_hostname, # reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client zombie.dnsbl.sorbs.net, # reject_rbl_client relays.ordb.org, # reject_rbl_client opm.blitzed.org, # reject_rbl_client list.dsbl.org, reject_rbl_client sbl.spamhaus.org, permit # prevent backscatter local_recipient_maps = proxy:unix:passwd.byname $alias_maps
To accept messages in the mailqueue and defer them untill the primary MX server is up again, add the domain.ext to /etc/postfix/relay-domains and in transport add domain.ext etrn-only: The mail will then be delivered when sendmail -q is sent, or when telnet mailserver 25, helo originating.domain etrn defermaildomain.ext mails get defered - you can see them in mailq also in /var/spool/postfix/flush/ (see also http://lists.freebsd.org/pipermail/freebsd-questions/2006-February/112246.html http://www.postfix.org/ETRN_README.html http://archives.neohapsis.com/archives/postfix/2001-07/0730.html) postfix reload reloads the config http://wiki.ev-15.com/debian:mail_system for how to set up squirrelmail and cyrus for IMAP with postfix
You can also force the queue delivery by running
postqueue -f
or deliver a specific message by
postsuper -r queue_id
You can see the structure of the queues by using
qshape
you can see the active / incoming / deferred / hold queues by doing
qshape deferred
you may have to wait a bit for the output though.
To kill all deferred messages in the queue you can use
postsuper -d ALL deferred
An example from http://sysop.com.cn/document/Postfix.The.Definitive.Guide/0596002122_postfix-chp-5-sect-2.html
Example 5-1. Perl script to delete queued messages by email address #!/usr/bin/perl -w # # pfdel - deletes message containing specified address from # Postfix queue. Matches either sender or recipient address. # # Usage: pfdel <email_address> # use strict; # Change these paths if necessary. my $LISTQ = "/usr/sbin/postqueue -p"; my $POSTSUPER = "/usr/sbin/postsuper"; my $email_addr = ""; my $qid = ""; my $euid = $>; if ( @ARGV != 1 ) { die "Usage: pfdel <email_address>\n"; } else { $email_addr = $ARGV[0]; } if ( $euid != 0 ) { die "You must be root to delete queue files.\n"; } open(QUEUE, "$LISTQ |") || die "Can't get pipe to $LISTQ: $!\n"; my $entry = <QUEUE>; # skip single header line $/ = ""; # Rest of queue entries print on # multiple lines. while ( $entry = <QUEUE> ) { if ( $entry =~ / $email_addr$/m ) { ($qid) = split(/\s+/, $entry, 2); $qid =~ s/[\*\!]//; next unless ($qid); # # Execute postsuper -d with the queue id. # postsuper provides feedback when it deletes # messages. Let its output go through. # if ( system($POSTSUPER, "-d", $qid) != 0 ) { # If postsuper has a problem, bail. die "Error executing $POSTSUPER: error " . "code " . ($?/256) . "\n"; } } } close(QUEUE); if (! $qid ) { die "No messages with the address <$email_addr> " . "found in queue.\n"; } exit 0;
Postgrey is a greylister that rejects email from a server on the first try, using the fact that most spammers do not retry to send their email, whereas almost all normal mail servers do.