Postfix: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
Line 6: | Line 6: | ||
touch virtual-domains | touch virtual-domains | ||
touch transport | touch transport | ||
touch aliases | |||
postmap aliases | |||
postmap virtual | |||
postmap transport | |||
#This is the list of domains we will transport mail for over smtp, using different protocols. | #This is the list of domains we will transport mail for over smtp, using different protocols. | ||
# This is a hashfile, so postmap transport after editing. | # This is a hashfile, so postmap transport after editing. |
Revision as of 09:49, 10 January 2013
Changes for a new install on Debian: /etc/postfix touch relay-domains touch virtual touch virtual-domains touch transport touch aliases postmap aliases postmap virtual postmap transport #This is the list of domains we will transport mail for over smtp, using different protocols. # This is a hashfile, so postmap transport after editing. apt-get install popa3d # get rid of the postfix pop daemon edit the mail lines in /etc/rsyslog.conf to go to /var/log/mail/:wq In /etc/logrotate.d/rsyslog ----------------------------- /var/log/syslog { rotate 7 daily missingok notifempty delaycompress compress postrotate invoke-rc.d rsyslog reload > /dev/null endscript } /var/log/daemon.log /var/log/kern.log /var/log/auth.log /var/log/user.log /var/log/lpr.log /var/log/cron.log /var/log/debug /var/log/messages /var/log/mail/mail.info /var/log/mail/mail.warn /var/log/mail/mail.err /var/log/mail/mail.log /var/log/mail/popa3d.log /var/log/mail/spamd.log /var/log/mail/procmail { sharedscripts prerotate /opt/triphost/statisticstripghostmail.sh endscript rotate 7 daily missingok # notifempty compress delaycompress create 640 root adm sharedscripts postrotate /etc/init.d/rsyslog restart endscript } /etc/logrotate.d/postfix: ------------------------------ /var/log/mail/mail.log { prerotate /opt/triphost/statisticstripghostmail.sh endscript daily missingok rotate 7 compress delaycompress notifempty create 640 root adm } /var/log/mail/popa3d.log /var/log/mail/mail.err /var/log/mail/mail.info /var/log/mail/mail.warn { daily missingok rotate 7 compress delaycompress notifempty create 640 root adm } ------------------------------ add the following to /etc/rsyslogd.conf !popa3d *.* /var/log/mail/popa3d.log touch /var/log/mail/popa3d.log
Check configuration postconf -n /etc/postfix/virtual # In order to translate any mailbox address from one domain to a mapped user on another domain add the following entries: # account1@olddomain.ext account1 # account2@olddomain.ext account2 # newdomain.ext DOMAIN # @newdomain.ext @olddomain.ext # this will ensure that account1@olddomain.ext AND account1@newdomain.ext is delivered to account1 and account2@[newdomain or olddomain].ext goes to account2 # After changing this file run # postmap virtual # Catchalls are set up with # @domain.ext userid /etc/postfix/virtual-domains # This file contains the domains for which postfix will accept email # It's not a hash file, so no need to run postmap on it.
These are the /etc/postfix/main.cf edits
# Tripany edits # Prevent backscatter local_recipient_maps = proxy:unix:passwd.byname $alias_maps unverified_recipient_reject_code = 550 unverified_sender_reject_code = 550 message_size_limit = 15000000 # Add virtual accounts and all the domains into these two files virtual_alias_maps = hash:/etc/postfix/virtual virtual_alias_domains = /etc/postfix/virtual-domains # To make aliases add them to these files alias_maps = hash:/etc/postfix/aliases alias_database = hash:/etc/postfix/aliases virtual_mailbox_base = /var/spool/mail # Anti Spam measures smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unknown_recipient_domain, reject_unlisted_recipient, reject_unverified_recipient, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_non_fqdn_hostname, reject_unknown_sender_domain, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, permit smtpd_client_restrictions = permit_mynetworks, reject_rbl_client sbl.spamhaus.org, permit smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname, permit smtpd_sender_restrictions = warn_if_reject, reject_non_fqdn_sender, warn_if_reject, reject_unknown_sender_domain, warn_if_reject, reject_unknown_address, permit smtpd_data_restrictions = reject_unauth_pipelining, permit smtpd_helo_required = yes disable_vrfy_command = yes default_process_limit = 100 # This is what postfix will act as an SMTP server for relay_domains = /etc/postfix/relay-domains # For delayed delivery using etrn defer_transports = etrn-only fast_flush_domains = $relay_domains smtpd_etrn_restrictions = permit_mynetworks, reject # This is all added for Mailman transport_maps = hash:/etc/postfix/transport mailman_destination_recipient_limit = 1
To accept messages in the mailqueue and defer them untill the primary MX server is up again, add the domain.ext to /etc/postfix/relay-domains and in transport add domain.ext etrn-only: The mail will then be delivered when sendmail -q is sent, or when telnet mailserver 25, helo originating.domain etrn defermaildomain.ext mails get defered - you can see them in mailq also in /var/spool/postfix/flush/ (see also http://lists.freebsd.org/pipermail/freebsd-questions/2006-February/112246.html http://www.postfix.org/ETRN_README.html http://archives.neohapsis.com/archives/postfix/2001-07/0730.html) postfix reload reloads the config http://wiki.ev-15.com/debian:mail_system for how to set up squirrelmail and cyrus for IMAP with postfix
You can also force the queue delivery by running
postqueue -f
or deliver a specific message by
postsuper -r queue_id
You can see the structure of the queues by using
qshape
you can see the active / incoming / deferred / hold queues by doing
qshape deferred
you may have to wait a bit for the output though.
To kill all deferred messages in the queue you can use
postsuper -d ALL deferred
An example from http://sysop.com.cn/document/Postfix.The.Definitive.Guide/0596002122_postfix-chp-5-sect-2.html
Example 5-1. Perl script to delete queued messages by email address #!/usr/bin/perl -w # # pfdel - deletes message containing specified address from # Postfix queue. Matches either sender or recipient address. # # Usage: pfdel <email_address> # use strict; # Change these paths if necessary. my $LISTQ = "/usr/sbin/postqueue -p"; my $POSTSUPER = "/usr/sbin/postsuper"; my $email_addr = ""; my $qid = ""; my $euid = $>; if ( @ARGV != 1 ) { die "Usage: pfdel <email_address>\n"; } else { $email_addr = $ARGV[0]; } if ( $euid != 0 ) { die "You must be root to delete queue files.\n"; } open(QUEUE, "$LISTQ |") || die "Can't get pipe to $LISTQ: $!\n"; my $entry = <QUEUE>; # skip single header line $/ = ""; # Rest of queue entries print on # multiple lines. while ( $entry = <QUEUE> ) { if ( $entry =~ / $email_addr$/m ) { ($qid) = split(/\s+/, $entry, 2); $qid =~ s/[\*\!]//; next unless ($qid); # # Execute postsuper -d with the queue id. # postsuper provides feedback when it deletes # messages. Let its output go through. # if ( system($POSTSUPER, "-d", $qid) != 0 ) { # If postsuper has a problem, bail. die "Error executing $POSTSUPER: error " . "code " . ($?/256) . "\n"; } } } close(QUEUE); if (! $qid ) { die "No messages with the address <$email_addr> " . "found in queue.\n"; } exit 0;
Postgrey is a greylister that rejects email from a server on the first try, using the fact that most spammers do not retry to send their email, whereas almost all normal mail servers do.