Introduzine
In questa pagina ci sono delle istruzioni utili su come utilizzare Postfi+Dovecot+Horde+Mysql.
Verrà spiegato come creare un completo Mail Server con gestione utenza e domini virtuali e quota su Ubuntu Server 10.04.
In questa guida il nome del db sará maildb con user mailuser e password 1234. Verrá creato un utente di posta admin con passwd padmin e un dominio prova.it. Il server é configurato con una partizione /mail separata,
Installazione
Installare i pacchetti:
apt-get install libmldbm-perl libio-lockedfile-perl libnet-perl libcarp-clan-perl libdbi-perl libdbd-mysql-perl libnet-server-perl libio-stringy-perl
Configurare Mysql
La prima cosa da fare é creare un db che conterrá le tabelle necessarie al funzionamento del sistema. Per facilitare il lavoro creeremo un file con le instruzioni sql necessarie.
- Creare il file /etc/maildb.sql.
Inserire quanto segue:
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */; /*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */; /*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */; /*!40101 SET NAMES utf8 */; /*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */; /*!40103 SET TIME_ZONE='+00:00' */; /*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */; /*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */; /*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */; /*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */; USE mysql; REPLACE INTO user (host, user, password) VALUES ( 'localhost', 'mailuser', -- IMPORTANT: Change this password. PASSWORD('1234') ); REPLACE INTO db (host, db, user, select_priv, insert_priv, update_priv, delete_priv, create_priv, drop_priv,index_priv) VALUES ( 'localhost', 'maildb', 'mailuser', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y' ); -- Make sure that priviliges are reloaded. FLUSH PRIVILEGES; -- -- Current Database: `maildb` -- CREATE DATABASE /*!32312 IF NOT EXISTS*/ `maildb` /*!40100 DEFAULT CHARACTER SET latin1 */; USE `maildb`; -- -- Temporary table structure for view `view_aliases` -- DROP TABLE IF EXISTS `view_aliases`; /*!50001 DROP VIEW IF EXISTS `view_aliases`*/; /*!50001 CREATE TABLE `view_aliases` ( `source` varchar(100), `destination` varchar(100), `active_forward` char(1) ) */; -- -- Temporary table structure for view `view_vacation` -- DROP TABLE IF EXISTS `view_vacation`; /*!50001 DROP VIEW IF EXISTS `view_vacation`*/; /*!50001 CREATE TABLE `view_vacation` ( `email` varchar(100), `local_domains` varchar(50), `subject` varchar(100), `message` text, `active` char(1) ) */; -- -- Temporary table structure for view `view_aliases_vacation` -- DROP TABLE IF EXISTS `view_aliases_vacation`; /*!50001 DROP VIEW IF EXISTS `view_aliases_vacation`*/; /*!50001 CREATE TABLE `view_aliases_vacation` ( `source` varchar(100), `destination` varchar(255) ) */; -- -- Temporary table structure for view `view_users` -- DROP TABLE IF EXISTS `view_users`; /*!50001 DROP VIEW IF EXISTS `view_users`*/; /*!50001 CREATE TABLE `view_users` ( `email` varchar(91), `password` varchar(32), `home_path` varchar(97), `quota_kb` int(10), `active` char(1) ) */; -- -- Table structure for table `virtual_aliases` -- DROP TABLE IF EXISTS `virtual_aliases`; SET @saved_cs_client = @@character_set_client; SET character_set_client = utf8; CREATE TABLE `virtual_aliases` ( `id` int NOT NULL auto_increment, `domain_id` int NOT NULL, `source` varchar(100) NOT NULL, `destination` varchar(255) NOT NULL, `active_forward` char(1) NOT NULL default 'N', PRIMARY KEY (`id`), KEY `domain_id` (`domain_id`), CONSTRAINT `virtual_aliases_ibfk_1` FOREIGN KEY (`domain_id`) REFERENCES `virtual_domains` (`id`) ON DELETE CASCADE ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1; SET character_set_client = @saved_cs_client; -- -- Dumping data for table `virtual_aliases` -- LOCK TABLES `virtual_aliases` WRITE; /*!40000 ALTER TABLE `virtual_aliases` DISABLE KEYS */; INSERT INTO `virtual_aliases` VALUES (1,1,'admin','','N'); /*!40000 ALTER TABLE `virtual_aliases` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `virtual_vacation` -- DROP TABLE IF EXISTS `virtual_vacation`; SET @saved_cs_client = @@character_set_client; SET character_set_client = utf8; CREATE TABLE `virtual_vacation` ( `id` int NOT NULL auto_increment, `domain_id` int NOT NULL, `user` varchar(40) NOT NULL, `local_domains` varchar(50) NOT NULL, `subject` varchar(100) NOT NULL default 'I am en holiday', `message` varchar(255) NOT NULL default 'I am en holiday', `active` char(1) NOT NULL default 'n', PRIMARY KEY (`id`), KEY `domain_id` (`domain_id`), CONSTRAINT `virtual_vacation_ibfk_1` FOREIGN KEY (`domain_id`) REFERENCES `virtual_domains` (`id`) ON DELETE CASCADE ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1; SET character_set_client = @saved_cs_client; -- -- Dumping data for table `virtual_vacation` -- LOCK TABLES `virtual_vacation` WRITE; /*!40000 ALTER TABLE `virtual_vacation` DISABLE KEYS */; INSERT INTO `virtual_vacation` VALUES (1,1,'admin','','I am en holiday','I am en holiday','n'); /*!40000 ALTER TABLE `virtual_vacation` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `virtual_domains` -- DROP TABLE IF EXISTS `virtual_domains`; SET @saved_cs_client = @@character_set_client; SET character_set_client = utf8; CREATE TABLE `virtual_domains` ( `id` int NOT NULL auto_increment, `name` varchar(50) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1; SET character_set_client = @saved_cs_client; -- -- Table structure for table `transport` -- DROP TABLE IF EXISTS `transport`; SET @saved_cs_client = @@character_set_client; SET character_set_client = utf8; CREATE TABLE `transport` ( `id` int NOT NULL auto_increment, `domain` varchar(50) NOT NULL, `transport` varchar(50) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1; SET character_set_client = @saved_cs_client; -- -- Dumping data for table `virtual_domains` -- LOCK TABLES `virtual_domains` WRITE; /*!40000 ALTER TABLE `virtual_domains` DISABLE KEYS */; INSERT INTO `virtual_domains` VALUES (1,'prova.it'); /*!40000 ALTER TABLE `virtual_domains` ENABLE KEYS */; UNLOCK TABLES; -- -- Dumping data for table `transport` -- LOCK TABLES `transport` WRITE; /*!40000 ALTER TABLE `transport` DISABLE KEYS */; INSERT INTO `transport` VALUES (1,'autoreply.prova.it', 'yaa'); /*!40000 ALTER TABLE `transport` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `virtual_users` -- DROP TABLE IF EXISTS `virtual_users`; SET @saved_cs_client = @@character_set_client; SET character_set_client = utf8; CREATE TABLE `virtual_users` ( `id` int NOT NULL auto_increment, `domain_id` int NOT NULL, `user` varchar(40) NOT NULL, `password` varchar(32) NOT NULL, `quota` int NOT NULL default '0', `active` char(1) NOT NULL default 'Y', PRIMARY KEY (`id`), UNIQUE KEY `UNIQUE_EMAIL` (`domain_id`,`user`), CONSTRAINT `virtual_users_ibfk_1` FOREIGN KEY (`domain_id`) REFERENCES `virtual_domains` (`id`) ON DELETE CASCADE ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1; SET character_set_client = @saved_cs_client; -- -- Dumping data for table `virtual_users` -- LOCK TABLES `virtual_users` WRITE; /*!40000 ALTER TABLE `virtual_users` DISABLE KEYS */; INSERT INTO `virtual_users` VALUES (1,1,'admin','6589c59cab273225e6662a1b1558e92b',3072,'Y'); /*!40000 ALTER TABLE `virtual_users` ENABLE KEYS */; UNLOCK TABLES; -- -- Current Database: `maildb` -- USE `maildb`; -- -- Final view structure for view `view_aliases` -- /*!50001 DROP TABLE `view_aliases`*/; /*!50001 DROP VIEW IF EXISTS `view_aliases`*/; /*!50001 CREATE ALGORITHM=UNDEFINED */ /*!50013 DEFINER=`root`@`localhost` SQL SECURITY DEFINER */ /*!50001 VIEW `view_aliases` AS select concat(`virtual_aliases`.`source`,_latin1'@',`virtual_domains`.`name`) AS `source`,`virtual_aliases`.`destination` AS `destination`,`virtual_aliases`.`active_forward` AS `active_forward` from (`virtual_aliases` left join `virtual_domains` on((`virtual_aliases`.`domain_id` = `virtual_domains`.`id`))) */; -- -- Final view structure for view `view_vacation` -- /*!50001 DROP TABLE `view_vacation`*/; /*!50001 DROP VIEW IF EXISTS `view_vacation`*/; /*!50001 CREATE ALGORITHM=UNDEFINED */ /*!50013 DEFINER=`root`@`localhost` SQL SECURITY DEFINER */ /*!50001 VIEW `view_vacation` AS select concat(`virtual_vacation`.`user`,_latin1'@',`virtual_domains`.`name`) AS `email`, concat(_latin1'autoreply.',`virtual_domains`.`name`) AS `local_domains`,`virtual_vacation`.`subject` AS `subject`,`virtual_vacation`.`message` AS `message`,`virtual_vacation`.`active` AS `active` from (`virtual_vacation` left join `virtual_domains` on((`virtual_vacation`.`domain_id` = `virtual_domains`.`id`))) */; -- -- Final view structure for view `view_aliases_vacation` -- /*!50001 DROP TABLE `view_aliases_vacation`*/; /*!50001 DROP VIEW IF EXISTS `view_aliases_vacation`*/; /*!50001 CREATE ALGORITHM=UNDEFINED */ /*!50013 DEFINER=`root`@`localhost` SQL SECURITY DEFINER */ /*!50001 VIEW `view_aliases_vacation` AS select concat(`virtual_aliases`.`source`,_latin1'@',`virtual_domains`.`name`) AS `source`, concat(`virtual_aliases`.`source`,_latin1'@',`virtual_domains`.`name`,_latin1', ',`virtual_aliases`.`source`,_latin1'@autoreply.',`virtual_domains`.`name`)AS destination from (`virtual_aliases` left join `virtual_domains` on((`virtual_aliases`.`domain_id` = `virtual_domains`.`id`))) */; -- -- Final view structure for view `view_users` -- /*!50001 DROP TABLE `view_users`*/; /*!50001 DROP VIEW IF EXISTS `view_users`*/; /*!50001 CREATE ALGORITHM=UNDEFINED */ /*!50013 DEFINER=`root`@`localhost` SQL SECURITY DEFINER */ /*!50001 VIEW `view_users` AS select concat(`virtual_users`.`user`,_latin1'@',`virtual_domains`.`name`) AS `email`,`virtual_users`.`password` AS `password`,concat(_latin1'/mail/',`virtual_domains`.`name`,_latin1'/',`virtual_users`.`user`) AS `home_path`,`virtual_users`.`quota` AS `quota_kb`,`virtual_users`.`active` AS `active` from (`virtual_users` left join `virtual_domains` on((`virtual_users`.`domain_id` = `virtual_domains`.`id`))) */; /*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */; /*!40101 SET SQL_MODE=@OLD_SQL_MODE */; /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */; /*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */; /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */; /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */; /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; -- -- Final db -- - Importare il db creato.
In un terminale digitare:
sudo mysql --user=root --password=psql1 < /etc/maildb.sql
Configurare Postfix
- Creare l'utente e gruppo per gestire il tutto
In un terminale digitare:
sudo groupadd vmail -g 5000 sudo useradd vmail -u 5000 -g 5000 -s /bin/false -d /mail
Modificare il file /etc/postfix/main.cf.
Aggiungere o modificare le seguenti linee in base alle vostre esigenze:
# TLS parameters #smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem #smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_cert_file=/etc/ssl/certs/server.crt smtpd_tls_key_file=/etc/ssl/private/server.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_auth_only = yes # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. smtpd_sasl_auth_enable=yes smtpd_sasl_type=dovecot smtpd_sasl_path=private/auth smtpd_sasl_authenticated_header = yes smtpd_sasl_security_options = noplaintext, noanonymous smtpd_sasl_tls_security_options = noanonymous smtpd_sender_restrictions = permit_mynetworks permit_sasl_authenticated warn_if_reject reject_non_fqdn_sender reject_unknown_sender_domain reject_unauth_pipelining permit smtpd_client_restrictions = permit_mynetworks reject_rbl_client sbl.spamhaus.org reject_rbl_client blackholes.easynet.nl reject_rbl_client dnsbl.njabl.org smtpd_recipient_restrictions = reject_unauth_pipelining permit_mynetworks permit_sasl_authenticated reject_unauth_destination reject_invalid_helo_hostname warn_if_reject reject_non_fqdn_helo_hostname warn_if_reject reject_unknown_helo_hostname warn_if_reject reject_unknown_client reject_non_fqdn_sender reject_non_fqdn_recipient reject_unknown_sender_domain reject_unknown_recipient_domain reject_rbl_client zen.spamhaus.org reject_rbl_client bl.spamcop.net reject_rbl_client dnsbl.sorbs.net=127.0.0.2 reject_rbl_client dnsbl.sorbs.net=127.0.0.3 reject_rbl_client dnsbl.sorbs.net=127.0.0.4 reject_rbl_client dnsbl.sorbs.net=127.0.0.5 reject_rbl_client dnsbl.sorbs.net=127.0.0.7 reject_rbl_client dnsbl.sorbs.net=127.0.0.9 reject_rbl_client dnsbl.sorbs.net=127.0.0.11 reject_rbl_client dnsbl.sorbs.net=127.0.0.12 warn_if_reject reject_rhsbl_sender dsn.rfc-ignorant.org warn_if_reject reject_rhsbl_sender abuse.rfc-ignorant.org warn_if_reject reject_rhsbl_sender whois.rfc-ignorant.org warn_if_reject reject_rhsbl_sender bogusmx.rfc-ignorant.org warn_if_reject reject_rhsbl_sender postmaster.rfc-ignorant.org permit smtpd_helo_restrictions = permit_mynetworks warn_if_reject reject_non_fqdn_hostname reject_invalid_hostname permit smtpd_data_restrictions = reject_unauth_pipelining reject_multi_recipient_bounce myhostname = server.prova.it myorigin = /etc/mailname mydestination = local_recipient_maps = relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 recipient_delimiter = + inet_interfaces = all virtual_mailbox_domains = mysql:/etc/postfix/mysql_domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_mailbox.cf virtual_alias_maps = mysql:/etc/postfix/mysql_alias.cf, mysql:/etc/postfix/mysql_vacation.cf transport_maps = mysql:/etc/postfix/mysql_transport.cf mailbox_command = /usr/lib/dovecot/deliver virtual_minimum_uid = 107 virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 virtual_transport = dovecot dovecot_destination_recipient_limit = 1 sender_canonical_maps = hash:/etc/postfix/sender_canonical recipient_canonical_maps = hash:/etc/postfix/recipient_canonical content_filter = smtp-amavis:[127.0.0.1]:10024 receive_override_options = no_address_mappingsModificare il file /etc/postfix/master.cf.
Aggiungere o modificare le seguenti linee:
smtp inet n - n - - smtpd dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient} yaa unix - n n - - pipe user=vmail argv=/usr/local/yaa-0.3.1/bin/yaa.pl smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks -o local_header_rewrite_clients=Creare il file /etc/postfix/mysql_domains.cf.
Inserire quanto segue:
user = mailuser password = 1234 hosts = 127.0.0.1 dbname = maildb query = SELECT 1 FROM virtual_domains WHERE name='%s'
Creare il file /etc/postfix/mysql_mailbox.cf.
Inserire quanto segue:
user = mailuser password = 1234 hosts = 127.0.0.1 dbname = maildb query = SELECT 1 FROM view_users WHERE email='%s' AND active = 'Y'
Creare il file /etc/postfix/mysql_alias.cf.
Inserire quanto segue:
user = mailuser password = 1234 hosts = 127.0.0.1 dbname = maildb query = SELECT destination FROM view_aliases WHERE source='%s' AND active_forward='Y'
Creare il file /etc/postfix/mysql_transport.cf.
Inserire quanto segue:
user = mailuser password = 1234 hosts = 127.0.0.1 dbname = maildb query = SELECT transport FROM transport WHERE domain='%d'
Creare il file /etc/postfix/mysql_vacation.cf.
Inserire quanto segue:
user = mailuser password = 1234 hosts = 127.0.0.1 dbname = maildb query = SELECT destination FROM view_aliases_vacation WHERE source='%s'
Creare il file /etc/postfix/recipient_canonical. Questo file serve per creare un alias per l'utente root che riceve le email di sistema.
Inserire quanto segue:
root@prova.it admin@prova.it
Creare il file /etc/postfix/sender_canonical. Questo file serve per creare un alias per l'utente root che invia le email di sistema.
Inserire quanto segue:
root@prova.it admin@prova.it
In un terminale digitare:
chgrp postfix /etc/postfix/mysql_*.cf chmod u=rw,g=r,o= /etc/postfix/mysql_*.cf postmap /etc/postfix/recipient_canonical postmap /etc/postfix/sender_canonical
Configurare Yaa autoresponder
In un terminale digitare:
sudo cd /usr/local/ sudo wget http://www.sourcefiles.org/Internet/Mail/Utilities/Autoresponders/yaa-0.3.1.tar.bz2 sudo tar jxvf yaa-0.3..1.tar.bz2
Modificare il file /usr/local/yaa-0.3.1/conf/yaa.conf.
Inserire o modificare le seguenti linee:
# SQL lookup map example # # (used sql database: mysql) # (for other types see perldoc DBD::<yourdb>) # 'my_sql_map' => { 'driver' => 'SQL', 'sql_dsn' => 'dbi:mysql:database=maildb;host=localhost', 'sql_username' => "mailuser", 'sql_password' => "1234", 'sql_select' => "select active,subject,message from view_vacation where email = %m and active='y'", }, $lookup_map_query_order = { active => [ 'my_sql_map:active' ], subject => [ 'my_sql_map:subject' ], message => [ 'my_sql_map:message' ], # charset => [ # # 'my_sql_map:charset' # ], # forward => [ # 'my_sql_map:forward' # ], # rewrite_sender => [ # #empty # ], # rewrite_recipient => [ # #empty # ], local_domains => [ 'my_sql_map:local_domains' ], };
Configurare Dovecot
Modificare il file /etc/dovecot/dovecot.conf.
Aggiungere o modificare le seguenti linee:
protocols = imap imaps pop3 pop3s disable_plaintext_auth = yes shutdown_clients = yes log_path = /var/log/dovecot.log log_timestamp = "%Y-%m-%d %H:%M:%S " ssl = yes ssl_cert_file = /etc/ssl/certs/server.crt ssl_key_file = /etc/ssl/private/server.key ssl_verify_client_cert = yes verbose_ssl = yes mail_location = maildir:/mail/%d/%n/Maildir mail_privileged_group = vmail protocol imap { ...... # Login executable location. #login_executable = /usr/lib/dovecot/imap-login listen = *:143 ssl_listen = *:993 mail_plugins = quota imap_quota trash mail_plugin_dir = /usr/lib/dovecot/modules/imap imap_client_workarounds = delay-newmail tb-extra-mailbox-sep outlook-idle ....... } protocol pop3 { ...... # Login executable location. #login_executable = /usr/lib/dovecot/pop3-login listen = *:110 ssl_listen = *:995 pop3_uidl_format = %08Xu%08Xv mail_plugins = quota trash mail_plugin_dir = /usr/lib/dovecot/modules/pop3 pop3_client_workarounds = outlook-no-nuls oe-ns-eoh ...... } protocol lda { ..... # Address to use when sending rejection mails. postmaster_address = admin@prova.it mail_plugins = sieve quota mail_plugin_dir = /usr/lib/dovecot/modules/lda quota_full_tempfail = no deliver_log_format = msgid=%m: %$ rejection_subject = Rejected: %s rejection_reason = Your message to <%t> was automatically rejected:%n%r log_path = /mail/dovecot-deliver.log auth_socket_path = /var/run/dovecot/auth-master ......... } auth default { ...... # Space separated list of wanted authentication mechanisms: # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey # gss-spnego # NOTE: See also disable_plaintext_auth setting. mechanisms = plain login passdb sql { # Path for SQL configuration file args = /etc/dovecot/dovecot-sql.conf } userdb sql { # Path for SQL configuration file args = /etc/dovecot/dovecot-sql.conf } ssl_require_client_cert = no socket listen { master { # Master socket provides access to userdb information. It's typically # used to give Dovecot's local delivery agent access to userdb so it # can find mailbox locations. path = /var/run/dovecot/auth-master mode = 0600 # Default user/group is the one who started dovecot-auth (root) user =vmail group = vmail } client { # The client socket is generally safe to export to everyone. Typical use # is to export it to your SMTP server so it can do SMTP AUTH lookups # using it. path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } plugin { quota_rule = *:storage=3072 quota = maildir:User quota trash = /mail/dovecot-trash.conf sieve_global_path = /mail/globalsieverc #deleted_to_trash_folder = Trash }Modificare il file /etc/dovecot/dovecot-sql.conf.
Aggiungere o modificare le seguenti linee:
driver = mysql connect = host=127.0.0.1 dbname=maildb user=mailuser password=1234 default_pass_scheme = PLAIN-MD5 user_query = SELECT home_path AS home,5000 AS uid, 5000 AS gid, CONCAT('maildir:storage=',quota_kb) AS quota FROM view_users WHERE email='%u' AND active = 'Y'; password_query = SELECT email as user, password FROM view_users WHERE email='%u' AND active = 'Y';Creare il file /mail/dovecot-trash.conf.
Inserire quanto segue:
1 Spam 2 Trash 3 Sent 3 Sent Messages
Creare il file /mail/globalsieverc.
Inserire quanto segue:
require ["fileinto"]; # Move spam to spam folder if header :contains "X-Spam-Flag" ["YES"] { fileinto "Spam"; stop; }In un terminale digitare:
chgrp vmail /etc/dovecot/dovecot.conf chmod g+r /etc/dovecot/dovecot.conf
Antivirus e Antispam
In questa paragrafo configureremo i due software per protegerre le nostre email da spam e virus
Configurare Amavis
Modificare il file /etc/amavis/conf.d/50-user
Aggiungere o modificare le seguenti linee:
$sa_spam_subject_tag = '***SPAM*** '; $sa_tag_level_deflt = 5.0; # add spam info headers if at, or above that level $sa_tag2_level_deflt = 5; # add 'spam detected' headers at that level $sa_kill_level_deflt = 5; # triggers spam evasive actions $sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent $final_virus_destiny = D_DISCARD; # (data not lost, see virus quarantine) $final_banned_destiny = D_BOUNCE; # D_REJECT when front-end MTA $final_spam_destiny = D_PASS; $final_bad_header_destiny = D_PASS; # False-positive prone (for spam) $virus_admin = "admin\@$mydomain"; # due to D_DISCARD default @lookup_sql_dsn = ( ['DBI:mysql:database=maildb;host=127.0.0.1;port=3306', 'mailuser', '1234']); $sql_select_policy = 'SELECT name FROM virtual_domains WHERE CONCAT("@",name) IN (%k)';Modificare il file /etc/amavis/conf.d/20-debian_defaults
Aggiungere o modificare le seguenti linee:
$sa_spam_subject_tag = '***SPAM*** '; $sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level $sa_tag2_level_deflt = 5; # add 'spam detected' headers at that level $sa_kill_level_deflt = 5; # triggers spam evasive actions $sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent $final_virus_destiny = D_DISCARD; # (data not lost, see virus quarantine) $final_banned_destiny = D_BOUNCE; # D_REJECT when front-end MTA $final_spam_destiny = D_PASS; $final_bad_header_destiny = D_PASS; # False-positive prone (for spam)
Modificare il file /etc/amavis/conf.d/15-content_filter_mode
Aggiungere o modificare le seguenti linee:
@bypass_virus_checks_maps = ( \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re); @bypass_spam_checks_maps = ( \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
In un terminale digitare:
sudo chmod 0640 /etc/amavis/conf.d/50-user sudo chmod 0644 /etc/amavis/conf.d/20-debian_defaults sudo chmod 0644 /etc/amavis/conf.d/15-content_filter_mode
Configurare Spamassassin
Modificare il file /etc/spamassassin/local.cf.
In un terminale digitare:
sudo chmod 0644 /etc/spamassassin/local.cf sudo mkdir /var/lib/amavis/.spamassassin/bayes
Mofificare o aggiungere le seguenti linee:
use_bayes 1 bayes_auto_learn 1 bayes_auto_expire 0
Configuarare WebMail
Installazione
Installare i pacchetti:
Riavviare i servrizi
In un terminale digitare:
sudo chown -R vmail:vmail /mail sudo adduser clamav amavis sudo chown -R amavis /var/lib/amavis/.spamassassin sudo chmod 770 /var/lib/amavis/.spamassassin/bayes sudo /etc/init.d/clamav-daemon restart sudo /etc/init.d/amavis restart sudo /etc/init.d/postfix restart sudo /etc/init.d/dovecot restart sudo /etc/init.d/clamav-daemon restart
