Wiki Ubuntu-it

Indice
Partecipa
FAQ
Wiki Blog
------------------
Ubuntu-it.org
Forum
Chiedi
Chat
Cerca
Planet
  • Immutable Page
  • Info
  • Attachments

STOP! Perché questa guida si trova sotto la pagina Cestino?. Una guida può essere cestinata dal Gruppo Documentazione se contiene istruzioni compatibili solo con rilasci non più supportati di Ubuntu oppure perché non si ha certezza che lo siano per i rilasci attualmente supportati. Queste pagine richiedono un aggiornamento e una verifica delle istruzioni contenute. Se vuoi riesumare una di queste guide contatta il Gruppo Documentazione nella board sul forum.



Introduzine

In questa pagina ci sono delle istruzioni utili su come utilizzare Postfi+Dovecot+Horde+Mysql.

Verrà spiegato come creare un completo Mail Server con gestione utenza e domini virtuali e quota su Ubuntu Server 10.04.

In questa guida il nome del db sará maildb con user mailuser e password 1234. Verrá creato un utente di posta admin con passwd padmin e un dominio prova.it. Il server é configurato con una partizione /mail separata,

Installazione

Installare i pacchetti:

apt-get install libmldbm-perl libio-lockedfile-perl libnet-perl libcarp-clan-perl libdbi-perl libdbd-mysql-perl libnet-server-perl libio-stringy-perl

Configurare Mysql

La prima cosa da fare é creare un db che conterrá le tabelle necessarie al funzionamento del sistema. Per facilitare il lavoro creeremo un file con le instruzioni sql necessarie.

  1. Creare il file /etc/maildb.sql.

    Inserire quanto segue:

    /*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
    /*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
    /*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
    /*!40101 SET NAMES utf8 */;
    /*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
    /*!40103 SET TIME_ZONE='+00:00' */;
    /*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
    /*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
    /*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
    /*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
    
    USE mysql;
    
    REPLACE INTO user (host, user, password)
        VALUES (
            'localhost',
            'mailuser',
    -- IMPORTANT: Change this password.
            PASSWORD('1234')
    );
    
    REPLACE INTO db (host, db, user, select_priv, insert_priv, update_priv,
                     delete_priv, create_priv, drop_priv,index_priv)
        VALUES (
            'localhost',
            'maildb',
            'mailuser',
            'Y', 'Y', 'Y', 'Y',
            'Y', 'Y', 'Y'
    );
    
    -- Make sure that priviliges are reloaded.
    FLUSH PRIVILEGES;
    
    
    --
    -- Current Database: `maildb`
    --
    
    CREATE DATABASE /*!32312 IF NOT EXISTS*/ `maildb` /*!40100 DEFAULT CHARACTER SET latin1 */;
    
    USE `maildb`;
    
    --
    -- Temporary table structure for view `view_aliases`
    --
    
    DROP TABLE IF EXISTS `view_aliases`;
    /*!50001 DROP VIEW IF EXISTS `view_aliases`*/;
    /*!50001 CREATE TABLE `view_aliases` (
      `source` varchar(100),
      `destination` varchar(100),
      `active_forward` char(1)
    ) */;
    
    --
    -- Temporary table structure for view `view_vacation`
    --
    
    DROP TABLE IF EXISTS `view_vacation`;
    /*!50001 DROP VIEW IF EXISTS `view_vacation`*/;
    /*!50001 CREATE TABLE `view_vacation` (
      `email` varchar(100),
      `local_domains` varchar(50),
      `subject` varchar(100),
      `message` text,
      `active` char(1)
    ) */;
    
    --
    -- Temporary table structure for view `view_aliases_vacation`
    --
    
    DROP TABLE IF EXISTS `view_aliases_vacation`;
    /*!50001 DROP VIEW IF EXISTS `view_aliases_vacation`*/;
    /*!50001 CREATE TABLE `view_aliases_vacation` (
      `source` varchar(100),
      `destination` varchar(255)
    ) */;
    
    --
    -- Temporary table structure for view `view_users`
    --
    
    DROP TABLE IF EXISTS `view_users`;
    /*!50001 DROP VIEW IF EXISTS `view_users`*/;
    /*!50001 CREATE TABLE `view_users` (
      `email` varchar(91),
      `password` varchar(32),
      `home_path` varchar(97),
      `quota_kb` int(10),
      `active` char(1)
    ) */;
    
    --
    -- Table structure for table `virtual_aliases`
    --
    
    DROP TABLE IF EXISTS `virtual_aliases`;
    SET @saved_cs_client     = @@character_set_client;
    SET character_set_client = utf8;
    CREATE TABLE `virtual_aliases` (
      `id` int NOT NULL auto_increment,
      `domain_id` int NOT NULL,
      `source` varchar(100) NOT NULL,
      `destination` varchar(255) NOT NULL,
      `active_forward` char(1) NOT NULL default 'N',
      PRIMARY KEY  (`id`),
      KEY `domain_id` (`domain_id`),
      CONSTRAINT `virtual_aliases_ibfk_1` FOREIGN KEY (`domain_id`) REFERENCES `virtual_domains` (`id`) ON DELETE CASCADE
    ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1;
    SET character_set_client = @saved_cs_client;
    
    --
    -- Dumping data for table `virtual_aliases`
    --
    
    LOCK TABLES `virtual_aliases` WRITE;
    /*!40000 ALTER TABLE `virtual_aliases` DISABLE KEYS */;
    INSERT INTO `virtual_aliases` VALUES (1,1,'admin','','N');
    /*!40000 ALTER TABLE `virtual_aliases` ENABLE KEYS */;
    UNLOCK TABLES;
    
    --
    -- Table structure for table `virtual_vacation`
    --
    
    DROP TABLE IF EXISTS `virtual_vacation`;
    SET @saved_cs_client     = @@character_set_client;
    SET character_set_client = utf8;
    CREATE TABLE `virtual_vacation` (
      `id` int NOT NULL auto_increment,
      `domain_id` int NOT NULL,
      `user` varchar(40) NOT NULL,
      `local_domains` varchar(50) NOT NULL,
      `subject` varchar(100) NOT NULL default 'I am en holiday',
      `message` varchar(255) NOT NULL default 'I am en holiday',
      `active` char(1) NOT NULL default 'n',
      PRIMARY KEY  (`id`),
      KEY `domain_id` (`domain_id`),
      CONSTRAINT `virtual_vacation_ibfk_1` FOREIGN KEY (`domain_id`) REFERENCES `virtual_domains` (`id`) ON DELETE CASCADE
    ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1;
    SET character_set_client = @saved_cs_client;
    
    --
    -- Dumping data for table `virtual_vacation`
    --
    
    LOCK TABLES `virtual_vacation` WRITE;
    /*!40000 ALTER TABLE `virtual_vacation` DISABLE KEYS */;
    INSERT INTO `virtual_vacation` VALUES (1,1,'admin','','I am en holiday','I am en holiday','n');
    /*!40000 ALTER TABLE `virtual_vacation` ENABLE KEYS */;
    UNLOCK TABLES;
    
    
    --
    -- Table structure for table `virtual_domains`
    --
    
    DROP TABLE IF EXISTS `virtual_domains`;
    SET @saved_cs_client     = @@character_set_client;
    SET character_set_client = utf8;
    CREATE TABLE `virtual_domains` (
      `id` int NOT NULL auto_increment,
      `name` varchar(50) NOT NULL,
      PRIMARY KEY  (`id`)
    ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1;
    SET character_set_client = @saved_cs_client;
    
    --
    -- Table structure for table `transport`
    --
    
    DROP TABLE IF EXISTS `transport`;
    SET @saved_cs_client     = @@character_set_client;
    SET character_set_client = utf8;
    CREATE TABLE `transport` (
      `id` int NOT NULL auto_increment,
      `domain` varchar(50) NOT NULL,
      `transport` varchar(50) NOT NULL,
      PRIMARY KEY  (`id`)
    ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1;
    SET character_set_client = @saved_cs_client;
    
    --
    -- Dumping data for table `virtual_domains`
    --
    
    LOCK TABLES `virtual_domains` WRITE;
    /*!40000 ALTER TABLE `virtual_domains` DISABLE KEYS */;
    INSERT INTO `virtual_domains` VALUES (1,'prova.it');
    /*!40000 ALTER TABLE `virtual_domains` ENABLE KEYS */;
    UNLOCK TABLES;
    
    --
    -- Dumping data for table `transport`
    --
    
    LOCK TABLES `transport` WRITE;
    /*!40000 ALTER TABLE `transport` DISABLE KEYS */;
    INSERT INTO `transport` VALUES (1,'autoreply.prova.it', 'yaa');
    /*!40000 ALTER TABLE `transport` ENABLE KEYS */;
    UNLOCK TABLES;
    
    --
    -- Table structure for table `virtual_users`
    --
    
    DROP TABLE IF EXISTS `virtual_users`;
    SET @saved_cs_client     = @@character_set_client;
    SET character_set_client = utf8;
    CREATE TABLE `virtual_users` (
      `id` int NOT NULL auto_increment,
      `domain_id` int NOT NULL,
      `user` varchar(40) NOT NULL,
      `password` varchar(32) NOT NULL,
      `quota` int NOT NULL default '0',
      `active` char(1) NOT NULL default 'Y',
      PRIMARY KEY  (`id`),
      UNIQUE KEY `UNIQUE_EMAIL` (`domain_id`,`user`),
      CONSTRAINT `virtual_users_ibfk_1` FOREIGN KEY (`domain_id`) REFERENCES `virtual_domains` (`id`) ON DELETE CASCADE
    ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1;
    SET character_set_client = @saved_cs_client;
    
    --
    -- Dumping data for table `virtual_users`
    --
    
    LOCK TABLES `virtual_users` WRITE;
    /*!40000 ALTER TABLE `virtual_users` DISABLE KEYS */;
    INSERT INTO `virtual_users` VALUES (1,1,'admin','6589c59cab273225e6662a1b1558e92b',3072,'Y');
    /*!40000 ALTER TABLE `virtual_users` ENABLE KEYS */;
    UNLOCK TABLES;
    
    --
    -- Current Database: `maildb`
    --
    
    USE `maildb`;
    
    --
    -- Final view structure for view `view_aliases`
    --
    
    /*!50001 DROP TABLE `view_aliases`*/;
    /*!50001 DROP VIEW IF EXISTS `view_aliases`*/;
    /*!50001 CREATE ALGORITHM=UNDEFINED */
    /*!50013 DEFINER=`root`@`localhost` SQL SECURITY DEFINER */
    /*!50001 VIEW `view_aliases` AS select concat(`virtual_aliases`.`source`,_latin1'@',`virtual_domains`.`name`) AS `source`,`virtual_aliases`.`destination` AS `destination`,`virtual_aliases`.`active_forward` AS `active_forward` from (`virtual_aliases` left join `virtual_domains` on((`virtual_aliases`.`domain_id` = `virtual_domains`.`id`))) */;
    
    --
    -- Final view structure for view `view_vacation`
    --
    
    /*!50001 DROP TABLE `view_vacation`*/;
    /*!50001 DROP VIEW IF EXISTS `view_vacation`*/;
    /*!50001 CREATE ALGORITHM=UNDEFINED */
    /*!50013 DEFINER=`root`@`localhost` SQL SECURITY DEFINER */
    /*!50001 VIEW `view_vacation` AS select concat(`virtual_vacation`.`user`,_latin1'@',`virtual_domains`.`name`) AS `email`, concat(_latin1'autoreply.',`virtual_domains`.`name`) AS `local_domains`,`virtual_vacation`.`subject` AS `subject`,`virtual_vacation`.`message` AS `message`,`virtual_vacation`.`active` AS `active` from (`virtual_vacation` left join `virtual_domains` on((`virtual_vacation`.`domain_id` = `virtual_domains`.`id`))) */;
    
    --
    -- Final view structure for view `view_aliases_vacation`
    --
    
    /*!50001 DROP TABLE `view_aliases_vacation`*/;
    /*!50001 DROP VIEW IF EXISTS `view_aliases_vacation`*/;
    /*!50001 CREATE ALGORITHM=UNDEFINED */
    /*!50013 DEFINER=`root`@`localhost` SQL SECURITY DEFINER */
    /*!50001 VIEW `view_aliases_vacation` AS select concat(`virtual_aliases`.`source`,_latin1'@',`virtual_domains`.`name`) AS `source`, concat(`virtual_aliases`.`source`,_latin1'@',`virtual_domains`.`name`,_latin1', ',`virtual_aliases`.`source`,_latin1'@autoreply.',`virtual_domains`.`name`)AS destination from (`virtual_aliases` left join `virtual_domains` on((`virtual_aliases`.`domain_id` = `virtual_domains`.`id`))) */;
    
    --
    -- Final view structure for view `view_users`
    --
    
    /*!50001 DROP TABLE `view_users`*/;
    /*!50001 DROP VIEW IF EXISTS `view_users`*/;
    /*!50001 CREATE ALGORITHM=UNDEFINED */
    /*!50013 DEFINER=`root`@`localhost` SQL SECURITY DEFINER */
    /*!50001 VIEW `view_users` AS select concat(`virtual_users`.`user`,_latin1'@',`virtual_domains`.`name`) AS `email`,`virtual_users`.`password` AS `password`,concat(_latin1'/mail/',`virtual_domains`.`name`,_latin1'/',`virtual_users`.`user`) AS `home_path`,`virtual_users`.`quota` AS `quota_kb`,`virtual_users`.`active` AS `active` from (`virtual_users` left join `virtual_domains` on((`virtual_users`.`domain_id` = `virtual_domains`.`id`))) */;
    /*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
    
    /*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
    /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
    /*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
    /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
    /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
    /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
    /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
    
    --
    -- Final db
    --
  2. Importare il db creato.

    In un terminale digitare:

    sudo mysql --user=root --password=psql1 < /etc/maildb.sql

Configurare Postfix

  1. Creare l'utente e gruppo per gestire il tutto

    In un terminale digitare:

    sudo  groupadd vmail -g 5000
    sudo useradd vmail -u 5000 -g 5000 -s /bin/false -d /mail
  2. Modificare il file /etc/postfix/main.cf.

    Aggiungere o modificare le seguenti linee in base alle vostre esigenze:

    # TLS parameters
    #smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
    #smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
    smtpd_tls_cert_file=/etc/ssl/certs/server.crt
    smtpd_tls_key_file=/etc/ssl/private/server.key
    smtpd_use_tls=yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    smtpd_tls_auth_only = yes
    
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    
    smtpd_sasl_auth_enable=yes
    smtpd_sasl_type=dovecot
    smtpd_sasl_path=private/auth
    smtpd_sasl_authenticated_header = yes
    smtpd_sasl_security_options = noplaintext, noanonymous 
    smtpd_sasl_tls_security_options = noanonymous
    smtpd_sender_restrictions =
     permit_mynetworks
     permit_sasl_authenticated
     warn_if_reject reject_non_fqdn_sender
     reject_unknown_sender_domain
     reject_unauth_pipelining
     permit
    
    smtpd_client_restrictions =
     permit_mynetworks
     reject_rbl_client sbl.spamhaus.org
     reject_rbl_client blackholes.easynet.nl
     reject_rbl_client dnsbl.njabl.org
    
    smtpd_recipient_restrictions =
     reject_unauth_pipelining
     permit_mynetworks
     permit_sasl_authenticated
     reject_unauth_destination
     reject_invalid_helo_hostname
     warn_if_reject reject_non_fqdn_helo_hostname
     warn_if_reject reject_unknown_helo_hostname
     warn_if_reject reject_unknown_client
     reject_non_fqdn_sender
     reject_non_fqdn_recipient
     reject_unknown_sender_domain
     reject_unknown_recipient_domain
     reject_rbl_client zen.spamhaus.org
     reject_rbl_client bl.spamcop.net
     reject_rbl_client dnsbl.sorbs.net=127.0.0.2
     reject_rbl_client dnsbl.sorbs.net=127.0.0.3
     reject_rbl_client dnsbl.sorbs.net=127.0.0.4
     reject_rbl_client dnsbl.sorbs.net=127.0.0.5
     reject_rbl_client dnsbl.sorbs.net=127.0.0.7
     reject_rbl_client dnsbl.sorbs.net=127.0.0.9
     reject_rbl_client dnsbl.sorbs.net=127.0.0.11
     reject_rbl_client dnsbl.sorbs.net=127.0.0.12
     warn_if_reject reject_rhsbl_sender dsn.rfc-ignorant.org
     warn_if_reject reject_rhsbl_sender abuse.rfc-ignorant.org
     warn_if_reject reject_rhsbl_sender whois.rfc-ignorant.org
     warn_if_reject reject_rhsbl_sender bogusmx.rfc-ignorant.org
     warn_if_reject reject_rhsbl_sender postmaster.rfc-ignorant.org
     permit
    
    smtpd_helo_restrictions =
     permit_mynetworks
     warn_if_reject reject_non_fqdn_hostname
     reject_invalid_hostname
     permit
    
    smtpd_data_restrictions =
     reject_unauth_pipelining
     reject_multi_recipient_bounce
    
    myhostname = server.prova.it
    myorigin = /etc/mailname
    mydestination = 
    local_recipient_maps =
    relayhost = 
    mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
    recipient_delimiter = +
    inet_interfaces = all
    virtual_mailbox_domains = mysql:/etc/postfix/mysql_domains.cf
    virtual_mailbox_maps = mysql:/etc/postfix/mysql_mailbox.cf
    virtual_alias_maps = mysql:/etc/postfix/mysql_alias.cf, mysql:/etc/postfix/mysql_vacation.cf
    transport_maps = mysql:/etc/postfix/mysql_transport.cf
    mailbox_command = /usr/lib/dovecot/deliver
    virtual_minimum_uid = 107
    virtual_uid_maps = static:5000
    virtual_gid_maps = static:5000
    virtual_transport = dovecot
    dovecot_destination_recipient_limit = 1
    sender_canonical_maps = hash:/etc/postfix/sender_canonical
    recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
    content_filter = smtp-amavis:[127.0.0.1]:10024
    receive_override_options = no_address_mappings
  3. Modificare il file /etc/postfix/master.cf.

    Aggiungere o modificare le seguenti linee:

    smtp      inet  n       -       n       -       -       smtpd
    dovecot   unix  -       n       n       -       -       pipe
      flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
    yaa     unix    -       n       n       -       -       pipe
      user=vmail argv=/usr/local/yaa-0.3.1/bin/yaa.pl
    
    smtp-amavis unix -      -       n     -       2  smtp
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes
        -o disable_dns_lookups=yes
        -o max_use=20
    127.0.0.1:10025 inet n  -       -     -       -  smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_delay_reject=no
        -o smtpd_client_restrictions=permit_mynetworks,reject
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o smtpd_data_restrictions=reject_unauth_pipelining
        -o smtpd_end_of_data_restrictions=
        -o mynetworks=127.0.0.0/8
        -o smtpd_error_sleep_time=0
        -o smtpd_soft_error_limit=1001
        -o smtpd_hard_error_limit=1000
        -o smtpd_client_connection_count_limit=0
        -o smtpd_client_connection_rate_limit=0
        -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
        -o local_header_rewrite_clients=
  4. Creare il file /etc/postfix/mysql_domains.cf.

    Inserire quanto segue:

    user = mailuser
    password = 1234
    hosts = 127.0.0.1
    dbname = maildb
    query = SELECT 1 FROM virtual_domains WHERE name='%s'
  5. Creare il file /etc/postfix/mysql_mailbox.cf.

    Inserire quanto segue:

    user = mailuser
    password = 1234
    hosts = 127.0.0.1
    dbname = maildb
    query = SELECT 1 FROM view_users WHERE email='%s' AND active = 'Y'
  6. Creare il file /etc/postfix/mysql_alias.cf.

    Inserire quanto segue:

    user = mailuser
    password = 1234
    hosts = 127.0.0.1
    dbname = maildb
    query = SELECT destination FROM view_aliases WHERE source='%s' AND active_forward='Y'
  7. Creare il file /etc/postfix/mysql_transport.cf.

    Inserire quanto segue:

    user = mailuser
    password = 1234
    hosts = 127.0.0.1
    dbname = maildb
    query = SELECT transport FROM transport WHERE domain='%d'
  8. Creare il file /etc/postfix/mysql_vacation.cf.

    Inserire quanto segue:

    user = mailuser
    password = 1234
    hosts = 127.0.0.1
    dbname = maildb
    query = SELECT destination FROM view_aliases_vacation WHERE source='%s'
  9. Creare il file /etc/postfix/recipient_canonical. Questo file serve per creare un alias per l'utente root che riceve le email di sistema.

    Inserire quanto segue:

    root@prova.it   admin@prova.it
  10. Creare il file /etc/postfix/sender_canonical. Questo file serve per creare un alias per l'utente root che invia le email di sistema.

    Inserire quanto segue:

    root@prova.it   admin@prova.it
  11. In un terminale digitare:

    chgrp postfix /etc/postfix/mysql_*.cf
    chmod u=rw,g=r,o= /etc/postfix/mysql_*.cf
    postmap /etc/postfix/recipient_canonical
    postmap /etc/postfix/sender_canonical

Configurare Yaa autoresponder

  1. In un terminale digitare:

    sudo cd /usr/local/    
    sudo  wget http://www.sourcefiles.org/Internet/Mail/Utilities/Autoresponders/yaa-0.3.1.tar.bz2
    sudo tar jxvf yaa-0.3..1.tar.bz2
  2. Modificare il file /usr/local/yaa-0.3.1/conf/yaa.conf.

    Inserire o modificare le seguenti linee:

      # SQL lookup map example
        #
        # (used sql database: mysql)
        # (for other types see perldoc DBD::<yourdb>)
        # 
         'my_sql_map' => {
            'driver' => 'SQL',
            'sql_dsn' => 'dbi:mysql:database=maildb;host=localhost',
            'sql_username' => "mailuser",
            'sql_password' => "1234",
            'sql_select' => "select active,subject,message from view_vacation where email = %m and active='y'",
        },
    
    $lookup_map_query_order = {
            active => [
                    'my_sql_map:active'
            ],
            subject => [
                    'my_sql_map:subject'
            ],
            message => [
                    'my_sql_map:message'
            ],
          #  charset => [
          #         # 'my_sql_map:charset'
          #  ],
          #  forward => [
          #          'my_sql_map:forward'
          #  ],
          #  rewrite_sender => [
          #          #empty
          #  ],
          #  rewrite_recipient => [
          #          #empty
          #  ],
            local_domains => [
                    'my_sql_map:local_domains'
            ],
    };

Configurare Dovecot

  1. Modificare il file /etc/dovecot/dovecot.conf.

    Aggiungere o modificare le seguenti linee:

    protocols = imap imaps pop3 pop3s
    disable_plaintext_auth = yes
    shutdown_clients = yes
    log_path = /var/log/dovecot.log
    log_timestamp = "%Y-%m-%d %H:%M:%S "
    ssl = yes
    ssl_cert_file = /etc/ssl/certs/server.crt
    ssl_key_file = /etc/ssl/private/server.key
    ssl_verify_client_cert = yes
    verbose_ssl = yes
    mail_location = maildir:/mail/%d/%n/Maildir
    mail_privileged_group = vmail
    protocol imap {
    ......
      # Login executable location.
      #login_executable = /usr/lib/dovecot/imap-login
      listen = *:143
      ssl_listen = *:993
      mail_plugins = quota imap_quota trash
      mail_plugin_dir = /usr/lib/dovecot/modules/imap
      imap_client_workarounds = delay-newmail tb-extra-mailbox-sep outlook-idle
    .......
    }
    
    protocol pop3 {
    ......
      # Login executable location.
      #login_executable = /usr/lib/dovecot/pop3-login
      listen = *:110
      ssl_listen = *:995
      pop3_uidl_format = %08Xu%08Xv
      mail_plugins = quota trash
      mail_plugin_dir = /usr/lib/dovecot/modules/pop3
      pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
    ......
    }
    
    protocol lda {
    .....
      # Address to use when sending rejection mails.
      postmaster_address = admin@prova.it
      mail_plugins = sieve quota
      mail_plugin_dir = /usr/lib/dovecot/modules/lda
      quota_full_tempfail = no
      deliver_log_format = msgid=%m: %$
      rejection_subject = Rejected: %s
      rejection_reason = Your message to <%t> was automatically rejected:%n%r
        log_path = /mail/dovecot-deliver.log
        auth_socket_path = /var/run/dovecot/auth-master
    .........
    }
    
    auth default {
    ......
      # Space separated list of wanted authentication mechanisms:
      #   plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey
      #   gss-spnego
      # NOTE: See also disable_plaintext_auth setting.
      mechanisms = plain login
    
      passdb sql {
        # Path for SQL configuration file
        args = /etc/dovecot/dovecot-sql.conf
      }
    
      userdb sql {
        # Path for SQL configuration file
        args = /etc/dovecot/dovecot-sql.conf
      }
    
      ssl_require_client_cert = no
    
     socket listen {
        master {
          # Master socket provides access to userdb information. It's typically
          # used to give Dovecot's local delivery agent access to userdb so it
          # can find mailbox locations.
          path = /var/run/dovecot/auth-master
          mode = 0600
          # Default user/group is the one who started dovecot-auth (root)
          user =vmail 
          group = vmail 
        }
        client {
          # The client socket is generally safe to export to everyone. Typical use
          # is to export it to your SMTP server so it can do SMTP AUTH lookups
          # using it.
          path = /var/spool/postfix/private/auth
          mode = 0660
          user = postfix
          group = postfix
        }
      }
    }
     plugin {
           quota_rule = *:storage=3072
           quota = maildir:User quota
           trash = /mail/dovecot-trash.conf
          sieve_global_path = /mail/globalsieverc
          #deleted_to_trash_folder = Trash
     }
  2. Modificare il file /etc/dovecot/dovecot-sql.conf.

    Aggiungere o modificare le seguenti linee:

    driver = mysql
    connect = host=127.0.0.1 dbname=maildb user=mailuser password=1234
    default_pass_scheme = PLAIN-MD5
    user_query = SELECT home_path AS home,5000 AS uid, 5000 AS gid, CONCAT('maildir:storage=',quota_kb) AS quota FROM view_users WHERE email='%u' AND active = 'Y';
    password_query = SELECT email as user, password FROM view_users WHERE email='%u' AND active = 'Y';
  3. Creare il file /mail/dovecot-trash.conf.

    Inserire quanto segue:

    1 Spam
    2 Trash
    3 Sent
    3 Sent Messages
  4. Creare il file /mail/globalsieverc.

    Inserire quanto segue:

    require ["fileinto"];
    # Move spam to spam folder
    if header :contains "X-Spam-Flag" ["YES"] {
      fileinto "Spam";
      stop;
    }
  5. In un terminale digitare:

    chgrp vmail /etc/dovecot/dovecot.conf
    chmod g+r /etc/dovecot/dovecot.conf

Antivirus e Antispam

In questa paragrafo configureremo i due software per protegerre le nostre email da spam e virus

Configurare Amavis

  1. Modificare il file /etc/amavis/conf.d/50-user

    Aggiungere o modificare le seguenti linee:

    $sa_spam_subject_tag = '***SPAM*** ';
    $sa_tag_level_deflt  = 5.0;  # add spam info headers if at, or above that level
    $sa_tag2_level_deflt = 5; # add 'spam detected' headers at that level
    $sa_kill_level_deflt = 5; # triggers spam evasive actions
    $sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
    
    $final_virus_destiny      = D_DISCARD;  # (data not lost, see virus quarantine)
    $final_banned_destiny     = D_BOUNCE;   # D_REJECT when front-end MTA
    $final_spam_destiny       = D_PASS;
    $final_bad_header_destiny = D_PASS;     # False-positive prone (for spam)
    
    $virus_admin = "admin\@$mydomain"; # due to D_DISCARD default
    
    @lookup_sql_dsn = (
        ['DBI:mysql:database=maildb;host=127.0.0.1;port=3306',
         'mailuser',
         '1234']);
    
    $sql_select_policy = 'SELECT name FROM virtual_domains WHERE CONCAT("@",name) IN (%k)';
  2. Modificare il file /etc/amavis/conf.d/20-debian_defaults

    Aggiungere o modificare le seguenti linee:

    $sa_spam_subject_tag = '***SPAM*** ';
    $sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above that level
    $sa_tag2_level_deflt = 5; # add 'spam detected' headers at that level
    $sa_kill_level_deflt = 5; # triggers spam evasive actions
    $sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
    
    $final_virus_destiny      = D_DISCARD;  # (data not lost, see virus quarantine)
    $final_banned_destiny     = D_BOUNCE;   # D_REJECT when front-end MTA
    $final_spam_destiny       = D_PASS;
    $final_bad_header_destiny = D_PASS;     # False-positive prone (for spam)
  3. Modificare il file /etc/amavis/conf.d/15-content_filter_mode

    Aggiungere o modificare le seguenti linee:

    @bypass_virus_checks_maps = (
       \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
    
    @bypass_spam_checks_maps = (
       \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
  4. In un terminale digitare:

     sudo chmod 0640 /etc/amavis/conf.d/50-user
     sudo chmod 0644 /etc/amavis/conf.d/20-debian_defaults
     sudo chmod 0644 /etc/amavis/conf.d/15-content_filter_mode

Configurare Spamassassin

  1. Modificare il file /etc/spamassassin/local.cf.

  2. In un terminale digitare:

     sudo chmod 0644 /etc/spamassassin/local.cf
     sudo mkdir /var/lib/amavis/.spamassassin/bayes

    Mofificare o aggiungere le seguenti linee:

      use_bayes 1
      bayes_auto_learn 1
      bayes_auto_expire 0

Configuarare WebMail

Installazione

Installare i pacchetti:

Riavviare i servrizi

  1. In un terminale digitare:

    sudo chown -R vmail:vmail /mail
    sudo adduser clamav amavis
    sudo chown -R amavis /var/lib/amavis/.spamassassin
    sudo chmod 770 /var/lib/amavis/.spamassassin/bayes
    sudo /etc/init.d/clamav-daemon restart
    sudo /etc/init.d/amavis restart
    sudo /etc/init.d/postfix restart
    sudo /etc/init.d/dovecot restart
    sudo /etc/init.d/clamav-daemon restart

Ulteriori risorse


CategoryDaCancellare