Project

General

Profile

Actions

Postfix Installation (Debian Etch)


Only relayhost, accept only local mail.

apt-get install postfix

/etc/aliases - aliases für local accounts einrichten und umleiten auf externen user.

newaliases um hashmap zu erstellen

/etc/postfix/main.cf

relayhost parameter auf smtp-mailserver setzen.

/etc/postfix/sasl_passwd enthält mail-server user:password

relayhost = mail.math.fu-berlin.de

smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

smtp_always_send_ehlo = yes

Dann postmap /etc/postfix/sasl_passwd

Für jeden user ein file (touch) in /var/mail erstellen. Für root sollte reichen, wenn alles nach root umgeleiten wird.

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

mydomain = e-taxonomy.eu
myhostname = idp.$mydomain
#myorigin = /etc/mailname
myorigin = $myhostname 

mydestination = $myhostname, localhost.$mydomain, localhost

mynetworks = 127.0.0.0/8
inet_interfaces = all

mailbox_transport = lmtp:localhost
#mailbox_size_limit = 0

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

#local_recipient_maps = $alias_maps ldap:/etc/postfix/local_recipient_maps.cf
local_recipient_maps = 

relayhost = mail.math.fu-berlin.de

recipient_delimiter = +

# SASL parameters
#smtpd_sasl_local_domain = $mydomain
#smtpd_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_always_send_ehlo = yes
#smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes

# TLS parameters
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
#smtpd_tls_cert_file=/etc/ssl/certs/idp.e-taxonomy.eu-cert.pem
#smtpd_tls_key_file=/etc/ssl/private/idp.e-taxonomy.eu-key.pem
#smtpd_tls_CApath=/etc/ssl/certs
#smtpd_use_tls=yes
#smtpd_tls_auth_only = yes
#smtpd_tls_loglevel = 2
#smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
#tls_random_source = dev:/dev/urandom
#smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

# Anti-Spam
smtpd_helo_required = yes
disable_vrfy_command = yes
strict_rfc821_envelopes = yes

smtpd_recipient_restrictions =
    permit_sasl_authenticated,
    permit_mynetworks,
    reject_unauth_destination,
    reject_invalid_hostname,
    reject_non_fqdn_hostname,
    reject_non_fqdn_sender,
    reject_non_fqdn_recipient,
    reject_unknown_sender_domain,
    reject_unknown_recipient_domain,
    reject_unauth_pipelining,
#    check_client_access hash:/etc/postfix/maps/access_client,
#    check_helo_access hash:/etc/postfix/maps/access_helo,
#    check_sender_access hash:/etc/postfix/maps/access_sender,
#    check_recipient_access hash:/etc/postfix/maps/access_recipient,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client dynablock.njabl.org,
    reject_rbl_client zen.spamhaus.org,
    reject_rbl_client cbl.abuseat.org,
    reject_rbl_client sbl.spamhaus.org,
    reject_rbl_client pbl.spamhaus.org,
    reject_rbl_client list.dsbl.org,
    permit

# Amavis integration
#content_filter=smtp-amavis:[127.0.0.1]:10024
#receive_override_options=no_address_mappings

Updated by Andreas Müller almost 2 years ago · 4 revisions