Difference between revisions of "Postfix"
From Wikifications
(initial rev from backup) |
m (formating) |
||
| Line 10: | Line 10: | ||
in /etc/rc.conf: | in /etc/rc.conf: | ||
| − | + | sendmail_enable="NONE" | |
in /etc/periodic.conf: | in /etc/periodic.conf: | ||
| − | daily_clean_hoststat_enable | + | daily_clean_hoststat_enable = "NO" |
| − | daily_status_mail_rejects_enable | + | daily_status_mail_rejects_enable = "NO" |
| − | daily_status_include_submnit_mailq | + | daily_status_include_submnit_mailq = "NO" |
| − | daily_submit_queryrun | + | daily_submit_queryrun = "NO" |
drop in a default aliases file: | drop in a default aliases file: | ||
| Line 24: | Line 24: | ||
# sasl config | # sasl config | ||
| − | smtpd_sasl_auth_enable | + | smtpd_sasl_auth_enable = yes |
| − | smtpd_sasl_security_options | + | smtpd_sasl_security_options = noanonymous |
| − | smtpd_sasl_local_domain | + | smtpd_sasl_local_domain = $myhostname |
| − | broken_sasl_auth_clients | + | broken_sasl_auth_clients = yes |
| − | smtpd_sender_restrictions | + | smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks |
| − | smtpd_recipient_restrictions | + | smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination |
# tls config | # tls config | ||
| − | smtpd_use_tls | + | smtpd_use_tls = yes |
| − | smtpd_enforce_tls | + | smtpd_enforce_tls = no |
| − | smtp_tls_note_starttls_offer | + | smtp_tls_note_starttls_offer = yes |
| − | smtpd_tls_key_file | + | smtpd_tls_key_file = /usr/local/etc/apache/CA/server_key.pem |
| − | smtpd_tls_cert_file | + | smtpd_tls_cert_file = /usr/local/etc/apache/CA/server_cert.pem |
| − | smtpd_tls_CAfile | + | smtpd_tls_CAfile = /usr/local/etc/apache/CA/cacert.pem |
| − | smtpd_tls_received_header | + | smtpd_tls_received_header = yes |
| − | smtpd_tls_session_cache_timeout | + | smtpd_tls_session_cache_timeout = 3600s |
| − | tls_random_source | + | tls_random_source = dev:/dev/urandom |
| − | smtpd_tls_loglevel | + | smtpd_tls_loglevel = 1 |
For cyrus | For cyrus | ||
Change the cyrus lines in master.cf to: | Change the cyrus lines in master.cf to: | ||
cyrus unix - n n - - pipe | cyrus unix - n n - - pipe | ||
| − | + | user=cyrus argv=/usr/local/cyrus/bin/deliver -r ${sender} -m ${extension} ${user} | |
Enable cyrus as the mailbox transport in main.cf: | Enable cyrus as the mailbox transport in main.cf: | ||
| − | mailbox_transport | + | mailbox_transport = cyrus |
For courier | For courier | ||
| − | home_mailbox | + | home_mailbox = Maildir/ |
back to [[meta]] | back to [[meta]] | ||
Latest revision as of 18:17, 16 April 2005
Postfix docs:
http://yocum.org/faqs/postfix-tls-sasl.html
http://www.porcupine.org/postfix-mirror/newdoc/SASL_README.html
http://postfix.state-of-mind.de/patrick.koetter/smtpauth/index.html
Install postfix and cyrus-sasl2 from ports.
in /etc/rc.conf:
sendmail_enable="NONE"
in /etc/periodic.conf:
daily_clean_hoststat_enable = "NO" daily_status_mail_rejects_enable = "NO" daily_status_include_submnit_mailq = "NO" daily_submit_queryrun = "NO"
drop in a default aliases file:
cp /usr/local/etc/postfix/aliases /etc/aliases
Create a copy of sample-main.cf and customize. Important bits are:
# sasl config smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname broken_sasl_auth_clients = yes
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
# tls config smtpd_use_tls = yes smtpd_enforce_tls = no smtp_tls_note_starttls_offer = yes smtpd_tls_key_file = /usr/local/etc/apache/CA/server_key.pem smtpd_tls_cert_file = /usr/local/etc/apache/CA/server_cert.pem smtpd_tls_CAfile = /usr/local/etc/apache/CA/cacert.pem smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom smtpd_tls_loglevel = 1
For cyrus Change the cyrus lines in master.cf to:
cyrus unix - n n - - pipe
user=cyrus argv=/usr/local/cyrus/bin/deliver -r ${sender} -m ${extension} ${user}
Enable cyrus as the mailbox transport in main.cf:
mailbox_transport = cyrus
For courier
home_mailbox = Maildir/
back to meta
