Projet

Général

Profil

Serveur Mail tetalab » Historique » Version 2

Version 1 (iku jam, 09/01/2012 17:28) → Version 2/11 (iku jam, 09/01/2012 17:29)

h1. Serveur Mail tetalab

{{>toc}}

pour l'instant y a juste les fichiers de config, des commentaires à venir ~



h2. installation sous debian



h3. paquets requis :



<pre>

ii courier-authdaemon 0.63.0-3.1 Courier authentication daemon

ii courier-authlib 0.63.0-3.1 Courier authentication library

ii courier-authlib-ldap 0.63.0-3.1 LDAP support for the Courier authentication library

ii courier-authlib-postgresql 0.63.0-3.1 PostgreSQL support for the Courier authentication library

ii courier-authlib-userdb 0.63.0-3.1 userdb support for the Courier authentication library

ii courier-base 0.66.1-1 Courier mail server - base system

ii courier-imap 4.9.1-1 Courier mail server - IMAP server

ii courier-imap-ssl 4.9.1-1 Courier mail server - IMAP over SSL

ii courier-pop 0.66.1-1 Courier mail server - POP3 server

ii courier-ssl 0.66.1-1 Courier mail server - SSL/TLS Support



ii postfix 2.8.3-1 High-performance mail transport agent

ii postfix-pgsql 2.8.3-1 PostgreSQL map support for Postfix

ii postfixadmin 2.3.2 Virtual mail hosting interface for Postfix

ii postgresql 9.0.4-1 object-relational SQL database (supported version)

rc postgresql-8.4 8.4.5-0squeeze2 object-relational SQL database, version 8.4 server

ii postgresql-9.0 9.0.4-1+b1 object-relational SQL database, version 9.0 server

ii postgresql-client-9.0 9.0.4-1+b1 front-end programs for PostgreSQL 9.0

ii postgresql-client-common 118 manager for multiple PostgreSQL client versions

ii postgresql-common 118 PostgreSQL database-cluster manager

ii postgresql-contrib 9.0.4-1 additional facilities for PostgreSQL (supported version)

ii postgresql-contrib-9.0 9.0.4-1+b1 additional facilities for PostgreSQL

ii postgrey 1.34-1 greylisting implementation for Postfix



ii sasl2-bin 2.1.24~rc1.dfsg1+cvs2011-05-23-4 Cyrus SASL - administration programs for SASL users database



ii squirrelmail 2:1.4.21-1 Webmail for nuts

ii squirrelmail-locales 1.4.18-20090526-1 Translations for the SquirrelMail Webmail package

ii squirrelmail-viewashtml 3.8-3 SquirrelMail plugin: View mails as HTML

</pre>



h3. config



/etc/postfix/main.cf



_attention, copier-coller de tetalab.org (derriere un nat => proxy etc...)_



<pre>

smtpd_banner = $myhostname ESMTP $mail_name

biff = no

append_dot_mydomain = no

readme_directory = no

smtp_use_tls=yes

smtpd_use_tls=yes

smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache

smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

myhostname = tetalab.org

alias_maps = hash:/etc/aliases,hash:/var/lib/mailman/data/aliases

alias_database = hash:/etc/aliases

myorigin = /etc/mailname

mydestination = web.tetalab.org, www.tetalab.org, localhost.tetalab.org, localhost

mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.23.0/24

mailbox_command = procmail -a "$EXTENSION"

mailbox_size_limit = 0

recipient_delimiter = +

inet_interfaces = all

smtpd_sasl_authenticated_header = yes

smtpd_sasl_auth_enable = yes

smtp_sasl_auth_enable = yes

smtpd_sasl_security_options = noanonymous

broken_sasl_auth_clients = yes

smtpd_sender_restrictions = permit_sasl_authenticated

smtpd_recipient_restrictions =

permit_mynetworks,

permit_sasl_authenticated,

reject_unauth_destination,

check_policy_service inet:127.0.0.1:10023

smtp_tls_note_starttls_offer = yes

smtpd_sasl_local_domain = tetalab.org

smtp_tls_policy_maps = hash:/etc/postfix/tls_policy

smtp_tls_note_starttls_offer = yes

smtpd_tls_key_file = /etc/postfix/ssl/smtpd.pem

smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem

smtpd_tls_CAfile = /etc/postfix/ssl/smtpd.pem

smtp_tls_loglevel = 1

smtp_sasl_path = smtpd

smtpd_sasl_path = smtpd

smtp_sasl_tls_security_options = $smtpd_sasl_security_options

smtpd_sasl_tls_security_options = $smtpd_sasl_security_options

relay_domains = proxy:pgsql:/etc/postfix/pgsql/relay_domains.cf, lists.tetalab.org, lists.mixart-myrys.org, lists.toulouserb.org

virtual_alias_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_alias_maps.cf

virtual_mailbox_domains = proxy:pgsql:/etc/postfix/pgsql/virtual_domain_maps.cf

virtual_mailbox_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.cf

smtp_sasl_password_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.cf

virtual_mailbox_base = /var/mail/vmail

virtual_mailbox_limit = 51200000

virtual_minimum_uid = 8

virtual_transport = virtual

virtual_uid_maps = static:8

virtual_gid_maps = static:8

local_transport = virtual

local_recipient_maps = $virtual_mailbox_maps

transport_maps = hash:/etc/postfix/transport

mailman_destination_recipient_limit = 1

smtp_sasl_mechanism_filter = plain, login

proxy_interfaces = 88.191.126.74

</pre>



Dans @/etc/postfix/pgsql@



*relay_domains.cf* :

<pre>

user = postfixadmin

password = PASSWORD

hosts = localhost

dbname = postfixadmin

query = SELECT domain FROM domain WHERE domain='%s' and backupmx = true

</pre>



*virtual_alias_maps.cf* :

<pre>

user = postfixadmin

password = PASSWORD

hosts = localhost

dbname = postfixadmin

query = SELECT goto FROM alias WHERE address='%s' AND active = true

</pre>



*virtual_domain_maps.cf* :

<pre>

user = postfixadmin

password = PASSWORD

hosts = localhost

dbname = postfixadmin

#query = SELECT domain FROM domain WHERE domain='%s'

#optional query to use when relaying for backup MX

query = SELECT domain FROM domain WHERE domain='%s' and backupmx = false and active = true

</pre>



*virtual_mailbox_limits.cf* :

<pre>

# Used for QUOTA!

user = postfixadmin

password = PASSWORD

hosts = localhost

dbname = postfixadmin

query = SELECT quota FROM mailbox WHERE username='%s'

</pre>



*virtual_mailbox_maps.cf* :

<pre>

user = postfixadmin

password = PASSWORD

hosts = localhost

dbname = postfixadmin

query = SELECT maildir FROM mailbox WHERE username='%s' AND active = true

</pre>



h3. courier



Dans @/etc/courier@



*authdaemonrc* :

<pre>

authmodulelist="authpgsql"

authmodulelistorig="authuserdb authpam authpgsql authldap authmysql authcustom authpipe"

daemons=5

authdaemonvar=/var/run/courier/authdaemon

DEBUG_LOGIN=1

DEFAULTOPTIONS=""

LOGGEROPTS=""

</pre>



*authldaprc* :

<pre>

LDAP_URI ldap://localhost

LDAP_PROTOCOL_VERSION 3

LDAP_BASEDN ou=People,dc=tetalab,dc=org

LDAP_TIMEOUT 5

LDAP_MAIL mail

LDAP_HOMEDIR homeDirectory

LDAP_MAILDIR mailbox

LDAP_DEFAULTDELIVERY defaultDelivery

LDAP_FULLNAME cn

LDAP_CLEARPW clearPassword

LDAP_CRYPTPW userPassword

LDAP_DEREF never

LDAP_TLS 0

</pre>



*authpgsqlrc* :

<pre>

PGSQL_HOST localhost

PGSQL_PORT 5432

PGSQL_USERNAME postfixadmin

PGSQL_PASSWORD PASSWORD

PGSQL_DATABASE postfixadmin

PGSQL_USER_TABLE mailbox

PGSQL_CRYPT_PWFIELD password

PGSQL_UID_FIELD 8

PGSQL_GID_FIELD 8

PGSQL_LOGIN_FIELD username

PGSQL_HOME_FIELD '/var/mail/vmail'

PGSQL_NAME_FIELD name

PGSQL_MAILDIR_FIELD maildir

PGSQL_QUOTA_FIELD quota

</pre>



*imapd* :

<pre>

ADDRESS=0

PORT=143

MAXDAEMONS=40

MAXPERIP=20

PIDFILE=/var/run/courier/imapd.pid

TCPDOPTS="-nodnslookup -noidentlookup"

LOGGEROPTS="-name=imapd"

IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE"

IMAP_KEYWORDS=1

IMAP_ACL=1

IMAP_CAPABILITY_ORIG="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE"

IMAP_PROXY=0

IMAP_PROXY_FOREIGN=0

IMAP_IDLE_TIMEOUT=60

IMAP_MAILBOX_SANITY_CHECK=1

IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN"

IMAP_CAPABILITY_TLS_ORIG="$IMAP_CAPABILITY_ORIG AUTH=PLAIN"

IMAP_DISABLETHREADSORT=0

IMAP_CHECK_ALL_FOLDERS=0

IMAP_OBSOLETE_CLIENT=0

IMAP_UMASK=022

IMAP_ULIMITD=131072

IMAP_USELOCKS=1

IMAP_SHAREDINDEXFILE=/etc/courier/shared/index

IMAP_ENHANCEDIDLE=0

IMAP_TRASHFOLDERNAME=Trash

IMAP_EMPTYTRASH=Trash:7

IMAP_MOVE_EXPUNGE_TO_TRASH=0

SENDMAIL=/usr/sbin/sendmail

HEADERFROM=X-IMAP-Sender

IMAPDSTART=YES

MAILDIRPATH=Maildir

</pre>



*imapd-ssl* :

<pre>

SSLPORT=993

SSLADDRESS=0

SSLPIDFILE=/var/run/courier/imapd-ssl.pid

SSLLOGGEROPTS="-name=imapd-ssl"

IMAPDSSLSTART=YES

IMAPDSTARTTLS=YES

IMAP_TLS_REQUIRED=0

COURIERTLS=/usr/bin/couriertls

TLS_KX_LIST=ALL

TLS_COMPRESSION=ALL

TLS_CERTS=X509

TLS_CERTFILE=/etc/courier/imapd.pem

TLS_TRUSTCERTS=/etc/ssl/certs

TLS_VERIFYPEER=NONE

TLS_CACHEFILE=/var/lib/courier/couriersslcache

TLS_CACHESIZE=524288

MAILDIRPATH=Maildir

</pre>



<pre>

</pre>



<pre>

</pre>