Mail Server

apt-get install cyrus-admin cyrus-clients cyrus-common cyrus-doc cyrus-imapd cyrus-nntpd cyrus-pop3d cyrus-sasl2-doc libcyrus-imap-perl

apt-get install libauthen-sasl-perl libgsasl7 libsasl2-2 libsasl2-modules libsasl2-modules-db sasl2-bin

START=yes
##Postfix Rooted
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"

admins: cyrus
sasl_mech_list: PLAIN LOGIN
defaultdomain: objclt.com
sasl_pwcheck_method: saslauthd
tls_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem
tls_key_file: /etc/ssl/private/ssl-cert-snakeoil.key

apt-get install postfix postfix-pcre

mailbox_transport = cyrus

# The Cyrus deliver program has changed incompatibly, multiple times.
cyrus     unix  -   n   n   -   -   pipe
  flags=R user=cyrus argv=/usr/sbin/cyrdeliver -e -m "${extension}" ${user}

mailbox_transport = lmtp:unix:/var/run/lmtp

lmtp      unix  -       -       n       -       -       lmtp

adduser postfix mail

usermod -a -G sasl,opendkim,spamass-milter postfix

openssl s_client -starttls smtp -connect smtp.objclt.ca:25

ehlo mail.yahoo.com
250-mail.objclt.ca
250-PIPELINING
250-SIZE 104857600
250-ETRN
250-AUTH PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
mail from:nicolas_rollin@yahoo.com
250 2.1.0 Ok
rcpt to:nouser@objclt.ca
550 5.1.1 <nouser@objclt.ca>: Recipient address rejected: User unknown in local recipient table

apt-get install spamassassin spamass-milter

apt-get install pyzor razor

# Enable Pyzor
use_pyzor 1
# Path to Pyzor executable
pyzor_path /usr/bin/pyzor

cpan -i Archive::Tar Digest::SHA Net::DNS Net::DNS::Resolver::Programmable Mail::SPF Geo::IP Net::CIDR::Lite IO::Socket::IP \
IP::Country Net::Ident Net::Patricia IO::Socket::INET6 Compress::Zlib Mail::DKIM LWP::UserAgent HTTP::Date Encode::Detect ExtUtils::MakeMaker \
NetAddr::IP Mail::SpamAssassin::Plugin::Razor2 Razor2::Client::Agent IO::Socket::SSL DBI Sys::Syslog

spamassassin -D --lint 2>&1 | grep -i failed

spamassassin -D < /usr/share/doc/spamassassin/examples/sample-spam.txt

###Nr001ENABLED=0
ENABLED=1

###Nr001 OPTIONS="--create-prefs --max-children 5 --helper-home-dir"
OPTIONS="--create-prefs --max-children 5 --helper-home-dir -u spamass-milter"

###Nr001 CRON=0
CRON=1

apt-get install opendkim

###Nr001 SOCKET="local:/var/run/opendkim/opendkim.sock"
SOCKET="inet:12301@localhost"

smtpd_milters = unix:spamass/spamass.sock, inet:localhost:12301
non_smtpd_milters = unix:spamass/spamass.sock, inet:localhost:12301

apt-get install libmilter-dev

make

make install PREFIX=/usr

mk dir /etc/batv

# Path to the socket file. If you're using Postfix you may want
# to put the socket file in /var/spool/postfix so it's accessible
# even when Postfix is chroot'd.
###socket                       /var/run/batv-milter/batv-milter.sock
socket                  /var/spool/postfix/batv-milter/batv-milter.sock
###socket                       /var/spool/postfix/var/run/batv-milter/batv-milter.sock


# Socket file permissions. You should ensure that only your MTA has
# access to the socket file.
socket-mode             660

# Path to the key map file.  See comments in this file for details.
key-map                 /etc/batv/batv-keys.conf

# batv-milter only signs outbound mail from authenticated senders and
# "internal" hosts, as defined by the "internal-host" option.
# You can specify IPv4 and IPv6 addresses, with an optional
# prefix length (e.g. /24) for subnets.
internal-host           127.0.0.0/8
internal-host           ::1
#internal-host          192.168.1.0/24
#internal-host          2001:db8:8af4::/48

# Lifetime of address signatures, in days.  7 is the default.
#lifetime               7

# By default batv-milter both signs outbound mail and verifies the signatures
# of incoming mail.  You can uncomment one of the following two lines to
# adjust this behavior.
#mode                   verify
#mode                   sign

# By default batv-milter uses the address meta-syntax specified by the draft
# BATV standard.  However, if you specify the sub-address-delimiter option,
# then it will use a non-standard meta-syntax based on sub-addressing, using
# the given sub-address delimiter (typically + or -)
#sub-address-delimiter  +

# By default, batv-milter accepts invalid bounces.  To reject them at
# SMTP time, set "on-invalid" to "reject".
#on-invalid             reject

# By default, batv-milter returns a temporary failure ("tempfail") if it
# encounters an internal error.  You can change this to "accept" or "reject".
#on-internal-error      accept

# Sample batv-keys.conf file.
# This file specifies a mapping from domain/address to key file.
# BATV is only enabled for users/domains specified in this file.
# Key files should consist of 64 bytes of random data, and can be
# generated with:
#  dd if=/dev/random of=keyfile bs=1 count=64

# Blank lines and lines starting with '#' are ignored.

# Typical mapping for the entire example.com domain:
#@example.com           /etc/batv-key.example.com
# You can also specify individual address.  These always take precedence
# over domain mappings, regardless of order in this file.
#andrew@example.com     /etc/batv-key.andrew
@objclt.ca              /etc/batv/key/objclt.ca.key

# You can specify an empty key file (e.g. /dev/null) to disable BATV
# for a particular user:
#bob@example.com        /dev/null

mkdir /var/spool/postfix/batv-milter
chown postfix /var/spool/postfix/batv-milter