Mail Server: Difference between revisions
Jump to navigation
Jump to search
(→Cyrus) |
|||
| Line 24: | Line 24: | ||
tls_key_file: /etc/ssl/private/ssl-cert-snakeoil.key | tls_key_file: /etc/ssl/private/ssl-cert-snakeoil.key | ||
</syntaxhighlight> | </syntaxhighlight> | ||
==== /etc/cyrus.conf ==== | |||
=== Security === | |||
* Create user cyrus in Sasl Database | |||
<pre>saslpasswd2 -c cyrus </pre> | |||
* Add group ssl-cert to cyrus | |||
<pre>useradd -G ssl-cert cyrus<<pre> | |||
== Postfix == | == Postfix == | ||
Revision as of 03:31, 2 June 2016
Cyrus
Installation
Install Cyrus Package
apt-get install cyrus-admin cyrus-clients cyrus-common cyrus-doc cyrus-imapd cyrus-nntpd cyrus-pop3d cyrus-sasl2-doc libcyrus-imap-perl
Install Sasl auth
apt-get install libauthen-sasl-perl libgsasl7 libsasl2-2 libsasl2-modules libsasl2-modules-db sasl2-bin
Validate / Adjust the configuration
/etc/default/saslauthd
START=yes
##Postfix Rooted
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
/etc/imapd.conf
admins: cyrus
sasl_mech_list: PLAIN LOGIN
defaultdomain: objclt.com
sasl_pwcheck_method: saslauthd
tls_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem
tls_key_file: /etc/ssl/private/ssl-cert-snakeoil.key
/etc/cyrus.conf
Security
- Create user cyrus in Sasl Database
saslpasswd2 -c cyrus
- Add group ssl-cert to cyrus
useradd -G ssl-cert cyrus<<pre>
== Postfix ==
Web site [http://www.postfix.org PostFix]
=== Installation ===
<syntaxhighlight lang="bash">apt-get install postfix</syntaxhighlight>
=== Configuration ===
# /etc/postfix/main.cf
<syntaxhighlight lang="bash">mailbox_transport = cyrus</syntaxhighlight>
# /etc/postfix/master.cf
<syntaxhighlight lang="bash">
# The Cyrus deliver program has changed incompatibly, multiple times.
cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/sbin/cyrdeliver -e -m "${extension}" ${user}
</syntaxhighlight>
<syntaxhighlight lang="bash">
mailbox_transport = lmtp:unix:/var/run/lmtp
lmtp unix - - n - - lmtp
</syntaxhighlight>
<syntaxhighlight lang="bash">adduser postfix mail</syntaxhighlight>
saslpasswd2 -c cyrus
== Spamassassin ==
Web site [http://spamassassin.apache.org/ SpamAssassin]
=== Installation ===
<syntaxhighlight lang="bash">apt-get install spamassassin</syntaxhighlight>
== Open DKIM ==
Web site [http://www.opendkim.org/ Open DKIM]
=== Installation ===
<syntaxhighlight lang="bash"apt-get install opendkim</syntaxhighlight>
=== Setup ===
For each domain:
* Create folder <pre>mkdir /etc/opendkim/keys/domain_name
- Update configuration file /etc/opendkim/KeyTable
- Generate Key
opendkim-genkey -s mail -d domain_name
- Change Owner
chown opendkim: /etc/opendkim/KeyTable/domaine_name/mail.private
- Copy the key (mail.txt) into the dns record.
Unbound
Web site Unbound
Not tested yet