Mail Server: Difference between revisions
Jump to navigation
Jump to search
| Line 31: | Line 31: | ||
<pre>saslpasswd2 -c cyrus </pre> | <pre>saslpasswd2 -c cyrus </pre> | ||
* Add group ssl-cert to cyrus | * Add group sasl and ssl-cert to cyrus | ||
<pre>usermod -a -G ssl-cert cyrus</pre> | <pre>usermod -a -G sasl,ssl-cert cyrus</pre> | ||
== Postfix == | == Postfix == | ||
Revision as of 05:04, 2 June 2016
Cyrus
Installation
Install Cyrus Package
apt-get install cyrus-admin cyrus-clients cyrus-common cyrus-doc cyrus-imapd cyrus-nntpd cyrus-pop3d cyrus-sasl2-doc libcyrus-imap-perl
Install Sasl auth
apt-get install libauthen-sasl-perl libgsasl7 libsasl2-2 libsasl2-modules libsasl2-modules-db sasl2-bin
Validate / Adjust the configuration
/etc/default/saslauthd
START=yes
##Postfix Rooted
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
/etc/imapd.conf
admins: cyrus
sasl_mech_list: PLAIN LOGIN
defaultdomain: objclt.com
sasl_pwcheck_method: saslauthd
tls_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem
tls_key_file: /etc/ssl/private/ssl-cert-snakeoil.key
/etc/cyrus.conf
Security
- Create user cyrus in Sasl Database
saslpasswd2 -c cyrus
- Add group sasl and ssl-cert to cyrus
usermod -a -G sasl,ssl-cert cyrus
Postfix
Web site PostFix
Installation
apt-get install postfix
Configuration
- /etc/postfix/main.cf
mailbox_transport = cyrus
- /etc/postfix/master.cf
# The Cyrus deliver program has changed incompatibly, multiple times.
cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/sbin/cyrdeliver -e -m "${extension}" ${user}
mailbox_transport = lmtp:unix:/var/run/lmtp
lmtp unix - - n - - lmtp
adduser postfix mail
Security
- Add group sasl opendkim spamass-milter
usermod -a -G sasl,opendkim,spamass-milter postfix
Spamassassin
Web site SpamAssassin
Installation
apt-get install spamassassin spamass-milter
Open DKIM
Web site Open DKIM
Installation
<syntaxhighlight lang="bash"apt-get install opendkim</syntaxhighlight>
Setup
For each domain:
- Create folder
mkdir /etc/opendkim/keys/domain_name
- Update configuration file /etc/opendkim/KeyTable
- Generate Key
opendkim-genkey -s mail -d domain_name
- Change Owner
chown opendkim: /etc/opendkim/KeyTable/domaine_name/mail.private
- Copy the key (mail.txt) into the dns record.
Unbound
Web site Unbound
Not tested yet