Project

General

Profile

Serveur Mail tetalab

HowTo Mail Backup - Ikujam

pour l'instant y a juste les fichiers de config, des commentaires à venir ~

installation sous debian

paquets requis :

ii  courier-authdaemon                0.63.0-3.1                       Courier authentication daemon
ii  courier-authlib                   0.63.0-3.1                       Courier authentication library
ii  courier-authlib-ldap              0.63.0-3.1                       LDAP support for the Courier authentication library
ii  courier-authlib-postgresql        0.63.0-3.1                       PostgreSQL support for the Courier authentication library
ii  courier-authlib-userdb            0.63.0-3.1                       userdb support for the Courier authentication library
ii  courier-base                      0.66.1-1                         Courier mail server - base system
ii  courier-imap                      4.9.1-1                          Courier mail server - IMAP server
ii  courier-imap-ssl                  4.9.1-1                          Courier mail server - IMAP over SSL
ii  courier-pop                       0.66.1-1                         Courier mail server - POP3 server
ii  courier-ssl                       0.66.1-1                         Courier mail server - SSL/TLS Support

ii  postfix                           2.8.3-1                          High-performance mail transport agent
ii  postfix-pgsql                     2.8.3-1                          PostgreSQL map support for Postfix
ii  postfixadmin                      2.3.2                            Virtual mail hosting interface for Postfix
ii  postgresql                        9.0.4-1                          object-relational SQL database (supported version)
rc  postgresql-8.4                    8.4.5-0squeeze2                  object-relational SQL database, version 8.4 server
ii  postgresql-9.0                    9.0.4-1+b1                       object-relational SQL database, version 9.0 server
ii  postgresql-client-9.0             9.0.4-1+b1                       front-end programs for PostgreSQL 9.0
ii  postgresql-client-common          118                              manager for multiple PostgreSQL client versions
ii  postgresql-common                 118                              PostgreSQL database-cluster manager
ii  postgresql-contrib                9.0.4-1                          additional facilities for PostgreSQL (supported version)
ii  postgresql-contrib-9.0            9.0.4-1+b1                       additional facilities for PostgreSQL
ii  postgrey                          1.34-1                           greylisting implementation for Postfix

ii  sasl2-bin                         2.1.24~rc1.dfsg1+cvs2011-05-23-4 Cyrus SASL - administration programs for SASL users database

ii  squirrelmail                      2:1.4.21-1                       Webmail for nuts
ii  squirrelmail-locales              1.4.18-20090526-1                Translations for the SquirrelMail Webmail package
ii  squirrelmail-viewashtml           3.8-3                            SquirrelMail plugin: View mails as HTML

config

/etc/postfix/main.cf

attention, copier-coller de tetalab.org (derriere un nat => proxy etc...)

smtpd_banner = $myhostname ESMTP $mail_name
biff = no
append_dot_mydomain = no
readme_directory = no
smtp_use_tls=yes
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
myhostname = tetalab.org
alias_maps = hash:/etc/aliases,hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = web.tetalab.org, www.tetalab.org, localhost.tetalab.org, localhost
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.23.0/24
mailbox_command = procmail -a "$EXTENSION" 
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_authenticated_header = yes
smtpd_sasl_auth_enable = yes
smtp_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sender_restrictions = permit_sasl_authenticated
smtpd_recipient_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_unauth_destination,
        check_policy_service inet:127.0.0.1:10023
smtp_tls_note_starttls_offer = yes
smtpd_sasl_local_domain = tetalab.org
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
smtp_tls_note_starttls_offer = yes 
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_CAfile = /etc/postfix/ssl/smtpd.pem
smtp_tls_loglevel = 1
smtp_sasl_path = smtpd
smtpd_sasl_path = smtpd
smtp_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
relay_domains = proxy:pgsql:/etc/postfix/pgsql/relay_domains.cf, lists.tetalab.org, lists.mixart-myrys.org, lists.toulouserb.org
virtual_alias_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_alias_maps.cf
virtual_mailbox_domains = proxy:pgsql:/etc/postfix/pgsql/virtual_domain_maps.cf
virtual_mailbox_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.cf
smtp_sasl_password_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.cf
virtual_mailbox_base = /var/mail/vmail
virtual_mailbox_limit = 51200000
virtual_minimum_uid = 8
virtual_transport = virtual
virtual_uid_maps = static:8
virtual_gid_maps = static:8
local_transport = virtual
local_recipient_maps = $virtual_mailbox_maps
transport_maps = hash:/etc/postfix/transport
mailman_destination_recipient_limit = 1
smtp_sasl_mechanism_filter = plain, login
proxy_interfaces = 88.191.126.74

Dans /etc/postfix/pgsql

relay_domains.cf :

user = postfixadmin
password = PASSWORD
hosts = localhost
dbname = postfixadmin
query = SELECT domain FROM domain WHERE domain='%s' and backupmx = true

virtual_alias_maps.cf :

user = postfixadmin
password = PASSWORD
hosts = localhost
dbname = postfixadmin
query = SELECT goto FROM alias WHERE address='%s' AND active = true

virtual_domain_maps.cf :

user = postfixadmin
password = PASSWORD
hosts = localhost
dbname = postfixadmin
#query = SELECT domain FROM domain WHERE domain='%s'
#optional query to use when relaying for backup MX
query = SELECT domain FROM domain WHERE domain='%s' and backupmx = false and active = true

virtual_mailbox_limits.cf :

# Used for QUOTA!
user = postfixadmin
password = PASSWORD
hosts = localhost
dbname = postfixadmin
query = SELECT quota FROM mailbox WHERE username='%s'

virtual_mailbox_maps.cf :

user = postfixadmin
password = PASSWORD
hosts = localhost
dbname = postfixadmin
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = true

courier

Dans /etc/courier

authdaemonrc :

authmodulelist="authpgsql" 
authmodulelistorig="authuserdb authpam authpgsql authldap authmysql authcustom authpipe" 
daemons=5
authdaemonvar=/var/run/courier/authdaemon
DEBUG_LOGIN=1
DEFAULTOPTIONS="" 
LOGGEROPTS="" 

authldaprc :

LDAP_URI                ldap://localhost
LDAP_PROTOCOL_VERSION   3
LDAP_BASEDN             ou=People,dc=tetalab,dc=org
LDAP_TIMEOUT            5
LDAP_MAIL               mail
LDAP_HOMEDIR            homeDirectory
LDAP_MAILDIR            mailbox
LDAP_DEFAULTDELIVERY    defaultDelivery
LDAP_FULLNAME           cn
LDAP_CLEARPW            clearPassword
LDAP_CRYPTPW            userPassword
LDAP_DEREF              never
LDAP_TLS                0

authpgsqlrc :

PGSQL_HOST              localhost
PGSQL_PORT              5432
PGSQL_USERNAME          postfixadmin
PGSQL_PASSWORD          PASSWORD
PGSQL_DATABASE          postfixadmin
PGSQL_USER_TABLE        mailbox
PGSQL_CRYPT_PWFIELD     password
PGSQL_UID_FIELD         8
PGSQL_GID_FIELD         8
PGSQL_LOGIN_FIELD       username
PGSQL_HOME_FIELD        '/var/mail/vmail'
PGSQL_NAME_FIELD        name
PGSQL_MAILDIR_FIELD     maildir
PGSQL_QUOTA_FIELD       quota

imapd :

ADDRESS=0
PORT=143
MAXDAEMONS=40
MAXPERIP=20
PIDFILE=/var/run/courier/imapd.pid
TCPDOPTS="-nodnslookup -noidentlookup" 
LOGGEROPTS="-name=imapd" 
IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE" 
IMAP_KEYWORDS=1
IMAP_ACL=1
IMAP_CAPABILITY_ORIG="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE" 
IMAP_PROXY=0
IMAP_PROXY_FOREIGN=0
IMAP_IDLE_TIMEOUT=60
IMAP_MAILBOX_SANITY_CHECK=1
IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN" 
IMAP_CAPABILITY_TLS_ORIG="$IMAP_CAPABILITY_ORIG AUTH=PLAIN" 
IMAP_DISABLETHREADSORT=0
IMAP_CHECK_ALL_FOLDERS=0
IMAP_OBSOLETE_CLIENT=0
IMAP_UMASK=022
IMAP_ULIMITD=131072
IMAP_USELOCKS=1
IMAP_SHAREDINDEXFILE=/etc/courier/shared/index
IMAP_ENHANCEDIDLE=0
IMAP_TRASHFOLDERNAME=Trash
IMAP_EMPTYTRASH=Trash:7
IMAP_MOVE_EXPUNGE_TO_TRASH=0
SENDMAIL=/usr/sbin/sendmail
HEADERFROM=X-IMAP-Sender
IMAPDSTART=YES
MAILDIRPATH=Maildir

imapd-ssl :

SSLPORT=993
SSLADDRESS=0
SSLPIDFILE=/var/run/courier/imapd-ssl.pid
SSLLOGGEROPTS="-name=imapd-ssl" 
IMAPDSSLSTART=YES
IMAPDSTARTTLS=YES
IMAP_TLS_REQUIRED=0
COURIERTLS=/usr/bin/couriertls
TLS_KX_LIST=ALL
TLS_COMPRESSION=ALL
TLS_CERTS=X509
TLS_CERTFILE=/etc/courier/imapd.pem
TLS_TRUSTCERTS=/etc/ssl/certs
TLS_VERIFYPEER=NONE
TLS_CACHEFILE=/var/lib/courier/couriersslcache
TLS_CACHESIZE=524288
MAILDIRPATH=Maildir