Projet

Général

Profil

Serveur Mail tetalab » Historique » Version 3

Version 2 (iku jam, 09/01/2012 17:29) → Version 3/11 (iku jam, 24/01/2012 13:08)

h1. Serveur Mail tetalab

{{>toc}}

[[HowTo Mail Backup - Ikujam]]

pour l'instant y a juste les fichiers de config, des commentaires à venir ~

h2. installation sous debian

h3. paquets requis :

<pre>
ii courier-authdaemon 0.63.0-3.1 Courier authentication daemon
ii courier-authlib 0.63.0-3.1 Courier authentication library
ii courier-authlib-ldap 0.63.0-3.1 LDAP support for the Courier authentication library
ii courier-authlib-postgresql 0.63.0-3.1 PostgreSQL support for the Courier authentication library
ii courier-authlib-userdb 0.63.0-3.1 userdb support for the Courier authentication library
ii courier-base 0.66.1-1 Courier mail server - base system
ii courier-imap 4.9.1-1 Courier mail server - IMAP server
ii courier-imap-ssl 4.9.1-1 Courier mail server - IMAP over SSL
ii courier-pop 0.66.1-1 Courier mail server - POP3 server
ii courier-ssl 0.66.1-1 Courier mail server - SSL/TLS Support

ii postfix 2.8.3-1 High-performance mail transport agent
ii postfix-pgsql 2.8.3-1 PostgreSQL map support for Postfix
ii postfixadmin 2.3.2 Virtual mail hosting interface for Postfix
ii postgresql 9.0.4-1 object-relational SQL database (supported version)
rc postgresql-8.4 8.4.5-0squeeze2 object-relational SQL database, version 8.4 server
ii postgresql-9.0 9.0.4-1+b1 object-relational SQL database, version 9.0 server
ii postgresql-client-9.0 9.0.4-1+b1 front-end programs for PostgreSQL 9.0
ii postgresql-client-common 118 manager for multiple PostgreSQL client versions
ii postgresql-common 118 PostgreSQL database-cluster manager
ii postgresql-contrib 9.0.4-1 additional facilities for PostgreSQL (supported version)
ii postgresql-contrib-9.0 9.0.4-1+b1 additional facilities for PostgreSQL
ii postgrey 1.34-1 greylisting implementation for Postfix

ii sasl2-bin 2.1.24~rc1.dfsg1+cvs2011-05-23-4 Cyrus SASL - administration programs for SASL users database

ii squirrelmail 2:1.4.21-1 Webmail for nuts
ii squirrelmail-locales 1.4.18-20090526-1 Translations for the SquirrelMail Webmail package
ii squirrelmail-viewashtml 3.8-3 SquirrelMail plugin: View mails as HTML
</pre>

h3. config

/etc/postfix/main.cf

_attention, copier-coller de tetalab.org (derriere un nat => proxy etc...)_

<pre>
smtpd_banner = $myhostname ESMTP $mail_name
biff = no
append_dot_mydomain = no
readme_directory = no
smtp_use_tls=yes
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
myhostname = tetalab.org
alias_maps = hash:/etc/aliases,hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = web.tetalab.org, www.tetalab.org, localhost.tetalab.org, localhost
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.23.0/24
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_authenticated_header = yes
smtpd_sasl_auth_enable = yes
smtp_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sender_restrictions = permit_sasl_authenticated
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
check_policy_service inet:127.0.0.1:10023
smtp_tls_note_starttls_offer = yes
smtpd_sasl_local_domain = tetalab.org
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_CAfile = /etc/postfix/ssl/smtpd.pem
smtp_tls_loglevel = 1
smtp_sasl_path = smtpd
smtpd_sasl_path = smtpd
smtp_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
relay_domains = proxy:pgsql:/etc/postfix/pgsql/relay_domains.cf, lists.tetalab.org, lists.mixart-myrys.org, lists.toulouserb.org
virtual_alias_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_alias_maps.cf
virtual_mailbox_domains = proxy:pgsql:/etc/postfix/pgsql/virtual_domain_maps.cf
virtual_mailbox_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.cf
smtp_sasl_password_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.cf
virtual_mailbox_base = /var/mail/vmail
virtual_mailbox_limit = 51200000
virtual_minimum_uid = 8
virtual_transport = virtual
virtual_uid_maps = static:8
virtual_gid_maps = static:8
local_transport = virtual
local_recipient_maps = $virtual_mailbox_maps
transport_maps = hash:/etc/postfix/transport
mailman_destination_recipient_limit = 1
smtp_sasl_mechanism_filter = plain, login
proxy_interfaces = 88.191.126.74
</pre>

Dans @/etc/postfix/pgsql@

*relay_domains.cf* :
<pre>
user = postfixadmin
password = PASSWORD
hosts = localhost
dbname = postfixadmin
query = SELECT domain FROM domain WHERE domain='%s' and backupmx = true
</pre>

*virtual_alias_maps.cf* :
<pre>
user = postfixadmin
password = PASSWORD
hosts = localhost
dbname = postfixadmin
query = SELECT goto FROM alias WHERE address='%s' AND active = true
</pre>

*virtual_domain_maps.cf* :
<pre>
user = postfixadmin
password = PASSWORD
hosts = localhost
dbname = postfixadmin
#query = SELECT domain FROM domain WHERE domain='%s'
#optional query to use when relaying for backup MX
query = SELECT domain FROM domain WHERE domain='%s' and backupmx = false and active = true
</pre>

*virtual_mailbox_limits.cf* :
<pre>
# Used for QUOTA!
user = postfixadmin
password = PASSWORD
hosts = localhost
dbname = postfixadmin
query = SELECT quota FROM mailbox WHERE username='%s'
</pre>

*virtual_mailbox_maps.cf* :
<pre>
user = postfixadmin
password = PASSWORD
hosts = localhost
dbname = postfixadmin
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = true
</pre>

h3. courier

Dans @/etc/courier@

*authdaemonrc* :
<pre>
authmodulelist="authpgsql"
authmodulelistorig="authuserdb authpam authpgsql authldap authmysql authcustom authpipe"
daemons=5
authdaemonvar=/var/run/courier/authdaemon
DEBUG_LOGIN=1
DEFAULTOPTIONS=""
LOGGEROPTS=""
</pre>

*authldaprc* :
<pre>
LDAP_URI ldap://localhost
LDAP_PROTOCOL_VERSION 3
LDAP_BASEDN ou=People,dc=tetalab,dc=org
LDAP_TIMEOUT 5
LDAP_MAIL mail
LDAP_HOMEDIR homeDirectory
LDAP_MAILDIR mailbox
LDAP_DEFAULTDELIVERY defaultDelivery
LDAP_FULLNAME cn
LDAP_CLEARPW clearPassword
LDAP_CRYPTPW userPassword
LDAP_DEREF never
LDAP_TLS 0
</pre>

*authpgsqlrc* :
<pre>
PGSQL_HOST localhost
PGSQL_PORT 5432
PGSQL_USERNAME postfixadmin
PGSQL_PASSWORD PASSWORD
PGSQL_DATABASE postfixadmin
PGSQL_USER_TABLE mailbox
PGSQL_CRYPT_PWFIELD password
PGSQL_UID_FIELD 8
PGSQL_GID_FIELD 8
PGSQL_LOGIN_FIELD username
PGSQL_HOME_FIELD '/var/mail/vmail'
PGSQL_NAME_FIELD name
PGSQL_MAILDIR_FIELD maildir
PGSQL_QUOTA_FIELD quota
</pre>

*imapd* :
<pre>
ADDRESS=0
PORT=143
MAXDAEMONS=40
MAXPERIP=20
PIDFILE=/var/run/courier/imapd.pid
TCPDOPTS="-nodnslookup -noidentlookup"
LOGGEROPTS="-name=imapd"
IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE"
IMAP_KEYWORDS=1
IMAP_ACL=1
IMAP_CAPABILITY_ORIG="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE"
IMAP_PROXY=0
IMAP_PROXY_FOREIGN=0
IMAP_IDLE_TIMEOUT=60
IMAP_MAILBOX_SANITY_CHECK=1
IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN"
IMAP_CAPABILITY_TLS_ORIG="$IMAP_CAPABILITY_ORIG AUTH=PLAIN"
IMAP_DISABLETHREADSORT=0
IMAP_CHECK_ALL_FOLDERS=0
IMAP_OBSOLETE_CLIENT=0
IMAP_UMASK=022
IMAP_ULIMITD=131072
IMAP_USELOCKS=1
IMAP_SHAREDINDEXFILE=/etc/courier/shared/index
IMAP_ENHANCEDIDLE=0
IMAP_TRASHFOLDERNAME=Trash
IMAP_EMPTYTRASH=Trash:7
IMAP_MOVE_EXPUNGE_TO_TRASH=0
SENDMAIL=/usr/sbin/sendmail
HEADERFROM=X-IMAP-Sender
IMAPDSTART=YES
MAILDIRPATH=Maildir
</pre>

*imapd-ssl* :
<pre>
SSLPORT=993
SSLADDRESS=0
SSLPIDFILE=/var/run/courier/imapd-ssl.pid
SSLLOGGEROPTS="-name=imapd-ssl"
IMAPDSSLSTART=YES
IMAPDSTARTTLS=YES
IMAP_TLS_REQUIRED=0
COURIERTLS=/usr/bin/couriertls
TLS_KX_LIST=ALL
TLS_COMPRESSION=ALL
TLS_CERTS=X509
TLS_CERTFILE=/etc/courier/imapd.pem
TLS_TRUSTCERTS=/etc/ssl/certs
TLS_VERIFYPEER=NONE
TLS_CACHEFILE=/var/lib/courier/couriersslcache
TLS_CACHESIZE=524288
MAILDIRPATH=Maildir
</pre>

<pre>
</pre>

<pre>
</pre>