При установке будем ориентироваться на этот мануал: http://dummyluck.com/page/pochtovyi_server_nastroika_opisanie
Настройку будем производить для сервера с одним доменом. Система FreeBSD 10.2
1. Подготовка
Прописываем хостнейм /etc/rc.conf
hostname="servmp.megapuper.ru"
делаем изменения в хостах /etc/hosts
127.0.0.1 localhost
109.172.52.114 megapuper.ru
109.172.52.114 mail.megapuper.ru
создаём пользователя и добавляем его в группу mail
# pw useradd mail -g mail -s /sbin/nologin -u 1000
# pw groupmod mail -m mail
сразу отключаем sendmail
[etc/rc.conf]
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
[/etc/periodic.conf]
daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"
2. Установка Nginx, MySQL, PHP, PHP-extension. Этот web-сервер будет использоваться для PostfixAdmin
Здесь коротко, ибо уже тыщу раз ставилось)
Nginx cтавим из пакетов
# pkg install nginx
основной конфиг /usr/local/etc/nginx/nginx.conf
user www;
worker_processes 2;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
include /usr/local/etc/nginx/mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
client_max_body_size 5m;
server_names_hash_bucket_size 64;
types_hash_max_size 2048;
types_hash_bucket_size 64;
include /usr/local/etc/nginx/conf.d/*.conf;
}
конфиг виртуального хоста /usr/local/etc/nginx/conf/postfix.conf
server {
listen 80;
server_name postfix.megapuper.ru;
root /usr/local/www/postfix;
index index.php index.html index.htm;
access_log /var/log/nginx/postfix.access.log;
error_log /var/log/nginx/postfix.error.log;
location / {
# try_files $uri $uri/ /index.php?$uri&$args;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:10000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
fastcgi_intercept_errors on;
include fastcgi_params;
}
}
PHP и нужные PHP-extension тоже ставим из пакетов
# pkg install php55
# pkg install php55-* (пригодятся php55-ctype php55-dom php55-gd php55-hash php55-iconv php55-imap php55-json php55-mbstring php55-mcrypt php55-mysql php55-mysqli php55-session php55-xml)
конфиг php-fpm /usr/local/etc/php-fpm.conf
[global]
error_log = /var/log/php/php-fpm.log
pid = /var/run/php-fpm.pid
log_level = notice
include=/usr/local/etc/php/*.conf
конфиг для виртуального хоста /usr/local/etc/php/postfix.conf
[postfix]
prefix = /usr/local/www/$pool
listen = 127.0.0.1:10000
listen.allowed_clients = 127.0.0.1
listen.owner = www
listen.group = www
listen.mode = 0660
user = www
group = www
pm = dynamic
pm.max_children = 4
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.max_requests = 100
;pm.status_path = /status/php-fpm/$pool
request_terminate_timeout = 0
request_slowlog_timeout = 1m
slowlog = /var/log/php/$pool.slow.log
catch_workers_output = yes
MySQL тоже из пакетов
# pkg install mysql56-server
простенький конфиг /etc/my.cnf
[mysqld]
bind-address=127.0.0.1
В конфигах, где используется подключение к базе указываем хост 127.0.0.1
После этого имеем готовый web-сервер можно переходить к установке PostfixAdmin
3. Установка PostfixAdmin
Скачиваем последнюю версию отсюда http://sourceforge.net/projects/postfixadmin/ и заливаем на web-сервер
создаём базу и даём права пользователю
> create database postfix character set utf8 collate utf8_general_ci;
> grant all on postfix.* to postfix@127.0.0.1 identified by 'ПАРОЛЬ';
Правим основной конфиг PostfixAdmin config.inc.php
Spoiler
<?php
$CONF['configured'] = true;
// In order to setup Postfixadmin, you MUST specify a hashed password here.
// To create the hash, visit setup.php in a browser and type a password into the field,
// on submission it will be echoed out to you as a hashed value.
$CONF['setup_password'] = 'пароль_установки';
// Language config
// Language files are located in './languages', change as required..
$CONF['default_language'] = 'ru';
// Hook to override or add translations in $PALANG
// Set to the function name you want to use as hook function (see language_hook example function below)
$CONF['language_hook'] = ;
// Database Config
// mysql = MySQL 3.23 and 4.0, 4.1 or 5
// mysqli = MySQL 4.1+
// pgsql = PostgreSQL
$CONF['database_type'] = 'mysqli';
$CONF['database_host'] = '127.0.0.1';
$CONF['database_user'] = 'postfix';
$CONF['database_password'] = 'ПАРОЛЬ';
$CONF['database_name'] = 'postfix';
// Here, if you need, you can customize table names.
$CONF['database_prefix'] = ;
$CONF['database_tables'] = array (
'admin' => 'admin'
'alias' => 'alias',
'alias_domain' => 'alias_domain',
'config' => 'config',
'domain' => 'domain',
'domain_admins' => 'domain_admins',
'fetchmail' => 'fetchmail',
'log' => 'log',
'mailbox' => 'mailbox',
'vacation' => 'vacation',
'vacation_notification' => 'vacation_notification',
'quota' => 'quota',
'quota2' => 'quota2',
);
// Site Admin
$CONF['admin_email'] = 'postmaster@megapuper.ru';
// Mail Server
$CONF['smtp_server'] = '127.0.0.1';
$CONF['smtp_port'] = '25';
// Encrypt
$CONF['encrypt'] = 'cleartext';
// Password validation
// New/changed passwords will be validated using all regular expressions in the array.
// If a password doesn't match one of the regular expressions, the corresponding
// error message from $PALANG (see languages/) will be displayed.
// If you need custom error messages, you can add them using $CONF['language_hook'].
// If a $PALANG text contains a %s, you can add its value after the $PALANG key
// (separated with a space).
$CONF['password_validation'] = array(
'/.{5}/' => 'password_too_short 5', # minimum length 5 characters
'/([a-zA-Z].*){3}/' => 'password_no_characters 3', # must contain at least 3 characters
'/([0-9].*){2}/' => 'password_no_digits 2', # must contain at least 2 digits
);
// Generate Password
$CONF['generate_password'] = 'NO';
// Show Password
$CONF['show_password'] = 'NO';
// Page Size
// Set the number of entries that you would like to see in one page.
$CONF['page_size'] = '50';
// Default Aliases
//$CONF['default_aliases'] = array (
// 'abuse' => 'abuse@change-this-to-your.domain.tld',
// 'hostmaster' => 'hostmaster@change-this-to-your.domain.tld',
// 'postmaster' => 'postmaster@change-this-to-your.domain.tld',
// 'webmaster' => 'webmaster@change-this-to-your.domain.tld'
//);
// Mailboxes
// YES: /usr/local/virtual/domain.tld/username@domain.tld
// NO: /usr/local/virtual/username@domain.tld
$CONF['domain_path'] = 'YES';
// If you don't want to have the domain in your mailbox set this to 'NO'.
// YES: /usr/local/virtual/domain.tld/username@domain.tld
// NO: /usr/local/virtual/domain.tld/username
// Note: If $CONF['domain_path'] is set to NO, this setting will be forced to YES.
$CONF['domain_in_mailbox'] = 'NO';
// If you want to define your own function to generate a maildir path set this to the name of the function.
// - this configuration directive will override both domain_path and domain_in_mailbox
// - the maildir_name_hook() function example is present below, commented out
// - if the function does not exist the program will default to the above domain_path and domain_in_mailbox settings
$CONF['maildir_name_hook'] = 'NO';
$CONF['admin_struct_hook'] = ;
$CONF['domain_struct_hook'] = ;
$CONF['alias_struct_hook'] = ;
$CONF['mailbox_struct_hook'] = ;
$CONF['alias_domain_struct_hook'] = ;
// Default Domain Values
// Specify your default values below. Quota in MB.
$CONF['aliases'] = '0';
$CONF['mailboxes'] = '0';
$CONF['maxquota'] = '0';
$CONF['domain_quota_default'] = '0';
// Quota
// When you want to enforce quota for your mailbox users set this to 'YES'.
$CONF['quota'] = 'YES';
// If you want to enforce domain-level quotas set this to 'YES'.
$CONF['domain_quota'] = 'YES';
// You can either use '1024000' or '1048576'
$CONF['quota_multiplier'] = '1048576';
// Transport
// If you want to define additional transport options for a domain set this to 'YES'.
$CONF['transport'] = 'YES';
// Transport options
// If you want to define additional transport options put them in array below.
$CONF['transport_options'] = array (
'virtual', // for virtual accounts
'local', // for system accounts
'relay' // for backup mx
);
// Transport default
// You should define default transport. It must be in array above.
$CONF['transport_default'] = 'virtual';
// Virtual Vacation Stuff
// If you want to use virtual vacation for you mailbox users set this to 'YES'.
// NOTE: Make sure that you install the vacation module. (See VIRTUAL-VACATION/)
$CONF['vacation'] = 'NO';
// This is the autoreply domain that you will need to set in your Postfix
// transport maps to handle virtual vacations. It does not need to be a
// real domain (i.e. you don't need to setup DNS for it).
// This domain must exclusively be used for vacation. Do NOT use it for "normal" mail addresses.
$CONF['vacation_domain'] = ;
// Vacation Control
// If you want users to take control of vacation set this to 'YES'.
$CONF['vacation_control'] ='NO';
// Vacation Control for admins
// Set to 'YES' if your domain admins should be able to edit user vacation.
$CONF['vacation_control_admin'] = 'YES';
// ReplyType options
// If you want to define additional reply options put them in array below.
// The array has the format seconds between replies => $PALANG text
// Special values for seconds are:
// 0 => only reply to the first mail while on vacation
// 1 => reply on every mail
$CONF['vacation_choice_of_reply'] = array (
0 => 'reply_once', // Sends only Once the message during Out of Office
60*60 *24*7 => 'reply_once_per_week' // Reply if last autoreply was at least a week ago
);
// End Vacation Stuff.
// Users Control for Domain Admin
// Set to "Yes" if your domain admins schould be able to edit field userscontrole in table domain
// Userscontrol is edited in admin_create-domain.tpl and admin_edit-domain.tpl
// Userscontrol is default set to on when creating a domain
$CONF['users_domain_controle'] = 'YES';
// Alias Control
// Alias control for superadmins
$CONF['alias_control'] = 'YES';
// Alias Control for domain admins
$CONF['alias_control_admin'] = 'YES';
// Special Alias Control
// Set to 'NO' if your domain admins shouldn't be able to edit the default aliases
// as defined in $CONF['default_aliases']
$CONF['special_alias_control'] = 'NO';
// Alias Goto Field Limit
// Set the max number of entries that you would like to see
// in one 'goto' field in overview, the rest will be hidden and "[and X more...]" will be added.
// '0' means no limits.
$CONF['alias_goto_limit'] = '0';
// Alias Domains
// Alias domains allow to "mirror" aliases and mailboxes to another domain. This makes
// configuration easier if you need the same set of aliases on multiple domains, but
// also requires postfix to do more database queries.
// Note: If you update from 2.2.x or earlier, you will have to update your postfix configuration.
// Set to 'NO' to disable alias domains.
$CONF['alias_domain'] = 'YES';
// Backup
// If you don't want backup tab set this to 'NO';
//$CONF['backup'] = 'YES';
// Send Mail
// If you don't want sendmail tab set this to 'NO';
//$CONF['sendmail'] = 'YES';
// Logging
// If you don't want logging set this to 'NO';
$CONF['logging'] = 'YES';
// Fetchmail
// If you don't want fetchmail tab set this to 'NO';
//$CONF['fetchmail'] = 'YES';
// fetchmail_extra_options allows users to specify any fetchmail options and any MDA
// (it will even accept 'rm -rf /' as MDA!)
// This should be set to NO, except if you *really* trust *all* your users.
$CONF['fetchmail_extra_options'] = 'YES';
// Header
$CONF['show_header_text'] = 'YES';
$CONF['header_text'] = ':: Postfix Admin ::';
// Footer
$CONF['show_footer_text'] = 'YES';
$CONF['footer_text'] = 'Return to postfix.megapuper.ru';
$CONF['footer_link'] = 'http://postfix.megapuper.ru/';
// MOTD ("Motto of the day")
// You can display a MOTD below the menu on all pages.
// This can be configured seperately for users, domain admins and superadmins
$CONF['motd_user'] = ;
$CONF['motd_admin'] = ;
$CONF['motd_superadmin'] = ;
// Welcome Message
// This message is send to every newly created mailbox.
// Change the text between EOM.
$CONF['welcome_text'] = <<<EOM
Hi,
Welcome to your new account.
EOM;
// When creating mailboxes or aliases, check that the domain-part of the
// address is legal by performing a name server look-up.
$CONF['emailcheck_resolve_domain']='NO';
// Optional:
//set to YES to enable this feature
$CONF['show_status']='YES';
//display a guide to what these colors mean
$CONF['show_status_key']='YES';
// 'show_status_text' will be displayed with the background colors
// associated with each status, you can customize it here
$CONF['show_status_text']=' ';
// show_undeliverable is useful if most accounts are delivered to this
// postfix system. If many aliases and mailboxes are forwarded
// elsewhere, you will probably want to disable this.
$CONF['show_undeliverable']='YES';
$CONF['show_undeliverable_color']='tomato';
// mails to these domains will never be flagged as undeliverable
$CONF['show_undeliverable_exceptions']=array("unixmail.domain.ext","exchangeserver.domain.ext");
$CONF['show_popimap']='YES';
$CONF['show_popimap_color']='darkgrey';
// you can assign special colors to some domains. To do this,
// - add the domain to show_custom_domains
// - add the corresponding color to show_custom_colors
$CONF['show_custom_domains']=array("megapuper.ru","localhost");
$CONF['show_custom_colors']=array("lightgreen","lightblue");
// If you use a recipient_delimiter in your postfix config, you can also honor it when aliases are checked.
// Example: $CONF['recipient_delimiter'] = "+";
// Set to "" to disable this check.
$CONF['recipient_delimiter'] = "+";
// Optional:
// Script to run after creation of mailboxes.
$CONF['mailbox_postcreation_script'] = '/usr/local/www/postfix/scripts/addmail.sh';
// Optional:
// Script to run after alteration of mailboxes.
$CONF['mailbox_postedit_script'] = '/usr/local/www/postfix/scripts/editmail.sh';
// Optional:
// Script to run after deletion of mailboxes.
$CONF['mailbox_postdeletion_script'] = '/usr/local/www/postfix/scripts/delmail.sh';
// Optional:
// Script to run after creation of domains.
$CONF['domain_postcreation_script'] = '/usr/local/www/postfix/scripts/domainadd.sh';
// Optional:
// Script to run after deletion of domains.
$CONF['domain_postdeletion_script'] = '/usr/local/www/postfix/scripts/domaindel.sh';
// Optional:
// Sub-folders which should automatically be created for new users.
// The sub-folders will also be subscribed to automatically.
$CONF['create_mailbox_subdirs'] = array('Archive', 'Drafts', 'Sent', 'Trash');
$CONF['create_mailbox_subdirs_host']='127.0.0.1';
//
// Specify for Dovecot and 'INBOX.' for Courier.
$CONF['create_mailbox_subdirs_prefix']=;
// Optional:
// Show used quotas from Dovecot dictionary backend in virtual
// mailbox listing.
$CONF['used_quotas'] = 'YES';
// if you use dovecot >= 1.2, set this to yes.
// Note about dovecot config: table "quota" is for 1.0 & 1.1, table "quota2" is for dovecot 1.2 and newer
$CONF['new_quota_table'] = 'YES';
// Normally, the TCP port number does not have to be specified.
$CONF['create_mailbox_subdirs_hostport']=143;
// If you have trouble connecting to the IMAP-server, then specify
// a value for $CONF['create_mailbox_subdirs_hostoptions']. These
// are some examples to experiment with:
$CONF['create_mailbox_subdirs_hostoptions'] = array('novalidate-cert','norsh');
// Theme Config
// Specify your own logo and CSS file
$CONF['theme_logo'] = 'images/logo-default.png';
$CONF['theme_css'] = 'css/default.css';
// If you want to customize some styles without editing the $CONF['theme_css'] file,
// you can add a custom CSS file. It will be included after $CONF['theme_css'].
$CONF['theme_custom_css'] = ;
// XMLRPC Interface.
// This should be only of use if you wish to use e.g the
// Postfixadmin-Squirrelmail package
// change to boolean true to enable xmlrpc
$CONF['xmlrpc_enabled'] = false;
// If you want to keep most settings at default values and/or want to ensure
// that future updates work without problems, you can use a separate config
// file (config.local.php) instead of editing this file and override some
// settings there.
if (file_exists(dirname(__FILE__) . '/config.local.php')) {
include(dirname(__FILE__) . '/config.local.php');
}
// END OF CONFIG FILE
Выставляем права
# chown -R www:www /usr/local/www/postfix
Теперь заходим на http://postfixadmin/setup.php и видим, что запустилась установка
Если все условия установки выполнены, то в базе создадутся необходимые таблицы и будет предложено создать суперадмина.
В поле Setup password вводим пароль из config.inc.php: $CONF['setup_password'] = 'пароль_установки';
Заполняем остальные поля, и после нажатия кнопки Создать сгенерится хэш.
Этот хеш надо вставить в config.inc.php вместо пароля установки: $CONF['setup_password'] = 'хеш';
Повторяем процедуру заведения суперадмина используя пароль_установки
После создания суперадмина временно оставляем PostfixAdmin(так как без postfix и dovecot ящики создаваться не будут)
Закрываем страницу установки
$CONF['configured'] = false;
6. Установка Postfix
Postfix ставим из портов, т.к. пакет ставится без поддержки mysql
# cd /usr/ports/mail/postfix
# make install clean
[X] MYSQL, PCRE, SASL2, TLS
CYRUS-SASL [X] MYSQL, CRAM, DIGEST, LOGIN, PLAIN
По окончании установки активируем postfix
Would you like to activate Postfix in /etc/mail/mailer.conf [n]? y
Заведём нужные aliases /etc/aliases
www: postmaster@megapuper.ru
Инициализируем базу алиасов
# newaliases
Рихтуем основные конфиги postfix
первый /usr/local/etс/postfix/main.cf
Spoiler
biff=no
smtpd_banner = $myhostname ESMTP
queue_directory = /var/spool/postfix
command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
mail_owner = postfix
append_dot_mydomain = no
recipient_delimiter = +
default_destination_recipient_limit = 1
mailbox_size_limit = 0
message_size_limit = 20480000
inet_protocols = ipv4
inet_interfaces = all
myhostname = mail.megapuper.ru
mydomain = megapuper.ru
myorigin = $mydomain
mydestination = localhost.$mydomain, localhost
mynetworks = 127.0.0.0/8, 192.168.0.0/24
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
smtp_generic_maps = hash:/usr/local/etc/postfix/aliases_smtp_output
lmtp_generic_maps = hash:/usr/local/etc/postfix/aliases_lmtp
sender_bcc_maps = mysql:/usr/local/etc/postfix/maps/mysql_bcc_mailbox_maps.cf, mysql:/usr/local/etc/postfix/maps/mysql_bcc_domain_maps.cf
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/maps/mysql_virtual_domains.cf
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/maps/mysql_virtual_maps.cf
virtual_alias_maps = mysql:/usr/local/etc/postfix/maps/mysql_virtual_alias_domain_maps.cf, mysql:/usr/local/etc/postfix/maps/mysql_virtual_alias_maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
strict_rfc821_envelopes = yes
mail_spool_directory = /var/spool/mail
smtpd_helo_required = yes
delay_notice_recipient = postmaster@megapuper.ru
bounce_notice_recipient = postmaster@megapuper.ru
2bounce_notice_recipient = postmaster@megapuper.ru
error_notice_recipient = postmaster@megapuper.ru
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/local/sbin/sendmail
newaliases_path = /usr/local/bin/newaliases
mailq_path = /usr/local/bin/mailq
setgid_group = maildrop
sample_directory = /usr/local/etc/postfix
второй конфиг/usr/local/etс/postfix/master.cf
оставляем дефолтным
Spoiler
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
#smtp inet n - n - 1 postscreen
#smtpd pass - - n - - smtpd
#dnsblog unix - - n - 0 dnsblog
#tlsproxy unix - - n - 0 tlsproxy
#submission inet n - n - - smtpd
# -o syslog_name=postfix/submission
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - n - - smtpd
# -o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - n - - qmqpd
pickup unix n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
# ====================================================================
# Interfaces to non-Postfix software.
# ====================================================================
#maildrop unix - n n - - pipe
# flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
# ============================ =======================================
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
# mailbox_transport = lmtp:inet:localhost
# virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
# cyrus unix - n n - - pipe
# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
#
# Old example of delivery via Cyrus.
#
#old-cyrus unix - n n - - pipe
# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
#uucp unix - n n - - pipe
# flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# ====================================================================
#
# Other external delivery methods.
#
#ifmail unix - n n - - pipe
# flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
#
#bsmtp unix - n n - - pipe
# flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
#
# scalemail-backend unix - n n - 2 pipe
# flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
# ${nexthop} ${user} ${extension}
#
#mailman unix - n n - - pipe
# flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
# ${nexthop} ${user}
Создаём таблицы данных формата "hash" и базы с помощью команды postmap
Необходимо создать файлы и базы со списками, которые были подключены в конфиге выше, даже если они будут пустыми
# touch aliases_lmtp
# touch aliases_smtp_output
# postmap aliases_lmtp
# postmap aliases_smtp_output
Создаём файлы, хранящие SQL-запросы, проверяя имена таблиц и полей (в очередной версии PostfixAdmin они могут измениться)
[/usr/local/etc/postfix/maps/mysql_virtual_maps.cf]
user = postfix
password = ПАРОЛЬ
hosts = 127.0.0.1
dbname = postfix
query = SELECT username FROM mailbox WHERE username='%s' AND active = '1'
[/usr/local/etc/postfix/maps/mysql_virtual_domains.cf]
user = postfix
password = ПАРОЛЬ
hosts = 127.0.0.1
dbname = postfix
query = SELECT domain FROM domain WHERE domain = '%s' AND backupmx = '0' AND active = '1'
[/usr/local/etc/postfix/maps/mysql_virtual_alias_maps.cf]
user = postfix
password = ПАРОЛЬ
hosts = 127.0.0.1
dbname = postfix
query = SELECT goto FROM alias WHERE address='%s' AND active = '1'
[/usr/local/etc/postfix/maps/mysql_virtual_alias_domain_maps.cf]
user = postfix
password = ПАРОЛЬ
hosts = 127.0.0.1
dbname = postfix
query = SELECT CONCAT('%u', '@', target_domain) FROM alias_domain WHERE alias_domain = '%d' AND active = 1
Следующие два необязательны, если не будем делать сохранение копий всех писем
[/usr/local/etc/postfix/maps/mysql_bcc_domain_maps.cf]
user = postfix
password = ПАРОЛЬ
hosts = 127.0.0.1
dbname = postfix
query = SELECT 'bccsnd+bccflag@megapuper.ru' FROM domain WHERE domain='%d' AND active = '1'
[/usr/local/etc/postfix/maps/mysql_bcc_mailbox_maps.cf]
user = postfix
password = ПАРОЛЬ
hosts = 127.0.0.1
dbname = postfix
query = SELECT CONCAT('%u', '+bccflag', '@', '%d') FROM mailbox WHERE username='%s' AND active = '1'
Выставляем права на конфиги
# chgrp postfix /usr/local/etc/postfix/*.cf
# chgrp postfix /usr/local/etc/postfix/maps/*.cf
# chmod u=rw,g=r,o= /usr/local/etc/postfix/*.cf
# chmod u=rw,g=r,o= /usr/local/etc/postfix/maps/*.cf
Рестартим postfix
# /usr/local/etc/rc.d/postfix restart
7. Установка Dovecot
Dovecot ставим из портов
# cd /usr/ports/mail/dovecot2/
# make install clean
[X] MYSQL
Устанавливаем поддержку языка Sieve в Dovecot(включает в себя настройку скриптов пользователями)
# cd /usr/ports/mail/dovecot2-pigeonhole
# make install clean
Создаём сопутствуюшие папки
# mkdir /var/log/dovecot
# mkdir -p /var/lib/dovecot/sieve/global/
# mkdir -p /var/lib/dovecot/sieve/private/
Выставляем права
# chown -R mail:wheel /var/lib/dovecot/sieve/private/
# chmod -R 700 /var/lib/dovecot/sieve/private/
Правим конфиги dovecot
[/usr/local/etc/dovecot/dovecot.conf]
# Enable installed protocols
protocols = imap lmtp sieve
dict {
#quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
#expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
}
!include conf.d/*.conf
[/usr/local/etc/dovecot/dovecot-sql.conf.ext]
driver = mysql
connect = host=127.0.0.1 dbname=postfix user=postfix password=ПАРОЛЬ
default_pass_scheme = PLAIN
#default_pass_scheme = PLAIN-MD5
# %u = entire user@domain
# %n = user part of user@domain
# %d = domain part of user@domain
#одной строкой без переносов
password_query = SELECT username as user, password, '%u' AS userdb_master_user, CONCAT('/var/spool/mail/', maildir) AS userdb_home, 1000 AS userdb_uid, 1000 AS userdb_gid, CONCAT('*:storage=', quota, 'B')
as userdb_quota_rule FROM mailbox WHERE username = '%u' AND active = '1'
#одной строкой без переносов
user_query = SELECT CONCAT('/var/spool/mail/', maildir) AS home, 1000 AS uid, 1000 AS gid, CONCAT('*:storage=', quota, 'B') as quota_rule FROM mailbox WHERE username = '%u' AND active ='1'
[/usr/local/etc/dovecot/dovecot-sql-master.conf.ext]
driver = mysql
#default_pass_scheme = PLAIN-MD5
default_pass_scheme = PLAIN
connect = host=127.0.0.1 dbname=postfix user=postfix password=ПАРОЛЬ
password_query = SELECT username AS user, password FROM admin WHERE username = '%u' AND active = '1'
[/usr/local/etc/dovecot/conf.d/10-auth.conf]
# Connect only after start SSL/TLS
# If not local network only !
disable_plaintext_auth = no
auth_cache_size = 1M
auth_cache_negative_ttl = 0
auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
auth_master_user_separator = *
auth_mechanisms = plain
!include auth-sql.conf.ext
[/usr/local/etc/dovecot/conf.d/10-director.conf]
service director {
unix_listener login/director {
#mode = 0666
}
fifo_listener login/proxy-notify {
#mode = 0666
}
unix_listener director-userdb {
#mode = 0600
}
inet_listener {
#port =
}
}
# Enable director for the wanted login services by telling them to
# connect to director socket instead of the default login socket:
service imap-login {
#executable = imap-login director
}
#service pop3-login {
#executable = pop3-login director
#}
# Enable director for LMTP proxying:
protocol lmtp {
#auth_socket_path = director-userdb
}
[/usr/local/etc/dovecot/conf.d/10-logging.conf]
# Log file to use for error messages. "syslog" logs to syslog,
# /dev/stderr logs to stderr.
log_path = /var/log/dovecot/dovecot.log
info_log_path = /var/log/dovecot/dovecot-info.log
debug_log_path = /var/log/dovecot/dovecot-debug.log
auth_verbose = yes
auth_verbose_passwords = yes
auth_debug = no
auth_debug_passwords = no
mail_debug = yes
verbose_ssl = no
#plugin {
#}
#log_timestamp = "%b %d %H:%M:%S "
#login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
#login_log_format = %$: %s
#mail_log_prefix = "%s(%u): "
# Format to use for logging mail deliveries. You can use variables:
# %$ - Delivery status message (e.g. "saved to INBOX")
# %m - Message-ID
# %s - Subject
# %f - From address
# %p - Physical size
# %w - Virtual size
#deliver_log_format = msgid=%m: %$
[/usr/local/etc/dovecot/conf.d/10-mail.conf]
mail_location = maildir:/var/spool/mail/%d/%n:INBOX=/var/spool/mail/%d/%n
namespace inbox {
type = private
separator = /
prefix =
inbox = yes
hidden = no
list = yes
subscriptions = yes
}
mail_uid = 1000
mail_gid = 1000
[/usr/local/etc/dovecot/conf.d/10-master.conf]
service imap-login {
inet_listener imap {
address = *
port = 143
#ssl = yes
}
inet_listener imaps {
#port = 993
#ssl = yes
}
}
#service pop3-login {
#inet_listener pop3 {
#port = 110
#}
#inet_listener pop3s {
#port = 995
#ssl = yes
#}
#}
service lmtp {
unix_listener lmtp {
path = /var/spool/postfix/private/dovecot-lmtp
group = postfix
mode = 0660
user = postfix
#mode = 0666
}
executable = lmtp -L
}
service imap {
#vsz_limit = $default_vsz_limit
# Max. number of IMAP processes (connections)
#process_limit = 1024
#executable = imap
}
#service pop3 {
# Max. number of POP3 processes (connections)
#process_limit = 1024
#}
service auth {
unix_listener auth {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
user = $default_internal_user
}
service auth-worker {
user = $default_internal_user
}
[/usr/loca/etc/dovecot/conf.d/15-lda.conf]
postmaster_address = postmaster@megapuper.ru
hostname = mail.megapuper.ru
#rejection_subject = Rejected: %s
# %n = CRLF, %r = reason, %s = original subject, %t = recipient
rejection_reason = Your message to <%t> was automatically rejected:%n%r
protocol lda {
mail_plugins = sieve
log_path = /var/log/dovecot/mail-dovecot-lda-errors.log
info_log_path = /var/log/dovecot/mail-dovecot-lda.log
}
[/usr/local/etc/dovecot/conf.d/20-imap.conf]
protocol imap {
mail_plugins = $mail_plugins imap_acl imap_quota mail_log notify acl quota
#ssl_cert = </usr/local/etc/dovecot/ssl.cert.pem
#ssl_key = </usr/local/etc/dovecot/ssl.key.pem
info_log_path = /var/log/dovecot/dovecot-imap.log
#mail_max_userip_connections = 10
# IMAP logout format string:
# %i - total number of bytes read from client
# %o - total number of bytes sent to client
#imap_logout_format = bytes=%i/%o
#imap_capability =
#imap_idle_notify_interval = 2 mins
#imap_id_send =
#imap_id_log =
}
[/usr/local/etc/dovecot/conf.d/20-lmtp.conf]
protocol lmtp {
mail_plugins = $mail_plugins quota sieve
postmaster_address = postmaster@megapuper.ru
info_log_path = /var/log/dovecot/dovecot-lmtp.log
}
[/usr/local/etc/dovecot/conf.d/20-managesieve.conf]
service managesieve-login {
inet_listener sieve {
address = 127.0.0.1
port = 4190
}
service_count = 1
vsz_limit = 64M
}
#mail_plugins = virtual
#protocol sieve {
#managesieve_max_line_length = 65536
#mail_max_userip_connections = 10
#mail_plugins = virtual
# MANAGESIEVE logout format string:
# %i - total number of bytes read from client
# %o - total number of bytes sent to client
#managesieve_logout_format = bytes=%i/%o
#managesieve_implementation_string = Dovecot Pigeonhole
#managesieve_sieve_capability =
#managesieve_notify_capability =
#managesieve_max_compile_errors = 5
#}
[/usr/local/etc/dovecot/conf.d/90-quota.conf]
plugin {
quota = dict:user::file:/var/spool/mail/%d/%n/dovecot-quota
quota_rule = *:storage=1GB
quota_rule2 = Trash:storage=+10%%
}
# Note that % needs to be escaped as %%, otherwise "% " expands to empty.
plugin {
#quota_warning = storage=95%% quota-warning 95 %u
#quota_warning2 = storage=80%% quota-warning 80 %u
}
plugin {
#quota = dirsize:User quota
#quota = maildir:User quota
#quota = dict:User quota::proxy::quota
#quota = fs:User quota
}
plugin {
#quota = dict:user::proxy::quota
#quota2 = dict:domain:%d:proxy::quota_domain
#quota_rule = *:storage=102400
#quota2_rule = *:storage=1048576
}
[/usr/local/etc/dovecot/conf.d/90-sieve.conf]
plugin {
sieve_user_log = /var/lib/dovecot/sieve/private/%d/%n/.main.peronal.log
sieve = /var/lib/dovecot/sieve/private/%d/%n/.main.personal.sieve
#sieve_default = /var/lib/dovecot/sieve/default.sieve
sieve_dir = /var/lib/dovecot/sieve/private/%d/%n/
sieve_global_dir = /var/lib/dovecot/sieve/global/
#sieve_before2 =
sieve_before = /var/lib/dovecot/sieve/global/incoming_deduplicate.sieve
#sieve_after =
#sieve_after2 =
sieve_extensions = +editheader
sieve_global_extensions = +vnd.dovecot.duplicate
sieve_duplicate_period = 1d
#sieve_plugins =
recipient_delimiter = +
#sieve_max_script_size = 1M
#sieve_max_actions = 32
#sieve_max_redirects = 4
#sieve_quota_max_scripts = 0
#sieve_quota_max_storage = 0
}
[/usr/local/etc/dovecot/conf.d/auth-sql.conf.ext]
auth_master_user_separator = *
#auth_debug = yes
passdb {
driver = sql
args = /usr/local/etc/dovecot/dovecot-sql-master.conf.ext
master = yes
pass = yes
}
passdb {
driver = sql
args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
#default_fields = userdb_gid=1000 userdb_uid=1000
}
userdb {
driver = prefetch
}
userdb {
driver = sql
args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
#default_fields = uid=1000 gid=1000
}
Меняем права и владельца конфигов:
# chgrp mail /usr/local/etc/dovecot/*.conf
# chmod g+r /usr/local/etc/dovecot/*.conf
# chgrp mail /usr/local/etc/dovecot/*.ext
# chmod g+r /usr/local/etc/dovecot/*.ext
# chgrp mail /usr/local/etc/dovecot/conf.d/*.conf
# chmod g+r /usr/local/etc/dovecot/conf.d/*.conf
# chgrp mail /usr/local/etc/dovecot/conf.d/*.ext
# chmod g+r /usr/local/etc/dovecot/conf.d/*.ext
Теперь можно вернуться к PostfixAdmin и приступить к созданию доменов и ящиков
Папка для логов
# mkdir /var/log/postfixadmin
# chown www:www /var/log/postfixadmin
Копируем скрипты в /usr/local/www/postfix/scripts/
addmail.sh
delmail.sh
domainadd.sh
domaindel.sh
editmail.sh
Даём права
# chown -R www:www /usr/local/www/postfix/scripts/
# chmod 744 ../addmail.sh delmail.sh domainadd.sh domaindel.sh editmail.sh
Создаём папку для почты
# mkdir /var/spool/mail
# chown -R mail:mail /var/spool/mail
Рестартим postfix и dovecot
Создаём в postfixadmin домен и ящики, проверяем хождение почты.
Roundcube