Difference between revisions of "Postfix How-To"

From Secure Computing Wiki
Jump to: navigation, search
(Install Dovecot)
(Install Dovecot)
Line 126: Line 126:
 
<pre>password_query = SELECT password FROM mailbox WHERE username = ‘%u’</pre>
 
<pre>password_query = SELECT password FROM mailbox WHERE username = ‘%u’</pre>
 
<br>Line 111, uncomment and change query to match our setup:
 
<br>Line 111, uncomment and change query to match our setup:
<pre>user_query = SELECT maildir, 125 AS uid, 125 AS gid, CONCAT(’dirsize:storage=’, ROUND( mailbox.quota / 1024 ) ) AS quota FROM mailbox WHERE username = ‘%u’ AND active = ‘1′</pre>
+
<pre>user_query = SELECT maildir, 125 AS uid, 125 AS gid, CONCAT(’dirsize:storage=’, ROUND( mailbox.quota / 1024 ) ) AS quota FROM mailbox  
 +
WHERE username = ‘%u’ AND active = ‘1′</pre>
 
*Note: Above edits should be on ONE line, don't wrap as you may notice on this web site.
 
*Note: Above edits should be on ONE line, don't wrap as you may notice on this web site.

Revision as of 14:51, 24 April 2007

  • Loosly follows the How-To at www.purplehat.org.

Install MySQL

  1. Install MySQL 5.0 Port:
    #cd /usr/ports/databases/mysql50-server
    #make all install clean
  2. Add MySQL to system startup in /etc/rc.conf:
    #echo ‘mysql_enable=”YES”‘ >> /etc/rc.conf
  3. Start MySQL
    #/usr/local/etc/rc.d/mysql-server start
  4. Secure MySQL root account:
    #mysql -u root mysql
    >UPDATE user SET Password=PASSWORD(’mysql_root_password‘) WHERE user=’root’;
    >FLUSH PRIVILEGES;
    >quit

Postfix Installation

  1. Install Postfix port:
    # cd /usr/ports/mail/postfix
    # make install clean
  2. When asked for options, select PCRE, DOVECOT, TLS, BDB, MYSQL, and VDA.
  3. You will be asked if you want to activate postfix in /etc/mail/mailer.conf - select yes.
    Would you like to activate Postfix in /etc/mail/mailer.conf [n]? y
  4. Add the following lines to /etc/rc.conf:
    sendmail_enable="NO"
    sendmail_submit_enable="NO"
    sendmail_outbound_enable="NO"
    sendmail_msp_queue_enable="NO"
  5. Add the following lines to /etc/periodic.conf:
    daily_clean_hoststat_enable="NO"
    daily_status_mail_rejects_enable="NO"
    daily_status_include_submit_mailq="NO"
    daily_submit_queuerun="NO"

Initialize the Database

  1. Download the SQL file
    # fetch http://www.purplehat.org/downloads/postfix_guide/postfix-db.sql

Install Dovecot

  1. Install Dovecot from ports:
    # cd /usr/ports/mail/dovecot
    # make all install clean
  2. Make sure options SSL, IPv6, POP3, and MySQL are selected.
  3. Enable Dovecot at startup in /etc/rc.conf:
     #echo ‘dovecot_enable=”YES”‘ >> /etc/rc.conf
  4. Copy example configurations to correct locations:
    #cd /usr/local/etc/
    #cp dovecot-example.conf dovecot.conf
    #cp dovecot-sql-example.conf dovecot-sql.conf
  5. Create the certificate directory, and place your ssl-certificates:
    # mkdir /etc/certs
    # cp ssl.crt ssl.key /etc/certs
  6. Edit /usr/local/etc/dovecot.conf:
    Line 16, uncomment:</pre>
    base_dir = /var/run/dovecot/


    Line 21, uncomment and add POP3(S) daemons:

    protocols = imap imaps pop3 pop3s


    Line 40, uncomment:

    listen = *


    Line 46, uncomment and change to no:

    disable_plaintext_auth = no


    Line 54, uncomment:

    shutdown_clients = yes


    Line 86, uncomment:

    ssl_disable = no


    Lines 92-93, uncomment:

    ssl_cert_file = /etc/ssl/certs/dovecot.pem
    ssl_key_file = /etc/ssl/private/dovecot.pem


    Lines 172, uncomment and change accordingly:

    login_greeting = ISP Server Ready.


    Line 213, change for Maildir format:

    mail_location = maildir:/usr/local/virtual/%d/%n


    Line 321, uncomment and change UID:

    first_valid_uid = 125


    Line 329, uncomment and change GID:

    first_valid_gid = 125


    Line 526, uncomment and add for quota support:

    mail_plugins = quota imap_quota


    Line 656, uncomment and add quota module:

    mail_plugins = quota


    Line 638, change postmaster address:

    postmaster_address = postmaster@domain.tld


    Line 748, add other auth types:

    mechanisms = plain login (Adjust accordingly)


    Line 794, comment this line out:

    #passdb pam {


    Line 827, comment out closing bracket:

    #}


    Line 869, uncomment this line:

    passdb sql {


    Lines 871-872, uncomment and add arg line for SQL file:

    args = /usr/local/etc/dovecot-sql.conf
    }


    Lines 898-905, comment these lines out:

    #userdb passwd {
    }


    Line 934, uncomment:

    userdb sql {


    Lines 936-937 uncomment and add arg line for SQL file:

    args = /usr/local/etc/dovecot-sql.conf
    }


    Line 984, uncomment:

    socket listen {


    Line 995, uncomment:

    client {


    Line 999, uncomment and change path:

    path = /var/spool/postfix/private/auth


    Line 1001, add GID for Postfix socket:

    user = postfix


    Line 1002, add UID for Postfix socket:

    group = postfix


    Lines 1003-1004, uncomment:

    }
    }
  7. Edit /usr/local/etc/dovecot-sql.conf:
    Line 28, uncomment and add MySQL support:
    driver = mysql

    <br?Line 57, uncomment and change to match our SQL settings:

    connect = host=localhost dbname=postfix user=postfix password=postfix_password


    Line 64, uncomment and change to MD5:

    default_pass_scheme = MD5


    Line 91, uncomment and change query to match our setup:

    password_query = SELECT password FROM mailbox WHERE username = ‘%u’


    Line 111, uncomment and change query to match our setup:

    user_query = SELECT maildir, 125 AS uid, 125 AS gid, CONCAT(’dirsize:storage=’, ROUND( mailbox.quota / 1024 ) ) AS quota FROM mailbox 
    WHERE username = ‘%u’ AND active = ‘1′
    • Note: Above edits should be on ONE line, don't wrap as you may notice on this web site.