Postfix How-To
- Loosly follows the How-To at www.purplehat.org.
Install MySQL
- Install MySQL 5.0 Port:
#cd /usr/ports/databases/mysql50-server #make all install clean
- Add MySQL to system startup in /etc/rc.conf:
#echo ‘mysql_enable=”YES”‘ >> /etc/rc.conf
- Start MySQL
#/usr/local/etc/rc.d/mysql-server start
- Secure MySQL root account:
#mysql -u root mysql >UPDATE user SET Password=PASSWORD(’mysql_root_password‘) WHERE user=’root’; >FLUSH PRIVILEGES; >quit
- Download the SQL file:
# fetch http://www.purplehat.org/downloads/postfix_guide/postfix-db.sql
- Initialize the database:
mysql -u root -p < postfix-db.sql
Install Dovecot
- Install Dovecot from ports:
# cd /usr/ports/mail/dovecot # make all install clean
- Make sure options SSL, IPv6, POP3, and MySQL are selected.
- Enable Dovecot at startup in /etc/rc.conf:
#echo ‘dovecot_enable=”YES”‘ >> /etc/rc.conf
- Copy example configurations to correct locations:
#cd /usr/local/etc/ #cp dovecot-example.conf dovecot.conf #cp dovecot-sql-example.conf dovecot-sql.conf
- Create the certificate directory, and place your ssl-certificates:
# mkdir /etc/certs # cp ssl.crt ssl.key /etc/certs
- Edit /usr/local/etc/dovecot.conf:
Line 16, uncomment:</pre>base_dir = /var/run/dovecot/
Line 21, uncomment and add POP3(S) daemons:protocols = imap imaps pop3 pop3s
Line 40, uncomment:listen = *
Line 46, uncomment and change to no:disable_plaintext_auth = no
Line 54, uncomment:shutdown_clients = yes
Line 86, uncomment:ssl_disable = no
Lines 92-93, uncomment:ssl_cert_file = /etc/ssl/certs/dovecot.pem ssl_key_file = /etc/ssl/private/dovecot.pem
Lines 172, uncomment and change accordingly:login_greeting = ISP Server Ready.
Line 213, change for Maildir format:mail_location = maildir:/usr/local/virtual/%d/%n
Line 321, uncomment and change UID:first_valid_uid = 125
Line 329, uncomment and change GID:first_valid_gid = 125
Line 526, uncomment and add for quota support:mail_plugins = quota imap_quota
Line 656, uncomment and add quota module:mail_plugins = quota
Line 638, change postmaster address:postmaster_address = postmaster@domain.tld
Line 748, add other auth types:mechanisms = plain login (Adjust accordingly)
Line 794, comment this line out:#passdb pam {
Line 827, comment out closing bracket:#}
Line 869, uncomment this line:passdb sql {
Lines 871-872, uncomment and add arg line for SQL file:args = /usr/local/etc/dovecot-sql.conf }
Lines 898-905, comment these lines out:#userdb passwd { }
Line 934, uncomment:userdb sql {
Lines 936-937 uncomment and add arg line for SQL file:args = /usr/local/etc/dovecot-sql.conf }
Line 984, uncomment:socket listen {
Line 995, uncomment:client {
Line 999, uncomment and change path:path = /var/spool/postfix/private/auth
Line 1001, add GID for Postfix socket:user = postfix
Line 1002, add UID for Postfix socket:group = postfix
Lines 1003-1004, uncomment:} }
- Edit /usr/local/etc/dovecot-sql.conf:
Line 28, uncomment and add MySQL support:driver = mysql
<br?Line 57, uncomment and change to match our SQL settings:
connect = host=localhost dbname=postfix user=postfix password=postfix_password
Line 64, uncomment and change to MD5:default_pass_scheme = MD5
Line 91, uncomment and change query to match our setup:password_query = SELECT password FROM mailbox WHERE username = ‘%u’
Line 111, uncomment and change query to match our setup:user_query = SELECT maildir, 125 AS uid, 125 AS gid, CONCAT(’dirsize:storage=’, ROUND( mailbox.quota / 1024 ) ) AS quota FROM mailbox WHERE username = ‘%u’ AND active = ‘1′
- Note: Above edits should be on ONE line, don't wrap as you may notice on this web site.
- Install Postfix port:
# cd /usr/ports/mail/postfix # make install clean
- When asked for options, select PCRE, DOVECOT, TLS, BDB, MYSQL, and VDA.
- You will be asked if you want to activate postfix in /etc/mail/mailer.conf - select yes.
Would you like to activate Postfix in /etc/mail/mailer.conf [n]? y
- Add the following lines to /etc/rc.conf:
sendmail_enable="NO" sendmail_submit_enable="NO" sendmail_outbound_enable="NO" sendmail_msp_queue_enable="NO"
- Add the following lines to /etc/periodic.conf:
daily_clean_hoststat_enable="NO" daily_status_mail_rejects_enable="NO" daily_status_include_submit_mailq="NO" daily_submit_queuerun="NO"
- Add the following to /usr/local/etc/postfix/main.cf under "soft_bounce=no" section:
# SASL CONFIG # broken_sasl_auth_clients = yes smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname, reject_rbl_client list.dsbl.org, reject_rbl_client bl.spamcop.net, reject_rbl_client sbl-xbl.spamhaus.org smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth # TLS CONFIG # smtp_use_tls = yes smtpd_use_tls = yes smtp_tls_note_starttls_offer = yes smtpd_tls_key_file = /usr/local/etc/postfix/ssl/smtpd.pem smtpd_tls_cert_file = /usr/local/etc/postfix/ssl/smtpd.pem smtpd_tls_CAfile = /usr/local/etc/postfix/ssl/smtpd.pem smtpd_tls_loglevel = 0 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom #MySQL Configuration virtual_alias_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf virtual_gid_maps = static:125 virtual_mailbox_base = /usr/local/virtual virtual_mailbox_domains = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_limit = 51200000 virtual_mailbox_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_minimum_uid = 125 virtual_transport = virtual virtual_uid_maps = static:125 # Additional for quota support virtual_create_maildirsize = yes virtual_mailbox_extended = yes virtual_mailbox_limit_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps virtual_mailbox_limit_override = yes virtual_maildir_limit_message = Sorry, this user has overdrawn their diskspace quota. Please try again later. virtual_overquota_bounce = yes
Postfix Installation