<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body bgcolor="#ffffff" text="#000066"> Eduardo P. Román O. wrote: <blockquote cite="mid:200711300804.52787.eprosoft@gmail.com" type="cite"> <pre wrap="">Hi I been installed postif on my ubuntu-server 7.10, it's great. Then I put there a postfix, and I need to use like SMTP server, only to send mail using and e-mail auth smtp from my ISP. I try to config postfix with sals, but always I get the same problem , the from of my email it's the host_machine@mydomain, and not the user_email@myisp, that's why the ISP say me, can't login, invalid user. Any Idea ??? </pre> </blockquote> <meta http-equiv="CONTENT-TYPE" content="text/html; charset=utf-8"> <title></title> <meta name="GENERATOR" content="OpenOffice.org 2.3 (Linux)"> <style type="text/css">  </style> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx">Good luck. This is my company's front mail agent. It filters mails and the delivers to the internal zimbra box. It also has SMTP Auth.<br> </p> <h1 class="western" lang="zxx"><span style="background: rgb(255, 255, 102) none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">Utilizar postfix como SMTP-Auth</span></h1> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><font face="Arial, sans-serif">(Se ha “sacado” del artículo: <a class="moz-txt-link-freetext" href="http://www.howtoforge.com/virtual_postfix_mysql_quota_courier_ubuntu_edgy">http://www.howtoforge.com/virtual_postfix_mysql_quota_courier_ubuntu_edgy</a>)</font></p> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><font face="Arial, sans-serif">Comprobar que existen los paquetes:</font></p> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">apt-get install postfix <span style="background: rgb(255, 204, 153) none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">postfix-mysql</span> postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl <span style="background: rgb(255, 204, 153) none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">postfix-tls</span> <span style="background: rgb(255, 204, 153) none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">libsasl2</span> <span style="background: rgb(255, 204, 153) none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">libsasl2-modules</span> <span style="background: rgb(255, 204, 153) none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">libsasl2-modules-sql</span> <span style="background: rgb(255, 204, 153) none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">sasl2-bin</span> <span style="background: rgb(255, 204, 153) none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">libpam-mysql</span> <span style="background: rgb(255, 204, 153) none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">openssl</span> phpmyadmin apache2 libapache2-mod-php5 php5 php5-mysql</h1> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><br> </p> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><font face="Arial, sans-serif">Creación de una base de datos con nombre “<span style="background: rgb(255, 204, 153) none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">mail</span>” con permisos para el usuario del correo:</font></p> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO 'mail_admin'@'localhost' IDENTIFIED BY 'xxxx';<br> GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO 'mail_admin'@'localhost.localdomain' IDENTIFIED BY 'xxxx';<br> FLUSH PRIVILEGES;</h1> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><br> </p> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><font face="Arial, sans-serif">Creación de las tablas:</font></p> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">USE mail;</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">CREATE TABLE domains (<br> domain varchar(50) NOT NULL,<br> PRIMARY KEY (domain) )<br> TYPE=innodb;</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">CREATE TABLE forwardings (<br> source varchar(80) NOT NULL,<br> destination TEXT NOT NULL,<br> PRIMARY KEY (source) )<br> TYPE=innodb;</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">CREATE TABLE users (<br> email varchar(80) NOT NULL,<br> password varchar(20) NOT NULL,<br> quota INT(10) DEFAULT '10485760',<br> PRIMARY KEY (email)<br> ) TYPE=innodb;</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">CREATE TABLE transport (<br> domain varchar(128) NOT NULL default '',<br> transport varchar(128) NOT NULL default '',<br> UNIQUE KEY domain (domain)<br> ) TYPE=innodb;</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><font face="Arial, sans-serif">Popular las tablas:</font></p> <dl> <dd> <table border="1" cellpadding="5" cellspacing="0" width="100%"> <col width="256*"> <tbody> <tr> <td width="100%"> <p><strong><span lang="zxx">domain </span></strong> </p> </td> </tr> <tr> <td width="100%"> <p lang="zxx">netplc.com</p> <p lang="zxx">intransys.com</p> </td> </tr> </tbody> </table> </dd> </dl> <p style="margin-left: 1.25cm;" lang="zxx"><br> <br> </p> <p style="margin-left: 1.25cm;"><span lang="zxx">The </span><em><span lang="zxx">users </span></em><span lang="zxx">table stores all virtual users (i.e. email addresses, because the email address and user name is the same) and passwords (in </span><strong><span lang="zxx">encrypted </span></strong><span lang="zxx">form!) and a quota value for each mail box (in this example the default value is 10485760 bytes which means 10MB). </span> </p> <dl> <dd> <table border="1" cellpadding="5" cellspacing="0" width="100%"> <col width="101*"> <col width="80*"> <col width="75*"> <tbody> <tr> <td width="40%"> <p><strong><span lang="zxx">email </span></strong> </p> </td> <td width="31%"> <p><em><span lang="zxx">password </span></em> </p> </td> <td width="29%"> <p><em><span lang="zxx">quota </span></em> </p> </td> </tr> <tr> <td width="40%"> <p><a href="mailto:jferrando@netplc.com"><span lang="zxx">jferrando@netplc.com</span></a></p> </td> <td width="31%"> <p lang="zxx">No9.E4skNvGa.</p> <p lang="zxx"><span style="background: rgb(255, 204, 153) none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">encrypt('secret')</span></p> </td> <td width="29%"> <p lang="zxx">10485760 </p> </td> </tr> </tbody> </table> </dd> </dl> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><br> </p> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">mysql> <span style="background: rgb(255, 255, 102) none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">insert into `users` (`email`, `password`, `quota`) values ('<a class="moz-txt-link-abbreviated" href="mailto:jferrando@almex.es">jferrando@almex.es</a>', encrypt('Net4724'), 25000000);</span></h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">Query OK, 1 row affected (0.05 sec)</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">mysql> select * from users;</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">+-------------------------+---------------+----------+</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">| email | password | quota |</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">+-------------------------+---------------+----------+</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">| <a class="moz-txt-link-abbreviated" href="mailto:amarquez@intransys.com">amarquez@intransys.com</a> | XlK2gQsfS3VCI | 10485760 |</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">| <a class="moz-txt-link-abbreviated" href="mailto:amarquez@netplc.com">amarquez@netplc.com</a> | Rkq9YNL8JbHz6 | 10485760 |</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">...</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">| <a class="moz-txt-link-abbreviated" href="mailto:vrecatala@netplc.com">vrecatala@netplc.com</a> | Hu5d.tx4/cdXk | 10485760 |</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">+-------------------------+---------------+----------+</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">22 rows in set (0.00 sec)</h1> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><br> </p> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><font face="Arial, sans-serif">Comprovar configuración del postfix:</font></p> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><font face="Arial, sans-serif">/etc/postfix/main.cf</font></p> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># See /usr/share/postfix/main.cf.dist for a commented, more complete version</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># Debian specific: Specifying a file name will cause the first</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># line of that file to be used as the name. The Debian default</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># is /etc/mailname.</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#myorigin = /etc/mailname</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">biff = no</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># appending .domain is the MUA's job.</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">append_dot_mydomain = no</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># Uncomment the next line to generate "delayed mail" warnings</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#delay_warning_time = 4h</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># TLS parameters</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#smtpd_use_tls=yes</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># information on enabling SSL in the smtp client.</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#myhostname = localhost</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">myhostname = pccamara.netplc.com</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">alias_maps = hash:/etc/aliases</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">alias_database = hash:/etc/aliases</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">mydestination = localhost, localhost.localdomain, localhost</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">relayhost = </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">mynetworks = 127.0.0.0/8</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">mailbox_size_limit = 0</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">recipient_delimiter = +</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#inet_interfaces = loopback-only</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">inet_interfaces = all</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#virtual_alias_domains =</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_forwardings.cf mysql:/etc/postfix/mysql-virtual_email2email.cf</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domains.cf</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailboxes.cf</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#virtual_mailbox_base = /home/vmail</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#virtual_uid_maps = static:5000</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#virtual_gid_maps = static:5000</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">smtpd_sasl_enable = yes</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#Enable the authenticated SMTP feature.</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">smtpd_sasl_auth_enable = yes</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">broken_sasl_auth_clients = yes</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">smtpd_use_tls = yes</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">smtpd_tls_cert_file = /etc/postfix/smtpd.cert</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">smtpd_tls_key_file = /etc/postfix/smtpd.key</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">content_filter = amavis:[127.0.0.1]:10024</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#Ojo! Si no está comentada deshabilita los forwardings!</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#receive_override_options = no_address_mappings</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">smtpd_sender_restrictions =</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> permit_sasl_authenticated,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> permit_mynetworks,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_non_fqdn_sender,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_unknown_sender_domain,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> permit</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">smtpd_recipient_restrictions =</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_unauth_pipelining,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_non_fqdn_recipient,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_unknown_recipient_domain,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> permit_mynetworks,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> permit_sasl_authenticated,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> check_sender_access hash:/etc/postfix/maps/friends,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_unauth_destination,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_rbl_client relays.ordb.org,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_rbl_client list.dsbl.org,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_rbl_client sbl-xbl.spamhaus.org,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_invalid_hostname,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_unknown_recipient_domain,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_rbl_client multi.uribl.com,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_rbl_client dsn.rfc-ignorant.org,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_rbl_client dul.dnsbl.sorbs.net,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_rbl_client bl.spamcop.net,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_rbl_client dnsbl.sorbs.net,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_rbl_client cbl.abuseat.org,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_rbl_client ix.dnsbl.manitu.net,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_rbl_client combined.rbl.msrbl.net,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_rbl_client rabl.nuclearelephant.com,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_rhsbl_client blackhole.securitysage.com,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_rhsbl_sender blackhole.securitysage.com,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> reject_rbl_client zen.spamhaus.org,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> check_policy_service inet:127.0.0.1:10031,</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> check_policy_service inet:127.0.0.1:60000</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> permit</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#relay_domains = netplc.com, intransys.com, <span style="background: rgb(255, 255, 0) none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">almex.es</span></h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><span style="background: transparent none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">relay_domains = hash:/etc/postfix/maps/relay_domains</span></h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">transport_maps = hash:/etc/postfix/maps/transport</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">relay_recipient_maps = hash:/etc/postfix/maps/relay_recipients</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">smtp_sasl_security_options = noanonymous</h1> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><br> </p> <p style="margin-left: 1.25cm;" lang="zxx"><font face="Arial, sans-serif">Afterwards we create the SSL certificate that is needed for TLS:</font></p> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">cd /etc/postfix<br> openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><-- Enter your Country Name (e.g., "DE").<br> <-- Enter your State or Province Name.<br> <-- Enter your City.<br> <-- Enter your Organization Name (e.g., the name of your company).<br> <-- Enter your Organizational Unit Name (e.g. "IT Department").<br> <-- Enter the Fully Qualified Domain Name of the system (e.g. "server1.example.com").<br> <-- Enter your Email Address.</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">Then change the permissions of the smtpd.key:</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">chmod o= /etc/postfix/smtpd.key</h1> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><br> </p> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><font face="Arial, sans-serif">/etc/postfix/master.cf</font></p> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># Postfix master process configuration file. For details on the format</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># of the file, see the Postfix master(5) manual page.</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># ==========================================================================</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># service type private unpriv chroot wakeup maxproc command + args</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># (yes) (yes) (yes) (never) (100)</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># ==========================================================================</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">smtp inet n - - - - smtpd</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#submission inet n - - - - smtpd</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># -o smtpd_etrn_restrictions=reject</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># -o smtpd_client_restrictions=permit_sasl_authenticated,reject</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#smtps inet n - - - - smtpd</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#submission inet n - - - - smtpd</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># -o smtpd_etrn_restrictions=reject</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#628 inet n - - - - qmqpd</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">pickup fifo n - - 60 1 pickup</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">cleanup unix n - - - 0 cleanup</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">qmgr fifo n - n 300 1 qmgr</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#qmgr fifo n - - 300 1 oqmgr</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">tlsmgr unix - - - 1000? 1 tlsmgr</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">rewrite unix - - - - - trivial-rewrite</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">bounce unix - - - - 0 bounce</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">defer unix - - - - 0 bounce</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">trace unix - - - - 0 bounce</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">verify unix - - - - 1 verify</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">flush unix n - - 1000? 0 flush</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">proxymap unix - - n - - proxymap</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">smtp unix - - - - - smtp</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># When relaying mail as backup MX, disable fallback_relay to avoid MX loops</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">relay unix - - - - - smtp</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> -o fallback_relay=</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># -o smtp_helo_timeout=5 -o smtp_connect_timeout=5</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">showq unix n - - - - showq</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">error unix - - - - - error</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">discard unix - - - - - discard</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">local unix - n n - - local</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">virtual unix - n n - - virtual</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">lmtp unix - - - - - lmtp</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">anvil unix - - - - 1 anvil</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">scache unix - - - - 1 scache</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># ====================================================================</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># Interfaces to non-Postfix software. Be sure to examine the manual</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># pages of the non-Postfix software to find out what options it wants.</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># Many of the following services use the Postfix pipe(8) delivery</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># agent. See the pipe(8) man page for information about ${recipient}</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># and other message envelope options.</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># ====================================================================</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># maildrop. See the Postfix MAILDROP_README file for details.</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># Also specify in main.cf: maildrop_destination_recipient_limit=1</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">maildrop unix - n n - - pipe</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># See the Postfix UUCP_README file for configuration details.</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">uucp unix - n n - - pipe</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># Other external delivery methods.</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">#</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">ifmail unix - n n - - pipe</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">bsmtp unix - n n - - pipe</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">scalemail-backend unix - n n - 2 pipe</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">mailman unix - n n - - pipe</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> ${nexthop} ${user}</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">amavis unix - - - - 2 smtp</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> -o smtp_data_done_timeout=1200</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> -o smtp_send_xforward_command=yes</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">127.0.0.1:10025 inet n - - - - smtpd</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> -o content_filter=</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> -o local_recipient_maps=</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> -o relay_recipient_maps=</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> -o smtpd_restriction_classes=</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> -o smtpd_client_restrictions=</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> -o smtpd_helo_restrictions=</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> -o smtpd_sender_restrictions=</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> -o smtpd_recipient_restrictions=permit_mynetworks,reject</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> -o mynetworks=127.0.0.0/8</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> -o strict_rfc821_envelopes=yes</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"> -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks</h1> <p style="margin-left: 1.25cm; margin-bottom: 0cm;"><br> </p> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><b>Configure Saslauthd</b></p> <p style="margin-left: 1.25cm;" lang="zxx">First run</p> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">mkdir -p /var/spool/postfix/var/run/saslauthd</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <p style="margin-left: 1.25cm;" lang="zxx">Then edit /etc/default/saslauthd. Remove the # in front of START=yes and add the lines PARAMS="-m /var/spool/postfix/var/run/saslauthd -r" and PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid". The file should then look like this: </p> <p style="margin-left: 1.25cm;" lang="zxx">vim /etc/default/saslauthd</p> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># This needs to be uncommented before saslauthd will be run automatically</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">START=yes</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># You must specify the authentication mechanisms you wish to use.</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># This defaults to "pam" for PAM support, but may also include</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># "shadow" or "sasldb", like this:</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"># MECHANISMS="pam shadow"</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx"><br> </h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">MECHANISMS="pam"</h1> <p style="margin-left: 1.25cm;" lang="zxx"><br> <br> </p> <p style="margin-left: 1.25cm;" lang="zxx">Then create the file /etc/pam.d/smtp. It should contain only the following two lines (go sure to fill in your correct database details):</p> <p style="margin-left: 1.25cm;" lang="zxx">vim /etc/pam.d/smtp</p> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">auth required pam_mysql.so user=mail_admin passwd=xxxxx host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">account sufficient pam_mysql.so user=mail_admin passwd=xxxxx host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1</h1> <p style="margin-left: 1.25cm;" lang="zxx"><br> <br> </p> <p style="margin-left: 1.25cm;" lang="zxx">Next create the file /etc/postfix/sasl/smtpd.conf. It should look like this:</p> <p style="margin-left: 1.25cm;" lang="zxx">vim /etc/postfix/sasl/smtpd.conf</p> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">pwcheck_method: saslauthd</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">mech_list: plain login</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">allow_plaintext: true</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">auxprop_plugin: mysql</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">sql_hostnames: 127.0.0.1</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">sql_user: mail_admin</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">sql_passwd: mail_admin_password</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">sql_database: mail</h1> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">sql_select: select password from users where email = '%u'</h1> <p style="margin-left: 1.25cm;" lang="zxx"><br> <br> </p> <p style="margin-left: 1.25cm;" lang="zxx">Then restart Postfix and Saslauthd:</p> <h1 class="terminal-western" style="margin-left: 1.25cm;" lang="zxx">/etc/init.d/postfix restart<br> /etc/init.d/saslauthd restart</h1> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><br> </p> <p style="margin-left: 1.25cm; margin-bottom: 0cm;" lang="zxx"><br> </p> </body> </html>