HannibalWiki

User Tools

Site Tools

You are here: start » picoenterprise » mta-mailstore-centos
Trace: mta-mailstore-centos
picoenterprise:mta-mailstore-centos

This is an old revision of the document!

Table of Contents

Postfix + Dovecot on CentOS

  • CentOS-7
  • Possible on one system, or on two separate systems (all connections between Postfix and Dovecot are over the network).
  • One user-database (SASL serviced by Dovecot).
  • virtual-users (no unix-users on the system for the users of the mailstore).
  • Delivery from Postfix to Dovecot with LMTP over localhost or the public-ip with 24/tcp
  • SASL username/pw lookups over localhost or the public-ip with 12345/tcp
  • 2 mailboxes (2 mailadresses each).
- mailbox1: mailbox2:
username: sv ln
adresses: info@example.com info@example2.com
sv@example.com ln@example2.com

Postfix

Hostname: vps1.laboratory.local

Software: 

yum install  postfix

Make x509 certs: 

openssl req -utf8 -newkey rsa:2048 -keyout /etc/postfix/tls.key -nodes -x509 -days 3650 -out /etc/postfix/tls.crt -set_serial 0

Firewall ports: 

firewall-cmd --add-port={25/tcp,587/tcp} --permanent
firewall-cmd --reload

In: /etc/postfix/master.cf 

#
smtp      inet  n       -       n       -       -       smtpd
#
587       inet n       -       n       -       -       smtpd
   -o smtpd_enforce_tls=yes
   -o smtpd_sasl_auth_enable=yes
   -o syslog_name=postfix/submission
   -o smtpd_tls_security_level=encrypt
   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#
pickup    unix  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
retry     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache

In: /etc/postfix/main.cf 

data_directory = /var/lib/postfix
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no

smtpd_tls_cert_file = /etc/postfix/tls.crt
smtpd_tls_key_file = /etc/postfix/tls.key
smtpd_use_tls = yes

smtpd_banner = postoffice.laboratory.local  ESMTP
disable_vrfy_command = yes
biff = no
append_dot_mydomain = no
myhostname = vps1.laboratory.local
myorigin = laboratory.local
mydestination = vps1.laboratory.local, localhost
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4

virtual_alias_domains = /etc/postfix/virtual-domains

virtual_alias_maps = hash:/etc/postfix/virtual
transport_maps = hash:/etc/postfix/transport

smtpd_sasl_type = dovecot
smtpd_sasl_path = inet:vps2.laboratory.local:12345
smtpd_sasl_auth_enable = no
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
smtpd_tls_auth_only = yes
smtpd_sasl_authenticated_header = yes

smtpd_recipient_restrictions =
   permit_mynetworks,
   permit_sasl_authenticated,
   reject_unauth_destination

In: /etc/postfix/virtual-domains 

example.com
example2.com

In: /etc/postfix/virtual 

info@lexample.com       sv@vps2.laboratory.local
sv@lexample.com         sv@vps2.laboratory.local
#
info@lexample.com       ln@vps2.laboratory.local
ln@lexample.com         ln@vps2.laboratory.local

After editting: 

postmap /etc/postfix/virtual

In: /etc/postfix/transport 

sv@vps2.laboratory.local   lmtp:vps2.laboratory.local:24
ln@vps2.laboratory.local   lmtp:vps2.laboratory.local:24

After editting: 

postmap /etc/postfix/transport

Dovecot

Hostname: vps2.laboratory.local

picoenterprise/mta-mailstore-centos.1491515149.txt.gz · Last modified: 2017/04/06 23:45 by Luc Nieland

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
CC Attribution-Noncommercial-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki