179 shaares
4 results
tagged
postfix
SETTINGS
main.cf
mydomain # the base of domain FQDN
myhostname # the full domain FQDN which serve mails
myorigin # the domain added to senderRESTRICTIONS
http://www.postfix.org/SMTPD_ACCESS_README.html
| Restriction list name | Version | Status | Effect of REJECT or DEFER result |
|---|---|---|---|
| smtpd_client_restrictions | All | Optional | Reject all client commands |
| smtpd_helo_restrictions | All | Optional | Reject HELO/EHLO information |
| smtpd_sender_restrictions | All | Optional | Reject MAIL FROM information |
| smtpd_relay_restrictions | ≥ 2.10 | Required if smtpd_recipient_restrictions does not enforce relay policy | Reject RCPT TO information |
| smtpd_data_restrictions | ≥ 2.0 | Optional | Reject DATA command |
| smtpd_end_of_data_restrictions | ≥ 2.2 | Optional | Reject END-OF-DATA command |
| smtpd_etrn_restrictions | All | Optional | Reject ETRN command |
https://wiki.centos.org/HowTos/postfix_restrictions
telnet 192.168.0.2 25 # Comments
Trying 192.168.0.2...
Connected to 192.168.0.2 (192.168.0.2).
Escape character is '^]'.
220 mail.example.com ESMTP Postfix # <-smtp_client_restrictions
HELO mail.example.com # <-smtp_helo_restrictions
250 mail.example.com #
MAIL FROM:<ned@example.com> # <-smtp_sender_restrictions
250 2.1.0 Ok #
RCPT TO:<ned@example.com> # <-smtp_recipient_restrictions
250 2.1.5 Ok #
DATA # <-smtp_data_restrictions
354 End data with <CR><LF>.<CR><LF> #
To:<ned@example.com> # <-header_checks
From:<ned@example.com> #
Subject:SMTP Test #
This is a test message # <-body_checks
. #
250 2.0.0 Ok: queued as 301AE20034
QUIT
221 2.0.0 Bye
Connection closed by foreign host.INSTALL
install
apt-get install -y opendkim opendkim-toolsdata
domain="17112018.fr"
path_keys="/etc/opendkim/keys"
dkim="dkim"KEYS
mkdir -p ${path_keys}/${domain}
cd ${path_keys}/${domain}
opendkim-genkey --bits=2048 -s ${dkim} -d ${domain}
chown opendkim:opendkim ${dkim}.private
chmod g-rwx ${dkim}.privatetest
opendkim-testkey -d ${domain} -s ${dkim} -k /etc/opendkim/keys/${domain}/${dkim}.private -vvvCONF
/etc/opendkim.conf
AutoRestart Yes
AutoRestartRate 10/1h
UMask 002
Syslog yes
SyslogSuccess Yes
LogWhy Yes
Canonicalization relaxed/simple
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
InternalHosts refile:/etc/opendkim/TrustedHosts
KeyTable refile:/etc/opendkim/KeyTable
SigningTable refile:/etc/opendkim/SigningTable
Mode sv
PidFile /var/run/opendkim/opendkim.pid
SignatureAlgorithm rsa-sha256
UserID opendkim:opendkim
Socket inet:12301@localhost/etc/default/opendkim
SOCKET="inet:12301@localhost"/etc/postfix/main.cf
milter_protocol = 2
milter_default_action = accept
# without spamassassin
smtpd_milters = inet:localhost:12301
non_smtpd_milters = inet:localhost:12301
# with spamassassin
#smtpd_milters = unix:/spamass/spamass.sock, inet:localhost:12301
#non_smtpd_milters = unix:/spamass/spamass.sock, inet:localhost:12301/etc/opendkim/TrustedHosts
127.0.0.1
localhost
# IP senders
$SENDER_IP
# Domains senders
*.${domain}/etc/opendkim/KeyTable
${dkim}._domainkey.${domain} ${domain}:${dkim}:${path_keys}/${domain}/${dkim}.private/etc/opendkim/SigningTable
*@${domain} ${dkim}._domainkey.${domain}RESTART
systemctl restart postfix opendkimSENDER
/etc/postfix/main.cf
relayhost = [$receiver_ip]RECEIVER
/etc/postfix/main.cf
myhostname = $domain_to_relay
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, localhost.localdomain, localhost
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 $sender_ip1 $sender_ip2
virtual_alias_maps = hash:/etc/postfix/virtualalias
/etc/postfix/virtual
$email_alias $email_to_sendCompile modifications
postmap /etc/postfix/virtual
postfix reload
postmap -q $email_alias /etc/postfix/virtualRESTART
systemctl restart postfix.servicePOSTCONF
https://linux.die.net/man/1/postconf
postconf # list all configuration variables
postconf # list all actual configuration variables
postconf -d # list all default configuration variables
postconf -m # list all supported database
postconf -e name=value # edit configuration in main.cf
postconf -M name=value # edit configuration in master.cfoptions
-a # List the available SASL server plug-in types
-A # List the available SASL client plug-in types
-b [template_file] # Display the message text that appears at the beginning of delivery status notification (DSN) messages, with $name expressions replaced by actual value
-c config_dir # The main.cf configuration file is in the named directory instead of the default configuration directory.
-d # Print default parameter settings instead of actual settings.
-e # Edit the main.cf configuration file
-h # Show parameter values only
-l # List the names of all supported mailbox locking methods
-m # List the names of all supported lookup table types
-n # Print parameter settings that are not left at their built-in default value, because they are explicitly specified in main.cf.
-t [template_file] # Display the templates for delivery status notification (DSN) messages
-v # Enable verbose logging for debugging purposesPOSTMAP
https://linux.die.net/man/1/postmap
postmap -q $domain mysql:$query # request mysql query to database
http://www.postfix.org/mysql_table.5.html
%s user@domain # complete string
%u user # user part of string
%d user@domain # domain part of string
# example
query = SELECT '%s,%u,%d'
postmap -q $email proxy:mysql:/etc/postfix/sql/query.cf
postmap -q $email mysql:/etc/postfix/sql/query.cfpostmap /etc/postfix/virtual
postfix reloadPOSTQUEUE
https://linux.die.net/man/1/postqueue
postqueue -p # list mails in queue
postqueue -j # list mails in queue in json format
postqueue -f # flush mails in queue
postsuper -d ALL deferred # clear deferred mails in queuePOSTSUPER
https://linux.die.net/man/1/postsuper
postsuper -d $mail_id # delete one mail with id in queue
postsuper -d deferred # delete all deferred mailsSSL
https://www.stevenrombauts.be/2018/12/test-smtp-with-telnet-or-openssl/
See openssl