Wiki de FedeRez

Outils pour utilisateurs

Outils du site

Piste : mail
admin:services:mail

Ceci est une ancienne révision du document !

Table des matières

< retour à la page de l'administration technique

Serveurs Mails

Cette page explique succinctement comment configurer un serveur mails sous postfix avec amavisd, spamassassin et clamav.

Il est également possible d'ajouter un outil de Mailing-list.

Packages

# nano /etc/apt/sources.list
# wheezy-updates
deb     http://ftp.fr.debian.org/debian/     wheezy-updates main contrib non-free
deb-src http://ftp.fr.debian.org/debian/     wheezy-updates main contrib non-free
# aptitude update
# aptitude upgrade
# aptitude install postfix postgrey
# aptitude install amavisd-new clamav clamav-daemon clamav-freshclam
# aptitude install spamassassin bzip2 libnet-ph-perl libnet-snpp-perl libnet-telnet-perl
# aptitude install lha arj rar unrar unrar-free nomarch lzop cabextract razor pyzor p7zip-full pax zip unzip lha zoo
# dpkg-reconfigure postfix
System mail name : quigon.federez.net
root and postmaster mail recipient : admin@federez.net
Other destinations to accept mail for : federez.net, quigon.federez.net, etc.
Force synchronous updates on mail queue : No
Local networks: 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
Use procmail for local delivery : Yes
Mailbox size limite : 0
Local address extension character: +
Internet protocols to use: all

Postgrey

nano /etc/default/postgrey
POSTGREY_OPTS="--inet=127.0.0.1:10023 --delay=65 --max-age=40 --retry-window=5h --auto-whitelist-clients=3"
POSTGREY_TEXT="Unable to accept the message now. Please retry later."
# nano /etc/postfix/main.cf
# postgrey
smtpd_recipient_restrictions = permit_mynetworks,
                               permit_sasl_authenticated,
                               reject_unauth_destination,
                               check_policy_service inet:127.0.0.1:10023
# nano /etc/postgrey/whitelist_clients
# some others
scarlet.be
hotmail.com
yahoo.co.uk
europa.eu
mail-out.ovh.net
paypal.com
mxb.ovh.net
cert.org
bigfoot.com
brutele.be
tech.numericable.fr
# kill $(ps aux | grep '/postgrey' | grep -v grep | awk '{print $2}')
# /etc/init.d/postgrey restart
# /etc/init.d/postfix restart

--> postgrey doit marcher :-) --<

Amavisd, spamassassin, clamav

# nano /etc/postfix/master.cf
# amavis
amavisfeed unix    -       -       n       -       2     smtp
     -o smtp_data_done_timeout=1200
     -o smtp_send_xforward_command=yes
     -o smtp_tls_note_starttls_offer=no

127.0.0.1:10025 inet n    -       n       -       -     smtpd
     -o content_filter=
     -o smtpd_delay_reject=no
     -o smtpd_client_restrictions=permit_mynetworks,reject
     -o smtpd_helo_restrictions=
     -o smtpd_sender_restrictions=
     -o smtpd_recipient_restrictions=permit_mynetworks,reject
     -o smtpd_data_restrictions=reject_unauth_pipelining
     -o smtpd_end_of_data_restrictions=
     -o smtpd_restriction_classes=
     -o mynetworks=127.0.0.0/8
     -o smtpd_error_sleep_time=0
     -o smtpd_soft_error_limit=1001
     -o smtpd_hard_error_limit=1000
     -o smtpd_client_connection_count_limit=0
     -o smtpd_client_connection_rate_limit=0
     -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters
     -o local_header_rewrite_clients=
     -o smtpd_milters=
     -o local_recipient_maps=
     -o relay_recipient_maps=
# nano /etc/postfix/main.cf
# amavis
content_filter=amavisfeed:[127.0.0.1]:10024
receive_override_options = no_address_mappings
# nano /etc/amavis/conf.d/15-content_filter_mode
@bypass_virus_checks_maps = (
   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
@bypass_spam_checks_maps = (
   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
# nano /etc/amavis/conf.d/05-domain_id
#@local_domains_acl = ( ".$mydomain" );
@local_domains_acl = ( ".federez.net", ".federez.org", ".federez.fr", "federez.eu" );
# nano /etc/amavis/conf.d/20-debian_defaults
$sa_spam_subject_tag = '';
[...]
# qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
  qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta|
         inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst|
         ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs|
         wmf|wsc|wsf|wsh)$'ix,  # banned ext - long
[...]
# nano /etc/amavis/conf.d/01-debian
$unrar      = ['rar', 'unrar']; #disabled (non-free, no security support)
#$unrar      = ['unrar-free'];
# nano /etc/spamassassin/local.cf
bayes_auto_expire 0
# nano /etc/default/spamassassin
CRON=1
# adduser clamav amavis
# freshclam
# su debian-spamd -c "sa-update --gpghomedir /var/lib/spamassassin/sa-update-keys"
# /etc/init.d/amavis restart
# /etc/init.d/clamav-freshclam restart
# /etc/init.d/clamav-daemon restart
# /etc/init.d/postfix restart

Debug

/usr/share/doc/amavisd-new/README.Debian
/usr/share/doc/amavisd-new/README.postfix.gz
/etc/init.d/amavis debug
ou
/etc/init.d/amavis debug-sa
tail /var/log/mail.log
admin/services/mail.1392564123.txt.gz · Dernière modification : 2014/02/16 16:22 de francois.blondel
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki