postfix help and off the blacklist

Leah Cunningham leah-L9i2b+zLJ9LIrURfT66hzQ at public.gmane.org
Mon Feb 20 16:19:17 UTC 2006


A simple main.cf with TLS and SSL might look like this:

myhostname = mail.example.com
mydestination = $myhostname, examplevhost.com, anotherexamplevhost.com
alias_maps = hash:/etc/aliases
local_recipient_maps =
proxy:unix:passwd.byname,ldap:/etc/postfix/ldap-users.cf
virtual_alias_maps =
hash:/etc/aliases,ldap:/etc/postfix/ldap-virtualaccounts.cf
mynetworks_style = host
mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
### SMTP AUTH RELATED ###
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
#smtpd_tls_auth_only = yes
#smtp_use_tls = yes
#smtpd_use_tls = yes
#smtp_tls_note_starttls_offer = yes
#smtpd_tls_cert_file = /etc/postfix/ssl/certs/example.com.crt
#smtpd_tls_key_file = /etc/postfix/ssl/certs/example.com.key
#smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
#smtpd_tls_loglevel = 1
#smtpd_tls_received_header = yes
#smtpd_tls_session_cache_timeout = 3600s
#tls_random_source = dev:/dev/urandom
### Need this for SUSE ##
setgid_group = maildrop
daemon_directory = /usr/lib/postfix

Just plonk the different domains into mydestination and make sure the MX
records point to the server and DNS on the server works correctly.  This
one will let you relay if you authenticated, but not otherwise.  You
could turn off the tls stuff to uncomplicate the matter.

I have a bunch of examples for LDAP, but that could be easily modified
to not look at LDAP under:

http://www.heinous.org/wiki/Category:Postfix

The one for SMTP Auth w/o LDAP is :
http://www.heinous.org/wiki/Postfix_with_SSL_SMTP_%26_Authentication

On Sat, 2006-02-18 at 11:08 -0500, Madison Kelly wrote:
> Hi all,
> 
>    A quick update first:
> 
>    The hacked/compromised server isn't getting spam out anymore (I told 
> sendmail to block outgoing mail from 'apache', which is only a 
> stop-gap). So now I am working on getting the mail and websites over to 
> the new server.
> 
>    Also, as Alex suggested, I've disabled root login over SSH on the new 
> server. As Vlad suggested I'll be installing some form of IDS on the new 
> server (FAM I've seen but I'll compare it to Tripwire before I choose 
> one). I'm still worried that it's a script somewhere so I'm going to 
> move the websites one at a time and see if the spam trying to be sent 
> stops when one is moved. If so it will narrow down what I have to look for.
> 
>    Today's question is about Postfix:
> 
>    I've finally made the switch from Sendmail after many people here 
> suggested I do so. Of course now I am having trouble getting virtual 
> hosting working. I'm confused about what I should be using as the 
> 'myhostname' and such.
> 
>    I admit my problems are largely due to me being rather tired and 
> frustrated about this whole mess. I've read the Postfix docs on virtual 
> hosting but keep messing it up. As of now, mail is relaying through the 
> server so postfix is working.
> 
>    Any help, even just a pointer to a more concise how-to for someone 
> trying to virtual host multiple domains pointed at system users would be 
> great. The postfix docs keep talking about using LDAP, SQL and such 
> which just keeps throwing me for a loop.
> 
>    Thanks!!
> 
> Madison
> 
-- 
Leah Cunningham : d416-585-9971x692 : d416-703-5977 : m416-559-6511
Frauerpower! Co. : www.frauerpower.com : Toronto, ON Canada

--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list