Prostředí: operační systém pro spamfiltr - Opensuse 11.4. Na Lotus Domino serveru spuštěno LDAP.
Potřebné balíčky: postfix, amavisd-new, postgrey, clamav, clamav-db. Je potřeba nastavit automatické spouštění pro postfix, amavis, clamd, freshclam, postgrey.
Konfigurace postfixu:
- editace main.cf (příklad níže)
- editace souboru transport (příklad níže). Po uložení nezapomenout zavolat postmap transport
- vytvoření souboru ldap_access.cf (příklad níže).
Ověření dotazu do LDAP Domino Serveru:
postmap -q "adresa@domena.xx" ldap:/etc/postfix/ldap_access.cf
vrátí správnou e-mail adresu,
postmap -q "nic@domena.xx" ldap:/etc/postfix/ldap_access.cf
nevrátí nic.
Ověření dotazu do LDAP Domino Serveru:
postmap -q "adresa@domena.xx" ldap:/etc/postfix/ldap_access.cf
vrátí správnou e-mail adresu,
postmap -q "nic@domena.xx" ldap:/etc/postfix/ldap_access.cf
nevrátí nic.
Ověření:
(kurzívou jsou uvedeny zadávané příkazy):
Spustit postfix a výše uvedené služby.
spamfilter:~ # telnet localhost 25
Connected to localhost.
Escape character is '^]'.
220 hostname.domena.xx ESMTP Postfix
ehlo test
250-gw.cruxit.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: <>
250 2.1.0 Ok
rcpt to: existujici_adresa@domena.xxx
250 2.1.5 Ok
rcpt to:neexistujici_adresa@domena.xxx
550 5.1.1 <neexistujici_adresa@domena.xxx>: Recipient address rejected: User unknown in relay recipient table
quit
quit
Příklad konfiguračních souborů
main.cf
program_directory = /usr/lib/postfix
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = maildrop
html_directory = /usr/share/doc/packages/postfix-doc/html
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/packages/postfix-doc/samples
readme_directory = /usr/share/doc/packages/postfix-doc/README_FILES
net_protocols = all
biff = no
mail_spool_directory = /var/mail
canonical_maps = hash:/etc/postfix/canonical
virtual_alias_domains = hash:/etc/postfix/virtual
relocated_maps = hash:/etc/postfix/relocated
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
myhostname = hostname.domena.xx
delay_warning_time = 1h
message_strip_characters = \0
inet_interfaces = all
masquerade_domains =
mydestination =
defer_transports =
mynetworks_style = host
mynetworks = 127.0.0.1, 192.168.168.0/24 #upravit dle potřeby
disable_dns_lookups = no
strict_8bitmime = no
disable_mime_output_conversion = no
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access, reject_unknown_sender_domain
smtpd_client_restrictions = permit_mynetworks,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.njabl.org,
reject_unauth_pipelining,
reject_unknown_sender_domain
smtpd_recipient_restrictions = permit_mynetworks,
reject_unauth_destination,
check_policy_service unix:postgrey/socket
content_filter = amavis:[127.0.0.1]:10024
relay_domains = hash:/etc/postfix/relay
virtual_alias_maps = hash:/etc/postfix/virtual
relay_recipient_maps = ldap:/etc/postfix/ldap_access.cf
transport_maps = hash:/etc/postfix/transport
smtpd_helo_required = yes
smtpd_helo_restrictions =
strict_rfc821_envelopes = no
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = no
smtpd_use_tls = no
ldap_access.cf
server_host = ldap://ip.domino.serveru:389
#login na domino server, pokud neni povolen anonymní přístup
bind = yes
bind_dn = cn=postfix,o=organization
bind_pw = heslo
search_base =
query_filter = (|(mail=%s)(|(cn=%s))(|(uid=%u))) #dotaz upravit dle potřeby
result_attribute = mail
transport
domena.com smtp:[ip_domino_serveru]
0 komentářů:
Přidat komentář