pavement

Postfix, virtual domain setup

From FreeBSDwiki
Revision as of 07:24, 2 April 2011 by 109.68.186.218 (Talk)
Jump to: navigation, search

WARNING: this article may be a little rough in places; I've done this on Ubuntu but haven't yet done this particular config on FreeBSD. It should be mostly corrected for FreeBSD already, but I'll fix any remaining rough patches if and when I do this on a FreeBSD box the first time. --Jimbo 23:42, 6 October 2009 (EDT)



Setting up Postfixadmin

Install postfixadmin from the ports tree in /usr/ports/mail/postfixadmin.

Postfixadmin will be installed in /usr/local/share/postfixadmin/, the configuration file will be in /usr/local/etc/postfixadmin/config.inc.php, and

a file /etc/apache2/conf.d/postfixadmin will be created and will set Alias /postfixadmin /usr/share/postfixadmin so that Postfixadmin will run from the URL /postfixadmin on your Apache server. (This can all be done manually if you do decide to install using the source tarball instead of the deb.) (italicized text is adapted from Ubuntu setup and needs to be modified for FreeBSD - I haven't set up Postfixadmin on a BSD box yet.)

Next, you need to configure Postfixadmin to match your setup (database user/pass, default domain, etc). Edit the file /usr/local/share/postfixadmin/config.inc.php and set the following: 

$CONF['configured'] = true;
$CONF['postfix_admin_url'] = 'http://yourdomain.tld/postfixadmin';

$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost_error_limit=10000
    -o smtpd_error_sleep_time=0
    -o smtpd_proxy_filter=
    -o mynetworks=127.0.0.0/8
    -o receive_override_options=no_unknown_recipient_checks

Now add a neutered user to run the script with: 

# pw useradd filter -s /sbin/nologin

Now install postprox. Download the source from http://www.ivarch.com/programs/postprox.shtml, untar it, cd into it and do a basic ./configure && make && make install. Everything should go swimmingly. Doublecheck that postprox was installed into /usr/local/sbin - if it went somewhere else, either move it there or edit the references to it in Postfix's master.cf, your choice.

Finally, you need to install spamassassin and clamav, and create the filter script that we referenced in the postprox invocation in master.cf. Install from ports, /usr/ports/mail/P5-spamassassin and /usr/ports/security/clamav.

To get spamd, freshclam, and clamd running, you'll need to edit /etc/rc.conf and set spamd_enable=YES, clamav_freshclam_enable=YES, and clamav_clamd_enable=YES. Once you've done that, make sure everything is running: 

# /usr/local/etc/rc.d/sa-spamd start
# /usr/local/etc/rc.d/clamav-freshclam start
# /usr/local/etc/rc.d/clamav-clamd start

And finally, create your /usr/local/bin/filter.sh script to tie it all together. One is provided at Postfix, relay MX - grab a copy from that article, place it in /usr/local/bin/filter.sh, and proceed.

Remember you need to make your filter.sh executable by your filter user: 

# chown filter /usr/local/bin/filter.sh && chmod 550 /usr/local/bin/filter.sh

Whew. Now that you've got all that done, issue a postfix reload, break out your handy copy of the EICAR virus and the nearest chunk of spam, and test everything to make sure it works. Be sure to try killing off clamd and/or spamd so that you know exactly what happens when they aren't running, also. (Your server will issue a 451 message to whoever is trying to send mail, asking them to requeue and try again later. Remember, though, THE END USER DOESN'T SEE THESE! so you will probably want to automate in some way to notify you when this happens as well.)

Retrieved from "http://freebsdwiki.net/index.php?title=Postfix,_virtual_domain_setup&oldid=12128"
Personal tools