Postfix DBMail OpenLDAP

Da Emigar.
Jump to navigation Jump to search

Come creare un server di posta completo utilizzando software Open Source su Ubuntu Server 8.10.


  1. Installare Ubuntu Server
  2. installare postfix
  3. installare dbmail
  4. installare openldap
  5. installare gld (greylist daemon)
  6. installare Roundcube (webmail)
  7. installare PHPLdapAdmin (gestione utenze LDAP)
  8. installare phpLdapPassword (cambio password LDAP da Web)
  9. installare phpMyAdmin (gestione database mysql)


Configurazione DBMail

dbmail.conf

# (c) 2000-2006 IC&S, The Netherlands
#
# Configuration file for DBMAIL

[DBMAIL]
#
# Database settings
#

#
# Supported drivers are mysql, pgsql, sqlite.
#
driver               = mysql

#
# Supported drivers are sql, ldap.
#
authdriver           = ldap

#
# Host for database, set to localhost if database is on
# the same host as dbmail and you want to use a local
# socket for connecting.
#
host                 = localhost

#
# If you want to use TCP/IP for connecting to the database,
# and have the database running on a non-standard port.
#
sqlport              =

#
# When using a local socket connection to the database, fill
# in the path to the socket here (e.g. /var/run/mysql.sock).
#
sqlsocket            = /var/run/mysqld/mysqld.sock

#
# Database username.
#
user                 = dbmail

#
# Database password.
#
pass                 = XXXXXXXX

#
# Database name.
#
db                   = dbmail

#
# Table prefix. Defaults to "dbmail_" if not specified.
#
table_prefix         = dbmail_

#
# encoding must match the database/table encoding.
# i.e. latin1, utf8
encoding             = utf8

#
# messages with unknown encoding will be assumed to have
# default_msg_encoding
# i.e. iso8859-1, utf8
default_msg_encoding = utf8

#
# Postmaster's email address for use in bounce messages.
#
#postmaster           = DBMAIL-MAILER

#
# Sendmail executable for forwards, replies, notifies, vacations.
# You may use pipes (|) in this command, for example:
# dos2unix|/usr/sbin/sendmail  works well with Qmail.
# You may use quotes (") for executables with unusual names.
#
sendmail              = /usr/sbin/sendmail

#
#
# The following items can be overridden in the service-specific sections.
#
#

#
# Trace level to send to syslog. Default is 2 (messages, errors, fatals).
#
TRACE_SYSLOG          = 2

#
# Trace level to send to stderr. Default is 0 (fatals).
#
TRACE_STDERR          = 1

#
# Root privs are used to open a port, then privs
# are dropped down to the user/group specified here.
#
EFFECTIVE_USER        = dbmail
EFFECTIVE_GROUP       = dbmail

#
# The IP addresses the services will bind to.
# Use * for all local interfaces.
# Use 127.0.0.1 for localhost only.
# Separate multiple entries with spaces ( ) or commas (,).
#
BINDIP                = *

#
# Default number of child processes to start.
#
NCHILDREN             = 2

#
# Maximum number of child processes allowed.
#
MAXCHILDREN           = 10

#
# Unused children to always have availale.
#
MINSPARECHILDREN      = 2

#
# Maximum unused children allowed to be active.
#
MAXSPARECHILDREN      = 4

#
# Child process is restarted after handling this many connections.
#
MAXCONNECTS           = 10000

#
# Child process will restart after this many connection errors.
#
MAX_ERRORS            = 500

#
# Idle time allowed before a connection is shut off.
#
TIMEOUT               = 300

#
# Idle time allowed before a connection is shut off if you have not logged in yet.
#
login_timeout         = 60

#
# If yes, resolves IP addresses to DNS names when logging.
#
RESOLVE_IP            = no

#
# logfile for stdout messages
#
logfile               = /var/log/dbmail/dbmail.log

#
# logfile for stderr messages
#
errorlog              = /var/log/dbmail/dbmail.err

#
# directory for storing PID files
#
pid_directory         = /var/run/dbmail

#
# directory for storing the daemon statefiles
#
state_directory       = /var/run/dbmail

#
# directory for locating libraries (normally has a sane default compiled-in)
#
#library_directory       = /usr/lib/dbmail

[SMTP]
# In fact, there isn't anything here by default.


[LMTP]
#
# Port to bind to.
#
PORT                  = 24

[POP]
#
# Port to bind to.
#
PORT                  = 110

#
# If yes, allows SMTP access from the host IP connecting by POP3.
# This requires addition configuration of your MTA
#
POP_BEFORE_SMTP       = no

[IMAP]

#
# Port to bind to.
#
PORT                  = 143

#
# IMAP prefers a longer timeout than other services.
#
TIMEOUT               = 4000

#
# If yes, allows SMTP access from the host IP connecting by IMAP.
# This requires addition configuration of your MTA
#
IMAP_BEFORE_SMTP      = no

#
# during IDLE, how many seconds between checking the mailbox
# status (default: 30)
#
# idle_timeout          = 30

#
# Provide a CAPABILITY to override the default
#
# capability            = IMAP4 IMAP4rev1 AUTH=LOGIN ACL NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE



[SIEVE]
#
# Port to bind to.
#
PORT                  = 2000

[LDAP]
PORT                  = 389
VERSION               = 3
HOSTNAME              = localhost
BASE_DN               = ou=Utenti,dc=example,dc=com

#
# If your LDAP library supports ldap_initialize(), then you can use the
# alternative LDAP server DSN like following.
#
# URI                = ldap://127.0.0.1:389
# URI                = ldapi://%2fvar%2frun%2fopenldap%2fldapi/

#
# Leave blank for anonymous bind.
# example: cn=admin,dc=mydomain,dc=com
#
BIND_DN               = cn=dbmail-bind-user,dc=example,dc=com

#
# Leave blank for anonymous bind.
#
BIND_PW               = XXXXXXXXXXXXXXXXXXXXX
SCOPE                 = SubTree
USER_OBJECTCLASS      = top,account,dbmailUser
FORW_OBJECTCLASS      = top,account,dbmailForwardingAddress
CN_STRING             = uid
FIELD_PASSWD          = userPassword
FIELD_UID             = uid
FIELD_NID             = uidNumber
MIN_NID               = 10000
MAX_NID               = 15000
FIELD_CID             = gidNumber
MIN_CID               = 10000
MAX_CID               = 15000
FIELD_MAIL            = mail
FIELD_QUOTA           = mailQuota
FIELD_FWDTARGET       = mailForwardingAddress

[DELIVERY]
#
# Run Sieve scripts as messages are delivered.
#
SIEVE                 = yes

#
# Use 'user+mailbox@domain' format to deliver to a mailbox.
#
SUBADDRESS            = yes

#
# Turn on/off the Sieve Vacation extension.
#
SIEVE_VACATION        = yes

#
# Turn on/off the Sieve Notify extension
#
SIEVE_NOTIFY          = yes

#
# Turn on/off additional Sieve debugging.
#
SIEVE_DEBUG           = no

#
# Use the auto_notify table to send email notifications.
#
AUTO_NOTIFY           = no

#
# Use the auto_reply table to send away messages.
#
AUTO_REPLY            = no
#
# Defaults to "NEW MAIL NOTIFICATION"
#
#AUTO_NOTIFY_SUBJECT        =

#
# Defaults to POSTMASTER from the DBMAIL section.
#
#AUTO_NOTIFY_SENDER        =

#
# If you set this to 'yes' dbmail will check for duplicate
# messages in the relevant mailbox during delivery using
# the Message-ID header
#
suppress_duplicates     = yes


# end of configuration file

Configurazione OpenLDAP

Configurazione di Postfix

main.cf

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (OSF1 V5.1 2650 alpha)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_CAfile = /etc/ssl/certs/Emigar_Class1_Root_CA.pem
smtpd_tls_CApath = /etc/ssl/certs/
smtpd_tls_cert_file=/etc/ssl/certs/example.com.pem
smtpd_tls_key_file=/etc/ssl/private/example.com.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_CAfile = /etc/ssl/certs/Emigar_Class1_Root_CA.pem
smtp_tls_CApath = /etc/ssl/certs/
smtp_tls_cert_file=/etc/ssl/certs/example.com.pem
smtp_tls_key_file=/etc/ssl/private/example.com.key

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = www.example.com
alias_maps = hash:/etc/aliases ldap:/etc/postfix/ldap-aliases.cf
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = example.com, www.example.com, localhost.example.com, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
html_directory = /usr/share/doc/postfix/html

### DBMail ###
mailbox_transport = lmtp:127.0.0.1:24

### Greylist ###
smtpd_recipient_restrictions =
 permit_mynetworks,
 reject_unauth_pipelining,
 reject_non_fqdn_recipient,
 reject_unknown_recipient_domain,
 reject_unauth_destination,
 check_policy_service inet:127.0.0.1:2525,
 permit

### LDAP Accounts ###
#virtual_mailbox_maps = ldap:/etc/postfix/ldap-users.cf

ldap-aliases.cf

#
debuglevel = 0
version = 3
server_host = localhost
server_port = 389
bind = yes
bind_dn = cn=postfix-bind-user,dc=example,dc=com
bind_pw = XXXXXXXXXXXXXXXXXXXXXX

search_base = ou=Utenti,dc=example,dc=com
#query_filter = (&(mail=%s))
query_filter = (mail=%s@example.com)
result_format = %s
result_attribute = mail