Интернет | ||||||||||||||||||||||||||||||||||||||||||||
Сервер SMTP Postfix |
Вход | Системный | Выход | Локальный | ||||||||||||||||||||||||||||||||||||||||
Сервер IMAP Dovecot |
||||||||||||||||||||||||||||||||||||||||||||
Локальная сеть | ||||||||||||||||||||||||||||||||||||||||||||
Основная статья о Postfix.
Внутренний и внешний домен находятся на одном физическом сервере.
В данном примере использована работа с несколькими экземплярами Postfix, далее приведены команды, которые нужно выполнить для работы в этом режиме:
postmulti -e init mkdir /etc/postfix-i postmulti -I postfix-i -G local -e create postmulti -i postfix-i -e enable mkdir /etc/postfix-l postmulti -I postfix-l -G local -e create postmulti -i postfix-l -e enable mkdir /etc/postfix-o postmulti -I postfix-o -G local -e create postmulti -i postfix-o -e enable
Нужно создать символические ссылки на /etc/postfix/dynamicmaps.cf
:
ln -s /etc/postfix/dynamicmaps.cf /etc/postfix-i ln -s /etc/postfix/dynamicmaps.cf /etc/postfix-l ln -s /etc/postfix/dynamicmaps.cf /etc/postfix-o
/etc/postfix
tcp /usr/lib/postfix/dict_tcp.so dict_tcp_open sqlite /usr/lib/postfix/dict_sqlite.so dict_sqlite_open ldap /usr/lib/postfix/dict_ldap.so dict_ldap_open
smtpd_banner = $myhostname ESMTP $mail_name biff = no append_dot_mydomain = no readme_directory = no myorigin = localhost myhostname = localhost.localdomain mydestination = localhost alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases mynetworks = 127.0.0.0/8 relayhost = mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = 127.0.0.1 multi_instance_enable = yes multi_instance_wrapper = ${command_directory}/postmulti -p -- multi_instance_directories = /etc/postfix-i /etc/postfix-o /etc/postfix-l virtual_transport = lmtp:unix:private/dovecot-lmtp virtual_alias_maps = ldap:/etc/postfix/ldap-users.cf ldap:/etc/postfix/ldap-groups.cf
localhost.localdomain :127.0.0.1 .localhost.localdomain :127.0.0.1 domain.local smtp:smtp.domain.local domain.ru smtp:smtp.domain.local domain2.ru smtp:smtp.domain.local
postmap /etc/postfix/transport
server_host = ldap bind = yes version = 3 search_base = ou=users,dc=domain # query_filter = (&(!(l=disabled)) (|(mail=%s)(maildrop=%s))(objectclass=mailUser)) query_filter = (&(!(l=disabled)) (|(mail=%s)(maildrop=%s))(objectclass=mailUser)) result_attribute = maildrop
server_host = ldap search_base = ou=groups,dc=domain query_filter = (&(|(mail=%s)(mailRoutingAddress=%s))(objectclass=mailGroup)) special_result_attribute = member result_attribute = maildrop
/etc/postfix/postfix-i
helo_restrictions.domain1 OK helo_restrictions.domain2 OK
postmap /etc/postfix-i/helo_restrictions
alias_maps = hash:/etc/aliases unknown_local_recipient_reject_code = 550 readme_directory = no inet_protocols = ipv4 recipient_delimiter = + multi_instance_enable = yes multi_instance_group = in multi_instance_name = postfix-i data_directory=/var/lib/postfix-i queue_directory = /var/spool/postfix-i mynetworks = 127.0.0.0/8 myhostname = mail.domain.ru smtpd_proxy_ehlo = mail.domain.ru smtpd_banner = $myhostname ESMTP inet_interfaces = 203.0.113.13 127.0.0.2 mydestination = domain.ru content_filter=smtp-amavis:[127.0.0.1]:10024 virtual_alias_maps = hash:/etc/postfix-i/virtual relayhost = disable_vrfy_command = yes show_user_unknown_table_name = no smtpd_helo_required = yes smtpd_helo_restrictions= permit_mynetworks, permit_sasl_authenticated, reject_invalid_hostname, reject_non_fqdn_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname smtpd_sender_restrictions= reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unlisted_sender, permit_mynetworks, permit_sasl_authenticated smtpd_recipient_restrictions= reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unlisted_recipient, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination reject_invalid_hostname smtpd_data_restrictions= reject_unauth_pipelining, reject_multi_recipient_bounce smtpd_etrn_restrictions= permit_mynetworks, permit_sasl_authenticated, reject message_size_limit = 30720000 receive_override_options = no_address_mappings transport_maps = hash:/etc/postfix/transport virtual_alias_maps = ldap:/etc/postfix/ldap-users.cf ldap:/etc/postfix/ldap-groups.cf
В файл /etc/postfix/postfix-i/master.cf>
нужно добавить строки для работы с AMaViSd-new по описанию в Postfix: AMaViSd-new
test: test@domain.ru test1: test1@domain.ru test2: test2@domain.ru
postalias /etc/postfix-i/virtual
/etc/postfix/postfix-l
mydomain = domain.local myhostname = mail.domain.local mydestination = localhost $mydomain $myhostname myorigin = $mydomain smtpd_proxy_ehlo = $mydomain smtp_helo_name = $mydomain smtpd_banner = $myhostname ESMTP (s) biff = no multi_instance_enable = yes multi_instance_group = local multi_instance_name = postfix-l queue_directory = /var/spool/postfix-l data_directory = /var/lib/postfix-l append_dot_mydomain = no readme_directory = no delay_warning_time = 4h message_size_limit = 30720000 alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases relayhost = 10.1.0.1:587 mynetworks = 10.1.0.0/24 mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = 10.1.0.1 203.0.113.13 mailbox_transport = lmtp:unix:private/dovecot-lmtp virtual_transport = lmtp:unix:private/dovecot-lmtp virtual_alias_maps = ldap:/etc/postfix/ldap-users.cf ldap:/etc/postfix/ldap-groups.cf #TLS smtpd_use_tls = yes smtpd_tls_cert_file = /etc/ssl/certs/mail.domain.ru.crt smtpd_tls_key_file = /etc/ssl/private/mail.domain.ru.key smtpd_tls_CApath = /etc/ssl/certs/domain_rootCA.crt smtpd_tls_loglevel = 0 smtpd_tls_received_header = yes
10.1.0.1:smtp inet n - - - - smtpd 203.0.113.13:smtps inet n - - - - smtpd -o syslog_name=postfix-o/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o mynetworks=0.0.0.0/0
/etc/postfix/postfix-o
@domain.local @domain.ru @domain.ru @domain.ru @domain2.ru @domain.ru
postmap /etc/postfix-o/generic
alias_maps = hash:/etc/aliases unknown_local_recipient_reject_code = 550 smtpd_banner = $myhostname ESMTP readme_directory = no inet_protocols = ipv4 recipient_delimiter = + multi_instance_enable = yes multi_instance_group = out multi_instance_name = postfix-o queue_directory = /var/spool/postfix-o data_directory = /var/lib/postfix-o relayhost = mydestination = domain.ru myhostname = mail.domain.ru mynetworks = 10.1.0.0/24 inet_interfaces = 203.0.113.13 smtp_bind_address = 203.0.113.13 smtp_helo_name = $myhostname smtp_generic_maps = hash:/etc/postfix-o/generic receive_override_options = no_address_mappings transport_maps = hash:/etc/postfix/transport receive_override_options = delay_warning_time = 4h #DKIM milter_default_action = accept milter_protocol = 2 smtpd_milters = inet:localhost:8891 non_smtpd_milters = inet:localhost:8891
10.1.0.1:587 inet n - - - - smtpd