Mailserver-Best-Practice: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) (→Config) |
Thomas (Diskussion | Beiträge) |
||
| Zeile 15: | Zeile 15: | ||
=SSL Verschlüsselung= | =SSL Verschlüsselung= | ||
==Install letsencrypt== | ==Install letsencrypt== | ||
| − | * | + | *[[Letsencrpyt Ubuntu 16.04]] |
| − | |||
==master.cf changed== | ==master.cf changed== | ||
| Zeile 32: | Zeile 31: | ||
smtpd_tls_received_header = yes | smtpd_tls_received_header = yes | ||
</pre> | </pre> | ||
| + | |||
=Sasl2 over Dovecot= | =Sasl2 over Dovecot= | ||
*/etc/postfix/main.cf | */etc/postfix/main.cf | ||
Version vom 7. Februar 2018, 14:10 Uhr
Prepare Maildirs
- mkdir -p /etc/skel/Maildir/new
- mkdir -p /etc/skel/Maildir/cur
- mkdir -p /etc/skel/Maildir/tmp
Install Postfix
- apt-get install postfix
Postfix Service Handling
- systemctl start postfix.service
- systemctl restart postfix.service
- systemctl stop postfix.service
- systemctl status postfix.service
Config of Postfix
- /etc/postfix/master.cf
- /etc/postfix/main.cf
SSL Verschlüsselung
Install letsencrypt
master.cf changed
smtps inet n - y - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
main.cf
smtpd_tls_cert_file = /etc/letsencrypt/live/yyy.tuxmen.de/fullchain.pem smtpd_tls_key_file = /etc/letsencrypt/live/yyy.tuxmen.de/privkey.pem smtpd_tls_security_level = may smtpd_tls_received_header = yes
Sasl2 over Dovecot
- /etc/postfix/main.cf
smtpd_sasl_auth_enable = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
Dovecot
Install
- apt-get install dovecot-core dovecot-imap
Config
- /etc/dovecot/conf.d/10-ssl.conf
ssl = yes smtpd_tls_cert_file = /etc/letsencrypt/live/yyy.tuxmen.de/fullchain.pem smtpd_tls_key_file = /etc/letsencrypt/live/yyy.tuxmen.de/privkey.pem
- /etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:~/Maildir
- /etc/dovecot/conf.d/10-master.conf
service auth {
unix_listener auth-userdb {
#mode = 0666
#user =
#group =
}
unix_listener /var/spool/postfix/private/auth {
mode = 0666
}
}
Restart
- systemdctl restart postfix
- systemdctl restart dovecot