You are on page 1of 4

Postfix SASL.

txt ==== Postfix SASL + Dovecot ==== ---------- : OK : ------------mkdir -p /etc/skel/Maildir/tmp mkdir -p /etc/skel/Maildir/new mkdir -p /etc/skel/Maildir/cur apt-get install postfix dovecot-common dovecot-imapd dovecot-pop3d libsasl2-2 libsasl2-modules sasl2-bin vi /etc/default/saslauthd START=yes MECHANISMS="pam" OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd" PWDIR="/var/spool/postfix/var/run/saslauthd" PARAMS="-m ${PWDIR}" PIDFILE="${PWDIR}/" vi /etc/postfix/ smtp inet n submission inet n smtps inet n -

y n y



smtpd smtpd smtpd

touch /etc/postfix/sasl/smtpd.conf echo "pwcheck_method: saslauthd" >> /etc/postfix/sasl/smtpd.conf echo "mech_list: PLAIN LOGIN" >> /etc/postfix/sasl/smtpd.conf echo "auth required nullok" >> /etc/pam.d/dovecot echo "account required" >> /etc/pam.d/dovecot mkdir -p /var/spool/postfix/var/run/saslauthd dpkg-statoverride --force --update --add root sasl 755 /var/spool/postfix/var/run/saslauthd

touch smtpd.key chmod 600 smtpd.key openssl genrsa 2048 > smtpd.key openssl req -new -key smtpd.key -x509 -days 3650 -out smtpd.crt openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650 mv smtpd.key /etc/ssl/private/ mv smtpd.crt /etc/ssl/certs/ mv cakey.pem /etc/ssl/private/ mv cacert.pem /etc/ssl/certs/ postconf postconf postconf postconf postconf postconf postconf postconf postconf postconf postconf postconf postconf postconf postconf -e -e -e -e -e -e -e -e -e -e -e -e -e -e -e "mynetworks =" "mailbox_size_limit = 10240000" "home_mailbox = Maildir/" "smtpd_sasl_auth_enable = yes" "broken_sasl_auth_clients = yes" "smtpd_sasl_authenticated_header = yes" "smtpd_recipient_restrictions = permit_sasl_authenticated reject" "smtpd_client_restrictions = permit_sasl_authenticated reject" "smtpd_sender_restrictions = permit_sasl_authenticated reject" "smtpd_helo_required = yes" "smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt" "smtpd_tls_key_file = /etc/ssl/private/smtpd.key" "smtpd_use_tls=yes" "smtpd_sasl_type = dovecot" "smtpd_sasl_path = private/auth" Page 1

list echo "deb http://webmin.txt postconf -e "smtpd_sasl_security_options = noanonymous" postconf -e "smtpd_tls_auth_only = yes" == Dovecot == echo "ssl = yes >> /etc/dovecot/dovecot.webmin.asc apt-get update apt-get install webmin ========================================================= ++ Apache + PHP + MySQL apt-get install apache2 apache2.mirror. Page 2 .conf" echo "mail_location = maildir:~/Maildir" >> /etc/dovecot/ sarge contrib" >> /etc/apt/sources.Postfix mysql-server mysql-client php5 libphp-jpgraph php5-auth-pam php-auth php5-sasl php5-suhosin php-pear php5-cgi php5-cli php5-common php5-curl php5-gd php5-gmp php5-imap php5-intl php5-ldap php5-mcrypt php5-mysql php5-tidy php5-xmlrpc php5-xsl php5-remctl php5-xcache php5-xdebug php5-imagick php5-memcache php5-mhash php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl php5-json apache2-mpm-prefork libapache2-mod-php5 php-mdb2 ========================================================= ++ Syslog-NG + PostgreSQL apt-get install syslog-ng libdbd-mysql apt-get install postgresql postgresql-client syslog-ng libdbd-pgsql su .uk/repository sarge contrib" >> /etc/apt/sources.asc apt-key add jcameron-key. \password syslog \password logwrite CREATE DATABASE syslog OWNER syslog.webmin.conf" echo "disable_plaintext_auth = no" >> /etc/dovecot/dovecot. CREATE ROLE logwrite WITH cd /root wget http://www.conf" auth default { mechanisms = plain login passdb pam { } socket listen { client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } ========================================================= ++ Webmin echo "deb http://download.postgres psql -U postgres CREATE ROLE syslog WITH LOGIN.

}. facility. '$FACILITY'.0. }. "message text") values("$R_ISODATE". tag. source(s_src). msg) VALUES ( '$HOST'. "message")). "$HOST". filter(f_warn). '$TAG'.conf destination d_maillog { sql(type(pgsql) host("127.0. "pid". '$PRIORITY'. filter(f_info). filter(f_mail). "host varchar(32)". source(s_src). "$PID". "host". "host varchar(32)". "$MSG") indexes("datetime".0. "pid". '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC'. destination(d_mailerr).Postfix SASL.0. "program varchar(16)". "$HOST". "host varchar(32)".0. "program varchar(16)". "$HOST". destination(d_mailinfo).0. ================== MySQL ================== destination my_mailerr { program("mysql -usysuser -pPwd4Sys syslog" template("INSERT INTO mailerr (host. "message text") values("$R_ISODATE". "program varchar(16)". "program". destination d_mailwarn { sql(type(pgsql) host("127. "$PROGRAM". filter(f_err). "program". }. Page 3 . "$PID". "pid". destination d_mailerr { program("/usr/bin/mysql -usyslogadmin -psyslogadmin syslog" host("127. "$MSG") indexes("datetime". "host varchar(32)". }. filter(f_mail).1") username("logwrite") password("PASSWORD") database("syslog") table("maillog_${R_YEAR}") columns("datetime timestamp with time zone". "$MSG") indexes("datetime". "$PROGRAM". source(s_src). level. }. filter(f_mail). destination(d_mailwarn). "host".0. datetime. destination(d_maillog). "program". priority. log log log log { { { { source(s_src).txt vi /etc/syslog-ng/syslog-ng. "$PID". "message text") values("$R_ISODATE". "pid varchar(16)".1") username("logwrite") password("PASSWORD") database("syslog") table("mailerr_${R_YEAR}") columns("datetime timestamp with time zone". "pid varchar(16)". "$PID". "message")). "host". filter(f_mail).1") username("logwrite") password("PASSWORD") database("syslog") table("mailinfo_${R_YEAR}") columns("datetime timestamp with time zone". "program". "message")). "message")). }. '$LEVEL'. "host". }. "$MSG") indexes("datetime". "program varchar(16)". "$PROGRAM".1") username("logwrite") password("PASSWORD") database("syslog") table("mailwarn_${R_YEAR}") columns("datetime timestamp with time zone". destination d_mailinfo { sql(type(pgsql) host("127. program.0. "$HOST". "pid". }. "pid varchar(16)". "$PROGRAM". "pid varchar(16)". "message text") values("$R_ISODATE".

msg) VALUES ( '$HOST'. '$PRIORITY'. datetime. '$FACILITY'. tag. msg) VALUES ( '$HOST'. priority.\n") template-escape(yes)). destination(my_mailinfo). program. '$LEVEL'. '$TAG'. log log log log { { { { source(s_src). }. datetime. datetime. level. '$PRIORITY'. facility. level.\n") template-escape(yes)). }. Page 4 . '$FACILITY'. '$LEVEL'. facility. }. filter(f_mail). '$TAG'. priority. filter(f_mail). program. '$PROGRAM'. destination my_mailinfo { program("mysql -usysuser -pPwd4Sys syslog" template("INSERT INTO mailinfo (host. '$PROGRAM'. }. '$LEVEL'. destination(my_maillog). msg) VALUES ( '$HOST'. '$PRIORITY'. }. filter(f_info). tag. source(s_src). '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC'. filter(f_err). priority.Postfix SASL. '$MSG' ). '$MSG' ). '$MSG' ). level. destination my_maillog { program("mysql -usysuser -pPwd4Sys syslog" template("INSERT INTO maillog (host. '$FACILITY'. filter(f_mail). program.\n") template-escape(yes)). destination(my_mailerr). '$MSG' ). }. filter(f_warn). '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC'. }. facility. '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC'. destination my_mailwarn { program("mysql -usysuser -pPwd4Sys syslog" template("INSERT INTO mailwarn (host. '$PROGRAM'. source(s_src).txt '$PROGRAM'.\n") template-escape(yes)). '$TAG'. destination(my_mailwarn). source(s_src). }. filter(f_mail). tag.