04.11.2025, 15:56 UhrDeutsch | English
Hallo Gast [ Registrierung | Anmelden ]
Menu
Sponsor

HETZNER online
News
Letzte Änderung am 2006-09-12 13:02:54 von HJH

Erweiterungen:

Postfix Postfix mailserver configuration

Troubleshooting



Löschungen:

Postfix Postfix mailserver configuration

Troubleshooting



Editiert am 2006-09-12 13:02:29 von HJH

Erweiterungen:

Postfix Postfix mailserver configuration

#Most of the above settings are to make it harder for spam to get in. They are well documented on the internet, so I wont comment on them here. Only the helo thing: helo is sent by all servers; spammers sometimes also spoof this. If you see a pattern in your /var/log/mail.info in the helo of a spammer, just fill out that helo in /etc/postfix/helo_access, run

Löschungen:

Postfix Postfix mailserver configuration

#Most of the above settings are to make it harder for spam to get in. They are well documented on the internet, so I wont comment on them here. Only the helo thing: helo is sent by all servers; spammers sometimmes also spoof this. If you see a pattern in your /var/log/mail.info in the helo of a spammer, just fill out that helo in /etc/postfix/helo_access, run

Editiert am 2006-09-12 00:43:06 von HJH

Erweiterungen:

Troubleshooting



Löschungen:
Troubleshooting

Editiert am 2006-09-12 00:39:14 von HJH

Erweiterungen:
Troubleshooting On firewalls: Open port 25 for your mailserver
Check whether your ISP lets you use an e-mail server. A lot of ISP's closed off port 25 on their networks!

Editiert am 2006-09-11 23:36:38 von RoEn faselifting

Erweiterungen:

Postfix Postfix mailserver configuration

To install postfix, do: 
apt-get install postfix

Set it up the way you want, but don't worry: if you are not sure about settings, you can always run it again with 
dpkg-reconfigure postfix

Because you also want to keep out SPAM, also install postgrey: 
apt-get install postgrey

I'm not going to comment on the postgrey settings, as the defaults are fine. The only thing you might want to do, is to exclude certain mailservers from postgrey. Look in /etc/postgrey/ to whitelist servers.
All IP's are blanked out, just as hostnames, this is the file /etc/postfix/main.cf:
                                               reject_invalid_hostname

End of the main.cf file.
#Most of the above settings are to make it harder for spam to get in. They are well documented on the internet, so I wont comment on them here. Only the helo thing: helo is sent by all servers; spammers sometimmes also spoof this. If you see a pattern in your /var/log/mail.info in the helo of a spammer, just fill out that helo in /etc/postfix/helo_access, run 
postmap /etc/postfix/helo_access

and your settings will be activated. Below is an example of a helo_access file:
sina.com                REJECT

After changing your settings in main.cf, you need to restart postfix: 
postfix reload

If you are having issues, the first thing to do is to look in /var/log/mail.info, /var/log/mail.warn , /var/log/mail.err. These files usually tell you what's wrong with your current setup.
When a setting you just changed, looks unchanged in postfix, look in /var/spool/postfix/etc. In this folder postfix keeps its config, as it is a chrooted service. Update settings here if needed.

Löschungen:

Postfix mailserver configuration

To install postfix, do: "apt-get install postfix"
Set it up the way you want, but don't worry: if you are not sure about settings, you can always run it again with "dpkg-reconfigure postfix".
Because you also want to keep out SPAM, also install postgrey: "apt-get install postgrey"
I'm not going to comment on the postgrey settings, as the defaults are fine. The only thing you might want to do, is to exclude certain mailservers from postgrey. Look in "/etc/postgrey/" to whitelist servers.
All IP's are blanked out, just as hostnames, this is the file "/etc/postfix/main.cf":
[code]
                      1. invalid_hostname
[/code]
#End of the main.cf file.
#Most of the above settings are to make it harder for spam to get in. They are well documented on the internet, so I wont comment on them here. Only the helo thing: helo is sent by all servers; spammers sometimmes also spoof this. If you see a pattern in your /var/log/mail.info in the helo of a spammer, just fill out that helo in "/etc/postfix/helo_access", run "postmap /etc/postfix/helo_access" and your settings will be activated. Below is an example of a "helo_access" file:
[code]
sina.com REJECT
[/code]
After changing your settings in main.cf, you need to restart postfix: "postfix reload"
If you are having issues, the first thing to do is to look in "/var/log/mail.info" , "/var/log/mail.warn" , "/var/log/mail.err". These files usually tell you what´s wrong with your current setup.
When a setting you just changed, looks unchanged in postfix, look in "/var/spool/postfix/etc" In this folder postfix keeps its config, as it is a chrooted service. Update settings here if needed.

Editiert am 2006-09-11 23:17:59 von HJH

Erweiterungen:

Postfix mailserver configuration



Löschungen:

mailserver configuration



Editiert am 2006-09-11 23:16:43 von HJH

Erweiterungen:

mailserver configuration



Löschungen:

mailserver configuration Postfix mailserver configuration



Editiert am 2006-09-11 23:16:20 von HJH

Erweiterungen:

mailserver configuration Postfix mailserver configuration



Löschungen:

Postfix mailserver configuration



älteste bekannte Version dieser Seite wurde bearbeitet am 2006-09-11 23:14:43 von HJH [ ]

Postfix mailserver configuration


To install postfix, do: "apt-get install postfix"
Next, you will be guided thru a wizard.
Set it up the way you want, but don't worry: if you are not sure about settings, you can always run it again with "dpkg-reconfigure postfix".
Because you also want to keep out SPAM, also install postgrey: "apt-get install postgrey"
I'm not going to comment on the postgrey settings, as the defaults are fine. The only thing you might want to do, is to exclude certain mailservers from postgrey. Look in "/etc/postgrey/" to whitelist servers.


Below is a basic setup for a mailserver with internet access.
All IP's are blanked out, just as hostnames, this is the file "/etc/postfix/main.cf":

[code]
# See /usr/share/postfix/main.cf.dist for a commented, more complete version

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
delay_warning_time = 4h <-Set this because it is a bit below standard, and I want an early warning

myhostname = mail.mydomain.com
mydomain = mydomain.com
alias_maps = hash:/etc/aliases
#alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = machinename.mydomain.com, localhost.mydomain.com, localhost, mydomain, mail.mydomain.com <- I use mail.mydomain.com as standard mx record setting. You could also use smtp.mydomain.com (or anything else), but you also have to set that here then.

mynetworks = 127.0.0.0/8 192.168.1.0/8 <external IP>

home_mailbox = Maildir/ <- use something without a "/" on the end here, if you use mailfiles and not folders!
#mailbox_command = procmail -a "$EXTENSION"
mailbox_command = /usr/bin/maildrop <- this one is for mailfolders; for mailfiles, use the line outcommented above this one.

mailbox_size_limit = 0 <- set this if you want people to use only a limited size mailbox
recipient_delimiter = +
inet_interfaces = all <- could be only on a specific interface (i.e. eth0, lan0?, net0?)

smtpd_banner=$myhostname ESMTP $mail_name (MyCompanyname?)
debug_peer_level=3
sendmail_path = /usr/sbin/sendmail.postfix

virtual_maps = hash:/etc/postfix/virtual <- only if you use virtual domains; in that case don't forget to create a file "virtual"

smtpd_recipient_restrictions = permit_mynetworks
                        1. unauth_destination
                      2. policy_service inet:127.0.0.1:60000 <- the postgrey filter; automatically added by postgrey installation

# Defines who can send a message thru this server
smtpd_sender_restrictions = permit_mynetworks
                        1. mx_backup
                        2. unauth_pipelining
                        3. unknown_sender_domain
                        4. unverified_sender

smtpd_client_restrictions = permit_mynetworks
                      1. mx_backup
                      2. unauth_pipelining


smptd_delay_reject = yes
smptd_helo_required = yes
smtpd_helo_restrictions = check_helo_access hash:/etc/postfix/helo_access
                      1. invalid_hostname

[/code]
#End of the main.cf file.

#Most of the above settings are to make it harder for spam to get in. They are well documented on the internet, so I wont comment on them here. Only the helo thing: helo is sent by all servers; spammers sometimmes also spoof this. If you see a pattern in your /var/log/mail.info in the helo of a spammer, just fill out that helo in "/etc/postfix/helo_access", run "postmap /etc/postfix/helo_access" and your settings will be activated. Below is an example of a "helo_access" file:

[code]
G4SERVER REJECT
hosting4u?.co.kr REJECT
kkqg REJECT
friend REJECT
localhost REJECT
localhost.localdomain REJECT
sina.com REJECT

[/code]

After changing your settings in main.cf, you need to restart postfix: "postfix reload"

If you are having issues, the first thing to do is to look in "/var/log/mail.info" , "/var/log/mail.warn" , "/var/log/mail.err". These files usually tell you what´s wrong with your current setup.

When a setting you just changed, looks unchanged in postfix, look in "/var/spool/postfix/etc" In this folder postfix keeps its config, as it is a chrooted service. Update settings here if needed.

Letzte Revision :
Letzter Editor :
Eigentümer :
 
Deutsch | English
Logos and trademarks are the property of their respective owners, comments are property of their posters, the rest is © 2004 - 2006 by Jörg Schirottke (Kano).
Consult Impressum and Legal Terms for details. Kanotix is Free Software released under the GNU/GPL license.
This CMS is powered by PostNuke, all themes used at this site are released under the GNU/GPL license. designed and hosted by w3you. Our web server is running on Kanotix64-2006.