Du coup voici le tutoriel
[code]
INSTALLATION SERVEUR DE MAIL
I will show you how to set up a simple linux mail server with Postfix and Dovecot servers with PostfixAdmin and Roundcube for web administration and webmail…
Domains and users will be stored in mysql database. If you don’t already have working mysql server, install it first.
apt-get install mysql-server
This procedure should work with any web server that can run PHP scripts. I will use NGINX with PHP-FPM (details for installation can be found here).
Install needed packages:
apt-get install php5-mysql php5-imap postfix-mysql dovecot-imapd dovecot-pop3d libsasl2-modules sasl2-bin
You’ll be asked some questions during installation. For server configuration type select ‘Internet site’, enter domain name and continue with installation.
PostfixAdmin
Download latest PostfixAdmin archive from http://sourceforge.net/projects/postfixadmin/files/ and extract it into www dir
wget http://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin_2.3.tar.gz?use_mirror=ignum
tar xzvf postfixadmin_2.3.tar.gz -C /var/www/
mv /var/www/postfixadmin-2.3/ /var/www/postfixadmin/
Log-in into mysql, create database and grant user access:
create database postfix_mail;
GRANT ALL PRIVILEGES ON postfix_mail.* TO ‘postfix_admin’@’%’ IDENTIFIED BY ‘mypasswd’;
GRANT SELECT ON postfix_mail.* TO ‘postfix’@’%’ IDENTIFIED BY ‘mypasswd’;
Now we need to configure PostfixAdmin… I’ll use sed to find&replace all occurrences of ‘change-this-to-your.domain.tld’ to ‘example_domain.tld’.
sed -i ‘s/change-this-to-your.domain.tld/example_domain.tld/g’ /var/www/postfixadmin/config.inc.php
vi /var/www/postfixadmin/config.inc.php
Update this lines to reflect your configuration:
$CONF[‘configured’] = true;
$CONF[‘encrypt’] = ‘md5crypt’;
$CONF[‘database_type’] = ‘mysqli’;
$CONF[‘database_host’] = ‘mysql_host’;
$CONF[‘database_user’] = ‘postfix_admin’;
$CONF[‘database_password’] = ‘my_passwd’;
$CONF[‘database_name’] = ‘postfix_mail’;
$CONF[‘fetchmail’] = ‘NO’;
$CONF[‘domain_path’] = ‘YES’;
$CONF[‘domain_in_mailbox’] = ‘NO’;
Open url http://host_address/postfixadmin/setup.php and if everything is OK, database structure will be created and you’ll be asked for your setup password… enter something and click ‘Generate password hash’, then copy this hash to config.inc.php, e.g.:
$CONF[‘setup_password’] = ‘7e350bf1721579341d662bc3cea01d80:3c5d73ab1894e388e1466bd0df6c3aa2d1cc117e’;
Now enter superadmin account details on setup page and click ‘Add Admin’.
PostfixAdmin installation is complete, you should be able to log-in with your new superadmin account.
Now we need to configure postfix to read PostfixAdmin virtual tables.
Postfix
Create user & group for virtual mail:
groupadd -g 3000 vmail
useradd -d /home/vmail -m -u 3000 -g 3000 vmail
Append this to /etc/postfix/main.cf:
virtual_uid_maps = static:3000
virtual_gid_maps = static:3000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_mailbox_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
#relay non-local mail through relay_host_address
#relayhost = relay_host_address
Create files with content:
/etc/postfix/mysql_virtual_mailbox_domains.cf
hosts = 127.0.0.1
user = postfix
password = my_passwd
dbname = postfix_mail
query = SELECT domain FROM domain WHERE domain=’%s’ and backupmx = 0 and active = 1
/etc/postfix/mysql_virtual_mailbox_maps.cf
hosts = 127.0.0.1
user = postfix
password = my_passwd
dbname = postfix_mail
query = SELECT maildir FROM mailbox WHERE username=’%s’ AND active = 1
/etc/postfix/mysql_virtual_alias_maps.cf
hosts = 127.0.0.1
user = postfix
password = my_passwd
dbname = postfix_mail
query = SELECT goto FROM alias WHERE address=’%s’ AND active = 1
/etc/postfix/mysql_relay_domains.cf
hosts = 127.0.0.1
user = postfix
password = my_passwd
dbname = postfix_mail
query = SELECT domain FROM domain WHERE domain=’%s’ and backupmx = 1
/etc/postfix/sasl/smtpd.conf:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
auxprop_plugin: rimap
Update /etc/default/saslauthd with:
START=yes
MECHANISMS=“rimap”
#imap server address
MECH_OPTIONS=“localhost"
OPTIONS=”-c -m /var/spool/postfix/var/run/saslauthd -r"
Add postfix user to sasl group:
adduser postfix sasl
Dovecot
Create file /etc/dovecot/dovecot-mysql.conf:
driver = mysql
connect = host=127.0.0.1 dbname=postfix_mail user=postfix password=my_passwd
default_pass_scheme = MD5-CRYPT
user_query = SELECT ‘/home/vmail/%d/%n’ as home, 3000 AS uid, 3000 AS gid FROM mailbox WHERE username = '%u’
password_query = SELECT password FROM mailbox WHERE username = '%u’
Edit /etc/dovecot/dovecot.conf
disable_plaintext_auth = no
mail_location = maildir:/home/vmail/%d/%n:INDEX=/home/vmail/%d/%n/indexes
auth default {
userdb sql {
args = /etc/dovecot/dovecot-mysql.conf
}
passdb sql {
args = /etc/dovecot/dovecot-mysql.conf
}
}
Restart services:
/etc/init.d/dovecot restart
/etc/init.d/saslauthd restart
/etc/init.d/postfix restart
Now we have functional mail server… if something don’t work, check log files /var/log/mail.log, /var/log/auth.log and /var/log/syslog
Roundcube
Append this to /etc/apt/sources.list
deb http://www.backports.org/debian lenny-backports main
Run
gpg --keyserver wwwkeys.eu.pgp.net --recv-keys EA8E8B2116BA136C
gpg --export EA8E8B2116BA136C | apt-key add -
apt-get update
apt-get -t lenny-backports install roundcube
On question to configure database with dbconfig-common, answer yes. For database type, I will use ‘sqlite’.
Edit /etc/roundcube/main.inc.php
$rcmail_config[‘language’] = ‘’;
$rcmail_config[‘default_host’] = ‘localhost’;
Go to url http://host_address/roundcube/ and enter your login details…
If you use NGINX web server, you may need to create symlink to www dir manually (or create virtual host).
ln -s /usr/share/roundcube/ /var/www/roundcube
Amavis-new + Spamassassin + Clamav.
Amavis-new is a made of several pieces of software that will do virus scanning and spam detection of your email. These programs integrate easily into postfix and certainly I have found them very valuable ove the years in help the fight against spam and viruses.
To begin, install the following packages:
sudo apt-get install amavisd-new spamassassin clamav-daemon
Install the optional packages for better spam detection (who does not want better spam detection?):
sudo apt-get install libnet-dns-perl libmail-spf-query-perl pyzor razor
Install some compress/uncompress utils. Install the following packages:
sudo apt-get install arj bzip2 cabextract cpio file gzip lha nomarch pax rar unrar unzip zoo zip zoo
Clamav
The default behaviour of Clamav will fit our needs. A daemon is launched (clamd) and signatures are fetched every day. For more Clamav configuration options, check the configuration files in /etc/clamav.
Add clamav user to the amavis group and vice versa in order for Clamav to have access to scan files:
sudo adduser clamav amavis
sudo adduser amavis clamav
Spamassassin
Spamasssassin autodetects optional components and will use them if they are present. This means that there is no need to configure dcc-client, pyzor and razor.
Edit /etc/default/spamassassin to activate the Spamassassin daemon change ENABLED=0 to:
ENABLED=1
Now start Spamassassin:
sudo /etc/init.d/spamassassin start
Amavis
First, activate spam and antivirus detection in Amavis by editing /etc/amavis/conf.d/15-content_filter_mode:
use strict;
You can modify this file to re-enable SPAM checking through spamassassin
and to re-enable antivirus checking.
Default antivirus checking mode
Uncomment the two lines below to enable it
@bypass_virus_checks_maps = (
%bypass_virus_checks, @bypass_virus_checks_acl, $bypass_virus_checks_re);
Default SPAM checking mode
Uncomment the two lines below to enable it
@bypass_spam_checks_maps = (
%bypass_spam_checks, @bypass_spam_checks_acl, $bypass_spam_checks_re);
1; # insure a defined return
Bouncing spam can be a bad idea as the return address is often faked, so it may have your server put on a blacklist. Consider editing /etc/amavis/conf.d/20-debian_defaults to set $final_spam_destiny to D_DISCARD rather than D_BOUNCE, as follows:
$final_spam_destiny = D_DISCARD;
After configuration Amavis needs to be restarted:
sudo /etc/init.d/amavis restart
Postfix integration
For postfix integration, you need to add the content_filter configuration variable to the Postfix configuration file /etc/postfix/main.cf. This instructs postfix to pass messages to amavis at a given IP address and port:
content_filter = smtp-amavis:[127.0.0.1]:10024
The following postconf command, run as root because of the preceding sudo command, adds the content_filter specification line above to main.cf:
Next edit /etc/postfix/master.cf and add the following to the end of the file:
smtp-amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
Also add the following two lines immediately below the “pickup” transport service:
-o content_filter=
-o receive_override_options=no_header_body_checks
It should look like this:
pickup fifo n - - 60 1 pickup
-o content_filter=
-o receive_override_options=no_header_body_checks
This will prevent messages that are generated to report on spam from being classified as spam.
Reload postfix:
sudo /etc/init.d/postfix reload
Now content filtering with spam and virus detection is enabled.
Test
First, test that the amavis SMTP is listening:
telnet localhost 10024
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
220 [127.0.0.1] ESMTP amavisd-new service ready
^]
Check on your /var/log/mail.log that everything goes well. If you raise the log level, you can check every step of the content filtering: spam check, virus check, etc. Don’t forget to lower the log level after your checks!
On messages that go through the content filter you should see:
X-Spam-Level:
X-Virus-Scanned: Debian amavisd-new at example.com
X-Spam-Status: No, hits=-2.3 tagged_above=-1000.0 required=5.0 tests=AWL, BAYES_00
X-Spam-Level:
Troubleshooting
If the filtering is not happening, adding the following to /etc/amavis/conf.d/50-user may help:
@local_domains_acl = ( “.$mydomain” );
If you receive mail for other domains, add them to the list. This information was obtained from the Amavis-New FAQ here.
If you see the following error in /var/log/syslog when amavisd is trying to scan a message:
amavis[30807]: (30807-01) (!!) ask_av (ClamAV-clamd) FAILED - unexpected result: /var/lib/amavis/tmp/amavis-20070615T125025-30807/parts: lstat() failed. ERROR\n
Try changing the permissions on /var/lib/amavis/tmp:
chmod -R 775 /var/lib/amavis/tmp[/code]
