postfix 7

postfix-2.10.1-6.el7.x86_64.rpm

--------@-- -----------

[root@mail ~]# useradd -m u1 -s /sbin/nologin

[root@mail ~]# passwd u1

useradd -m -p VCX97jg6iZebc -s /sbin/nologin accesstel

useradd -m -p 4w5yRzfvfQFAI -s /sbin/nologin u1

useradd -m -p 4w5yRzfvfQFAI -s /sbin/nologin u2

useradd -m -p 4w5yRzfvfQFAI -s /sbin/nologin virusalert

useradd -m -p 4w5yRzfvfQFAI -s /sbin/nologin virusmails

useradd -m -p 4w5yRzfvfQFAI -s /sbin/nologin spamalert

useradd -m -p 4w5yRzfvfQFAI -s /sbin/nologin spam.police

useradd -m -p 4w5yRzfvfQFAI -s /sbin/nologin sys_admin

useradd -m -p 4w5yRzfvfQFAI -s /sbin/nologin inmail

useradd -m -p 4w5yRzfvfQFAI -s /sbin/nologin outmail

useradd -m -p 4w5yRzfvfQFAI -s /sbin/nologin junkmail

cd /etc/postfix

cp /etc/aliases /etc/postfix/aliases

touch body_checks

touch recipient_bcc

touch sender_bcc

touch block_attachments

cp main.cf main.cf.ORG

cp master.cf master.cf.ORG

cp aliases aliases.ORG

Block # LINE main.cf

116 #inet_interfaces = localhost

119 # inet_protocols = all

inet_protocols = ipv4

164 #mydestination = $myhostname, localhost.$mydomain, localhost

386 #alias_maps = hash:/etc/aliases

397 #alias_database = hash:/etc/aliases

inet_protocols = ipv4

[root@mail ~]# vi /etc/postfix/main.cf [SASL]

myhostname = mail.worldcm.net

mydomain = worldcm.net

myorigin = $mydomain

inet_interfaces = all

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

# mydestination = $myhostname, localhost.$mydomain, $mydomain,mail.$mydomain, www.$mydomain

mynetworks = 127.0.0.0/8, 10.0.0.0/24, [::1]/128

home_mailbox = Maildir/

smtpd_banner = $myhostname ESMTP

message_size_limit = 10485760

mailbox_size_limit = 1073741824

# for SMTP-Auth

smtpd_sasl_type = dovecot

smtpd_sasl_path = private/auth

smtpd_sasl_auth_enable = yes

smtpd_sasl_security_options = noanonymous

smtpd_sasl_local_domain = $myhostname

smtpd_recipient_restrictions = permit_mynetworks,permit_auth_destination,permit_sasl_authenticated,reject

[root@mail ~]# systemctl restart postfix

[root@mail ~]# systemctl enable postfix

SASLAUTHD-----SASL

[root@mail ~]# systemctl start saslauthd

[root@mail ~]# systemctl enable saslauthd

Created symlink from /etc/systemd/system/multi-user.target.wants/saslauthd.service to /usr/lib/systemd/system/saslauthd.service.

[root@mail ~]# systemctl restart saslauthd

--------------**********************************************

strict_rfc821_envelopes = yes

relay_domains_reject_code = 554

unknown_address_reject_code = 554

unknown_client_reject_code = 554

unknown_hostname_reject_code = 554

unknown_local_recipient_reject_code = 554

unknown_relay_recipient_reject_code = 554

unverified_recipient_reject_code = 554

smtpd_recipient_restrictions =

reject_invalid_hostname,

reject_unknown_recipient_domain,

reject_unauth_pipelining,

permit_mynetworks,

permit_sasl_authenticated,

reject_unauth_destination,

reject_rbl_client dsn.rfc-ignorant.org,

reject_rbl_client dul.dnsbl.sorbs.net,

reject_rbl_client list.dsbl.org,

reject_rbl_client sbl-xbl.spamhaus.org,

reject_rbl_client bl.spamcop.net,

reject_rbl_client dnsbl.sorbs.net,

permit

---------------------------------------------------------------------------------------------------------

Details Configuration

# vi /etc/postfix/main.cf --------------Self certificate----SSL

#

readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES

alias_database = hash:/etc/postfix/aliases

alias_maps = hash:/etc/postfix/aliases

transport_maps = hash:/etc/postfix/transport

virtual_maps = hash:/etc/postfix/virtual

virtual_alias_maps = hash:/etc/postfix/virtual

#virtual_alias_domains = hash:/etc/postfix/virtual

#body_checks = regexp:/etc/postfix/body_checks

header_checks = regexp:/etc/postfix/header_checks

#header_checks = pcre:/etc/postfix/whitelist.pcre

#sender_bcc_maps = hash:/etc/postfix/sender_bcc

#recipient_bcc_maps = hash:/etc/postfix/recipient_bcc

myhostname = mail.worldcm.net

mydomain = worldcm.net

myorigin = $mydomain

mydestination = $myhostname, localhost.$mydomain, $mydomain, mail.worldcm.net, worldcm.net, 192.168.80.82/32

mynetworks = 127.0.0.0/8, [::1]/128

inet_interfaces = all

home_mailbox = Maildir/

message_size_limit = 40000000

mailbox_size_limit = 7224000000

enable_original_recipient = no #[duplicate e-mails]

# masquerade_domains = worldcm.net

smtpd_banner = $myhostname ESMTP

#always_bcc = bkupmail

smtp_send_xforward_command = yes:wq

bounce_queue_lifetime = 1d

smtpd_helo_required = yes

disable_vrfy_command = yes

allow_mail_to_files = alias,forward,include

local_recipient_maps = unix:passwd.byname $alias_maps

# SASL

smtpd_sasl_type = dovecot

broken_sasl_auth_clients = yes

smtpd_sasl_path = private/auth

smtpd_sasl_auth_enable = yes

smtpd_sasl_security_options = noanonymous

# SSL/TLS

smtpd_tls_security_level = may

smtpd_tls_auth_only = yes

smtpd_tls_key_file = /etc/postfix/ssl/postfix.key

smtpd_tls_cert_file = /etc/postfix/ssl/postfix.crt

smtpd_tls_loglevel = 0

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

tls_random_source = dev:/dev/urandom

smtpd_recipient_restrictions = permit_mynetworks,permit_auth_destination,permit_sasl_authenticated,reject

---------------------------------------------------------------------------------------------------------------

# vi /etc/postfix/main.cf -----Server World---------

-----

alias_database = hash:/etc/postfix/aliases

alias_maps = hash:/etc/postfix/aliases

transport_maps = hash:/etc/postfix/transport

virtual_maps = hash:/etc/postfix/virtual

virtual_alias_maps = hash:/etc/postfix/virtual

virtual_alias_domains = hash:/etc/postfix/virtual

body_checks = regexp:/etc/postfix/body_checks

header_checks = regexp:/etc/postfix/header_checks

mime_header_checks = regexp:/etc/postfix/block_attachments

sender_bcc_maps = hash:/etc/postfix/sender_bcc

recipient_bcc_maps = hash:/etc/postfix/recipient_bcc

#header_checks = pcre:/etc/postfix/whitelist.pcre

myhostname = mail.worldcm.net

mydomain = worldcm.net

myorigin = $mydomain

mydestination = $myhostname, localhost.$mydomain, $mydomain, mail.worldcm.net, worldcm.net, 192.168.80.82/32

#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

mynetworks = 127.0.0.0/8, 192.168.80.0/23, [::1]/128

inet_interfaces = all

home_mailbox = Maildir/

message_size_limit = 40000000

mailbox_size_limit = 7224000000

#masquerade_domains = worldcm.net

smtpd_banner = $myhostname ESMTP

#always_bcc = bkupmail

#smtp_send_xforward_command = yes:wq

bounce_queue_lifetime = 1d

smtpd_helo_required = yes

disable_vrfy_command = yes

#### Faruq

smtpd_delay_reject = yes

allow_mail_to_files = alias,forward,include

local_recipient_maps = unix:passwd.byname $alias_maps

#content_filter = smtp-amavis:127.0.0.1:10024

#receive_override_options = no_address_mappings

enable_original_recipient = no #[duplicate e-mails]

##SASL

smtpd_sasl_auth_enable = yes

smtpd_sasl_type = dovecot

smtpd_sasl_path = private/auth

smtpd_sasl_security_options = noanonymous

broken_sasl_auth_clients = yes

smtpd_sasl_authenticated_header = yes

##SSL

smtpd_use_tls = yes

smtpd_tls_cert_file = /etc/pki/tls/certs/server.crt

smtpd_tls_key_file = /etc/pki/tls/certs/server.key

smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache

#SMTPD CLIENT RESTRICTIONS

smtpd_client_restrictions =

permit_mynetworks,

# permit_sasl_authenticated,

check_client_access,

hash:/etc/postfix/access,

reject_unauth_pipelining,

permit_inet_interfaces

#SMTPD ETRN RESTRICTIONS

smtpd_etrn_restrictions =

permit_mynetworks,

permit_sasl_authenticated,

reject

# SMTPD SENDER RESTRICTIONS

smtpd_sender_restrictions =

permit_mynetworks,

permit_sasl_authenticated,

check_sender_access hash:/etc/postfix/access,

reject_non_fqdn_sender,

reject_unknown_sender_domain,

reject_unauthenticated_sender_login_mismatch,

reject_sender_login_mismatch,

reject_unlisted_sender,

reject_unauth_pipelining,

reject_non_fqdn_hostname,

reject_unauth_destination

######Faruq

#smtpd_helo_restrictions = permit_mynetworks,

# permit_sasl_authenticated,

# reject_non_fqdn_hostname,

# reject_invalid_hostname,

# regexp: /etc/postfix/helo.regexp,

# permit

##### SMTPD RECIPIENT RESTRICTIONS ,

smtpd_recipient_restrictions =

permit_mynetworks,

permit_sasl_authenticated,

reject_unauth_destination,

reject_invalid_hostname,

check_recipient_access hash:/etc/postfix/access,

check_client_access hash:/etc/postfix/access,

check_sender_access hash:/etc/postfix/access,

reject_unauth_pipelining,

reject_non_fqdn_sender,

reject_unknown_recipient_domain,

reject_non_fqdn_recipient,

# reject_non_fqdn_hostname,

reject_unknown_sender_domain,

reject_unlisted_recipient,

reject_multi_recipient_bounce,

reject_rbl_client dnsbl.inps.de,

reject_rhsbl_client rhsbl.sorbs.net,

reject_rbl_client dnsbl.sorbs.net,

reject_rbl_client cbl.abuseat.org,

reject_rhsbl_client in.dnsbl.org,

reject_rhsbl_client ex.dnsbl.org,

reject_rbl_client bl.spamcop.net,

reject_rbl_client zen.spamhaus.org,

reject_rbl_client sbl-xbl.spamhaus.org,

reject_rbl_client b.barracudacentral.org,

reject_rbl_client dsn.rfc-ignorant.org,

reject_rbl_client dnsbl-1.uceprotect.net,

reject_rbl_client dnsbl-3.uceprotect.net

[root@mail ~]# systemctl restart postfix

[root@mail ~]# systemctl enable postfix

# touch /etc/postfix/helo.regexp

Create /etc/postfix/helo.regexp and set contents to:

/^subdomain\.host\.com$/ 550 Don't use my own hostname /^xxx\.yyy\.zzz\.xxx$/ 550 Don't use my own IP address /^\[xxx\.yyy\.zzz\.xxx\]$/ 550 Don't use my own IP address /^[0-9.]+$/ 550 Your software is not RFC 2821 compliant /^[0-9]+(\.[0-9]+){3}$/ 550 Your software is not RFC 2821 compliant

----------------------------------------------------------

# vi /etc/postfix/header_checks

/^Subject:/ WARN

/^User-Agent:/ IGNORE

/^From:.*<#.*@.*>/ REJECT

/^Return-Path:.*<#.*@.*>/ REJECT

/^Received: from 127.0.0.1/ IGNORE

SASL

# vi master.cf

#tlsproxy unix - - n - 0 tlsproxy

submission inet n - n - - smtpd

-o syslog_name=postfix/submission

# -o smtpd_tls_security_level=encrypt

-o smtpd_sasl_auth_enable=yes

-o smtpd_reject_unlisted_recipient=no

# -o smtpd_client_restrictions=$mua_client_restrictions

# -o smtpd_helo_restrictions=$mua_helo_restrictions

# -o smtpd_sender_restrictions=$mua_sender_restrictions

-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject

# -o milter_macro_daemon_name=ORIGINATING

smtps inet n - n - - smtpd

-o syslog_name=postfix/smtps

# -o smtpd_tls_wrappermode=yes

-o smtpd_sasl_auth_enable=yes

-o smtpd_reject_unlisted_recipient=no

# -o smtpd_client_restrictions=$mua_client_restrictions

# -o smtpd_helo_restrictions=$mua_helo_restrictions

# -o smtpd_sender_restrictions=$mua_sender_restrictions

-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject

# -o milter_macro_daemon_name=ORIGINATING

________________________________________________________________________

Upload file size in webmail:

# vi /etc/php.ini

memory_limit = 512M; upload_max_filesize = 30M; post_max_size = 70M;

date.timezone = Asia/Dhaka

LOGO Change

cd /usr/share/squirrelmail/images

/usr/share/squirrelmail/config/conf.pl

Squirrelmail Index configure

#vi /etc/squirrelmail/config.php

$org_logo_width = '150';

$org_logo_height = '100';

------