PostfixAdmin
-- Postfix admin RPM----
Download
Download
Type
Binary Package
Source Package
# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
254.20.140.254 mail.worldcm.tk mail
# vi /etc/selinux/configSELINUX=disabled
systemctl stop firewalld.servicesystemctl disable firewalld.servicesystemctl disable iptables.servicesystemctl stop iptables.servicesystemctl stop ip6tables.servicesystemctl disable ip6tables.servicesystemctl status firewalld.service
# yum -y install epel-release # yum -y install httpd*systemctl enable httpdsystemctl start httpd
---------- webbmin----------
wget http://www.webmin.com/jcameron-key.ascrpm --import jcameron-key.ascyum -y install perl perl-Net-SSLeay openssl perl-IO-Tty perl-Encode-Detect # vi /etc/yum.repos.d/webmin.repo [Webmin]name=Webmin Distribution Neutral#baseurl=http://download.webmin.com/download/yummirrorlist=http://download.webmin.com/download/yum/mirrorlistenabled=1 -------------------------------------------rpm -ivh webbmin
# systemctl enable webmin # systemctl start webmin # yum -y install yum-updatesd yum-utils nmap netstat lsof net-tools quota* xfsprogs xfsdump xfsprogs-devel xfsprogs-qa-devel htop iptraf-ng iftop mutt vim* mlocate httpd* NetworkManager-tui gcc yum-priorities openssl cyrus* ntsysv finger curl lsof bash-completion git wget unzip bash-completion setuptools cronie grep NetworkManager
-------MAriaDB--------------
# yum remove mysql mysql-server
# cd /etc/yum.repos.dcurl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
yum -y install mariadb mariadb-server
systemctl enable mariadb.servicesystemctl start mariadb.servicesystemctl status mariadb.servicesystemctl restart mariadb.service
# mysql -V
# mariadb-secure-installation# mysql -u root -p
systemctl restart mariadb.service
------------PHP----------------
# rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm # yum --enablerepo=remi-php71 install php -y# php -v yum --enablerepo=remi-php71 install php-xml php-soap php-xmlrpc php-mbstring php-json php-gd php-mcrypt php-pear php-ldap -y
yum --enablerepo=remi-php71 install php php-mysql php-imap php-common php-pear php-mbstring php-pear-DB php-mcrypt -y
yum --enablerepo=remi-php71 install php-mysql php-imap php-xml php-soap php-xmlrpc php-mbstring php-json php-gd php-mcrypt php-pear php-pear-DB php-ldap php-imagick php-pspell php-curl -y
[root@www ~]# vi /etc/php.ini
memory_limit = 512M; upload_max_filesize = 50M; post_max_size = 80M; date.timezone = "Asia/Dhaka" max_execution_time = 600 max_input_vars = 3000 max_input_time = 1000
# systemctl restart httpd
----------PostfixAdmin---------
useradd -r -u 150 -g mail -d /home/vmail -s /sbin/nologin -c "Virtual Mail User" vmail mkdir -p /home/vmail chmod -R 770 /home/vmail chown -R vmail:mail /home/vmail
*****create a database for our postfixadminHQ instance.
# mysql -u root -p
MariaDB [(none)]> CREATE DATABASE postfixadmin; MariaDB [(none)]> GRANT ALL PRIVILEGES ON postfixadmin.* TO 'postfixadmin'@'localhost' IDENTIFIED BY 'strong_password'; MariaDB [(none)]> FLUSH PRIVILEGES; MariaDB [(none)]> \q
# cd /var/www/html
wget -q -O - "https://github.com/postfixadmin/postfixadmin/archive/postfixadmin-3.2.3.tar.gz" | tar -xzf - -C /var/www/html
wget https://webwerks.dl.sourceforge.net/project/postfixadmin/postfixadmin-3.3.8/PostfixAdmin%203.3.8.tar.gz # tar -xzvf postfixadmin-3.3.8.tar.gz# mv postfixadmin-3.2 postfixadmin # mv config.inc.php config.local.php# vi /var/www/html/postfixadmin/config.inc.php
$CONF['configured'] = true; # line 25: change$CONF['setup_password'] = 'xxxxxxxxxx'; # line 30: $CONF['database_type'] = 'mysqli';$CONF['database_host'] = 'localhost';$CONF['database_user'] = 'postfixadmin';$CONF['database_password'] = 'strong_password';$CONF['database_name'] = 'postfixadmin';$CONF['domain_path'] = 'NO';$CONF['domain_in_mailbox'] = 'YES';$CONF['page_size'] = '100';
$CONF['aliases'] = '0';$CONF['mailboxes'] = '0';
229 '/.{8}/' => 'password_too_short 8', # minimum length 8 characters230 '/([a-zA-Z].*){3}/' => 'password_no_characters 3', # must contain at least 3 characters231 '/([0-9].*){2}/' => 'password_no_digits 2', # must contain at least 2 digits
240 $CONF['generate_password'] = 'YES';245 $CONF['show_password'] = 'YES';250 $CONF['page_size'] = '200';
----------------------
$CONF['default_aliases'] = array ( 'abuse' => 'abuse@example.com', 'hostmaster' => 'hostmaster@example.com', 'postmaster' => 'postmaster@example.com', 'webmaster' => 'webmaster@example.com'); $CONF['fetchmail'] = 'NO';$CONF['show_footer_text'] = 'NO'; $CONF['quota'] = 'YES';$CONF['domain_quota'] = 'YES';$CONF['quota_multiplier'] = '1024000';$CONF['used_quotas'] = 'YES';$CONF['new_quota_table'] = 'YES'; $CONF['aliases'] = '0';$CONF['mailboxes'] = '0';$CONF['maxquota'] = '0';$CONF['domain_quota_default'] = '0'; -------------------------------------------------
# chown -R apache: /var/www/html/postfixadmin # vi /etc/httpd/conf.d/postfixadmin.conf----------------Alias /postfixadmin /var/www/html/postfixadmin/publicAlias /mailadmin /var/www/html/postfixadmin/public
<Directory /var/www/html/postfixadmin/public/> Order Deny,Allow Deny from all # IP address you permit to access Allow from all</Directory>--------------------------
mkdir -p /var/www/html/postfixadmin/templates_c chmod 777 /var/www/html/postfixadmin/templates_c cd /var/www/html/ chown -R root.apache postfixadmin
# chgrp -R apache /var/www/html/postfixadmin/templates_c # systemctl restart httpd
Create a super admin account for PostfixAdmin-with the following command:
Admin: > admin@domain.com
Password: > Strong@Pass
Password (again): > Strong@Pass
Super admin:(Super admins have access to all domains, can manage domains and admin accounts.) (y/n) > y
Domain: > domain.com
Active: (y/n) > y
# bash /var/www/html/postfixadmin/scripts/postfixadmin-cli admin add admin@worldcm.tk --password dhakaXXX --password2 dhakaXXX --superadmin 1 --active 1 OR
http://Your_IP_Address/postfixadmin/setup.php # vi /var/www/html/postfixadmin/config.inc.php
$CONF['setup_password'] = 'de177e35654bde7195edb0a8d907279e:5304910a9d847e525824101bfe3c799bef0f0aa8'; http://Your_IP_Address/postfixadmin
cp 10-auth.conf 10-auth.conf.ORG cp 10-mail.conf 10-mail.conf.ORG cp 10-master.conf 10-master.conf.ORG cp 10-ssl.conf 10-ssl.conf.ORG cp 15-lda.conf 15-lda.conf.ORG cp 20-lmtp.conf 20-lmtp.conf.ORG cp 20-managesieve.conf 20-managesieve.conf.ORG cp 90-sieve.conf 90-sieve.conf.ORG cp 90-acl.conf 90-acl.conf.ORG # chown -R vmail:dovecot /etc/dovecot # chmod -R o-rwx /etc/dovecot
systemctl enable dovecot systemctl restart dovecot --------------RoundCube----------
yum --enablerepo=remi-php71 install php-ldap php-imagick php-common php-gd php-imap php-json php-curl php-zip php-xml php-mbstring php-bz2 php-intl php-gmp -y yum --enablerepo=remi-php71 install php-mysql php-xml pcre php-common php-mbstring php-pear curl unzip -y ->Rainloop
yum --enablerepo=remi-php71 install php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-mssql php-snmp php-soap php-tidy curl curl-devel # mysql -u root -p
> create database roundcube;> grant all privileges on roundcube.* to roundcube@'localhost' identified by 'password';> flush privileges;> exit
https://roundcube.net/download/
# cd /var/www/html/# BESTwget https://github.com/roundcube/roundcubemail/releases/download/1.3.10/roundcubemail-1.3.10-complete.tar.gz # Latest Stablehttps://github.com/roundcube/roundcubemail/releases/download/1.4.11/roundcubemail-1.4.11-complete.tar.gz
# tar -zxpvf roundcubemail-1.4.11-complete.tar.gz -C /var/www/html/
# mv roundcubemail-1.4.11 /var/www/html/roundcube# mv roundcubemail-1.4.11 roundcube# chown apache:apache roundcubechown apache:apache -R /var/www/html/roundcubechown apache:apache -R /var/www/html/roundcubechmod -R 775 /var/www/html/roundcube/temp/ /var/www/html/roundcube/logs/
cp -p /var/www/html/roundcube/config/defaults.inc.php /var/www/html/roundcube/config/config.inc.phpORcp -p /var/www/html/roundcube/config/config.inc.php.sample /var/www/html/roundcube/config/config.inc.ph
# cd /var/www/html/roundcube/SQL# mysql -u roundcube -D roundcube -p < mysql.initial.sql
systemctl restart httpdsystemctl enable httpd
# vi /etc/httpd/conf.d/roundcube.conf Alias /roundcube /var/www/html/roundcubeAlias /webmail /var/www/html/roundcube
# Define who can access the Webmail# You can enlarge permissions once configured
<Directory /var/www/html/roundcube/> <IfModule mod_authz_core.c> # Apache 2.4 #Require local Require all granted </IfModule> <IfModule !mod_authz_core.c> # Apache 2.2 Order Deny,Allow Deny from all Allow from 127.0.0.1 Allow from ::1 </IfModule></Directory>
# Define who can access the installer# keep this secured once configured
<Directory /var/www/html/roundcube/installer/> <IfModule mod_authz_core.c> # Apache 2.4 #Require local Require all granted </IfModule> <IfModule !mod_authz_core.c> # Apache 2.2 Order Deny,Allow Deny from all Allow from 127.0.0.1 Allow from ::1 </IfModule></Directory>
# Those directories should not be viewed by Web clients.<Directory /var/www/html/roundcube/bin/> Order Allow,Deny Deny from all</Directory><Directory /var/www/html/roundcube/plugins/enigma/home/> Order Allow,Deny Deny from all</Directory> ---------------- http://192.168.80.1/roundcube/installer
# systemctl restart httpd
http://192.168.80.1/webmail # vi /var/www/html/roundcube/config/config.inc.php
$config['enable_installer'] = false;
[root@mail ~]# cd /var/www/html/roundcube/plugins/password# cp config.inc.php.dist config.inc.php# vi config.inc.php
$config['password_db_dsn'] = 'mysql://postfixadmin:MYSQLpassword@localhost/postfixadmin';$config['password_query'] = 'UPDATE mailbox SET password = %c, modified=now() WHERE username = %u LIMIT 1';
# systemctl restart httpd # cd /var/www/html/roundcube/plugins/managesieve# cp config.inc.php.dist config.inc.php# vi config.inc.php $config['managesieve_port'] = 4190; $config['managesieve_host'] = 'localhost'; $config['managesieve_vacation'] = 1; --------Postfix----------------
# yum -y install postfix*
# mkdir -p /etc/postfix/sql/
vi /etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf user = postfixadminpassword = StorngPasshosts = localhostdbname = postfixadminquery = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
vi /etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf user = postfixadminpassword = StorngPasshosts = localhostdbname = postfixadminquery = SELECT maildir FROM mailbox,alias_domain WHERE alias_domain.alias_domain = '%d' and mailbox.username = CONCAT('%u', '@', alias_domain.target_domain) AND mailbox.active = 1 AND alias_domain.active='1'
vi /etc/postfix/sql/mysql_virtual_alias_domain_maps.cf user = postfixadminpassword = StorngPasshosts = localhostdbname = postfixadminquery = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('%u', '@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
vi /etc/postfix/sql/mysql_virtual_alias_maps.cf user = postfixadminpassword = StorngPasshosts = localhostdbname = postfixadminquery = SELECT goto FROM alias WHERE address='%s' AND active = '1'#expansion_limit = 100
vi /etc/postfix/sql/mysql_virtual_domains_maps.cf user = postfixadminpassword = StorngPasshosts = localhostdbname = postfixadminquery = SELECT domain FROM domain WHERE domain='%s' AND active = '1'#query = SELECT domain FROM domain WHERE domain='%s'#optional query to use when relaying for backup MX#query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '0' AND active = '1'#expansion_limit = 100
vi /etc/postfix/sql/mysql_virtual_mailbox_maps.cf user = postfixadminpassword = StorngPasshosts = localhostdbname = postfixadminquery = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'#expansion_limit = 100user = postfixadmin
----------X-----------
# cd /etc/postfix
postconf -e "myhostname = $(hostname -f)"postconf -e "mydestination = localhost"postconf -e "mynetworks = 127.0.0.0/8"postconf -e "inet_protocols = ipv4"postconf -e "inet_interfaces = all"
# vi /etc/postfix/main.cf myhostname = mail.worldcm.tk
virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
# virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_limit_maps.cf
smtpd_use_tls = yessmtpd_tls_auth_only = yessmtpd_sasl_type = dovecotsmtpd_sasl_path = private/authsmtpd_sasl_auth_enable = yesmynetworks = 127.0.0.0/8, [::1]/128
virtual_transport = lmtp:unix:private/dovecot-lmtp
## Filtermailbox_transport = lmtp:unix:private/dovecot-lmtpsmtputf8_enable = no
smtpd_tls_cert_file = /etc/pki/tls/certs/server.crtsmtpd_tls_key_file = /etc/pki/tls/certs/server.keysmtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
bounce_queue_lifetime = 1dsmtpd_helo_required = yesdisable_vrfy_command = yes
#receive_override_options = no_address_mappings #enable_original_recipient = no
#SMTPD CLIENT RESTRICTIONSsmtpd_client_restrictions = permit_mynetworks,# permit_sasl_authenticated, check_client_access hash:/etc/postfix/access, reject_unauth_pipelining, permit_inet_interfaces
#SMTPD ETRN RESTRICTIONSsmtpd_etrn_restrictions = permit_mynetworks, permit_sasl_authenticated, reject
# SMTPD SENDER RESTRICTIONSsmtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, check_sender_access hash:/etc/postfix/access, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_sender_login_mismatch, reject_unlisted_sender, reject_unauth_pipelining, reject_non_fqdn_hostname, reject_unauth_destination
######Faruq
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_invalid_hostname, permit
##### SMTPD RECIPIENT RESTRICTIONS , smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, check_recipient_access hash:/etc/postfix/access, check_client_access hash:/etc/postfix/access, check_sender_access hash:/etc/postfix/access, reject_unauth_pipelining, reject_non_fqdn_sender, reject_unknown_recipient_domain, reject_non_fqdn_recipient, # reject_non_fqdn_hostname, reject_unknown_sender_domain, reject_unlisted_recipient, reject_multi_recipient_bounce
#message_size_limit = 0 #alias_database = hash:/etc/postfix/aliases #alias_maps = hash:/etc/postfix/aliases
body_checks = regexp:/etc/postfix/body_checks header_checks = regexp:/etc/postfix/header_checks mime_header_checks = regexp:/etc/postfix/block_attachments sender_bcc_maps = hash:/etc/postfix/sender_bcc recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
#always_bcc = allmail@worldcm.net
message_size_limit = 51200000mailbox_size_limit = 102400000
----------------------X-----------------------
header_checks = pcre:/etc/postfix/header_checksmime_header_checks = pcre:/etc/postfix/block_attachmentsbody_checks = pcre:/etc/postfix/body_checkssender_bcc_maps = hash:/etc/postfix/sender_bccrecipient_bcc_maps = hash:/etc/postfix/recipient_bcc
myhostname = mail.worldcm.net virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtpmailbox_transport = lmtp:unix:private/dovecot-lmtp
smtputf8_enable = no
#mynetworks = 127.0.0.0/8mynetworks = 127.0.0.0/8, [::ffff:127.0.0.0]/104, [::1]/128
message_size_limit = 51200000
smtpd_banner = $myhostname ESMTPbounce_queue_lifetime = 1dsmtpd_helo_required = yesdisable_vrfy_command = yes
#always_bcc = allmail@worldcm.net
#receive_override_options = no_address_mappingsenable_original_recipient = no
smtpd_use_tls = yessmtpd_tls_auth_only = yessmtpd_sasl_type = dovecotsmtpd_sasl_path = private/authsmtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /etc/pki/tls/certs/server.crtsmtpd_tls_key_file = /etc/pki/tls/certs/server.keysmtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
### Group Email Restriction, smtpd_restriction_classes = insiders_only, local_onlyinsiders_only = check_sender_access hash:/etc/postfix/allowed-users, rejectlocal_only = check_recipient_access hash:/etc/postfix/local_domains, reject
###-----Group Email restricted###----SENDING OUT RESTRICTIONSsmtpd_restriction_classes = insiders_only, local_onlyinsiders_only = check_sender_access hash:/etc/postfix/allowed-users, rejectlocal_only = check_recipient_access hash:/etc/postfix/local_domains, reject
###SMTPD CLIENT RESTRICTIONSsmtpd_client_restrictions = permit_mynetworks, check_client_access hash:/etc/postfix/access, reject_unauth_pipelining, permit_inet_interfaces
###SMTPD ETRN RESTRICTIONSsmtpd_etrn_restrictions = permit_mynetworks, permit_sasl_authenticated, reject
######Faruqsmtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_invalid_hostname, permit
### SMTPD SENDER RESTRICTIONSsmtpd_sender_restrictions = check_sender_access hash:/etc/postfix/restricted_senders, permit_mynetworks, permit_sasl_authenticated, check_sender_access hash:/etc/postfix/access, reject_unauthenticated_sender_login_mismatch, reject_sender_login_mismatch, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unlisted_sender, reject_unauth_pipelining, reject_non_fqdn_hostname, reject_unauth_destination
##### SMTPD RECIPIENT RESTRICTIONS smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/restricted-mail-groups, check_sender_access hash:/etc/postfix/restricted_senders, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, check_recipient_access hash:/etc/postfix/access, check_client_access hash:/etc/postfix/access, check_sender_access hash:/etc/postfix/access, reject_unauth_pipelining, reject_non_fqdn_sender, reject_unknown_recipient_domain, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unlisted_recipient, reject_multi_recipient_bounce, reject_rbl_client list.dsbl.org, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client b.barracudacentral.org, reject_rbl_client dsn.rfc-ignorant.org, reject_rhsbl_client rhsbl.sorbs.net, reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org, reject_rhsbl_helo dbl.spamhaus.org, reject_rbl_client dnsbl-1.uceprotect.net, reject_rbl_client dnsbl-3.uceprotect.net
# vi /etc/postfix/header_checks/^Subject:/ WARN/^User-Agent:/ IGNORE/^From:.*<#.*@.*>/ REJECT/^Return-Path:.*<#.*@.*>/ REJECT/Payment status/ REDIRECT junk.mail@worldcm.net
# vi /etc/postfix/body_checks### allow pflogsumm reports through postfix (body_checks file) ###
/^ {6,11}[[:digit:]]{1,6}[ km]/ OK~^[[:alnum:]+/]{60,}$~ OK/^[A-Za-z0-9+\/=]{4,76}$/ OK
# cd /etc/postfixtouch body_checkstouch recipient_bcctouch sender_bcctouch block_attachmentstouch allowed-userstouch restricted-mail-groupstouch local_domainstouch restricted_senders
cp main.cf main.cf.ORGcp master.cf master.cf.ORGcp access access.ORG
-------Master.cf---------
------Rainloop------------------ # yum --enablerepo=remi-php71 install php-mysql php-xml pcre php-common php-mbstring php-pear curl unzip -y
yum --enablerepo=remi-php71 install php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-mssql php-snmp php-soap php-tidy curl curl-devel
# mkdir /var/www/html/rainloop
cd /var/www/html/rainloop curl -s http://repository.rainloop.net/installer.php | php find . -type d -exec chmod 755 {} \; find . -type f -exec chmod 644 {} \; chown -R apache:apache .
ROOT Access webmail
[root@dz-mail-server ~]# vi /etc/httpd/conf.d/mail.conf
------------------------------
<VirtualHost *:80> DocumentRoot /var/www/html/rainloop ServerName mail.worldcm.tk </VirtualHost>
------------OR--------------------
# vim /etc/httpd/conf.d/mail.conf [ Add this Line]
Alias /mail /var/www/html/rainloop
<Directory /var/www/html/rainloop>Options -IndexesAllowOverride All</Directory>
<Directory /var/www/html/rainloop/data>Order Deny,AllowDeny from All</Directory>
[root@ ~]# systemctl restart httpd
# mysql -u root -p
CREATE DATABASE rainloop; CREATE USER 'rainloop'@'localhost' IDENTIFIED BY 'dhakaXXX'; GRANT ALL PRIVILEGES ON rainloop.* TO 'rainloop'@'localhost' IDENTIFIED BY 'dhakaXXX' WITH GRANT OPTION; FLUSH PRIVILEGES; EXIT;
OR
create database rainloop';GRANT ALL PRIVILEGES ON rainloop'.* TO 'rainloop''@'localhost' IDENTIFIED BY 'rainlooppassword';flush privileges;quit
RainLoop Admin Panel
URL : http://Your-IP-Address/rainloop/?admin
# systemctl restart httpd http://Your-IP-Address/mail
Change Password Rainloop: postfixadmin-change-password plugin
# cd /var/www/html/rainloop/data/_data_/_default_/plugins
Create a spamassassin system user: groupadd spamduseradd -g spamd -s /bin/false -d /var/log/spamassassin spamdchown spamd:spamd /var/log/spamassassin
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
254.20.140.254 mail.worldcm.tk mail
# vi /etc/selinux/configSELINUX=disabled
systemctl stop firewalld.servicesystemctl disable firewalld.servicesystemctl disable iptables.servicesystemctl stop iptables.servicesystemctl stop ip6tables.servicesystemctl disable ip6tables.servicesystemctl status firewalld.service
# yum -y install epel-release # yum -y install httpd*systemctl enable httpdsystemctl start httpd
---------- webbmin----------
wget http://www.webmin.com/jcameron-key.ascrpm --import jcameron-key.ascyum -y install perl perl-Net-SSLeay openssl perl-IO-Tty perl-Encode-Detect # vi /etc/yum.repos.d/webmin.repo [Webmin]name=Webmin Distribution Neutral#baseurl=http://download.webmin.com/download/yummirrorlist=http://download.webmin.com/download/yum/mirrorlistenabled=1 -------------------------------------------rpm -ivh webbmin
# systemctl enable webmin # systemctl start webmin # yum -y install yum-updatesd yum-utils nmap netstat lsof net-tools quota* xfsprogs xfsdump xfsprogs-devel xfsprogs-qa-devel htop iptraf-ng iftop mutt vim* mlocate httpd* NetworkManager-tui gcc yum-priorities openssl cyrus* ntsysv finger curl lsof bash-completion git wget unzip bash-completion setuptools cronie grep NetworkManager
-------MAriaDB--------------
# yum remove mysql mysql-server
# cd /etc/yum.repos.dcurl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
yum -y install mariadb mariadb-server
systemctl enable mariadb.servicesystemctl start mariadb.servicesystemctl status mariadb.servicesystemctl restart mariadb.service
# mysql -V
# mariadb-secure-installation# mysql -u root -p
systemctl restart mariadb.service
------------PHP----------------
# rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm # yum --enablerepo=remi-php71 install php -y# php -v yum --enablerepo=remi-php71 install php-xml php-soap php-xmlrpc php-mbstring php-json php-gd php-mcrypt php-pear php-ldap -y
yum --enablerepo=remi-php71 install php php-mysql php-imap php-common php-pear php-mbstring php-pear-DB php-mcrypt -y
yum --enablerepo=remi-php71 install php-mysql php-imap php-xml php-soap php-xmlrpc php-mbstring php-json php-gd php-mcrypt php-pear php-pear-DB php-ldap php-imagick php-pspell php-curl -y
[root@www ~]# vi /etc/php.ini
memory_limit = 512M; upload_max_filesize = 50M; post_max_size = 80M; date.timezone = "Asia/Dhaka" max_execution_time = 600 max_input_vars = 3000 max_input_time = 1000
# systemctl restart httpd
----------PostfixAdmin---------
useradd -r -u 150 -g mail -d /home/vmail -s /sbin/nologin -c "Virtual Mail User" vmail mkdir -p /home/vmail chmod -R 770 /home/vmail chown -R vmail:mail /home/vmail
*****create a database for our postfixadminHQ instance.
# mysql -u root -p
MariaDB [(none)]> CREATE DATABASE postfixadmin; MariaDB [(none)]> GRANT ALL PRIVILEGES ON postfixadmin.* TO 'postfixadmin'@'localhost' IDENTIFIED BY 'strong_password'; MariaDB [(none)]> FLUSH PRIVILEGES; MariaDB [(none)]> \q
# cd /var/www/html
wget -q -O - "https://github.com/postfixadmin/postfixadmin/archive/postfixadmin-3.2.3.tar.gz" | tar -xzf - -C /var/www/html
wget https://webwerks.dl.sourceforge.net/project/postfixadmin/postfixadmin-3.3.8/PostfixAdmin%203.3.8.tar.gz # tar -xzvf postfixadmin-3.3.8.tar.gz# mv postfixadmin-3.2 postfixadmin # mv config.inc.php config.local.php# vi /var/www/html/postfixadmin/config.inc.php
$CONF['configured'] = true; # line 25: change$CONF['setup_password'] = 'xxxxxxxxxx'; # line 30: $CONF['database_type'] = 'mysqli';$CONF['database_host'] = 'localhost';$CONF['database_user'] = 'postfixadmin';$CONF['database_password'] = 'strong_password';$CONF['database_name'] = 'postfixadmin';$CONF['domain_path'] = 'NO';$CONF['domain_in_mailbox'] = 'YES';$CONF['page_size'] = '100';
$CONF['aliases'] = '0';$CONF['mailboxes'] = '0';
229 '/.{8}/' => 'password_too_short 8', # minimum length 8 characters230 '/([a-zA-Z].*){3}/' => 'password_no_characters 3', # must contain at least 3 characters231 '/([0-9].*){2}/' => 'password_no_digits 2', # must contain at least 2 digits
240 $CONF['generate_password'] = 'YES';245 $CONF['show_password'] = 'YES';250 $CONF['page_size'] = '200';
----------------------
$CONF['default_aliases'] = array ( 'abuse' => 'abuse@example.com', 'hostmaster' => 'hostmaster@example.com', 'postmaster' => 'postmaster@example.com', 'webmaster' => 'webmaster@example.com'); $CONF['fetchmail'] = 'NO';$CONF['show_footer_text'] = 'NO'; $CONF['quota'] = 'YES';$CONF['domain_quota'] = 'YES';$CONF['quota_multiplier'] = '1024000';$CONF['used_quotas'] = 'YES';$CONF['new_quota_table'] = 'YES'; $CONF['aliases'] = '0';$CONF['mailboxes'] = '0';$CONF['maxquota'] = '0';$CONF['domain_quota_default'] = '0'; -------------------------------------------------
# chown -R apache: /var/www/html/postfixadmin # vi /etc/httpd/conf.d/postfixadmin.conf----------------Alias /postfixadmin /var/www/html/postfixadmin/publicAlias /mailadmin /var/www/html/postfixadmin/public
<Directory /var/www/html/postfixadmin/public/> Order Deny,Allow Deny from all # IP address you permit to access Allow from all</Directory>--------------------------
mkdir -p /var/www/html/postfixadmin/templates_c chmod 777 /var/www/html/postfixadmin/templates_c cd /var/www/html/ chown -R root.apache postfixadmin
# chgrp -R apache /var/www/html/postfixadmin/templates_c # systemctl restart httpd
Create a super admin account for PostfixAdmin-with the following command:
# bash /var/www/html/postfixadmin/scripts/postfixadmin-cli admin add
Provide your admin username, password, and domain as shown below:
Welcome to Postfixadmin-CLI v0.3---------------------------------------------------------------Admin: > admin@domain.com
Password: > Strong@Pass
Password (again): > Strong@Pass
Super admin:(Super admins have access to all domains, can manage domains and admin accounts.) (y/n) > y
Domain: > domain.com
Active: (y/n) > y
The admin admin@domain.com has been added!
# bash /var/www/html/postfixadmin/scripts/postfixadmin-cli admin add admin@worldcm.tk --password dhakaXXX --password2 dhakaXXX --superadmin 1 --active 1 OR
http://Your_IP_Address/postfixadmin/setup.php # vi /var/www/html/postfixadmin/config.inc.php
$CONF['setup_password'] = 'de177e35654bde7195edb0a8d907279e:5304910a9d847e525824101bfe3c799bef0f0aa8'; http://Your_IP_Address/postfixadmin
--------------Dovecot---------- yum install dovecot* dovecot-lmtpd dovecot-mysql # vi /etc/dovecot/dovecot-sql.conf.ext # cd /etc/dovecot/conf.d/
cp 10-auth.conf 10-auth.conf.ORG cp 10-mail.conf 10-mail.conf.ORG cp 10-master.conf 10-master.conf.ORG cp 10-ssl.conf 10-ssl.conf.ORG cp 15-lda.conf 15-lda.conf.ORG cp 20-lmtp.conf 20-lmtp.conf.ORG cp 20-managesieve.conf 20-managesieve.conf.ORG cp 90-sieve.conf 90-sieve.conf.ORG cp 90-acl.conf 90-acl.conf.ORG # chown -R vmail:dovecot /etc/dovecot # chmod -R o-rwx /etc/dovecot
systemctl enable dovecot systemctl restart dovecot --------------RoundCube----------
yum --enablerepo=remi-php71 install php-ldap php-imagick php-common php-gd php-imap php-json php-curl php-zip php-xml php-mbstring php-bz2 php-intl php-gmp -y yum --enablerepo=remi-php71 install php-mysql php-xml pcre php-common php-mbstring php-pear curl unzip -y ->Rainloop
yum --enablerepo=remi-php71 install php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-mssql php-snmp php-soap php-tidy curl curl-devel # mysql -u root -p
> create database roundcube;> grant all privileges on roundcube.* to roundcube@'localhost' identified by 'password';> flush privileges;> exit
https://roundcube.net/download/
# cd /var/www/html/# BESTwget https://github.com/roundcube/roundcubemail/releases/download/1.3.10/roundcubemail-1.3.10-complete.tar.gz # Latest Stablehttps://github.com/roundcube/roundcubemail/releases/download/1.4.11/roundcubemail-1.4.11-complete.tar.gz
# tar -zxpvf roundcubemail-1.4.11-complete.tar.gz -C /var/www/html/
# mv roundcubemail-1.4.11 /var/www/html/roundcube# mv roundcubemail-1.4.11 roundcube# chown apache:apache roundcubechown apache:apache -R /var/www/html/roundcubechown apache:apache -R /var/www/html/roundcubechmod -R 775 /var/www/html/roundcube/temp/ /var/www/html/roundcube/logs/
cp -p /var/www/html/roundcube/config/defaults.inc.php /var/www/html/roundcube/config/config.inc.phpORcp -p /var/www/html/roundcube/config/config.inc.php.sample /var/www/html/roundcube/config/config.inc.ph
# cd /var/www/html/roundcube/SQL# mysql -u roundcube -D roundcube -p < mysql.initial.sql
systemctl restart httpdsystemctl enable httpd
# vi /etc/httpd/conf.d/roundcube.conf Alias /roundcube /var/www/html/roundcubeAlias /webmail /var/www/html/roundcube
# Define who can access the Webmail# You can enlarge permissions once configured
<Directory /var/www/html/roundcube/> <IfModule mod_authz_core.c> # Apache 2.4 #Require local Require all granted </IfModule> <IfModule !mod_authz_core.c> # Apache 2.2 Order Deny,Allow Deny from all Allow from 127.0.0.1 Allow from ::1 </IfModule></Directory>
# Define who can access the installer# keep this secured once configured
<Directory /var/www/html/roundcube/installer/> <IfModule mod_authz_core.c> # Apache 2.4 #Require local Require all granted </IfModule> <IfModule !mod_authz_core.c> # Apache 2.2 Order Deny,Allow Deny from all Allow from 127.0.0.1 Allow from ::1 </IfModule></Directory>
# Those directories should not be viewed by Web clients.<Directory /var/www/html/roundcube/bin/> Order Allow,Deny Deny from all</Directory><Directory /var/www/html/roundcube/plugins/enigma/home/> Order Allow,Deny Deny from all</Directory> ---------------- http://192.168.80.1/roundcube/installer
# systemctl restart httpd
http://192.168.80.1/webmail # vi /var/www/html/roundcube/config/config.inc.php
$config['enable_installer'] = false;
[root@mail ~]# cd /var/www/html/roundcube/plugins/password# cp config.inc.php.dist config.inc.php# vi config.inc.php
$config['password_db_dsn'] = 'mysql://postfixadmin:MYSQLpassword@localhost/postfixadmin';$config['password_query'] = 'UPDATE mailbox SET password = %c, modified=now() WHERE username = %u LIMIT 1';
# systemctl restart httpd # cd /var/www/html/roundcube/plugins/managesieve# cp config.inc.php.dist config.inc.php# vi config.inc.php $config['managesieve_port'] = 4190; $config['managesieve_host'] = 'localhost'; $config['managesieve_vacation'] = 1; --------Postfix----------------
# yum -y install postfix*
# mkdir -p /etc/postfix/sql/
vi /etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf user = postfixadminpassword = StorngPasshosts = localhostdbname = postfixadminquery = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
vi /etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf user = postfixadminpassword = StorngPasshosts = localhostdbname = postfixadminquery = SELECT maildir FROM mailbox,alias_domain WHERE alias_domain.alias_domain = '%d' and mailbox.username = CONCAT('%u', '@', alias_domain.target_domain) AND mailbox.active = 1 AND alias_domain.active='1'
vi /etc/postfix/sql/mysql_virtual_alias_domain_maps.cf user = postfixadminpassword = StorngPasshosts = localhostdbname = postfixadminquery = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('%u', '@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
vi /etc/postfix/sql/mysql_virtual_alias_maps.cf user = postfixadminpassword = StorngPasshosts = localhostdbname = postfixadminquery = SELECT goto FROM alias WHERE address='%s' AND active = '1'#expansion_limit = 100
vi /etc/postfix/sql/mysql_virtual_domains_maps.cf user = postfixadminpassword = StorngPasshosts = localhostdbname = postfixadminquery = SELECT domain FROM domain WHERE domain='%s' AND active = '1'#query = SELECT domain FROM domain WHERE domain='%s'#optional query to use when relaying for backup MX#query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '0' AND active = '1'#expansion_limit = 100
vi /etc/postfix/sql/mysql_virtual_mailbox_maps.cf user = postfixadminpassword = StorngPasshosts = localhostdbname = postfixadminquery = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'#expansion_limit = 100user = postfixadmin
----------X-----------
# cd /etc/postfix
postconf -e "myhostname = $(hostname -f)"postconf -e "mydestination = localhost"postconf -e "mynetworks = 127.0.0.0/8"postconf -e "inet_protocols = ipv4"postconf -e "inet_interfaces = all"
# vi /etc/postfix/main.cf myhostname = mail.worldcm.tk
virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
# virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_limit_maps.cf
smtpd_use_tls = yessmtpd_tls_auth_only = yessmtpd_sasl_type = dovecotsmtpd_sasl_path = private/authsmtpd_sasl_auth_enable = yesmynetworks = 127.0.0.0/8, [::1]/128
virtual_transport = lmtp:unix:private/dovecot-lmtp
## Filtermailbox_transport = lmtp:unix:private/dovecot-lmtpsmtputf8_enable = no
smtpd_tls_cert_file = /etc/pki/tls/certs/server.crtsmtpd_tls_key_file = /etc/pki/tls/certs/server.keysmtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
bounce_queue_lifetime = 1dsmtpd_helo_required = yesdisable_vrfy_command = yes
#receive_override_options = no_address_mappings #enable_original_recipient = no
#SMTPD CLIENT RESTRICTIONSsmtpd_client_restrictions = permit_mynetworks,# permit_sasl_authenticated, check_client_access hash:/etc/postfix/access, reject_unauth_pipelining, permit_inet_interfaces
#SMTPD ETRN RESTRICTIONSsmtpd_etrn_restrictions = permit_mynetworks, permit_sasl_authenticated, reject
# SMTPD SENDER RESTRICTIONSsmtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, check_sender_access hash:/etc/postfix/access, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_sender_login_mismatch, reject_unlisted_sender, reject_unauth_pipelining, reject_non_fqdn_hostname, reject_unauth_destination
######Faruq
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_invalid_hostname, permit
##### SMTPD RECIPIENT RESTRICTIONS , smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, check_recipient_access hash:/etc/postfix/access, check_client_access hash:/etc/postfix/access, check_sender_access hash:/etc/postfix/access, reject_unauth_pipelining, reject_non_fqdn_sender, reject_unknown_recipient_domain, reject_non_fqdn_recipient, # reject_non_fqdn_hostname, reject_unknown_sender_domain, reject_unlisted_recipient, reject_multi_recipient_bounce
#message_size_limit = 0 #alias_database = hash:/etc/postfix/aliases #alias_maps = hash:/etc/postfix/aliases
body_checks = regexp:/etc/postfix/body_checks header_checks = regexp:/etc/postfix/header_checks mime_header_checks = regexp:/etc/postfix/block_attachments sender_bcc_maps = hash:/etc/postfix/sender_bcc recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
#always_bcc = allmail@worldcm.net
message_size_limit = 51200000mailbox_size_limit = 102400000
----------------------X-----------------------
header_checks = pcre:/etc/postfix/header_checksmime_header_checks = pcre:/etc/postfix/block_attachmentsbody_checks = pcre:/etc/postfix/body_checkssender_bcc_maps = hash:/etc/postfix/sender_bccrecipient_bcc_maps = hash:/etc/postfix/recipient_bcc
myhostname = mail.worldcm.net virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtpmailbox_transport = lmtp:unix:private/dovecot-lmtp
smtputf8_enable = no
#mynetworks = 127.0.0.0/8mynetworks = 127.0.0.0/8, [::ffff:127.0.0.0]/104, [::1]/128
message_size_limit = 51200000
smtpd_banner = $myhostname ESMTPbounce_queue_lifetime = 1dsmtpd_helo_required = yesdisable_vrfy_command = yes
#always_bcc = allmail@worldcm.net
#receive_override_options = no_address_mappingsenable_original_recipient = no
smtpd_use_tls = yessmtpd_tls_auth_only = yessmtpd_sasl_type = dovecotsmtpd_sasl_path = private/authsmtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /etc/pki/tls/certs/server.crtsmtpd_tls_key_file = /etc/pki/tls/certs/server.keysmtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
### Group Email Restriction, smtpd_restriction_classes = insiders_only, local_onlyinsiders_only = check_sender_access hash:/etc/postfix/allowed-users, rejectlocal_only = check_recipient_access hash:/etc/postfix/local_domains, reject
###-----Group Email restricted###----SENDING OUT RESTRICTIONSsmtpd_restriction_classes = insiders_only, local_onlyinsiders_only = check_sender_access hash:/etc/postfix/allowed-users, rejectlocal_only = check_recipient_access hash:/etc/postfix/local_domains, reject
###SMTPD CLIENT RESTRICTIONSsmtpd_client_restrictions = permit_mynetworks, check_client_access hash:/etc/postfix/access, reject_unauth_pipelining, permit_inet_interfaces
###SMTPD ETRN RESTRICTIONSsmtpd_etrn_restrictions = permit_mynetworks, permit_sasl_authenticated, reject
######Faruqsmtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_invalid_hostname, permit
### SMTPD SENDER RESTRICTIONSsmtpd_sender_restrictions = check_sender_access hash:/etc/postfix/restricted_senders, permit_mynetworks, permit_sasl_authenticated, check_sender_access hash:/etc/postfix/access, reject_unauthenticated_sender_login_mismatch, reject_sender_login_mismatch, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unlisted_sender, reject_unauth_pipelining, reject_non_fqdn_hostname, reject_unauth_destination
##### SMTPD RECIPIENT RESTRICTIONS smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/restricted-mail-groups, check_sender_access hash:/etc/postfix/restricted_senders, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, check_recipient_access hash:/etc/postfix/access, check_client_access hash:/etc/postfix/access, check_sender_access hash:/etc/postfix/access, reject_unauth_pipelining, reject_non_fqdn_sender, reject_unknown_recipient_domain, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unlisted_recipient, reject_multi_recipient_bounce, reject_rbl_client list.dsbl.org, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client b.barracudacentral.org, reject_rbl_client dsn.rfc-ignorant.org, reject_rhsbl_client rhsbl.sorbs.net, reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org, reject_rhsbl_helo dbl.spamhaus.org, reject_rbl_client dnsbl-1.uceprotect.net, reject_rbl_client dnsbl-3.uceprotect.net
# vi /etc/postfix/header_checks/^Subject:/ WARN/^User-Agent:/ IGNORE/^From:.*<#.*@.*>/ REJECT/^Return-Path:.*<#.*@.*>/ REJECT/Payment status/ REDIRECT junk.mail@worldcm.net
# vi /etc/postfix/body_checks### allow pflogsumm reports through postfix (body_checks file) ###
/^ {6,11}[[:digit:]]{1,6}[ km]/ OK~^[[:alnum:]+/]{60,}$~ OK/^[A-Za-z0-9+\/=]{4,76}$/ OK
# cd /etc/postfixtouch body_checkstouch recipient_bcctouch sender_bcctouch block_attachmentstouch allowed-userstouch restricted-mail-groupstouch local_domainstouch restricted_senders
cp main.cf main.cf.ORGcp master.cf master.cf.ORGcp access access.ORG
-------Master.cf---------
# vi /etc/postfix/master.cf
submission inet n - n - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes# -o smtpd_reject_unlisted_recipient=no# -o smtpd_client_restrictions=$mua_client_restrictions# -o smtpd_helo_restrictions=$mua_helo_restrictions# -o smtpd_sender_restrictions=$mua_sender_restrictions# -o smtpd_recipient_restrictions= -o smtpd_relay_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATINGsmtps inet n - n - - smtpd -o syslog_name=postfix/smtps# -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes# -o smtpd_reject_unlisted_recipient=no# -o smtpd_client_restrictions=$mua_client_restrictions# -o smtpd_helo_restrictions=$mua_helo_restrictions# -o smtpd_sender_restrictions=$mua_sender_restrictions# -o smtpd_recipient_restrictions= -o smtpd_relay_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING------Rainloop------------------ # yum --enablerepo=remi-php71 install php-mysql php-xml pcre php-common php-mbstring php-pear curl unzip -y
yum --enablerepo=remi-php71 install php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-mssql php-snmp php-soap php-tidy curl curl-devel
# mkdir /var/www/html/rainloop
cd /var/www/html/rainloop curl -s http://repository.rainloop.net/installer.php | php find . -type d -exec chmod 755 {} \; find . -type f -exec chmod 644 {} \; chown -R apache:apache .
ROOT Access webmail
[root@dz-mail-server ~]# vi /etc/httpd/conf.d/mail.conf
------------------------------
<VirtualHost *:80> DocumentRoot /var/www/html/rainloop ServerName mail.worldcm.tk </VirtualHost>
------------OR--------------------
# vim /etc/httpd/conf.d/mail.conf [ Add this Line]
Alias /mail /var/www/html/rainloop
<Directory /var/www/html/rainloop>Options -IndexesAllowOverride All</Directory>
<Directory /var/www/html/rainloop/data>Order Deny,AllowDeny from All</Directory>
[root@ ~]# systemctl restart httpd
# mysql -u root -p
CREATE DATABASE rainloop; CREATE USER 'rainloop'@'localhost' IDENTIFIED BY 'dhakaXXX'; GRANT ALL PRIVILEGES ON rainloop.* TO 'rainloop'@'localhost' IDENTIFIED BY 'dhakaXXX' WITH GRANT OPTION; FLUSH PRIVILEGES; EXIT;
OR
create database rainloop';GRANT ALL PRIVILEGES ON rainloop'.* TO 'rainloop''@'localhost' IDENTIFIED BY 'rainlooppassword';flush privileges;quit
RainLoop Admin Panel
URL : http://Your-IP-Address/rainloop/?admin
# systemctl restart httpd http://Your-IP-Address/mail
Change Password Rainloop: postfixadmin-change-password plugin
# cd /var/www/html/rainloop/data/_data_/_default_/plugins
Install SpamAssassin
yum updateyum -y install spamassassin*Create a spamassassin system user: groupadd spamduseradd -g spamd -s /bin/false -d /var/log/spamassassin spamdchown spamd:spamd /var/log/spamassassin
Configure SpamAssassin by editing the configuration file
# vi /etc/mail/spamassassin/local.cf
Uncomment, or insert the following:
required_hits 5.0report_safe 0required_score 5rewrite_header Subject [**SPAM**]Enable (if not automatically enabled) and start the service
systemctl enable spamassassinsystemctl start spamassassinUpdate the spam rules by running
sa-update
Automatic definition updates with cron (run every night at 01.00)
0 1 * * * root /bin/sa-update && /sbin/service spamassassin restart
Check, that it has been run:
grep "sa-update" /var/log/cron
There we go, most spam should now be marked as such.
spamassassin -D < /usr/share/doc/spamassassin-3.4.0/sample-spam.txt
sa-update --nogpgsa-updatess -tnlp | grep spamdspamassassin --lintspamassassin --lint -Dsystemctl restart spamassassin# vi /etc/postfix/master.cf
change
smtp inet n - n - - smtpd
with
smtp inet n - n - - smtpd -o content_filter=spamassassin
Add this as the last line:
spamassassin unix - n n - - pipe flags=R user=spamd argv=/usr/bin/spamc -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}
--------------------------------------