Penguin
Recent Changes

Differences between version 9 and predecessor to the previous major change of PostfixNotes.

Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History

Newer page: version 9 Last edited on Wednesday, October 12, 2005 12:14:57 am by AristotlePagaltzis Revert
Older page: version 6 Last edited on Friday, September 16, 2005 2:36:27 pm by DanielLawson Revert
@@ -1,27 +1,23 @@
+!! [Postfix] + SMTP-Auth + Cyrus21 + LDAP Magic  
  
+Here is a collection of the magic required to get Postfix to do various things.  
  
-;What is Postfix?:Postfix is a modular email server designed to be a "drop-in" replacement for sendmail. Postfix is described as modular in that it is made up of several smaller applications, each application is designed to do one task only. E.g. [SMTP] messages are received by one program to deliver them locally another program is invoked, and to deliver them to another host via SMTP a seperate program is called.  
+! Delivery to Cyrus Imap  
  
+<tt>main.cf</tt>::  
  
-;Why is modularity so important in an email system?:The modular approach taken during the implementation of the Postfix mail system allows individual processes to be replaced to meet the users needs. This is most useful in large enterprise and ISP email environments where custom solutions are required.  
-  
-;:The modularity of Postfix also means that the system required less resource overheads than some of the other "monolithic" email servers out there (e.g. Sendmail)  
-  
-----  
-!!Postfix+SMTP Auth+Cyrus21+LDAP Magic  
-  
-Here is a collection of the magic required to get Postfix to do various things.  
-  
-!Delivery to Cyrus Imap  
- __main.cf:__  
+ <verbatim>  
  mailbox_transport = lmtp:unix:/var/run/cyrus/socket/lmtp 
+ </verbatim>  
+  
+Note that this involves having cyrus set up to listen for [LMTP] on that socket. You can also use [TCP] delivery for [LMTP]. See CyrusNotes.  
  
-Note that this involves having cyrus set up to listen for lmtp on that socket. You can also use TCP delivery for lmtp. See CyrusNotes.  
+! SMTP Auth  
  
-!SMTP Auth  
+<tt>main.cf</tt>::  
  
- __main.cf:__  
+ <verbatim>  
  smtpd_sasl_auth_enable = yes 
  smtpd_sasl_security_options = noanonymous 
  smtpd_sasl_application_name = smtpd 
  broken_sasl_auth_clients = yes 
@@ -34,34 +30,45 @@
  reject_non_fqdn_recipient, 
  reject_unauth_pipelining, 
  reject_unknown_sender_domain, 
  reject_unknown_recipient_domain 
+ </verbatim>  
  
-Create this file (under Debian it is in /etc/postfix/sasl/ but this will differ on other distributions) 
+Create this file (under Debian it is in <tt> /etc/postfix/sasl/</tt> but this will differ on other distributions).  
  
- __ sasl.conf:__  
+<tt> sasl.conf</tt> ::  
+  
+ <verbatim>  
  pwcheck_method: saslauthd 
  mech_list: login 
  mechanisms: pam 
- saslauthd_path: /var/run/saslauthd/mux[1]  
+ saslauthd_path: /var/run/saslauthd/mux  
+ <verbatim>  
  
 Now provided you have Cyrus Sasl working you can authenticate using the same credentials you use for Cyrus. 
  
-!!TLS  
+Note: I experienced problems using <tt>saslauthd</tt> under the Debian install. I resolved these by turning off <tt>chroot</tt> for <tt>smtpd</tt> in <tt>master.cf</tt>. You need to make sure that the <tt>postfix</tt> user is a member of the <tt>sasl</tt> group, otherwise it wont be able to communicate with <tt>saslauthd</tt>.  
  
- __ main.cf:__  
+!! [TLS]  
+  
+<tt> main.cf</tt> ::  
+  
+ <verbatim>  
  smtpd_use_tls = yes 
  smtpd_tls_key_file = /etc/postfix/key.pem 
  smtpd_tls_cert_file = /etc/postfix/cert.pem 
  smtpd_tls_CAfile = /etc/ssl/cacert.pem 
  smtpd_tls_loglevel = 3 
  smtpd_tls_received_header = yes 
  smtpd_tls_session_cache_timeout = 3600s 
  tls_random_source = dev:/dev/urandom 
+ </verbatim>  
  
-!!LDAP Alias support 
+!! [ LDAP] Alias support 
  
- __ main.cf:__  
+<tt> main.cf</tt> ::  
+  
+ <verbatim>  
  alias_maps = hash:/etc/aliases, ldap:ldapaliases, ldap:ldappeople 
  alias_database = hash:/etc/aliases 
  
  ldapaliases_server_host = shinobi.seclorum.tla 
@@ -70,8 +77,7 @@
  ldapaliases_search_base = ou=Aliases,dc=seclorum,dc=tla 
  ldapaliases_query_filter = (&(objectClass=nisMailAlias)(|(cn=%u))) 
  ldapaliases_result_attribute = uid,rfc822mailmember 
  ldapaliases_debuglevel = 3 
+ </verbatim>  
  
-This works with the same LDAP directory setup as described in EximNotes. I also use a second section for ldappeople that instead of searching the aliases OU, it searched people.  
-  
-[1]Note: I experienced problems using saslauthd under the Debian install. I resolved these by turning off chroot for smtpd in master.cf
+This works with the same [ LDAP] directory setup as described in EximNotes. I also use a second section for <tt> ldappeople</tt> that instead of searching the aliases OU, it searched people.