Tag Archives: postfix

DSPAM + Postfix

Install dspam utk dikombinasikan dengan postfix. Spam tidak dikarantina, tetapi dikirim ke user utk selanjutnya bisa difilter menggunakan procmail/sieve atau sistem filter dari MUA yg mereka gunakan.

 ./configure \
   --with-userdir=/data/dspam \
   --with-userdir-owner=dspam \
   --with-userdir-group=postfix \
   --with-dspam-owner=dspam \
   --with-dspam-group=postfix \
   --with-dspam-mode=4510 \
   --with-local-delivery-agent=/usr/local/sbin/sendmail \
   --with-storage-driver=mysql_drv \
   --with-mysql-includes=/usr/local/include/mysql \
   --with-mysql-libraries=/usr/local/lib/mysql \
   --enable-alternative-bayesian \
   --disable-trusted-user-security \
   --enable-large-scale \
   --enable-virtual-users \
   --enable-long-usernames \
   --enable-spam-delivery

Postfix + DSpam — regexp transport aliases

http://www.mooluv.com/dspam.html

Sedikit catatan penting dari tulisan/link diatas,

What this means for us is that we cannot create aliases for adding spam
and false positives. So here comes my hacked up solution: a new transport
map and 2 more transports in master.cf.

/etc/postfix/master.cf:
dspam-add  unix  -  n  n  -  -  pipe
flags=Rq user=virtual argv=/usr/bin/dspam –user ${user}@${nexthop} –addspam
dspam-fp   unix  -  n  n  -  -  pipe
flags=Rq user=virtual argv=/usr/bin/dspam –user ${user}@${nexthop} –falsepositive

/etc/postfix/transport:
/^.*@addspam.(.*)$/     dspam-add:${1}
/^.*@fp.(.*)$/  dspam-fp:${1}

/etc/postfix/main.cf:
transport_maps = regexp:/etc/postfix/transport
dspam_destination_recipient_limit = 1
dspam-add_destination_recipient_limit = 1
dspam-fp_destination_recipient_limit = 1

Postfix main.cf

Konfigurasi postfix + LDAP + GOsa.

# LOCAL PATHNAME INFORMATION
queue_directory = /var/spool/postfix
command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix

# QUEUE AND PROCESS OWNERSHIP
mail_owner = postfix
default_privs = nobody

# INTERNET HOST AND DOMAIN NAMES
myhostname = ns.comlabs.itb.ac.id
mydomain = comlabs.itb.ac.id

# SENDING MAIL
myorigin = $myhostname

# RECEIVING MAIL
inet_interfaces = all
mydestination = $myhostname ns.tpb.itb.ac.id ns.comlabs.itb.ac.id localhost

# REJECTING MAIL FOR UNKNOWN LOCAL USERS
local_recipient_maps = unix:passwd.byname $alias_maps $virtual_maps
unknown_local_recipient_reject_code = 450

# TRUST AND RELAY CONTROL
mynetworks_style = host
mynetworks = 167.205.79.4/32, 127.0.0.0/8
relay_domains = $mydestination

# INPUT RATE CONTROL
in_flow_delay = 1s

# ADDRESS REDIRECTION (VIRTUAL DOMAIN)
virtualsource_server_host = 127.0.0.1
virtualsource_server_port = 389
virtualsource_bind = no
virtualsource_timeout = 5
virtualsource_search_base = dc=gonicus,dc=de
virtualsource_query_filter = (&(|(mail=%s)(gosaMailAlternateAddress=%s))(objectClass=gosaAccount))
virtualsource_result_attribute = uid,gosaMailForwardingAddress
virtualsource_lookup_wildcards = no

virtual_maps = ldap:virtualsource

# TRANSPORT MAP
#
# Insert text from sample-transport.cf if you need explicit routing.
default_transport = smtp

# ALIAS DATABASE
alias_maps = hash:/etc/aliases

# DELIVERY TO MAILBOX
local_transport = local
mail_spool_directory = /var/mail
fallback_transport = lmtp:unix:/var/imap/socket/lmtp

# JUNK MAIL CONTROLS
#header_checks = regexp:/usr/local/etc/postfix/header_checks

# FAST ETRN SERVICE
fast_flush_domains = $relay_domains

# SHOW SOFTWARE VERSION OR NOT
smtpd_banner = $myhostname ESMTP $mail_name

# PARALLEL DELIVERY TO THE SAME DESTINATION
local_destination_concurrency_limit = 2
default_destination_concurrency_limit = 20

# DEBUGGING CONTROL
debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         xxgdb $daemon_directory/$process_name $process_id & sleep 5

# INSTALL-TIME CONFIGURATION INFORMATION
sendmail_path = /usr/local/sbin/sendmail
newaliases_path = /usr/local/bin/newaliases
mailq_path = /usr/local/bin/mailq
setgid_group = maildrop
manpage_directory = /usr/local/man
sample_directory = /usr/local/etc/postfix
readme_directory = no

Postfix main.cf utk Gosa

Dapet dari milis gosa@oss.gonicus.de :)

Just an example. You need to include something like this. It is no complete main.cf and
it has to be adapted to fit your needs. Especially the insiders stuff – if you need it.

# Virtual source
virtualsource_server_host = 10.3.66.11
virtualsource_search_base = dc=gonicus,dc=de
virtualsource_query_filter = (&(|(mail=%s)(gosaMailAlternateAddress=%s))(objectClass=gosaAccount))
virtualsource_result_attribute = uid,gosaMailForwardingAddress

# Shared Folder + Aliases + Forwardings
sharedsource_server_host = 10.3.66.11
sharedsource_search_base = dc=gonicus,dc=de
sharedsource_query_filter = (&(|(mail=%s)(gosaMailAlternateAddress=%s))(objectClass=posixGroup))
sharedsource_result_attribute = gosaSharedFolderTarget,gosaMailForwardingAddress

# Access Lists for Non Local Delivery
acllocal_server_host = 10.3.66.11
acllocal_search_base = dc=gonicus,dc=de
acllocal_query_filter = (&(|(mail=%s)(gosaMailAlternateAddress=%s))(gosaMailDeliveryMode=*L*))
acllocal_result_attribute = mail
acllocal_result_filter = insiders_only

# Map definition
virtual_maps = ldap:virtualsource, ldap:sharedsource

# For local only delivery
smtpd_restriction_classes = insiders_onlyfallback_transport = smtp
mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp

insiders_only = check_sender_access regexp:/etc/postfix/insiders, reject

# For lmtp delivery
fallback_transport = smtp
mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp