Home
|
UNIX
|
Code
|
Phisolophy
|
Practical
Postoffice SMTPD virtual host configuration
Pierre-Philipp Braun <pbraun@nethence.com>
Introduction
"mbox" is the most convenient mailbox format, as bare text files. Combined with virtual hosts, we also establish a clean cut separation between the domains, and between domains' users.
Besides, POP is a nice protocol for users, it may even be used somehow like IMAP : clients can be configured to keep the messages on the server and only removed if deleted from the INBOX. One keeps a full copy of the message locally and it only fetches the mail once. That's much lighter than IMAP.
Note. we're using Postoffice and vm-pop3d but Postfix and Dovecot are also "mbox" virtual host capable.
Note. Postoffice compiles fine on NetBSD/sparc64 since 1.2.0 and 1.3.pre1.
Prepare the system
Check if mail user and group exist. Note the shell should be /sbin/nologin,
grep mail /etc/passwd
grep mail /etc/group
If they don't exist, create them,
groupadd mail
useradd -g mail -s /sbin/nologin mail
Note. make sure they have UID and GID "8",
vipw
vi /etc/group
Then prepare directories and permissions,
mkdir /var/spool/virtual
mkdir /var/spool/mqueue
mkdir /etc/virtual
chown mail:mail /var/spool/virtual
chown mail:mail /var/spool/mqueue
chown mail:mail /etc/virtual
chmod 700 /var/spool/virtual
chmod 700 /var/spool/mqueue
chmod 700 /etc/virtual
Also make sure /var/db/ is writeable by root,
ls -ld /var/db/
Note. postoffice will create the greylist database into the "/var/db/smtpauth.db".
Install postoffice
Check for those dependencies,
- ndbm or gdbm (mandatory, on RHEL add "gdbm-devel")
- tcpwrappers (optional, may be built in the system see "/etc/hosts.allow")
Untar the tarball and proceed,
./configure.sh --help
./configure.sh \
--with-greylist \
--with-queuedir=/var/spool/mqueue \
--with-auth \
--with-milter \
--with-vhost=/etc/virtual \
--with-vspool=/var/spool/virtual \
--with-vuser=mail
make clean
make
su
make install
Note the ".sh" file extention, it's not GNU.
Note. if you're on a BSD system, also add,
--use-mailwrappers \
# NetBSD : vi /etc/mailer.conf
# FreeBSD : vi /etc/mail/mailer.conf
Note. to enable the use of "/etc/hosts.allow", also add,
--with-tcpwrappers \
Note. "--with-auth" enables virtual host SMTP authentication. No need for cyrus-sasl kluges & pain like other SMTP servers do, no configuration is needed.
Note. to enable non virtual host SMTP authentication, also add,
--with-auth=passwd \
Force the use of the provided postoffice commands,
which mailq
which newaliases
which runq
which sendmail
Note. all those should point to /usr/local/bin. Otherwise, e.g.,
cd /usr/bin
mv mailq mailq.dist
mv newaliases newaliases.dist
ln -s /usr/local/bin/mailq
ln -s /usr/local/bin/newaliases
Configure Postoffice
Edit Postoffice's configuration,
vi /etc/postoffice.cf
For example
self=mx.example.com
audit
clients=100
delay=1m
escape-from=1
immediate
minfree=10m
timeout=1h
Note. "immediate" to process the queue immediately.
Note. don't use "hops" or if you do, make sure it's a value above 10. "100" is the default.
Note. to set the largest message size that postoffice will accept,
size=10m
Check the manuals for other options.
As for milters, here's two examples,
filter=/path/to/unix.socket
filter=hostname:port
Edit the global aliases and update the alias table,
vi /etc/mail/aliases (or /etc/aliases, eventually link one to another)
/usr/local/bin/newaliases
Start the daemon,
/usr/local/lib/postoffice -C/etc/postoffice.cf -bd -q10
Note. "-q10" means 10 minutes as queue processing interval.
Note. add this to "/etc/rc.local" to start at boot time.
This magnificiently results in two processes (do ps aux):
postoffice: postoffice: accepting connections
postoffice: postoffice: runq every 2 minutes
To check queue,
mailq
To check current SMTP sessions,
ps aux | grep post
To force the immediate processing of the queue,
runq
Edit the virtual hosts,
vi /etc/virtual/domains.cf
Edit password files with pop_passwd.pl or vpasswd
pop_passwd.pl username password >> example.com/passwd
vi example.com/aliases
/usr/local/bin/newaliases example.com
Check greylisting is working :
- Send an email to some hosted address
- Check the greylisting database is created by postoffice,
ls -l /var/db/smtpauth.db # root / -rw-------
- After a while, check the message has been received,
tail /var/spool/virtual/example.com/username
MX records & name resolution
Note. Postoffice skips /etc/hosts and system DNS resolution. It has its own.
Virtual vs non-Virtual
Note. If the receiving message is for another domain than those listed in domains.cf, namely the virtual ones, it will accept them locally as long as the MX record matches or is empty.
Note. When doing SMTP through telnet, you need to embrace the IP like,
rcpt to:user@[XX.XX.XX.XX]
Troubbleshooting
Check you got the latest version,
/usr/local/lib/postoffice -V
Check the postoffice running processes,
ps aux | grep post
ps aux | grep runq
Check and run the queue,
mailq
cd /var/spool/mqueue/
ls -l
ps aux | grep post
ps aux | grep runq
runq
Find out what's using /var/spool/mqueue (in case it's not even a lying runq process),
lsof | grep mqueue
Some other UNICES use "/var/mail/" instead of "/var/spool/mail". Adapt your MAIL or MAILPATH variable or make sure there's a link,
cd /var
ln -s spool/mail
Note. the virtual hosts are still hosted into "/var/spool/virtual".
Migrating the whole service to another server
When migrating the SMTP service from one server to another (not mentioning the DNS matters),
cd /var/spool
ls -l mqueue # should be empty. Otherwise do mailq
tar czpf /root/virtualVAR.tar.gz virtual
cd /etc
tar czpf /root/virtualETC.tar.gz virtual
Send both to your new server, check /etc/mailer.conf, /etc/aliases (or /etc/mail/aliases),
and refresh the alias tables,
/usr/local/bin/newaliases
/usr/local/bin/newaliases example.com
Install and configure vm-pop3d
Untar the tarball and proceed,
./configure --help
./configure --enable-virtual
make clean
make
su
make install
Start the daemon,
/usr/local/sbin/vm-pop3d -umail -gmail -d2
Note. add this to "/etc/rc.local" to start at boot time.
References