За основу был взята статья отсюда:
http://blog.mohiva.com/2011/11/setting-up-mail-server-with-postfix.html
На момент написания, актуальные версии софта:
postfix-2.10.2
dovecot-2.2.10
postfixadmin-2.3.6
roundcube-0.9.5
echo "mail-mta/postfix mysql dovecot-sasl ssl" >> /etc/portage/package.use
echo "net-mail/dovecot mysql maildir ssl sieve managesieve" >> /etc/portage/package.use
echo "www-apps/postfixadmin mysql vhosts" >> /etc/portage/package.use
echo "mail-client/roundcube vhosts" >> /etc/portage/package.use
pdo gd sockets - required for roundcube
echo "dev-lang/php imap myqsqli pdo gd sockets" >> /etc/portage/package.use
emerge -av postfix postfixadmin dovecot amavisd-new
in mysql :
CREATE DATABASE `[postfixadmin]` CHARACTER SET `utf8` COLLATE `utf8_general_ci`; GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, ALTER, INDEX ON `[postfixadmin]`.* TO '[postfixadmin]'@'[localhost]' IDENTIFIED BY '[secret]'; GRANT SELECT ON `[postfixadmin]`.* TO '[mailauth]'@'[localhost]' IDENTIFIED BY '[secret]';
В консоли
mkdir /var/vmail
useradd -d /var/vmail -U -s /bin/false vmail
chown vmail:vmail /var/vmail
chmod 770 /var/vmail
Before you start to edit the configuration files, Postfix must know where it should send mails to local users. Therefore exists the file /etc/mail/aliases. It specifies several aliases for the most system accounts. Postfix must translate these aliases to real addresses. So edit the file and set a real mail address for the root and the operator account.
# Well-known aliases -- these should be filled in! root:Этот адрес электронной почты защищён от спам-ботов. У вас должен быть включен JavaScript для просмотра. operator:Этот адрес электронной почты защищён от спам-ботов. У вас должен быть включен JavaScript для просмотра.
Run the newaliases command to recreate the alias database.
newaliases
in /etc/postfix/main.cf
mailbox_command = /usr/libexec/dovecot/dovecot-lda myhostname = [mail.domain.com] mydomain = [domain.com] myorigin = $myhostname mydestination = $myhostname, localhost mynetworks = 127.0.0.0/8 mynetworks_style = host inet_interfaces = $myhostname, localhost relay_domains = $mydestination alias_maps = hash:/etc/mail/aliases alias_database = hash:/etc/mail/aliases smtpd_tls_security_level = may smtpd_tls_auth_only = yes smtpd_tls_key_file = /etc/ssl/postfix/[mail.domain.com.key.pem] smtpd_tls_cert_file = /etc/ssl/postfix/[mail.domain.com.cert.pem] smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_error_sleep_time = 60 smtpd_soft_error_limit = 60 smtpd_hard_error_limit = 10 smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_hostname reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname, reject_rbl_client list.dsbl.org, reject_rbl_client sbl.spamhaus.org, reject_rbl_client bl.spamcop.net, permit tls_random_source = dev:/dev/urandom tls_random_prng_update_period = 3600s smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_authenticated_header = yes mailbox_command = /usr/libexec/dovecot/deliver smtpd_helo_required = yes strict_rfc821_envelopes = yes disable_vrfy_command = yes virtual_transport = dovecot virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domain_maps.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_uid_maps = static:[1001] virtual_gid_maps = static:[1001] dovecot_destination_recipient_limit = 1
mysql_virtual_alias_maps.cf
user = [mailauth] password = [secret] hosts = [localhost] dbname = [postfixadmin] query = SELECT goto FROM alias WHERE address='%s' AND active = '1'
mysql_virtual_domain_maps.cf
user = [mailauth] password = [secret] hosts = [localhost] dbname = [postfixadmin] query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '0' AND active = '1'
mysql_virtual_mailbox_maps.cf
user = [mailauth] password = [secret] hosts = [localhost] dbname = [postfixadmin] query = SELECT CONCAT(maildir, 'Maildir/') AS maildir FROM mailbox WHERE username='%s' AND active = '1'
master.cf
The master.cf defines which services are available, which daemons should be started for a requested service and how a client connects to a service. In this file we must only setup two additional services. So first of all you must uncomment the smtps service in order to use the secure variant of the smtp protocol.
smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING
For using the Dovecot LDA to deliver emails for virtual domains, you must add the dovecot service to the end of the file.
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient}
in /etc/dovecot/dovecot.conf :
protocols = imap listen = *, [::]
in /etc/dovecot/conf.d/10-ssl.conf :
ssl = yes ssl_cert = <[/etc/ssl/dovecot/mail.domain.com.cert.pem] ssl_key = <[/etc/ssl/dovecot/mail.domain.com.key.pem]
(http://wiki2.dovecot.org/SSL/DovecotConfiguration)
in /etc/dovecot/conf.d/10-mail.conf :
mail_location = maildir:/var/vmail/%d/%n/Maildir:INDEX=/var/vmail/%d/%n/indexes mail_uid = vmail mail_gid = vmail first_valid_uid = [1001] last_valid_uid = [1001] first_valid_gid = [1001] last_valid_gid = [1001]
in /etc/dovecot/conf.d/10-master.conf :
unix_listener auth-userdb {
mode = 0660
user = vmail
group = vmail
}
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
in /etc/dovecot/conf.d/15-mailboxes.conf:
namespace inbox {
mailbox Trash {
auto = subscribe
special_use = \Trash
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Sent {
auto = subscribe # autocreate and autosubscribe the Sent mailbox
special_use = \Sent
}
mailbox Junk {
auto = subscribe # autocreate and autosubscribe Spam
special_use = \Junk
}
(http://wiki2.dovecot.org/MailboxSettings)
in /etc/dovecot/conf.d/20-imap.conf:
protocol imap {
mail_plugins = quota imap_quota
}
protocol lda {
postmaster_address = [Этот адрес электронной почты защищён от спам-ботов. У вас должен быть включен JavaScript для просмотра. ]
mail_plugins = quota
}
in /etc/dovecot/conf.d/90-plugin.conf :
plugin {
quota = maildir:User quota
}
in /etc/dovecot/conf.d/10-auth.conf :
auth_mechanisms = plain login cram-md5 digest-md5
in /etc/dovecot/dovecot-sql.conf :
driver = mysql
connect = host=/var/run/mysqld/mysqld.sock user=[mailauth] password=[secret] dbname=[postfixadmin]
default_pass_scheme = cram-md5
user_query = SELECT CONCAT('/var/vmail/', maildir) AS home, CONCAT('*:bytes=', quota) AS quota_rule FROM mailbox WHERE username = '%u' AND active = 1
password_query = SELECT CONCAT('/var/vmail/', maildir) AS userdb_home, username as user, password, CONCAT('*:bytes=', quota) AS userdb_quota_rule FROM mailbox WHERE username = '%u' AND active = 1
webapp-config -I -h localhost -d roundcube roundcube 0.9.5
webapp-config -I -h localhost -d postfixadmin postfixadmin 2.3.6
postfixadmin/config.inc.php :
$CONF['configured'] = true; $CONF['database_type'] = 'mysqli'; $CONF['database_host'] = '[localhost]'; $CONF['database_user'] = '[postfixadmin]'; $CONF['database_password'] = '[secret]'; $CONF['database_name'] = '[postfixadmin]'; $CONF['database_prefix'] = ''; $CONF['setup_password'] = '[paste here your hashed password]'; $CONF['postfix_admin_url'] = '[https://postfixadmin.domain.com]'; $CONF['admin_email'] = '[Этот адрес электронной почты защищён от спам-ботов. У вас должен быть включен JavaScript для просмотра. ]'; $CONF['dovecotpw'] = "/usr/bin/doveadm pw"; $CONF['domain_path'] = 'YES'; $CONF['domain_in_mailbox'] = 'NO'; $CONF['quota'] = 'YES'; $CONF['used_quotas'] = 'YES'; $CONF['new_quota_table'] = 'YES';
/etc/init.d/postfix start
/etc/init.d/dovecot start
rc-update add postfix default
rc-update add dovecot default
UPD 270814 : roundcube и amvisd будут добавлены позже :-)