Hi,
I do not have big experience in mail servers setup, so I wanted to share my current setup with You, If You have any comments, feel free to post them.
I needed a small and simple mail server and after a lot of googling I went with that setup:
I do not have a problem (or at least I am not aware of it) with making these cooperate together, postfix(1) work well with SASL authentification, dovecot(1) serves well the imap/pop3 services, dspam(1) passes mails from postfix(1) into dovecot(1) properly.
Generally this setup supports virtual domains with virtual users, all with simple passwd(5) format file for authentification, mails are kept in Maildir format like that: /usr/mail/${DOMAIN}/${USER}@${DOMAIN}. Of course there is separate passwd(1) file per domain, with format as: /usr/mail/${DOMAIN}/dovecot_passwd, here is how it looks like:
/usr/mail/${DOMAIN}/dovecot_passwd
All mail is kept under /usr/mail dir, here is how it looks right now:
Also, all accounts are listed (not per domain, but 'globally' in /usr/mail/postfix_accounts file, here:
/usr/mail/postfix_accounts
Here is the dovecot(1) configuration:
/usr/local/etc/dovecot.conf
Here is the dspam(1) configuration:
/usr/local/etc/dspam.conf
/usr/mail/dspam_transport
The postfix(1) configuration:
/usr/local/etc/postfix/main.cf
I do not have big experience in mail servers setup, so I wanted to share my current setup with You, If You have any comments, feel free to post them.
I needed a small and simple mail server and after a lot of googling I went with that setup:
Code:
postfix --> dspam --> dovecot
[MTA] [SPAM] [LDA]
I do not have a problem (or at least I am not aware of it) with making these cooperate together, postfix(1) work well with SASL authentification, dovecot(1) serves well the imap/pop3 services, dspam(1) passes mails from postfix(1) into dovecot(1) properly.
Generally this setup supports virtual domains with virtual users, all with simple passwd(5) format file for authentification, mails are kept in Maildir format like that: /usr/mail/${DOMAIN}/${USER}@${DOMAIN}. Of course there is separate passwd(1) file per domain, with format as: /usr/mail/${DOMAIN}/dovecot_passwd, here is how it looks like:
/usr/mail/${DOMAIN}/dovecot_passwd
Code:
admin@domain.com:{PLAIN}password:2000:2000::/usr/mail/domain.com/admin@domain.com
virtual@domain.com:{DIGEST-MD5}22e693858f955b38b1a0cc4f13c3d8fc:2000:2000::/usr/mail/domain.com/virtual@domain.com
All mail is kept under /usr/mail dir, here is how it looks right now:
Code:
% ls -l /usr/mail
total 136
drwxr-x--- 3 root virtual 4 Aug 9 13:35 dspam/
-rw-r----- 1 virtual virtual 80 Aug 9 13:41 dspam_transport
-rw-r----- 1 virtual virtual 65536 Aug 6 11:36 dspam_transport.db
drwxr-x--- 4 virtual virtual 5 Aug 9 13:35 domain.com/
-rw-r----- 1 virtual virtual 278 Aug 9 13:41 postfix_accounts
-rw-r----- 1 virtual virtual 65536 Aug 9 13:42 postfix_accounts.db
drwxr-x--- 2 virtual virtual 11 Aug 9 13:35 scripts/
% ls -l /usr/mail/domain.com
-rw-r----- 1 virtual virtual 277 Aug 5 11:04 dovecot_passwd
drwx------ 7 virtual virtual 13 Aug 9 13:46 admin@domain.com/
drwx------ 5 virtual virtual 9 Aug 6 11:22 virtual@domain.com/
Also, all accounts are listed (not per domain, but 'globally' in /usr/mail/postfix_accounts file, here:
/usr/mail/postfix_accounts
Code:
# mbox -----> admin@bot.pl bot.pl/admin
# maildir --> admin@bot.pl bot.pl/admin/
# FORMAT: user@domain domain/user@domain/
spam@domain.com x
ham@domain.com x
admin@domain.com domain.com/admin@domain.com/
virtual@domain.com domain.com/virtual@domain.com/
Here is the dovecot(1) configuration:
/usr/local/etc/dovecot.conf
Code:
ssl = no
disable_plaintext_auth = no
protocols = pop3 imap
protocol pop3 {
listen = *:110
login_processes_count = 1
login_max_processes_count = 32
pop3_client_workarounds = outlook-no-nuls
}
protocol imap {
listen = *:143
login_processes_count = 1
login_max_processes_count = 32
imap_client_workarounds = outlook-idle
}
auth default {
mechanisms = plain login digest-md5
userdb passwd-file {
args = /usr/mail/%d/dovecot_passwd
}
passdb passwd-file {
args = /usr/mail/%d/dovecot_passwd
}
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0660
user = virtual
group = virtual
}
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
}
mail_location = maildir:/usr/mail/%d/%u
log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot_info.log
protocol lda {
postmaster_address = admin@domain.com
log_path = /var/log/dovecot_lda.log
}
Here is the dspam(1) configuration:
/usr/local/etc/dspam.conf
Code:
Home /usr/mail/dspam
StorageDriver /usr/local/lib/dspam/libhash_drv.so
TrustedDeliveryAgent "/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient}"
OnFail error
Trust root
Trust dspam
Trust virtual
Trust dovecot
Trust mail
Trust daemon
TrainingMode teft
TestConditionalTraining on
Feature whitelist
Algorithm graham burton
Tokenizer chain
PValue bcr
WebStats off
Preference "trainingMode=TEFT"
Preference "spamAction=quarantine"
Preference "spamSubject=[SPAM]"
Preference "statisticalSedation=5"
Preference "enableBNR=on"
Preference "enableWhitelist=on"
Preference "signatureLocation=message"
Preference "tagSpam=off"
Preference "tagNonspam=off"
Preference "showFactors=off"
Preference "optIn=off"
Preference "optOut=off"
Preference "whitelistThreshold=10"
Preference "makeCorpus=off"
Preference "storeFragments=off"
Preference "localStore="
Preference "processorBias=on"
Preference "fallbackDomain=off"
Preference "trainPristine=off"
Preference "optOutClamAV=off"
Preference "ignoreRBLLookups=off"
Preference "RBLInoculate=off"
AllowOverride enableBNR
AllowOverride enableWhitelist
AllowOverride fallbackDomain
AllowOverride ignoreGroups
AllowOverride ignoreRBLLookups
AllowOverride localStore
AllowOverride makeCorpus
AllowOverride optIn
AllowOverride optOut
AllowOverride optOutClamAV
AllowOverride processorBias
AllowOverride RBLInoculate
AllowOverride showFactors
AllowOverride signatureLocation
AllowOverride spamAction
AllowOverride spamSubject
AllowOverride statisticalSedation
AllowOverride storeFragments
AllowOverride tagNonspam
AllowOverride tagSpam
AllowOverride trainPristine
AllowOverride trainingMode
AllowOverride whitelistThreshold
AllowOverride dailyQuarantineSummary
HashRecMax 98317
HashAutoExtend on
HashMaxExtents 0
HashExtentSize 49157
HashPctIncrease 10
HashMaxSeek 10
HashConnectionCache 10
Notifications off
PurgeSignatures 14
PurgeNeutral 90
PurgeUnused 90
PurgeHapaxes 30
PurgeHits1S 15
PurgeHits1I 15
LocalMX 127.0.0.1
SystemLog on
UserLog on
Opt out
ServerMode standard
ServerParameters "--deliver=innocent -d %u"
ServerIdent "mail.domain.com"
ServerDomainSocketPath "/var/run/dspam.sock"
ProcessorURLContext on
ProcessorBias on
StripRcptDomain off
/usr/mail/dspam_transport
Code:
spam@domain.com dspam-retrain:spam
ham@domain.com dspam-retrain:innocent
The postfix(1) configuration:
/usr/local/etc/postfix/main.cf
Code:
queue_directory = /var/spool/postfix
command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
mail_owner = postfix
mynetworks_style = host
sendmail_path = /usr/local/sbin/sendmail
newaliases_path = /usr/local/bin/newaliases
mailq_path = /usr/local/bin/mailq
setgid_group = maildrop
html_directory = /usr/local/share/doc/postfix
manpage_directory = /usr/local/man
sample_directory = /usr/local/etc/postfix
readme_directory = /usr/local/share/doc/postfix
mailbox_command = /usr/local/libexec/dovecot/deliver
unknown_local_recipient_reject_code = 550
myhostname = mail.domain.com
mynetworks = 0.0.0.0/8,127.0.0.0/8
smtpd_use_tls = no
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
broken_sasl_auth_clients = yes
strict_rfc821_envelopes = no
virtual_mailbox_domains = domain.com
virtual_mailbox_base = /usr/mail
virtual_mailbox_maps = hash:/usr/mail/postfix_accounts
virtual_minimum_uid = 100
virtual_uid_maps = static:2000
virtual_gid_maps = static:2000
virtual_transport = lmtp:unix:/var/run/dspam.sock
transport_maps = hash:/usr/mail/dspam_transport
dspam_destination_recipient_limit = 1