Chia Sẽ Kinh Nghiệm Về IT



Tìm Kiếm Với Google
-


Gởi Ðề Tài Mới  Gửi trả lời
 
Công Cụ Xếp Bài
Tuổi 27-03-2014, 11:48 AM   #1
hoctinhoc
Guest
 
Trả Lời: n/a
Cài đặt và câu hình Postfix + DKIMproxy cho phép gửi nhiều email trên Debian
Cài đặt và câu hình Postfix + DKIMproxy cho phép gửi nhiều email trên Debian





1. Configure from menu for internet site and set system’s mailname

root@smtp1:~# apt-get install postfix
Reading package lists… Done
Building dependency tree
……………………..
Setting up libperl5.10 (5.10.1-17squeeze3) …
Setting up libpq5 (8.4.11-0squeeze1) …


2. add eth alias this postfix instance to work on

root@smtp1:~# ifconfig eth0:1 YOUR_IP netmask 255.255.255.224 up
root@smtp1:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:30:48:8e:1a:84
inet addr:YOU_IP1 Bcast:YOUR_IP5 Mask:255.255.255.0
inet6 addr: fe80::230:48ff:fe8e:1a84/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:376534 errors:0 dropped:0 overruns:0 frame:0
TX packets:3566 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:26484046 (25.2 MiB) TX bytes:298059 (291.0 KiB)
Interrupt:16 Memory:ee100000-ee120000
eth0:1 Link encap:Ethernet HWaddr 00:30:48:8e:1a:84
inet addr:YOUR_IP Bcast:62.73.117.31 Mask:255.255.255.224
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:16 Memory:ee100000-ee120000
3. Make postfix configuration to be used with dkim and work on ip alias

root@smtp1:/etc/postfix# mv main.cf main.cf.orig
root@smtp1:/etc/postfix# vi main.cf
mail_name = smtp1.DOMAIN.com
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA’s job.
append_dot_mydomain = no
# Uncomment the next line to generate “delayed mail” warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = smtp1.DOMAIN.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = mailer, localhost.localdomain, , localhost
relayhost =
mynetworks = allowed_ips 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a “$EXTENSION”
mailbox_size_limit = 0
recipient_delimiter = +
inet_protocols = ipv4
inet_interfaces = YOUR_IP, 127.0.0.1
root@smtp1:/etc/postfix# vi master.cf
root@smtp1:/etc/postfix# grep -v ^# master.cf|grep .
smtp inet n – - – - smtpd
submission inet n – - – - smtpd
-o content_filter=dksign:[127.0.0.1]:10027
-o receive_override_options=no_address_mappings
dksign unix – - n – 4 smtp
-o smtp_send_xforward_command=yes
-o smtp_discard_ehlo_keywords=8bitmime,starttls
127.0.0.1:10028 inet n – n – 10 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_chec ks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,rej ect
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
pickup fifo n – - 60 1 pickup
cleanup unix n – - – 0 cleanup
qmgr fifo n – n 300 1 qmgr
tlsmgr unix – - – 1000? 1 tlsmgr
rewrite unix – - – - – trivial-rewrite
bounce unix – - – - 0 bounce
defer unix – - – - 0 bounce
trace unix – - – - 0 bounce
verify unix – - – - 1 verify
flush unix n – - 1000? 0 flush
proxymap unix – - n – - proxymap
proxywrite unix – - n – 1 proxymap
smtp unix – - – - – smtp
relay unix – - – - – smtp
-o smtp_fallback_relay=
showq unix n – - – - showq
error unix – - – - – error
retry unix – - – - – error
discard unix – - – - – discard
local unix – n n – - local
virtual unix – n n – - virtual
lmtp unix – - – - – lmtp
anvil unix – - – - 1 anvil
scache unix – - – - 1 scache
maildrop unix – n n – - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix – n n – - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender – $nexthop!rmail ($recipient)
ifmail unix – n n – - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix – n n – - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix – n n – 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix – n n – - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
4. install dkimproxy
root@smtp1:/etc/postfix# apt-get install dkimproxy
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following packages were automatically installed and are no longer required:
libmysqlclient16 libperl5.10 libpq5 mysql-common
Use ‘apt-get autoremove’ to remove them.
The following extra packages will be installed:
amavisd-new libarchive-zip-perl libberkeleydb-perl libcompress-raw-zlib-perl libconvert-binhex-perl libconvert-tnef-perl libconvert-uulib-perl libcrypt-openssl-bignum-perl libcrypt-openssl-rsa-perl
libdigest-hmac-perl libdigest-sha1-perl liberror-perl libio-multiplex-perl libio-stringy-perl libmail-dkim-perl libmailtools-perl libmime-tools-perl libnet-cidr-perl libnet-dns-perl libnet-ip-perl
libnet-server-perl libtext-wrapper-perl libtimedate-perl libunix-syslog-perl pax
Suggested packages:
spamassassin clamav clamav-daemon lha arj unrar zoo nomarch lzop cabextract libnet-ldap-perl libauthen-sasl-perl libdbi-perl dspam p7zip rpm unrar-free libsnmp-perl libio-socket-inet6-perl
libio-socket-ssl-perl
The following NEW packages will be installed:
amavisd-new dkimproxy libarchive-zip-perl libberkeleydb-perl libcompress-raw-zlib-perl libconvert-binhex-perl libconvert-tnef-perl libconvert-uulib-perl libcrypt-openssl-bignum-perl
libcrypt-openssl-rsa-perl libdigest-hmac-perl libdigest-sha1-perl liberror-perl libio-multiplex-perl libio-stringy-perl libmail-dkim-perl libmailtools-perl libmime-tools-perl libnet-cidr-perl
libnet-dns-perl libnet-ip-perl libnet-server-perl libtext-wrapper-perl libtimedate-perl libunix-syslog-perl pax
0 upgraded, 26 newly installed, 0 to remove and 0 not upgraded.
Need to get 2,786 kB of archives.
After this operation, 8,938 kB of additional disk space will be used.
Do you want to continue [Y/n]?
………
(failed).
invoke-rc.d: initscript amavis, action “start” failed.
WARNING: Starting amavisd-new failed. Please check your configuration.
Errors were encountered while processing:
dkimproxy
E: Sub-process /usr/bin/dpkg returned an error code (1)
5. Process dkimproxy configuration:
root@smtp1:/etc# grep -v ^# /etc/default/dkimproxy |grep .
RUN_DKIMPROXY_OUT=1
RUN_DKIMPROXY_IN=0
DKIMRPOXY_OUT_CONF=”/etc/dkimproxy/dkimproxy_out.conf”
DKIMPROXYUSER=dkimproxy
DKIMPROXYGROUP=dkimproxy
DKIMPROXY_OUT_PRIVKEY=”/etc/dkim/keys/DOMAIN.com/private.key”
DOMAIN=smtp1.DOMAIN.com
DKIMPROXY_OUT_MIN_SERVERS=10
root@smtp1:/etc/dkimproxy# grep -v ^# dkimproxy_out.conf|grep .
listen 127.0.0.1:10027
relay 127.0.0.1:10028
domain DOMAIN.com
signature dkim(c=relaxed)
signature domainkeys(c=nofws)
keyfile /etc/dkim/keys/DOMAIN.com/private.key
selector 2012
reject_error 1
root@smtp1:/etc/dkimproxy# mkdir -p /etc/dkim/keys/DOMAIN.com
root@smtp1:/etc/dkimproxy# cd /etc/dkim/keys/DOMAIN.com
..here put the pre-generated keys, or generate new ones:
openssl genrsa -out private.key 1024
openssl rsa -in private.key -out public.key -pubout -outform PEM






.. put public key into dns:
2012._domainkey.DOMAIN.com. IN TXT “v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDuk8juJ1iT 7bST/0KykISBGOnJyR2h5cl3gxvshuh5mTODBp78cZbIYkOAGjEX/I6U2ox6s53yeEF7DQlHLJCId11wI486E4dGSOgRje2e5elHX6Q EwfEGDRyEL+6WwJo/BR3LHihbqHfaY7EZuA6Vuq7Wun8H1Wo2FD+IuxAubQIDAQAB
5.1 EDIT /etc/init.d/dkimproxy file:
DKIMPROXY_OUT_ARGS=”–method=simple –conf_file ${DKOUT_CONF} –keyfile=${DKIMPROXY_OUT_PRIVKEY} ${COMMON_ARGS} –pidfile=${PIDDKIMPROXY_OUT} –signature=dkim –signature=domainkeys –min_servers=${DKIMPROXY_OUT_MIN_SERVERS}”


6. start postifx and dkim
7. test configuration:
7.1 test dns first: http://dkimcore.org/tools/
7.2 test email signing:http://www.brandonchecketts.com/emailtest.php
7.3 more spf,dkim tests here: http://appmaildev.com/en/dkim/
7.4 good spf tester: http://www.vamsoft.com/spfcheck.asp


Tham khảo: http://iamsto.wordpress.com/2012/03/...ing-on-debian/

http://www.howtoforge.com/postfix-dk...lter-centos5.1

http://saylinux.net/story/0028417/dk...x-and-opendkim
http://wiki.linuxwall.info/doku.php/...tfix:dkimproxy


http://www.howtoforge.com/set-up-dki...using-opendkim

Tùy chỉnh và Tối ưu Postfix để gửi lượng lớn email

http://iamsto.wordpress.com/2012/03/...-with-postfix/

Xây dựng hệ thống Dkimproxy cho Postfix mail server

http://anthonyl.us/2009/08/21/setting-up-dkimproxy/

http://terraltech.com/opendkim-to-si...ils-on-ubuntu/

  Trả lời ngay kèm theo trích dẫn này
Gửi trả lời



Quyền Hạn Của Bạn
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is Mở
Hình Cảm xúc đang Mở
[IMG] đang Mở
Mã HTML đang Tắt




Bây giờ là 09:00 AM. Giờ GMT +7



Diễn đàn tin học QuantriNet
quantrinet.com | quantrimang.co.cc
Founded by Trương Văn Phương | Developed by QuantriNet's members.
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.