Postfix - Debian 7
root@mail:~# apt-get install postfix procmail bsd-mailx courier-imap courier-pop
1. Primeiro defina a função do servidor de e-mails. A opção que utilizaremos é "Internet Site", onde você cria um servidor "de verdade", que envia e recebe os e-mails diretamente.
2. Em seguida, defina o domínio do servidor a ser incluído no envio de mensagens. Utilize o padrão exemplo.org.
3. Otimizar o Postfix para administração web através do courier-webmin. Não utilizaremos essa ferramenta, portanto marque .
**Configuração padrão:**
root@mail:~# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
inet_interfaces = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mydestination = exemplo.org, mail.exemplo.org, localhost.exemplo.org, localhost
myhostname = mail.exemplo.org
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
root@mail:~# postconf -e "smtpd_banner = Bem Vindo - \$myhostname"
root@mail:~# postconf -e "mydestination = mail.exemplo.org, localhost, exemplo.org"
root@mail:~# postconf -e "mynetworks = 127.0.0.0/8, 192.0.2.0/24 198.51.100.0/24"
root@mail:~# postconf -e "inet_interfaces = all"
root@mail:~# postconf -e "mydomain = exemplo.org"
root@mail:~# postconf -e "myorigin = mail.exemplo.org"
root@mail:~# postconf -e "myhostname = mail.exemplo.org"
root@mail:~# service postfix reload
[ ok ] Reloading Postfix configuration...done.
root@mail:~# echo "Teste de Envio" | mail -s "Primeiro Email" gean@exemplo.org
root@mail:~# tail /var/log/mail.log
Jul 11 16:49:36 mail postfix/master[3568]: daemon started -- version 2.9.6, configuration /etc/postfix
Jul 11 16:49:38 mail authdaemond: modules="authpam", daemons=5
Jul 11 16:49:38 mail authdaemond: Installing libauthpam
Jul 11 16:49:38 mail authdaemond: Installation complete: authpam
Jul 11 16:55:55 mail postfix/master[3568]: reload -- version 2.9.6, configuration /etc/postfix
Jul 11 16:57:30 mail postfix/pickup[3834]: 2E9E1FF0D6: uid=0 from=
Jul 11 16:57:30 mail postfix/cleanup[3853]: 2E9E1FF0D6: message-id=<20160711195730.2E9E1FF0D6@mail.exemplo.org>
Jul 11 16:57:30 mail postfix/qmgr[3835]: 2E9E1FF0D6: from=, size=315, nrcpt=1 (queue active)
Jul 11 16:57:31 mail postfix/local[3855]: 2E9E1FF0D6: to=, relay=local, delay=1, delays=0.02/0/0/1, dsn=2.0.0, status=sent (delivered to command: procmail -a "$EXTENSION")
Jul 11 16:57:31 mail postfix/qmgr[3835]: 2E9E1FF0D6: removed
root@mail:~# cat /var/spool/mail/gean
From root@mail.exemplo.org Mon Jul 11 16:57:30 2016
Return-Path:
X-Original-To: gean@exemplo.org
Delivered-To: gean@exemplo.org
Received: by mail.exemplo.org (Postfix, from userid 0)
id 2E9E1FF0D6; Mon, 11 Jul 2016 16:57:30 -0300 (BRT)
To: gean@exemplo.org
Subject: Primeiro Email
Message-Id: <20160711195730.2E9E1FF0D6@mail.exemplo.org>
Date: Mon, 11 Jul 2016 16:57:30 -0300 (BRT)
From: root@mail.exemplo.org (root)
Teste de Envio
**Ative o padrão maildir:**
root@mail:~# postconf -e "home_mailbox = Maildir/"
Comentar essa linha:
root@mail:~# vim /etc/postfix/main.cf
[...]
# mailbox_command = procmail -a "$EXTENSION"
[...]
==== Configurando as Pastas para o IMAP ====
root@mail:~# maildirmake /home/gean/Maildir
root@mail:~# maildirmake /home/gean/Maildir/.Enviados
root@mail:~# maildirmake /home/gean/Maildir/.Rascunhos
root@mail:~# maildirmake /home/gean/Maildir/.Lixeira
root@mail:~# maildirmake /home/gean/Maildir/.Spam
root@mail:~# chown -R gean:gean /home/gean
**Configurando para os proximos usuários:**
root@mail:~# maildirmake /etc/skel/Maildir
root@mail:~# maildirmake /etc/skel/Maildir/.Enviados
root@mail:~# maildirmake /etc/skel/Maildir/.Rascunhos
root@mail:~# maildirmake /etc/skel/Maildir/.Lixeira
root@mail:~# maildirmake /etc/skel/Maildir/.Spam
root@mail:~# service postfix reload
[ ok ] Reloading Postfix configuration...done.
root@mail:~# echo "Teste de Envio" | mail -s "Segundo Email" gean@exemplo.org
root@mail:~# cat /home/gean/Maildir/new/1468268481.V801Ibf697M159081.mail
Return-Path:
X-Original-To: gean@exemplo.org
Delivered-To: gean@exemplo.org
Received: by mail.exemplo.org (Postfix, from userid 0)
id 251F0FF7DE; Mon, 11 Jul 2016 17:21:21 -0300 (BRT)
To: gean@exemplo.org
Subject: Segundo Email
Message-Id: <20160711202121.251F0FF7DE@mail.exemplo.org>
Date: Mon, 11 Jul 2016 17:21:21 -0300 (BRT)
From: root@mail.exemplo.org (root)
Teste de Envio
**Testando o Envio de E-mail Utilizando o Telnet:**
root@mail:~# telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 Bem Vindo - mail.exemplo.org
helo exemplo.org
250 mail.exemplo.org
mail from: root@exemplo.org
250 2.1.0 Ok
rcpt to: gean@exemplo.org
250 2.1.5 Ok
data
354 End data with .
subject: Teste de e-mail via telnet
Comando SMTP
.
250 2.0.0 Ok: queued as 4B37B101846
quit
221 2.0.0 Bye
Connection closed by foreign host.
**Lendo o e-mail enviado:**
root@mail:~# telnet localhost 110
Trying ::1...
Connected to localhost.
Escape character is '^]'.
+OK Hello there.
user gean
+OK Password required.
pass martins58
+OK logged in.
list
+OK POP3 clients that break here, they violate STD53.
1 457
2 417
3 451
.
retr 3
+OK 451 octets follow.
Return-Path:
X-Original-To: gean@exemplo.org
Delivered-To: gean@exemplo.org
Received: from exemplo.org (localhost [IPv6:::1])
by mail.exemplo.org (Postfix) with SMTP id 4B37B101846
for ; Mon, 11 Jul 2016 17:25:36 -0300 (BRT)
subject: Teste de e-mail via telnet
Message-Id: <20160711202549.4B37B101846@mail.exemplo.org>
Date: Mon, 11 Jul 2016 17:25:36 -0300 (BRT)
From: root@exemplo.org
Comando SMTP
.
quit
+OK Bye-bye.
Connection closed by foreign host.
==== SASL - Simple Authentication and Security Layer ====
root@mail:~# apt-get install libsasl2-2 sasl2-bin libsasl2-modules
root@mail:~# mv /etc/default/saslauthd /etc/default/saslauthd.backup
root@mail:~# mkdir -p /var/spool/postfix/var/run/saslauthd
root@mail:~# cat /etc/default/saslauthd
START=yes
DESC="SASL Authentication Daemon"
NAME="saslauthd"
MECHANISMS="pam"
MECH_OPTIONS=""
THREADS=5
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"
root@mail:~# cat /etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
mech_list: plain login
root@mail:~# service saslauthd restart
[ ok ] Stopping SASL Authentication Daemon: saslauthd.
[ ok ] Starting SASL Authentication Daemon: saslauthd.
root@mail:~# adduser postfix sasl
Adicionando usuário 'postfix' ao grupo 'sasl' ...
Adicionando usuário postfix ao grupo sasl
Concluído.
root@mail:~# postconf -e "smtpd_sasl_local_domain ="
root@mail:~# postconf -e "smtpd_sasl_auth_enable = yes"
root@mail:~# postconf -e "smtpd_sasl_security_options = noanonymous"
root@mail:~# postconf -e "smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination"
root@mail:~# postconf -e "smtpd_tls_auth_only = no"
root@mail:~# service postfix reload
[ ok ] Reloading Postfix configuration...done.
==== TLS - significa Transport Layer Security ====
root@mail:~# mkdir /etc/postfix/ssl
root@mail:~# cd /etc/postfix/ssl/
root@mail:/etc/postfix/ssl# openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
203 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus
..++++++
.............++++++
e is 65537 (0x10001)
Enter pass phrase for smtpd.key:
Verifying - Enter pass phrase for smtpd.key:
root@mail:/etc/postfix/ssl# chmod -v 600 smtpd.key
mode of "smtpd.key" changed from 0644 (rw-r--r--) to 0600 (rw-------)
root@mail:/etc/postfix/ssl# openssl req -new -key smtpd.key -out smtpd.csr
Enter pass phrase for smtpd.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:BT
State or Province Name (full name) [Some-State]:Para
Locality Name (eg, city) []:Belem
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Exemplo
Organizational Unit Name (eg, section) []:TI
Common Name (e.g. server FQDN or YOUR name) []:mail.exemplo.org
Email Address []:admin@exemplo.org
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
root@mail:/etc/postfix/ssl# openssl x509 -req -days 365 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
Signature ok
subject=/C=BT/ST=Para/L=Belem/O=Exemplo/OU=TI/CN=mail.exemplo.org/emailAddress=admin@exemplo.org
Getting Private key
Enter pass phrase for smtpd.key:
root@mail:/etc/postfix/ssl# openssl rsa -in smtpd.key -out smtpd.key.unencrypted
Enter pass phrase for smtpd.key:
writing RSA key
root@mail:/etc/postfix/ssl# mv smtpd.key{,.dist}
root@mail:/etc/postfix/ssl# mv smtpd.key.unencrypted smtpd.key
root@mail:/etc/postfix/ssl# openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 365
Generating a 2048 bit RSA private key
.....................................+++
.......................................................+++
writing new private key to 'cakey.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:BR
State or Province Name (full name) [Some-State]:Para
Locality Name (eg, city) []:Belem
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Exemplo
Organizational Unit Name (eg, section) []:TI
Common Name (e.g. server FQDN or YOUR name) []:mail.exemplo.org
Email Address []:admin@exemplo.org
root@mail:/etc/postfix/ssl# postconf -e "smtp_use_tls = yes"
root@mail:/etc/postfix/ssl# postconf -e "smtp_tls_note_starttls_offer = yes"
root@mail:/etc/postfix/ssl# postconf -e "smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem"
root@mail:/etc/postfix/ssl# postconf -e "smtpd_tls_loglevel = 1"
root@mail:/etc/postfix/ssl# postconf -e "smtpd_tls_received_header = yes"
root@mail:/etc/postfix/ssl# postconf -e "smtpd_tls_session_cache_timeout = 3600s"
root@mail:/etc/postfix/ssl# postconf -e "smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt"
root@mail:/etc/postfix/ssl# postconf -e "smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key"
root@mail:/etc/postfix/ssl# postconf -e "smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache"
root@mail:/etc/postfix/ssl# postconf -e "smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache"
root@mail:/etc/postfix/ssl# postconf -e "tls_random_source = dev:/dev/urandom"
root@mail:/etc/postfix/ssl# aptitude install courier-imap-ssl courier-pop-ssl courier-ssl
root@mail:/etc/postfix/ssl# service postfix restart
[ ok ] Stopping Postfix Mail Transport Agent: postfix.
[ ok ] Starting Postfix Mail Transport Agent: postfix.