StuRa:Server/srs14: Unterschied zwischen den Versionen

PT und bommel 2018-02-09 bauen nach der Doku Server/Jails/SRS14.

Installation

pkg update

pkg install apache24 postfix maildrop sudo

Mailman muss aus den Ports gebaut werden, weil die Paket sendmail als MTA unterstuetzt, wir aber Postfix benoetigen.

portsnap fetch extract

cd /usr/ports/mail/mailman

ALLOW_UNSUPPORTED_SYSTEM=1 make config

     DOCS=on: Build and/or install documentation
     HTDIG=off: - EXPERIMENTAL - htdig integration patches
     NAMAZU2=off: Make private archives searchable with namazu2
     NLS=on: Native Language Support
 Integrate with which MTA?: you have to select exactly one of them
     COURIER=off: for use with courier
     EXIM4=off: for use with exim4
     OPENSMTPD=off: for use with opensmtpd - EXPERIMENTAL -
     POSTFIX=on: for use with postfix
     SENDMAIL=off: for use with sendmail

ALLOW_UNSUPPORTED_SYSTEM=1 make install

INFO: Alle folgenden Abfragen im build-Prozess werden mit der vorgeschlagenden Einstellung uebernommen.

Konfiguration

Dienste

/etc/rc.conf

apache24_enable="YES"
mailman_enable="YES"
postfix_enable="YES"
sendmail_enable="NO"

Konten

Hinzufuegen von System Konten.

Mail - Angestellten

Rossberg

Shell: nologin

remote: cd /home/rossberg && tar -cvf rossberg.tar .mailfilter Mail .mail_aliases .rhosts
cd /home/rossberg && tar -xvf rossberg.tar

Mail - spam

Spam

Shell: nologin

Aliases

/etc/aliases.stura

newaliases

Postfix

/usr/local/etc/postfix/main.cf

myhostname = mail.stura.htw-dresden.de

mydomain = stura.htw-dresden.de 

smtp_bind_address = 141.56.50.14

myorigin = $myhostname

inet_interfaces = all

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

local_recipient_maps = unix:passwd.byname $alias_maps

# 141.56.16.134 - 141.56.16.136 mailexchanger vom RZ
# 141.56.16.231 - 232 mailrelay vom RZ
mynetworks = 141.56.16.131, 141.56.16.134, 141.56.16.135, 141.56.16.136, 141.56.16.231, 141.56.16.232, 141.56.50.0/26, 127.0.0.0/24, 192.168.100.12

alias_maps = hash:/etc/aliases, hash:/etc/aliases.stura, hash:/usr/local/mailman/data/aliases

alias_database = hash:/etc/aliases, hash:/etc/aliases.stura

home_mailbox = Mail/

mail_spool_directory = /var/mail
mailbox_command = /usr/local/bin/maildrop -d ${USER}

header_checks = pcre:$config_directory/header_checks

smtpd_sender_restrictions =
    permit_mynetworks,
    reject_non_fqdn_sender,
    reject_unknown_sender_domain,
    reject_rhsbl_sender blackhole.securitysage.com

smtpd_recipient_restrictions =
    reject_invalid_hostname,
    reject_unknown_recipient_domain,
    check_client_access hash:/usr/local/etc/postfix/rbl_override,
    reject_rbl_client sbl.spamhaus.org,
    permit

smtpd_helo_restrictions = 
    permit_mynetworks,
    reject_invalid_helo_hostname,
    reject_non_fqdn_helo_hostname,
    reject_unknown_helo_hostname
 
smtpd_client_restrictions = 
    permit_mynetworks,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client dnsbl.sorbs.net

smtpd_relay_restrictions =
    permit_mynetworks,
    defer_unauth_destination

/usr/local/etc/postfix/master.cf

Aktivate Mailman wrapper Script

mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/local/mailman/postfix-to-mailman.py ${nexthop} ${user}

/usr/local/etc/postfix/header_checks

/^X-HTW-Spam-Flag:\s+YES/   REDIRECT spam@stura.htw-dresden.de

/usr/local/etc/postfix/rbl_override

<rz mail server als domain und ip-adresse>

/usr/local/etc/postfix/relay_recipients

@stura.htw-dresden.de OK

/usr/local/etc/postfix/transport

kss-sachsen.de smtp:lrs0x018.kss-sachsen.de

erstellen von Datenbank Dateien

postmap rbl_override relay_recipients transport header_checks

starte postfix

$ service postfix restart
postfix: Postfix is running with backwards-compatible default settings
postfix: See http://www.postfix.org/COMPATIBILITY_README.html for details
postfix: To disable backwards compatibility use "postconf compatibility_level=2" and "postfix reload"
postfix/postfix-script: starting the Postfix mail system

Apache

/usr/local/etc/apache24/httpd.conf

...
ServerAdmin webmaster@stura.htw-dresden.de

...
ServerName lists.stura.htw-dresden.de:80
...
# Virtual hosts
Include etc/apache24/extra/httpd-vhosts.conf
...

/usr/local/etc/apache24/extra/httpd-vhosts.conf

<VirtualHost lists.stura.htw-dresden.de:80>
   ServerAdmin webmaster@stura.htw-dresden.de
   DocumentRoot "/usr/local/mailman/lists"
   ServerName lists.stura.htw-dresden.de
   ServerAlias lists.stura.htw-dresden.de
   <Directory /usr/local/mailman/archives/>
       Options FollowSymLinks
       AllowOverride None
   </Directory>
   Alias /pipermail/ /usr/local/mailman/archives/public/
   Alias /images/mailman/ /usr/share/images/mailman/
   ScriptAlias /admin /usr/local/mailman/cgi-bin/admin
   ScriptAlias /admindb /usr/local/mailman/cgi-bin/admindb
   ScriptAlias /confirm /usr/local/mailman/cgi-bin/confirm
   ScriptAlias /create /usr/local/mailman/cgi-bin/create
   ScriptAlias /edithtml /usr/local/mailman/cgi-bin/edithtml
   ScriptAlias /listinfo /usr/local/mailman/cgi-bin/listinfo
   ScriptAlias /options /usr/local/mailman/cgi-bin/options
   ScriptAlias /private /usr/local/mailman/cgi-bin/private
   ScriptAlias /rmlist /usr/local/mailman/cgi-bin/rmlist
   ScriptAlias /roster /usr/local/mailman/cgi-bin/roster
   ScriptAlias /subscribe /usr/local/mailman/cgi-bin/subscribe
   ScriptAlias /mailman/ /usr/local/mailman/cgi-bin/
   ScriptAlias / /usr/local/mailman/cgi-bin/listinfo
   <Directory "/usr/local/mailman">
      AllowOverride All
      Options FollowSymlinks
      Require all granted
   </Directory>
   ErrorLog /var/log/mailman-error.log
#   CustomLog /var/log/mailman-access.log combined
</VirtualHost>

maildrop

MDA: maildrop

maildir in users homeverzeichnis anlegen

 maildrop-maildirmake Mail

im Homeverzeichnis die Datei .mailfilter anlegen:

 MAILBOX="$HOME/Mail"
 DEFAULT="$MAILBOX"

 chmod 600 .mailfilter
 chown <user> .mailfilter

maildrop in postfix main.cf einarbeiten

 mailbox_command = /usr/local/bin/maildrop -d ${USER}

Mailman

Mailmanumzug :[[1]]

remote: cd /usr/local/mailman && tar -cvf mailman.tar archives data lists Mailman/mm_cfg.py
cd /usr/local/mailman && tar xvf mailman.tar

Mailman/mm_cfg.py

MTA = 'Postfix'
POSTFIX_ALIAS_CMD = '/usr/local/sbin/postalias'
POSTFIX_MAP_CMD = '/usr/local/sbin/postmap'
SMTPHOST = 'localhost'
# The default language for this server.
DEFAULT_SERVER_LANGUAGE = 'de'
# Unset send_reminders on newly created lists
DEFAULT_SEND_REMINDERS = 0
DEFAULT_SEND_WELCOME_MSG = 0
DEFAULT_SEND_GOODBYE_MSG = 0
DEFAULT_ADMIN_NOTIFY_MCHANGES = 1
DEFAULT_NEW_MEMBER_OPTIONS = 272
DEFAULT_RESPOND_TO_POST_REQUESTS = 0 
DEFAULT_ADMINISTRIVIA = 0
DEFAULT_MAX_MESSAGE_SIZE = 0
DEFAULT_MAX_NUM_RECIPIENTS = 0
DEFAULT_REQUIRE_EXPLICIT_DESTINATION = 0
# SUBSCRIBE POLICY
# 0 - open list (only when ALLOW_OPEN_SUBSCRIBE is set to 1) **
# 1 - confirmation required for subscribes
# 2 - admin approval required for subscribes
# 3 - both confirmation and admin approval required
#
# ** please do not choose option 0 if you are not allowing open
# subscribes (next variable)
DEFAULT_SUBSCRIBE_POLICY = 3
# Does this site allow completely unchecked subscriptions?
ALLOW_OPEN_SUBSCRIBE = Yes

# Private_roster == 0: anyone can see, 1: members only, 2: admin only.
DEFAULT_PRIVATE_ROSTER = 0

# Are archives public or private by default?
# 0=public, 1=private
DEFAULT_ARCHIVE_PRIVATE = 1

# What shold happen to non-member posts which are do not match explicit
# non-member actions?
# 0 = Accept
# 1 = Hold
# 2 = Reject
# 3 = Discard
DEFAULT_GENERIC_NONMEMBER_ACTION = 0
#POSTFIX_STYLE_VIRTUAL_DOMAINS = ['stura.htw-dresden.de']
# Put YOUR site-specific settings below this line.
DEFAULT_URL_PATTERN = 'http://%s/'
DEFAULT_EMAIL_HOST = 'stura.htw-dresden.de'
DEFAULT_URL_HOST = 'lists.stura.htw-dresden.de'
add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)
add_virtualhost('lists.htw.stura-dresden.de',DEFAULT_EMAIL_HOST)
OWNERS_CAN_DELETE_THEIR_OWN_LISTS = 'YES'
VIRTUAL_HOST_OVERVIEW = On

postfix-to-mailman.py