Ron and Ella Wiki Page

Extremely Serious

Month: January 2020

MailScanner with Postfix

January 16, 2020 / / 0 Comments

Prerequisite

Resolving MailScanner Dependencies

  1. Run the following cpan commands one at a time (i.e. to see if they are successfully installed): 
    sudo cpan -i Filesys::Df
    sudo cpan -i IO::Stringy
    sudo cpan -i DBI
    sudo cpan -i Net::CID
    sudo cpan -i Sys::SigAction
    sudo cpan -i MIME::Parser
    sudo cpan -i Archive::Zip
    sudo cpan -i OLE::Storage_Lite
    sudo cpan -i DBD::SQLite
  2. Install the following packages: 
    sudo apt-get install unrar
sudo apt-get install sqlite

Installing Clamav Antivirus

Run the following command:

sudo apt-get install clamav clamav-daemon

Integrating Clamav to MailScanner

  1. Update the /etc/MailScanner/MailScanner.conf to have the fields Virus Scanner and Clamd Socket to become as follows: 
    Virus Scanner = clamd
Clamd Socket = /var/run/clamav/clamd.ctl
  2. Restart the mailscanner service with the following command: 
    sudo service mailscanner restart
  3. Update the file /etc/apparmor.d/usr.sbin.clamd to have the following entries: 
      /var/spool/MailScanner/** rw,
  /var/spool/MailScanner/incoming/** rw,
  4. Restart the apparmor service with the following command: 
    sudo systemctl restart apparmor.service

Installing and Updating Spamassassin

Run the following commands:

sudo apt-get install spamassassin
sudo sa-update
sudo service spamassassin start

Integrating MailScanner to Postfix

  1. Open the file /etc/postfix/main.cf for editing and add the following line and save: 
    header_checks = regexp:/etc/postfix/header_checks
  2. Create the file /etc/postfix/header_checks with the following: 
    /^Received:/ HOLD
  3. Open the file /etc/MailScanner/MailScanner.conf for editing and update with the following if necessary: 
    Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
  4. Open the file /etc/MailScanner/defaults for editing and update with the following if necessary: 
    run_mailscanner=1
  5. Update the group of /var/spool/MailScanner to mtagroup and allow the it write permission as follows: 
    sudo chown :mtagroup /var/spool/MailScanner
sudo chmod 775 MailScanner
  6. Prepare spamassassin's directory using the following commands: 
    sudo mkdir /var/spool/MailScanner/spamassassin
sudo chown postfix /var/spool/MailScanner/spamassassin
  7. Update the permission of the MailScanner's incoming and quarantine folders with the following commands: 
    sudo chown postfix.mtagroup /var/spool/MailScanner/incoming
sudo chmod 770 /var/spool/MailScanner/incoming
sudo chown postfix.mtagroup /var/spool/MailScanner/quarantine
  8. Restart the mailscanner service with the following command: 
    sudo service mailscanner restart

Related Post
Configuring Email Server with Postfix and Dovecot:

Configuring Email Server with Postfix and Dovecot

January 15, 2020 / / 0 Comments

Prerequisite

  • privkey.pem file
  • fullchain.pem file

Installing Postfix

Run the following commands:

sudo apt-get update
sudo apt-get install postfix

Configuring Postfix

  1. Run the following command: 
    sudo dpkg-reconfigure postfix

    Configuration questions:

    1. Select OK to proceed.
    2. Choose Internet Site.
    3. System Mail Name: <EMAIL_DOMAIN>
    4. Other destinations for mail: <EMAIL_DOMAIN>, localhost.<EMAIL_DOMAIN>, localhost
    5. Force synchronous updates on mail queue?: No
    6. Local networks: 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
    7. Use procmail for local delivery?: No
    8. Mailbox size limit (bytes): 0
    9. Local address extension character: +
    10. Internet protocols to use: all

    Feel free to answer the preceding questions based on your setup. Just replace the EMAIL_DOMAIN (i.e. example.com) with a valid value.

  2. Create the following folder: 
    /etc/postfix/ssl
  3. Copy the your privkey.pem and fullchain.pem to /etc/postfix/ssl.
  4. Do additional configurations by executing the following commands: 
    sudo postconf -e 'smtpd_sasl_local_domain ='
sudo postconf -e 'smtpd_sasl_auth_enable = yes'
sudo postconf -e 'smtpd_sasl_security_options = noanonymous'
sudo postconf -e 'broken_sasl_auth_clients = yes'
sudo postconf -e 'smtpd_recipient_restrictions =  permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
sudo postconf -e 'inet_interfaces = all'
sudo postconf -e 'smtp_tls_security_level = may'
sudo postconf -e 'smtpd_tls_security_level = may'
sudo postconf -e 'smtpd_tls_auth_only = no'
sudo postconf -e 'smtp_tls_note_starttls_offer = yes'
sudo postconf -e 'smtpd_tls_loglevel = 1'
sudo postconf -e 'smtpd_tls_received_header = yes'
sudo postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
sudo postconf -e 'tls_random_source = dev:/dev/urandom'	
sudo postconf -e 'mua_client_restrictions = permit_sasl_authenticated,reject'
sudo postconf -e 'mua_helo_restrictions = permit_mynetworks, permit_sasl_authenticated'
sudo postconf -e 'mua_sender_restrictions = permit_sasl_authenticated'
sudo postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/privkey.pem'
sudo postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/fullchain.pem'
sudo postconf -e 'myhostname = ronella.xyz'
  5. Create or update the /etc/postfix/sasl/smtpd.conf with the following: 
    pwcheck_method: saslauthd
mech_list: plain login
  6. In the /etc/postfix/master.cf file, uncomment the submission section and must be like the following entries: 
    submission inet n       -       y       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_reject_unlisted_recipient=no
  -o smtpd_client_restrictions=$mua_client_restrictions
  -o smtpd_helo_restrictions=$mua_helo_restrictions
  -o smtpd_sender_restrictions=$mua_sender_restrictions
  -o smtpd_recipient_restrictions=
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
  7. Also in the same file, uncomment the smtps section and must be like the following entries: 
    smtps     inet  n       -       y       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_reject_unlisted_recipient=no
  -o smtpd_client_restrictions=$mua_client_restrictions
  -o smtpd_helo_restrictions=$mua_helo_restrictions
  -o smtpd_sender_restrictions=$mua_sender_restrictions
  -o smtpd_recipient_restrictions=
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
  8. Update the owner and group of /var/spool/postfix directory to become postfix as follows: 
    sudo chown postfix:postfix /var/spool/postfix
  9. Restart the postfix service with the following command: 
    sudo systemctl restart postfix

Installing SASL

Run the following command:

sudo apt-get install libsasl2-2 sasl2-bin libsasl2-modules

Configuring SASL

  1. Open the /etc/default/saslauthd file for editing.
  2. Search for START=no and change it like the following: 
    START=yes
  3. Add the following entries just after preceding entry: 
    PWDIR="/var/spool/postfix/var/run/saslauthd"
PARAMS="-m ${PWDIR}"
PIDFILE="${PWDIR}/saslauthd.pid"
  4. Search for OPTIONS="-c -m /var/run/saslauthd" and change it like the following: 
    OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
  5. Update the dpkg state using the following command: 
    sudo dpkg-statoverride --force --update --add root sasl 755 /var/spool/postfix/var/run/saslauthd
  6. Create a symbolic link using the following command: 
    sudo ln -s /etc/default/saslauthd /etc/saslauthd
  7. Restart the sasl service using the following command: 
    sudo service saslauthd restart

Installing Dovecot

Run the following command:

sudo apt-get install dovecot-core dovecot-imapd dovecot-pop3d

The default location of the mail directory is /var/mail.

Configuring Dovecot

  1. Update the certificate location in the file /etc/dovecot/conf.d/10-ssl.conf to be as follows: 
    ssl_cert = </etc/postfix/ssl/fullchain.pem
ssl_key = </etc/postfix/ssl/privkey.pem
  2. Restart the dovecot service using the following command: 
    sudo service dovecot restart

Related Posts
Basic Postfix Management
Creating an Email Alias
MailScanner with Postfix

Basic Postfix Management

January 14, 2020 / / 0 Comments
CommandDescription
postqueue -pDisplay the queue
postcat -vq <QUEUE_ID>View the content of the email
postsuper -d ALLRemove all emails
postsuper -d <QUEUE_ID>Remove a particular email
postqueue -i <QUEUE_ID>Attempt to send one particular email
Token Description
QUEUE_ID Can be identified by displaying the queue.

Using Rsync to Sync a Local Directory to Another Local Directory

January 7, 2020 / / 0 Comments

Syntax

To sync some of your local directories to another local directory, you can use the following syntax:

rsync -av -L --delete <DIR1>[[ <DIR2>] <DIRn>] <DESTINATION_DIR>
Token Description
DIR1, DIR2, DIRn These are the local directories you've wanted to be synced. Only DIR1 is required and the rest are optional.
DESTINATION_DIR The destination directory on the remote machine.

Example

rsync -av -L --delete /var/log/ /data/log/

Useful Environment Variable for Git Troubleshooting

January 7, 2020 / / 0 Comments
VariableDescriptionPossible Values
GIT_CURL_VERBOSETells Git to emit all the messages generated by that library. This is similar to doing curl -v on the command line.1
GIT_SSL_NO_VERIFYTells Git not to verify SSL certificates.true
GIT_TRACEControls general traces1, 2 or true
GIT_TRACE_PACKETEnables packet-level tracing for network operations.true

© 2023 Ron and Ella Wiki Page

Theme by Anders NorenUp ↑