Ceric35

Outils pour utilisateurs

Outils du site

Piste : Installation d'un serveur mail
public:linux:mail

Ceci est une ancienne révision du document !

Table des matières

Installation d'un serveur mail

Rérérences

Ce tutorial se base sur celui ci, mais précise les spécificités pour Gentoo.

OpenLDAP

emerge openldap
allow bind_v2
 
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/inetorgperson.schema
 
 
# Define global ACLs to disable default read access.
 
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral       ldap://root.openldap.org
 
pidfile         /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args
 
#######################################################################
# BDB database definitions
#######################################################################
 
database        hdb
suffix          "dc=ceric35,dc=homelinux,dc=org"
#         <kbyte> <min>
checkpoint      32      30
rootdn          "cn=admin,dc=ceric35,dc=homelinux,dc=org"
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw          azertyuiop
# The database directory MUST exist prior to running slapd AND 
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory       /var/lib/openldap-data
# Indices to maintain
index   objectClass     eq

Le fichier d'import est diffèrent ici et contient la définition de l'organisation en plus : 

dn: dc=ceric35,dc=homelinux,dc=org
objectclass: dcObject
objectclass: organization
o: ceric35
dc: ceric35
 
dn: uid=cyrus,dc=ceric35,dc=homelinux,dc=org
uid: cyrus
cn: Administrateur Cyrus
sn: Cyrus
userPassword: motdepassedecyrus
objectClass: inetOrgPerson
 
dn: uid=ceric35,dc=ceric35,dc=homelinux,dc=org
uid: ceric35
cn: Administrateur Ceric35
sn: Ceric35
mail: ceric35@ceric35.homelinux.org
userPassword: motdepassedeceric35
objectClass: inetOrgPerson
 
dn: uid=eric,dc=ceric35,dc=homelinux,dc=org
uid: eric
cn: Utilisateur eric
sn: eric
mail: eric@ceric35.homelinux.org
userPassword: motdepassedeeric
objectClass: inetOrgPerson
BASE	dc=ceric35,dc=homelinux,dc=org
#URI	ldap://ldap.example.com ldap://ldap-master.example.com:666
URI	ldap://localhost

Cyrus

cyrustiny2.jpg 

dev-libs/cyrus-sasl ldap
emerge cyrus-sasl cyrus-imapd cyrus-imap-admin
# SERVEUR LDAP
LDAP_SERVERS: ldap://localhost
 
# DOMAINE
LDAP_DEFAULT_DOMAIN: ceric35.homelinux.org
 
LDAP_TIMEOUT: 10
LDAP_TIME_LIMIT: 10
LDAP_CACHE_TTL: 30
LDAP_CACHE_MEM: 32768
 
# VERSION LDAP
LDAP_VERSION: 3
 
# SASL Pour l'accès au serveur
LDAP_USE_SASL: no
 
# Méthode d'authentification (bind / custom / fastbind)
LDAP_AUTH_METHOD: bind
 
# Utilisateur utilisé pour la connexion - Si vide = Anonyme
LDAP_BIND_DN: cn=admin,dc=ceric35,dc=homelinux,dc=org
# Et le mot de passe
LDAP_BIND_PW: azertyuiop
 
# Base de départ de la recherche
LDAP_SEARCH_BASE: dc=ceric35,dc=homelinux,dc=org
# Et profondeur (sub / one / base )
LDAP_SCOPE: sub
 
# Filtre de recherche : uid dans notre cas
LDAP_FILTER: uid=%u
# Et nom du champ contenant le mot de passe
LDAP_PASSWORD_ATTR: userPassword
# Initial (empty) options.
SASLAUTHD_OPTS=""
 
# Use /etc/saslauthd.conf parameter file
SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -O /etc/saslauthd.conf"
 
# Use ldap authentications mechanism
SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -a ldap"
# Don't forget to use chattr +S (if you are using ext[23])
# when you change these directories (read the docs).
configdirectory:        /var/imap
partition-default:      /var/spool/imap
sievedir:               /var/imap/sieve
 
tls_ca_path:            /etc/ssl/certs
tls_cert_file:          /etc/ssl/cyrus/server.crt
tls_key_file:           /etc/ssl/cyrus/server.key
 
# Don't use an everyday user as admin.
admins:                 cyrus
 
hashimapspool:          yes
allowanonymouslogin:    no
allowplaintext:         yes
 
# Allow renaming of top-level mailboxes.
#allowusermoves:         yes
 
# Use this if sieve-scripts could be in ~user/.sieve.
#sieveusehomedir:       yes
 
# Use saslauthd if you want to use pam for imap.
# But be warned: login with DIGEST-MD5 or CRAM-MD5
# is not possible using pam.
sasl_pwcheck_method:    saslauthd
 
####################################################
## This is a recommended authentication method if you
## emerge cyrus-sasl with 'postgres' or 'mysql'
## To use with mysql database uncomment those lines below.
 
#sasl_pwcheck_method: auxprop
#sasl_auxprop_plugin: sql
 
## possible values for sasl_auxprop_plugin 'mysql', 'pgsql', 'sqlite'.
#sasl_sql_engine: mysql
 
## all possible values.
#sasl_mech_list: LOGIN PLAIN CRAM-MD5 DIGEST-MD5 NTLM
## or limit to CRAM-MD5 only
sasl_mech_list: PLAIN
 
## change below to suit your setup.
sasl_sql_user: mailsqluser
sasl_sql_passwd: password
sasl_sql_database: mailsqldb
sasl_sql_hostnames: localhost
sasl_sql_select: SELECT clear FROM users WHERE email = '%u@%r'

Postfix

emerge -C ssmtp
emerge postfix

Postgrey

emerge postgrey

Amavis, SpamAssassin & Clamav

emerge amavisd-new spamassassin clamav

Source

http://www.jopa.fr/index.php/2009/02/03/installation-dun-serveur-mail-brique-par-brique-openldap-postfix-cyrus-imap-tls-sasl-spamassassin-amavis-etc/

public/linux/mail.1270239694.txt.gz · Dernière modification : 2023/02/13 13:39 (modification externe)

Outils de la page

Sauf mention contraire, le contenu de ce wiki est placé sous les termes de la licence suivante : CC Attribution-Noncommercial-Share Alike 4.0 International
CC Attribution-Noncommercial-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki