ForoCategoría principal: CENTOS 7postfix full con antivirus y spam

Por favor, o Regístrate para crear mensajes y debates.

postfix full con antivirus y spam

#1 · 26 julio, 2019, 12:35 pm

Cita de admin en 26 julio, 2019, 12:35 pm
yum -y install postfix
certificados
mkdir /etc/postfix/ssl
cd /etc/postfix/ssl
yum -y install openssl
openssl req -x509 -nodes -newkey rsa:2048 -keyout server.key -out server.crt -nodes -days 365
nano /etc/postfix/main.cf
# line 75: uncomment and specify hostname
myhostname = mail.informatica-canboada.net
# line 83: uncomment and specify domain name
mydomain = srv.world
# line 99: uncomment
myorigin = $mydomain
# line 116: change
inet_interfaces = all
# line 164: add
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
# line 264: uncomment and specify your local network
mynetworks = 127.0.0.0/8, 10.0.0.0/24
# line 419: uncomment (use Maildir)
home_mailbox = Maildir/
# line 574: add
smtpd_banner = $myhostname ESMTP
# add follows to the end
# for SMTP-Auth
smtpd_use_tls = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_key_file = /etc/postfix/ssl/server.key
smtpd_tls_cert_file = /etc/postfix/ssl/server.crt
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
[root@mail ~]# systemctl restart postfix
[root@mail ~]# systemctl enable postfix
firewall-cmd --add-service=smtp --permanent
firewall-cmd --reload
Instalación Dovecot
nano /etc/dovecot/dovecot.conf
# line 24: uncomment
protocols = imap pop3 lmtp
# line 30: uncomment and change ( if not use IPv6 )
listen = *
[root@mail ~]# vi /etc/dovecot/conf.d/10-auth.conf
# line 10: uncomment and change ( allow plain text auth )
disable_plaintext_auth = no
# line 100: add
auth_mechanisms = plain login
[root@mail ~]# nano /etc/dovecot/conf.d/10-mail.conf
# line 30: uncomment and add
mail_location = maildir:~/Maildir
[root@mail ~]# vi /etc/dovecot/conf.d/10-master.conf
# line 96-98: uncomment and add like follows
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
systemctl start dovecot
systemctl enable dovecot
firewall-cmd --add-service={pop3,imap} --permanent
firewall-cmd --reload
systemctl restart postfix
systemctl enable postfix
systemctl restart dovecot
systemctl enable dovecot
nano /etc/postfix/master.cf
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
smtps inet n - n - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
al final
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
firewall-cmd --add-service={smtp-submission,smtps,pop3s,imaps} --permanent
firewall-cmd --reload
install clamav clamav-update
sed -i -e "s/^Example/#Example/" /etc/freshclam.conf
freshclam
setsebool -P antivirus_can_scan_system on
vi /etc/amavisd/amavisd.conf
# line 20: change to own domain name
$mydomain = 'srv.world
';
# line 152: change to the own hostname
$myhostname = 'mail.srv.world
';
# line 154: uncomment
$notify_method = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025';
# line 383: make sure settings are like folows
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamd.amavisd/clamd.sock"],
qr/\bOK$/m, qr/\bFOUND$/m,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
[root@mail ~]# systemctl start clamd@amavisd amavisd spamassassin
[root@mail ~]# systemctl enable clamd@amavisd amavisd spamassassin
yum install clamav amavisd-new clamav-scanner clamav-scanner-systemd

yum -y install postfix

certificados

mkdir /etc/postfix/ssl
cd /etc/postfix/ssl
yum -y install openssl
openssl req -x509 -nodes -newkey rsa:2048 -keyout server.key -out server.crt -nodes -days 365

nano /etc/postfix/main.cf

# line 75: uncomment and specify hostname

myhostname = mail.informatica-canboada.net
# line 83: uncomment and specify domain name

mydomain = srv.world
# line 99: uncomment

myorigin = $mydomain
# line 116: change

inet_interfaces = all
# line 164: add

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
# line 264: uncomment and specify your local network

mynetworks = 127.0.0.0/8, 10.0.0.0/24
# line 419: uncomment (use Maildir)

home_mailbox = Maildir/
# line 574: add

smtpd_banner = $myhostname ESMTP
# add follows to the end

# for SMTP-Auth

smtpd_use_tls = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_key_file = /etc/postfix/ssl/server.key
smtpd_tls_cert_file = /etc/postfix/ssl/server.crt
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

[root@mail ~]# systemctl restart postfix

[root@mail ~]# systemctl enable postfix

firewall-cmd --add-service=smtp --permanent
firewall-cmd --reload

Instalación Dovecot

nano /etc/dovecot/dovecot.conf

# line 24: uncomment

protocols = imap pop3 lmtp
# line 30: uncomment and change ( if not use IPv6 )

listen = *
[root@mail ~]# vi /etc/dovecot/conf.d/10-auth.conf
# line 10: uncomment and change ( allow plain text auth )

disable_plaintext_auth = no
# line 100: add

auth_mechanisms = plain login
[root@mail ~]# nano /etc/dovecot/conf.d/10-mail.conf
# line 30: uncomment and add

mail_location = maildir:~/Maildir
[root@mail ~]# vi /etc/dovecot/conf.d/10-master.conf
# line 96-98: uncomment and add like follows

# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}

systemctl start dovecot
systemctl enable dovecot

firewall-cmd --add-service={pop3,imap} --permanent
firewall-cmd --reload

systemctl restart postfix
systemctl enable postfix
systemctl restart dovecot
systemctl enable dovecot
nano /etc/postfix/master.cf

submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
smtps inet n - n - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING

al final

smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000

firewall-cmd --add-service={smtp-submission,smtps,pop3s,imaps} --permanent
firewall-cmd --reload
install clamav clamav-update
sed -i -e "s/^Example/#Example/" /etc/freshclam.conf
freshclam
setsebool -P antivirus_can_scan_system on
vi /etc/amavisd/amavisd.conf
# line 20: change to own domain name

$mydomain = 'srv.world
';
# line 152: change to the own hostname

$myhostname = 'mail.srv.world
';
# line 154: uncomment

$notify_method = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025';
# line 383: make sure settings are like folows

['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamd.amavisd/clamd.sock"],
qr/\bOK$/m, qr/\bFOUND$/m,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],

[root@mail ~]# systemctl start clamd@amavisd amavisd spamassassin

[root@mail ~]# systemctl enable clamd@amavisd amavisd spamassassin
yum install clamav amavisd-new clamav-scanner clamav-scanner-systemd

Hispanitat nº 7 Local C

+34 600 676 872

Lunes-Viernes: 9:30 a 13:30 - 16:30 a 20:00

postfix full con antivirus y spam

servicios

textos legales

Contacto