Mise à jour des configurations
This commit is contained in:
parent
2236646eeb
commit
a1906c05fb
|
@ -127,13 +127,13 @@ then
|
|||
echo "# Configuration de Postfix #"
|
||||
echo "############################"
|
||||
echo "" > /etc/postfix/main.cf
|
||||
echo -e "#######################\n## GENERALS SETTINGS ##\n#######################\n\nsmtpd_banner\t\t= \$myhostname ESMTP \$mail_name (Debian/GNU)\nbiff\t\t\t= no\nappend_dot_mydomain\t= no\nreadme_directory\t= no\ndelay_warning_time\t= 4h\nmailbox_command\t\t= procmail -a \"\$EXTENSION\"\nrecipient_delimiter\t= +\ndisable_vrfy_command\t= yes\nmessage_size_limit\t= 26214400\nmailbox_size_limit\t= 524288000\n\ninet_interfaces\t= all\ninet_protocols\t= ipv4\n\nmyhostname\t= $DOMAIN\nmyorigin\t= $DOMAIN\nmydestination\t= localhost localhost.\$mydomain\nmynetworks\t= 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128\nrelayhost\t= \n\nalias_maps\t= hash:/etc/aliases\nalias_database\t= hash:/etc/aliases\n\n##################\n## MILTERS ##\n##################\n\nmilter_protocol = 6\nmilter_default_action = accept\nsmtpd_milters = unix:/opendkim/opendkim.sock, unix:/opendmarc/opendmarc.sock, unix:/clamav/clamav-milter.ctl\nnon_smtpd_milters = unix:/opendkim/opendkim.sock\n\n####################\n## TLS PARAMETERS ##\n####################\n# Smtp ( OUTGOING / Client )\nsmtp_tls_loglevel\t\t= 1\nsmtp_tls_security_level\t\t= may\nsmtp_tls_CAfile\t\t\t= /etc/ssl/certs/ca.cert.pem\nsmtp_tls_protocols\t\t= !SSLv3\nsmtp_tls_mandatory_protocols\t= !SSLv3\nsmtp_tls_mandatory_ciphers\t= high\nsmtp_tls_exclude_ciphers\t= aNULL, eNULL, EXPORT, DES, DES, RC2, RC4, MD5, PSK, SRP, DSS, AECDH, ADH\nsmtp_tls_note_starttls_offer\t= yes\n\n# Smtpd ( INCOMING / Server )\nsmtpd_tls_loglevel\t\t= 1\nsmtpd_tls_auth_only\t\t= yes\nsmtpd_tls_security_level\t= may\nsmtpd_tls_received_header\t= yes\nsmtpd_tls_protocols\t\t= !SSLv3\nsmtpd_tls_mandatory_protocols\t= !SSLv3\nsmtpd_tls_mandatory_ciphers\t= medium\nsmtpd_tls_CAfile\t\t= \$smtp_tls_CAfile\nsmtpd_tls_cert_file\t\t= /etc/ssl/certs/mailserver.crt\nsmtpd_tls_key_file\t\t= /etc/ssl/private/mailserver.key\nsmtpd_tls_dh1024_param_file\t= \$config_directory/dh2048.pem\nsmtpd_tls_dh512_param_file\t= \$config_directory/dh512.pem\n\ntls_preempt_cipherlist\t= yes\ntls_random_source\t= dev:/dev/urandom\n\nsmtp_tls_session_cache_database\t\t= btree:\${data_directory}/smtp_scache\nsmtpd_tls_session_cache_database\t= btree:\${data_directory}/smtpd_scache\nlmtp_tls_session_cache_database\t\t= btree:\${data_directory}/lmtp_scache\n\n#####################\n## SASL PARAMETERS ##\n#####################\n\nsmtpd_sasl_auth_enable\t\t= yes\nsmtpd_sasl_type\t\t\t= dovecot\nsmtpd_sasl_path\t\t\t= private/auth\nsmtpd_sasl_security_options\t= noanonymous\nsmtpd_sasl_tls_security_options\t= \$smtpd_sasl_security_options\nsmtpd_sasl_local_domain\t\t= \$mydomain\nsmtpd_sasl_authenticated_header\t= yes\n\n##############################\n## VIRTUALS MAPS PARAMETERS ##\n##############################\n\nvirtual_uid_maps\t= static:5000\nvirtual_gid_maps\t= static:5000\nvirtual_minimum_uid\t= 5000\nvirtual_mailbox_base\t= /var/mail\nvirtual_transport\t= lmtp:unix:private/dovecot-lmtp\nvirtual_mailbox_domains\t= mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf\nvirtual_mailbox_maps\t= mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf\nvirtual_alias_maps\t= mysql:/etc/postfix/mysql-virtual-alias-maps.cf\nsmtpd_sender_login_maps\t= mysql:/etc/postfix/mysql-sender-login-maps.cf\n\n######################\n## ERRORS REPORTING ##\n######################\n\nbounce_template_file\t= /etc/postfix/bounce.cf\n\nnotify_classes\t\t= resource, software\n\nerror_notice_recipient\t= $POSTFIXADMIN_ADMIN@$DOMAIN\n\n##################\n## RESTRICTIONS ##\n##################\n\nmime_header_checks\t= regexp:/etc/postfix/header_checks\nheader_checks\t\t= regexp:/etc/postfix/header_checks\n\nsmtpd_recipient_restrictions =\n\tpermit_mynetworks,\n\tpermit_sasl_authenticated,\n\treject_non_fqdn_recipient,\n\treject_unauth_destination,\n\treject_unknown_recipient_domain,\n\treject_unlisted_recipient,\n\treject_rbl_client zen.spamhaus.org\n\nsmtpd_reject_unlisted_sender = yes\n\nsmtpd_sender_restrictions =\n\treject_non_fqdn_sender,\n\treject_unknown_sender_domain,\n\treject_sender_login_mismatch,\n\treject_authenticated_sender_login_mismatch,\n\treject_rhsbl_sender dbl.spamhaus.org,\n\treject_unlisted_sender\n\nsmtpd_helo_restrictions =\n\tpermit_mynetworks,\n\tpermit_sasl_authenticated,\n\treject_invalid_helo_hostname,\n\treject_non_fqdn_helo_hostname,\n\treject_unknown_helo_hostname\n\nsmtpd_helo_required = yes\n\nsmtpd_client_restrictions =\n\tpermit_mynetworks,\n\tpermit_inet_interfaces,\n\tpermit_sasl_authenticated,\n\treject_unauth_pipelining\n\nsmtpd_relay_restrictions =\n\tpermit_mynetworks,\n\tpermit_sasl_authenticated,\n\treject_unauth_destination" >> /etc/postfix/main.cf
|
||||
echo -e "#######################\n## GENERALS SETTINGS ##\n#######################\n\nsmtpd_banner\t\t= \$myhostname ESMTP \$mail_name (Debian/GNU)\ncompatibility_level\t= 2\nbiff\t\t\t= no\nappend_dot_mydomain\t= no\nreadme_directory\t= no\nallow_percent_hack\t= no\ndelay_warning_time\t= 4h\nmailbox_command\t\t= procmail -a \"\$EXTENSION\"\nrecipient_delimiter\t= +\ndisable_vrfy_command\t= yes\nmessage_size_limit\t= 26214400\nmailbox_size_limit\t= 524288000\n\ninet_interfaces\t= all\ninet_protocols\t= ipv4\n\nmyhostname\t= $DOMAIN\nmyorigin\t= $DOMAIN\nmydestination\t= localhost localhost.\$mydomain\nmynetworks\t= 127.0.0.0/8\nrelayhost\t= \n\n##################\n## MILTERS ##\n##################\n\nmilter_protocol = 6\nmilter_default_action = accept\nsmtpd_milters = unix:/opendkim/opendkim.sock, unix:/opendmarc/opendmarc.sock, unix:/clamav/clamav-milter.ctl\nnon_smtpd_milters = unix:/opendkim/opendkim.sock\n\n####################\n## TLS PARAMETERS ##\n####################\n# Smtp ( OUTGOING / Client )\nsmtp_tls_loglevel\t\t= 1\nsmtp_tls_security_level\t\t= may\nsmtp_tls_CApath\t\t\t= /etc/ssl/certs\nsmtp_tls_protocols\t\t= !TLSv1, !SSLv2, !SSLv3\nsmtp_tls_mandatory_protocols\t= !TLSv1, !SSLv2, !SSLv3\nsmtp_tls_mandatory_ciphers\t= high\nsmtp_tls_note_starttls_offer\t= yes\n\n# Smtpd ( INCOMING / Server )\nsmtpd_tls_loglevel\t\t= 1\nsmtpd_tls_auth_only\t\t= yes\nsmtpd_tls_security_level\t= may\nsmtpd_tls_received_header\t= yes\nsmtpd_tls_protocols\t\t= !TLSv1, !SSLv2, !SSLv3\nsmtpd_tls_mandatory_protocols\t= !TLSv1, !SSLv2, !SSLv3\nsmtpd_tls_mandatory_ciphers\t= medium\nsmtpd_tls_exclude_ciphers\t= aNULL, eNULL, EXPORT, DES, 3DES, RC2, RC4, MD5, PSK, SRP, DSS, AECDH, ADH, SEED\nsmtpd_tls_CAfile\t\t= /etc/ssl/certs/ca.cert.pem\nsmtpd_tls_cert_file\t\t= /etc/ssl/certs/mailserver.crt\nsmtpd_tls_key_file\t\t= /etc/ssl/private/mailserver.key\nsmtpd_tls_dh1024_param_file\t= \$config_directory/dh2048.pem\n\ntls_preempt_cipherlist\t= yes\ntls_random_source\t= dev:/dev/urandom\n\nsmtp_tls_session_cache_database\t\t= btree:\${data_directory}/smtp_scache\nsmtpd_tls_session_cache_database\t= btree:\${data_directory}/smtpd_scache\nlmtp_tls_session_cache_database\t\t= btree:\${data_directory}/lmtp_scache\n\n#####################\n## SASL PARAMETERS ##\n#####################\n\nsmtpd_sasl_auth_enable\t\t= yes\nsmtpd_sasl_type\t\t\t= dovecot\nsmtpd_sasl_path\t\t\t= private/auth\nsmtpd_sasl_security_options\t= noanonymous\nsmtpd_sasl_tls_security_options\t= \$smtpd_sasl_security_options\nsmtpd_sasl_local_domain\t\t= \$mydomain\nsmtpd_sasl_authenticated_header\t= no\n\n##############################\n## VIRTUALS MAPS PARAMETERS ##\n##############################\n\nvirtual_uid_maps\t= static:5000\nvirtual_gid_maps\t= static:5000\nvirtual_minimum_uid\t= 5000\nvirtual_mailbox_base\t= /var/mail\nvirtual_transport\t= lmtp:unix:private/dovecot-lmtp\nvirtual_mailbox_domains\t= mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf\nvirtual_mailbox_maps\t= mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf\nvirtual_alias_maps\t= mysql:/etc/postfix/mysql-virtual-alias-maps.cf\nsmtpd_sender_login_maps\t= mysql:/etc/postfix/mysql-sender-login-maps.cf\n\n######################\n## ERRORS REPORTING ##\n######################\n\nbounce_template_file\t= /etc/postfix/bounce.cf\n\nnotify_classes\t\t= resource, software\n\nerror_notice_recipient\t= $POSTFIXADMIN_ADMIN@$DOMAIN\n\n##################\n## RESTRICTIONS ##\n##################\n\nmime_header_checks\t= regexp:/etc/postfix/header_checks\nheader_checks\t\t= regexp:/etc/postfix/header_checks\n\nsmtpd_recipient_restrictions =\n\tpermit_mynetworks,\n\tpermit_sasl_authenticated,\n\treject_non_fqdn_recipient,\n\treject_unauth_destination,\n\treject_unknown_recipient_domain,\n\treject_unlisted_recipient,\n\treject_rbl_client zen.spamhaus.org\n\nsmtpd_reject_unlisted_sender = yes\n\nsmtpd_sender_restrictions =\n\treject_non_fqdn_sender,\n\treject_unknown_sender_domain,\n\treject_sender_login_mismatch,\n\treject_authenticated_sender_login_mismatch,\n\treject_rhsbl_sender dbl.spamhaus.org,\n\treject_unlisted_sender\n\nsmtpd_helo_restrictions =\n\tpermit_mynetworks,\n\tpermit_sasl_authenticated,\n\treject_invalid_helo_hostname,\n\treject_non_fqdn_helo_hostname,\n\treject_unknown_helo_hostname\n\nsmtpd_helo_required = yes\n\nsmtpd_client_restrictions =\n\tpermit_mynetworks,\n\tpermit_inet_interfaces,\n\tpermit_sasl_authenticated,\n\treject_unauth_pipelining\n\nsmtpd_relay_restrictions =\n\tpermit_mynetworks,\n\tpermit_sasl_authenticated,\n\treject_unauth_destination" >> /etc/postfix/main.cf
|
||||
echo "" > /etc/postfix/bounce.cf
|
||||
echo -e "failure_template = <<EOF\nCharset: UTF-8\nFrom: postmaster (Message systeme)\nSubject: Message non transmis\nPostmaster-Subject: Postmaster Copy: Message non transmis\n\nCeci est un message automatique du serveur $myhostname.\n\nNous sommes désolés de vous informer que votre message n'a pas pu\netre acheminé à un ou plusieurs destinataires.\nLe détail est expliqué ci dessous.\n\nPour une assistance, envoyez un e-mail à l'administrateur de\nvotre messagerie : postmaster@xarobase.com\n\nSi vous le faites, merci d'inclure ce message d'erreur dans\nvotre courriel.\n\n Le serveur de messagerie.\n\nMessage d'erreur :\nEOF\n\ndelay_template = <<EOF\nCharset: UTF-8\nFrom: postmaster (Message systeme)\nSubject: Message mis en attente.\nPostmaster-Subject: Postmaster Warning: Delayed Mail\n\nCeci est un message automatique du serveur $myhostname.\n\n##############################################################################\n#C'EST UN SIMPLE AVERTISSEMENT, VOUS N'AVEZ PAS BESOIN DE RENVOYER UN MESSAGE#\n##############################################################################\n\nVotre message ne peut pas être délivré avant un délai de $delay_warning_time_hours heures.\n\nDes tentatives de renvoi seront effectuées durant : $maximal_queue_lifetime_days jours.\n\nPour une assistance, envoyez un e-mail à l'administrateur de\nvotre messagerie : postmaster@xarobase.com\n\nSi vous le faites, merci d'inclure ce message d'erreur dans\nvotre courriel.\n\n Le serveur de messagerie.\n\nMessage :\nEOF\n\nsuccess_template = <<EOF\nCharset: UTF-8\nFrom: postmaster (Message systeme)\nSubject: Message correctement transmis\n\nCeci est un message automatique du serveur $myhostname.\n\nVotre message a correctement été envoyé aux destinataires listés ci-dessous\nSi le message a bien été délivré dans la boite de réception de votre destinataire,\nvous ne recevrez pas d'autre notification.\n\nSi non, vous pourriez recevoir des notifications provenant du système de messagerie\nde votre destinataire.\n\n Le serveur de messagerie.\n\nMessage :\nEOF\n\nverify_template = <<EOF\nCharset: UTF-8\nFrom: postmaster (Message systeme)\nSubject: Rapport de transmission de message\n\nCeci est un message automatique du serveur $myhostname.\n\nLe rapport de transmission de message que vous avez demandé est en pièce jointe.\n\n Le serveur de messagerie.\n\nMessage d'erreur :\nEOF" >> /etc/postfix/bounce.cf
|
||||
echo "" > /etc/postfix/master.cf
|
||||
echo -e "smtp\tinet\tn\t-\ty\t-\t-\tsmtpd\n\t-o content_filter=spamassassin\n\nsubmission\tinet\tn\t-\ty\t-\t-\tsmtpd\n\t-o syslog_name=postfix/submission\n\t-o smtpd_tls_dh1024_param_file=\${config_directory}/dh2048.pem\n\t-o smtpd_tls_security_level=encrypt\n\t-o smtpd_sasl_auth_enable=yes\n\t-o smtpd_client_restrictions=\$mua_client_restrictions\n\t-o smtpd_helo_restrictions=\$mua_helo_restrictions\n\t-o smtpd_sender_restrictions=\$mua_sender_restrictions\n\t-o smtpd_recipient_restrictions=\$mua_sender_restrictions\n\t-o content_filter=spamassassin\npickup\tunix\tn\t-\ty\t60\t1\tpickup\ncleanup\tunix\tn\t-\ty\t-\t0\tcleanup\nqmgr\tunix\tn\t-\tn\t300\t1\tqmgr\n#qmgr\tunix\tn\t-\tn\t300\t1\toqmgr\ntlsmgr\tunix\t-\t-\ty\t1000?\t1\ttlsmgr\nrewrite\tunix\t-\t-\ty\t-\t-\ttrivial-rewrite\nbounce\tunix\t-\t-\ty\t-\t0\tbounce\ndefer\tunix\t-\t-\ty\t-\t0\tbounce\ntrace\tunix\t-\t-\ty\t-\t0\tbounce\nverify\tunix\t-\t-\ty\t-\t1\tverify\nflush\tunix\tn\t-\ty\t1000?\t0\tflush\nproxymap\tunix\t-\t-\tn\t-\t-\tproxymap\nproxywrite\tunix -\t-\tn\t-\t1\tproxymap\nsmtp\tunix\t-\t-\ty\t-\t-\tsmtp\nrelay\tunix\t-\t-\ty\t-\t-\tsmtp\nshowq\tunix\tn\t-\ty\t-\t-\tshowq\nerror\tunix\t-\t-\ty\t-\t-\terror\nretry\tunix\t-\t-\ty\t-\t-\terror\ndiscard\tunix\t-\t-\ty\t-\t-\tdiscard\nlocal\tunix\t-\tn\tn\t-\t-\tlocal\nvirtual\tunix\t-\tn\tn\t-\t-\tvirtual\nlmtp\tunix\t-\t-\ty\t-\t-\tlmtp\nanvil\tunix\t-\t-\ty\t-\t1\tanvil\nscache\tunix\t-\t-\ty\t-\t1\tscache\nmaildrop\tunix\t-\tn\tn\t-\t-\tpipe\n\tflags=DRhu user=vmail argv=/usr/bin/maildrop -d \${recipient}\nuucp\tunix\t-\tn\tn\t-\t-\tpipe\n\tflags=Fqhu user=uucp argv=uux -r -n -z -a\$sender - \$nexthop\!rmail (\$recipient)\nifmail\tunix\t-\tn\tn\t-\t-\tpipe\n\tflags=F user=ftn argv=/usr/lib/ifmail/ifmail -r \$nexthop (\$recipient)\nbsmtp\tunix\t-\tn\tn\t-\t-\tpipe\n\tflags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t\$nexthop -f\$sender \$recipient\nscalemail-ackend\tunix\t-\tn\tn\t-\t2\tpipe\n\tflags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store \${nexthop} \${user} \${extension}\nmailman\tunix\t-\tn\tn\t-\t-\tpipe\n\tflags=FR user=list rgv=/usr/lib/mailman/bin/postfix-to-mailman.py\n\t\${nexthop} \${user}\n\nspamassassin\tunix\t-\tn\tn\t-\t-\tpipe\n\tuser=debian-spamd argv=/usr/bin/spamc -s 26214400 -f -e /usr/sbin/sendmail -oi -f \${sender} \${recipient}" >> /etc/postfix/master.cf
|
||||
echo -e "smtp\tinet\tn\t-\ty\t-\t-\tsmtpd\n\t-o content_filter=spamassassin\n\nsubmission\tinet\tn\t-\ty\t-\t-\tsmtpd\n\t-o syslog_name=postfix/submission\n\t-o smtpd_tls_dh1024_param_file=\${config_directory}/dh2048.pem\n\t-o smtpd_tls_security_level=encrypt\n\t-o smtpd_sasl_auth_enable=yes\n\t-o content_filter=spamassassin\npickup\tunix\tn\t-\ty\t60\t1\tpickup\ncleanup\tunix\tn\t-\ty\t-\t0\tcleanup\nqmgr\tunix\tn\t-\tn\t300\t1\tqmgr\ntlsmgr\tunix\t-\t-\ty\t1000?\t1\ttlsmgr\nrewrite\tunix\t-\t-\ty\t-\t-\ttrivial-rewrite\nbounce\tunix\t-\t-\ty\t-\t0\tbounce\ndefer\tunix\t-\t-\ty\t-\t0\tbounce\ntrace\tunix\t-\t-\ty\t-\t0\tbounce\nverify\tunix\t-\t-\ty\t-\t1\tverify\nflush\tunix\tn\t-\ty\t1000?\t0\tflush\nproxymap\tunix\t-\t-\tn\t-\t-\tproxymap\nproxywrite\tunix -\t-\tn\t-\t1\tproxymap\nsmtp\tunix\t-\t-\ty\t-\t-\tsmtp\nrelay\tunix\t-\t-\ty\t-\t-\tsmtp\nshowq\tunix\tn\t-\ty\t-\t-\tshowq\nerror\tunix\t-\t-\ty\t-\t-\terror\nretry\tunix\t-\t-\ty\t-\t-\terror\ndiscard\tunix\t-\t-\ty\t-\t-\tdiscard\nlocal\tunix\t-\tn\tn\t-\t-\tlocal\nvirtual\tunix\t-\tn\tn\t-\t-\tvirtual\nlmtp\tunix\t-\t-\ty\t-\t-\tlmtp\nanvil\tunix\t-\t-\ty\t-\t1\tanvil\nscache\tunix\t-\t-\ty\t-\t1\tscache\nmaildrop\tunix\t-\tn\tn\t-\t-\tpipe\n\tflags=DRhu user=vmail argv=/usr/bin/maildrop -d \${recipient}\nuucp\tunix\t-\tn\tn\t-\t-\tpipe\n\tflags=Fqhu user=uucp argv=uux -r -n -z -a\$sender - \$nexthop\!rmail (\$recipient)\nifmail\tunix\t-\tn\tn\t-\t-\tpipe\n\tflags=F user=ftn argv=/usr/lib/ifmail/ifmail -r \$nexthop (\$recipient)\nbsmtp\tunix\t-\tn\tn\t-\t-\tpipe\n\tflags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t\$nexthop -f\$sender \$recipient\nscalemail-ackend\tunix\t-\tn\tn\t-\t2\tpipe\n\tflags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store \${nexthop} \${user} \${extension}\nmailman\tunix\t-\tn\tn\t-\t-\tpipe\n\tflags=FR user=list rgv=/usr/lib/mailman/bin/postfix-to-mailman.py\n\t\${nexthop} \${user}\n\nspamassassin\tunix\t-\tn\tn\t-\t-\tpipe\n\tuser=debian-spamd argv=/usr/bin/spamc -s 26214400 -f -e /usr/sbin/sendmail -oi -f \${sender} \${recipient}" >> /etc/postfix/master.cf
|
||||
echo "" > /etc/postfix/header_checks
|
||||
echo -e "/^Received:.*with ESMTPSA/\tIGNORE\n/^X-Originating-IP:/\t\tIGNORE\n/^X-Mailer:/\t\t\tIGNORE\n/^User-Agent:/\t\t\tIGNORE" >> /etc/postfix/header_checks
|
||||
echo -e "/^\s*Received:[^\\\n]*(.*)/\t\tREPLACE Received: from authenticated-user ({{ .FQDN }} [127.0.0.1])\$1\n/^\s*User-Agent:/\t\t\tIGNORE\n/^\s*X-Enigmail:/\t\t\tIGNORE\n/^\s*X-Mailer:/\t\t\t\tIGNORE\n/^\s*X-Originating-IP:/\t\t\tIGNORE\n/^\s*X-Pgp-Agent:/\t\t\tIGNORE\n/^\s*(Mime-Version:\s*[0-9\.]+)\s.+/\tREPLACE \$1\n/filename=\\\"?(.*)\.(ade|adp|bat|chm|cmd|com|cpl|docm|exe|hta|ins|isp|jar|js|jse|lib|lnk|mde|msc|msi|msp|mst|nsh|pif|ps|scr|sct|sh|shb|sys|vb|vbe|vbs|vxd|wsc|wsf|wsh)\\\"?$/ REJECT .2$ files are prohibited for security reasons" >> /etc/postfix/header_checks
|
||||
postmap /etc/postfix/header_checks
|
||||
postalias /etc/aliases
|
||||
echo "-- Fichiers créés !"
|
||||
|
@ -174,12 +174,16 @@ then
|
|||
echo -e "mail_location = maildir:/var/mail/vhosts/%d/%n/mail\nmaildir_stat_dirs=yes\nnamespace inbox {\n\tinbox = yes\n}\nmail_uid = 5000\nmail_gid = 5000\nfirst_valid_uid = 5000\nlast_valid_uid = 5000\nmail_privileged_group = vmail" >> /etc/dovecot/conf.d/10-mail.conf
|
||||
echo "" > /etc/dovecot/conf.d/10-auth.conf
|
||||
echo -e "disable_plaintext_auth = yes\nauth_mechanisms = plain login\n!include auth-sql.conf.ext" >> /etc/dovecot/conf.d/10-auth.conf
|
||||
echo "" > /etc/dovecot/conf.d/10-logging.conf
|
||||
echo -e "log_path = syslog\nsyslog_facility = mail\n\n#auth_verbose = yes\n#auth_verbose_passwords = sha1\n#auth_debug = yes\n#auth_debug_passwords = yes\n#mail_debug = yes\n#verbose_ssl = yes" >> /etc/dovecot/conf.d/10-logging.conf
|
||||
echo "" > /etc/dovecot/conf.d/10-master.conf
|
||||
echo -e "service imap-login {\n\tinet_listener imap {\n\t\tport = 143\n\t}\n\tinet_listener imaps {\n\t\tport = 993\n\t\tssl = yes\n\t}\n\tservice_count = 0\n}\nservice lmtp {\n\tunix_listener /var/spool/postfix/private/dovecot-lmtp {\n\t\tmode = 0600\n\t\tuser = postfix\n\t\tgroup = postfix\n\t}\n}\nservice auth {\n\tunix_listener auth-userdb {\n\t\tmode = 0600\n\t\tuser = vmail\n\t\tgroup = vmail\n\t}\n\tunix_listener /var/spool/postfix/private/auth {\n\t\tmode = 0666\n\t\tuser = postfix\n\t\tgroup = postfix\n\t}\n\tuser = dovecot\n}\nservice auth-worker {\n\tuser = vmail\n}" >> /etc/dovecot/conf.d/10-master.conf
|
||||
echo "" > /etc/dovecot/conf.d/10-ssl.conf
|
||||
echo -e "ssl = required\nssl_cert = </etc/ssl/certs/mailserver.crt\nssl_key = </etc/ssl/private/mailserver.key\nssl_dh_parameters_length = 2048\nssl_protocols = !SSLv3\nssl_cipher_list = ALL:!aNULL:!eNULL:!LOW:!MEDIUM:!EXP:!RC2:!RC4:!DES:!3DES:!MD5:!PSK:!SRP:!DSS:!AECDH:!ADH:@STRENGTH\nssl_prefer_server_ciphers = yes" >> /etc/dovecot/conf.d/10-ssl.conf
|
||||
echo -e "ssl = required\nssl_cert = </etc/ssl/certs/dovecotchain.pem\nssl_key = </etc/ssl/private/mailserver.key\nssl_min_protocol = TLSv1.2\nssl_cipher_list = EECDH+AES:EDH+AES+aRSA:!DH\nssl_prefer_server_ciphers = yes" >> /etc/dovecot/conf.d/10-ssl.conf
|
||||
echo "" > /etc/dovecot/conf.d/15-mailboxes.conf
|
||||
echo -e "namespace inbox {\n\n\tmailbox Drafts {\n\t\tspecial_use = \Drafts\n\t\tauto = subscribe\n\t}\n\n\tmailbox Spam {\n\t\tspecial_use = \Junk\n\t\tauto = subscribe\n\t}\n\n\tmailbox Junk {\n\t\tspecial_use = \Junk\n\t}\n\n\tmailbox Trash {\n\t\tspecial_use = \Trash\n\t\tauto = subscribe\n\t}\n\n\tmailbox Sent {\n\t\tspecial_use = \Sent\n\t\tauto = subscribe\n\t}\n\n\tmailbox \"Sent Messages\" {\n\t\tspecial_use = \Sent\n\t}\n\n\tmailbox Archive {\n\t\tspecial_use = \Archive\n\t\tauto = subscribe\n\t}\n\n}" >> /etc/dovecot/conf.d/15-mailboxes.conf
|
||||
echo "" > /etc/dovecot/conf.d/20-imap.conf
|
||||
echo -e "protocol imap {\n\tmail_plugins = \$mail_plugins imap_quota\n}" >> /etc/dovecot/conf.d/20-imap.conf
|
||||
echo -e "protocol imap {\n\tmail_plugins = \$mail_plugins imap_quota imap_sieve\n}" >> /etc/dovecot/conf.d/20-imap.conf
|
||||
echo "" > /etc/dovecot/conf.d/90-quota.conf
|
||||
echo -e "service dict {\n\tunix_listener dict {\n\t\tmode = 0600\n\t\tuser = vmail\n\t}\n}\nplugin {\n\tquota = dict:Quota:%d:proxy::sqldomainquota\n\tquota = dict:User Quota::proxy::sqluserquota\n\n\tquota_rule2 = Trash:storage=+10%%\n}\n\ndict {\n\tsqluserquota = mysql:/etc/dovecot/dovecot-dict-sql-user.conf\n\tsqldomainquota = mysql:/etc/dovecot/dovecot-dict-sql-domain.conf\n}" >> /etc/dovecot/conf.d/90-quota.conf
|
||||
echo "-- Fichiers créés !"
|
||||
|
|
Loading…
Reference in New Issue