Postfix on FreeBSD

2014-02-19 (水) 03:49:29

webmaster 宛にスパムを送ってくる奴がいる

ので、

送信元アドレスにより,拒否

したい. 送信者アドレス(From行ではなく,SMTPセッションにおけるMAIL FROMで指定されるアドレス)か,そのドメインをリストで指定することにより,SMTP処理を拒否します.

rootで以下のコマンドを実行します.

main.cfにsmtpd_sender_restrictionsを追加する.

# grep _sender main.cf
smtpd_sender_restrictions =
	reject_unknown_sender_domain
	reject_non_fqdn_sender hash:/etc/postfix/reject_sender
#

/etc/postfix/reject_senderに除外したいアドレスやドメインを記述する.

# cat /etc/postfix/reject_sender
twostep21.biz		REJECT
hoge.co.jp		REJECT
spammer@hogehoge.co.jp	REJECT
#

リストテーブルを更新する.

# /usr/local/postfix/postmap /etc/postfix/reject_sender
# ll /etc/postfix/reject_sender*
-rw-r--r--  1 root  wheel     50 Feb 22 15:29 /etc/postfix/reject_sender
-rw-r--r--  1 root  wheel  32768 Feb 22 15:30 /etc/postfix/reject_sender.db
#

main.cf debugメールの設定

ちかごろやたらとエラーメールが増えたので・・・

#notify_classes = bounce,delay,policy,protocol,resource,software,2bounce
notify_classes = 2bounce,resource,software

Postfix 2.4.5.1 のインストール

# cd /usr/ports/mail/postfix
# make
Postfix-ports-options.png
-lkrb -lcrypto -lcom_err -L/usr/local/lib/mysql -lmysqlclient -lz -lcrypt -
lm -L/usr/local/lib -L/usr/local/pgsql/lib -lpq -lcrypt -L/usr/local/lib -
lldap -llber -L/usr/local/lib -lcdb
/usr/bin/ld: cannot find -lkrb
*** Error code 1

Stop in /usr/ports/mail/postfix/work/postfix-2.4.5/src/master.
*** Error code 1

Stop in /usr/ports/mail/postfix/work/postfix-2.4.5.
*** Error code 1

Stop in /usr/ports/mail/postfix.
*** Error code 1

Stop in /usr/ports/mail/postfix.
*** Error code 1

Stop in /usr/ports/mail/postfix.
# rm -R work
# make rmconfig
PostfixPortsOptions.png
#make
#make install
Would you like to activate Postfix in /etc/mail/mailer.conf [n]? y
To enable postfix startup script please add postfix_enable="YES" in
your rc.conf

If you not need sendmail anymore, please add in your rc.conf:

sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"

And you can disable some sendmail specific daily maintenance routines in your
/etc/periodic.conf file:

daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"

If you are using SASL, you need to make sure that postfix has access to read
the sasldb file.  This is accomplished by adding postfix to group mail and
making the /usr/local/etc/sasldb* file(s) readable by group mail (this should
be the default for new installs).

If you are upgrading from postfix version prior to 2.0, please see the README
files for recommended changes to your configuration.
===> Installing rc.d startup script(s)

ので、/etc/rc.conf に

postfix_enable="YES" 
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"

上記書き加え /etc/defaults/で

# cp periodic.conf periodic.conf-dist-sendamil-on

して

#vi /etc/periodic.conf して、
daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"

を置いておく

postfix を導入すると sendmail は不要になりますので、FreeBSD を make world した時に sendmail を作り直さないように設定します。
/etc/make.conf

# added by KUJI 2007-09-10 13:21:52
NO_SENDMAIL= true

/etc/mail/aliases

postfix: root

オリジナルの sendmail のログローテーションを止めるため /etc/newsyslog.conf を変更します。

#/var/log/sendmail.st			640  10	   *	168   B

/usr/local/etc/postfix/main.cfの設定

# cp main.cf main.cf-dist

して待避しておく

queue_directory = /var/spool/postfix
command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix
mail_owner = postfix
myhostname = tfc.thousand-winds.jp
mydomain = thousand-winds.jp
myorigin = $myhostname
#myorigin = $mydomain
#inet_interfaces = all
#mydestination = $myhostname, localhost.$mydomain, localhost
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
#	mail.$mydomain, www.$mydomain, ftp.$mydomain
mydestination = $myhostname, localhost.$mydomain

# REJECTING MAIL FOR UNKNOWN LOCAL USERS
unknown_local_recipient_reject_code = 550
mynetworks_style = host

mynetworks = 210.255.122.208/28, 127.0.0.0/8

alias_maps = hash:/etc/mail/aliases
alias_database = hash:/etc/mail/aliases

mail_spool_directory = /var/mail

debugger_command =
	 PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
	 xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/local/sbin/sendmail
newaliases_path = /usr/local/bin/newaliases
mailq_path = /usr/local/bin/mailq
setgid_group = maildrop
html_directory = no
manpage_directory = /usr/local/man
sample_directory = /usr/local/etc/postfix
readme_directory = no
# ファイルの最後に追記するもの
# alias, forward, include の有効化
allow_mail_to_commands = alias,forward,include
# デバッグメールの有効化
notify_classes = bounce,delay,policy,protocol,resource,software

/usr/local/etc/postfix/master.cfの設定

Pflogsummのインストール

# cd /usr/ports/mail/pflogsumm
# make install

http://sakura.take-labo.jp/freebsd/mail_postfix_simple.html


トップ   新規 一覧 検索 最終更新   ヘルプ   最終更新のRSS