- 追加された行はこの色です。
- 削除された行はこの色です。
#contents
*Postfix on FreeBSD [#tcf5761f]
&lastmod;
** webmaster 宛にスパムを送ってくる奴がいる [#qcdd2725]
ので、
***送信元アドレスにより,拒否 [#p0b5dddc]
したい.
送信者アドレス(From行ではなく,SMTPセッションにおけるMAIL FROMで指定されるアドレス)か,そのドメインをリストで指定することにより,SMTP処理を拒否します.
rootで以下のコマンドを実行します.
main.cfにsmtpd_sender_restrictionsを追加する.
# grep _sender main.cf
smtpd_sender_restrictions =
reject_unknown_sender_domain
reject_non_fqdn_sender hash:/etc/postfix/reject_sender
#
/etc/postfix/reject_senderに除外したいアドレスやドメインを記述する.
# cat /etc/postfix/reject_sender
twostep21.biz REJECT
hoge.co.jp REJECT
spammer@hogehoge.co.jp REJECT
#
リストテーブルを更新する.
# /usr/local/postfix/postmap /etc/postfix/reject_sender
# ll /etc/postfix/reject_sender*
-rw-r--r-- 1 root wheel 50 Feb 22 15:29 /etc/postfix/reject_sender
-rw-r--r-- 1 root wheel 32768 Feb 22 15:30 /etc/postfix/reject_sender.db
#
** main.cf debugメールの設定 [#b9ba989e]
ちかごろやたらとエラーメールが増えたので・・・
#notify_classes = bounce,delay,policy,protocol,resource,software,2bounce
notify_classes = 2bounce,resource,software
**postfix-2.8.7,1 [#m7ba4bdd]
Would you like to activate Postfix in /etc/mail/mailer.conf [n]? y
# Fix compressed man pages
To enable postfix startup script please add postfix_enable="YES" in
your rc.conf
If you not need sendmail anymore, please add in your rc.conf:
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
And you can disable some sendmail specific daily maintenance routines in your
/etc/periodic.conf file:
daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"
If /etc/periodic.conf does not exist please create it and add those values.
If you are using SASL, you need to make sure that postfix has access to read
the sasldb file. This is accomplished by adding postfix to group mail and
making the /usr/local/etc/sasldb* file(s) readable by group mail (this should
be the default for new installs).
If you are upgrading from Postfix 2.6 or earlier, review the RELEASE_NOTES to
familiarize yourself with new features and incompatabilities.
===> Correct pkg-plist sequence to create group(s) and user(s)
===> Compressing manual pages for postfix-2.8.7,1
===> Registering installation for postfix-2.8.7,1
===> SECURITY REPORT:
This port has installed the following binaries which execute with
increased privileges.
/usr/local/sbin/postdrop
/usr/local/sbin/postqueue
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
/usr/local/libexec/postfix/nqmgr
**Postfix 2.4.5.1 のインストール [#xe23f0bb]
# cd /usr/ports/mail/postfix
# make
#ref(Postfix-ports-options.png)
-lkrb -lcrypto -lcom_err -L/usr/local/lib/mysql -lmysqlclient -lz -lcrypt -
lm -L/usr/local/lib -L/usr/local/pgsql/lib -lpq -lcrypt -L/usr/local/lib -
lldap -llber -L/usr/local/lib -lcdb
/usr/bin/ld: cannot find -lkrb
*** Error code 1
Stop in /usr/ports/mail/postfix/work/postfix-2.4.5/src/master.
*** Error code 1
Stop in /usr/ports/mail/postfix/work/postfix-2.4.5.
*** Error code 1
Stop in /usr/ports/mail/postfix.
*** Error code 1
Stop in /usr/ports/mail/postfix.
*** Error code 1
Stop in /usr/ports/mail/postfix.
# rm -R work
# make rmconfig
#ref(PostfixPortsOptions.png)
#make
#make install
Would you like to activate Postfix in /etc/mail/mailer.conf [n]? y
To enable postfix startup script please add postfix_enable="YES" in
your rc.conf
If you not need sendmail anymore, please add in your rc.conf:
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
And you can disable some sendmail specific daily maintenance routines in your
/etc/periodic.conf file:
daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"
If you are using SASL, you need to make sure that postfix has access to read
the sasldb file. This is accomplished by adding postfix to group mail and
making the /usr/local/etc/sasldb* file(s) readable by group mail (this should
be the default for new installs).
If you are upgrading from postfix version prior to 2.0, please see the README
files for recommended changes to your configuration.
===> Installing rc.d startup script(s)
ので、/etc/rc.conf に
postfix_enable="YES"
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
上記書き加え
/etc/defaults/で
# cp periodic.conf periodic.conf-dist-sendamil-on
して
#vi /etc/periodic.conf して、
daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"
を置いておく
postfix を導入すると sendmail は不要になりますので、FreeBSD を make world した時に sendmail を作り直さないように設定します。~
/etc/make.conf
# added by KUJI 2007-09-10 13:21:52
NO_SENDMAIL= true
/etc/mail/aliases
postfix: root
オリジナルの sendmail のログローテーションを止めるため /etc/newsyslog.conf を変更します。
#/var/log/sendmail.st 640 10 * 168 B
**/usr/local/etc/postfix/main.cfの設定 [#k091c44c]
# cp main.cf main.cf-dist
して待避しておく
queue_directory = /var/spool/postfix
command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix
mail_owner = postfix
myhostname = tfc.thousand-winds.jp
mydomain = thousand-winds.jp
myorigin = $myhostname
#myorigin = $mydomain
#inet_interfaces = all
#mydestination = $myhostname, localhost.$mydomain, localhost
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
# mail.$mydomain, www.$mydomain, ftp.$mydomain
mydestination = $myhostname, localhost.$mydomain
# REJECTING MAIL FOR UNKNOWN LOCAL USERS
unknown_local_recipient_reject_code = 550
mynetworks_style = host
mynetworks = 210.255.122.208/28, 127.0.0.0/8
alias_maps = hash:/etc/mail/aliases
alias_database = hash:/etc/mail/aliases
mail_spool_directory = /var/mail
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/local/sbin/sendmail
newaliases_path = /usr/local/bin/newaliases
mailq_path = /usr/local/bin/mailq
setgid_group = maildrop
html_directory = no
manpage_directory = /usr/local/man
sample_directory = /usr/local/etc/postfix
readme_directory = no
# ファイルの最後に追記するもの
# alias, forward, include の有効化
allow_mail_to_commands = alias,forward,include
# デバッグメールの有効化
notify_classes = bounce,delay,policy,protocol,resource,software
**/usr/local/etc/postfix/master.cfの設定 [#v357229e]
*Pflogsummのインストール [#z93bde16]
# cd /usr/ports/mail/pflogsumm
# make install
----
http://sakura.take-labo.jp/freebsd/mail_postfix_simple.html