![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
#contents *Postfix on FreeBSD [#tcf5761f] &lastmod; * newaliases の db 出力先 & 参照先 2014/02/19 [#f6f67293] これまで、newaliases すると、/etc/mail/aliase.db が更新されていて、また、このファイルに基づいて転送先を規定していた。 しかし、newaliases での出力先が、/etc/aliases.db になっている様だ。 これは、/usr/local/etc/postfix/main.cf に明示的に記述していないと、/usr/local/etc/postfix/main.cf.default の記述 alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases に従うため、というのを知った、今日この頃(^^ゞ ** webmaster 宛にスパムを送ってくる奴がいる [#qcdd2725] ので、 ***送信元アドレスにより,拒否 [#p0b5dddc] したい. 送信者アドレス(From行ではなく,SMTPセッションにおけるMAIL FROMで指定されるアドレス)か,そのドメインをリストで指定することにより,SMTP処理を拒否します. rootで以下のコマンドを実行します. main.cfにsmtpd_sender_restrictionsを追加する. # grep _sender main.cf smtpd_sender_restrictions = reject_unknown_sender_domain reject_non_fqdn_sender hash:/etc/postfix/reject_sender # /etc/postfix/reject_senderに除外したいアドレスやドメインを記述する. # cat /etc/postfix/reject_sender twostep21.biz REJECT hoge.co.jp REJECT spammer@hogehoge.co.jp REJECT # リストテーブルを更新する. # /usr/local/postfix/postmap /etc/postfix/reject_sender # ll /etc/postfix/reject_sender* -rw-r--r-- 1 root wheel 50 Feb 22 15:29 /etc/postfix/reject_sender -rw-r--r-- 1 root wheel 32768 Feb 22 15:30 /etc/postfix/reject_sender.db # ** main.cf debugメールの設定 [#b9ba989e] ちかごろやたらとエラーメールが増えたので・・・ #notify_classes = bounce,delay,policy,protocol,resource,software,2bounce notify_classes = 2bounce,resource,software **postfix-2.8.7,1 [#m7ba4bdd] Would you like to activate Postfix in /etc/mail/mailer.conf [n]? y # Fix compressed man pages To enable postfix startup script please add postfix_enable="YES" in your rc.conf If you not need sendmail anymore, please add in your rc.conf: sendmail_enable="NO" sendmail_submit_enable="NO" sendmail_outbound_enable="NO" sendmail_msp_queue_enable="NO" And you can disable some sendmail specific daily maintenance routines in your /etc/periodic.conf file: daily_clean_hoststat_enable="NO" daily_status_mail_rejects_enable="NO" daily_status_include_submit_mailq="NO" daily_submit_queuerun="NO" If /etc/periodic.conf does not exist please create it and add those values. If you are using SASL, you need to make sure that postfix has access to read the sasldb file. This is accomplished by adding postfix to group mail and making the /usr/local/etc/sasldb* file(s) readable by group mail (this should be the default for new installs). If you are upgrading from Postfix 2.6 or earlier, review the RELEASE_NOTES to familiarize yourself with new features and incompatabilities. ===> Correct pkg-plist sequence to create group(s) and user(s) ===> Compressing manual pages for postfix-2.8.7,1 ===> Registering installation for postfix-2.8.7,1 ===> SECURITY REPORT: This port has installed the following binaries which execute with increased privileges. /usr/local/sbin/postdrop /usr/local/sbin/postqueue This port has installed the following files which may act as network servers and may therefore pose a remote security risk to the system. /usr/local/libexec/postfix/nqmgr **Postfix 2.4.5.1 のインストール [#xe23f0bb] # cd /usr/ports/mail/postfix # make #ref(Postfix-ports-options.png) -lkrb -lcrypto -lcom_err -L/usr/local/lib/mysql -lmysqlclient -lz -lcrypt - lm -L/usr/local/lib -L/usr/local/pgsql/lib -lpq -lcrypt -L/usr/local/lib - lldap -llber -L/usr/local/lib -lcdb /usr/bin/ld: cannot find -lkrb *** Error code 1 Stop in /usr/ports/mail/postfix/work/postfix-2.4.5/src/master. *** Error code 1 Stop in /usr/ports/mail/postfix/work/postfix-2.4.5. *** Error code 1 Stop in /usr/ports/mail/postfix. *** Error code 1 Stop in /usr/ports/mail/postfix. *** Error code 1 Stop in /usr/ports/mail/postfix. # rm -R work # make rmconfig #ref(PostfixPortsOptions.png) #make #make install Would you like to activate Postfix in /etc/mail/mailer.conf [n]? y To enable postfix startup script please add postfix_enable="YES" in your rc.conf If you not need sendmail anymore, please add in your rc.conf: sendmail_enable="NO" sendmail_submit_enable="NO" sendmail_outbound_enable="NO" sendmail_msp_queue_enable="NO" And you can disable some sendmail specific daily maintenance routines in your /etc/periodic.conf file: daily_clean_hoststat_enable="NO" daily_status_mail_rejects_enable="NO" daily_status_include_submit_mailq="NO" daily_submit_queuerun="NO" If you are using SASL, you need to make sure that postfix has access to read the sasldb file. This is accomplished by adding postfix to group mail and making the /usr/local/etc/sasldb* file(s) readable by group mail (this should be the default for new installs). If you are upgrading from postfix version prior to 2.0, please see the README files for recommended changes to your configuration. ===> Installing rc.d startup script(s) ので、/etc/rc.conf に postfix_enable="YES" sendmail_enable="NO" sendmail_submit_enable="NO" sendmail_outbound_enable="NO" sendmail_msp_queue_enable="NO" 上記書き加え /etc/defaults/で # cp periodic.conf periodic.conf-dist-sendamil-on して #vi /etc/periodic.conf して、 daily_clean_hoststat_enable="NO" daily_status_mail_rejects_enable="NO" daily_status_include_submit_mailq="NO" daily_submit_queuerun="NO" を置いておく postfix を導入すると sendmail は不要になりますので、FreeBSD を make world した時に sendmail を作り直さないように設定します。~ /etc/make.conf # added by KUJI 2007-09-10 13:21:52 NO_SENDMAIL= true /etc/mail/aliases postfix: root オリジナルの sendmail のログローテーションを止めるため /etc/newsyslog.conf を変更します。 #/var/log/sendmail.st 640 10 * 168 B **/usr/local/etc/postfix/main.cfの設定 [#k091c44c] # cp main.cf main.cf-dist して待避しておく queue_directory = /var/spool/postfix command_directory = /usr/local/sbin daemon_directory = /usr/local/libexec/postfix mail_owner = postfix myhostname = tfc.thousand-winds.jp mydomain = thousand-winds.jp myorigin = $myhostname #myorigin = $mydomain #inet_interfaces = all #mydestination = $myhostname, localhost.$mydomain, localhost #mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain #mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, # mail.$mydomain, www.$mydomain, ftp.$mydomain mydestination = $myhostname, localhost.$mydomain # REJECTING MAIL FOR UNKNOWN LOCAL USERS unknown_local_recipient_reject_code = 550 mynetworks_style = host mynetworks = 210.255.122.208/28, 127.0.0.0/8 alias_maps = hash:/etc/mail/aliases alias_database = hash:/etc/mail/aliases mail_spool_directory = /var/mail debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5 sendmail_path = /usr/local/sbin/sendmail newaliases_path = /usr/local/bin/newaliases mailq_path = /usr/local/bin/mailq setgid_group = maildrop html_directory = no manpage_directory = /usr/local/man sample_directory = /usr/local/etc/postfix readme_directory = no # ファイルの最後に追記するもの # alias, forward, include の有効化 allow_mail_to_commands = alias,forward,include # デバッグメールの有効化 notify_classes = bounce,delay,policy,protocol,resource,software **/usr/local/etc/postfix/master.cfの設定 [#v357229e] *Pflogsummのインストール [#z93bde16] # cd /usr/ports/mail/pflogsumm # make install ---- http://sakura.take-labo.jp/freebsd/mail_postfix_simple.html
