3 commits - Installation_Guide/default configuration files
Jeroen van Meeuwen
vanmeeuwen at kolabsys.com
Fri Jul 1 12:15:16 CEST 2011
Installation_Guide/default | 256 +++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 256 insertions(+)
New commits:
commit 36459af996f90e1354a6b112bdd839fba372c9ba
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Fri Jul 1 11:15:03 2011 +0100
Add some of the ldap lookup tables
diff --git a/Installation_Guide/default configuration files/alias_maps.cf b/Installation_Guide/default configuration files/alias_maps.cf
new file mode 100644
index 0000000..aa07488
--- /dev/null
+++ b/Installation_Guide/default configuration files/alias_maps.cf
@@ -0,0 +1,9 @@
+server_host = ldap.test90.kolabsys.com
+version = 3
+search_base = ou=People,dc=test90,dc=kolabsys,dc=com
+bind_dn = uid=kolab-anonymous,ou=Special Users,dc=test90,dc=kolabsys,dc=com
+bind_pw = Welcome2KolabSystems
+scope = sub
+
+query_filter = (&(|(mailAlternateAddress=%s)(alias=%s))(objectclass=kolabinetorgperson)(!(nsroledn=cn=nsmanageddisabledrole,dc=test90,dc=kolabsys,dc=com)))
+result_attribute = mail
diff --git a/Installation_Guide/default configuration files/local_recipient_maps.cf b/Installation_Guide/default configuration files/local_recipient_maps.cf
new file mode 100644
index 0000000..57b30a4
--- /dev/null
+++ b/Installation_Guide/default configuration files/local_recipient_maps.cf
@@ -0,0 +1,9 @@
+server_host = ldap.test90.kolabsys.com
+version = 3
+search_base = ou=People,dc=test90,dc=kolabsys,dc=com
+bind_dn = uid=kolab-anonymous,ou=Special Users,dc=test90,dc=kolabsys,dc=com
+bind_pw = Welcome2KolabSystems
+scope = sub
+
+query_filter = (&(|(mailAlternateAddress=%s)(alias=%s)(mail=%s))(objectclass=kolabinetorgperson)(!(nsroledn=cn=nsmanageddisabledrole,dc=test90,dc=kolabsys,dc=com)))
+result_attribute = mail
diff --git a/Installation_Guide/default configuration files/main.cf b/Installation_Guide/default configuration files/main.cf
index af4f0cc..f0babe8 100644
--- a/Installation_Guide/default configuration files/main.cf
+++ b/Installation_Guide/default configuration files/main.cf
@@ -14,7 +14,14 @@ mydestination = ldap:/etc/postfix/ldap/mydestination.cf
# Obtain the valid local recipients from LDAP
local_recipient_maps = $alias_maps, $virtual_alias_maps, ldap:/etc/postfix/ldap/local_recipient_maps.cf
-virtual_alias_maps = ldap:/etc/postfix/ldap/virtual_alias_maps.cf
+# The aliases come from LDAP too
+alias_maps = hash:/etc/aliases,
+ ldap:/etc/postfix/ldap/alias_maps.cf
+alias_database = hash:/etc/aliases
+
+virtual_alias_maps = ldap:/etc/postfix/ldap/virtual_alias_maps.cf,
+ ldap:/etc/postfix/ldap/virtual_alias_maps_mailenabled_distgroups.cf
+ ldap:/etc/postfix/ldap/virtual_alias_maps_mailenabled_dynamic_distgroups.cf
unknown_local_recipient_reject_code = 550
@@ -74,11 +81,6 @@ content_filter = smtp-amavis:[127.0.0.1]:10024
# 20 * 1024 * 1024 bytes
message_size_limit = 20971520
-# The aliases come from LDAP too
-alias_maps = hash:/etc/aliases,
- ldap:/etc/postfix/ldap/alias_maps.cf
-alias_database = hash:/etc/aliases
-
recipient_delimiter = +
mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
diff --git a/Installation_Guide/default configuration files/mydestination.cf b/Installation_Guide/default configuration files/mydestination.cf
new file mode 100644
index 0000000..50145f4
--- /dev/null
+++ b/Installation_Guide/default configuration files/mydestination.cf
@@ -0,0 +1,9 @@
+server_host = ldap.test90.kolabsys.com
+version = 3
+search_base = cn=kolab,cn=config
+bind_dn = uid=kolab-anonymous,ou=Special Users,dc=test90,dc=kolabsys,dc=com
+bind_pw = Welcome2KolabSystems
+scope = sub
+
+query_filter = (&(objectclass=domainrelatedobject)(associateddomain=%s))
+result_attribute = associateddomain
diff --git a/Installation_Guide/default configuration files/virtual_alias_maps.cf b/Installation_Guide/default configuration files/virtual_alias_maps.cf
new file mode 100644
index 0000000..57b30a4
--- /dev/null
+++ b/Installation_Guide/default configuration files/virtual_alias_maps.cf
@@ -0,0 +1,9 @@
+server_host = ldap.test90.kolabsys.com
+version = 3
+search_base = ou=People,dc=test90,dc=kolabsys,dc=com
+bind_dn = uid=kolab-anonymous,ou=Special Users,dc=test90,dc=kolabsys,dc=com
+bind_pw = Welcome2KolabSystems
+scope = sub
+
+query_filter = (&(|(mailAlternateAddress=%s)(alias=%s)(mail=%s))(objectclass=kolabinetorgperson)(!(nsroledn=cn=nsmanageddisabledrole,dc=test90,dc=kolabsys,dc=com)))
+result_attribute = mail
diff --git a/Installation_Guide/default configuration files/virtual_alias_maps_mailenabled_distgroups.cf b/Installation_Guide/default configuration files/virtual_alias_maps_mailenabled_distgroups.cf
new file mode 100644
index 0000000..fc70ffc
--- /dev/null
+++ b/Installation_Guide/default configuration files/virtual_alias_maps_mailenabled_distgroups.cf
@@ -0,0 +1,14 @@
+server_host = ldap.test90.kolabsys.com
+search_base = ou=Groups,dc=test90,dc=kolabsys,dc=com
+version = 3
+bind_dn = uid=kolab-anonymous,ou=Special Users,dc=test90,dc=kolabsys,dc=com
+bind_pw = Welcome2KolabSystems
+scope = sub
+
+# This finds the mail enabled distribution group LDAP entry
+query_filter = (&(mail=%s)(objectClass=kolabgroupofuniquenames)(objectclass=groupofuniquenames))
+# From this type of group, get all uniqueMember DNs
+special_result_attribute = uniqueMember
+# Only from those DNs, get the mail
+result_attribute =
+leaf_result_attribute = mail
diff --git a/Installation_Guide/default configuration files/virtual_alias_maps_mailenabled_dynamic_distgroups.cf b/Installation_Guide/default configuration files/virtual_alias_maps_mailenabled_dynamic_distgroups.cf
new file mode 100644
index 0000000..17927a3
--- /dev/null
+++ b/Installation_Guide/default configuration files/virtual_alias_maps_mailenabled_dynamic_distgroups.cf
@@ -0,0 +1,14 @@
+server_host = ldap.test90.kolabsys.com
+search_base = ou=Groups,dc=test90,dc=kolabsys,dc=com
+version = 3
+bind_dn = uid=kolab-anonymous,ou=Special Users,dc=test90,dc=kolabsys,dc=com
+bind_pw = Welcome2KolabSystems
+scope = sub
+
+# This finds the mail enabled dynamic distribution group LDAP entry
+query_filter = (&(mail=%s)(objectClass=kolabgroupofuniquenames)(objectClass=groupOfURLs))
+# From this type of group, get all memberURL searches/references
+special_result_attribute = memberURL
+# Only from those DNs, get the mail
+result_attribute =
+leaf_result_attribute = mail
commit c45d2d6d203da7b0768254aa2504f09643d81910
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Fri Jul 1 11:07:09 2011 +0100
Add master.cf
diff --git a/Installation_Guide/default configuration files/master.cf b/Installation_Guide/default configuration files/master.cf
new file mode 100644
index 0000000..54f7b41
--- /dev/null
+++ b/Installation_Guide/default configuration files/master.cf
@@ -0,0 +1,94 @@
+smtp inet n - n - - smtpd -v
+submission inet n - n - - submission -v
+ -o smtpd_tls_security_level=encrypt
+ -o smtpd_sasl_auth_enable=yes
+ -o smtpd_sasl_authenticated_header=yes
+ -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+ -o smtpd_recipient_restrictions=$submission_recipient_restrictions
+ -o smtpd_sender_restrictions=$submission_sender_restrictions
+
+smtps inet n - n - - smtpd -v
+ -o smtpd_tls_wrappermode=yes
+ -o smtpd_sasl_auth_enable=yes
+ -o smtpd_sasl_authenticated_header=yes
+ -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+
+pickup fifo n - n 60 1 pickup
+cleanup unix n - n - 0 cleanup
+qmgr fifo n - n 300 1 qmgr
+tlsmgr unix - - n 1000? 1 tlsmgr
+rewrite unix - - n - - trivial-rewrite
+bounce unix - - n - 0 bounce
+defer unix - - n - 0 bounce
+trace unix - - n - 0 bounce
+verify unix - - n - 1 verify
+flush unix n - n 1000? 0 flush
+proxymap unix - - n - - proxymap
+smtp unix - - n - - smtp
+relay unix - - n - - smtp
+ -o fallback_relay=
+showq unix n - n - - showq
+error unix - - n - - error
+discard unix - - n - - discard
+local unix - n n - - local
+virtual unix - n n - - virtual
+lmtp unix - - n - - lmtp
+anvil unix - - n - 1 anvil
+scache unix - - n - 1 scache
+maildrop unix - n n - - pipe
+ flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
+uucp unix - n n - - pipe
+ flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
+ifmail unix - n n - - pipe
+ flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
+bsmtp unix - n n - - pipe
+ flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
+
+#
+# Filter email through Amavisd
+#
+smtp-amavis unix - - n - 3 smtp
+ -o smtp_data_done_timeout=1800
+ -o disable_dns_lookups=yes
+ -o smtp_send_xforward_command=yes
+ -o max_use=20
+
+#
+# Listener to re-inject email into Postfix for final
+# delivery
+#
+127.0.0.1:10025 inet n - n - 100 smtpd
+ -o content_filter=
+ -o local_recipient_maps=
+ -o relay_recipient_maps=
+ -o smtpd_restriction_classes=
+ -o smtpd_client_restrictions=
+ -o smtpd_helo_restrictions=
+ -o smtpd_sender_restrictions=
+ -o smtpd_recipient_restrictions=permit_mynetworks,reject
+ -o mynetworks=127.0.0.0/8
+ -o smtpd_authorized_xforward_hosts=127.0.0.0/8
+
+kolabpolicy unix - n n - - spawn
+ user=kolab-n argv=/usr/bin/perl /usr/libexec/postfix/kolab_smtpdpolicy -v
+
+kolabfilter unix - n n - - pipe
+ user=kolab-n null_sender= argv=/usr/bin/php
+ -c /etc/php.ini
+ -f /usr/libexec/kolab/kolabfilter
+ --
+ --sender=${sender}
+ --recipient=${recipient}
+ --client=${client_address}
+ --user=${sasl_username}
+ --config=/etc/kolab/kolabfilter.conf
+
+kolabmboxfilter unix - n n - - pipe
+ user=kolab-n null_sender= argv=/usr/bin/php
+ -c /etc/php.ini
+ -f /usr/libexec/kolab/kolabmailboxfilter
+ --
+ --sender=${sender}
+ --recipient=${recipient}
+ --client=${client_address}
+ --config=/etc/kolab/kolabfilter.conf
commit e91b004a8eaad27cb7dc0244bb891237ddbef2cf
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Fri Jul 1 11:04:49 2011 +0100
Add main.cf
diff --git a/Installation_Guide/default configuration files/main.cf b/Installation_Guide/default configuration files/main.cf
new file mode 100644
index 0000000..af4f0cc
--- /dev/null
+++ b/Installation_Guide/default configuration files/main.cf
@@ -0,0 +1,96 @@
+queue_directory = /var/spool/postfix
+command_directory = /usr/sbin
+daemon_directory = /usr/libexec/postfix
+mail_owner = postfix
+default_process_limit = 20
+myhostname = test90-1.test90.kolabsys.com
+mydomain = test90.kolabsys.com
+myorigin = $mydomain
+inet_interfaces = all
+
+# Obtain the list of domains from LDAP
+mydestination = ldap:/etc/postfix/ldap/mydestination.cf
+
+# Obtain the valid local recipients from LDAP
+local_recipient_maps = $alias_maps, $virtual_alias_maps, ldap:/etc/postfix/ldap/local_recipient_maps.cf
+
+virtual_alias_maps = ldap:/etc/postfix/ldap/virtual_alias_maps.cf
+
+unknown_local_recipient_reject_code = 550
+
+smtpd_tls_cert_file = /etc/pki/tls/certs/test90-1.test90.kolabsys.com.crt
+smtpd_tls_key_file = /etc/pki/tls/private/test90-1.test90.kolabsys.com.key
+smtpd_tls_received_header = yes
+smtpd_tls_security_level = may
+smtpd_tls_auth_only = yes
+
+# simultaneous connections any client is allowed to make to this service.
+smtpd_client_connection_count_limit = 2048
+
+smtpd_recipient_restrictions = permit_mynetworks
+ reject_unauth_pipelining
+ reject_rbl_client zen.spamhaus.org
+ reject_non_fqdn_recipient
+ reject_invalid_helo_hostname
+ reject_unknown_recipient_domain
+ reject_unauth_destination
+ check_policy_service unix:private/kolabpolicy
+ permit
+
+smtpd_sender_restrictions = permit_mynetworks
+ check_policy_service unix:private/kolabpolicy
+
+submission_recipient_restrictions = check_policy_service unix:private/kolabpolicy
+ permit_sasl_authenticated
+ reject
+
+submission_sender_restrictions = reject_non_fqdn_sender
+ reject_unlisted_sender
+ check_policy_service unix:private/kolabpolicy
+ permit_sasl_authenticated
+ reject
+
+relayhost = [10.10.90.254]
+default_transport = smtp:[10.10.90.254]
+
+# Enable this if you have broken clients (Microsoft Products <= 2005)
+broken_sasl_auth_clients = no
+# Point to the specific SASL configuration, blank is SASL default
+cyrus_sasl_config_path = /etc/sasl2/
+smtpd_sasl_auth_enable = yes
+smtpd_sasl_exceptions_networks =
+smtpd_sasl_local_domain =
+smtpd_sasl_path = smtpd
+smtpd_sasl_security_options = noanonymous
+smtpd_sasl_type = cyrus
+
+mynetworks_style = host
+mynetworks = 127.0.0.0/8
+
+content_filter = smtp-amavis:[127.0.0.1]:10024
+
+# Maximum message size is 20 megabytes:
+# 20 * 1024 kilobytes
+# 20 * 1024 * 1024 bytes
+message_size_limit = 20971520
+
+# The aliases come from LDAP too
+alias_maps = hash:/etc/aliases,
+ ldap:/etc/postfix/ldap/alias_maps.cf
+alias_database = hash:/etc/aliases
+
+recipient_delimiter = +
+
+mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
+
+debugger_command =
+ PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
+ xxgdb $daemon_directory/$process_name $process_id & sleep 5
+sendmail_path = /usr/sbin/sendmail.postfix
+newaliases_path = /usr/bin/newaliases.postfix
+mailq_path = /usr/bin/mailq.postfix
+setgid_group = postdrop
+html_directory = no
+manpage_directory = /usr/share/man
+sample_directory = /usr/share/doc/postfix-2.3.3/samples
+readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
More information about the commits
mailing list