Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Mail server
Special Forums UNIX and Linux Applications Mail server Post 302929238 by Budrys on Friday 19th of December 2014 03:55:36 AM
Old 12-19-2014
main.cf:

Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = vpc2a
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = vpc2a.wi.zut.edu.pl, localhost, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

Restarted Postfix.

/etc/hosts:
Code:
127.0.0.1       localhost
127.0.1.1       UBUNTU12.04-LAB UBUNTU12
192.168.200.93  vpc2a.wi.zut.edu.pl




# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

Is etc/postfix/virtual is correct:?
Code:
user@vpc2a user

 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

can not send mail from unix server to company/yahoo mail

hi, Gurus, I need some help with sending mail out from my UNIX server: It is running Solaris 2.6 and the sendmail version is 8.8. Output of :/usr/lib/sendmail -d0.1 -bt < /dev/null Version 8.8.8+Sun Compiled with: LOG MATCHGECOS MIME7TO8 MIME8TO7 NAMED_BIND NDBM NETINET ... (5 Replies)
Discussion started by: b5fnpct
5 Replies

2. Solaris

identify the mail server for mail command

Hi , I am new to unix , i am using the mail and mailx command to send the mail .How come i will know the my mail command using which server as mail box.. Please help me .. Thanks in advance (1 Reply)
Discussion started by: julirani
1 Replies

3. Shell Programming and Scripting

script to read mail on a mail server

Hi All, Is there any way Unix shell script can directly read a mail on a mail server (for eg. abc@xyz.com) and save it as a text file in a unix directory ? Thanks PRKS ---------- Post updated at 08:37 AM ---------- Previous update was at 08:36 AM ---------- I am using ksh (1 Reply)
Discussion started by: PRKS
1 Replies

4. UNIX for Advanced & Expert Users

How to relay mail to mail server from Unix ?

Hi, I need to send email notifications from Unix/Linux box to users using mailx. In these Unix/Linux boxes mail is not configured however we are having mail server configured in our LAN. Could you please provide instructions to configure relay in these boxes so that we can relay our mails... (3 Replies)
Discussion started by: sourabhsharma
3 Replies

5. HP-UX

[Solved] How do I configure Unix Mail Server to use another Mail Exchange Server

We have configured our mail unix server and can send out emails automatically from applications running on unix to different people in our company as well as outside our company. However there is an outside client who is not receiving these emails because the settings on their mail server cannot... (4 Replies)
Discussion started by: Tenyhwa
4 Replies

6. UNIX for Advanced & Expert Users

need to configure mail setting to send mail to outlook mail server

i have sun machines having solaris 9 & 10 OS . Now i need to send mail from the machines to my outlook account . I have the ip adress of OUTLOOK mail server. Now what are the setting i need to do in solaris machines so that i can use mailx or sendmail. actually i am trying to automate the high... (2 Replies)
Discussion started by: amitranjansahu
2 Replies

7. UNIX for Dummies Questions & Answers

Minimal Mail Server Setup for Local Mail Transfer

I am trying to get stored mail out of an old mail client. I figured that the easiest way to do it is with IMAP by logging in with both clients. I can copy the mail to the server from the old mail client, and back down into the new mail client. Rather than using a real mail account on the... (2 Replies)
Discussion started by: nixie
2 Replies

8. UNIX for Advanced & Expert Users

How can I send a mail from my outlook or other mail accounts to UNIX server?

Hi all, I want to send a mail for my business needs from outlook account to an unix server (HP-UX) but I don't send any mail. While I can send from the unix server to my outlook account, I can't send from outlook to unix. How can I achieve this ? How can I send a mail from my outlook or other... (2 Replies)
Discussion started by: igelegin
2 Replies

9. Shell Programming and Scripting

How to send mail using PHP mail function On apache server.?

Hello, I am using centos-6.2 I have apache server,php5 on my system and I want to send mail using sendmail on my system. when I try to send mail from shell that time mail is succesfully sent to respective address() but when I try to send it through webbrowser I am not able to send it.... (1 Reply)
Discussion started by: Kiran ursal
1 Replies

LEARN ABOUT FREEBSD

postfix-tls

POSTFIX-TLS(1)						      General Commands Manual						    POSTFIX-TLS(1)

NAME

       postfix-tls - Postfix TLS management

SYNOPSIS

       postfix tls subcommand

DESCRIPTION

       The  "postfix  tls subcommand" feature enables opportunistic TLS in the Postfix SMTP client or server, and manages Postfix SMTP server pri-
       vate keys and certificates.

       The following subcommands are available:

       enable-client [-r randsource]
	      Enable opportunistic TLS in the Postfix SMTP client, if all SMTP client TLS settings are at their default values.   Otherwise,  sug-
	      gest parameter settings without making any changes.

	      Specify  randsource to update the value of the tls_random_source configuration parameter (typically, /dev/urandom).  Prepend dev: to
	      device paths or egd: to EGD socket paths.

	      See also the all-default-client subcommand.

       enable-server [-r randsource] [-a algorithm] [-b bits] [hostname...]
	      Create a new private key and self-signed server certificate and enable opportunistic TLS in the Postfix SMTP  server,  if  all  SMTP
	      server TLS settings are at their default values.	Otherwise, suggest parameter settings without making any changes.

	      The randsource parameter is as with enable-client above, and the remaining options are as with new-server-key below.

	      See also the all-default-server subcommand.

       new-server-key [-a algorithm] [-b bits] [hostname...]
	      Create  a new private key and self-signed server certificate, but do not deploy them. Log and display commands to deploy the new key
	      and corresponding certificate.  Also log and display commands to output a corresponding CSR or TLSA records which may be	needed	to
	      obtain a CA certificate or to update DNS before the new key can be deployed.

	      The algorithm defaults to rsa, and bits defaults to 2048.  If you choose the ecdsa  algorithm then bits will be an EC curve name (by
	      default secp256r1, also known as prime256v1).  Curves other than secp256r1, secp384r1 or secp521r1 are unlikely to be widely  inter-
	      operable.  When generating EC keys, use one of these three.  DSA keys are obsolete and are not supported.

	      Note:  ECDSA  support  requires OpenSSL 1.0.0 or later and may not be available on your system.  Not all client systems will support
	      ECDSA, so you'll generally want to deploy both RSA and ECDSA certificates to make use of ECDSA with compatible clients and RSA  with
	      the rest. If you want to deploy certificate chains with intermediate CAs for both RSA and ECDSA, you'll want at least OpenSSL 1.0.2,
	      as earlier versions may not handle multiple chain files correctly.

	      The first hostname argument will be the CommonName of both the subject and issuer of the self-signed certificate.  It, and any addi-
	      tional hostname arguments, will also be listed as DNS alternative names in the certificate.  If no hostname is provided the value of
	      the myhostname main.cf parameter will be used.

	      For RSA, the generated private key and certificate files	are  named  key-yyyymmdd-hhmmss.pem  and  cert-yyyymmdd-hhmmss.pem,  where
	      yyyymmdd is the calendar date and hhmmss is the time of day in UTC.  For ECDSA, the file names start with eckey- and eccert- instead
	      of key- and cert- respectively.

	      Before deploying the new key and certificate with DANE, update the DNS with new DANE TLSA records, then  wait  for  secondary  name-
	      servers to update and then for stale records in remote DNS caches to expire.

	      Before  deploying a new CA certificate make sure to include all the required intermediate issuing CA certificates in the certificate
	      chain file.  The server certificate must be the first certificate in the chain file.  Overwrite and deploy the file with the  origi-
	      nal self-signed certificate that was generated together with the key.

       new-server-cert [-a algorithm] [-b bits] [hostname...]
	      This is just like new-server-key except that, rather than generating a new private key, any currently deployed private key is copied
	      to the new key file.  Thus if you're publishing DANE TLSA "3 1 1" or "3 1 2" records, there is no need to update DNS  records.   The
	      algorithm and bits arguments are used only if no key of the same algorithm is already configured.

	      This command is rarely needed, because the self-signed certificates generated have a 100-year nominal expiration time.  The underly-
	      ing public key algorithms may well be obsoleted by quantum computers long before then.

	      The most plausible reason for using this command is when the system hostname changes, and you'd like the name in the certificate	to
	      match the new hostname (not required for DANE "3 1 1", but some needlessly picky non-DANE opportunistic TLS clients may log warnings
	      or even refuse to communicate).

       deploy-server-cert certfile keyfile
	      This subcommand deploys the certificates in certfile and private key in keyfile (which  are  typically  generated  by  the  commands
	      above, which will also log and display the full command needed to deploy the generated key and certificate).  After the new certifi-
	      cate and key are deployed any obsolete keys and certificates may be removed by hand.   The keyfile and  certfile	filenames  may	be
	      relative to the Postfix configuration directory.

       output-server-csr [-k keyfile] [hostname...]
	      Write to stdout a certificate signing request (CSR) for the specified keyfile.

	      Instead  of an absolute pathname or a pathname relative to $config_directory, keyfile may specify one of the supported key algorithm
	      names (see "postconf -T public-key-algorithms"). In that case, the corresponding setting from main.cf is used to locate the keyfile.
	      The default keyfile value is rsa.

	      Zero or more hostname values can be specified.  The default hostname is the value of myhostname main.cf parameter.

       output-server-tlsa [-h hostname] [keyfile...]
	      Write  to  stdout  a DANE TLSA RRset suitable for a port 25 SMTP server on host hostname with keys from any of the specified keyfile
	      values.  The default hostname is the value of the myhostname main.cf parameter.

	      Instead of absolute pathnames or pathnames relative to $config_directory, the keyfile list may specify names of supported public key
	      algorithms  (see	"postconf  -T public-key-algorithms").	In that case, the actual keyfile list uses the values of the corresponding
	      Postfix server TLS key file parameters.  If a parameter value is empty or equal to none, then no TLSA  record  is  output  for  that
	      algorithm.

	      The default keyfile list consists of the two supported algorithms rsa and ecdsa.

AUXILIARY COMMANDS

       all-default-client
	      Exit with status 0 (success) if all SMTP client TLS settings are
	      at their default values.	Otherwise, exit with a non-zero status.
	      This is typically used as follows:

	      postfix tls all-default-client &&
		      postfix tls enable-client

       all-default-server
	      Exit with status 0 (success) if all SMTP server TLS settings are
	      at their default values.	Otherwise, exit with a non-zero status.
	      This is typically used as follows:

	      postfix tls all-default-server &&
		      postfix tls enable-server

CONFIGURATION PARAMETERS

       The "postfix tls subcommand" feature reads or updates the following configuration parameters.

       command_directory (see 'postconf -d' output)
	      The location of all postfix administrative commands.

       config_directory (see 'postconf -d' output)
	      The default location of the Postfix main.cf and master.cf configuration files.

       openssl_path (openssl)
	      The location of the OpenSSL command line program openssl(1).

       smtp_tls_loglevel (0)
	      Enable additional Postfix SMTP client logging of TLS activity.

       smtp_tls_security_level (empty)
	      The  default  SMTP  TLS security level for the Postfix SMTP client; when a non-empty value is specified, this overrides the obsolete
	      parameters smtp_use_tls, smtp_enforce_tls, and smtp_tls_enforce_peername.

       smtp_tls_session_cache_database (empty)
	      Name of the file containing the optional Postfix SMTP client TLS session cache.

       smtpd_tls_cert_file (empty)
	      File with the Postfix SMTP server RSA certificate in PEM format.

       smtpd_tls_eccert_file (empty)
	      File with the Postfix SMTP server ECDSA certificate in PEM format.

       smtpd_tls_eckey_file ($smtpd_tls_eccert_file)
	      File with the Postfix SMTP server ECDSA private key in PEM format.

       smtpd_tls_key_file ($smtpd_tls_cert_file)
	      File with the Postfix SMTP server RSA private key in PEM format.

       smtpd_tls_loglevel (0)
	      Enable additional Postfix SMTP server logging of TLS activity.

       smtpd_tls_received_header (no)
	      Request that the Postfix SMTP server produces Received:  message headers that include information  about	the  protocol  and  cipher
	      used, as well as the remote SMTP client CommonName and client certificate issuer CommonName.

       smtpd_tls_security_level (empty)
	      The SMTP TLS security level for the Postfix SMTP server; when a non-empty value is specified, this overrides the obsolete parameters
	      smtpd_use_tls and smtpd_enforce_tls.

       tls_random_source (see 'postconf -d' output)
	      The external entropy source for the in-memory tlsmgr(8) pseudo random number generator (PRNG) pool.

SEE ALSO

       master(8) Postfix master program
       postfix(1) Postfix administrative interface

README FILES

       Use "postconf readme_directory" or "postconf html_directory" to locate this information.
       TLS_README, Postfix TLS configuration and operation

LICENSE

       The Secure Mailer license must be distributed with this software.

HISTORY

       The "postfix tls" command was introduced with Postfix version 3.1.

AUTHOR(S)
       Viktor Dukhovni

																    POSTFIX-TLS(1)
All times are GMT -4. The time now is 07:19 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy