Full Mail Server Solution w/ Virtual Domains & Users (Debian Etch, Postfix, Mysql, Dovecot, DSpam, ClamAV, Postgrey, RBL) - Page 3
IV. Postfix on the Mail Exchange Servers
A. Re-building Postfix
The version of Postfix included in the Debian Etch distribution has broken quota support. We're going to need to re-build it for quotas to work. This re-build process should NOT be done on the actual production MX servers. Have a seperate server sitting on the side (Or even just a seperate Virtual Machine in Xen) for performing build-tasks. Our server for this task is build.internal.example.com. On that server, install the needed build tools:
# apt-get install build-essential dpkg-dev fakeroot debhelper libgdbm-dev libldap2-dev libpcre3-dev libssl-dev libsasl2-dev postgresql-dev po-debconf dpatch libdb4.3-dev libmysqlclient15-dev lsb-release libcdb-dev
Then go ahead and download the source to the Postfix package:
# cd /usr/src
# apt-get source postfix
NOTE: Make sure you're using the correct Postfix version with the following commands! This was written against Postfix 2.3.8. You can determine you're current running postfix version by typing this at the prompt:
# postconf -d | grep mail_version
The output should look like:
# postconf -d | grep mail_version
mail_version = 2.3.8
milter_macro_v = $mail_name $mail_version
Assuming everything is good to go (and you've got the right versions), grab the quota patch:
# wget http://vda.sourceforge.net/VDA/postfix-2.3.8-vda.patch.gz
You then need to unzip the patch, and apply it to the new
# gunzip postfix-2.3.8-vda.patch.gz
# cd postfix-2.3.8
# patch -p1 < ../postfix-2.3.8-vda.patch
And then finally, rebuild the patched-package:
You may see a warning like this at the end of the dpkg-buildpackage command:
(Warning: Failed to sign .dsc and .changes file)
You can safely ignore this message.
This new rebuild will result in multiple packages being built, you want to copy postfix_2.3.8-1_i386.deb and postfix-mysql_2.3.8-2_i386.deb to your mail exchangers (MX-1 and MX-2). You are then ready to install!
B. Installing Postfix
Since we are using a Debian-based system, installing Postfix is a walk in the park. This subsection assumes you're working on Mail Exchanger 1 (mx-1.example.com), if you're working on MX-2, just exchange the server name in any config files, and you should be
good to go. Start the installation by running the following:
# dpkg -i postfix_2.3.8-2_i386.deb
# dpkg -i postfix-mysql_2.3.8-2_i386.deb
If/when the auto-configuration asks you questions about postfix during the installation, just select "No Configuration" (Since you're using this guide, you're going to configure it yourself!)
dpkg is going to install all of the configuration files for Postfix into /etc/postfix, so go there, and create the file main.cf:
# cd /etc/postfix
# touch main.cf
The main.cf file can be edited using two different methods. You can use your favorite text editor, or you can use the built-in postfix toolpostconf. We've already used postconf once to determine our version in subsection IV.A above.
The real benefit of the postconf tool is that it has some built in error checking, and it eliminates the possibility of 'weirdness' due to carriage returns, line feeds, odd quotes, etc. We'll be using it in this guide, but there really is no requirement.
Start by filling in the basic information:
# postconf -e 'myhostname = mx-1.example.com'
# postconf -e 'smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)'
# postconf -e 'biff = no'
# postconf -e 'append_dot_mydomain = no'
# postconf -e 'myorigin = example.com'
# postconf -e 'mydestination = $myhostname, localhost, locahost.localdomain'
# postconf -e 'mynetworks = 127.0.0.0/8'
# postconf -e 'recipient_delimiter = +'
# postconf -e 'inet_interfaces = all'
# postconf -e 'proxy_read_maps = $local_recipient_maps $mydestination \
$virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps \
$virtual_mailbox_domains $relay_recipient_maps $relay_domains \
$canonical_maps $sender_canonical_maps $recipient_canonical_maps \
$relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps'
This is all you actually need to get a fully functional mail server running w/ standard unix users. We don't want standard unix users, so we'll be editing this file quite a bit. Remember though, change example.com to your own domain! (And mx-1 to mx-2 on the second server!)