Full Mail Server Solution w/ Virtual Domains & Users (Debian Etch, Postfix, Mysql, Dovecot, DSpam, ClamAV, Postgrey, RBL) - Page 4

B. Setting up Postfix for Virtual Users & Domains

Even though the mail exchangers won't be delivering mail to the virtual users and domains, they will be rejecting based on valid/invalid destinations. We therefore need the mx servers to be able to connect to the SQL server to verify destinaions. Go ahead and put the information into postconf:

# postconf -e 'virtual_alias_domains ='
# postconf -e 'virtual_alias_maps = proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf'
# postconf -e 'virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf'
# postconf -e 'virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf'
# postconf -e 'virtual_mailbox_base = /vmail'
# postconf -e 'virtual_minimum_uid = 150'
# postconf -e 'virtual_uid_maps = static:150'
# postconf -e 'virtual_gid_maps = static:8'
# postconf -e 'virtual_create_maildirsize = yes'
# postconf -e 'virtual_mailbox_extended = yes'
# postconf -e 'virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf'
# postconf -e 'virtual_mailbox_limit_override = yes'
# postconf -e 'virtual_maildir_limit_message = "The user you are trying to reach has exceeded their quota."'
# postconf -e 'virtual_overquota_bounce = yes'
# postconf -e 'transport_maps = proxy:mysql:/etc/postfix/mysql_virtual_transports.cf'

There are several 'gotchas' here. This configuration will host the virtual user mailboxes in /vmail. Should you need to store your mailboxes in another location, change the virtual_mailbox_base line accordingly.

The virtual_minimum_uid and virtual_uid_maps point to user id 150. This user id is for a specifically create "Virtual Mail" user. It uses the standard "mail" group, with the default (Debian) gid of 8. You can create the user and directory like this:

# useradd -r -u 150 -g mail -d /var/vmail -s /sbin/nologin -c "Virtual Mailbox" vmail
# mkdir /var/vmail
# chmod 770 /var/vmail/
# chown vmail:mail /var/vmail/

Now we need to install the NFS client tools:

# apt-get install nfs-common portmap

The directory then needs to be mounted to the NFS share. To do a simple test, run the following:

# mount files-1.internal.example.com:/vmail /vmail

You should now have access to the /vmail share from files-1. Try writing a file (It shouldn't work!):

# cd /vmail
# touch tmp

NOTE: You should get a read-only error!

Assuming everything is working, go ahead and unmount the NFS:

# cd /
umount /vmail

And then make the mount permanent by putting the following into your /etc/fstab:

[...]
files-1.internal.example.com:/vmail /vmail nfs ro,rsize=4096,hard,intr,tcp,noatime,nodev,async 0 0

Go ahead and mount the file system one last time:

# mount /vmail

... and you're good to go!

C. Postfix MySQL Configuration

Postfix was installed with MySQL support, but that doesn't mean it already knows how to use our database. It needs to be provided with various SQL-query information for each type of table in our database. This information is stored in the MySQL files defined in the main.cf file. Note that in the following files, the last line contains a single comment (Preceeded by #) with the full query. Recent versions of Postfix can use this instead of the other statements. If you're using a newer version, just comment out all of the other lines, and uncomment the query statement.

/etc/postfix/mysql_virtual_alias_maps.cf

user = vmail_user
password = vmail_user_password
hosts = sql-1.internal.example.com
dbname = virtual_mail
table = alias
select_field = goto
where_field = address
additional_conditions = and active = '1'
#query = SELECT goto FROM alias WHERE address='%s' AND active = '1'

/etc/postfix/mysql_virtual_domains_maps.cf

user = vmail_user
password = vmail_user_password
hosts = sql-1.internal.example.com
dbname = virtual_mail
table = domain
select_field = domain
where_field = domain
additional_conditions = and backupmx = ‘0? and active = ‘1?
#query = SELECT domain FROM domain WHERE domain=’%s’ AND backupmx = ‘0? AND active = ‘1?

/etc/postfix/mysql_virtual_mailbox_limit_maps.cf

user = vmail_user
password = vmail_user_password
hosts = sql-1.internal.example.com
dbname = virtual_mail
table = mailbox
select_field = quota
where_field = username
additional_conditions = and active = ‘1?
#query = SELECT quota FROM mailbox WHERE username=’%s’ AND active = ‘1?

/etc/postfix/mysql_virtual_mailbox_maps.cf

user = vmail_user
password = vmail_user_password
hosts = sql-1.internal.example.com
dbname = virtual_mail
table = mailbox
select_field = CONCAT(domain,’/',maildir)
where_field = username
additional_conditions = and active = ‘1?
#query = SELECT CONCAT(domain,’/',maildir) FROM mailbox WHERE username=’%s’ AND active = ‘1?

/etc/postfix/mysql_virtual_transports.cf

user = vmail_user
password = vmail_user_password
hosts = sql-1.internal.example.com
dbname = virtual_mail
table = domain
select_field = transport
where_field = domain
additional_conditions = and active = ‘1?
#query = SELECT transport FROM domain WHERE domain=’%s’ AND active = ‘1?
Share this page:

Sub pages

5 Comment(s)

Add comment

Comments

From: at: 2008-03-27 06:06:28

Hi Vector,

I would just like to know how the mail gets transferred from the MX's to the delivery server (postman). I'm trying to understand how this full mail server setup works because I would like to implement something similar to this but using centos and ldap users.  

From: Stefan at: 2008-11-01 18:07:49

There is no explanation on how the mail is actually transfered from the MX server to the Mail Delivery Server. Using the steps in the guide will make the MX server try to deliver the mail directory into the NFS shared vmail folder, which isn't the desired behaviour.

From: Matt at: 2009-06-15 13:16:16

"NOTE: This is a temporary setup, just because we hadn't finished the DSPAM virtual user install prior to writing this guide. Ideally, you'd want DSPAM looking at the same virtual user table as Postfix in order to get all the token information stored correctly. I'll update the guide as soon as we've completed that change-over."

 Has this been updated anywhere? can anyone shed some light on what changes should be made?

 

From: mbsouth at: 2009-09-10 10:02:01

Would be nice to have an updated howto (based an this one) with Debian Lenny, Postfix 2.5(6), Dovecot 1.1(2) on three nodes (2xSMTP Postfix, 1x Dovecot IMAP/POP3)

 

From: at: 2007-11-15 20:55:15

Heads up when using the configuration examples for the mailbox path. Since maildir:/vmail/%d/%u is used in dovecot.conf, you should do the same in dovecot-sql.conf.

Such as:

# Get the mailbox
user_query = SELECT '/vmail/%d/%u' AS home, 'maildir:/vmail/%d/%u' AS mail, 150 AS uid, 8 AS gid, CONCAT('dirsize:storage=', quota) AS quota FROM mailbox WHERE username = '%u' AND active = '1'
# Get the password
password_query = SELECT username AS user, password, '/vmail/%d/%u' AS userdb_home, 'maildir:/vmail/%d/%u' AS userdb_mail, 150 AS userdb_uid, 8 AS userdb_gid FROM mailbox WHERE username = '%u' AND active = '1'

Otherwise mail is delivered to /vmail/domain/user@domain and then IMAP checks /vmail/domain/user

Or change dovecot.conf to maildir:/vmail/%d/%n if you prefer the latter.