Postfix SASL.

txt ==== Postfix SASL + Dovecot ==== ---------- : OK : ------------mkdir -p /etc/skel/Maildir/tmp mkdir -p /etc/skel/Maildir/new mkdir -p /etc/skel/Maildir/cur apt-get install postfix dovecot-common dovecot-imapd dovecot-pop3d libsasl2-2 libsasl2-modules sasl2-bin vi /etc/default/saslauthd START=yes MECHANISMS="pam" OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd" PWDIR="/var/spool/postfix/var/run/saslauthd" PARAMS="-m ${PWDIR}" PIDFILE="${PWDIR}/saslauthd.pid" vi /etc/postfix/master.cf smtp inet n submission inet n smtps inet n -

y n y

smtpd smtpd smtpd

touch /etc/postfix/sasl/smtpd.conf echo "pwcheck_method: saslauthd" >> /etc/postfix/sasl/smtpd.conf echo "mech_list: PLAIN LOGIN" >> /etc/postfix/sasl/smtpd.conf echo "auth required pam_unix.so nullok" >> /etc/pam.d/dovecot echo "account required pam_unix.so" >> /etc/pam.d/dovecot mkdir -p /var/spool/postfix/var/run/saslauthd dpkg-statoverride --force --update --add root sasl 755 /var/spool/postfix/var/run/saslauthd

touch smtpd.key chmod 600 smtpd.key openssl genrsa 2048 > smtpd.key openssl req -new -key smtpd.key -x509 -days 3650 -out smtpd.crt openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650 mv smtpd.key /etc/ssl/private/ mv smtpd.crt /etc/ssl/certs/ mv cakey.pem /etc/ssl/private/ mv cacert.pem /etc/ssl/certs/ postconf postconf postconf postconf postconf postconf postconf postconf postconf postconf postconf postconf postconf postconf postconf -e -e -e -e -e -e -e -e -e -e -e -e -e -e -e "mynetworks = 127.0.0.0/8" "mailbox_size_limit = 10240000" "home_mailbox = Maildir/" "smtpd_sasl_auth_enable = yes" "broken_sasl_auth_clients = yes" "smtpd_sasl_authenticated_header = yes" "smtpd_recipient_restrictions = permit_sasl_authenticated reject" "smtpd_client_restrictions = permit_sasl_authenticated reject" "smtpd_sender_restrictions = permit_sasl_authenticated reject" "smtpd_helo_required = yes" "smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt" "smtpd_tls_key_file = /etc/ssl/private/smtpd.key" "smtpd_use_tls=yes" "smtpd_sasl_type = dovecot" "smtpd_sasl_path = private/auth" Page 1

Postfix SASL.txt postconf -e "smtpd_sasl_security_options = noanonymous" postconf -e "smtpd_tls_auth_only = yes" == Dovecot == echo "ssl = yes >> /etc/dovecot/dovecot.conf" echo "disable_plaintext_auth = no" >> /etc/dovecot/dovecot.conf" echo "mail_location = maildir:~/Maildir" >> /etc/dovecot/dovecot.conf" auth default { mechanisms = plain login passdb pam { } socket listen { client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } ========================================================= ++ Webmin echo "deb http://download.webmin.com/download/repository sarge contrib" >> /etc/apt/sources.list echo "deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib" >> /etc/apt/sources.list cd /root wget http://www.webmin.com/jcameron-key.asc apt-key add jcameron-key.asc apt-get update apt-get install webmin ========================================================= ++ Apache + PHP + MySQL apt-get install apache2 apache2.2-common mysql-server mysql-client php5 libphp-jpgraph php5-auth-pam php-auth php5-sasl php5-suhosin php-pear php5-cgi php5-cli php5-common php5-curl php5-gd php5-gmp php5-imap php5-intl php5-ldap php5-mcrypt php5-mysql php5-tidy php5-xmlrpc php5-xsl php5-remctl php5-xcache php5-xdebug php5-imagick php5-memcache php5-mhash php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl php5-json apache2-mpm-prefork libapache2-mod-php5 php-mdb2 ========================================================= ++ Syslog-NG + PostgreSQL apt-get install syslog-ng libdbd-mysql apt-get install postgresql postgresql-client syslog-ng libdbd-pgsql su - postgres psql -U postgres CREATE ROLE syslog WITH LOGIN; CREATE ROLE logwrite WITH LOGIN; \password syslog \password logwrite CREATE DATABASE syslog OWNER syslog; Page 2

Postfix SASL.txt vi /etc/syslog-ng/syslog-ng.conf destination d_maillog { sql(type(pgsql) host("127.0.0.1") username("logwrite") password("PASSWORD") database("syslog") table("maillog_${R_YEAR}") columns("datetime timestamp with time zone", "host varchar(32)", "program varchar(16)", "pid varchar(16)", "message text") values("$R_ISODATE", "$HOST", "$PROGRAM", "$PID", "$MSG") indexes("datetime", "host", "program", "pid", "message")); }; destination d_mailinfo { sql(type(pgsql) host("127.0.0.1") username("logwrite") password("PASSWORD") database("syslog") table("mailinfo_${R_YEAR}") columns("datetime timestamp with time zone", "host varchar(32)", "program varchar(16)", "pid varchar(16)", "message text") values("$R_ISODATE", "$HOST", "$PROGRAM", "$PID", "$MSG") indexes("datetime", "host", "program", "pid", "message")); }; destination d_mailwarn { sql(type(pgsql) host("127.0.0.1") username("logwrite") password("PASSWORD") database("syslog") table("mailwarn_${R_YEAR}") columns("datetime timestamp with time zone", "host varchar(32)", "program varchar(16)", "pid varchar(16)", "message text") values("$R_ISODATE", "$HOST", "$PROGRAM", "$PID", "$MSG") indexes("datetime", "host", "program", "pid", "message")); }; destination d_mailerr { program("/usr/bin/mysql -usyslogadmin -psyslogadmin syslog" host("127.0.0.1") username("logwrite") password("PASSWORD") database("syslog") table("mailerr_${R_YEAR}") columns("datetime timestamp with time zone", "host varchar(32)", "program varchar(16)", "pid varchar(16)", "message text") values("$R_ISODATE", "$HOST", "$PROGRAM", "$PID", "$MSG") indexes("datetime", "host", "program", "pid", "message")); }; log log log log { { { { source(s_src); source(s_src); source(s_src); source(s_src); filter(f_mail); filter(f_mail); filter(f_mail); filter(f_mail); destination(d_maillog); }; filter(f_info); destination(d_mailinfo); }; filter(f_warn); destination(d_mailwarn); }; filter(f_err); destination(d_mailerr); };

================== MySQL ================== destination my_mailerr { program("mysql -usysuser -pPwd4Sys syslog" template("INSERT INTO mailerr (host, facility, priority, level, tag, datetime, program, msg) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC', Page 3

Postfix SASL.txt '$PROGRAM', '$MSG' );\n") template-escape(yes)); }; destination my_mailinfo { program("mysql -usysuser -pPwd4Sys syslog" template("INSERT INTO mailinfo (host, facility, priority, level, tag, datetime, program, msg) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n") template-escape(yes)); }; destination my_maillog { program("mysql -usysuser -pPwd4Sys syslog" template("INSERT INTO maillog (host, facility, priority, level, tag, datetime, program, msg) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n") template-escape(yes)); }; destination my_mailwarn { program("mysql -usysuser -pPwd4Sys syslog" template("INSERT INTO mailwarn (host, facility, priority, level, tag, datetime, program, msg) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n") template-escape(yes)); }; log log log log { { { { source(s_src); source(s_src); source(s_src); source(s_src); filter(f_mail); filter(f_mail); filter(f_mail); filter(f_mail); destination(my_maillog); }; filter(f_info); destination(my_mailinfo); }; filter(f_warn); destination(my_mailwarn); }; filter(f_err); destination(my_mailerr); };

Page 4