1. Homework 3
Mail System Hint

2. Software SMTP POP/IMAP MTA filter MDA filter Anti-virus Grey listing
mail/postfix
POP/IMAP
mail/dovecot
MTA filter
mail/bogofilter
mail/p5-Mail-SpamAssassin
security/amavisd-new
Interface between MTA and content filter
MDA filter
mail/procmail
Anti-virus
security/clamav
Grey listing
mail/postgrey
Webmail
www/horde-base
mail/roundcube

3. Postfix - installation
make config Options
Installation notices
[X] PCRE Perl Compatible Regular Expressions
[X] DOVECOT Dovecot SASL authentication method
[X] TLS Enable SSL and TLS support
Added group "postfix".
Added group "maildrop".
Added user "postfix".
You need user "postfix" added to group "mail".
Would you like me to add it [y]? y
…..
install -o root -g wheel -m 444 /usr/ports/mail/postfix/work/postfix-2.7.0/man/man1/qshape.1 /usr/local/man/man1
Would you like to activate Postfix in /etc/mail/mailer.conf [n]?y

4. Postfix - configure Stop sendmail Edit /etc/default/periodic.conf
Edit /etc/rc.conf
Edit /usr/local/etc/postfix/main.cf
myhostname、mydomain…
/etc/rc.d/sendmail stop
daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
postfix_enable="YES"

5. Postfix - start Start postfix You should check if any error
/usr/local/etc/rc.d/postfix start
tail -F /var/log/messages
tail -F /var/log/maillog
Appendix: TLS key generation

6. Dovecot In this hw3 it can… Configure by yourself Edit /etc/rc.conf
Provide POP(s)/IMAP(s) services
Support SMTP AUTH through Dovecot SASL
Configure by yourself
/usr/local/etc/dovecot.conf
/usr/local/etc/postfix/main.cf
Edit /etc/rc.conf
Start
Over TLS: gen. key 請找 SA 講義
dovecot_enable="YES"
/usr/local/etc/rc.d/dovecot start
Ref: /usr/local/share/doc/postfix/SASL_README
Appendix: TLS key generation

7. Test for mail
Before the next steps, you should test for mail, how to ?
Ex: outlook

8. Test for mail - Outlook
Tip: 如果有做 TLS, 則需要勾取 SSL 安全連線(注意 port 跟系統上 listen 的一不一樣)

9. Amavisd-new Edit /etc/rc.conf Configure by yourself
/usr/local/etc/amavisd.conf
/usr/local/etc/postfix/main.cf
/usr/local/etc/postfix/master.cf
First time you need to sa-update
Start
amavisd_enable="YES"
/usr/local/etc/rc.d/amavisd start

10. Auto authentication robot - flowTA
Mail to
HTTP GET REQUEST`
Your mail server
web site

11. Auto authentication robot - configure
Edit main.cf
virtual_maps = ….
transport_maps = ….
Edit master.cf
autovaild unix - n n - - pipe flags=FR user=nobody argv=/usr/local/etc/postfix/autovaild.pl $sender $recipient
autovaild.pl

12. Auto authentication robot - result
What autovaild.pl need to do?
TA will send mail contained the following
You should parse above and send GET request by autovaild.pl, store the content in /tmp/VirtualMail/
site:
key=
Tip: VirtualMail 要自己建立, 注意權限問題
> cat /tmp/VirtualMail/vaild.php
authentication successful!

13. Important!
You are not sure if components work normally, logs would provide sufficient information
/var/log/maillog
/var/log/messages
/var/log/…
* DNSBL server demo 時會提供, 同學請先自行上網搜尋

14. Appendix - Key generation
Reference
SA course: Public-key Infrastructure
/usr/src/crypto/openssl/apps/CA.sh