scan mails sortant

Discussion dans 'Windows' créé par Nmy, 26 Mars 2008.

Statut de la discussion:
Fermée.
  1. Offline
    Nmy Touriste
    hello,

    bon je tourne sur etch et j ai monte un serveur mail


    je voudrais scanner mes mails sortants aussi

    ma config

    etch+postfix+dspam+clamav+mysql

    main.cf

    myhostname = monserveur
    mydomain = mondomaine
    myorigin = $mydomain
    mynetworks = 127.0.0.0/8, 9monippub

    2bounce_notice_recipient = admin
    bounce_notice_recipient = admin
    bounce_service_name = bounce
    double_bounce_sender = double-bounce
    error_notice_recipient = admin
    show_user_unknown_table_name = no

    queue_directory = /var/spool/postfix
    command_directory = /usr/sbin
    #inet_interfaces = 127.0.0.1, monippub
    inet_interfaces = all

    sendmail_path = /usr/sbin/sendmail
    newaliases_path = /usr/bin/newaliases
    mailq_path = /usr/bin/mailq

    nested_header_checks =
    mime_header_checks = regexp:/etc/postfix/mime_checks

    smtpd_banner = Server $myhostname ESMTP
    bounce_queue_lifetime = 1d
    maximal_queue_lifetime = 1d
    delay_warning_time = 1h
    #bounce_template_file = /etc/postfix/bounce.cf

    # message_size_limit : email size allowed by Postfix (here, around 40 MB)
    message_size_limit = 40971520
    # mailbox_size_limit only applies to local mailboxes.
    # we do NOT use local mailboxes but still set it *just in case*
    mailbox_size_limit = 1048576000
    # The minimal amount of free space in bytes in the queue file system that is needed to receive mail (around 150 Mb here)
    queue_minfree = 150000000

    setgid_group = postdrop
    mail_owner = postfix
    notify_classes = resource,software

    disable_vrfy_command = yes
    smtpd_helo_required = yes
    biff = no

    smtpd_error_sleep_time = 10s
    smtpd_hard_error_limit = 5
    smtpd_soft_error_limit = 2

    default_process_limit = 50

    anvil_rate_time_unit = 60s
    anvil_status_update_time = 600s

    append_at_myorigin = yes
    ppend_dot_mydomain = no

    # Client restrictions : which clients postfix will accept in SMTP connections
    # Allowing LAN users, SASL authenticated users.
    # Else, RBL checks against the client. If client is listed, the SMTP connection is discarded and is not going to the next step (MAIL FROM).
    smtpd_client_restrictions =
    permit_mynetworks
    # permit_sasl_authenticated required, without that, the remote client would be checked against the RBL
    # If listed in the RBL, your trusted client would not be able to send using SMTP AUTH !
    permit_sasl_authenticated
    reject_rbl_client sbl-xbl.spamhaus.org
    reject_rbl_client list.dsbl.org

    # Sender restrictions : what postfix will accept in MAIL FROM command
    # Reject non FQDN email address from senders (as required by the RFC)
    smtpd_sender_restrictions =
    reject_non_fqdn_sender

    # Recipient restrictions : what postfix will accept in the RCPT TO command
    # Relay : will allow users on the LAN, SASL authenticated users.
    # Will reject anything else unless "RCPT TO" matches relay_domains or Postfix is the final destination
    smtpd_recipient_restrictions =
    permit_mynetworks
    # allow SMTP authenticated users
    permit_sasl_authenticated
    reject_unauth_destination
    check_policy_service unix:private/policy

    # The following is needed for any setting that uses the proxy:mysql scheme
    proxy_read_maps =
    $virtual_alias_maps
    $virtual_mailbox_maps
    $virtual_mailbox_domains
    $virtual_mailbox_limit_maps

    # MySQL + virtual mailboxes + quota
    virtual_mailbox_base = /var/spool/maildirs
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/vmailsql/vmailbox
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/vmailsql/vdomain
    virtual_alias_maps = proxy:mysql:/etc/postfix/vmailsql/valias
    # transport_maps used for autoreply/vacation system and DSPAM retrain
    # virtual_transport for regular virtual domains
    transport_maps = hash:/etc/postfix/transport
    virtual_transport = virtual
    # IMPORTANT uid and gid 1001 = vmail
    virtual_minimum_uid = 1001
    virtual_uid_maps = static:1001
    virtual_gid_maps = static:1001
    local_recipient_maps = $virtual_mailbox_maps
    virtual_create_maildirsize = yes
    virtual_mailbox_extended = yes
    # virtual_mailbox_limit is the very maximum quota the system should allow (here around 1 Gb)
    virtual_mailbox_limit = 1048576000
    # virtual_mailbox_limit_maps will check the actual quota for the mailbox
    virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/vmailsql/quota
    virtual_mailbox_limit_override = yes
    virtual_maildir_limit_message = "This account is over quota"
    virtual_overquota_bounce = yes

    # SMTP AUTH
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes

    # Postfix TLS
    # Always put "smtpd_tls_auth_only = yes" on smtps interface in master.cf
    smtpd_tls_auth_only = no
    # smtp_use_tls = no : the server won't establish a TLS connection with remote servers offering STARTTLS
    smtp_use_tls = yes
    # smtpd_use_tls = no : doesn't offer STARTTLS to remote servers
    smtpd_use_tls = yes
    # smtp_tls_note_starttls_offer : if set to yes, will log the STARTTLS offer made to remote servers
    smtp_tls_note_starttls_offer = no
    smtpd_tls_cert_file = /etc/ssl/nmy.be/smtp/smtp-cert.pem
    smtpd_tls_key_file = /etc/ssl/nmy.be/smtp/smtp-key.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_session_cache
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom

    # We do NOT deliver emails to local users in this set up, leave this blank
    alias_database =
    alias_maps =
    Nmy, 26 Mars 2008
    #1
  2. Offline
    Nmy Touriste
    mon master.cf

    #
    # Postfix master process configuration file. For details on the format
    # of the file, see the master(5) manual page (command: "man 5 master").
    #
    # ==========================================================================
    # service type private unpriv chroot wakeup maxproc command + args
    # (yes) (yes) (yes) (never) (100)
    # ==========================================================================
    # Incoming interface : header_checks, DSPAM and ClamAssassin checks
    smtp inet n - n - - smtpd
    -o content_filter=lmtp:unix:/var/run/dspam/dspam.sock
    -o header_checks=regexp:/etc/postfix/header_checks


    # SMTPS only available for remote users using SMTP AUTH
    smtps inet n - n - 10 smtpd
    -o content_filter=signature
    -o smtpd_sasl_auth_enable=yes
    -o smtpd_tls_wrappermode=yes
    -o smtpd_helo_restrictions=permit_mynetworks,reject_non_fqdn_hostname
    -o smtpd_client_connection_count_limit=5
    -o smtpd_client_connection_rate_limit=5

    # DSPAM will reinject emails into Postfix using this interface, will then pipe the reinjected email into procmail check (clamassassin)
    localhost:10026 inet n - n - - smtpd
    -o content_filter=procmail
    -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
    -o smtpd_helo_restrictions=
    -o smtpd_client_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
    -o smtpd_authorized_xforward_hosts=127.0.0.0/8

    # Outgoing interface : not scanning the content but appending a signature/disclaimer
    #smtp inet n - n - - smtpd
    # -o content_filter=signature
    # Procmail for virus scan
    # For flags meaning, see "man 8 pipe"
    procmail unix - n n - 10 pipe
    flags=Rq user=filter argv=/usr/bin/procmail -Y -m /etc/postfix/procmail/master.rc ${sender} -- ${recipient}

    # Signature/Disclaimer
    signature unix - n n - - pipe
    flags=Rq user=filter argv=/etc/postfix/signature/disclaimer.sh -f ${sender} -- ${recipient}

    # DSPAM Retrain (do not forget to edit /etc/postfix/transport)
    dspam-retrain unix - n n - 10 pipe
    flags=Ru user=dspam argv=/usr/bin/dspam-retrain $nexthop $sender $recipient

    # Autoreply
    vacation unix - n n - - pipe
    flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f ${sender} -- ${recipient}

    #smtp inet n - - - - smtpd
    #submission inet n - - - - smtpd
    # -o smtpd_enforce_tls=yes
    # -o smtpd_sasl_auth_enable=yes
    # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #smtps inet n - - - - smtpd
    # -o smtpd_tls_wrappermode=yes
    # -o smtpd_sasl_auth_enable=yes
    # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #628 inet n - - - - qmqpd
    pickup fifo n - - 60 1 pickup
    cleanup unix n - - - 0 cleanup
    qmgr fifo n - n 300 1 qmgr
    #qmgr fifo n - - 300 1 oqmgr
    tlsmgr unix - - - 1000? 1 tlsmgr
    rewrite unix - - n - - trivial-rewrite
    bounce unix - - - - 0 bounce
    defer unix - - - - 0 bounce
    trace unix - - - - 0 bounce
    verify unix - - - - 1 verify
    flush unix n - - 1000? 0 flush
    proxymap unix - - n - - proxymap
    smtp unix - - - - - smtp
    # When relaying mail as backup MX, disable fallback_relay to avoid MX loops
    relay unix - - - - - smtp
    -o fallback_relay=
    # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
    showq unix n - - - - showq
    error unix - - - - - error
    discard unix - - - - - discard
    local unix - n n - - local
    virtual unix - n n - - virtual
    lmtp unix - - n - - lmtp
    anvil unix - - - - 1 anvil
    scache unix - - - - 1 scache
    #
    # ====================================================================
    # Interfaces to non-Postfix software. Be sure to examine the manual
    # pages of the non-Postfix software to find out what options it wants.
    #
    # Many of the following services use the Postfix pipe(:cool: delivery
    # agent. See the pipe(:cool: man page for information about ${recipient}
    # and other message envelope options.
    # ====================================================================
    #
    # maildrop. See the Postfix MAILDROP_README file for details.
    # Also specify in main.cf: maildrop_destination_recipient_limit=1
    #
    maildrop unix - n n - - pipe
    flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
    #
    # See the Postfix UUCP_README file for configuration details.
    #
    uucp unix - n n - - pipe
    flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
    #
    # Other external delivery methods.
    #
    ifmail unix - n n - - pipe
    flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
    bsmtp unix - n n - - pipe
    flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
    scalemail-backend unix - n n - 2 pipe
    flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
    mailman unix - n n - - pipe
    flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
    ${nexthop} ${user}
    policy unix - n n - - spawn
    user=nobody argv=/usr/bin/perl /usr/lib/postfix/policyd-spf-perl


    voila merci d avance
    Nmy, 26 Mars 2008
    #2
  3. Offline
    BonO CSCUP Tech Team
    Comme c'est configué là, c'est en ordre.
    Tout ce que tu as à faire est d'envoyer les mails sortants de ton programme mail vers ton serveur, en indiquant l'adresse réseau de ton serveur comme serveur SMTP dans ton outlook par exemple.

    Ton serveur mail est sur la me machine que ton client ou sur une autre ? (exemple : celle qui se connecte au net ?)

    Dernière remarque : tel que c'est là, tes mails partent "en direct" sur le net. ca fonctionnera donc très bien si tu n'es pas limité par ton provider mais pas du tout si tu es chez Belgacom par exemple. Il te faut ajouter dans le main.cf la ligne

    relayhost = relay.skynet.be

    Pour que tous les mails sortants soient transmis au serveur smtp de ton provider internet (ici skynet)
    BonO, 5 Avril 2008
    #3
Statut de la discussion:
Fermée.