Linux, programming and more
Sometimes it’s interesting to test some MTA’s and their spam behavior, every mail system has his own spam behavior like SPAM_MARK_LEVEL or SPAM_REJECT_LEVEL.
If you send a mail with GTUBE string your mail should be rejected.
1 | rejected after DATA: This message scored 1000.0 spam points |
The GTUBE String to test spam rejection of mail servers:
1 | XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X |
In this how to I describe the basically configuration and administration of Postfix on Debian Lenny.
Current I’m using Postfix version 2.5.5
This tutorial should working with older and newer versions.
1 2 | postconf -d | grep "mail_version =" | cut -d" " -f 3 2.5.5 |
You can find the postfix main configuration file under “/etc/postfix”
Let see what wee need to configure a working Internet Mail-Server
1 | postfix ~ # vim /etc/postfix/main.cf |
My example configuration:
1 2 3 4 5 6 7 8 9 10 11 12 13 | myhostname = ipv6.postfix.idrobot.net alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases mydestination = ipv6.postfix.idrobot.net, localhost.localdomain, localhost mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 smtp_bind_address6 = 2a01:4f8:101:265::37 mailbox_command = mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all home_mailbox = Maildir/ bounce_template_file = /etc/postfix/bounce.cf |
If you want to relay your mails to another mail-server you can use the relayhost option:
Edit main.cf, and add this line:
1 | relayhost = ipv6.mx.idrobot.net |
Some administration commands:
Show running config:
1 | postconf -n |
Show the default postfix config instead of running one:
1 | postconf -d |
Show message content:
1 | postcat -q 7FB942082 |
Delete all mail in queue:
1 | postsuper -d ALL |
Schedule immediate delivery:
1 | postqueue -i 7FB942082 |
Flush the queue:
1 | postqueue -f |
Here I will be setting up SSL cert with Exim4 and Courier-MAP under Debian 5 or Lenny to secure the sending and retrieval of emails and username and password details to my server.
In this how to I’m using a free 30 days certificate from psw[dot]net.
Create you own SSL config in: “/etc/exim4/conf.d/main/ss_certificate” and put it in:
1 2 3 4 | MAIN_TLS_ENABLE = true tls_certificate = /etc/exim4/mx.domain.com.cert tls_privatekey = /etc/exim4/mx.domain.com.key tls_on_connect_ports = 465 |
Don’t forget to change the group of your certificate to: Debian-exim
1 | chown root:Debian-exim /etc/exim4/mx.idrobot.net* |
Exim standard config “/etc/exim4/conf.d/main/03_exim4-config_tlsoptions” has already some TLS options like:
tls_certificate and tls_privatekey. decomment it. Because we use our own config for it, see above.
Now we make exim listen on port 465, edit the following config:
1 | vim /etc/default/exim4 |
Replace the standard:
1 2 3 | #SMTPLISTENEROPTIONS='' # to SMTPLISTENEROPTIONS='-oX 465:25 -oP /var/run/exim4/exim.pid' |
After restart Eeim will be able to listen on port 25 and 465, and we are able to send mails over SSL ; PS. don’t forget your firewall ;)
1 | iptables -A INPUT -i eth0 -p tcp --dport 465 -j ACCEPT |
The next step is secure receive of mails with Courier IMAP-SSL Deamon
Now as second step to complete SSL-configuration open your imapd-ssl config
1 | vim /etc/courier/imapd-ssl |
and search for TLS_CERTFILE
1 | TLS_CERTFILE=/etc/courier/mx.domain.com.pem |
This mx.domain.com.pem certificate contains certificate and rsa private key:
1 | cat mx.domain.com.crt mx.domain.com.key >> mx.domain.com.pem |
1 | /etc/init.d/courier-imap-ssl restart |
Test your certificate by connecting to SSL-Port:
1 | openssl s_client -connect localhost:993 -state -debug |