Linux Edu Handbook

User Tools

Site Tools

Trace:
postfix:postvirt

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
postfix:postvirt [2010/04/15 19:19] – external edit 127.0.0.1postfix:postvirt [2013/03/08 03:07] (current) – typo pyro
Line 57: Line 57:
  
   create user cherryhost with password 'pass';   create user cherryhost with password 'pass';
 +
 +Chadmin is the mail domain admin
 +
 +  create user chadmin with password 'pass';
  
 Pam is used by saslauthd to authenticate users for TLS. Pam is used by saslauthd to authenticate users for TLS.
Line 111: Line 115:
  
  
-Finally, a table for virtual forwarding. That is, aliases with no login or mailbox on the system. +table for virtual forwarding. That is, aliases with no login or mailbox on the system. 
  
   CREATE TABLE virtuals (   CREATE TABLE virtuals (
Line 125: Line 129:
   GRANT INSERT,SELECT,UPDATE,DELETE ON TABLE virtuals TO cherryhost;   GRANT INSERT,SELECT,UPDATE,DELETE ON TABLE virtuals TO cherryhost;
  
 +Finally, the tables for cherryhost itself:
  
 +  CREATE TABLE domain_admins (
 +    uname text,
 +    domain text );
 +
 +  CREATE TABLE mail_admins (
 +    uname text,
 +    pass text );
 +
 +  GRANT INSERT,DELETE,UPDATE,SELECT on domain_admins,mail_admins to chadmin;
 +  GRANT SELECT on domain_admins, mail_admins to cherryhost;
 + 
 **Note that since several componants of the system run in a chroot environment, postgres MUST be configured to allow connections on localhost with md5 authentication.** **Note that since several componants of the system run in a chroot environment, postgres MUST be configured to allow connections on localhost with md5 authentication.**
  
Line 139: Line 155:
  
   apt-get install libpam-pgsql   apt-get install libpam-pgsql
 +
 +Due to package updates, configuration of PAM_pgsql is different for Squeeze than for Etch and Lenny:
 +
 +===== Etch and Lenny =====
  
 Create a file ''/etc/pam.d/smtp'': Create a file ''/etc/pam.d/smtp'':
Line 145: Line 165:
   account sufficient pam_pgsql.so debug user=pam password=pam host=127.0.0.1 database=postfix table=pwdb user_column=id pwd_column=clear pw_type=clear   account sufficient pam_pgsql.so debug user=pam password=pam host=127.0.0.1 database=postfix table=pwdb user_column=id pwd_column=clear pw_type=clear
  
 +===== Squeeze =====
 +Create file /etc/pam_pgsql.conf:
 +  database = postfix
 +  host = localhost
 +  user = pam
 +  password = pam
 +  table = pwdb
 +  user_column = id
 +  pwd_column = clear
 +  pw_type=clear
 +  acct_query=select False, False, False
 +  expired_column = acc_expired
 +  newtok_column = acc_new_pwreq
 +  debug = 1
 +
 +Then, create a file ''/etc/pam.d/smtp'':
 +
 +  auth    required   pam_pgsql.so 
 +  account sufficient pam_pgsql.so 
  
 While it would be preferable to only expose the user password in encrypted form, the pam module currently doesn't work with the md5() PostgreSQL function. While it would be preferable to only expose the user password in encrypted form, the pam module currently doesn't work with the md5() PostgreSQL function.
Line 216: Line 255:
  
  mkdir /var/spool/mail/virtual  mkdir /var/spool/mail/virtual
 +
 + chown 5000.5000 /var/spool/mail/virtual
 +
 + chmod g+s /var/spool/mail/virtual
  
 Add the following to ''/etc/postfix/main.cf'' Add the following to ''/etc/postfix/main.cf''
postfix/postvirt.1271359141.txt.gz · Last modified: (external edit)