Membuat log per hari dengan logrotate – postfix

tahapan nya :

1. login ke server ( ssh )
2. jenis scripts yg di gunakan :

/var/log/maillog {
daily
rotate 31
start 1
compress
create 0600 root
dateext
postrotate
/etc/init.d/postfix reload > /dev/null
endscript

atau

/var/log/maillog {
missingok
notifempty
size 100M
daily
create 0600 root root
rotate 35
dateext
copytruncate
}
3. tambahkan script di atas di :

/etc/logrotate.conf

4. buat juga file berikut :

nano /etc/logrotate.d/maillog

isi kan script file di atas.

5. restart service

service postfix restart

6. nanti akan terlihat ada file log /hari di /var/log/

Secure Postfix with Amavisd, ClamAV, SpamAssassin – centos 6

1. install repo :

link : http://wiki.centos.org/AdditionalResources/Repositories/RPMForge?action=show&redirect=Repositories%2FRPMForge#head-f0c3ecee3dbb407e4eed79a56ec0ae92d1398e01

misal : ketika di uname -i muncul veri : x86_64

wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
rpm -Uvh rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm

2. install tools nya :

yum install amavisd-new clamav clamav-devel clamd spamassassin -y

3. config Clamav

vi /etc/clamd.conf

kasih tanda #

# TCP port address.
# Default: no
# TCPSocket 3310

4. config Amavisd-new

vi /etc/amavisd/amavisd.conf or vi /etc/amavisd.conf

$mydomain = ‘smtp.exemple.com’;
$hostname = ‘smtp.exemple.com’;

5. Configure master.cf

vi /etc/postfix/master.cf

#628 inet n – n – – qmqpd
pickup fifo n – n 60 1 pickup
cleanup unix n – n – 0 cleanup
qmgr fifo n – n 300 1 qmgr
#qmgr fifo n – n 300 1 oqmgr
tlsmgr unix – – n 1000? 1 tlsmgr
rewrite unix – – n – – trivial-rewrite
bounce unix – – n – 0 bounce
defer unix – – n – 0 bounce
trace unix – – n – 0 bounce
verify unix – – n – 1 verify
flush unix n – n 1000? 0 flush
proxymap unix – – n – – proxymap
proxywrite unix – – n – 1 proxymap
smtp unix – – n – – smtp

amavisfeed unix – – n – 2 lmtp
-o lmtp_data_done_timeout=1200
-o lmtp_send_xforward_command=yes
127.0.0.1:10025 inet n – n – – smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks

6. config main cf

tambahkan line berikut :

# use amavisd as filter on port 10024
content_filter=amavisfeed:[127.0.0.1]:10024

7. restart service

# service clamd start
# service amavisd start
# chkconfig amavisd on
# chkconfig clamd on
# service postfix restart

7. test mail

Sep 23 00:33:35 smtp amavis[11522]: (11522-02) Passed CLEAN {RelayedOpenRelay}, [202.56.163.50]:41266 [202.56.163.50] -> ,, Message-ID: <5420F810.3070908@banjarnahor.com>, mail_id: G6KEIQI59Fq8, Hits: 1.274, size: 634, queued_as: 5FA461254618, 14177 ms
Sep 23 00:33:35 smtp postfix/lmtp[12009]: 3037A1254615: to=, relay=127.0.0.1[127.0.0.1]:10024, delay=14, delays=0.03/0.01/0/14, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 5FA461254618)

Install SpamAssassin – Postfix

Requirment :

– Sudah ada Postfix yg terinstall di server

Cara install :

yum install spamassassin

# buat user untuk spamassassin nya

groupadd spamfilter
useradd -g spamfilter -s /bin/false -d /usr/local/spamassassin spamfilter
chown spamfilter: /usr/local/spamassassin

# Config Spam Assassin

edit :
vi /etc/mail/spamassassin/local.cf

yg harus ada :

required_hits 5
report_safe 0
required_score 5.0

edit juga :
vi /etc/sysconfig/spamassassin

yg harus ada :

# Options to spamd
SAHOME=”/usr/local/spamassassin”
SPID_DIR=”/var/run/spamassassin”
SUSER=”spamfilter”
SPAMDOPTIONS=”-d -c -m5 –username ${SUSER} -H ${SAHOME} -s ${SAHOME}/spamfilter.log”

# running service nya :

service spamassassin start
chkconfig spamassassin on

# kemudian Konfig postfix nya.

edit :

vi /etc/postfix/master.cf

tambahkan seperti line berikut :

smtp inet n – n – – smtpd -o content_filter=spamassassin
spamassassin unix – n n – – pipe user=spamfilter argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}

# kemudian restart service postfix nya

service postfix restart

# test mail

nanti kalo di test di header / view source nya akan ada :

X-Spam-Flag: YES
X-Spam-Level: **************************************************
X-Spam-Status: Yes, score=1000.0 required=5.0 tests=GTUBE,RCVD_IN_DNSWL_NONE,
TVD_SPACE_RATIO autolearn=no version=3.3.1

Membuat smtp open relay – postfix

Untuk membuat smtp open relay , anda hanya cukup menambahkan command / script berikut di settingan postfix yg sudah up.

nano /etc/postfix/main.cf

tambahkan :

smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes

dan settingan master.cf >> misal ingin di rubah port nya : 587

nano /etc/postfix/master.cf

587 inet n – n – – smtpd

# lalu restart postfix

/etc/init.d/postfix restart

# test ropen relay nya.

misal dengan outlook

Install mail server ( Postfix , Dovecot , squirrelMail) in centos 5.5

Requirment :

-OS : centos 5.5
-apache
-sql server
-php

-bikin repo baru

/etc/yum.repos.d/webtatic-el5.repo

isi :

[webtatic-el5]
name=Webtatic Repository EL5 – $basearch
#baseurl=http://repo.webtatic.com/yum/el5/$basearch/
mirrorlist=http://mirror.webtatic.com/yum/el5/$basearch/mirrorlist
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-webtatic-andy

[webtatic-el5-debuginfo]
name=Webtatic Repository EL5 – $basearch – Debug
#baseurl=http://repo.webtatic.com/yum/el5/$basearch/debug/
mirrorlist=http://mirror.webtatic.com/yum/el5/$basearch/debug/mirrorlist
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-webtatic-andy

[webtatic-el5-source]
name=Webtatic Repository EL5 – Source
#baseurl=http://repo.webtatic.com/yum/el5/SRPMS/
mirrorlist=http://mirror.webtatic.com/yum/el5/SRPMS/mirrorlist
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-webtatic-andy

# pastikan server anda sudah terhost

misal :

cat /etc/hosts

111.68.116.188 asteroid.iixmedia.com

Mulai instalasi :

1. Postfix

a. matikan iptables

service iptables stop
chkconfig iptables off

b. matikan selinux >> /etc/selinux/config

selinux = disable

c. yum install postfix

d. config postfix

vi /etc/postfix/main.cf

yang harus ada :

myhostname = asteroid.iixmedia.com
mydomain =$myhostname / bisa dengan nama domain yg anda punya
myorigin =$myhostname
inet_interfaces =all >> kasih tanda #inet_interfaces = localhost
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mynetworks = 111.68.116.0/28, 127.0.0.0/8 >> sesuaikan dengan network anda
home_mailbox = Maildir/

e. running service nya
service postfix start
chkconfig postfix on

f. untuk testing :

install telnet :

yum install telnet

test kirim mail :

[root@jojo ~]# telnet localhost smtp
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
220 asteroid.iixmedia.com ESMTP Postfix
ehlo localhost
250-asteroid.iixmedia.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:yuby@yahoo.com
250 2.1.0 Ok
rcpt to:genesis@yahoo.com
250 2.1.5 Ok
data
354 End data with .
Subject:Test mail
Test mail
. >> (nb > jngan lupa di ahiri tanda titik baru enter)
250 2.0.0 Ok: queued as B972B102A166

2. Install Dovecot

a. install

yum install dovecot

b. config dovecot

nano /etc/dovecot.conf

yang harus di edit :
protocols = imap imaps pop3 pop3s

kemudian lakukan command

/usr/sbin/postconf -e ‘home_mailbox = Maildir/’
/usr/sbin/postconf -e ‘mailbox_command =’

edit :
login_process_size = 64

socket listen {
#master {
# Master socket provides access to userdb information. It’s typically
# used to give Dovecot’s local delivery agent access to userdb so it
# can find mailbox locations.
#path = /var/run/dovecot/auth-master
#mode = 0600
# Default user/group is the one who started dovecot-auth (root)
#user =
#group =
#}
client {
# The client socket is generally safe to export to everyone. Typical use
# is to export it to your SMTP server so it can do SMTP AUTH lookups
# using it.
path = /var/spool/postfix/private/auth-client
mode = 0660
user = postfix
group = postfix
}
}
}

c. restart service

/etc/init.d/postfix restart
/etc/init.d/dovecot start
chkconfig –level 235 dovecot on

d. test dovecot

telnet localhost 110
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
+OK Dovecot ready.

e. bikin user baru misal 2 user :

useradd -m bobby -s /sbin/nologin
passwd bobby

useradd -m leela -s /sbin/nologin
passwd leela

f. tes kirim mail

misal dari yuby@yahoo.com ke bobby@asteroid.iixmedia.com

ntar hasilnya bisa di cek di

cd /home/bobby/Maildir/new

3. Install squirrelMail

a. install

yum install squirrelmail

b. config

perl /usr/share/squirrelmail/config/conf.pl

plih no 1 >> ganti organisasi nya
pilih no 2 server setting >> pilih no 3 >> ganti sendamail dengan SMTP

kemudian kembali ke main menu R
ketik : D lalu enter

save settingan lalu quit.

c.edit /etc/httpd/conf.d/squirrelmail.conf

tambahkan line berikut :

RewriteCond %{HTTPS} !=on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

d. restart service apache

service httpd start
chkconfig –level 235 httpd on

e. test squrle

http://serverip/webmail

kemudian ntar masukan username + password yg sudah di buat di atas
misal user : bobby pass:12345