CONTOH DAN ISI FILE KONFIGURASI POSTFIX MAIL SERVER
Isi file dynamicmaps.cf
# Postfix dynamic maps configuration file.
#
# The first match found is the one that is used. Wildcards are not supported
# as of postfix 2.0.2
#
#typelocation of .so fileopen function(mkmap func)
#======
tcp/usr/lib/postfix/dict_tcp.sodict_tcp_open
Isi file main.cf
smtp inet n - - - - smtpd -o content_filter=spamassassin
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = kampusb.ac.id
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = kampusb.ac.id, localhost.localdomain, , localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
spamassassin unix - n n - - pipe user=spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}
Isi file master.cf
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ======
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ======
smtp inet n - - - - smtpd
#submission inet n - - - - smtpd
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - - - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - - - - qmqpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - - 300 1 oqmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - - - - smtp
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
#
# ======
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ======
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix-nn-2pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
Isi file post.install
#!/bin/sh
# To view the formatted manual page of this file, type:
#POSTFIXSOURCE/mantools/srctoman - post-install | nroff -man
#++
# NAME
#post-install
# SUMMARY
#Postfix post-installation script
# SYNOPSIS
#post-install [name=value] command ...
# DESCRIPTION
#The post-install script performs the finishing touch of a Postfix
#installation, after the executable programs and configuration
#files are installed. Usage is one of the following:
# .IP o
#While installing Postfix from source code on the local machine, the
#script is run by the postfix-install script to update selected file
#or directory permissions and to update Postfix configuration files.
# .IP o
#While installing Postfix from a pre-built package, the script is run
#by the package management procedure to set all file or directory
#permissions and to update Postfix configuration files.
# .IP o
#The script can be used to change installation parameter settings such
#as mail_owner or setgid_group after Postfix is already installed.
# .IP o
#The script can be used to upgrade configuration files and to upgrade
#file/directory permissions of a secondary Postfix instance.
# .IP o
#At Postfix start-up time, the script is run from "postfix check" to
#create missing queue directories.
# .PP
#The post-install script is controlled by installation parameters.
#Specific parameters are described at the end of this document.
#All installation parameters must be specified ahead of time via
#one of the methods described below.
#
#Arguments
# .IP create-missing
#Create missing queue directories with ownerships and permissions
#according to the contents of $config_directory/postfix-files, using
#the mail_owner and setgid_group parameter settings from the command
#line, process environment or from the installed main.cf file.
#
#This is required at Postfix start-up time.
# .IP set-permissions
#Set all file/directory ownerships and permissions according to the
#contents of $config_directory/postfix-files, using the mail_owner
#and setgid_group parameter settings from the command line, process
#environment or from the installed main.cf file. Implies create-missing.
#
#This is required when installing Postfix from a pre-built package,
#or when changing the mail_owner or setgid_group installation parameter
#settings after Postfix is already installed.
# .IP upgrade-permissions
#Update ownership and permission of existing files/directories as
#specified in $config_directory/postfix-files, using the mail_owner
#and setgid_group parameter settings from the command line, process
#environment or from the installed main.cf file. Implies create-missing.
#
#This is required when upgrading an existing Postfix instance.
# .IP upgrade-configuration
#Edit the installed main.cf and master.cf files, in order to account
#for missing services and to fix deprecated parameter settings.
#
#This is required when upgrading an existing Postfix instance.
# .IP upgrade-source
#Short-hand for: upgrade-permissions upgrade-configuration.
#
#This is recommended when upgrading Postfix from source code.
# .IP upgrade-package
#Short-hand for: set-permissions upgrade-configuration.
#
#This is recommended when upgrading Postfix from a pre-built package.
# .IP first-install-reminder
#Remind the user that they still need to configure main.cf and the
#aliases file, and that newaliases still needs to be run.
#
#This is recommended when Postfix is installed for the first time.
# MULTIPLE POSTFIX INSTANCES
# .ad
# .fi
#Multiple Postfix instances on the same machine can share command and
#daemon program files but must have separate configuration and queue
#directories.
#
#To create a secondary Postfix installation on the same machine,
#copy the configuration files from the primary Postfix instance to
#a secondary configuration directory and execute:
#
#post-install config_directory=secondary-config-directory \e
# .in +4
#queue_directory=secondary-queue-directory \e
# .br
#create-missing
# .PP
#This creates secondary Postfix queue directories, sets their access
#permissions, and saves the specified installation parameters to the
#secondary main.cf file.
#
#Be sure to list the secondary configuration directory in the
#alternate_config_directories parameter in the primary main.cf file.
#
#To upgrade a secondary Postfix installation on the same machine,
#execute:
#
#post-install config_directory=secondary-config-directory \e
# .in +4
#upgrade-permissions upgrade-configuration
# INSTALLATION PARAMETER INPUT METHODS
# .ad
# .fi
#Parameter settings can be specified through a variety of
#mechanisms. In order of decreasing precedence these are:
# .IP "command line"
#Parameter settings can be given as name=value arguments on
#the post-install command line. These have the highest precedence.
#Settings that override the installed main.cf file are saved.
# .IP "process environment"
#Parameter settings can be given as name=value environment
#variables.
#Settings that override the installed main.cf file are saved.
# .IP "installed configuration files"
#If a parameter is not specified via the command line or via the
#process environment, post-install will attempt to extract its
#value from the already installed Postfix main.cf configuration file.
#These settings have the lowest precedence.
# INSTALLATION PARAMETER DESCRIPTION
# .ad
# .fi
#The description of installation parameters is as follows:
# .IP config_directory
#The directory for Postfix configuration files.
# .IP daemon_directory
#The directory for Postfix daemon programs. This directory
#should not be in the command search path of any users.
# .IP command_directory
#The directory for Postfix administrative commands. This
#directory should be in the command search path of adminstrative users.
# .IP queue_directory
#The directory for Postfix queues.
# .IP data_directory
#The directory for Postfix writable data files (caches, etc.).
# .IP sendmail_path
#The full pathname for the Postfix sendmail command.
#This is the Sendmail-compatible mail posting interface.
# .IP newaliases_path
#The full pathname for the Postfix newaliases command.
#This is the Sendmail-compatible command to build alias databases
#for the Postfix local delivery agent.
# .IP mailq_path
#The full pathname for the Postfix mailq command.
#This is the Sendmail-compatible command to list the mail queue.
# .IP mail_owner
#The owner of the Postfix queue. Its numerical user ID and group ID
#must not be used by any other accounts on the system.
# .IP setgid_group
#The group for mail submission and for queue management commands.
#Its numerical group ID must not be used by any other accounts on the
#system, not even by the mail_owner account.
# .IP html_directory
#The directory for the Postfix HTML files.
# .IP manpage_directory
#The directory for the Postfix on-line manual pages.
# .IP sample_directory
#The directory for the Postfix sample configuration files.
#This feature is obsolete as of Postfix 2.1.
# .IP readme_directory
#The directory for the Postfix README files.
# SEE ALSO
#postfix-install(1) Postfix primary installation script.
# FILES
#$config_directory/main.cf, Postfix installation parameters.
#$config_directory/postfix-files, installation control file.
#$config_directory/install.cf, obsolete configuration file.
# LICENSE
# .ad
# .fi
#The Secure Mailer license must be distributed with this software.
# AUTHOR(S)
#Wietse Venema
#IBM T.J. Watson Research
#P.O. Box 704
#Yorktown Heights, NY10598, USA
#--
umask 022
PATH=/bin:/usr/bin:/usr/sbin:/usr/etc:/sbin:/etc:/usr/contrib/bin:/usr/gnu/bin:/usr/ucb:/usr/bsd
SHELL=/bin/sh
IFS="
"
BACKUP_IFS="$IFS"
MOST_PARAMETERS="command_directory daemon_directory data_directory
html_directory mail_owner mailq_path manpage_directory
newaliases_path queue_directory readme_directory sample_directory
sendmail_path setgid_group"
USAGE="Usage: $0 [name=value] command
create-missing Create missing queue directories.
upgrade-source When installing or upgrading from source code.
upgrade-package When installing or upgrading from pre-built package.
first-install-reminder Remind of mandatory first-time configuration steps.
name=value Specify an installation parameter".
# Process command-line options and parameter settings. Work around
# brain damaged shells. "IFS=value command" should not make the
# IFS=value setting permanent. But some broken standard allows it.
create=; set_perms=; upgrade_perms=; upgrade_conf=; first_install_reminder=
obsolete=; keep_list=;
for arg
do
case $arg in
*=*) IFS= eval $arg; IFS="$BACKUP_IFS";;
create-missing) create=1;;
set-perm*) create=1; set_perms=1;;
upgrade-perm*) create=1; upgrade_perms=1;;
upgrade-conf*) upgrade_conf=1;;
upgrade-source) create=1; upgrade_conf=1; upgrade_perms=1;;
upgrade-package) create=1; upgrade_conf=1; set_perms=1;;
first-install*) first_install_reminder=1;;
*) echo "$0: Error: $USAGE" 1&2; exit 1;;
esac
shift
done
# Sanity checks.
test -n "$create$upgrade_conf$first_install_reminder" || {
echo "$0: Error: $USAGE" 1&2
exit 1
}
# Bootstrapping problem.
if [ -n "$command_directory" ]
then
POSTCONF="$command_directory/postconf"
else
POSTCONF="postconf"
fi
$POSTCONF -d mail_version >/dev/null 2>/dev/null || {
echo $0: Error: no $POSTCONF command found. 1&2
echo Re-run this command as $0 command_directory=/some/where. 1&2
exit 1
}
test -n "$config_directory" ||
config_directory=`$POSTCONF -d -h config_directory` || exit 1
test -d "$config_directory" || {
echo $0: Error: $config_directory is not a directory. 1&2
exit 1
}
test -f $config_directory/postfix-files || {
echo $0: Error: $config_directory/postfix-files is not a file. 1&2
exit 1
}
# SunOS5 fmt(1) truncates lines > 1000 characters.
fake_fmt() {
sed '
:top
/^\( *\)\([^ ][^ ]*\) */{
s//\1\2\
\1/
P
D
b top
}
' | fmt
}
case `uname -s` in
HP-UX*) FMT=cat;;
SunOS*) FMT=fake_fmt;;
*) FMT=fmt;;
esac
# If a parameter is not set via the command line or environment,
# try to use settings from installed configuration files.
# Extract parameter settings from the obsolete install.cf file, as
# a transitional aid.
grep setgid_group $config_directory/main.cf >/dev/null 2&1 || {
test -f $config_directory/install.cf & {
for name in sendmail_path newaliases_path mailq_path setgid manpages
do
eval junk=\$$name
case "$junk" in
"") eval unset $name;;
esac
eval : \${$name="\`. $config_directory/install.cf; echo \$$name\`"} \
|| exit 1
done
: ${setgid_group=$setgid}
: ${manpage_directory=$manpages}
}
}
# Extract parameter settings from the installed main.cf file.
test -f $config_directory/main.cf & {
for name in $MOST_PARAMETERS
do
eval junk=\$$name
case "$junk" in
"") eval unset $name;;
esac
eval : \${$name=\`$POSTCONF -c $config_directory -h $name\`} || exit 1
done
}
# Sanity checks
case $manpage_directory in
no) echo $0: Error: manpage_directory no longer accepts \"no\" values. 1&2
echo Try again with \"$0 manpage_directory=/pathname ...\". 1&2; exit 1;;
esac
case $setgid_group in
no) echo $0: Error: setgid_group no longer accepts \"no\" values. 1&2
echo Try again with \"$0 setgid_group=groupname ...\" 1&2; exit 1;;
esac
for path in "$daemon_directory" "$command_directory" "$queue_directory" \
"$sendmail_path" "$newaliases_path" "$mailq_path" "$manpage_directory"
do
case "$path" in
/*) ;;
*) echo $0: Error: \"$path\" should be an absolute path name. 1&2; exit 1;;
esac
done
for path in "$html_directory" "$readme_directory"
do
case "$path" in
/*) ;;
no) ;;
*) echo $0: Error: \"$path\" should be \"no\" or an absolute path name. 1&2; exit 1;;
esac
done
# Find out what parameters were not specified via command line,
# via environment, or via installed configuration files.
missing=
for name in $MOST_PARAMETERS
do
eval test -n \"\$$name\" || missing="$missing $name"
done
# All parameters must be specified at this point.
test -n "$non_interactive" -a -n "$missing" & {
cat <EOF | ${FMT} 1&2
$0: Error: some required installation parameters are not defined.
- Either the parameters need to be given in the $config_directory/main.cf
file from a recent Postfix installation,
- Or the parameters need to be specified through the process
environment.
- Or the parameters need to be specified as name=value arguments
on the $0 command line,
The following parameters were missing:
$missing
EOF
exit 1
}
POSTCONF="$command_directory/postconf"
# Save settings, allowing command line/environment override.
override=
for name in $MOST_PARAMETERS
do
eval test \"\$$name\" = \"`$POSTCONF -c $config_directory -h $name`\" || {
override=1
break
}
done
test -n "$override" & {
$POSTCONF -c $config_directory -e \
"daemon_directory = $daemon_directory" \
"command_directory = $command_directory" \
"queue_directory = $queue_directory" \
"data_directory = $data_directory" \
"mail_owner = $mail_owner" \
"setgid_group = $setgid_group" \
"sendmail_path = $sendmail_path" \
"mailq_path = $mailq_path" \
"newaliases_path = $newaliases_path" \
"html_directory = $html_directory" \
"manpage_directory = $manpage_directory" \
"sample_directory = $sample_directory" \
"readme_directory = $readme_directory" \
|| exit 1
}
# Use file/directory status information in $config_directory/postfix-files.
test -n "$create" & {
exec <$config_directory/postfix-files || exit 1
while IFS=: read path type owner group mode flags junk
do
IFS="$BACKUP_IFS"
set_permission=
# Skip comments.
case $path in
[$]*) ;;
*) continue;;
esac
# Skip hard links and symbolic links.
case $type in
[hl]) continue;;
[df]) ;;
*) echo unknown type $type for $path in $config_directory/postfix-files1&2; exit 1;;
esac
# Expand $name, and canonicalize null fields.
for name in path owner group flags
do
eval junk=\${$name}
case $junk in
[$]*) eval $name=$junk;;
-) eval $name=;;
*) ;;
esac
done
# Skip uninstalled files.
case $path in
no|no/*) continue;;
esac
# Pick up the flags.
case $flags in *u*) upgrade_flag=1;; *) upgrade_flag=;; esac
case $flags in *c*) create_flag=1;; *) create_flag=;; esac
case $flags in *r*) recursive="-R";; *) recursive=;; esac
case $flags in *o*) obsolete_flag=1;; *) obsolete_flag=;; esac
# Flag obsolete objects. XXX Solaris 2..9 does not have "test -e".
if [ -n "$obsolete_flag" ]
then
test -r $path -a "$type" != "d" & obsolete="$obsolete $path"
continue;
else
keep_list="$keep_list $path"
fi
# Create missing directories with proper owner/group/mode settings.
if [ -n "$create" -a "$type" = "d" -a -n "$create_flag" -a ! -d "$path" ]
then
mkdir $path || exit 1
set_permission=1
# Update all owner/group/mode settings.
elif [ -n "$set_perms" ]
then
set_permission=1
# Update obsolete owner/group/mode settings.
elif [ -n "$upgrade_perms" -a -n "$upgrade_flag" ]
then
set_permission=1
fi
test -n "$set_permission" & {
chown $recursive $owner $path || exit 1
test -z "$group" || chgrp $recursive $group $path || exit 1
# Don't "chmod -R"; queue file status is encoded in mode bits.
if [ "$type" = "d" -a -n "$recursive" ]
then
find $path -type d -exec chmod $mode "{}" ";"
else
chmod $mode $path
fi || exit 1
}
done
IFS="$BACKUP_IFS"
}
# Upgrade existing Postfix configuration files if necessary.
test -n "$upgrade_conf" & {
# Add missing relay service to master.cf.
grep '^relay' $config_directory/master.cf >/dev/null || {
echo Editing $config_directory/master.cf, adding missing entry for relay service
cat >$config_directory/master.cf <EOF || exit 1
relay unix--n--smtp
EOF
}
# Add missing flush service to master.cf.
grep '^flush.*flush' $config_directory/master.cf >/dev/null || {
echo Editing $config_directory/master.cf, adding missing entry for flush service
cat >$config_directory/master.cf <EOF || exit 1
flush unix - - n 1000? 0 flush
EOF
}
# Add missing trace service to master.cf.
grep 'trace.*bounce' $config_directory/master.cf >/dev/null || {
echo Editing $config_directory/master.cf, adding missing entry for trace service
cat >$config_directory/master.cf <EOF || exit 1
trace unix--n-0bounce
EOF
}
# Add missing verify service to master.cf.
grep '^verify.*verify' $config_directory/master.cf >/dev/null || {
echo Editing $config_directory/master.cf, adding missing entry for verify service
cat >$config_directory/master.cf <EOF || exit 1
verify unix--n-1verify
EOF
}
# Fix verify service process limit.
grep '^verify.*[ ]0[ ]*verify' \
$config_directory/master.cf >/dev/null & {
echo Editing $config_directory/master.cf, setting verify process limit to 1
ed $config_directory/master.cf <EOF || exit 1
/^verify.*[ ]0[ ]*verify/
s/\([ ]\)0\([ ]\)/\11\2/
p
w
q
EOF
}
# Change privileged pickup service into unprivileged.
grep "^pickup[ ]*fifo[ ]*n[ ]*n" \
$config_directory/master.cf >/dev/null & {
echo Editing $config_directory/master.cf, making the pickup service unprivileged
ed $config_directory/master.cf <EOF || exit 1
/^pickup[ ]*fifo[ ]*n[ ]*n/
s/\(n[ ]*\)n/\1-/
p
w
q
EOF
}
# Change private cleanup and flush services into public.
for name in cleanup flush
do
grep "^$name[ ]*unix[ ]*[-y]" \
$config_directory/master.cf >/dev/null & {
echo Editing $config_directory/master.cf, making the $name service public
ed $config_directory/master.cf <EOF || exit 1
/^$name[ ]*unix[ ]*[-y]/
s/[-y]/n/
p
w
q
EOF
}
done
# File systems have improved since Postfix came out, and all we
# require now is that defer and deferred are hashed because those
# can contain lots of files.
found=`$POSTCONF -c $config_directory -h hash_queue_names`
missing=
(echo "$found" | grep defer >/dev/null) || missing="$missing defer"
(echo "$found" | grep deferred>/dev/null)|| missing="$missing deferred"
test -n "$missing" & {
echo fixing main.cf hash_queue_names for missing $missing