http://www.postfix.org/postconf.5.html

debian 範例設定檔放在 /usr/share/postfix 中。

引用的變數不需要事先定義

myhostname = host.domain.com
mydestination = $myhostname

mydestination = $myhostname
myhostname = host.domain.com

所以上面兩種設定方式皆可

以空白、逗號、Tab區隔

可將設定值擺在外部檔案

mydestination = /etc/postfix/file

# 開頭為註解，只可放在每一行第一個字：

# 這是註解
hostname = test.test.com  # 這是不合法的註解

inet_interfaces = all

myhostname = mail.abc.orz

mydomain = abc.orz

預設只接收和主機名稱相同的信件

mydestination = $myhostname, abc.orz, mail.abc.orz

message_size_limit = xxxx

單位為 byte 5120000 = 5MB

• subnet - 同子網域
• class - 同 class
• host - 只有 localhost

優先權大於 mynetworks_style

mynetworks = 1.2.3.4 5.6.7.8
mynetworks = 7.8.9.0/24
mynetworks = abc.orz          # *.abc.orz

透過 dovecot 來認證使用者。

smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/run/dovecot/auth-client
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

smtpd_tls_cert_file=/etc/ssl/certs/dovecot.pem
smtpd_tls_key_file=/etc/ssl/private/dovecot.pem
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

查詢尚未寄出的郵件

postqueue -p

queue_run_delay = 1000s    # 5m, 1h, 7d, etc (5 min, 1 hour, 7day)

取得 postfix 原始檔，修改其中 src/bounce/bounce_notify_util.c 檔，然後重新編譯

/etc/postifx
/etc/passwd
/etc/shadow
/etc/group
/etc/gshadow
/var/spool/mail

Postfix 技術手冊：http://books.google.com/books?id=H9yrO841raoC

http://www.wretch.cc/blog/chuchiming/15421032

http://blog.weithenn.org/2009/06/freebsdpostfix-amavisd-new-uvscan.html

經由 Amavisd 橋接，過濾垃圾信及病毒信。

portinstall security/amavisd-new security/clamav p5-Mail-SpamAssassin

編輯 amavisd.conf 設定

$mydomain = 'domain.name.tw';
$sa_spam_subject_tag = '***SPAM*** ';
$sa_tag_level_deflt  = 0;  # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6;  # add 'spam detected' headers at that level
$sa_kill_level_deflt = 25;  # triggers spam evasive actions (e.g. blocks mail)

三個數值可依照需要修改。

設定各種問題信件的命運：

# $final_virus_destiny      = D_DISCARD;
# $final_banned_destiny     = D_BOUNCE;
# $final_spam_destiny       = D_BOUNCE;
$final_bad_header_destiny = D_PASS;

取消 ClamAV 的註解，並註解掉其他用不到的防毒方式。

# ### http://www.clamav.net/
['ClamAV-clamd',
 \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
 qr/\bOK$/m, qr/\bFOUND$/m,
 qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],

編輯 postfix/master.cf，加上

smtp-amavis unix - - n - 2 smtp
  -o disable_dns_lookups=yes
  -o smtp_send_xforward_command=yes

127.0.0.1:10025 inet n - n - - smtpd
  -o content_filter=
  -o local_recipient_maps=
  -o relay_recipient_maps=
  -o smtpd_restriction_classes=
  -o smtpd_client_restrictions=
  -o smtpd_helo_restrictions=
  -o smtpd_sender_restrictions=
  -o smtpd_recipient_restrictions=permit_mynetworks,reject
  -o mynetworks=127.0.0.0/8
  -o strict_rfc821_envelopes=yes

編輯 postfix/main.cf，加上

content_filter = smtp-amavis:[127.0.0.1]:10024

編輯 /etc/rc.conf，加上

amavisd_enable="YES"

編輯 /etc/group，將 amavis 加入 clamav 的群組中，也將 clamav 加入 amavis 群組中

重新啟動 postfix、amavisd、clameav。

• http://www.ijs.si/software/amavisd/
• http://antbsd.twbbs.org/~ant/FNP/Old/amavisd-new.htm
• http://www.freebsddiary.org/virus-scanning.php
• http://www200.pair.com/mecham/spam/bypassing.html
• http://wiki.shsh.ylc.edu.tw/index.php/MailServer

http://www.debian.org.tw/index.php/Amavisd-new