Jump to content

Recommended Posts

I need to configure my debian etch server, which is hosted on my lan behind a firewall/router with virtual server port forwarding and a fixed IP to the web. All site request are automatically converted to SSL.

I only need my php scripts to be able to send emails from various tasks carried out on the server websites.

I have dovecot, postfix, exim4, saslauthd installed.

1. do i need all of them and if not which ones can I remove?

2. i dont want the postfix hijacked so I only want my sites to ba able to send from it.

3.how do i setup my main.cf to acheive this.

 

my current main.cf is a bit messy so i need to clean it up here is the output of postconf -n

 

BuildFITs1:~# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
inet_interfaces = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mydestination = BuildFITs1.buildfit.com, localhost, localhost.localdomain, localhost
myhostname = BuildFITs1.buildfit.com
mynetworks = 127.0.0.1 10.0.0.0/24
myorigin = /etc/mailname
receive_override_options = no_address_mappings
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = Buildfits1.buildfit.com
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem
smtpd_tls_key_file = /etc/ssl/private/postfix.pem
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = hash:/etc/postfix/virtual
virtual_gid_maps = static:5000
virtual_mailbox_domains = $virtual_mailbox_maps
virtual_mailbox_maps =
virtual_transport = dovecot
virtual_uid_maps = static:5000

Link to comment
https://forums.phpfreaks.com/topic/147569-postfix-for-website-sending-only/
Share on other sites

Happy to use what ever works and is secure enough not to be hijacked. I am not really sure what I need to do it but i know that postfix can accomplish this using a null server i beleive but i cant seem to get it working properly.

Here is my latest postconf -n

 

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
inet_interfaces = loopback-only
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mydestination = buildfit.com, localhost, localhost.localdomain, localhost
myhostname = localhost
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
recipient_delimiter = +
relayhost = milton.worldispnetwork.com
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options =
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes

 

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.