postfix - MTA alternative to sendmail ChangeLog

HOWTO


# postfix 2.0.6
# =============
cd
test -f installed/postfix-2.2.5.tar.gz &&
mv installed/postfix-2.2.5.tar.gz .
test ! -f postfix-2.2.5.tar.gz &&
wget ftp://postfix.teleglobe.net/postfix/official/postfix-2.2.5.tar.gz

# Verify tarball w/ md5sum:
# (this came from my gpg-verified tarball)
echo "9c13d58494c64012bfd8ab0d6967305c  postfix-2.2.5.tar.gz" | md5sum -c

# Verify tarball w/ sha1sum:
# (this also came from my gpg-verified tarball)
echo "5e86340e6ccff5a9141c259a6b65f72b7396483d  postfix-2.2.5.tar.gz" | \
sha1sum -c

# Verify tarball w/ gpg:
( gpg --list-keys C12BCD99 > /dev/null 2>&1 || gpg --recv-keys C12BCD99 ) &&
wget -nc ftp://postfix.teleglobe.net/postfix/official/\
postfix-2.2.5.tar.gz.sig &&
gpg --verify postfix-2.2.5.tar.gz.sig && rm postfix-2.2.5.tar.gz.sig

mkdir -p -m 0700 src
cd src
find -maxdepth 1 -type d -name "postfix-*" -exec rm -r {} \;
tar xzvf ~/postfix-2.2.5.tar.gz
cd postfix-2.2.5
test $UID = 0 && chown -R root:root .

# If you want to build postfix with TLS support, run this before running
# make
make makefiles CCARGS="-DUSE_TLS -I/usr/local/ssl/include" \
AUXLIBS="-L/usr/local/ssl/lib -lssl -lcrypto"

make

# Become root to install it
su

# If you were running sendmail before, this will 'disable' it's binaries,
# leaving them there so you can make sure you want to stick with Postfix
mv /usr/bin/mailq /usr/bin/mailq.OFF
mv /usr/bin/newaliases /usr/bin/newaliases.OFF
mv /usr/sbin/sendmail /usr/sbin/sendmail.OFF
chmod 755 /usr/bin/mailq.OFF /usr/bin/newaliases.OFF \
/usr/sbin/sendmail.OFF

# If you're sure that you want to remove sendmail completely (after backing
# up what you need to keep), run this to kill it.  This of course won't
# cover every possible installation (the milter libraries, etc.), but will
# get rid of the main binaries and their man pages.
rm -f /usr/bin/vacation /usr/lib/sendmail /usr/man/man1/vacation.1
( cd /usr/sbin ; rm -f editmap mail.local mailstats makemap praliases \
  smrsh )
( cd /usr/man/man8 ; rm -f editmap.8 mail.local.8 mailstats makemap.8 \
  praliases.8 smrsh.8 )
test -d /etc/mail && rm -r /etc/mail
test -d /var/spool/clientmqueue && rm -r /var/spool/clientmqueue
test -d /var/spool/mqueue && rm -r /var/spool/mqueue
rm -f /usr/bin/mailq.OFF /usr/bin/newaliases.OFF /usr/sbin/sendmail.OFF

# Create a 'postfix' group and user and a 'postdrop' user:
getent group | grep "^postfix:" > /dev/null || groupadd postfix
id postfix > /dev/null 2>&1 ||
useradd -d /bogus/dir -g postfix -s /bogus/shell postfix
getent group | grep "^postdrop:" > /dev/null || groupadd postdrop

# If this is an upgrade for you run 'make upgrade', otherwise run this
# (be aware - it's interactive):
make install

# The sample /etc/postfix/aliases isn't actually what it looks for by
# default.  Either create this symlink or set these two lines in
# /etc/postfix/main.cf:
# alias_maps = hash:/etc/postfix/aliases
# alias_database = hash:/etc/postfix/aliases
ln -sf /etc/postfix/aliases /etc/aliases

# If you went with the defaults:
# Configuration files are in /etc/postfix
# Administrative commands are in /usr/sbin
# Daemon programs are in /usr/libexec/postfix
# Queues are in /var/spool/postfix

# Peruse through the well-commented /etc/postfix/main.cf and
# read 'man postfix' for info and a list of other man pages.
# Also read ~jason/src/postfix-2.2.5/html/index.html or
# the online version at http://www.postfix.org/documentation.html


# If you built Postfix with TLS support, here's how to set it up

# Become your non-root account:
exit

# Make sure /usr/local/ssl/bin is in your PATH (or whatever directory has
# the openssl binary in it):
echo $PATH | grep -q "/usr/local/ssl/bin" ||
export PATH=$PATH:/usr/local/ssl/bin

# If your OpenSSL is installed under the /usr prefix (instead of
# /usr/local/ssl/bin like the source is), the openssl binary should be in
# /usr/bin (which should hopefully be in your PATH), and you'll probably
# find CA.pl in /etc/ssl/misc (instead of /usr/local/ssl/misc).  Also, if
# you use OpenSSL < 0.9.8 your CA.pl may create the key and the CSR in the
# same file (newreq.pem).  Split and/or rename as necessary.

cd
test -d demoCA && mv -f demoCA demoCA.old
test -f newcert.pem && mv -f newcert.pem newcert.pem.old
test -f newkey.pem && mv -f newkey.pem newkey.pem.old
test -f newreq.pem && mv -f newreq.pem newreq.pem.old
/usr/local/ssl/misc/CA.pl -newca
# <enter>
# <CA password - make up one>
# <CA password again>
# US
# New Jersey
# West Orange
# foo.org
# postmaster
# foo.org CA
# postmaster@foo.org
# <enter>
# <enter>
# <CA password>
/usr/local/ssl/misc/CA.pl -newreq-nodes
# US
# New Jersey
# West Orange
# foo.org
# postmaster
# serverhostname.foo.org
# postmaster@foo.org
# <enter>
# <enter>
/usr/local/ssl/misc/CA.pl -sign
# <CA password>
# y
# y

# Become root
su

# Copy the pem files in place, set permissions:
cp demoCA/cacert.pem newcert.pem newkey.pem /etc/postfix/
( cd /etc/postfix ; chmod 644 cacert.pem newcert.pem )
chmod 400 /etc/postfix/newkey.pem

# Add TLS-related settings to /etc/postfix/main.cf:
cat << EOF >> /etc/postfix/main.cf

# TLS
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_tls_cert_file = /etc/postfix/newcert.pem
smtp_tls_key_file = /etc/postfix/newkey.pem
smtp_tls_session_cache_database = btree:/var/run/smtp_tls_session_cache
smtp_use_tls = yes
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_key_file = /etc/postfix/newkey.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:/var/run/smtpd_tls_session_cache
smtpd_use_tls = yes
smtpd_tls_loglevel = 1

EOF

# <end of TLS setup>


# Once your configuration is done, to start Postfix run one of these
# (if this was an upgrade and postfix is running, stop it first):
# /usr/sbin/postfix start
# /usr/sbin/sendmail -bd -qwhatever

# To view the mail queue, run one of these:
# /usr/sbin/postqueue -p
# /usr/bin/mailq
# /usr/sbin/sendmail -bp

# To build a new aliases database, run one of these:
# /usr/sbin/postalias /etc/mail/aliases
# /usr/bin/newaliases
# /usr/sbin/sendmail -bi

# If you change the config files (master.cf or main.cf):
# /usr/sbin/postfix reload

## To have Postfix start automatically on boot-up, add something like this to
## /etc/rc.d/rc.local:
# if [ -x /usr/sbin/postfix ]; then
#   echo "Starting Postfix..."
#   /usr/sbin/postfix start
# fi

# Become yourself again
exit

cd
mkdir -p -m 0700 installed
rm -f installed/postfix-*.tar.*
mv postfix-2.2.5.tar.gz installed/

List of HOWTOs

Web page itself last updated: 2023-12-20 8:06pm (EST -0500)
HOWTO last updated: 2005-09-19 2:01pm
Copyright © 2001-2024 Jason Englander. All Rights reserved.
[HTML5]