Front | News | Features | Tutorials | Security | Resources | Contribute | Write for us |
Your Daily Source for BSD News and Information |
|
Using Postfix
InstallationAfter the configuration and compilation of Postfix, installation is the last step. To install Postfix on a BSD machine, you must first move the sendmail binaries so that you can replace the files without overwriting them. To do this you can su to root and execute the following commands:
# mv /usr/sbin/sendmail /usr/sbin/sendmail.old # mv /usr/bin/mailq /usr/bin/mailq.old # mv /usr/bin/newaliases /usr/bin/newaliases.old # chmod 755 /usr/sbin/sendmail.old /usr/bin/mailq.old /usr/bin/newaliases.old Note: After a make world to your BSD system, the Postfix binaries will be replaced with sendmail libraries. This makes it a very good idea to not delete the Postfix source tree after compilation, so in the future after a make world you can always come back and repeat the steps for the installation of the Postfix binaries listed above. Mail WrappersSome BSD machines may pack with a mail wrapper. It is used so that you can easily have several MTAs installed at the same time. The mail wrapper is not required, but if you plan to use it, you should definitely read the mailwrapper(8) and mailer.conf(5) man pages. Instead of replacing the sendmail binaries, you could simply setup the /etc/mailer.conf (or /etc/mail/mailer.conf) with something like:
# Emulate sendmail using postfix sendmail /usr/libexec/postfix/sendmail send-mail /usr/libexec/postfix/sendmail mailq /usr/libexec/postfix/sendmail newaliases /usr/libexec/postfix/sendmail After the installation of the Postfix binaries you must create the user that postfix will run as. This user is to be named 'postfix' and have a unique user and group id, with a non-existent shell (so that nobody can login to the account for security reasons), the account does not require to have an existing home directory either. To add the account to my machine, I executed the following commands:
# echo "postfix:*:33333:33333:Postfix Mail Daemon:/nonexistant:/sbin/nologin" >> \ /etc/passwd # echo "maildrop:*:33335:" >> /etc/group (Before you add the 'postfix' user and the 'maildrop' group, you may want to make sure the uid and gid I use are available. To do this look through the /etc/passwd and /etc/group files with a command like more /etc/passwd or more /etc/group You may also use the adduser(8) command.) After you add the user that the mail daemon will run as, it is a good idea to forward all that user's email to root. We do this because nobody can login as the user postfix, so it is a good idea to forward any email it gets to root. Here is how you add the alias:
# echo "postfix: root" >> /etc/aliasesNow comes a decision for the person who is installing postfix from the directions I am giving. If a world-writable maildrop is okay with you, you can skip the next section and go to the "sh INSTALL.sh" section. If you want to protect the maildrop directory, read the following section. Protecting your Maildrop directoryBy default, postfix installs with a world-writable, mode 1733, sticky maildrop so that local users can submit mail. Well this method avoids using set-[gu]id software, it is usually a bad idea if you have some annoying lusers. The world-writable maildrop would allow those users to fill the maildrop directory with masses of garbage and possibly crash the mail system. So to avoid this, we will add another group that is unique suck as the 'postfix' group. You can do this with the following command:
# echo "maildrop:*:33335:" >> /etc/groupAfter you add the maildrop group, you can proceed to the next section. sh INSTALL.shIf you have made it this far, you are ready to start the "real" installation program. You can do this by going to the top level directory of the postfix source and executing the following command:
# sh INSTALL.shThis will run you through a script that will ask for input. The defaults are fine here until you get the the "setgid: [no]" option. When you get here if you followed section 5, then you want to replace the no by typing "maildrop" and then pressing enter. If you skipped section 5 and are installing with a non-protected maildrop directory, then you can just leave this with the default "no" option. After this step the "manpages" option should also be left with the default selection.
Replacing sendmail foreverThis document teaches how to replace sendmail forever on the BSD system. To do this we are going to need to kill the sendmail daemon and restart it so that it only sends out the messages it may have queued. To do this you want to execute the following commands:# kill -9 `ps ax | grep '[s]endmail' | awk '{ print $1 }'` # /usr/sbin/sendmail.old -q # postfix startPostfix can be started using the same syntax as sendmail, so it is not required to change the /etc/rc.conf file. When first run you should watch the syslog for complaints from Postfix. Since we changed the main.cf file previously, you should now have a completely running mail daemon. You can find all the configuration files in /etc/postfix. When you modify any of these files you must reload the daemon using postfix reload as root.
Alan P. Laudicina attends Assumption College School in Windsor, Ontario, Canada. He runs a website called "UnixPower", located at http://www.unixpower.org/ and is the founder of the Windsor Unix Users Group. He can be contacted by email at alanp@unixpower.org
More Info
Not overwriting sendmail when doing a make world - Alan P. Laudicina
Not overwriting sendmail when doing a make world A small point of order: "kill -9" really should be a last resort and almost never a first. Since I'm quibbling, don't "grep re | awk {...}", instead use "awk /re/{...}".
-Andrew- |
||||
Back to top | updated: September 06, 2000 22:42:25 |