wiki:MailServer

Schematische voorstelling van de mailserver

Hierin staan zowel Zarafa als openxchange vermeld als email-backed. Beide kunnen gebruikt worden.

Virus scanner uitzetten of relaying toestaan

  • Mail op 127.0.0.1 word niet gescanned op virussen.
  • Mail op 127.0.0.2 is een blacklist test-ip. Deze zal altijd geblacklist worden. (zie http://cbl.abuseat.org/faq.html)
  • Mail op 127.0.0.3 word wel gescanned op virussen. Indien amavis e.d. niet geinstalleerd zijn zal het niet mogelijk zijn mail te versturen via 127.0.0.3.

Soms is het nodig de virus scanner uit te zetten of relaying toe te staan. Dit is te veranderen in /etc/qmail/tcp.smtp:

[Syn-3] root@server ~# cat /etc/qmail/tcp.smtp
127.0.0.1:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-queue"
127.0.0.2:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
127.0.0.3:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
172.16.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
172.17.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
172.18.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
172.19.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
172.20.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
172.21.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
172.22.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
172.23.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
172.24.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
172.25.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
172.26.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
172.27.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
172.28.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
172.29.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
172.30.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
172.31.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
192.168.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
10.:allow,RELAYCLIENT="",QMAILQUEUE="bin/qmail-qmqpc"
:allow,QMAILQUEUE="bin/qmail-qmqpc"

Indien QMAILQUEUE op bin/qmail-queue staat, dan gaat inkomende mail niet via amavis, maar direkt naar de mail queue.

Indien u RELAYCLIENT="" toevoegd, kunnen de gespecificeerde hosts de server als mail relay gebruiken.

Vergeet niet de .cdb file opnieuw te genereren:

[Syn-3] root@server ~# tcprules /etc/qmail/tcp.smtp.cdb /etc/qmail/tcp.tmp < /etc/qmail/tcp.smtp

Hierna word de wijziging meteen actief (restarts niet nodig).

Get a message from the virus-fault

To fetch a message from the "virus-fault" (/home/system/amavis/virusmails) pipe the file to "zarafa-dagent <username>".

[Syn-3] root@syn3.313373.nl /home/system/amavis/virusmails# cat virus-20120304-173313-24578-10 | zarafa-dagent ronnie
[26216] Delivered message to 'ronnie'
[Syn-3] root@syn3.313373.nl /home/system/amavis/virusmails#

Transparant spamfilter

Transparant spamfilter v2

This one has a double queue:

  • First queue catches incoming mail as quickly as possibe and just queues it.
  • It passes it to the second qmail, with a maximum number of parallel processes.
  • This ensures that there are never too much parellel amavis/dspam processes.

To temporary pause the scanning, while still accepting mails: shutdown qmail-send2

Get a message from the virus-fault

To fetch a message from the "virus-fault" (/home/system/amavis/virusmails) pipe the file to "/var/qmail/bin/qmail-inject".

[Syn-3] root@some.system.nl /home/system/amavis/virusmails# cat virus-20120413-143115-04803-02 | /var/qmail/bin/qmail-inject 
[Syn-3] root@some.system.nl /home/system/amavis/virusmails#

performance tuning

  • Mysql is usually the bottleneck: tune /etc/my.cnf to use more memory.
  • Use TOE instead of TEFT/TUM mode. Much faster, but doesnt automaticly learn new spam and get smarter.

Last modified 3 years ago Last modified on 01/07/16 14:46:45

Attachments (3)

Download all attachments as: .zip