Postfix Mail server pada Openbsd 4.1

Postfix, Mysql, Courier pop3 dan imap , Cyrus SASL , postfix admin, Web mail roundcube
Bonus Dovecot pop dan imap server , Grey List, Anti Virus dan Spam, dan contoh-contoh log.

Contoh File konfigurasi bisa di download pada link di bawah

INSTALL PHP5

$ sudo pkg_add http://openbsd.biz.net.id/4.1/packages/i386/php5-core-5.1.6p1.tgz

kalau PHP5 belum aktif aktifkan dengan perintah berikut:

$ sudo /usr/local/sbin/phpxs -s
[activating module `php5' in /var/www/conf/httpd.conf]
cp /usr/local/lib/php/libphp5.so /usr/lib/apache/modules/libphp5.so
 chmod 755 /usr/lib/apache/modules/libphp5.so
cp /var/www/conf/httpd.conf /var/www/conf/httpd.conf.bak
cp /var/www/conf/httpd.conf.new /var/www/conf/httpd.conf
rm /var/www/conf/httpd.conf.new

You should copy the sample configuration files from
/usr/local/share/examples/php5 to /var/www/conf/php.ini

copy php.ini dalam sample ke dalam /var/www/conf/
$ sudo cp /usr/local/share/examples/php5/php.ini-recommended /var/www/conf/php.ini

Untuk mengaktifkanmodul-modul dalam php misal :

$ sudo pkg_add -v http://openbsd.biz.net.id/4.1/packages/i386/php5-mysql-5.1.6p2.tgz
$ sudo /usr/local/sbin/phpxs -a mysql
Activating extension : mysql
$ sudo pkg_add http://openbsd.biz.net.id/4.1/packages/i386/php5-gd-5.1.6p2.tgz
$ sudo  /usr/local/sbin/phpxs -a gd
Activating extension : gd

Selanjutnya tinggal install modul-modul yang akan anda gunakan melalui packages installnya.
kenapa ? karana lebih mudah dan cepat heheheh :D

INSTALL MYSQL

$ sudo http://openbsd.biz.net.id/4.1/packages/i386/mysql-server-5.0.33.tgz
$ sudo  /usr/local/bin/mysqld_safe &
$ sudo /usr/local/bin/mysqladmin -u root password 'password_baru'

Masukan dalam /etc/rc.local startup script agar waktu di reboot mysql jalan kembali
$ sudo vi /etc/rc.local
masukan baris berikut :
====================

if [ X"${mysql}" == X"YES" -a -x /usr/local/bin/mysqld_safe ]; then
   echo -n " mysqld"; /usr/local/bin/mysqld_safe --user=_mysql --log --open-files-limit=256 &
   for i in 1 2 3 4 5 6; do
   if [ -S /var/run/mysql/mysql.sock ]; then
       break
       else
       sleep 1
       echo -n "."
   fi
 done
fi

===================
$ Vi /etc/rc.conf.local
tambahkan baris berikut :
================

mysql="YES"

===============

INSTALL POSTFIX

$ cd /usr/ports/mail/postfix

edit file Makefile.inc
$ sudo vi Makefile.inc

tambahkan mirror lokal indonesia pada MASTER_SITE_POSTFIX sehinga menjadi :
================

MASTER_SITE_POSTFIX=\
                ftp://mirror.cbn.net.id/pub/postfix-release/ \
                ftp://ftp.porcupine.org/mirrors/postfix-release/ \
                ftp://ftp.merit.edu/postfix/ \
                ftp://ftp.sunet.se/pub/unix/mail/postfix/ \
                ftp://ftp.tau.ac.il/pub/unix/mail/postfix/ \
                ftp://ftp.cs.uu.nl/mirror/postfix/postfix-release/

================

$ make show=FLAVORS
sasl2 ldap mysql pgsql db4
$ sudo env FLAVOR="sasl2 ldap mysql" make install 
--- postfix-2.3.7-sasl2-ldap-mysql -------------------
-> Creating /etc/mailer.conf.postfix
-> Creating Postfix spool directory and chroot area under /var/spool/postfix

    Warning: you still need to edit myorigin/mydestination/mynetworks
    parameter settings in /etc/postfix/main.cf.

    See also http://www.postfix.org/STANDARD_CONFIGURATION_README.html
    for information about dialup sites or about sites inside a
    firewalled network.

    BTW: Check your /etc/mail/aliases file and be sure to set up
    aliases that send mail for root and postmaster to a real person,
    then run /usr/local/sbin/newaliases.

+---------------
| Configuration files has been installed in /etc/postfix.
| Please update these files to meet your needs.
+---------------
+---------------
| Postfix can be set up to replace sendmail entirely. Please read the
| documentation at file:/usr/local/share/doc/postfix/html/index.html or
| http://www.postfix.org/ carefully before you decide to do this!

|
| To replace sendmail with postfix you have to install a new mailer.conf
| using the following command:
|
|     /usr/local/sbin/postfix-enable
|
| If you want to restore sendmail, this is done using the following command:
|
|     /usr/local/sbin/postfix-disable
+---------------

$ sudo  /usr/local/sbin/postfix-enable

old /etc/mailer.conf saved as /etc/mailer.conf.pre-postfix
postfix /etc/mailer.conf enabled

NOTE: do not forget to add sendmail_flags="-bd" to
      /etc/rc.conf.local to startup postfix correctly.

NOTE: do not forget to add "-a /var/spool/postfix/dev/log" to
      syslogd_flags in /etc/rc.conf.local and restart syslogd.

NOTE: do not forget to remove the "sendmail clientmqueue runner"
      from root's crontab.

$ sudo vi /etc/rc.conf.local
Ganti pada baris sendmail_flags= menjadi :
==========

sendmail_flags="-bd"

==========
kemudian pada baris syslogd_flags= menjadi
==========

syslogd_flags="-a /var/spool/postfix/dev/log"

==========
Kemudian tambahkan juga baris untuk menjalankan postfix agar setelah di restart kembali bekerja.
===========

postfix_flags="YES"

===========

Edit file /etc/rc.local kemudian tambahkan baris berikut :
==================================

# Postfix chroot Settings
if [ "X${postfix_flags}" != X"NO" ]; then
      mkdir -p /var/spool/postfix/var/run/mysql
      sleep 2
      ln -f /var/run/mysql/mysql.sock /var/spool/postfix/var/run/mysql/mysql.sock
fi

===================================

Konfigurasi Postfix:
Tentukan dimana akan diletakan file-file untuk email domain virual misal di sini kita letakan dalam /var/mail/virtual
$ sudo mkdir /var/mail/virtual
Ubah pemiliknya menjadi user: _postfix dan group : _postfix
$ sudo chown _postfix:_postfix /var/mail/virtual
Edit file konfigurasi postfix
$ sudo vi /etc/postfix/main.cf

Tambahkan Baris berikut:
=============

myhostname = isi_dengan nama server anda
mydomain = isi dengan nama domain server anda
myorigin = $mydomain
mydestination = $myhostname localhost.$mydomain $mydomain
alias_database = hash:/etc/mail/aliases
alias_maps = hash:/etc/mail/aliases
# postfixadmin stuff
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:507
virtual_mailbox_base = /var/mail/virtual
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 507
virtual_transport = virtual
virtual_uid_maps = static:507
# Additional for quota support
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
# store backup mx domains in mysql
relay_domains = proxy:mysql:/etc/postfix/mysql_relay_domains_maps.cf
#sasl2 stuff
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = 
      permit_mynetworks,
      permit_sasl_authenticated,
      reject_non_fqdn_hostname, 
      reject_non_fqdn_sender,
      reject_non_fqdn_recipient, 
      reject_unauth_destination,
      reject_unauth_pipelining, 
      reject_invalid_hostname,
      reject_rbl_client bl.spamcop.net

smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous

================

Selanjutnya buat file mysql map nya yang kita definisikan dalam main.cf
$ sudo vi /etc/postfix/mysql_virtual_alias_maps.cf
isi dengan baris berikut :
===========

user = postfix
password = p4ssw0rd
hosts = 127.0.0.1
dbname = postfix
query = SELECT goto FROM alias WHERE address='%s'

==========
postfix 2.2.x keatas (> 2.3 )
=========

user = postfix
password = p4ssw0rd
hosts = 127.0.0.1
dbname = postfix
table = alias
select_field = goto
where_field = address

=============

$ sudo vi /etc/postfix/mysql_virtual_domains_maps.cf
isi dengan baris berikut :
===========

user = postfix
password = p4ssw0rd
hosts = 127.0.0.1
dbname = postfix
query = SELECT description FROM domain WHERE domain='%s'

==========
postfix 2.2.x keatas (> 2.3 )
=========

user = postfix
password = p4ssw0rd
hosts = 127.0.0.1
dbname = postfix
table = domain
select_field = domain
where_field = domain
#additional_conditions = and backupmx = '0' and active = '1'

=========

$ sudo vi /etc/postfix/mysql_virtual_mailbox_maps.cf
isi dengan baris berikut :
===========

user = postfix
password = p4ssw0rd
hosts = 127.0.0.1
dbname = postfix
query = SELECT maildir FROM mailbox WHERE username='%s'

==========
postfix 2.2.x keatas (> 2.3 )
=========

user = postfix
password = p4ssw0rd
hosts = 127.0.0.1
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
#additional_conditions = and active = '1'

===========

$ sudo vi /etc/postfix/mysql_virtual_mailbox_limit_maps.cf
isi dengan baris berikut :
===========

user = postfix
password = p4ssw0rd
hosts = 127.0.0.1
dbname = postfix
query = SELECT quota FROM mailbox WHERE username='%s'

==========
postfix 2.2.x keatas (> 2.3 )
=========

user = postfix
password = p4ssw0rd
hosts = 127.0.0.1
dbname = postfix
table = mailbox
select_field = quota
where_field = username
#additional_conditions = and active = '1'

=======================

$ sudo vi /etc/postfix/mysql_relay_domains_maps.cf
isi dengan baris berikut :
===========

user = postfix
password = p4ssw0rd
hosts = 127.0.0.1
dbname = postfix
query = SELECT domain FROM domain WHERE domain='%s' and backupmx = '1'

==========
postfix 2.2.x keatas (> 2.3 )
=========

user = postfix
password = p4ssw0rd
hosts = 127.0.0.1
dbname = postfix
table = domain
select_field = domain
where_field = domain
additional_conditions = and backupmx = '1'

===============
Password isi dengan passwsord pada waktu membuat user postfix di mysql dengan postfix admin.
Waktunya install postfix admin di sini kita letakan file postfix admin dalam direktory /var/www/htdocs/ (default document root pada openbsd). terserah di letakan dimana saja boleh,
selama bisa di akses nanti nya lewat web.

Install POSTFIX ADMIN

# cd /var/www/htdocs
ambil file terbaru dari sini http://sourceforge.net/projects/postfixadmin/
$ sudo tar -zxvf postfixadmin-x.x.x.tar.gz
$ sudo mv postfixadmin-x.x.x postfixadmin
$ cd /var/www/htdocs/postfixadmin
$ sudo chmod 640 *.php *.css
$ cd /var/www/htdocs/postfixadmin/admin/
$ sudo chmod 640 *.php .ht*
$ cd /var/www/htdocs/postfixadmin/images/
$ sudo chmod 640 *.gif *.png
$ cd /var/www/htdocs/postfixadmin/languages/
$ cd /var/www/htdocs/postfixadmin/templates/
$ sudo chmod 640 *.tpl
$ cd /var/www/htdocs/postfixadmin1/users/
$ cd /var/www/htdocs/postfixadmin/

Edit file DATABASE_MYSQL.TXT pada bagian ini :
========

# Postfix user & password
#INSERT INTO user (Host, User, Password) VALUES ('localhost','postfix',password('postfix'));
# Postfix Admin user & password
#INSERT INTO user (Host, User, Password) VALUES ('localhost','postfixadmin',password('postfixadmin'));
# Priviledges
#INSERT INTO db (Host, Db, User, Select_priv) VALUES ('localhost','postfix','postfix','Y');
#INSERT INTO db (Host, Db, User, Select_priv, Insert_priv, Update_priv, Delete_priv) VALUES ('localhost', 'postfix', 'postfixadmin', 'Y', '
Y', 'Y', 'Y');
FLUSH PRIVILEGES;
GRANT USAGE ON postfix.* TO postfix@localhost;
GRANT SELECT, INSERT, DELETE, UPDATE ON postfix.* TO postfix@localhost;
GRANT USAGE ON postfix.* TO postfixadmin@localhost;
GRANT SELECT, INSERT, DELETE, UPDATE ON postfix.* TO postfixadmin@localhost;
USE postfix;

===========
menjadi seperti ini:
==========

INSERT INTO user (Host, User, Password) VALUES ('127.0.0.1','postfix',password('p4ssw0rd'));
INSERT INTO user (Host, User, Password) VALUES ('127.0.0.1','postfixadmin',password('p4ssw0rd'));
INSERT INTO db (Host, Db, User, Select_priv) VALUES ('127.0.0.1','postfix','postfix','Y');
INSERT INTO db (Host, Db, User, Select_priv, Insert_priv, Update_priv, Delete_priv) VALUES ('127.0.0.1', 'postfix', 'postfixadmin', 'Y', 'Y', 'Y', 'Y');
FLUSH PRIVILEGES;
GRANT USAGE ON postfix.* TO postfix@127.0.0.1;
GRANT SELECT, INSERT, DELETE, UPDATE ON postfix.* TO postfix@127.0.0.1;
GRANT USAGE ON postfix.* TO postfixadmin@127.0.0.1;
GRANT SELECT, INSERT, DELETE, UPDATE ON postfix.* TO postfixadmin@127.0.0.1;
USE postfix;

===========
Password dibuat sama sesuai yang di buat untuk mysql map pada postfix
localhost di ganti menjadi 127.0.0.1 karena kadang suka tidak dapat me-resolve hostname.
Untuk amannya ganti saja menjadi 127.0.0.1

selanjutnya masukan table tersebut dalam mysql.

$ sudo mysql -u root -p < DATABASE_MYSQL.TXT
Enter password:

setup postfix admin

$ sudo chown -R www:www /var/www/htdocs/postfixadmin
$ sudo chmod -R 775 /var/www/htdocs/postfixadmin
$ cd postfixadmin

buka web browser link tempat diletakan file postfix admin.
misal :
http://nama_domain_or_ip.com/postfixadmin/setup.php
=========

Postfix Admin Setup Checker

Running software:

    * PHP version 5.1.6
    * Apache/1.3.29 (Unix) PHP/5.1.6 with Suhosin-Patch mod_ssl/2.8.16 OpenSSL/0.9.7j

Checking for dependencies:

    * Magic Quotes: Disabled - OK
    * Depends on: presence config.inc.php - OK
    * Depends on: MySQL 3.23, 4.0 - OK
    * Depends on: MySQL 4.1 - OK (change the database_type to 'mysqli' in config.inc.php!!)
    * Error: Can't connect to database
      Please edit the $CONF['database_*'] parameters in config.inc.php.

      DEBUG INFORMATION:
      Connect: Access denied for user 'postfixadmin'@'localhost' (using password: YES)
    * Depends on: session - OK
    * Depends on: pcre - OK

Please fix the errors listed above.

=============
sesuai anjuran dari setup.php maka :
$ sudo vi config.inc.php
ubah bagian berikut sesuai dengan konfigurasi pada server.
=======

$CONF['postfix_admin_url'] = 'http://nama_simain_or_ip.com/postfixadmin/';

=======
dan
=========

$CONF['configured'] = false;

=========
menjadi :
=========

#$CONF['configured'] = false;

===========
konfigurasi mysql:
==========

$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfixadmin';
$CONF['database_password'] = 'postfixadmin';
$CONF['database_name'] = 'postfix';
$CONF['database_prefix'] = '';

=========
menjadi
==========

$CONF['database_type'] = 'mysqli';
$CONF['database_host'] = '127.0.0.1';
$CONF['database_user'] = 'postfixadmin';
$CONF['database_password'] = 'p4ssw0rd';
$CONF['database_name'] = 'postfix';
$CONF['database_prefix'] = '';

========
ini juga hehehe
========

// Default Aliases
// The default aliases that need to be created for all domains.
$CONF['default_aliases'] = array (
    'abuse' => 'abuse@change-this-to-your.domain.tld',
    'hostmaster' => 'hostmaster@change-this-to-your.domain.tld',
    'postmaster' => 'postmaster@change-this-to-your.domain.tld',
    'webmaster' => 'webmaster@change-this-to-your.domain.tld'

======
ganti hostmaster@change-this-to-your.domain.tld, postmaster@change-this-to-your.domain.tld, webmaster@change-this-to-your.domain.tld dengan domain anda.

Ok refresh browser
tuing.. tuing....
=========

Postfix Admin Setup Checker

Running software:

    * PHP version 5.1.6
    * Apache/1.3.29 (Unix) PHP/5.1.6 with Suhosin-Patch mod_ssl/2.8.16 OpenSSL/0.9.7j

Checking for dependencies:

    * Magic Quotes: Disabled - OK
    * Depends on: presence config.inc.php - OK
    * Depends on: MySQL 3.23, 4.0 - OK
    * Depends on: MySQL 4.1 - OK
    * Testing database connection - OK - mysqli://postfixadmin:xxxxx@127.0.0.1/postfix
    * Depends on: session - OK
    * Depends on: pcre - OK

Everything seems fine... you are ready to rock & roll!

=========
semua dah ok dan akan ada tampilan untuk membuat super admin.
hapus file stup.php nya.
$ sudo rm setup.php

TIPS
Bila ada sudah berhasil membuat user SUPERADMIN dan tidak bisa login ( kembali terus ke login form)
cek file log apache yang berada dalam /var/www/logs
bila mirip seperti ini :

===========

[Thu Jan 24 16:24:54 2008] [error] PHP Warning:  session_start() [function.session-star
t]: open(/tmp//sess_3t1k0l1v0h37hk77l6f53g9f13, O_RDWR) failed: No such file or directory (2) in /htdocs/postfixadmi
n/common.php on line 39
[Thu Jan 24 16:24:54 2008] [error] PHP Warning:  Unknown: open(/tmp//sess_3t1k0l1v0h37hk77l6f53g9f13, O_RDWR) failed: No
 such file or directory (2) in Unknown on line 0
[Thu Jan 24 16:24:54 2008] [error] PHP Warning:  Unknown: Failed to write session data (files). Please verify that the c
urrent setting of session.save_path is correct () in Unknown on line 0

==========
coba cek di /var/www apakah ada folder tmp. kalau tidak ada buat file tersebut dan ganti pemilik dan groups nya ke www
$ sudo mkdir /var/www/tmp
$ sudo chown www:www /var/www/tmp

TEST POSTFIX
$ ps -ax | grep sendmail
31427 ?? Is 0:00.40 sendmail: accepting connections (sendmail)
$ sudo kill -9 31427
$ sudo postfix start
postfix/postfix-script: starting the Postfix mail system
cek di log:

$ sudo tail -f /var/log/maillog
Jan 22 17:23:16  postfix/postfix-script: starting the Postfix mail system
Jan 22 17:23:16  postfix/master[12804]: daemon started -- version 2.3.7, configuration /etc/postfix

berarti postfix sudah berjalan baik.

CYSRUS SASL2

Karen FLAVORS sudah support SASL maka waktu install postfix, terinstall juga paket SASL2-nya yaitu mengunakan cyrus sasl.
jadi tinggal masukan script untuk jalankan cyrus sasl pada /etc/rc.local
==========

#Cyrus SASL Authentication Daemon
if [ -x /usr/local/sbin/saslauthd ]; then
mkdir -p /var/spool/postfix/var/run/sasl2
sleep 2
echo -n ' saslauthd'; /usr/local/sbin/saslauthd -r -m /var/spool/postfix/var/run/sasl2 -a rimap -O 127.0.0.1
fi

=============

Buat file smtpd.conf dalam folder /usr/local/lib/sasl2/
$ sudo vi /usr/local/lib/sasl2/smtpd.conf
isikan dengan baris berikut :
===========

pwcheck_method: saslauthd
log_level: 3
mech_list: PLAIN LOGIN
saslauthd_path: /var/run/sasl2/mux

===========

INSTALL COURIER IMAP

$ sudo pkg_add http://openbsd.biz.net.id/4.1/packages/i386/courier-imap-4.1.1p0.tgz

$ sudo vi /etc/courier/imapd.cnf
Edit bagian imapd.cnf kira-kira seperti berikut : (sesuaikan dengan konfigurasi anda sendiri.)
==========

C=ID
ST=JKT
L= DKI JAKARTA
O=Courier Mail Server
OU=Automatically-generated IMAP SSL key
CN=localhost
emailAddress=postmaster@example.com

========
Buat sertifikat ssl IMAP
$ sudo mkimapdcert
Edit file imapd
dan ubah baris berikut IMAPDSTART=NO menjadi IMAPDSTART=YES
$ sudo vi /etc/courier/imapd

INSTALL COURIER POP3

$ sudo pkg_add http://openbsd.biz.net.id/4.1/packages/i386/courier-pop3-4.1.1.tgz
courier-pop3-4.1.1: complete
--- courier-pop3-4.1.1 -------------------
You now need to edit appropriately the Courier-POP3 configuration files
installed in /etc/courier/courier-imap from defaults placed in
/usr/local/share/examples/courier-imap.

To use POP3-SSL, be sure to read ssl(8) and run the mkpop3dcert script
if you require a self-signed certificate.

$ sudo vi /etc/courier/pop3d.cnf
Edit file pop3d.cnf kira-kira seperti berikut : (sesuaikan dengan konfigurasi sendiri)
=========

C=ID
ST=JKT
L= DKI JAKARTA
O=Courier Mail Server
OU=Automatically-generated POP3 SSL key
CN=localhost
emailAddress=postmaster@example.com

==========
Buat sertifikat ssl pop3d
$ sudo mkpop3dcert
Edit file pop3d
dan ubah baris berikut POP3DSTART=NO menjadi POP3DSTART=YES
$ sudo vi /etc/courier/pop3d

INSTALL COURIER AUTHLIB MYSQL

$ sudo pkg_add http://openbsd.biz.net.id/4.1/packages/i386/courier-authlib-mysql-0.58p0...
courier-authlib-mysql-0.58p0: complete

Edit file mysqlauthrc dalam /etc/courier/ bila file tersebut tidak ada copy dari /usr/local/share/examples/courier-authlib/
dan rename dari authmysqlrc.dist menjadi authmysqlrc
$ sudo cp /usr/local/share/examples/courier-authlib/authmysqlrc.dist /etc/courier/
kemudian rename menjadi mysqlauthrc dan edit
$ sudo mv /etc/courier/authmysqlrc.dist /etc/courier/authmysqlrc
$ sudo vi mysqlauthrc
isikan dengan line berikut :
==========

MYSQL_SERVER	 	127.0.0.1
MYSQL_USERNAME		postfix
MYSQL_PASSWORD	       p4ssw0rd
MYSQL_SOCKET 		/var/run/mysql/mysql.sock
MYSQL_PORT		0
MYSQL_OPT		0
MYSQL_DATABASE		postfix
MYSQL_USER_TABLE	mailbox
MYSQL_CRYPT_PWFIELD	password
MYSQL_UID_FIELD		'507'
MYSQL_GID_FIELD		'507'	
MYSQL_LOGIN_FIELD	username
MYSQL_HOME_FIELD	'/var/mail/virtual'
MYSQL_NAME_FIELD	name
MYSQL_MAILDIR_FIELD	maildir

===========

dalam file mysqlauthrc tertulis sebagai berikut :
MYSQL_UID_FIELD '507'
MYSQL_GID_FIELD '507'
dari mana angka 507 tersebut ?
$ id _postfix
uid=507(_postfix) gid=507(_postfix) groups=507(_postfix)
nah ketahuan kan asalnya dari mana.

buat authdaemond , POP3 dan IMAP untuk start kalau di reboot
$ sudo vi /etc/rc.local
isikan barsi berikut :
==========

#authdaemond
mkdir -p /var/run/courier
/usr/local/sbin/authdaemond start
#POP3 dan IMAP
/usr/local/libexec/pop3d.rc start
/usr/local/libexec/imapd.rc start
/usr/local/libexec/pop3d-ssl.rc start
/usr/local/libexec/imapd-ssl.rc start

==========

$ sudo /usr/local/libexec/imapd.rc start
$ sudo /usr/local/libexec/pop3d.rc start

Edit file authdaemonrc di dalam /etc/courier/ kalau file tersebut tidak ada copy dari /usr/local/share/examples/courier-authlib/
kemudian rename authdaemonrc.dist menjadi authdaemonrc
$ sudo cp /usr/local/share/examples/courier-authlib/authdaemonrc.dist /etc/courier/
$ sudo mv /etc/courier/authdaemonrc.dist /etc/courier/authdaemonrc

Jalankan Authdaemond
$ sudo mkdir -p /var/run/courier-auth
$ sudo /usr/local/sbin/authdaemond start
$ ps -ax | grep authdaemond

25311 ??  I       0:00.00 /usr/local/sbin/courierlogger -pid=/var/run/courier-auth/pid -start /usr/local/libexec/courier-authlib/authdaemond
15477 ??  I       0:00.01 /usr/local/libexec/courier-authlib/authdaemond
 4780 ??  I       0:00.00 /usr/local/libexec/courier-authlib/authdaemond
28017 ??  I       0:00.00 /usr/local/libexec/courier-authlib/authdaemond
10469 ??  I       0:00.00 /usr/local/libexec/courier-authlib/authdaemond
29762 ??  I       0:00.00 /usr/local/libexec/courier-authlib/authdaemond
23301 ??  I       0:00.00 /usr/local/libexec/courier-authlib/authdaemond

WEB MAIL ROUNDCUBEMAIL

Download Round cube dari http://roundcube.net/
$ sudo tar zxvf roundcubemail-0.1-rc2.tar.gz
$ sudo mv roundcubemail-0.1-rc2 roundcubemail
$ cd roundcubemail
buat mysql data base ini untuk mysql MySQL 4.1.x/5.x

$ mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1307
Server version: 5.0.33-log OpenBSD port: mysql-server-5.0.33

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> CREATE DATABASE roundcubemail DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
Query OK, 1 row affected (0.01 sec)

mysql> GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@127.0.0.1 IDENTIFIED BY 'p4ssw0rd';
Query OK, 0 rows affected (0.01 sec)

mysql> quit
Bye

$ mysql -u root -p roundcubemail < SQL/mysql5.initial.sql
Enter password:

Edit file config/db.inc.php
ubah bagian ini :
==========

$rcmail_config['db_dsnw'] = 'mysql://roundcube:xxxxxxxx@127.0.0.1/roundcubemail';

==========

INSTALL DOVECOT

Courier pop dan imap dapat di gantikan fungsinya dengan Dovecot. bila ingen mencoba dovecot silakan di install sebgai berikut. Dovecot dan courier tidak bisa berjalan berbarengan dengan port yang sama. gunakan salah satu.
$ cd /usr/ports/mail/dovecot
$ make show=FLAVORS
ldap mysql postgresql no_sieve
$ sudo env FLAVOR="ldap mysql" make install clean

dovecot-1.0.2: complete
--- dovecot-1.0.2 -------------------
Files to facilitate the generation of a self-signed
certificate and key for Dovecot have been installed:
/etc/ssl/dovecot-openssl.cnf (Edit this accordingly!)
/usr/local/sbin/dovecot-mkcert.sh

If this has been or will be accomplished by other means,
use the following paths for the files:
/etc/ssl/dovecotcert.pem
/etc/ssl/private/dovecot.pem

If you wish to have Dovecot started automatically at boot time,
simply add the follow lines to /etc/rc.local:

if [ -x /usr/local/sbin/dovecot ]; then
        echo -n ' dovecot';       /usr/local/sbin/dovecot
fi
===>  Cleaning for dovecot-1.0.2-ldap-mysql

Tambahkan ke dalam /etc/rc.local agar setiap restart dovecot akan berjalan kembali.
$ sudo vi /etc/rc.local

if [ -x /usr/local/sbin/dovecot ]; then
        echo -n ' dovecot';       /usr/local/sbin/dovecot
fi

edit file konfigurasi SSL sesuai dengan kebutuhan mirip dengan membuat sertifikat ssl untuk courier.
$ sudo vi /etc/ssl/dovecot-openssl.cnf
$ sudo /usr/local/sbin/dovecot-mkcert.sh

Generating a 1024 bit RSA private key
..........................++++++
.....++++++
writing new private key to '/etc/ssl/private/dovecot.pem'
-----

subject= /C=ID/ST=DKI JAKARTA/L=JAKARTA/O=IT/OU=IMAP server/CN=imap.server.gue.web.id/emailAddress=postmaster@server.gue.web.id
MD5 Fingerprint=76:8D:ED:0A:F3:7C:DD:6C:2D:D6:A3:8F:2C:01:4F:4A

Konfigurasi file dovecot.conf dalam /etc/
$ sudo vi /etc/dovecot.conf
sehingga kira-kira seperti berikut di bawah, sesuaikan dengan seting server anda.

base_dir: /var/spool/postfix/var/dovecot/
protocols: imap imaps pop3 pop3s
ssl_cert_file: /etc/ssl/dovecotcert.pem
login_dir: /var/dovecot/login
login_executable(default): /usr/local/libexec/dovecot/imap-login
login_executable(imap): /usr/local/libexec/dovecot/imap-login
login_executable(pop3): /usr/local/libexec/dovecot/pop3-login
login_user: _dovecot
first_valid_uid: 507
first_valid_gid: 507
mail_extra_groups: _postfix
mail_location: maildir:/var/mail/virtual/%u
mbox_write_locks: fcntl
mail_executable(default): /usr/local/libexec/dovecot/imap
mail_executable(imap): /usr/local/libexec/dovecot/imap
mail_executable(pop3): /usr/local/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/local/lib/dovecot/imap
mail_plugin_dir(imap): /usr/local/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3
imap_client_workarounds(default): delay-newmail outlook-idle netscape-eoh tb-extra-mailbox-sep
imap_client_workarounds(imap): delay-newmail outlook-idle netscape-eoh tb-extra-mailbox-sep
imap_client_workarounds(pop3): outlook-idle
pop3_uidl_format(default):
pop3_uidl_format(imap):
pop3_uidl_format(pop3): %08Xu%08Xv
pop3_client_workarounds(default):
pop3_client_workarounds(imap):
pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh
auth default:
  mechanisms: plain login digest-md5 cram-md5
  verbose: yes
  debug: yes
  debug_passwords: yes
  passdb:
    driver: sql
    args: /etc/dovecot-mysql.conf
  userdb:
    driver: sql
    args: /etc/dovecot-mysql.conf
  socket:
    type: listen
    client:
      path: /var/spool/postfix/var/dovecot/auth
      mode: 432
      user: _postfix
      group: _postfix

bagain ini :

  verbose: yes
  debug: yes
  debug_passwords: yes

hanya untuk melihat apakah authentikasi berjalan dan bila ada kesalahan akan terlihat apakah salah password contoh log seperti berikut:

Jan 30 17:54:19  dovecot: auth-worker(default): sql(aboen@server.gue.web.id,203.153.27.76): Password mismatch
Jan 30 17:54:19  dovecot: auth-worker(default): sql(aboen@server.gue.web.id,203.153.27.76): MD5(p4ssw0rd) != '$1$17bq7125$LdYxbuXFYFrHS8aacDTEW.'

Pada log tersebut password yang di berikan pada saat client login berbeda dengan password pada database system ini karena beda metode authentifikasinya.

silakan cek lebih lanjut pada bagian auth default pada bagian mechanisms den sesuaikan dengan seting pada konfigurasi password dalam postfixadmin

auth default:
  mechanisms: plain login digest-md5 cram-md5
  verbose: yes
  debug: yes
  debug_passwords: yes
  passdb:
    driver: sql
    args: /etc/dovecot-mysql.conf
  userdb:
    driver: sql
    args: /etc/dovecot-mysql.conf
  socket:
    type: listen
    client:
      path: /var/spool/postfix/var/dovecot/auth
      mode: 432
      user: _postfix
      group: _postfix

Selanjutnya buat file dovecot-mysql.conf dalam /etc
$ sudo vi /etc/dovecot-mysql.conf
isinya sebgai berikut

driver = mysql
connect = dbname=postfix user=postfix host=127.0.0.1 password=p4ssw0rd
default_pass_scheme = MD5
password_query = SELECT password FROM mailbox WHERE username = '%u'
user_query = SELECT maildir, 507 AS uid, 507 AS gid FROM mailbox WHERE username  = '%u'

Baris ini default_pass_scheme = MD5 juga dapat menjadi masalah pada saat authentifikasi
pelajari di sini : http://wiki.dovecot.org/Authentication/PasswordSchemes

Bila authentifikasi berjalan dengan baik kira-kira log yang keluar seperti berikut:

Jan 30 17:54:50  dovecot: auth-worker(default): sql(aboen@server.gue.web.id,203.153.27.76): SELECT maildir, 507 AS uid, 507 AS gid FROM mailbox WHERE username  = 'aboen@server.gue.web.id'
Jan 30 17:54:50  dovecot: auth(default): master out: USER       1       aboen@server.gue.web.id maildir=aboen@server.gue.web.id/        uid=507 gid=507
Jan 30 17:54:50  dovecot: imap-login: Login: user=, method=PLAIN, rip=203.153.27.76, lip=202.153.242.75, TLS

INSTALL ANTI VIRUS & ANTI SPAM

POSTFIX GRAYLIST

copy file greylist.pl dalam folder usr/ports/mail/postfix/stable/w-postfix-2.3.7-sasl2-ldap-mysql/postfix-2.3.7/examples/smtpd-policy/ kedalam folder /usr/libexec/postfix/
$ sudo cp /usr/ports/mail/postfix/stable/w-postfix-2.3.7-sasl2-ldap-mysql/postfix-2.3.7/examples/smtpd-policy/* /usr/libexec/postfix/

Edit file greylist.pl
$ sudo vi /usr/libexec/postfix/greylist.pl
edit bagian ini :
========

$database_name="/var/mta/greylist.db";

=========
menjadi
=========

$database_name="/var/mail/mta/greylist.db";

=========
buat folder mta dalam /var/mail
$ sudo mkdir /var/mail/mta
ganti pemiliknya menjadi nobody
$ sudo chown nobody /var/mail/mta

Tambahkan baris berikt pad main.cf dalam smtpd_recipient_restrictions
==========

check_sender_access hash:/etc/postfix/sender_access,
check_policy_service inet:127.0.0.1:9998

==========

tambahkan baris berikut pada master.cf
===========

127.0.0.1:9998  inet  n       n       n       -       -       spawn
	user=nobody argv=/usr/bin/perl   /usr/local/libexec/postfix/greylist.pl

=========

buat file sender_access dalam /etc/postfix
isikan domain2 yang di whitelist
$ sudo vi /etc/postfix/sender_access
contoh isi file sender_access
========

returns.groups.yahoo.com    OK
googlegroups.com                 OK

========
$ sudo postmap /etc/postfix/sender_access
$ sudo postfix reload

Bila terjadi error seperti berikut :

Feb  5 11:40:30  postfix/master[28502]: fatal: /etc/postfix/master.cf: line 60: bad transport type: argv=/usr/bin/perl

Solusi :
pada master.cf
==========

127.0.0.1:9998  inet  n       n       n       -       -       spawn
	user=nobody argv=/usr/bin/perl   /usr/local/libexec/postfix/greylist.pl

===========
baris User=nobody jangan di buat sejajar dengan baris 127.0.0.1 kasih 1 tab menjadi menjorok ke dalam

Contoh Log
======

Feb  5 13:22:15  postfix/smtpd[26469]: connect from py-out-1112.google.com[64.233.166.177]
Feb  5 13:22:15  postfix/smtpd[16346]: lost connection after CONNECT from py-out-1112.google.com[64.233.166.177]
Feb  5 13:22:15  postfix/smtpd[16346]: disconnect from py-out-1112.google.com[64.233.166.177]
Feb  5 13:22:21  postfix/smtpd[26469]: NOQUEUE: reject: RCPT from py-out-1112.google.com[64.233.166.177]: 450 4.7.1 : Recipient address rejected: Service is unavailable; from= to= proto=ESMTP helo=
Feb  5 13:22:21  postfix/smtpd[26469]: disconnect from py-out-1112.google.com[64.233.166.177]

==========
Postfix akan melakukan graylist pada semua email yang masuk dengan melakukan reject dengan pesan service is unavailable sehingga, kalau mail server
beneran maka mail server pengirim akan melakukan pengirman lagi beberapa saat kemudian.
============

Feb  5 13:45:41  postfix/smtpd[24041]: connect from rv-out-0910.google.com[209.85.198.186]
Feb  5 13:45:48  postfix/smtpd[24041]: 766D05D141B: client=rv-out-0910.google.com[209.85.198.186]
Feb  5 13:45:51  postfix/cleanup[29400]: 766D05D141B: message-id=<47A7FFED.9020804@gmail.com>
Feb  5 13:46:07  postfix/qmgr[26463]: 766D05D141B: from=, size=39151, nrcpt=1 (queue active)
Feb  5 13:46:07  postfix/virtual[14703]: 766D05D141B: to=, relay=virtual, delay=22, delays=22/0.02/0/0.08, dsn=2.0.0, status=sent (delivered to maildir)
Feb  5 13:46:07  postfix/qmgr[26463]: 766D05D141B: removed

=============

INSTALL CLAMAV

$ sudo pkg_add http://openbsd.biz.net.id/4.1/packages/i386/clamav-0.91.2.tgz

clamav-0.91.2:arc-5.21op0: complete
clamav-0.91.2:lha-1.14i.ac20050924.1: complete
clamav-0.91.2:unzip-5.52: complete
clamav-0.91.2:zoo-2.10.1p1: complete
clamav-0.91.2: complete
--- clamav-0.91.2 -------------------
Edit /etc/clamd.conf and /etc/freshclam.conf
to use ClamAV.

Use freshclam to install an up-to-date virus signature database.

If you want to scan RAR(2.0) and/or ARJ archives, you have to manually
build and install the archivers/unarj and archivers/unrar ports.

Ternyata clamav di packages udah basi hehehehe
dari pada belatungan install aja dari source, tapi di hapus dulu paket yang sudao di install.

$ sudo pkg_remove clamav-0.91.2.tgz

You should also run rm -fr /var/db/clamav/*
You should also run rm -fr /var/clamav/quarantine/*
You should also run /usr/sbin/userdel _clamav
You should also run /usr/sbin/groupdel _clamav

Bagian ini :
You should also run rm -fr /var/db/clamav/*
You should also run rm -fr /var/clamav/quarantine/*
Boleh lah di hapus dengan perintah :
$ sudo rm -fr /var/clamav
$ sudo rm -fr /var/clamav
user dan groupnya gak usdah di hapus karena kita akan pakai

INSTAL CLAMAV FROM SOURCE

download release terbaru dari : http://clamav.net/download/sources
kemudan mekarkan dengan tar -zxfv nama_file_clamaav.tar.gz dan masuk ke dalam folder tersebut.
Kemudian di configure sebgai berikut dan install.

$ ./configure  --sysconfdir=/etc --with-user=_clamav --with-group=_clamav
$ sudo make install clean

----------------------------------------------------------------------
Libraries have been installed in:
   /usr/local/lib

If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
   - add LIBDIR to the `LD_LIBRARY_PATH' environment variable
     during execution
   - use the `-Wl,-rpath,LIBDIR' linker flag

See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.

Edit file konfigurasi clamd.conf dalam /etc
$ cd /etc
$ sudo vi clamd.conf
edit bagian berikut menjadi seperti ini :
=====

# Comment or remove the line below.
#Example
#
LogFile /var/log/clamd.log
PidFile /var/run/clamd/clamd.pid
LocalSocket /var/amavisd/clamd.sock

===========
Edit freshclam.conf
$ sudo vi freshclam.conf
edit menjadi seprti berikut :
======

# Comment or remove the line below.
#Example
UpdateLogFile /var/log/freshclam.log
LogTime yes
PidFile /var/run/clamd/freshclam.pid
#DatabaseOwner _clamav
DatabaseOwner _vscan
DatabaseMirror db.clamav.or.id

==========

Tambahkan di crontab untuk update clamav agar di jalankan setiap jam 5.45 pagi
$ sudo crontab -e
==========

45      5       *       *       *       /usr/local/bin/freshclam --quiet

==========

jalankan daemon clamav
$ sudo clamd

AMAVISD-NEW

Install melalui ports, file-file perl pendukungnya akan ikut terinstall

$ cd /usr/ports/mail/amavisd-new
$ sudo make install clean
===>  Checking files for amavisd-new-2.3.2p0
>> amavisd-new-2.3.2.tar.gz doesn't seem to exist on this system.
>> Fetch http://www.ijs.si/software/amavisd/amavisd-new-2.3.2.tar.gz.
  4% |***                                                                                      | 36864     - stalled -
amavisd-new-2.3.2p0: complete
--- amavisd-new-2.3.2p0 -------------------
Enable amavisd-new in /etc/rc.local with the following lines:

if [ -x /usr/local/sbin/amavisd ]; then
        echo -n ' amavisd'; /usr/local/sbin/amavisd
fi

=========
edit file amavisd.conf sesuikan dengan kebutuhan antara lain
$ sudo vi /etc/amavisd.conf
=============

# ### http://www.clamav.net/
 ['ClamAV-clamd',
   \&ask_daemon, ["CONTSCAN {}\n", "/var/amavisd/clamd.sock"],
   qr/\bOK$/, qr/\bFOUND$/,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

=========
berikan tanda # pada anti virus yang tidak di perlukan.
setup direktory:
$ sudo mkdir /var/virusmails
$ sudo chown _vscan:_vscan /var/virusmails
$ sudo mkdir /var/amavisd/tmp
$ sudo chown _vscan:_vscan /var/amavisd/tmp

$ sudo mkdir /var/amavisd
$ sudo chown _clamav:_clamav /var/amavisd
$ sudo touch /var/log/clamd.log
$ sudo chown _clamav:_clamav /var/log/clamd.log

$ sudo chown _vscan:_vscan /var/log/freshclam.log
$ sudo chown -R _vscan:_vscan /usr/local/share/clamav
$ sudo chown _vscan:_vscan /var/log/clamd.log
$ sudo mkdir /var/run/clamd
$ sudo chown _vscan:_vscan /var/run/clamd

jalankan amavisd
$ sudo /usr/local/sbin/amavisd
liat di /var/log/maillog
seharusnya kalau berjalan normal seperti ini :
=============

Feb  6 16:27:09 server amavis[2915]: starting.  /usr/local/sbin/amavisd at server.xxxxxxx.co.id amavisd-new-2.3.2 (20050629), Unicode aware
Feb  6 16:27:09 server amavis[2915]: Perl version               5.008008
Feb  6 16:27:09 server amavis[18235]: Module Amavis::Conf        2.042
Feb  6 16:27:09 server amavis[18235]: Module Archive::Tar        1.30
Feb  6 16:27:09 server amavis[18235]: Module Archive::Zip        1.18
Feb  6 16:27:09 server amavis[18235]: Module Compress::Zlib      1.42
Feb  6 16:27:09 server amavis[18235]: Module Convert::TNEF       0.17
Feb  6 16:27:09 server amavis[18235]: Module Convert::UUlib      1.051
Feb  6 16:27:09 server amavis[18235]: Module DBD::mysql          3.0008
Feb  6 16:27:09 server amavis[18235]: Module DBI                 1.53
Feb  6 16:27:09 server amavis[18235]: Module DB_File             1.814
Feb  6 16:27:09 server amavis[18235]: Module MIME::Entity        5.420
Feb  6 16:27:09 server amavis[18235]: Module MIME::Parser        5.420
Feb  6 16:27:09 server amavis[18235]: Module MIME::Tools         5.420
Feb  6 16:27:09 server amavis[18235]: Module Mail::Header        1.74
Feb  6 16:27:09 server amavis[18235]: Module Mail::Internet      1.74
Feb  6 16:27:09 server amavis[18235]: Module Mail::SPF::Query    1.999001
Feb  6 16:27:09 server amavis[18235]: Module Mail::SpamAssassin  3.002001
Feb  6 16:27:09 server amavis[18235]: Module Net::Cmd            2.26
Feb  6 16:27:09 server amavis[18235]: Module Net::DNS            0.59
Feb  6 16:27:09 server amavis[18235]: Module Net::SMTP           2.29
Feb  6 16:27:09 server amavis[18235]: Module Net::Server         0.90
Feb  6 16:27:09 server amavis[18235]: Module Time::HiRes         1.86
Feb  6 16:27:09 server amavis[18235]: Module Unix::Syslog        0.100
Feb  6 16:27:09 server amavis[18235]: Amavis::DB code    NOT loaded
Feb  6 16:27:09 server amavis[18235]: Amavis::Cache code NOT loaded
Feb  6 16:27:09 server amavis[18235]: SQL base code      NOT loaded
Feb  6 16:27:09 server amavis[18235]: SQL::Log code      NOT loaded
Feb  6 16:27:09 server amavis[18235]: SQL::Quarantine    NOT loaded
Feb  6 16:27:09 server amavis[18235]: Lookup::SQL  code  NOT loaded
Feb  6 16:27:09 server amavis[18235]: Lookup::LDAP code  NOT loaded
Feb  6 16:27:09 server amavis[18235]: AM.PDP prot  code  NOT loaded
Feb  6 16:27:09 server amavis[18235]: SMTP-in prot code  loaded
Feb  6 16:27:09 server amavis[18235]: ANTI-VIRUS code    loaded
Feb  6 16:27:09 server amavis[18235]: ANTI-SPAM  code    loaded
Feb  6 16:27:09 server amavis[18235]: Unpackers  code    loaded
Feb  6 16:27:09 server amavis[18235]: Found $file            at /usr/bin/file
Feb  6 16:27:09 server amavis[18235]: No $dspam,             not using it
Feb  6 16:27:09 server amavis[18235]: Internal decoder for .mail
Feb  6 16:27:09 server amavis[18235]: Internal decoder for .asc

Feb  6 16:27:09 server amavis[18235]: Internal decoder for .uue
Feb  6 16:27:09 server amavis[18235]: Internal decoder for .hqx
Feb  6 16:27:09 server amavis[18235]: Internal decoder for .ync
Feb  6 16:27:09 server amavis[18235]: Found decoder for    .F    at /usr/local/bin/unfreeze
Feb  6 16:27:09 server amavis[18235]: Found decoder for    .Z    at /usr/bin/uncompress
Feb  6 16:27:09 server amavis[18235]: Internal decoder for .gz
Feb  6 16:27:09 server amavis[18235]: Found decoder for    .bz2  at /usr/local/bin/bzip2 -d
Feb  6 16:27:09 server amavis[18235]: Found decoder for    .lzo  at /usr/local/bin/lzop -d
Feb  6 16:27:09 server amavis[18235]: No decoder for       .rpm  tried: rpm2cpio.pl, rpm2cpio
Feb  6 16:27:09 server amavis[18235]: Found decoder for    .cpio at /bin/pax
Feb  6 16:27:09 server amavis[18235]: Found decoder for    .tar  at /bin/pax
Feb  6 16:27:09 server amavis[18235]: Found decoder for    .deb  at /usr/bin/ar
Feb  6 16:27:09 server amavis[18235]: Internal decoder for .zip
Feb  6 16:27:09 server amavis[18235]: Found decoder for    .rar  at /usr/local/bin/unrar
Feb  6 16:27:09 server amavis[18235]: Found decoder for    .arj  at /usr/local/bin/unarj
Feb  6 16:27:09 server amavis[18235]: Found decoder for    .arc  at /usr/local/bin/arc
Feb  6 16:27:09 server amavis[18235]: Found decoder for    .zoo  at /usr/local/bin/zoo
Feb  6 16:27:09 server amavis[18235]: Found decoder for    .lha  at /usr/local/bin/lha
Feb  6 16:27:09 server amavis[18235]: No decoder for       .cab  tried: cabextract
Feb  6 16:27:09 server amavis[18235]: No decoder for       .tnef tried: tnef
Feb  6 16:27:09 server amavis[18235]: Internal decoder for .tnef
Feb  6 16:27:09 server amavis[18235]: Found decoder for    .exe  at /usr/local/bin/unrar; /usr/local/bin/lha; /usr/local/bin/unarj
Feb  6 16:27:09 server amavis[18235]: Using internal av scanner code for (primary) ClamAV-clamd
Feb  6 16:27:09 server amavis[18235]: Found secondary av scanner ClamAV-clamscan at /usr/local/bin/clamscan

=====

Tambahkan seting pada postfix:
==========
master.cf
==========

smtp-amavis unix -      -       n       -       2  lmtp
    -o lmtp_data_done_timeout=1200
    -o lmtp_send_xforward_command=yes

127.0.0.1:10025 inet n  -       n       -       -  smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
    -o strict_rfc821_envelopes=yes
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000

==========
pada main.cf
===========

content_filter=smtp-amavis:[127.0.0.1]:10024

==========

SMTPD-SSL

Menjalankan smtp pada port 465
edit file master.cf uncoment pada baris berikut.
--------------

submission inet n       -       -       -       -       smtpd
  -o smtpd_enforce_tls=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
smtps     inet  n       -       -       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

------------------------------

edit /etc/services
$ sudo vi /etc/services
tambahkan baris :
smtps 465/tcp

copy file /etc/services ke dalam direktory postfix chroot /var/spool/postfix/etc/
$ sudo cp /etc/services /var/spool/postfix/etc/

tambahkan sertifikat tls pada main.cf
----------------

smtpd_tls_cert_file = /etc/ssl/smtpd.crt
smtpd_tls_key_file = /etc/ssl/smtpd.key

-----------------

buat sertifikat yang di maksud

$ sudo openssl genrsa -des3 -out /etc/ssl/smtpd.key 1024
Generating RSA private key, 1024 bit long modulus
..........................................++++++
..................++++++
e is 65537 (0x10001)
Enter pass phrase for /etc/ssl/smtpd.key:
Verifying - Enter pass phrase for /etc/ssl/smtpd.key:

$ sudo openssl req -new -key /etc/ssl/smtpd.key -out /etc/ssl/smtpd.csr
Enter pass phrase for /etc/ssl/smtpd.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) []:ID
State or Province Name (full name) []:DKI Jakarta
Locality Name (eg, city) []:Jakarta
Organization Name (eg, company) []:IT
Organizational Unit Name (eg, section) []:BSD
Common Name (eg, fully qualified host name) []:localhost
Email Address []:xxxxx@xxxxx.co.id

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

$ sudo openssl x509 -req -days 3650 -in /etc/ssl/smtpd.csr \
-signkey /etc/ssl/smtpd.key -out /etc/ssl/smtpd.crt

$ sudo openssl rsa -in  /etc/ssl/smtpd.key -out  /etc/ssl/smtpd.key.unencrypted
Enter pass phrase for /etc/ssl/smtpd.key:
writing RSA key
$ sudo mv -f /etc/ssl/smtpd.key.unencrypted /etc/ssl/smtpd.key

stop dan jalankan kembali postfix

$ sudo postfix stop
postfix/postfix-script: stopping the Postfix mail system
$ sudo postfix start
postfix/postfix-script: starting the Postfix mail system

BONUS ERROR
Postfix
===========

Jan 24 16:38:40  postfix/smtpd[8320]: disconnect from localhost[::1]
Jan 24 16:38:40  postfix/qmgr[12502]: 4D1C85D141B: from=, size=480, nrcpt=1 (queue active)
Jan 24 16:38:40  postfix/virtual[10597]: warning: valid_hostname: empty hostname
Jan 24 16:38:40  postfix/virtual[10597]: fatal: unable to use my own hostname
Jan 24 16:38:41  postfix/qmgr[12502]: warning: premature end-of-input on private/virtual socket while reading input attribute name
Jan 24 16:38:41  postfix/master[12804]: warning: process /usr/local/libexec/postfix/virtual pid 10597 exit status 1
Jan 24 16:38:41  postfix/master[12804]: warning: /usr/local/libexec/postfix/virtual: bad command startup -- throttling
Jan 24 16:38:41  postfix/qmgr[12502]: warning: private/virtual socket: malformed response
Jan 24 16:38:41  postfix/qmgr[12502]: warning: transport virtual failure -- see a previous warning/fatal/panic logfile record for the problem desc
ription
Jan 24 16:38:41  postfix/qmgr[12502]: 4D1C85D141B: to=, relay=none, delay=1.1, delays=0.08/1.1/0/0, dsn=4.3.0, status=def
erred (unknown mail transport error)

========
cek hostname :
$ hostname
kalau hasilnya kosong mungkin kesalah pada pembuatan host nya.
ya sudah di benerin :D
$ sudo hostname -s server.gakkepake.co.id
$ hostname
server.gakkepake.co.id

nah munculkan tuh hostname nya

Thanks to :
0. Alloh yang yang memberikan semua kenikmatan, ilmu, dan semua yang ada di muka bumi dan di langit.
1. Kuro aka barry yang sediakan server untuk di oprek.
2. google yang sediakan berbagai sumber dan tutorial sehingga sukses installasi ini

Attachment	Size
amavisd.conf	9.28 KB
authdaemonrc.	321 bytes
authmysqlrc.	471 bytes
clamd.conf	125 bytes
dovecot.conf	1.61 KB
dovecot-mysql.conf	279 bytes
freshclam.conf	188 bytes
imapd.	1.04 KB
imapd-ssl.	404 bytes
main.cf	3.02 KB
master.cf	4.88 KB
pop3d.	432 bytes
pop3d-ssl.	407 bytes