PostfixAdmin revamped (ViMbAdmin)
ViMbAdmin
The ViMbAdmin project ( vim / -be / -admin / ) provides a web-based administration interface for virtual
mailboxes, allowing mail administrators to easily manage domains, and aliases.
ViMbAdmin is free software, you can redistribute it or modify it in accordance with the terms of the GNU General Public License version 3.
ViMbAdmin was written in PHP using our own web application framework, which includes the Zend Framework, ORM Doctrina and the Smarty template system with jQuery and Bootstrap.
')
ViMbAdmin is placed on a separate page of the GitHub project, where you can find documentation,
view source code. Github
UPDATE:
yum install dovecot-mysql ViMbAdmin Demonstration System:
www.opensolutions.ie/vimbadmin/auth/login
=======================================
Standard and advanced features from PostfixAdmin include:
- Super administrator with full access;
- Administrators having access only to the established domain and their mailboxes and aliases;
- Super administrators can create and modify super administrators and administrators;
- jQuery Datatable for quick search in the browser and page numbering;
- Create, modify and delete;
- Enable / disable administrators, domains, mailboxes and aliases at the touch of a button;
- Full event logging;
- Interface for users (mailbox owners) to change their password;
Additional features include:
- default values ​​for quotas, number of mailboxes and aliases for creating a domain;
- added additional columns to the mailbox scheme (including UID, GID, home directory and Maildir);
- templates of greetings and settings for users;
- Support for choosing plain or hashed or salted mailbox password;
- Administrator password tables with salted SHA;
- Password Reset features for administrators and mailboxes;
ViMbAdmin installation instructions
github.com/opensolutions/ViMbAdmin/wiki/Installation-instructions
Install and configure Postfix + Dovecot:
Install the CentALT + EPEL repository:
rpm -Uhv http://centos.alt.ru/pub/repository/centos/6/x86_64/centalt-release-6-1.noarch.rpm rpm -Uhv http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm Install mail programs:
yum install postfix dovecot dovecot-pigeonhole Create a user and group that will be responsible for mailboxes:
groupadd -g 5000 vmail useradd -g vmail -u 5000 vmail -d /home/vmail -m Create a directory where MySQL connection settings will be stored:
mkdir /etc/postfix/mysql touch /etc/postfix/mysql/virtual-alias-maps.cfuser = vimbadmin password = password hosts = 127.0.0.1 dbname = vimbadmin query = SELECT goto FROM alias WHERE address = '%s' AND active = '1'
touch /etc/postfix/mysql/virtual-mailbox-domains.cfuser = vimbadmin password = password hosts = 127.0.0.1 dbname = vimbadmin query = SELECT domain FROM domain WHERE domain = '%s' AND backupmx = '0' AND active = '1'
touch /etc/postfix/mysql/virtual-mailbox-maps.cfuser = vimbadmin password = password hosts = 127.0.0.1 dbname = vimbadmin query = SELECT maildir FROM mailbox WHERE username = '%s' AND active = '1'
Start editing /etc/dovecot/dovecot.conf:
# 2.0.21: /etc/dovecot/dovecot.conf auth_mechanisms = plain login disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:/home/vmail/%d/%n mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { inbox = yes location = prefix = type = private } passdb { driver = pam } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { mode = 0600 user = vmail } user = root } userdb { driver = passwd } userdb { args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes driver = static } protocol pop3 { pop3_uidl_format = %08Xu%08Xv } protocol lda { auth_socket_path = /var/run/dovecot/auth-master log_path = /home/vmail/dovecot-deliver.log postmaster_address = postmaster@myserver.com } Also edit /etc/dovecot/dovecot-sql.conf:
driver = mysql connect = host=127.0.0.1 dbname=vimbadmin user=vimbadmin password=password default_pass_scheme = PLAIN-MD5 password_query = SELECT username as user, password FROM mailbox WHERE username = '%u' Go to Postfix setup.
/etc/postfix/main.cf
# additional_config_dir = /etc/postfix/config # , SMTP smtpd_banner = $myhostname ESMTP Xbox # biff , # , . biff = no # Appending .domain is the MUA's job. append_dot_mydomain = no # readme_directory = /usr/share/doc/postfix # TLS parameters # smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem # smtpd_tls_key_file = /etc/ssl/private/postfix.pem # TLS smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # (FQDN) myhostname = mail.server.com # , , # mydestination = $myhostname, localhost, localhost.$mydomain, $myhostname.$mydomain # mynetworks = 127.0.0.0/8 alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mailbox_command = procmail -a "$EXTENSION" # . 0 - mailbox_size_limit = 0 # , Postfix inet_interfaces = all # html html_directory = /usr/share/doc/postfix/html # , SMTP SMTP # HELO EHLO smtpd_helo_required = yes # EHLO SMTP smtp_always_send_ehlo = yes # SMTP VRFY. , # . ( VRFY) # disable_vrfy_command = yes # , Microsoft Outlook Express 4 # Microsoft Exchange 5, AUTH broken_sasl_auth_clients = yes # virtual_mailbox_domains = mysql:/etc/postfix/mysql/virtual-mailbox-domains.cf # virtual_mailbox_maps = mysql:/etc/postfix/mysql/virtual-mailbox-maps.cf # virtual_alias_maps = mysql:/etc/postfix/mysql/virtual-alias-maps.cf # UID- virtual_uid_maps = static:5000 # GID- virtual_gid_maps = static:5000 virtual_transport = dovecot # sasl smtpd_sasl_auth_enable = yes # sasl smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth dovecot_destination_recipient_limit = 1 # smtpd_restriction_classes = verify_sender, rbl_cbl_abuseat_org, rbl_sbl_spamhaus_org, rbl_dul_ru, rbl_spamcop, white_client_ip, black_client_ip, block_dsl, helo_access, white_client, black_client, mx_access # : verify_sender = reject_unverified_sender, permit rbl_cbl_abuseat_org = reject_rbl_client cbl.abuseat.org rbl_dul_ru = reject_rbl_client dul.ru rbl_sbl_spamhaus_org = reject_rbl_client sbl.spamhaus.org rbl_spamcop = reject_rbl_client bl.spamcop.net # IP , , white_client_ip = check_client_access pcre:$additional_config_dir/white_client_ip # IP , black_client_ip = check_client_access pcre:$additional_config_dir/black_client_ip # E-mail, white_client = check_sender_access pcre:$additional_config_dir/white_client # E-mail, black_client = check_sender_access pcre:$additional_config_dir/black_client # dsl/ , . block_dsl = regexp:$additional_config_dir/block_dsl # RFC 2821 helo_access = check_helo_access pcre:$additional_config_dir/helo_checks # , # IP MX mx_access = check_sender_mx_access cidr:$additional_config_dir/mx_access # restrictions # ( ), # postfix smtpd_client_restrictions = white_client_ip, black_client_ip, white_client, black_client, helo_access, block_dsl, rbl_dul_ru, rbl_sbl_spamhaus_org, rbl_spamcop, rbl_cbl_abuseat_org # permit_mynetworks, # permit_sasl_authenticated, # mynetworks # reject_unauth_destination. , # # , reject_unauth_destination, # , SMTP # , , Postfix # ESMTP reject_unauth_pipelining, # from, # A/MX reject_unknown_address, # reject_unknown_recipient_domain, # A MX DNS. # , reject_unknown_sender_domain # smtpd_sender_restrictions = white_client, white_client_ip, black_client_ip, # reject_unknown_recipient_domain, reject_unknown_sender_domain, # FQDN reject_non_fqdn_recipient, # FQDN - reject_non_fqdn_sender, permit_sasl_authenticated, permit_mynetworks, mx_access, # reject_unlisted_sender, reject_unauth_destination # smtpd_recipient_restrictions = verify_sender white_client, helo_access, reject_unknown_recipient_domain, reject_unknown_sender_domain, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unauth_pipelining, permit_sasl_authenticated, permit_mynetworks, reject_unlisted_recipient, reject_unknown_address, reject_unauth_destination, # # , reject_multi_recipient_bounce smtpd_data_restrictions = reject_unauth_pipelining, reject_multi_recipient_bounce, permit # , 5xx smtp_skip_5xx_greeting = no smtpd_reject_unlisted_sender = yes # smtpd_reject_unlisted_recipient = yes Now at the end of the /etc/postfix/master.cf file we add:
dovecot unix - nn - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient} Mail Filters:
mkdir /etc/postfix/config touch /etc/postfix/config/black_client touch /etc/postfix/config/black_client_ip touch /etc/postfix/config/block_dsl touch /etc/postfix/config/helo_checks touch /etc/postfix/config/mx_access touch /etc/postfix/config/white_client touch /etc/postfix/config/white_client_ip Edit / etc / postfix / config / black_client:
# # # reject' # mail.ru #/^.*\@mail\.ru$/ REJECT Your e-mail was banned! Edit / etc / postfix / config / black_client_ip:
# # # reject' # IP ( 123.45.67.89) #/123\.45\.67\.89/ REJECT Your IP was banned! # ( 123.45.0-255.0-255) #/123\.45/ REJECT Your IP-range was banned! # ( xyz.ua) #/xyz\.ua/ REJECT Your Domain was banned! # ( cc.zxc.ua) #cc\.zxc\.ua/ REJECT Your Domain was banned! Edit / etc / postfix / config / block_dsl:
/^dsl.*\..*/i 553 AUTO_DSL We aren't accept direct connection not from dedicated SMTP servers. Please use your internet provider SMTP Server. /.*\.dsl\..*/i 553 AUTO_DSL2 We aren't accept direct connection not from dedicated SMTP servers. Please use your internet provider SMTP Server. /[a|x]dsl.*\..*\..*/i 553 AUTO_[A|X]DSL We aren't accept direct connection not from dedicated SMTP servers. Please use your internet provider SMTP Server. /client.*\..*\..*/i 553 AUTO_CLIENT We aren't accept direct connection not from dedicated SMTP servers. Please use your internet provider SMTP Server. /cable.*\..*\..*/i 553 AUTO_CABLE We aren't accept direct connection not from dedicated SMTP servers. Please use your internet provider SMTP Server. /pool\..*/i 553 AUTO_POOL We aren't accept direct connection not from dedicated SMTP servers. Please use your internet provider SMTP Server. /.*dial(\.|-).*\..*\..*/i 553 AUTO_DIAL We aren't accept direct connection not from dedicated SMTP servers. Please use your internet provider SMTP Server. /ppp.*\..*/i 553 AUTO_PPP We aren't accept direct connection not from dedicated SMTP servers. Please use your internet provider SMTP Server. /dslam.*\..*\..*/i 553 AUTO_DSLAM We aren't accept direct connection not from dedicated SMTP servers. Please use your internet provider SMTP Server. /dslb.*\..*\..*/i 553 AUTO_DSLB We aren't accept direct connection not from dedicated SMTP servers. Please use your internet provider SMTP Server. /node.*\..*\..*/i 553 AUTO_NODE We aren't accept direct connection not from dedicated SMTP servers. Please use your internet provider SMTP Server. /.*\.dynamicIP\..*/i 553 AUTO_DYNAMIC We aren't accept direct connection not from dedicated SMTP servers. Please use your internet provider SMTP Server. /[ax]dsl.*\..*\..*/i REJECT Your message looks like SPAM 01 /\.dsl.*\..*\..*/i REJECT Your message looks like SPAM 02 /cable.*\..*\..*/i REJECT Your message looks like SPAM 03 /client.*\..*\..*/i REJECT Your message looks like SPAM 04 /dhcp.*\..*\..*/i REJECT Your message looks like SPAM 05 /dial.*\..*\..*/i REJECT Your message looks like SPAM 06 /dialup.*\..*\..*/i REJECT Your message looks like SPAM 07 /dslam.*\..*\..*/i REJECT Your message looks like SPAM 08 /node.*\..*\..*/i REJECT Your message looks like SPAM 09 /pool.*\..*\..*/i REJECT Your message looks like SPAM 10 /ppp.*\..*\..*/i REJECT Your message looks like SPAM 11 /user.*\..*\..*/i REJECT Your message looks like SPAM 12 /[0-9]+-[0-9]+/ REJECT Invalid hostname (DD) (dsl) /(modem|dia(l|lup)|cp[ce]|dsl|p[cp]p|cable|catv|poo(l|les)|pppoe|dhcp|client|customer|user|host|[0-9]{4,})(-|_|\.|[0-9])/ REJECT Invalid hostname (client) Edit / etc / postfix / config / helo_checks:
/^\[?10\.\d{1,3}\.\d{1,3}\.\d{1,3}\]?$/ REJECT Address in RFC 1918 private network /^\[?192\.\d{1,3}\.\d{1,3}\.\d{1,3}\]?$/ REJECT Address in RFC 1918 private network /^\[?172\.\d{1,3}\.\d{1,3}\.\d{1,3}\]?$/ REJECT Address in RFC 1918 private network /\d{2,}[-\.]+\d{2,}/ REJECT Invalid hostname (DD) /^(((newm|em|gm|m)ail|yandex|rambler|hotbox|chat|rbc|subscribe|spbnit)\.ru)$/ REJECT Faked hostname ($1) /^(((hotmail|mcim|newm|em)ail|post|hotbox|msn|microsoft|aol|news|compuserve|yahoo|google|earthlink|netscape)\.(com|net))$/ REJECT Faked hostname ($1) /[^[] *[0-9]+((\.|-|_)[0-9]+){3}/ REJECT Invalid hostname (ipable) /(modem|dia(l|lup)|cp[ce]|dsl|p[cp]p|cable|catv|poo(l|les)|pppoe|dhcp|client|customer|user|host|[0-9]{4,})(-|_|\.|[0-9])/ REJECT Invalid hostname (client) Editing / etc / postfix / config / mx_access
127.0.0.1 DUNNO 127.0.0.2 550 Domains not registered properly 0.0.0.0/8 REJECT Domain MX in broadcast network 10.0.0.0/8 REJECT Domain MX in RFC 1918 private network 127.0.0.0/8 REJECT Domain MX in loopback network 169.254.0.0/16 REJECT Domain MX in link local network 172.16.0.0/12 REJECT Domain MX in RFC 1918 private network 192.0.2.0/24 REJECT Domain MX in TEST-NET network 192.168.0.0/16 REJECT Domain MX in RFC 1918 private network 224.0.0.0/4 REJECT Domain MX in class D multicast network 240.0.0.0/5 REJECT Domain MX in class E reserved network 248.0.0.0/5 REJECT Domain MX in reserved network Edit / etc / postfix / config / white_client:
# c mail.ru #/^.*\@mail\.ru$/ PERMIT Edit / etc / postfix / config / white_client_ip:
# SMTP- 91.214.209.5 #/91\.214\.209\.5/ PERMIT Open the log and look for errors:
tail -f /var/log/mail.log And we start postal services:
/etc/init.d/dovecot restart /etc/init.d/postfix restart ©
debian.asy.org.ua/5-postfix-postfixadmin-dovecot-ssl-roundcube.html
www.opensolutions.ie/open-source/vimbadmin
Source: https://habr.com/ru/post/166487/
All Articles