Voilà, ça fait quelques semaines que j'ai un serveur dédié, et je suis en plein dans les configurations, la plupart sont établies, en revanches en ce qui concerne le serveur mail, je commence à perdre un peu espoir ^^.
Le protocol smtp ne fonctionne qu'en localhost, les quotas des comptes ne fonctionnes pas.
Pour commencer voici le résultat de netstat -lnp :
- Code: Tout sélectionner
Connexions Internet actives (seulement serveurs)
Proto Recv-Q Send-Q Adresse locale Adresse distante Etat PID/Program name
tcp 0 0 127.0.0.1:8000 0.0.0.0:* LISTEN 12577/ruby1.8
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 26011/dovecot
tcp 0 0 127.0.0.1:8100 0.0.0.0:* LISTEN 12585/ruby1.8
tcp 0 0 127.0.0.1:616 0.0.0.0:* LISTEN 1712/famd
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 29386/mysqld
tcp 0 0 0.0.0.0:6666 0.0.0.0:* LISTEN 13898/sshd
tcp 0 0 127.0.0.1:8300 0.0.0.0:* LISTEN 12581/ruby1.8
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 26011/dovecot
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1164/portmap
tcp 0 0 127.0.0.1:8400 0.0.0.0:* LISTEN 12589/ruby1.8
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 19221/pure-ftpd (SE
tcp 0 0 80.248.216.62:53 0.0.0.0:* LISTEN 12312/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 12312/named
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 27085/master
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 12312/named
tcp6 0 0 :::6666 :::* LISTEN 13898/sshd
tcp6 0 0 :::110 :::* LISTEN 23316/couriertcpd
tcp6 0 0 :::80 :::* LISTEN 16875/apache2
tcp6 0 0 :::21 :::* LISTEN 19221/pure-ftpd (SE
tcp6 0 0 :::53 :::* LISTEN 12312/named
tcp6 0 0 ::1:953 :::* LISTEN 12312/named
tcp6 0 0 :::443 :::* LISTEN 16875/apache2
udp 0 0 80.248.216.62:53 0.0.0.0:* 12312/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 12312/named
udp 0 0 0.0.0.0:111 0.0.0.0:* 1164/portmap
udp 0 0 80.248.216.62:123 0.0.0.0:* 1723/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 1723/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 1723/ntpd
udp6 0 0 :::53 :::* 12312/named
udp6 0 0 2001:470:c879:0:216:123 :::* 1723/ntpd
udp6 0 0 fe80::216:3eff:fe00:123 :::* 1723/ntpd
udp6 0 0 2001:470:1f13:199:2:123 :::* 1723/ntpd
udp6 0 0 ::1:123 :::* 1723/ntpd
udp6 0 0 :::123 :::* 1723/ntpd
Sockets du domaine UNIX actives(seulement serveurs)
Proto RefCnt Flags Type State I-Node PID/Program name Chemin
unix 2 [ ACC ] STREAM LISTENING 414541 29386/mysqld /var/run/mysqld/mysqld.sock
unix 2 [ ACC ] STREAM LISTENING 697164 23304/authdaemond /var/run/courier/authdaemon/socket.tmp
unix 2 [ ACC ] STREAM LISTENING 722441 27085/master public/cleanup
unix 2 [ ACC ] STREAM LISTENING 722448 27085/master private/tlsmgr
unix 2 [ ACC ] STREAM LISTENING 722452 27085/master private/rewrite
unix 2 [ ACC ] STREAM LISTENING 722456 27085/master private/bounce
unix 2 [ ACC ] STREAM LISTENING 722460 27085/master private/defer
unix 2 [ ACC ] STREAM LISTENING 722464 27085/master private/trace
unix 2 [ ACC ] STREAM LISTENING 722468 27085/master private/verify
unix 2 [ ACC ] STREAM LISTENING 722472 27085/master public/flush
unix 2 [ ACC ] STREAM LISTENING 722476 27085/master private/proxymap
unix 2 [ ACC ] STREAM LISTENING 722480 27085/master private/proxywrite
unix 2 [ ACC ] STREAM LISTENING 722484 27085/master private/smtp
unix 2 [ ACC ] STREAM LISTENING 722488 27085/master private/relay
unix 2 [ ACC ] STREAM LISTENING 722492 27085/master public/showq
unix 2 [ ACC ] STREAM LISTENING 722496 27085/master private/error
unix 2 [ ACC ] STREAM LISTENING 722500 27085/master private/retry
unix 2 [ ACC ] STREAM LISTENING 722504 27085/master private/discard
unix 2 [ ACC ] STREAM LISTENING 722508 27085/master private/local
unix 2 [ ACC ] STREAM LISTENING 713877 26011/dovecot /var/run/dovecot/dict-server
unix 2 [ ACC ] STREAM LISTENING 722512 27085/master private/virtual
unix 2 [ ACC ] STREAM LISTENING 722516 27085/master private/lmtp
unix 2 [ ACC ] STREAM LISTENING 722520 27085/master private/anvil
unix 2 [ ACC ] STREAM LISTENING 722524 27085/master private/scache
unix 2 [ ACC ] STREAM LISTENING 722528 27085/master private/maildrop
unix 2 [ ACC ] STREAM LISTENING 722532 27085/master private/uucp
unix 2 [ ACC ] STREAM LISTENING 722536 27085/master private/ifmail
unix 2 [ ACC ] STREAM LISTENING 722540 27085/master private/bsmtp
unix 2 [ ACC ] STREAM LISTENING 722544 27085/master private/scalemail-backend
unix 2 [ ACC ] STREAM LISTENING 722548 27085/master private/mailman
unix 2 [ ACC ] STREAM LISTENING 713879 26011/dovecot /var/run/dovecot/login/default
unix 2 [ ACC ] STREAM LISTENING 713899 26013/dovecot-auth /var/run/dovecot/auth-master
unix 2 [ ACC ] STREAM LISTENING 713884 26011/dovecot /var/run/dovecot/auth-worker.26013
unix 2 [ ACC ] STREAM LISTENING 713891 26013/dovecot-auth /var/spool/postfix/private/auth
Dans mon syslog, il n'y a rien d'alarmant, de même pour les logs de mails.
voici les configuration de mon main.cf pour postfix :
- Code: Tout sélectionner
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
disable_vrfy_command = yes
smtpd_helo_required = yes
alias_maps = hash:/etc/aliases
# appending .domain is the MUA's job.
append_dot_mydomain = no
smtp_tls_CAfile = /etc/postfix/tls/cacert.pem
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_tls_session_cache
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_key_file = /etc/postfix/tls/starbridge-key.pem
smtpd_tls_cert_file = /etc/postfix/tls/starbridge-cert.pem
smtpd_tls_CAfile = /etc/postfix/tls/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_tls_session_cache
tls_random_source = dev:/dev/urandom
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
# Pour faire simple, il est conseillé d'utiliser le reverse DNS de votre serveur.
mydomain = dream4web.com
myhostname = mail.dream4web.com
myorigin = mail.dream4web.com
mydestination = mail.dream4web.com, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8, 80.248.216.62
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_aliases.cf,mysql:/etc/postfix/mysql-virtual_aliases_comptes.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domaines.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_comptes.cf
virtual_mailbox_base = /var/spool/vmail/
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql-virtual_quotas.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "La boite mail de votre destinataire est pleine, merci de reessayez plus tard."
virtual_overquota_bounce = yes
virtual_transport = maildrop
maildrop_destination_recipient_limit = 1
# adresses d'expedition
smtpd_sender_restrictions =
permit_mynetworks,
warn_if_reject reject_unverified_sender
# adresses de destination
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_non_fqdn_recipient
# client
smtpd_client_restrictions =
permit_mynetworks
et le master.cf :
- Code: Tout sélectionner
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
#submission inet n - - - - smtpd
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - - - - qmqpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - - 300 1 oqmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - - - - smtp
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -w 90 -d ${user}@${nexthop} ${extension} ${recipient} ${user} ${nexthop} ${sender}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
Pour l'erreur du smtp, je me demandais si cette valeur n'est pas a changer : relayhost =
Et pour les quotas je ne comprend vraiment pas, le fichier de quota ne doit pas se créer, je ne sais pas comment il est censé s'appeler, mais je ne crois pas en voir la trace.
Une autre question, comment faire pour que le serveur smtp écoute sur le port 25 et 8025 car mon FAI bloque le port 25 je pense.
Et j'ai un autre soucis, le SSL/TLS ne fonctionne plus, et je ne vois pas pourquoi, j'ai essayé de re-générer mon certificat, j'ai pas l'impression d'avoir changer quelque chose, le port 993 est bien ouvert... Je ne trouve pas le problème non plus...
Merci d'avance
