Postfixを使おう！

FreeBSDには、MTAとしてデフォルトで最新のsendmailがインストールされています。が、sendmailはその構造の複雑さゆえに、セキュリティホールが見つかることが多々あります。そこで、sendmailの代わりのMTAとして、Postfixを使用することにしました。

1. 材料
   • 最新のPostfixのソース
2. Postfixのインストール

   まずはMakefileを作成します。

   % make makefiles CCARGS='-DDEF_COMMAND_DIR=\"/usr/local/postfix/bin\" \
   -DDEF_DAEMON_DIR=\"/usr/local/postfix/sbin\" \
   -DDEF_CONFIG_DIR=\"/usr/local/postfix/etc\" \
   -DDEF_SAMPLE_DIR=\"/usr/local/postfix/etc\" \
   -DDEF_MANPAGE_DIR=\"/usr/local/postfix/man\" \
   -DDEF_README_DIR=\"/usr/local/postfix/docs\" \
   -DDEF_HTML_DIR=\"/usr/local/postfix/html\"'
   

   次にコンパイルします。

   % make
   

   最後にインストールします。赤字のところはmake makefilesした時に指定した値が反映されています。変更したい場合には、自分の環境に合わせて指定して下さい。

   # make install
   
   :
   
   Please specify the prefix for installed file names. Specify this
   ONLY if you are building ready-to-install packages for distribution
   to other machines.
   install_root: [/] 
   Please specify a directory for scratch files while installing
   Postfix. You must have write permission in this directory.
   tempdir: [/usr/local/work/postfix-2.0.13] 
   Please specify the final destination directory for installed Postfix
   configuration files.
   config_directory: [/usr/local/postfix/etc] 
   Please specify the final destination directory for installed Postfix
   daemon programs. This directory should not be in the command search
   path of any users.
   daemon_directory: [/usr/local/postfix/sbin] 
   Please specify the final destination directory for installed Postfix
   administrative commands. This directory should be in the command
   search path of adminstrative users.
   command_directory: [/usr/local/postfix/bin] 
   Please specify the final destination directory for Postfix queues.
   queue_directory: [/var/spool/postfix] 
   Please specify the final destination pathname for the installed
   Postfix sendmail command. This is the Sendmail-compatible mail
   posting interface.
   sendmail_path: [/usr/sbin/sendmail] 
   Please specify the final destination pathname for the installed
   Postfix newaliases command. This is the Sendmail-compatible command
   to build alias databases for the Postfix local delivery agent.
   newaliases_path: [/usr/bin/newaliases] 
   Please specify the final destination pathname for the installed
   Postfix mailq command. This is the Sendmail-compatible mail queue
   listing command.
   mailq_path: [/usr/bin/mailq] 
   Please specify the owner of the Postfix queue. Specify an account
   with numerical user ID and group ID values that are not used by any
   other accounts on the system.
   mail_owner: [postfix] 
   Please specify the group for mail submission and for queue management
   commands. Specify a group name with a numerical group ID that is
   not shared with other accounts, not even with the Postfix mail_owner
   account. You can no longer specify "no" here.
   setgid_group: [postdrop] 
   Please specify the destination directory for the Postfix on-line
   manual pages. You can no longer specify "no" here.
   manpage_directory: [/usr/local/postfix/man] 
   Please specify the destination directory for the Postfix sample
   configuration files.
   sample_directory: [/usr/local/postfix/etc] 
   Please specify the destination directory for the Postfix README
   files. Specify "no" if you do not want to install these files.
   readme_directory: [/usr/local/postfix/docs] Updating /usr/local/postfix/libexec/bounce...
   
   :
   

3. Postfixの設定

   Postfixのaliasesを/etc以下にコピーし、newaliasesを実行して、/etc/newaliases_dbを作成します。

   # newaliases
   

   次に、config_directoryで指定したディレクトリにあるmain.cfを編集します。編集するポイントとしては、以下の通りです。

   *** main.cf.org Mon Jul  7 00:10:08 2003
   --- main.cf     Thu Aug 14 13:38:18 2003
   ***************
   *** 66,71 ****
   --- 66,72 ----
     #
     #myhostname = host.domain.tld
     #myhostname = virtual.domain.tld
   + myhostname = hostname.domainname
     
     # The mydomain parameter specifies the local internet domain name.
     # The default is to use $myhostname minus the first component.
   ***************
   *** 73,78 ****
   --- 74,80 ----
     # parameters.
     #
     #mydomain = domain.tld
   + mydomain = domainname
     
     # SENDING MAIL
     # 
   ***************
   *** 88,94 ****
     # to recipient addresses that have no @domain part.
     #
     #myorigin = $myhostname
   ! #myorigin = $mydomain
     
     # RECEIVING MAIL
     
   --- 90,96 ----
     # to recipient addresses that have no @domain part.
     #
     #myorigin = $myhostname
   ! myorigin = $mydomain
     
     # RECEIVING MAIL
     
   ***************
   *** 104,110 ****
     #
     #inet_interfaces = all
     #inet_interfaces = $myhostname
   ! #inet_interfaces = $myhostname, localhost
     
     # The proxy_interfaces parameter specifies the network interface
     # addresses that this mail system receives mail on by way of a
   --- 106,112 ----
     #
     #inet_interfaces = all
     #inet_interfaces = $myhostname
   ! inet_interfaces = $myhostname, localhost
     
     # The proxy_interfaces parameter specifies the network interface
     # addresses that this mail system receives mail on by way of a
   ***************
   *** 150,156 ****
     # See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS".
     #
     #mydestination = $myhostname, localhost.$mydomain
   ! #mydestination = $myhostname, localhost.$mydomain $mydomain
     #mydestination = $myhostname, localhost.$mydomain, $mydomain,
     #	mail.$mydomain, www.$mydomain, ftp.$mydomain
     
   --- 152,158 ----
     # See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS".
     #
     #mydestination = $myhostname, localhost.$mydomain
   ! mydestination = $myhostname, localhost.$mydomain $mydomain
     #mydestination = $myhostname, localhost.$mydomain, $mydomain,
     #	mail.$mydomain, www.$mydomain, ftp.$mydomain
     
   ***************
   *** 413,419 ****
     # UNIX-style mailboxes are kept. The default setting depends on the
     # system type.
     #
   ! #mail_spool_directory = /var/mail
     #mail_spool_directory = /var/spool/mail
     
     # The mailbox_command parameter specifies the optional external
   --- 416,422 ----
     # UNIX-style mailboxes are kept. The default setting depends on the
     # system type.
     #
   ! mail_spool_directory = /var/mail
     #mail_spool_directory = /var/spool/mail
     
     # The mailbox_command parameter specifies the optional external
   ***************
   *** 541,547 ****
     # You MUST specify $myhostname at the start of the text. That is an
     # RFC requirement. Postfix itself does not care.
     #
   ! #smtpd_banner = $myhostname ESMTP $mail_name
     #smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
     
     # PARALLEL DELIVERY TO THE SAME DESTINATION
   --- 544,550 ----
     # You MUST specify $myhostname at the start of the text. That is an
     # RFC requirement. Postfix itself does not care.
     #
   ! smtpd_banner = $myhostname ESMTP $mail_name
     #smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
     
     # PARALLEL DELIVERY TO THE SAME DESTINATION
   

4. 参考資料

   Postfix

   Postfixのぺーじ