Differences

This shows you the differences between two versions of the page.

--- email [2018/07/12 15:13]
SLUUG Administration
+++ email [2024/07/27 18:40] (current)
SLUUG Administration Add link to postfix_admin
@@ Line 7: / Line 7: @@
   * Disabled postgrey
   * All other filters already disabled
-  * Verify postfixadmin before cutover
+  * Verify postfixadmin before cutover. See the [[postfix admin|Postfix Admin page]].
   * PLAIN login method changed to TLS
     * (requires TLS connection before sending password)
@@ Line 16: / Line 16: @@
   * Configure maildir for new users in postfixadmin
-  * Setup and enable postgrey
   * Setup and enable SpamAssassin or rspamd
   * Setup and enable clamav
   * Setup and enable Amavisd?
   * Setup and configure Webalizer
-  *
+===== postgrey =====
+==== Configuration ====
+Create new "/etc/postgrey/whitelist_recipients.local".
+Edit it to add the one added "slack@craigbuchek.com" line from
+"/etc/postfix/postgrey_whitelist_recipients" copied from amber.
+Delete "/etc/postfix/postgrey_whitelist_recipients" copied from amber.
+Use /etc/postgrey/whitelist_recipients installed by default, don't change.
+Use "/etc/postgrey/whitelist_clients" installed by default, don't change.
+Delete "/etc/postfix/postgrey_whitelist_clients" copied from amber
+which was not changed from default on amber.
+Rename "/etc/postfix/postgrey_whitelist_clients.local" copied from amber
+to "/etc/postgrey/whitelist_clients.local".
+Edit this to delete or comment all SLUUG servers no longer operating.
+Edit /etc/default/postgrey to add to the POSTGREY_OPTS variable:
+<code>
+    --inet=127.0.0.1:10023           Replaces --inet=10023
+    --delay=240
+    --auto-whitelist-clients=4
+    --max-age=95
+</code>
+Restart the postgrey daemon:
+<code>
+systemctl stop   postgrey
+systemctl status postgrey
+systemctl start  postgrey
+systemctl status postgrey
+</code>
+Check logs "/var/log/daemon.log" and "/var/log/mail.info".
+netstat --all --numeric --numeric-ports | egrep 'Address|10023'
+ps -ef | egrep 'PID|postgrey'
+Edit "/etc/postfix/main.cf".
+Check port in main.cf should now be port 10023 and not 60000.
+The test to be added to "smtpd_recipient_restrictions" is
+"check_policy_service inet:127.0.0.1:10023,".
+An example is:
+<code>
+    smtpd_recipient_restrictions =
+        permit_mynetworks,
+        reject_unauth_destination,
+        check_policy_service inet:127.0.0.1:10023
+</code>
+Reload the postfix daemon:
+<code>
+systemctl reload postgrey
+systemctl status postgrey
+</code>
+Check log "/var/log/mail.info".
+Test sending mail from an external system.
+Continue to monitor "/var/log/mail.info".
+==== Additional information ====
+Files and directories of interest:
+  */etc/init.d/postgrey   - Startup script
+  */etc/default/postgrey  - Startup options
+  */etc/postgrey/         - All config files except startup options
+  */var/lib/postgrey/     - Database files
+Search finds comments that postgrey doesn't support systemd, and systemd
+is using "a shim" to just run the init script.
+When stopping, expect to see errors logged about
+Couldn't unlink "/var/run/postgrey.pid".
+However, it is properly created when started and deleted when stopped.

SLUUG Wiki

User Tools

Site Tools

Differences

Page Tools