FreeBSD 4.11 + Postfix

はじめに

FreeBSDのパッケージにはSendmailがインストールされていますが、 Sendmailは設定ファイルがわかりにくいので、Postfixを使ってみました。

portsからインストール

Ports一発。

eden# pwd
/usr/ports/mail/postfix
eden# make install clean

以下のような Postfix のオプションを設定する画面が表示されますが、なにも選択しないで OK をクリック。

┌────────── Postfix configuration options ──────────────┐
│                                                                               │
│ Please select desired options:                                                │
│ ┌─────────────────────────────────────┐│
│ │ [ ] NOPCRE    DISABLE Perl Compatible Regular Expressions               │ │
│ │ [ ] SASL      Cyrus SASLv1 (Simple Authentication and Security Layer)   │ │
│ │ [ ] SASL2     Cyrus SASLv2 (Simple Authentication and Security Layer)   │ │
│ │ [ ] SASLKRB   If your SASL requires Kerberos select this option         │ │
│ │ [ ] SASLKRB5  If your SASL requires Kerberos5 select this option        │ │
│ │ [ ] SPF       SPF support                                               │ │
│ │ [ ] TLS       SSL and TLS                                               │ │
│ │ [ ] DB3       Berkeley DB3 (required if SASL also built with DB3)       │ │
│ │ [ ] DB40      Berkeley DB4.0 (required if SASL also built with DB4.0)   │ │
│ │ [ ] DB41      Berkeley DB4.1 (required if SASL also built with DB4.1)   │ │
│ │ [ ] DB42      Berkeley DB4.2 (required if SASL also built with DB4.2)   │ │
│ │ [ ] DB43      Berkeley DB4.3 (required if SASL also built with DB4.3)   │ │
│ │ [ ] MySQL     MySQL map lookups (choose version with WITH_MYSQL_VER)    │ │
│ │ [ ] PgSQL     PostgreSQL map lookups (choose with DEFAULT_PGSQL_VER)    │ │
│ │ [ ] OpenLDAP  OpenLDAP map lookups (choose ver. with WITH_OPENLDAP_VER) │ │
│ │ [ ] NIS       NIS map lookups                                           │ │
│ └─────v(+)─────────────────────────────┘ │
├───────────────────────────────────────┤
│                           [  OK  ]       Cancel                              │
└───────────────────────────────────────┘

Postfix のユーザとグループを追加していい？と聞かれるので、y を入力。

Added group "postfix".
Added group "maildrop".
Added user "postfix".
You need user "postfix" added to group "mail".
Would you like me to add it [y]?

mailer.conf を書き換えてもいい？と聞かれるので、y を入力。

Would you like to activate Postfix in /etc/mail/mailer.conf [n]?

ちなみに、Sendmail の時はこうなっていたものが、

> cat /etc/mail/mailer.conf
# $FreeBSD: src/etc/mail/mailer.conf,v 1.2.2.1 2002/04/09 02:00:56 gshapiro Exp $
#
# Execute the "real" sendmail program, named /usr/libexec/sendmail/sendmail
#
sendmail        /usr/libexec/sendmail/sendmail
send-mail       /usr/libexec/sendmail/sendmail
mailq           /usr/libexec/sendmail/sendmail
newaliases      /usr/libexec/sendmail/sendmail
hoststat        /usr/libexec/sendmail/sendmail
purgestat       /usr/libexec/sendmail/sendmail

この書き換えでこのように変わります。

> cat /etc/mail/mailer.conf
#
# Execute the Postfix sendmail program, named /usr/local/sbin/sendmail
#
sendmail        /usr/local/sbin/sendmail
send-mail       /usr/local/sbin/sendmail
mailq   /usr/local/sbin/sendmail
newaliases      /usr/local/sbin/sendmail

後は一気に終了。太字の部分は、インストール後に既存の設定を直すところです。

17077
17260
If you have postfix configured in your /etc/mail/mailer.conf (answered yes to
the previous question) and would like to enable postfix to start at boot time,
please set these variables in your /etc/rc.conf file:

sendmail_enable="YES"
sendmail_flags="-bd"
sendmail_pidfile="/var/spool/postfix/pid/master.pid"
sendmail_procname="/usr/local/libexec/postfix/master"
sendmail_outbound_enable="NO"
sendmail_submit_enable="NO"
sendmail_msp_queue_enable="NO"

This will disable Sendmail completely, and allow you to use /etc/rc.d/sendmail
to start and stop postfix (FreeBSD 5.x and up).  For FreeBSD 4.x, it will just
cause the system boot scripts to start sendmail for you.

Alternatively to the above settings, you can enable postfix to start with
the other local services, for example, after your database server starts if
you need it to be running for postfix.  To do this, set in your rc.conf file:

sendmail_enable="NONE"

Then make the following symbolic link:

cd /usr/local/etc/rc.d
ln -s /usr/local/sbin/postfix postfix.sh


With either startup configuration, you will want to disable some
Sendmail-specific daily maintenance routines in your /etc/periodic.conf file:

daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"


If you are using SASL, you need to make sure that postfix has access to read
the sasldb file.  This is accomplished by adding postfix to group mail and
making the /usr/local/etc/sasldb* file(s) readable by group mail (this should
be the default for new installs).

If you are upgrading from postfix version prior to 2.0, please see the README
files for recommended changes to your configuration.
===>   Compressing manual pages for postfix-2.2.4_1,1
===>   Registering installation for postfix-2.2.4_1,1
===> SECURITY REPORT:
      This port has installed the following binaries which execute with
      increased privileges.
/usr/local/sbin/postqueue
/usr/local/sbin/postdrop

      This port has installed the following files which may act as network
      servers and may therefore pose a remote security risk to the system.
/usr/local/libexec/postfix/nqmgr
/usr/local/libexec/postfix/tlsmgr
/usr/local/libexec/postfix/smtpd
/usr/local/libexec/postfix/lmtp
/usr/local/libexec/postfix/cleanup
/usr/local/libexec/postfix/virtual
/usr/local/libexec/postfix/oqmgr
/usr/local/libexec/postfix/master
/usr/local/libexec/postfix/anvil
/usr/local/libexec/postfix/qmgr
/usr/local/libexec/postfix/proxymap
/usr/local/libexec/postfix/pipe
/usr/local/libexec/postfix/trivial-rewrite
/usr/local/libexec/postfix/smtp
/usr/local/libexec/postfix/local
/usr/local/libexec/postfix/bounce
/usr/local/libexec/postfix/verify
/usr/local/libexec/postfix/spawn
/usr/local/libexec/postfix/scache
/usr/local/libexec/postfix/discard
/usr/local/libexec/postfix/showq
/usr/local/libexec/postfix/pickup
/usr/local/libexec/postfix/flush
/usr/local/libexec/postfix/qmqpd
/usr/local/libexec/postfix/error

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.

      For more information, and contact details about the security
      status of this software, see the following webpage:
http://www.postfix.org/
===>  Cleaning for libtool-1.5.18
===>  Cleaning for pcre-5.0
===>  Cleaning for postfix-2.2.4_1,1
eden#

/etc/rc.conf を設定して、次回OS起動時に Sendmail が起動しないようにします。

eden# grep sendmail /etc/rc.conf
#sendmail_enable="YES"
sendmail_enable="NONE"
eden#

現在動いている Sendmailも停止します。

eden# ps -ax | grep sendmail
  102  ??  Ss     0:00.16 sendmail: accepting connections (sendmail)
  105  ??  Is     0:00.01 sendmail: Queue runner@00:30:00 for /var/spool/client
eden#
eden# kill -9 102
eden# kill -9 105
eden# ps -ax | grep sendmail
eden#

次回OS起動時に Postfix が起動するようにします。

eden# cd /usr/local/etc/rc.d
eden# ln -s /usr/local/sbin/postfix postfix.sh
eden#

Postfixの設定

Postfix は Sendmail のような難解な設定ファイルではなく、UNIX風なわかりやすい設定です。

eden# pwd
/usr/local/etc/postfix
eden# ls -la main.cf
-rw-r--r--  1 root  wheel  25699 Jul 17 23:21 main.cf
eden#

main.cf から変更した個所は、これ。

myhostname = eden.hayagui.com
mydomain = hayagui.com
myorigin = $myhostname
mydestination = $myhostname, localhost.$mydomain, localhost
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

尚、同じネットワークにMXがある時は、以下のようにリレーホストを設定します。

relayhost = mx.hayagui.com

また、以前は存在しないユーザへのメールのエラーコードが450になっていたので、 550 であることを確認します。

unknown_local_recipient_reject_code = 550

main.cf を変更し終わったら、alias を有効にしたので、postalias で aliasのデータベースを作成します。 やり方は、mail.cf に書いています。

# If you change the alias database, run "postalias /etc/aliases" (or
# wherever your system stores the mail alias file), or simply run
# "newaliases" to build the necessary DBM or DB file.

一回 rehash してから 実行。

eden# rehash
eden# postalias /etc/aliases
eden#

動かす

Postfix を動かしてみます。

先に設定した 起動スクリプトを使います。

eden# /usr/local/etc/rc.d/postfix.sh start
postfix/postfix-script: starting the Postfix mail system
eden#

log で確認。エラーが出ていないことを確認。

eden# tail -n 2 /var/log/maillog
Jul 17 23:54:16 eden postfix/postfix-script: starting the Postfix mail system
Jul 17 23:54:16 eden postfix/master[17441]: daemon started -- version 2.2.4, configuration /usr/local/etc/postfix
eden#

rootからkenzにメール。

eden# mail kenz
Subject: test
hoge
.
EOT
eden#

eden# exit
logout
You have new mail.
> mail
Mail version 8.1 6/6/93.  Type ? for help.
"/var/mail/kenz": 2 messages 2 new
>N  1 root@eden.hayagui.co  Sun Jul 17 22:30  24/774   "Welcome"
 N  2 root@eden.hayagui.co  Sun Jul 17 23:56  14/440   "test"
& 2
Message 2:
From root@eden.hayagui.com  Sun Jul 17 23:56:55 2005
To: kenz@eden.hayagui.com
Subject: test
Date: Sun, 17 Jul 2005 23:56:55 +0900 (JST)
From: root@eden.hayagui.com (Charlie Root)

hoge

& exit
>