mise en place d'un serveur mail sur debian

mise en place d'un serveur mail sur debian - réseaux et sécurité - Linux et OS Alternatifs

Marsh Posté le 08-04-2013 à 18:48:16    

Bonjour à tous,  
je me suis pris récement un dédié chez ovh sur lequel j'ai installé notament un serveur mail avec postfix et courier.
j'ai suivi ce tu http://www.tutoriels-video.fr/inst [...] t-courier/
Tout fonctionne, je reçoit mes mail via roundcube direct sur le serveur, maintenant j'aimerais recuperer mes mails via thunderbird mais j'ai un probleme d'authentification.
 
voila ma config
 
/etc/postfix.main.cf

Citation :

# Bannière afficher lorsqu'on se connecte en SMTP sur le port 25
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
# Service qui envoie des notifications "nouveau message"
biff = no
# Desactive la commande SMTP VRFY. Arrête certaine technique pour avoir des adresses email
disable_vrfy_command = yes
# Impose au client SMTP de démarrer la session SMTP par une commande Helo (ou ehlo)
smtpd_helo_required = yes
# Avec le courier local ça ajoute .NDD aux adresses incomplètes (seulement le nom d'hote)
append_dot_mydomain = no
# Le nom de la machine du système de messagerie
# Par défaut c'est host.domain.tld mais on peut mettre un reverse dns
myhostname = reverseduserveur.in-addr.arpa
# Le domaine utilisé par defaut pour poster les message local
myorigin = ipduserveur.in-addr.arpa
# Liste des domaines pour lequel le serveur doit accepter le courrier
mydestination = reverseduserveur.in-addr.arpa, localhost.localdomain, localhost
# Pour effectuer des livraisons de courrier avec un relay (ici non)
relayhost =
# Liste des réseaux locaux autorisés
mynetworks = 127.0.0.0/8, ipduserveur
# Taille des boîtes au lettre (0 = illimité)
mailbox_size_limit = 0
# Séparateur entre le nom d'utilisateur et les extensions d'adresses
recipient_delimiter = +
# Interfaces réseaux à écouter (ici toutes)
inet_interfaces = all
# Gestion des boites mails virtuelle
# Contient les fichiers qui permettent de relier postfix  mysql
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_aliases.cf,mysql:/etc/postfix/mysql-virtual_aliases_comptes.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domaines.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_comptes.cf
# Le dossier ou seront contenu les mails (=home de l'user vmail)
virtual_mailbox_base = /home/vmail/
# L'id du groupe et de l'utilisateur vmail créé précédement
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
# Créer un dossier par comte email
virtual_create_maildirsize = yes
# A activer si vous souhaitez ajouter des quotas
virtual_mailbox_extended = yes
# Impose les limites au niveau des mails, dans notre cas aucune
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql-virtual_quotas.cf
# Ajouter une limite sur la taille des messages pour les boites virtuelles
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "La boite mail de votre destinataire est pleine, merci de reessayez plus tard."
virtual_overquota_bounce = yes
# adresses d'expedition
smtpd_sender_restrictions =
            permit_mynetworks,
            warn_if_reject reject_unverified_sender
# adresses de destination
smtpd_recipient_restrictions =
            permit_mynetworks,
            reject_unauth_destination,
            reject_non_fqdn_recipient
     
 
 
# Support TLS
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_auth_only = no
smtpd_use_tls = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtpd_recipient_limit = 100
smtpd_helo_restrictions = reject_invalid_hostname
smtpd_sender_restrictions = reject_unknown_address
 
# Support SASL
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions =
 permit_sasl_authenticated,
 permit_mynetworks,
 reject_unauth_destination
  reject_unauth_destination,
     reject_unauth_pipelining,
    reject_non_fqdn_hostname,
    reject_non_fqdn_sender,
    reject_non_fqdn_recipient,
    reject_invalid_hostname,
    reject_rbl_client list.dsbl.org,
    reject_rbl_client bl.spamcop.net,
    #reject_rbl_client sbl-xbl.spamhaus.org
 
 


/etc/postfix/master.cf

Citation :

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" ).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
-o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
#submission inet n       -       -       -       -       smtpd
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
    -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix    -    n    n    -    2    pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}
 
 
amavis unix - - - - 2 smtp
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes
 
127.0.0.1:10025 inet n - - - - smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=127.0.0.0/8
        -o strict_rfc821_envelopes=yes
        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
 


niveau autorisations de fichiers, au cas où j'ai fait une connerie

Citation :

drwxr-xr-x  4 root root     4096  2 avril 18:11 .
drwxr-xr-x 99 root root     4096  7 avril 12:26 ..
-rw-r--r--  1 root root        0  2 avril 15:36 body_checks
-rw-r--r--  1 root root      373  1 avril 18:28 dynamicmaps.cf
-rw-r--r--  1 root root        0  2 avril 15:36 header_checks
-rw-r--r--  1 root root     3863  2 avril 18:35 main.cf
-rw-r--r--  1 root root     3819  2 avril 15:36 main.cf~
-rw-r--r--  1 root root     5048  2 avril 15:36 main.cf~2
-rw-r--r--  1 root root     2803  1 avril 21:48 main.cf.backup
-rw-r--r--  1 root root     5895  2 avril 18:35 master.cf
-r--------  1 root root     5280  2 avril 15:36 master.cf~
-rw-r--r--  1 root root        0  2 avril 15:36 mime_header_checks
-rw-r-----  1 root postfix   175  1 avril 18:34 mysql-virtual_aliases.cf
-rw-r-----  1 root postfix   170  1 avril 18:35 mysql-virtual_aliases_comptes.cf
-rw-r-----  1 root postfix   231  2 avril 15:36 mysql-virtual_client.cf
-rw-r-----  1 root postfix   239  1 avril 18:33 mysql-virtual_comptes.cf
-rw-r-----  1 root postfix   177  1 avril 18:33 mysql-virtual_domaines.cf
-rw-r-----  1 root postfix   221  2 avril 15:36 mysql-virtual_domains.cf
-rw-r-----  1 root postfix   218  2 avril 15:36 mysql-virtual_email2email.cf
-rw-r-----  1 root postfix   230  2 avril 15:36 mysql-virtual_forwardings.cf
-rw-r-----  1 root postfix   288  2 avril 15:36 mysql-virtual_mailboxes.cf
-rw-r-----  1 root postfix   135  1 avril 18:36 mysql-virtual_quotas.cf
-rw-r-----  1 root postfix   252  2 avril 15:36 mysql-virtual_recipient.cf
-rw-r-----  1 root postfix   224  2 avril 15:36 mysql-virtual_relaydomains.cf
-rw-r-----  1 root postfix   230  2 avril 15:36 mysql-virtual_relayrecipientmaps.cf
-rw-r-----  1 root postfix   249  2 avril 15:36 mysql-virtual_sender.cf
-rw-r-----  1 root postfix   227  2 avril 15:36 mysql-virtual_transports.cf
-rw-r--r--  1 root root        0  2 avril 15:36 nested_header_checks
-rw-r--r--  1 root root    18992  4 mai    2011 postfix-files
-rwxr-xr-x  1 root root     8729  4 mai    2011 postfix-script
-rwxr-xr-x  1 root root    24256  4 mai    2011 post-install
drwxr-xr-x  2 root root     4096  2 avril 15:36 sasl
-rw-r--r--  1 root root     2041  2 avril 15:36 smtpd.cert
-rw-r-----  1 root root     3243  2 avril 15:36 smtpd.key
drwxr-xr-x  2 root root     4096  1 avril 21:45 ssl
 
 


concernant courier maintenant
 
authdaemonrc
 

Citation :

##VERSION: $Id: authdaemonrc.in,v 1.13 2005/10/05 00:07:32 mrsam Exp $
#
# Copyright 2000-2005 Double Precision, Inc.  See COPYING for
# distribution information.
#
# authdaemonrc created from authdaemonrc.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# This file configures authdaemond, the resident authentication daemon.
#
# Comments in this file are ignored.  Although this file is intended to
# be sourced as a shell script, authdaemond parses it manually, so
# the acceptable syntax is a bit limited.  Multiline variable contents,
# with the  continuation character, are not allowed.  Everything must
# fit on one line.  Do not use any additional whitespace for indentation,
# or anything else.
 
##NAME: authmodulelist:2
#
# The authentication modules that are linked into authdaemond.  The
# default list is installed.  You may selectively disable modules simply
# by removing them from the following list.  The available modules you
# can use are: authuserdb authpam authpgsql authldap authmysql authcustom authpipe
 
authmodulelist="authmysql"
 
##NAME: authmodulelistorig:3
#
# This setting is used by Courier's webadmin module, and should be left
# alone
 
authmodulelistorig="authuserdb authpam authpgsql authldap authmysql authcustom authpipe"
 
##NAME: daemons:0
#
# The number of daemon processes that are started.  authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE:  Some platforms may experience a problem if there's more than
# one daemon.  Specifically, SystemV derived platforms that use TLI with
# socket emulation.  I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases.  Symptoms
# include sporadic authentication failures.  If you start getting
# authentication failures, increase daemons.  However, the default of 5
# SHOULD be sufficient.  Bumping up daemon count is only a short-term
# solution.  The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...
 
daemons=5
 
##NAME: authdaemonvar:2
#
# authdaemonvar is here, but is not used directly by authdaemond.  It's
# used by various configuration and build scripts, so don't touch it!
 
authdaemonvar=/var/run/courier/authdaemon
 
##NAME: DEBUG_LOGIN:0
#
# Dump additional diagnostics to syslog
#
# DEBUG_LOGIN=0   - turn off debugging
# DEBUG_LOGIN=1   - turn on debugging
# DEBUG_LOGIN=2   - turn on debugging + log passwords too
#
# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog.
#
# Note that most information is sent to syslog at level 'debug', so
# you may need to modify your /etc/syslog.conf to be able to see it.
 
DEBUG_LOGIN=0
 
##NAME: DEFAULTOPTIONS:0
#
# A comma-separated list of option=value pairs. Each option is applied
# to an account if the account does not have its own specific value for
# that option. So for example, you can set
#   DEFAULTOPTIONS="disablewebmail=1,disableimap=1"
# and then enable webmail and/or imap on individual accounts by setting
# disablewebmail=0 and/or disableimap=0 on the account.
 
DEFAULTOPTIONS=""
 
##NAME: LOGGEROPTS:0
#
# courierlogger(1) options, e.g. to set syslog facility
#
 
LOGGEROPTS=""
 
##NAME: LDAP_TLS_OPTIONS:0
#
# Options documented in ldap.conf(5) can be set here, prefixed with 'LDAP'.
# Examples:
#
#LDAPTLS_CACERT=/path/to/cacert.pem
#LDAPTLS_REQCERT=demand
#LDAPTLS_CERT=/path/to/clientcert.pem
#LDAPTLS_KEY=/path/to/clientkey.pem
 
 


authmysql
 

Citation :

MYSQL_SERVER            localhost
MYSQL_USERNAME          postfix
MYSQL_PASSWORD          monmotdepasse
MYSQL_DATABASE          postfix
MYSQL_USER_TABLE        comptes
MYSQL_CRYPT_PWFIELD     password
MYSQL_UID_FIELD         5000
MYSQL_GID_FIELD         5000
MYSQL_LOGIN_FIELD       email
MYSQL_HOME_FIELD        "/home/vmail/"
MYSQL_MAILDIR_FIELD     CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')
 


imapd
 

Citation :

##VERSION: $Id: imapd.dist.in,v 1.41 2008/06/21 16:01:23 mrsam Exp $
#
# imapd created from imapd.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
#  Copyright 1998 - 2008 Double Precision, Inc.  See COPYING for
#  distribution information.
#
#  This configuration file sets various options for the Courier-IMAP server
#  when used with the couriertcpd server.
#  A lot of the stuff here is documented in the manual page for couriertcpd.
#
#  NOTE - do not use  to split long variable contents on multiple lines.
#  This will break the default imapd.rc script, which parses this file.
#
##NAME: ADDRESS:0
#
#  Address to listen on, can be set to a single IP address.
#
# ADDRESS=127.0.0.1
 
ADDRESS=0
 
##NAME: PORT:1
#
#  Port numbers that connections are accepted on.  The default is 143,
#  the standard IMAP port.
#
#  Multiple port numbers can be separated by commas.  When multiple port
#  numbers are used it is possible to select a specific IP address for a
#  given port as "ip.port".  For example, "127.0.0.1.900,192.68.0.1.900"
#  accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1
#  The previous ADDRESS setting is a default for ports that do not have
#  a specified IP address.
 
PORT=143
 
##NAME: AUTHSERVICE:0
#
#  It's possible to authenticate using a different 'service' parameter
#  depending on the connection's port.  This only works with authentication
#  modules that use the 'service' parameter, such as PAM.  Example:
#
#  AUTHSERVICE143=imap
#  AUTHSERVICE993=imaps
AUTHSERVICE993=imaps
##NAME: MAXDAEMONS:0
#
#  Maximum number of IMAP servers started
#
 
MAXDAEMONS=40
 
##NAME: MAXPERIP:0
#
#  Maximum number of connections to accept from the same IP address
 
MAXPERIP=20
 
##NAME: PIDFILE:0
#
#  File where couriertcpd will save its process ID
#
 
PIDFILE=/var/run/courier/imapd.pid
 
##NAME: TCPDOPTS:0
#
# Miscellaneous couriertcpd options that shouldn't be changed.
#
 
TCPDOPTS="-nodnslookup -noidentlookup"
 
##NAME: LOGGEROPTS:0
#
# courierlogger(1) options.                                        
#
 
LOGGEROPTS="-name=imapd"
 
##NAME: DEFDOMAIN:0
#
# Optional default domain. If the username does not contain the          
# first character of DEFDOMAIN, then it is appended to the username.
# If DEFDOMAIN and DOMAINSEP are both set, then DEFDOMAIN is appended
# only if the username does not contain any character from DOMAINSEP.
# You can set different default domains based on the the interface IP
# address using the -access and -accesslocal options of couriertcpd(1).
 
#DEFDOMAIN="@example.com"
 
##NAME: IMAP_CAPABILITY:1
#
# IMAP_CAPABILITY specifies what most of the response should be to the
# CAPABILITY command.
#
# If you have properly configured Courier to use CRAM-MD5, CRAM-SHA1, or
# CRAM-SHA256 authentication (see INSTALL), set IMAP_CAPABILITY as follows:
#
# IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE"
#
 
IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE"
 
##NAME: KEYWORDS_CAPABILITY:0
#
# IMAP_KEYWORDS=1 enables custom IMAP keywords.  Set this option to 0 to
# disable custom keywords.
#
# IMAP_KEYWORDS=2 also enables custom IMAP keywords, but uses a slower
# algorithm. Use this setting if keyword-related problems occur when
# multiple IMAP clients are updating keywords on the same message.
 
IMAP_KEYWORDS=1
 
##NAME: ACL_CAPABILITY:0
#
# IMAP_ACL=1 enables IMAP ACL extension. Set this option to 0 to
# disable ACL capabilities announce.
 
IMAP_ACL=1
 
##NAME: SMAP1_CAPABILITY:0
#
# EXPERIMENTAL
#
# To enable the experimental "Simple Mail Access Protocol" extensions,
# uncomment the following setting.
#
# SMAP_CAPABILITY=SMAP1
 
##NAME: IMAP_CAPABILITY_ORIG:2
#
# For use by webadmin
 
IMAP_CAPABILITY_ORIG="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE"
 
##NAME: IMAP_PROXY:0
#
# Enable proxying.  See README.proxy
 
IMAP_PROXY=0
 
##NAME: PROXY_HOSTNAME:0
#
# Override value from gethostname() when checking if a proxy connection is
# required.
#
# PROXY_HOSTNAME=
 
##NAME: IMAP_PROXY_FOREIGN:0
#
# Proxying to non-Courier servers.  Re-sends the CAPABILITY command after
# logging in to the remote server.  May not work with all IMAP clients.
 
IMAP_PROXY_FOREIGN=0
 
##NAME: IMAP_IDLE_TIMEOUT:0
#
# This setting controls how often
# the server polls for changes to the folder, in IDLE mode (in seconds).
 
IMAP_IDLE_TIMEOUT=60
 
##NAME: IMAP_MAILBOX_SANITY_CHECK:0
#
# Sanity check -- make sure home directory and maildir's ownership matches
# the IMAP server's effective uid and gid
 
IMAP_MAILBOX_SANITY_CHECK=1
 
##NAME: IMAP_CAPABILITY_TLS:0
#
# The following setting will advertise SASL PLAIN authentication after
# STARTTLS is established.  If you want to allow SASL PLAIN authentication
# with or without TLS then just comment this out, and add AUTH=PLAIN to
# IMAP_CAPABILITY
 
IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN"
 
##NAME: IMAP_TLS_ORIG:0
#
# For use by webadmin
 
IMAP_CAPABILITY_TLS_ORIG="$IMAP_CAPABILITY_ORIG AUTH=PLAIN"
 
##NAME: IMAP_DISABLETHREADSORT:0
#
# Set IMAP_DISABLETHREADSORT to disable the THREAD and SORT commands -
# server side sorting and threading.
#
# Those capabilities will still be advertised, but the server will reject
# them.  Set this option if you want to disable all the extra load from
# server-side threading and sorting.  Not advertising those capabilities
# will simply result in the clients reading the entire folder, and sorting
# it on the client side.  That will still put some load on the server.
# advertising these capabilities, but rejecting the commands, will stop this
# silliness.
#
 
IMAP_DISABLETHREADSORT=0
 
##NAME: IMAP_CHECK_ALL_FOLDERS:0
#
# Set IMAP_CHECK_ALL_FOLDERS to 1 if you want the server to check for new
# mail in every folder.  Not all IMAP clients use the IMAP's new mail
# indicator, but some do.  Normally new mail is checked only in INBOX,
# because it is a comparatively time consuming operation, and it would be
# a complete waste of time unless mail filters are used to deliver
# mail directly to folders.
#
# When IMAP clients are used which support new mail indication, and when
# mail filters are used to sort incoming mail into folders, setting
# IMAP_CHECK_ALL_FOLDERS to 1 will allow IMAP clients to announce new
# mail in folders.  Note that this will result in slightly more load on the
# server.
#
 
IMAP_CHECK_ALL_FOLDERS=0
 
##NAME: IMAP_OBSOLETE_CLIENT:0
#
# Set IMAP_OBSOLETE_CLIENT if your IMAP client expects \NoInferiors to mean
# what \HasNoChildren really means.
 
IMAP_OBSOLETE_CLIENT=0
 
##NAME: IMAP_UMASK:0
#
# IMAP_UMASK sets the umask of the server process.  The value of IMAP_UMASK is
# simply passed to the "umask" command.  The default value is 022.
#
# This feature is mostly useful for shared folders, where the file permissions
# of the messages may be important.
 
IMAP_UMASK=022
 
##NAME: IMAP_ULIMITD:0
#
# IMAP_ULIMITD sets the maximum size of the data segment of the server
# process.  The value of IMAP_ULIMITD is simply passed to the "ulimit -d"
# command (or ulimit -v).  The argument to ulimi sets the upper limit on the
# size of the data segment of the server process, in kilobytes.  The default
# value of 65536 sets a very generous limit of 64 megabytes, which should
# be more than plenty for anyone.
#
# This feature is used as an additional safety check that should stop
# any potential denial-of-service attacks that exploit any kind of
# a memory leak to exhaust all the available memory on the server.
# It is theoretically possible that obscenely huge folders will also
# result in the server running out of memory when doing server-side
# sorting (by my calculations you have to have at least 100,000 messages
# in a single folder, for that to happen).
 
IMAP_ULIMITD=131072
 
##NAME: IMAP_USELOCKS:0
#
# Setting IMAP_USELOCKS to 1 will use dot-locking to support concurrent
# multiple access to the same folder.  This incurs slight additional
# overhead.  Concurrent multiple access will still work without this setting,
# however occasionally a minor race condition may result in an IMAP client
# downloading the same message twice, or a keyword update will fail.
#
# IMAP_USELOCKS=1 is strongly recommended when shared folders are used.
 
IMAP_USELOCKS=1
 
##NAME: IMAP_SHAREDINDEXFILE:0
#
# The index of all accessible folders.  Do not change this setting unless
# you know what you're doing.  See README.sharedfolders for additional
# information.
 
IMAP_SHAREDINDEXFILE=/etc/courier/shared/index
 
##NAME: IMAP_ENHANCEDIDLE:0
#
# If Courier was compiled with the File Alteration Monitor, setting
# IMAP_ENHANCEDIDLE to 1 enables enhanced IDLE mode, where multiple
# clients may open the same folder concurrently, and receive updates to
# folder contents in realtime.  See the imapd(8) man page for additional
# information.
#
# IMPORTANT: IMAP_USELOCKS *MUST* also be set to 1, and IDLE must be included
# in the IMAP_CAPABILITY list.
#
 
IMAP_ENHANCEDIDLE=0
 
##NAME: IMAP_TRASHFOLDERNAME:0
#
# The name of the magic trash Folder.  For MSOE compatibility,
# you can set IMAP_TRASHFOLDERNAME="Deleted Items".
#
# IMPORTANT:  If you change this, you must also change IMAP_EMPTYTRASH
 
IMAP_TRASHFOLDERNAME=Trash
 
##NAME: IMAP_EMPTYTRASH:0
#
# The following setting is optional, and causes messages from the given
# folder to be automatically deleted after the given number of days.
# IMAP_EMPTYTRASH is a comma-separated list of folder:days.  The default
# setting, below, purges 7 day old messages from the Trash folder.
# Another useful setting would be:
#
# IMAP_EMPTYTRASH=Trash:7,Sent:30
#
# This would also delete messages from the Sent folder (presumably copies
# of sent mail) after 30 days.  This is a global setting that is applied to
# every mail account, and is probably useful in a controlled, corporate
# environment.
#
# Important: the purging is controlled by CTIME, not MTIME (the file time
# as shown by ls).  It is perfectly ordinary to see stuff in Trash that's
# a year old.  That's the file modification time, MTIME, that's displayed.
# This is generally when the message was originally delivered to this
# mailbox.  Purging is controlled by a different timestamp, CTIME, which is
# changed when the file is moved to the Trash folder (and at other times too).
#
# You might want to disable this setting in certain situations - it results
# in a stat() of every file in each folder, at login and logout.
#
 
IMAP_EMPTYTRASH=Trash:7
 
##NAME: IMAP_MOVE_EXPUNGE_TO_TRASH:0
#
# Set IMAP_MOVE_EXPUNGE_TO_TRASH to move expunged messages to Trash.  This
# effectively allows an undo of message deletion by fishing the deleted
# mail from trash.  Trash can be manually expunged as usually, and mail
# will get automatically expunged from Trash according to IMAP_EMPTYTRASH.
#
# NOTE: shared folders are still expunged as usual.  Shared folders are
# not affected.
#
 
IMAP_MOVE_EXPUNGE_TO_TRASH=0
 
 
##NAME: OUTBOX:0
#
# The next set of options deal with the "Outbox" enhancement.
# Uncomment the following setting to create a special folder, named
# INBOX.Outbox
#
# OUTBOX=.Outbox
 
##NAME: SENDMAIL:0
#
# If OUTBOX is defined, mail can be sent via the IMAP connection by copying
# a message to the INBOX.Outbox folder.  For all practical matters,
# INBOX.Outbox looks and behaves just like any other IMAP folder.  If this
# folder doesn't exist it must be created by the IMAP mail client, just
# like any other IMAP folder.  The kicker: any message copied or moved to
# this folder is will be E-mailed by the Courier-IMAP server, by running
# the SENDMAIL program.  Therefore, messages copied or moved to this
# folder must be well-formed RFC-2822 messages, with the recipient list
# specified in the To:, Cc:, and Bcc: headers.  Courier-IMAP relies on
# SENDMAIL to read the recipient list from these headers (and delete the Bcc:
# header) by running the command "$SENDMAIL -oi -t -f $SENDER", with the
# message piped on standard input.  $SENDER will be the return address
# of the message, which is set by the authentication module.
#
# DO NOT MODIFY SENDMAIL, below, unless you know what you're doing.
#
 
SENDMAIL=/usr/sbin/sendmail
 
##NAME: HEADERFROM:0
#
# For administrative and oversight purposes, the return address, $SENDER
# will also be saved in the X-IMAP-Sender mail header.  This header gets
# added to the sent E-mail (but it doesn't get saved in the copy of the
# message that's saved in the folder)
#
# WARNING - By enabling OUTBOX above, *every* IMAP mail client will receive
# the magic OUTBOX treatment.  Therefore advance LARTing is in order for
# _all_ of your lusers, until every one of them is aware of this.  Otherwise if
# OUTBOX is left at its default setting - a folder name that might be used
# accidentally - some people may be in for a rude surprise.  You can redefine
# the name of the magic folder by changing OUTBOX, above.  You should do that
# and pick a less-obvious name.  Perhaps brand it with your organizational
# name ( OUTBOX=.WidgetsAndSonsOutbox )
 
HEADERFROM=X-IMAP-Sender
 
##NAME: OUTBOX_MULTIPLE_SEND:0
#
# Remove the following comment to allow a COPY of more than one message to
# the Outbox, at a time.
#
# OUTBOX_MULTIPLE_SEND=1
 
##NAME: IMAPDSTART:0
#
# IMAPDSTART is not used directly.  Rather, this is a convenient flag to
# be read by your system startup script in /etc/rc.d, like this:
#
#  . /etc/courier/imapd
#
#  case x$IMAPDSTART in
#  x[yY]*)
#        /usr/lib/courier/imapd.rc start
#        ;;
#  esac
#
# The default setting is going to be NO, so you'll have to manually flip
# it to yes.
 
IMAPDSTART=YES
 
##NAME: MAILDIRPATH:0
#
# MAILDIRPATH - directory name of the maildir directory.
#
MAILDIRPATH=/home/vmail
 


imapd-ssl

Citation :

##VERSION: $Id: imapd-ssl.dist.in,v 1.22 2009/08/12 22:25:49 mrsam Exp $
#
# imapd-ssl created from imapd-ssl.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
#  Copyright 2000 - 2008 Double Precision, Inc.  See COPYING for
#  distribution information.
#
#  This configuration file sets various options for the Courier-IMAP server
#  when used to handle SSL IMAP connections.
#
#  SSL and non-SSL connections are handled by a dedicated instance of the
#  couriertcpd daemon.  If you are accepting both SSL and non-SSL IMAP
#  connections, you will start two instances of couriertcpd, one on the
#  IMAP port 143, and another one on the IMAP-SSL port 993.
#
#  Download OpenSSL from http://www.openssl.org/
#
##NAME: SSLPORT:1
#
#  Options in the imapd-ssl configuration file AUGMENT the options in the
#  imapd configuration file.  First the imapd configuration file is read,
#  then the imapd-ssl configuration file, so we do not have to redefine
#  anything.
#
#  However, some things do have to be redefined.  The port number is
#  specified by SSLPORT, instead of PORT.  The default port is port 993.
#
#  Multiple port numbers can be separated by commas.  When multiple port
#  numbers are used it is possibly to select a specific IP address for a
#  given port as "ip.port".  For example, "127.0.0.1.900,192.168.0.1.900"
#  accepts connections on port 900 on IP addresses 127.0.0.1 and 192.168.0.1
#  The SSLADDRESS setting is a default for ports that do not have
#  a specified IP address.
 
SSLPORT=993
 
##NAME: SSLADDRESS:0
#
#  Address to listen on, can be set to a single IP address.
#
# SSLADDRESS=127.0.0.1
 
SSLADDRESS=0
 
##NAME: SSLPIDFILE:0
#
# That's the SSL IMAP port we'll listen on.
# Feel free to redefine MAXDAEMONS, TCPDOPTS, and MAXPERIP.
 
SSLPIDFILE=/var/run/courier/imapd-ssl.pid
 
##NAME: SSLLOGGEROPTS:0
#
# courierlogger(1) options.                                        
#
 
SSLLOGGEROPTS="-name=imapd-ssl"
 
##NAME: IMAPDSSLSTART:0
#
# Different pid files, so that both instances of couriertcpd can coexist
# happily.
#
# You can also redefine IMAP_CAPABILITY, although I can't
# think of why you'd want to do that.
#
#
# Ok, the following settings are new to imapd-ssl:
#
#  Whether or not to start IMAP over SSL on simap port:
 
IMAPDSSLSTART=YES
 
##NAME: IMAPDSTARTTLS:0
#
#  Whether or not to implement IMAP STARTTLS extension instead:
 
IMAPDSTARTTLS=YES
 
##NAME: IMAP_TLS_REQUIRED:1
#
# Set IMAP_TLS_REQUIRED to 1 if you REQUIRE STARTTLS for everyone.
# (this option advertises the LOGINDISABLED IMAP capability, until STARTTLS
# is issued).
 
IMAP_TLS_REQUIRED=0
 
 
#########################################################################
#
# The following variables configure IMAP over SSL.  If OpenSSL or GnuTLS
# is available during configuration, the couriertls helper gets compiled, and
# upon installation a dummy TLS_CERTFILE gets generated.
#
# WARNING: Peer certificate verification has NOT yet been tested.  Proceed
# at your own risk.  Only the basic SSL/TLS functionality is known to be
# working. Keep this in mind as you play with the following variables.
#
##NAME: COURIERTLS:0
#
 
COURIERTLS=/usr/bin/couriertls
 
##NAME: TLS_PROTOCOL:0
#  
# TLS_PROTOCOL sets the protocol version.  The possible versions are:
#
# OpenSSL:
#
# SSL2 - SSLv2
# SSL3 - SSLv3
# SSL23 - either SSLv2 or SSLv3 (also TLS1, it seems)
# TLS1 - TLS1
#
# Note that this setting, with OpenSSL, is modified by the TLS_CIPHER_LIST
# setting, below.
#
# GnuTLS:
#
# SSL3   - SSLv3
# TLS1   - TLS 1.0
# TLS1_1 - TLS 1.1
#
# When compiled against GnuTLS, multiple protocols can be selected as follows:
#
# TLS_PROTOCOL="TLS1_1:TLS1:SSL3"
#
# DEFAULT VALUES:
#
# SSL23 (OpenSSL), or "TLS_1:TLS1:SSL3" (GnuTLS)
 
##NAME: TLS_STARTTLS_PROTOCOL:0
#  
# TLS_STARTTLS_PROTOCOL is used instead of TLS_PROTOCOL for the IMAP STARTTLS
# extension, as opposed to IMAP over SSL on port 993.
#
# It takes the same values for OpenSSL/GnuTLS as TLS_PROTOCOL
 
##NAME: TLS_CIPHER_LIST:0
#
# TLS_CIPHER_LIST optionally sets the list of ciphers to be used by the
# OpenSSL library.  In most situations you can leave TLS_CIPHER_LIST
# undefined
#
# OpenSSL:
#
# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL:!aNULL@STRENGTH"
#
# To enable SSL2, remove the obvious "!SSLv2" part from the above list.
#
#
# GnuTLS:
#
# TLS_CIPHER_LIST="HIGH:MEDIUM"
#
# The actual list of available ciphers depend on the options GnuTLS was
# compiled against. The possible ciphers are:
#
# AES256, 3DES, AES128, ARC128, ARC40, RC2, DES, NULL
#
# Also, the following aliases:
#
# HIGH -- all ciphers that use more than a 128 bit key size
# MEDIUM -- all ciphers that use a 128 bit key size
# LOW -- all ciphers that use fewer than a 128 bit key size, the NULL cipher
#        is not included
# ALL -- all ciphers except the NULL cipher
 
##NAME: TLS_MIN_DH_BITS:0
#
# TLS_MIN_DH_BITS=n
#
# GnuTLS only:
#
# Set the minimum number of acceptable bits for a DH key exchange.
#
# GnuTLS's compiled-in default is 727 bits (as of GnuTLS 1.6.3). Some server
# have been encountered that offer 512 bit keys. You may have to set
# TLS_MIN_DH_BITS=512 here, if necessary.
 
##NAME: TLS_KX_LIST:0
#
# GnuTLS only:
#
# Allowed key exchange protocols. The default of "ALL" should be sufficient.
# The list of supported key exchange protocols depends on the options GnuTLS
# was compiled against, but may include the following:
#
# DHERSA, DHEDSS, RSA, SRP, SRPRSA, SRPDSS, PSK, DHEPSK, ANONDH, RSAEXPORT
 
TLS_KX_LIST=ALL
 
##NAME: TLS_COMPRESSION:0
#
# GnuTLS only:
#
# Optional compression. "ALL" selects all available compression methods.
#
# Available compression methods: DEFLATE, LZO, NULL
 
TLS_COMPRESSION=ALL
 
##NAME: TLS_CERTS:0
#
# GnuTLS only:
#
# Supported certificate types are X509 and OPENPGP.
#
# OPENPGP has not been tested
 
TLS_CERTS=X509
 
##NAME: TLS_TIMEOUT:0
# TLS_TIMEOUT is currently not implemented, and reserved for future use.
# This is supposed to be an inactivity timeout, but its not yet implemented.
#
 
##NAME: TLS_DHCERTFILE:0
#
# TLS_DHCERTFILE - PEM file that stores a Diffie-Hellman -based certificate.
# When OpenSSL is compiled to use Diffie-Hellman ciphers instead of RSA
# you must generate a DH pair that will be used.  In most situations the
# DH pair is to be treated as confidential, and the file specified by
# TLS_DHCERTFILE must not be world-readable.
#
# TLS_DHCERTFILE=
 
##NAME: TLS_CERTFILE:0
#
# TLS_CERTFILE - certificate to use.  TLS_CERTFILE is required for SSL/TLS
# servers, and is optional for SSL/TLS clients.  TLS_CERTFILE is usually
# treated as confidential, and must not be world-readable. Set TLS_CERTFILE
# instead of TLS_DHCERTFILE if this is a garden-variety certificate
#
# VIRTUAL HOSTS (servers only):
#
# Due to technical limitations in the original SSL/TLS protocol, a dedicated
# IP address is required for each virtual host certificate. If you have
# multiple certificates, install each certificate file as
# $TLS_CERTFILE.aaa.bbb.ccc.ddd, where "aaa.bbb.ccc.ddd" is the IP address
# for the certificate's domain name. So, if TLS_CERTFILE is set to
# /etc/certificate.pem, then you'll need to install the actual certificate
# files as /etc/certificate.pem.192.168.0.2, /etc/certificate.pem.192.168.0.3
# and so on, for each IP address.
#
# GnuTLS only (servers only):
#
# GnuTLS implements a new TLS extension that eliminates the need to have a
# dedicated IP address for each SSL/TLS domain name. Install each certificate
# as $TLS_CERTFILE.domain, so if TLS_CERTFILE is set to /etc/certificate.pem,
# then you'll need to install the actual certificate files as
# /etc/certificate.pem.host1.example.com, /etc/certificate.pem.host2.example.com
# and so on.
#
# Note that this TLS extension also requires a corresponding support in the
# client. Older SSL/TLS clients may not support this feature.
#
# This is an experimental feature.
 
TLS_CERTFILE=/etc/courier/imapd.pem
 
##NAME: TLS_TRUSTCERTS:0
#
# TLS_TRUSTCERTS=pathname - load trusted certificates from pathname.
# pathname can be a file or a directory. If a file, the file should
# contain a list of trusted certificates, in PEM format. If a
# directory, the directory should contain the trusted certificates,
# in PEM format, one per file and hashed using OpenSSL's c_rehash
# script. TLS_TRUSTCERTS is used by SSL/TLS clients (by specifying
# the -domain option) and by SSL/TLS servers (TLS_VERIFYPEER is set
# to PEER or REQUIREPEER).
#
 
TLS_TRUSTCERTS=/etc/ssl/certs
 
##NAME: TLS_VERIFYPEER:0
#
# TLS_VERIFYPEER - how to verify client certificates.  The possible values of
# this setting are:
#
# NONE - do not verify anything
#
# PEER - verify the client certificate, if one's presented
#
# REQUIREPEER - require a client certificate, fail if one's not presented
#
#
TLS_VERIFYPEER=NONE
 
 
##NAME: TLS_EXTERNAL:0
#
# To enable SSL certificate-based authentication:
#
# 1) TLS_TRUSTCERTS must be set to a pathname that holds your certificate
#    authority's SSL certificate
#
# 2) TLS_VERIFYPEER=PEER or TLS_VERIFYPEER=REQUIREPEER (the later settings
#    requires all SSL clients to present a certificate, and rejects
#    SSL/TLS connections without a valid cert).
#
# 3) Set TLS_EXTERNAL, below, to the subject field that holds the login ID.
#    Example:
#
#  TLS_EXTERNAL=emailaddress
#
# The above example retrieves the login ID from the "emailaddress" subject
# field. The certificate's emailaddress subject must match exactly the login
# ID in the courier-authlib database.
 
##NAME: TLS_CACHE:0
#
# A TLS/SSL session cache may slightly improve response for IMAP clients
# that open multiple SSL sessions to the server.  TLS_CACHEFILE will be
# automatically created, TLS_CACHESIZE bytes long, and used as a cache
# buffer.
#
# This is an experimental feature and should be disabled if it causes
# problems with SSL clients.  Disable SSL caching by commenting out the
# following settings:
 
TLS_CACHEFILE=/var/lib/courier/couriersslcache
TLS_CACHESIZE=524288
 
##NAME: MAILDIRPATH:0
#
# MAILDIRPATH - directory name of the maildir directory.
#
MAILDIRPATH=/home/vmail
 
 


les permissions
 

Citation :

drwxr-xr-x  3 root   root    4096  8 avril 18:16 .
drwxr-xr-x 99 root   root    4096  7 avril 12:26 ..
-rw-rw----  1 daemon daemon  3656  2 avril 15:36 authdaemonrc
-r--------  1 root   root    3656  2 avril 15:36 authdaemonrc~
-rw-rw----  1 daemon daemon   431  2 avril 18:33 authmysqlrc
-r--------  1 root   root    8943  2 avril 15:36 authmysqlrc~
-rw-r--r--  1 root   root   13925  8 avril 18:12 imapd
-rw-------  1 daemon daemon   336 29 nov.   2010 imapd.cnf
-rw-------  1 root   root    2142  1 avril 21:56 imapd.pem
-rw-r--r--  1 root   root   10143  7 avril 15:39 imapd-ssl
-rw-r--r--  1 root   root       0  8 avril 18:17 N#Gf,q
-rw-r--r--  1 root   root    3331 29 nov.   2010 pop3d
drwxr-xr-x  2 daemon daemon  4096  1 avril 19:23 shared
 


Voilà, si quelqu'un a le courage de regarder s'il voit quelque chose qui va pas je lui serait très reconnaissant
Merci d'avance


---------------
Feedback [VDS]casque grado sr225
Reply

Marsh Posté le 08-04-2013 à 18:48:16   

Reply

Marsh Posté le 16-04-2013 à 16:05:51    

Salut,
 
Des messages d'erreur dans /var/log/mail.log ?


---------------
Traveling through hyperspace ain't like dusting crops, boy!
Reply

Marsh Posté le 18-04-2013 à 21:34:26    

Bon alors j'ai tout recommencé en suivant ce tuto
https://www.isalo.org/wiki.debian-f [...] as#Dovecot

 

Tout fonctionne sous squirrelmail (beaucoup plus léger que roundcube au passage), je n'ai juste pas encore réussi à faire fonctionner le smtp en ssl, mais je n'ai pas trop cherché, je veux pour l'instant me concentrer sur l'imap
Toujours le même problème d'acces a distance via thunderbird, que je mette .imap.monserveur ou l'adresse ip du serveur
j'ai efface le fichier mail.log, envoyé quelques emails sur le serveur, redémarré postfix, je ne vois pas de message alarmant dans mail.log

Code :
  1. Apr 18 21:20:58 brizou postfix/pickup[23483]: 2DB93822EC: uid=0 from=<root>
  2. Apr 18 21:20:58 brizou postfix/cleanup[23547]: 2DB93822EC: message-id=<20130418192058.2DB93822EC@reverse.in-addr.arpa>
  3. Apr 18 21:20:58 brizou postfix/qmgr[23484]: 2DB93822EC: from=<root@ipduserveru.in-addr.arpa>, size=379, nrcpt=1 (queue active)
  4. Apr 18 21:20:58 brizou postfix/pipe[23550]: 2DB93822EC: to=<monadresse@mondomaine>, relay=dovecot, delay=0.2, delays=0.09/0/0/0.1, dsn=2.0.0, status=sent (delivered via dovecot service)
  5. Apr 18 21:20:58 brizou postfix/qmgr[23484]: 2DB93822EC: removed
  6. Apr 18 21:21:56 brizou postfix/smtpd[23552]: connect from mail-wi0-f175.google.com[209.85.212.175]
  7. Apr 18 21:21:56 brizou postfix/smtpd[23552]: 58FC2822EA: client=mail-wi0-f175.google.com[209.85.212.175]
  8. Apr 18 21:21:56 brizou postfix/cleanup[23547]: 58FC2822EA: message-id=<517047E5.50801@gmail.com>
  9. Apr 18 21:21:56 brizou postfix/qmgr[23484]: 58FC2822EA: from=<monemail@gmail.com>, size=1848, nrcpt=1 (queue active)
  10. Apr 18 21:21:56 brizou postfix/smtpd[23552]: disconnect from mail-wi0-f175.google.com[209.85.212.175]
  11. Apr 18 21:21:56 brizou postfix/pipe[23550]: 58FC2822EA: to=<adresse@mondomaine>, relay=dovecot, delay=0.18, delays=0.09/0/0/0.09, dsn=2.0.0, status=sent (delivered via dovecot service)
  12. Apr 18 21:21:56 brizou postfix/qmgr[23484]: 58FC2822EA: removed
  13. Apr 18 21:24:49 brizou postfix/smtpd[23825]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
  14. Apr 18 21:24:49 brizou postfix/smtpd[23825]: connect from mail-we0-f169.google.com[74.125.82.169]
  15. Apr 18 21:24:49 brizou postfix/smtpd[23825]: 92B78822EA: client=mail-we0-f169.google.com[74.125.82.169]
  16. Apr 18 21:24:49 brizou postfix/cleanup[23828]: 92B78822EA: message-id=<51704705.9070607@gmail.com>
  17. Apr 18 21:24:49 brizou postfix/qmgr[23484]: 92B78822EA: from=<monemail@gmail.com>, size=1836, nrcpt=1 (queue active)
  18. Apr 18 21:24:49 brizou postfix/smtpd[23825]: disconnect from mail-we0-f169.google.com[74.125.82.169]
  19. Apr 18 21:24:49 brizou postfix/pipe[23831]: 92B78822EA: to=<adresse@mondomaine>, relay=dovecot, delay=0.24, delays=0.13/0.03/0/0.09, dsn=2.0.0, status=sent (delivered via dovecot service)
  20. Apr 18 21:24:49 brizou postfix/qmgr[23484]: 92B78822EA: removed
  21. Apr 18 21:24:50 brizou postfix/pickup[23483]: 45385822EC: uid=1000 from=<clement>
  22. Apr 18 21:24:50 brizou postfix/cleanup[23828]: 45385822EC: message-id=<20130418192450.45385822EC@reversedns.in-addr.arpa>
  23. Apr 18 21:24:50 brizou postfix/qmgr[23484]: 45385822EC: from=<clement@ipduserveur.in-addr.arpa>, size=568, nrcpt=3 (queue active)
  24. Apr 18 21:24:50 brizou postfix/pipe[23831]: 45385822EC: to=<Root@monemail>, relay=dovecot, delay=0.2, delays=0.12/0/0/0.07, dsn=4.3.5, status=deferred (mail system configuration error)
  25. Apr 18 21:24:50 brizou postfix/pipe[23831]: 45385822EC: to=<Shell@mondomainer>, relay=dovecot, delay=0.25, delays=0.12/0/0/0.12, dsn=4.3.5, status=deferred (mail system configuration error)
  26. Apr 18 21:24:50 brizou postfix/pipe[23831]: warning: pipe flag `D' requires dovecot_destination_recipient_limit = 1
  27. Apr 18 21:24:50 brizou postfix/smtp[23857]: 45385822EC: to=<monemail@gmail.com>, relay=gmail-smtp-in.l.google.com[173.194.67.27]:25, delay=0.37, delays=0.12/0.03/0.1/0.12, dsn=2.0.0, status=sent (250 2.0.0 OK 1366313099 ce2si7935726wib.111 - gsmtp)
  28. Apr 18 21:25:00 brizou postfix/pickup[23483]: BD5C8822EE: uid=0 from=<root>
  29. Apr 18 21:25:00 brizou postfix/cleanup[23828]: BD5C8822EE: message-id=<20130418192500.BD5C8822EE@reversednsduserveur.in-addr.arpa>
  30. Apr 18 21:25:00 brizou postfix/qmgr[23484]: BD5C8822EE: from=<root@ipduserveur.in-addr.arpa>, size=425, nrcpt=3 (queue active)
  31. Apr 18 21:25:00 brizou postfix/pipe[23831]: BD5C8822EE: to=<Root@mondomaine>, relay=dovecot, delay=0.17, delays=0.11/0.01/0/0.05, dsn=4.3.5, status=deferred (mail system configuration error)
  32. Apr 18 21:25:00 brizou postfix/pipe[23831]: BD5C8822EE: to=<Shell@mondomaine>, relay=dovecot, delay=0.21, delays=0.11/0.01/0/0.1, dsn=4.3.5, status=deferred (mail system configuration error)
  33. Apr 18 21:25:00 brizou postfix/pipe[23831]: warning: pipe flag `D' requires dovecot_destination_recipient_limit = 1
  34. Apr 18 21:25:00 brizou postfix/smtp[23857]: BD5C8822EE: to=<monemail@gmail.com>, relay=gmail-smtp-in.l.google.com[173.194.67.27]:25, delay=0.27, delays=0.11/0.01/0.04/0.11, dsn=2.0.0, status=sent (250 2.0.0 OK 1366313109 m16si4183617wij.26 - gsmtp)
  35. Apr 18 21:25:02 brizou postfix/smtpd[23825]: connect from localhost.localdomain[127.0.0.1]
  36. Apr 18 21:25:02 brizou postfix/smtpd[23825]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
  37. Apr 18 21:25:02 brizou postfix/smtpd[23825]: disconnect from localhost.localdomain[127.0.0.1]
  38. Apr 18 21:25:16 brizou postfix/master[23477]: terminating on signal 15
  39. Apr 18 21:25:17 brizou postfix/master[24503]: daemon started -- version 2.7.1, configuration /etc/postfix
 


voilá mon nouveau master.conf

Code :
  1. # Postfix master process configuration file.  For details on the format
  2. # of the file, see the master(5) manual page (command: "man 5 master" ).
  3. #
  4. # Do not forget to execute "postfix reload" after editing this file.
  5. #
  6. # ==========================================================================
  7. # service type  private unpriv  chroot  wakeup  maxproc command + args
  8. #               (yes)   (yes)   (yes)   (never) (100)
  9. # ==========================================================================
  10. smtp      inet  n       -       -       -       -       smtpd
  11. #-o smtpd_tls_wrappermode=yes
  12. #  -o smtpd_sasl_auth_enable=yes
  13. #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  14. #  -o milter_macro_daemon_name=ORIGINATING
  15. smtps     inet  n       -       n       -       -       smtpd
  16.   -o smtpd_tls_wrappermode=yes
  17.   -o smtpd_sasl_auth_enable=yes
  18. #submission inet n       -       -       -       -       smtpd
  19. #  -o smtpd_tls_security_level=encrypt
  20. #  -o smtpd_sasl_auth_enable=yes
  21. #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  22. #  -o milter_macro_daemon_name=ORIGINATING
  23. #628       inet  n       -       -       -       -       qmqpd
  24. pickup    fifo  n       -       -       60      1       pickup
  25. cleanup   unix  n       -       -       -       0       cleanup
  26. qmgr      fifo  n       -       n       300     1       qmgr
  27. #qmgr     fifo  n       -       -       300     1       oqmgr
  28. tlsmgr    unix  -       -       -       1000?   1       tlsmgr
  29. rewrite   unix  -       -       -       -       -       trivial-rewrite
  30. bounce    unix  -       -       -       -       0       bounce
  31. defer     unix  -       -       -       -       0       bounce
  32. trace     unix  -       -       -       -       0       bounce
  33. verify    unix  -       -       -       -       1       verify
  34. flush     unix  n       -       -       1000?   0       flush
  35. proxymap  unix  -       -       n       -       -       proxymap
  36. proxywrite unix -       -       n       -       1       proxymap
  37. smtp      unix  -       -       -       -       -       smtp
  38. # When relaying mail as backup MX, disable fallback_relay to avoid MX loops
  39. relay     unix  -       -       -       -       -       smtp
  40. -o smtp_fallback_relay=
  41. #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
  42. showq     unix  n       -       -       -       -       showq
  43. error     unix  -       -       -       -       -       error
  44. retry     unix  -       -       -       -       -       error
  45. discard   unix  -       -       -       -       -       discard
  46. local     unix  -       n       n       -       -       local
  47. virtual   unix  -       n       n       -       -       virtual
  48. lmtp      unix  -       -       -       -       -       lmtp
  49. anvil     unix  -       -       -       -       1       anvil
  50. scache    unix  -       -       -       -       1       scache
  51. #
  52. # ====================================================================
  53. # Interfaces to non-Postfix software. Be sure to examine the manual
  54. # pages of the non-Postfix software to find out what options it wants.
  55. #
  56. # Many of the following services use the Postfix pipe(8) delivery
  57. # agent.  See the pipe(8) man page for information about ${recipient}
  58. # and other message envelope options.
  59. # ====================================================================
  60. #
  61. # maildrop. See the Postfix MAILDROP_README file for details.
  62. # Also specify in main.cf: maildrop_destination_recipient_limit=1
  63. #
  64. maildrop  unix  -       n       n       -       -       pipe
  65.   flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender}
  66. #
  67. # ====================================================================
  68. #
  69. # Recent Cyrus versions can use the existing "lmtp" master.cf entry.
  70. #
  71. # Specify in cyrus.conf:
  72. #   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
  73. #
  74. # Specify in main.cf one or more of the following:
  75. #  mailbox_transport = lmtp:inet:localhost
  76. #  virtual_transport = lmtp:inet:localhost
  77. #
  78. # ====================================================================
  79. #
  80. # Cyrus 2.1.5 (Amos Gouaux)
  81. # Also specify in main.cf: cyrus_destination_recipient_limit=1
  82. #
  83. #cyrus     unix  -       n       n       -       -       pipe
  84. #  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
  85. #
  86. # ====================================================================
  87. # Old example of delivery via Cyrus.
  88. #
  89. #old-cyrus unix  -       n       n       -       -       pipe
  90. #  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
  91. #
  92. # ====================================================================
  93. #
  94. # See the Postfix UUCP_README file for configuration details.
  95. #
  96. uucp      unix  -       n       n       -       -       pipe
  97.   flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
  98. #
  99. # Other external delivery methods.
  100. #
  101. ifmail    unix  -       n       n       -       -       pipe
  102.   flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
  103. bsmtp     unix  -       n       n       -       -       pipe
  104.   flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
  105. scalemail-backend unix - n n - 2 pipe
  106.   flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
  107. mailman   unix  -       n       n       -       -       pipe
  108.   flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  109.   ${nexthop} ${user}
  110. amavis unix - - - - 2 smtp
  111.         -o smtp_data_done_timeout=1200
  112.         -o smtp_send_xforward_command=yes
  113. 127.0.0.1:10025 inet n - - - - smtpd
  114.         -o content_filter=
  115.         -o local_recipient_maps=
  116.         -o relay_recipient_maps=
  117.         -o smtpd_restriction_classes=
  118.        -o smtpd_client_restrictions=
  119.         -o smtpd_helo_restrictions=
  120.         -o smtpd_sender_restrictions=
  121.         -o smtpd_recipient_restrictions=permit_mynetworks,reject
  122.           reject_unauth_pipelining,
  123.           check_policy_service inet:127.0.0.1:10023,
  124.           reject_invalid_hostname
  125.         -o mynetworks=127.0.0.0/8
  126.         -o strict_rfc821_envelopes=yes
  127.         -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
  128.        
  129. dovecot   unix  -       n       n       -       -       pipe
  130.   flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}
  131. # Obtenir une alerte si les emails ne partent pas
  132. #content_filter = amavis:127.0.0.1:10024
  133. #receive_override_options = no_address_mappings


Message édité par clembrizou le 18-04-2013 à 22:08:20

---------------
Feedback [VDS]casque grado sr225
Reply

Sujets relatifs:

Leave a Replay

Make sure you enter the(*)required information where indicate.HTML code is not allowed