Zdravím, mám server s dostupnou veřejnou IP. Nakonfiguroval jsem posfix+postfixadmin+dovecot na posílání a příjem pošty. Bohužel to má chybu, poštu lze odeslat i bez ověření. Odesílání pošty mám zatím nezabezpečené(port 25), příjem je přes IMAP SSL(port 993).
Uživatele mam uložené v databázi společně s hash heslem. Ověřování bych chtěl udělat přes dovecot. Lepší způsob mi nenapadá. Aktuální konfigurace postfixu je:virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_alias_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf,
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf,
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf,
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
virtual_transport = dovecot
virtual_minimum_uid = 999
virtual_uid_maps = static:999permit_mynetworks,
virtual_gid_maps = static:999
smtpd_helo_restrictions =
smtpd_client_restrictions =
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_sender_restrictions = check_recipient_access mysql:/etc/postfix/sql/mysql_virtual_recipient_access_maps.cf
smtpd_recipient_restrictions = check_sender_access mysql:/etc/postfix/sql/mysql_virtual_recipient_access_maps.cf,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
smtpd_soft_error_limit=5
smtpd_hard_error_limit=10
smtpd_helo_required=yes
smtpd_delay_reject=no
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_authenticated_header = yes
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
broken_sasl_auth_clients = yes
default_destination_concurrency_limit = 1
local_destination_concurrency_limit = 1
dovecot_destination_concurrency_limit = 1
dovecot_destination_recipient_limit = 1
disable_vrfy_command=yes
strict_rfc821_envelopes=yes
maximal_queue_lifetime = 6d
delay_warning_time = 8h
biff = no
enable_original_recipient = yes
append_at_myorigin = yes
append_dot_mydomain = no
readme_directory = no
myhostname = localhost
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = domena.cz
mydestination =
relayhost =
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
Nyní by ověřování mělo fungovat přes script "/etc/postfix/sql/mysql_virtual_recipient_access_maps.cf".
Jeho obsah je:user = postfix
password = heslo1234
dbname = postfixadmin
hosts = 127.0.0.1
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'
Ale bohužel poštu to odešle i bez ověření.