API tools faq
paste
Guest User

Untitled

a guest
Apr 25th, 2018
77
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.97 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2.  
  3. read -p "Type your domain: " domain
  4.  
  5. apt-get install postfix postfix-tls libsasl2-2 sasl2-bin libsasl2-modules telnet
  6.  
  7. cp /etc/postfix/sasl/smtpd.conf /etc/postfix/sasl/smtpd.conf.backup
  8.  
  9. echo 'pwcheck_method: saslauthd' >> /etc/postfix/sasl/smtpd.conf
  10. echo 'mech_list: plain login' >> /etc/postfix/sasl/smtpd.conf
  11.  
  12. mkdir /etc/postfix/ssl
  13. cd /etc/postfix/ssl/
  14. openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
  15. chmod 600 smtpd.key
  16. openssl req -new -key smtpd.key -out smtpd.csr
  17. openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
  18. openssl rsa -in smtpd.key -out smtpd.key.unencrypted
  19. mv -f smtpd.key.unencrypted smtpd.key
  20. openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
  21.  
  22. cp /etc/postfix/main.cf /etc/postfix/main.cf.backup
  23.  
  24. echo "# See /usr/share/postfix/main.cf.dist for a commented, more complete version
  25.  
  26. smtpd_banner = \$myhostname ESMTP \$mail_name (Jus Navingadi)
  27. biff = no
  28.  
  29. # appending .domain is the MUA's job.
  30. append_dot_mydomain = no
  31.  
  32. # Uncomment the next line to generate "delayed mail" warnings
  33. #delay_warning_time = 4h
  34.  
  35. myhostname = smtp.$domain
  36. alias_maps = hash:/etc/aliases
  37. alias_database = hash:/etc/aliases
  38. myorigin = $domain
  39. mydestination = smtp.$domain, localhost.$domain, localhost
  40. relayhost =
  41. mynetworks = 127.0.0.0/8
  42. mailbox_command =
  43. mailbox_size_limit = 0
  44. recipient_delimiter = +
  45. inet_interfaces = all
  46. smtpd_sasl_local_domain =
  47. smtpd_sasl_auth_enable = yes
  48. smtpd_sasl_security_options = noanonymous
  49. broken_sasl_auth_clients = yes
  50. smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
  51. smtpd_tls_auth_only = no
  52. smtp_use_tls = yes
  53. smtpd_use_tls = yes
  54. smtp_tls_note_starttls_offer = yes
  55. smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
  56. smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
  57. smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
  58. smtpd_tls_loglevel = 1
  59. smtpd_tls_received_header = yes
  60. smtpd_tls_session_cache_timeout = 3600s
  61. tls_random_source = dev:/dev/urandom" > /etc/postfix/main.cf
  62.  
  63. cp /etc/default/saslauthd /etc/default/saslauthd.backup
  64.  
  65. echo "START=yes
  66.  
  67. # Description of this saslauthd instance. Recommended.
  68. # (suggestion: SASL Authentication Daemon)
  69. DESC=\"SASL Authentication Daemon\"
  70.  
  71. # Short name of this saslauthd instance. Strongly recommended.
  72. # (suggestion: saslauthd)
  73. NAME=\"saslauthd\"
  74.  
  75. # Which authentication mechanisms should saslauthd use? (default: pam)
  76. #
  77. # Available options in this Debian package:
  78. # getpwent -- use the getpwent() library function
  79. # kerberos5 -- use Kerberos 5
  80. # pam -- use PAM
  81. # rimap -- use a remote IMAP server
  82. # shadow -- use the local shadow password file
  83. # sasldb -- use the local sasldb database file
  84. # ldap -- use LDAP (configuration is in /etc/saslauthd.conf)
  85. #
  86. # Only one option may be used at a time. See the saslauthd man page
  87. # for more information.
  88. #
  89. # Example: MECHANISMS=\"pam\"
  90. MECHANISMS=\"pam\"
  91.  
  92. # Additional options for this mechanism. (default: none)
  93. # See the saslauthd man page for information about mech-specific options.
  94. MECH_OPTIONS=""
  95.  
  96. # How many saslauthd processes should we run? (default: 5)
  97. # A value of 0 will fork a new process for each connection.
  98. THREADS=5
  99.  
  100. # Other options (default: -c -m /var/run/saslauthd)
  101. # Note: You MUST specify the -m option or saslauthd won't run!
  102. #
  103. # WARNING: DO NOT SPECIFY THE -d OPTION.
  104. # The -d option will cause saslauthd to run in the foreground instead of as
  105. # a daemon. This will PREVENT YOUR SYSTEM FROM BOOTING PROPERLY. If you wish
  106. # to run saslauthd in debug mode, please run it by hand to be safe.
  107. #
  108. # See /usr/share/doc/sasl2-bin/README.Debian for Debian-specific information.
  109. # See the saslauthd man page and the output of 'saslauthd -h' for general
  110. # information about these options.
  111. #
  112. # Example for postfix users: \"-c -m /var/spool/postfix/var/run/saslauthd\"
  113. OPTIONS=\"-c -m /var/spool/postfix/var/run/saslauthd -r\"
  114. " > /etc/default/saslauthd
  115.  
  116. mkdir -p /var/spool/postfix/var/run/saslauthd
  117.  
  118. adduser postfix sasl
  119.  
  120. /etc/init.d/saslauthd start
  121. /etc/init.d/postfix restart
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!