{"id":2246,"date":"2019-09-26T11:52:44","date_gmt":"2019-09-26T09:52:44","guid":{"rendered":"https:\/\/www.kompikownia.pl\/?p=2246"},"modified":"2019-09-26T11:52:45","modified_gmt":"2019-09-26T09:52:45","slug":"wlasny-serwer-pocztowy-postfix-dovecot-i-ssl","status":"publish","type":"post","link":"https:\/\/www.kompikownia.pl\/index.php\/2019\/09\/26\/wlasny-serwer-pocztowy-postfix-dovecot-i-ssl\/","title":{"rendered":"W\u0142asny serwer pocztowy &#8211; Postfix, Dovecot i SSL"},"content":{"rendered":"<span class=\"rt-reading-time\" style=\"display: block;\"><span class=\"rt-label rt-prefix\">Czas czytania:<\/span> <span class=\"rt-time\">11<\/span> <span class=\"rt-label rt-postfix\">minut<\/span><\/span>\n<p>Ka\u017cda profesjonalna strona internetowa, ka\u017cdy profesjonalny blog powinien posiada\u0107&nbsp;adres e-mailowy, kt\u00f3ry s\u0142u\u017cy np.: do kontaktu z czytelnikami, czy do wysy\u0142ania newslettera. Adres taki powinien znajdowa\u0107&nbsp;si\u0119 w domenie takiej samej jak strona internetowa, kt\u00f3rej on dotyczy. Zauwa\u017c, \u017ce niemal ka\u017cda firma<strong> <\/strong>nie korzysta z adres\u00f3w pokroju <strong>@gmail.com <\/strong>czy <strong>@hotmail.com<\/strong>. Zamiast tego posiadaj\u0105 adresy w formacie xxx@firma.pl Moja strona do tej pory korzysta\u0142a z aliasu w domenie <strong>@outlook.com <\/strong>(kojarzycie pewnie, \u017ce to jest poczta od firmy Microsoft). Postanowi\u0142em to zmieni\u0107. Skoro mam domen\u0119 <strong>kompikownia.pl, <\/strong>to adres emailowy r\u00f3wnie\u017c powinien znajdowa\u0107 si\u0119 w tej domenie!<\/p>\n\n\n\n<p> Aby dokona\u0107 takiego czynu, wymagane do spe\u0142nienia s\u0105 tylko dwa warunki, z czego jeden jest kluczowy:<\/p>\n\n\n\n<ul><li><strong>posiadanie domeny (kluczowy)<\/strong><\/li><li><strong>serwer VPS<\/strong><\/li><\/ul>\n\n\n\n<p>Je\u015bli mo\u017cesz sobie pozwoli\u0107 na comiesi\u0119czne op\u0142acanie abonamentu, mo\u017cesz skorzysta\u0107 np.: z us\u0142ugi <strong>Gmail dla Firm, <\/strong>kt\u00f3ra pozwala bezproblemowo pod\u0142\u0105czy\u0107 w\u0142asn\u0105 domen\u0119 do gmailowej skrzynki. Wtedy nie musisz posiada\u0107&nbsp;w og\u00f3le w\u0142asnego serwera &#8211; wszystko za\u0142atwi Gmail. Ja nie mam (jeszcze) firmy, ani tym bardziej funduszy na op\u0142acanie abonamentu. Postawi\u0119&nbsp;wi\u0119c serwer poczty na swoim serwerze VPS. Poka\u017c\u0119 wam krok po kroku, jak takie cudo skonfigurowa\u0107 na systemie operacyjnym Debian Stretch.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Jakie oprogramowanie b\u0119dzie nam potrzebne?<\/h2>\n\n\n\n<p>Naszym g\u0142\u00f3wnym celem w tym artykule b\u0119dzie skonfigurowanie trzech aplikacji: <\/p>\n\n\n\n<ul><li><strong>Postfix &#8211; <\/strong>serwer poczty elektronicznej,. Zaimplementujemy za jego pomoc\u0105 protok\u00f3\u0142 <strong>SMTP, <\/strong>kt\u00f3ry b\u0119dzie s\u0142u\u017cy\u0142 do wysy\u0142ania poczty.<\/li><li><strong>Dovecot &#8211; <\/strong>serwer <strong>IMAP<\/strong>. Dzi\u0119ki niemu my (a tak\u017ce ewentualnie u\u017cytkownicy, kt\u00f3rym stworzymy skrzynki) b\u0119d\u0105 mogli przegl\u0105da\u0107 przes\u0142an\u0105 do nich korespondencj\u0119. <\/li><li><strong>MySQL &#8211; <\/strong>baza danych, w kt\u00f3rej b\u0119dziemy przechowywali informacje o za\u0142o\u017conych kontach emailowych. <\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Instalacja niezb\u0119dnych pakiet\u00f3w<\/h2>\n\n\n\n<p>Zanim zaczniemy jak\u0105kolwiek konfiguracj\u0119, najpierw musimy zainstalowa\u0107 wszystkie niezb\u0119dne pakiety. Nie przera\u017a si\u0119 &#8211; jest ich kilka.<\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\"><span class=\"kw2\">sudo<\/span> <span class=\"kw2\">apt-get install<\/span> postfix postfix-mysql dovecot-core dovecot-imapd dovecot-lmtpd dovecot-mysql mysql-server<\/div><\/div>\n\n\n\n\n<p>Podczas instalacji pojawi si\u0119 okienko, w kt\u00f3rym musimy wybra\u0107 rodzaj wst\u0119pnej konfiguracji.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"1183\" height=\"441\" src=\"https:\/\/www.kompikownia.pl\/wp-content\/uploads\/2019\/09\/image-7.png\" alt=\"\" class=\"wp-image-2250\"\/><\/figure>\n\n\n\n<p>Chcemy wyprowadzi\u0107&nbsp;nasz serwer poczty na \u015bwiat. Powinni\u015bmy wi\u0119c wybra\u0107 opcj\u0119 <strong>Internet site. <\/strong><\/p>\n\n\n\n<p>Nast\u0119pnym krokiem b\u0119dzie wprowadzenie nazwy domeny, pod kt\u00f3r\u0105&nbsp;b\u0119dzie widoczny nasz serwer.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"1183\" height=\"441\" src=\"https:\/\/www.kompikownia.pl\/wp-content\/uploads\/2019\/09\/image-11.png\" alt=\"\" class=\"wp-image-2254\"\/><\/figure>\n\n\n\n<p>W naszym wypadku b\u0119dzie to oczywi\u015bcie <a href=\"https:\/\/www.kompikownia.pl\">kompikownia.pl<\/a>.<\/p>\n\n\n\n<p>Na tym ko\u0144czy si\u0119 proces instalacji pakiet\u00f3w. Rozpoczyna za to proces konfiguracji.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">MySQL &#8211; podstawowa konfiguracja dla Postfix i Dovecot<\/h2>\n\n\n\n<p>W bazie danych MySQL przechowywani b\u0119d\u0105 tzw. <em>virtual users.<\/em> Czyli po prostu u\u017cytkownicy naszej poczty wraz z przypisanymi do nich emailami i has\u0142ami. <\/p>\n\n\n\n<p>Pierwszym krokiem b\u0119dzie utworzenie konta u\u017cytkownika, za pomoc\u0105 kt\u00f3rego serwer email b\u0119dzie \u0142\u0105czy\u0142 si\u0119 z baz\u0105 danych. Najpierw logujemy si\u0119 do bazy danych.<\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:435px;\"><div class=\"bash codecolorer\"><span class=\"kw2\">sudo<\/span> mysql <span class=\"re5\">-u<\/span> root <span class=\"re5\">-p<\/span><\/div><\/div>\n\n\n\n\n<p>Nast\u0119pnie tworzymy now\u0105 baz\u0119, w kt\u00f3rej b\u0119dziemy przechowywali informacje. <\/p>\n\n\n\n\n<div class=\"codecolorer-container sql default\" style=\"overflow:auto;white-space:nowrap;width:435px;\"><div class=\"sql codecolorer\"><span class=\"kw1\">CREATE<\/span> <span class=\"kw1\">DATABASE<\/span> mailserver<\/div><\/div>\n\n\n\n\n<p>Tworzymy konto u\u017cytkownika, za pomoc\u0105 kt\u00f3rego serwer pocztowy b\u0119dzie \u0142\u0105czy\u0142 si\u0119 z baz\u0105 danych. (Zamiast mailuserpass wstawiasz swoje has\u0142o)<\/p>\n\n\n\n\n<div class=\"codecolorer-container sql default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"sql codecolorer\"><span class=\"kw1\">GRANT<\/span> <span class=\"kw1\">SELECT<\/span> <span class=\"kw1\">ON<\/span> mailserver<span class=\"sy0\">.*<\/span> <span class=\"kw1\">TO<\/span> <span class=\"st0\">'mailuser'<\/span>@<span class=\"st0\">'127.0.0.1'<\/span> <span class=\"kw1\">IDENTIFIED<\/span> <span class=\"kw1\">BY<\/span> <span class=\"st0\">'mailuserpass'<\/span>;<\/div><\/div>\n\n\n\n\n<p>Nast\u0119pnie powinni\u015bmy &#8222;od\u015bwie\u017cy\u0107 przywileje&#8221;. Dzi\u0119ki temu MySQL za\u0142aduje sobie nowych u\u017cytkownik\u00f3w do pami\u0119ci nie wymagaj\u0105c restartu ca\u0142ego serwera. <\/p>\n\n\n\n\n<div class=\"codecolorer-container sql default\" style=\"overflow:auto;white-space:nowrap;width:435px;\"><div class=\"sql codecolorer\"><span class=\"kw1\">FLUSH<\/span> PRIVILEGES;<\/div><\/div>\n\n\n\n\n<h3 class=\"wp-block-heading\">MySQL &#8211; tworzenie niezb\u0119dnych tabelek dla Postfix i Dovecot<\/h3>\n\n\n\n<p>Prze\u0142\u0105czamy si\u0119 do stworzonej na samym pocz\u0105tku bazy.<\/p>\n\n\n\n\n<div class=\"codecolorer-container sql default\" style=\"overflow:auto;white-space:nowrap;width:435px;\"><div class=\"sql codecolorer\"><span class=\"kw1\">USE<\/span> mailserver;<\/div><\/div>\n\n\n\n\n<p>Kolejnym krokiem kt\u00f3ry wykonamy jest utworzenie odpowiednich tabelek. Pierwsza z nich b\u0119dzie przechowywa\u0142a domeny, w ramach kt\u00f3rych u\u017cytkownicy b\u0119d\u0105 posiadali adresy email. <\/p>\n\n\n\n\n<div class=\"codecolorer-container sql default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"sql codecolorer\"><span class=\"kw1\">CREATE<\/span> <span class=\"kw1\">TABLE<\/span> <span class=\"st0\">`virtual_domains`<\/span> <span class=\"br0\">&#40;<\/span><br \/>\n&nbsp; <span class=\"st0\">`id`<\/span> <span class=\"kw1\">INT<\/span><span class=\"br0\">&#40;<\/span><span class=\"nu0\">11<\/span><span class=\"br0\">&#41;<\/span> <span class=\"kw1\">NOT<\/span> <span class=\"kw1\">NULL<\/span> <span class=\"kw1\">AUTO_INCREMENT<\/span><span class=\"sy0\">,<\/span><br \/>\n&nbsp; <span class=\"st0\">`name`<\/span> <span class=\"kw1\">VARCHAR<\/span><span class=\"br0\">&#40;<\/span><span class=\"nu0\">50<\/span><span class=\"br0\">&#41;<\/span> <span class=\"kw1\">NOT<\/span> <span class=\"kw1\">NULL<\/span><span class=\"sy0\">,<\/span><br \/>\n&nbsp; <span class=\"kw1\">PRIMARY<\/span> <span class=\"kw1\">KEY<\/span> <span class=\"br0\">&#40;<\/span><span class=\"st0\">`id`<\/span><span class=\"br0\">&#41;<\/span><br \/>\n<span class=\"br0\">&#41;<\/span> ENGINE<span class=\"sy0\">=<\/span>InnoDB <span class=\"kw1\">DEFAULT<\/span> CHARSET<span class=\"sy0\">=<\/span>utf8;<\/div><\/div>\n\n\n\n\n<p>Kolejna tabela b\u0119dzie przechowywa\u0142a wszystkie adresy email i has\u0142a zarejestrowane w naszym serwerze poczty.<\/p>\n\n\n\n\n<div class=\"codecolorer-container sql default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"sql codecolorer\"><span class=\"kw1\">CREATE<\/span> <span class=\"kw1\">TABLE<\/span> <span class=\"st0\">`virtual_users`<\/span> <span class=\"br0\">&#40;<\/span><br \/>\n&nbsp; <span class=\"st0\">`id`<\/span> <span class=\"kw1\">INT<\/span><span class=\"br0\">&#40;<\/span><span class=\"nu0\">11<\/span><span class=\"br0\">&#41;<\/span> <span class=\"kw1\">NOT<\/span> <span class=\"kw1\">NULL<\/span> <span class=\"kw1\">AUTO_INCREMENT<\/span><span class=\"sy0\">,<\/span><br \/>\n&nbsp; <span class=\"st0\">`domain_id`<\/span> <span class=\"kw1\">INT<\/span><span class=\"br0\">&#40;<\/span><span class=\"nu0\">11<\/span><span class=\"br0\">&#41;<\/span> <span class=\"kw1\">NOT<\/span> <span class=\"kw1\">NULL<\/span><span class=\"sy0\">,<\/span><br \/>\n&nbsp; <span class=\"st0\">`password`<\/span> <span class=\"kw1\">VARCHAR<\/span><span class=\"br0\">&#40;<\/span><span class=\"nu0\">106<\/span><span class=\"br0\">&#41;<\/span> <span class=\"kw1\">NOT<\/span> <span class=\"kw1\">NULL<\/span><span class=\"sy0\">,<\/span><br \/>\n&nbsp; <span class=\"st0\">`email`<\/span> <span class=\"kw1\">VARCHAR<\/span><span class=\"br0\">&#40;<\/span><span class=\"nu0\">100<\/span><span class=\"br0\">&#41;<\/span> <span class=\"kw1\">NOT<\/span> <span class=\"kw1\">NULL<\/span><span class=\"sy0\">,<\/span><br \/>\n&nbsp; <span class=\"kw1\">PRIMARY<\/span> <span class=\"kw1\">KEY<\/span> <span class=\"br0\">&#40;<\/span><span class=\"st0\">`id`<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">,<\/span><br \/>\n&nbsp; <span class=\"kw1\">UNIQUE<\/span> <span class=\"kw1\">KEY<\/span> <span class=\"st0\">`email`<\/span> <span class=\"br0\">&#40;<\/span><span class=\"st0\">`email`<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">,<\/span><br \/>\n&nbsp; <span class=\"kw1\">FOREIGN<\/span> <span class=\"kw1\">KEY<\/span> <span class=\"br0\">&#40;<\/span>domain_id<span class=\"br0\">&#41;<\/span> <span class=\"kw1\">REFERENCES<\/span> virtual_domains<span class=\"br0\">&#40;<\/span>id<span class=\"br0\">&#41;<\/span> <span class=\"kw1\">ON<\/span> <span class=\"kw1\">DELETE<\/span> CASCADE<br \/>\n<span class=\"br0\">&#41;<\/span> ENGINE<span class=\"sy0\">=<\/span>InnoDB <span class=\"kw1\">DEFAULT<\/span> CHARSET<span class=\"sy0\">=<\/span>utf8;<\/div><\/div>\n\n\n\n\n<p>Ostatnia tabela, kt\u00f3r\u0105 stworzymy b\u0119dzie przechowywa\u0142a aliasy (wiadomo\u015bci wys\u0142ane na alias zostan\u0105 przekierowane do skrzynki przypisanej do tego aliasu).<\/p>\n\n\n\n\n<div class=\"codecolorer-container sql default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"sql codecolorer\"><span class=\"kw1\">CREATE<\/span> <span class=\"kw1\">TABLE<\/span> <span class=\"st0\">`virtual_aliases`<\/span> <span class=\"br0\">&#40;<\/span><br \/>\n&nbsp; <span class=\"st0\">`id`<\/span> <span class=\"kw1\">INT<\/span><span class=\"br0\">&#40;<\/span><span class=\"nu0\">11<\/span><span class=\"br0\">&#41;<\/span> <span class=\"kw1\">NOT<\/span> <span class=\"kw1\">NULL<\/span> <span class=\"kw1\">AUTO_INCREMENT<\/span><span class=\"sy0\">,<\/span><br \/>\n&nbsp; <span class=\"st0\">`domain_id`<\/span> <span class=\"kw1\">INT<\/span><span class=\"br0\">&#40;<\/span><span class=\"nu0\">11<\/span><span class=\"br0\">&#41;<\/span> <span class=\"kw1\">NOT<\/span> <span class=\"kw1\">NULL<\/span><span class=\"sy0\">,<\/span><br \/>\n&nbsp; <span class=\"st0\">`source`<\/span> <span class=\"kw1\">VARCHAR<\/span><span class=\"br0\">&#40;<\/span><span class=\"nu0\">100<\/span><span class=\"br0\">&#41;<\/span> <span class=\"kw1\">NOT<\/span> <span class=\"kw1\">NULL<\/span><span class=\"sy0\">,<\/span><br \/>\n&nbsp; <span class=\"st0\">`destination`<\/span> <span class=\"kw1\">VARCHAR<\/span><span class=\"br0\">&#40;<\/span><span class=\"nu0\">100<\/span><span class=\"br0\">&#41;<\/span> <span class=\"kw1\">NOT<\/span> <span class=\"kw1\">NULL<\/span><span class=\"sy0\">,<\/span><br \/>\n&nbsp; <span class=\"kw1\">PRIMARY<\/span> <span class=\"kw1\">KEY<\/span> <span class=\"br0\">&#40;<\/span><span class=\"st0\">`id`<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">,<\/span><br \/>\n&nbsp; <span class=\"kw1\">FOREIGN<\/span> <span class=\"kw1\">KEY<\/span> <span class=\"br0\">&#40;<\/span>domain_id<span class=\"br0\">&#41;<\/span> <span class=\"kw1\">REFERENCES<\/span> virtual_domains<span class=\"br0\">&#40;<\/span>id<span class=\"br0\">&#41;<\/span> <span class=\"kw1\">ON<\/span> <span class=\"kw1\">DELETE<\/span> CASCADE<br \/>\n<span class=\"br0\">&#41;<\/span> ENGINE<span class=\"sy0\">=<\/span>InnoDB <span class=\"kw1\">DEFAULT<\/span> CHARSET<span class=\"sy0\">=<\/span>utf8;<\/div><\/div>\n\n\n\n\n<h3 class=\"wp-block-heading\">MySQL &#8211; stworzenie przyk\u0142adowych kont testowych<\/h3>\n\n\n\n<p>B\u0119dziemy chcieli w przysz\u0142o\u015bci jako\u015b przetestowa\u0107 nasz serwer poczty, prawda? Skoro tak, to stw\u00f3rzmy jakie\u015b konta testowe. <\/p>\n\n\n\n<p>W tabelce <em>virtual_domains, <\/em>b\u0119dziemy mieli tylko jedn\u0105 domen\u0119: <em>kompikownia.pl<\/em><\/p>\n\n\n\n\n<div class=\"codecolorer-container sql default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"sql codecolorer\"><span class=\"kw1\">INSERT<\/span> <span class=\"kw1\">INTO<\/span> <span class=\"st0\">`virtual_domains`<\/span> <span class=\"br0\">&#40;<\/span><span class=\"st0\">`id`<\/span><span class=\"sy0\">,<\/span> <span class=\"st0\">`name`<\/span><span class=\"br0\">&#41;<\/span> <span class=\"kw1\">VALUES<\/span> <span class=\"br0\">&#40;<\/span><span class=\"st0\">'1'<\/span><span class=\"sy0\">,<\/span><span class=\"st0\">'kompikownia.pl'<\/span><span class=\"br0\">&#41;<\/span>;<\/div><\/div>\n\n\n\n\n<p>Teraz zajmijmy si\u0119&nbsp;kolejn\u0105 tabelk\u0105: <em>virtual_users. <\/em>Utw\u00f3rzmy sobie dwa przyk\u0142adowe konta u\u017cytkownik\u00f3w.<\/p>\n\n\n\n\n<div class=\"codecolorer-container sql default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"sql codecolorer\"><span class=\"kw1\">INSERT<\/span> <span class=\"kw1\">INTO<\/span> <span class=\"st0\">`virtual_users`<\/span><br \/>\n&nbsp; <span class=\"br0\">&#40;<\/span><span class=\"st0\">`id`<\/span><span class=\"sy0\">,<\/span> <span class=\"st0\">`domain_id`<\/span><span class=\"sy0\">,<\/span> <span class=\"st0\">`password`<\/span> <span class=\"sy0\">,<\/span> <span class=\"st0\">`email`<\/span><span class=\"br0\">&#41;<\/span><br \/>\n<span class=\"kw1\">VALUES<\/span><br \/>\n&nbsp; <span class=\"br0\">&#40;<\/span><span class=\"st0\">'1'<\/span><span class=\"sy0\">,<\/span> <span class=\"st0\">'1'<\/span><span class=\"sy0\">,<\/span> ENCRYPT<span class=\"br0\">&#40;<\/span><span class=\"st0\">'password'<\/span><span class=\"sy0\">,<\/span> CONCAT<span class=\"br0\">&#40;<\/span><span class=\"st0\">'$6$'<\/span><span class=\"sy0\">,<\/span> <span class=\"kw1\">SUBSTRING<\/span><span class=\"br0\">&#40;<\/span>SHA<span class=\"br0\">&#40;<\/span>RAND<span class=\"br0\">&#40;<\/span><span class=\"br0\">&#41;<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">,<\/span> <span class=\"sy0\">-<\/span><span class=\"nu0\">16<\/span><span class=\"br0\">&#41;<\/span><span class=\"br0\">&#41;<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">,<\/span> <span class=\"st0\">'email1@kompikownia.pl'<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">,<\/span><br \/>\n&nbsp; <span class=\"br0\">&#40;<\/span><span class=\"st0\">'2'<\/span><span class=\"sy0\">,<\/span> <span class=\"st0\">'1'<\/span><span class=\"sy0\">,<\/span> ENCRYPT<span class=\"br0\">&#40;<\/span><span class=\"st0\">'password'<\/span><span class=\"sy0\">,<\/span> CONCAT<span class=\"br0\">&#40;<\/span><span class=\"st0\">'$6$'<\/span><span class=\"sy0\">,<\/span> <span class=\"kw1\">SUBSTRING<\/span><span class=\"br0\">&#40;<\/span>SHA<span class=\"br0\">&#40;<\/span>RAND<span class=\"br0\">&#40;<\/span><span class=\"br0\">&#41;<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">,<\/span> <span class=\"sy0\">-<\/span><span class=\"nu0\">16<\/span><span class=\"br0\">&#41;<\/span><span class=\"br0\">&#41;<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">,<\/span> <span class=\"st0\">'email2@kompikownia.pl'<\/span><span class=\"br0\">&#41;<\/span>;<\/div><\/div>\n\n\n\n\n<p><strong>Co ciekawego widzisz w powy\u017cszym przyk\u0142adzie? <\/strong>Has\u0142a w naszej bazie b\u0119d\u0105 kodowane z u\u017cyciem algorytmu SHA512. Zabezpiecza to naszych u\u017cytkownik\u00f3w w wypadku, gdyby baza wyciek\u0142a. Zast\u0105p oczywi\u015bcie ci\u0105gi <em>password<\/em> jakimi\u015b w\u0142asnymi has\u0142ami \ud83d\ude42  <\/p>\n\n\n\n<p>Utworzymy sobie te\u017c alias w tabelce <em>virtual_aliases<\/em>, dzi\u0119ki czemu przetestujemy dzia\u0142anie tego mechanizmu.<\/p>\n\n\n\n\n<div class=\"codecolorer-container sql default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"sql codecolorer\"><span class=\"kw1\">INSERT<\/span> <span class=\"kw1\">INTO<\/span> <span class=\"st0\">`virtual_aliases`<\/span> <span class=\"br0\">&#40;<\/span><span class=\"st0\">`id`<\/span><span class=\"sy0\">,<\/span> <span class=\"st0\">`domain_id`<\/span><span class=\"sy0\">,<\/span> <span class=\"st0\">`source`<\/span><span class=\"sy0\">,<\/span> <span class=\"st0\">`destination`<\/span><span class=\"br0\">&#41;<\/span> <br \/>\n<span class=\"kw1\">VALUES<\/span> <span class=\"br0\">&#40;<\/span><span class=\"st0\">'1'<\/span><span class=\"sy0\">,<\/span> <span class=\"st0\">'1'<\/span><span class=\"sy0\">,<\/span> <span class=\"st0\">'alias@kompikownia.pl'<\/span><span class=\"sy0\">,<\/span> <span class=\"st0\">'email1Wkompikownia.pl'<\/span><span class=\"br0\">&#41;<\/span>;<\/div><\/div>\n\n\n\n\n<h2 class=\"wp-block-heading\">Konfiguracja Postfix<\/h2>\n\n\n\n<p>Skoro stworzyli\u015bmy ju\u017c tabelki, z kt\u00f3rych b\u0119dzie korzysta\u0142 nasz serwer pocztowy Postfix, pora zabra\u0107 si\u0119 za konfiguracj\u0119 samego serwera poczty. <\/p>\n\n\n\n<p>G\u0142\u00f3wnym plikiem konfiguracyjnym jest plik<em> main.cf<\/em>. Dobrze wykona\u0107 jego kopi\u0119 zapasow\u0105 zanim zaczniemy cokolwiek robi\u0107. <\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\"><span class=\"kw2\">sudo<\/span> <span class=\"kw2\">cp<\/span> <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>postfix<span class=\"sy0\">\/<\/span>main.cf <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>postfix<span class=\"sy0\">\/<\/span>main.cf.orig<\/div><\/div>\n\n\n\n\n<h3 class=\"wp-block-heading\">Postfix &#8211; main.cf<\/h3>\n\n\n\n<p>Teraz poka\u017c\u0119 ci przyk\u0142adow\u0105 konfiguracj\u0119:<\/p>\n\n\n\n\n<div class=\"codecolorer-container text default\" style=\"overflow:auto;white-space:nowrap;width:90%;height:300px;\"><table cellspacing=\"0\" cellpadding=\"0\"><tbody><tr><td class=\"line-numbers\"><div>1<br \/>2<br \/>3<br \/>4<br \/>5<br \/>6<br \/>7<br \/>8<br \/>9<br \/>10<br \/>11<br \/>12<br \/>13<br \/>14<br \/>15<br \/>16<br \/>17<br \/>18<br \/>19<br \/>20<br \/>21<br \/>22<br \/>23<br \/>24<br \/>25<br \/>26<br \/>27<br \/>28<br \/>29<br \/>30<br \/>31<br \/>32<br \/>33<br \/>34<br \/>35<br \/>36<br \/>37<br \/>38<br \/>39<br \/>40<br \/>41<br \/>42<br \/>43<br \/>44<br \/>45<br \/>46<br \/>47<br \/>48<br \/>49<br \/>50<br \/>51<br \/>52<br \/>53<br \/>54<br \/>55<br \/>56<br \/>57<br \/>58<br \/>59<br \/>60<br \/>61<br \/>62<br \/>63<br \/>64<br \/>65<br \/>66<br \/>67<br \/>68<br \/>69<br \/>70<br \/>71<br \/>72<br \/>73<br \/>74<br \/>75<br \/>76<br \/>77<br \/>78<br \/>79<br \/>80<br \/>81<br \/>82<br \/>83<br \/>84<br \/>85<br \/>86<br \/>87<br \/>88<br \/>89<br \/>90<br \/>91<br \/>92<br \/>93<br \/>94<br \/>95<br \/>96<br \/>97<br \/>98<br \/>99<br \/>100<br \/>101<br \/>102<br \/>103<br \/>104<br \/>105<br \/>106<br \/>107<br \/>108<br \/><\/div><\/td><td><div class=\"text codecolorer\"># See \/usr\/share\/postfix\/main.cf.dist for a commented, more complete version<br \/>\n<br \/>\n# Debian specific: &nbsp;Specifying a file name will cause the first<br \/>\n# line of that file to be used as the name. &nbsp;The Debian default<br \/>\n# is \/etc\/mailname.<br \/>\n#myorigin = \/etc\/mailname<br \/>\n<br \/>\nsmtpd_banner = $myhostname ESMTP $mail_name (Debian)<br \/>\nbiff = no<br \/>\n<br \/>\n# appending .domain is the MUA's job.<br \/>\nappend_dot_mydomain = no<br \/>\n<br \/>\n# Uncomment the next line to generate &quot;delayed mail&quot; warnings<br \/>\n#delay_warning_time = 4h<br \/>\n<br \/>\nreadme_directory = no<br \/>\n<br \/>\n# TLS parameters<br \/>\nsmtpd_tls_cert_file=\/etc\/letsencrypt\/live\/kompikownia.pl\/fullchain.pem<br \/>\nsmtpd_tls_key_file=\/etc\/letsencrypt\/live\/kompikownia.pl\/privkey.pem<br \/>\nsmtpd_use_tls=yes<br \/>\nsmtpd_tls_auth_only = yes<br \/>\nsmtpd_tls_security_level = ecnrypt<br \/>\nsmtpd_sasl_security_options = noanonymous, noplaintext<br \/>\nsmtpd_sasl_tls_security_options = noanonymous<br \/>\n<br \/>\n# Authentication<br \/>\nsmtpd_sasl_type = dovecot<br \/>\nsmtpd_sasl_path = private\/auth<br \/>\nsmtpd_sasl_auth_enable = yes<br \/>\n<br \/>\n# See \/usr\/share\/doc\/postfix\/TLS_README.gz in the postfix-doc package for<br \/>\n# information on enabling SSL in the smtp client.<br \/>\n<br \/>\n# Restrictions<br \/>\nsmtpd_helo_restrictions =<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; permit_mynetworks,<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; permit_sasl_authenticated,<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; reject_invalid_helo_hostname,<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; reject_non_fqdn_helo_hostname<br \/>\nsmtpd_recipient_restrictions =<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; permit_mynetworks,<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; permit_sasl_authenticated,<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; reject_non_fqdn_recipient,<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; reject_unknown_recipient_domain,<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; reject_unlisted_recipient,<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; reject_unauth_destination<br \/>\nsmtpd_sender_restrictions =<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; permit_mynetworks,<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; permit_sasl_authenticated,<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; reject_non_fqdn_sender,<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; reject_unknown_sender_domain<br \/>\nsmtpd_relay_restrictions =<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; permit_mynetworks,<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; permit_sasl_authenticated,<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; defer_unauth_destination<br \/>\n<br \/>\n# See \/usr\/share\/doc\/postfix\/TLS_README.gz in the postfix-doc package for<br \/>\n# information on enabling SSL in the smtp client.<br \/>\n<br \/>\nmyhostname = Blog-Server<br \/>\nalias_maps = hash:\/etc\/aliases<br \/>\nalias_database = hash:\/etc\/aliases<br \/>\nmydomain = kompikownia.pl<br \/>\nmyorigin = $mydomain<br \/>\nmydestination = localhost<br \/>\nrelayhost =<br \/>\nmynetworks = 127.0.0.0\/8 [::ffff:127.0.0.0]\/104 [::1]\/128<br \/>\nmailbox_size_limit = 0<br \/>\nrecipient_delimiter = +<br \/>\ninet_interfaces = all<br \/>\ninet_protocols = all<br \/>\n<br \/>\n# Handing off local delivery to Dovecot's LMTP, and telling it where to store mail<br \/>\nvirtual_transport = lmtp:unix:private\/dovecot-lmtp<br \/>\n<br \/>\n# Virtual domains, users, and aliases<br \/>\nvirtual_mailbox_domains = mysql:\/etc\/postfix\/mysql-virtual-mailbox-domains.cf<br \/>\nvirtual_mailbox_maps = mysql:\/etc\/postfix\/mysql-virtual-mailbox-maps.cf<br \/>\nvirtual_alias_maps = mysql:\/etc\/postfix\/mysql-virtual-alias-maps.cf,<br \/>\n&nbsp; &nbsp; &nbsp; &nbsp; mysql:\/etc\/postfix\/mysql-virtual-email2email.cf<br \/>\n<br \/>\n# Even more Restrictions and MTA params<br \/>\ndisable_vrfy_command = yes<br \/>\nstrict_rfc821_envelopes = yes<br \/>\n#smtpd_etrn_restrictions = reject<br \/>\n#smtpd_reject_unlisted_sender = yes<br \/>\n#smtpd_reject_unlisted_recipient = yes<br \/>\nsmtpd_delay_reject = yes<br \/>\nsmtpd_helo_required = yes<br \/>\nsmtp_always_send_ehlo = yes<br \/>\n#smtpd_hard_error_limit = 1<br \/>\nsmtpd_timeout = 30s<br \/>\nsmtp_helo_timeout = 15s<br \/>\nsmtp_rcpt_timeout = 15s<br \/>\nsmtpd_recipient_limit = 40<br \/>\nminimal_backoff_time = 180s<br \/>\nmaximal_backoff_time = 3h<br \/>\n<br \/>\n# Reply Rejection Codes<br \/>\ninvalid_hostname_reject_code = 550<br \/>\nnon_fqdn_reject_code = 550<br \/>\nunknown_address_reject_code = 550<br \/>\nunknown_client_reject_code = 550<br \/>\nunknown_hostname_reject_code = 550<br \/>\nunverified_recipient_reject_code = 550<br \/>\nunverified_sender_reject_code = 550<\/div><\/td><\/tr><\/tbody><\/table><\/div>\n\n\n\n\n<p>Nie b\u0119d\u0119 jej omawia\u0142 bardzo szczeg\u00f3\u0142owo, gdy\u017c opis wszystkich opcji mo\u017cesz znale\u017a\u0107 w <a href=\"http:\/\/www.postfix.org\/postconf.5.html\">dokumentacji serwera Postfix<\/a>. Zauwa\u017cmy, \u017ce opcje oznaczone pocz\u0105tkiem <em>smtpd, <\/em>dotycz\u0105 konfiguracji serwera SMTP <em>odbieraj\u0105cego poczt\u0119<\/em> od innych serwer\u00f3w (sytuacja: kto\u015b wysy\u0142a email na adres w naszej domenie). Natomiast opcje z prefiksem <em>smtp <\/em>dotycz\u0105 wysy\u0142ania emaili (sytuacja: kto\u015b z adresu @kompikownia.pl wysy\u0142a email w \u015bwiat, np.: na @outlook.com) Zwr\u00f3\u0107my uwag\u0119 na kilka najwa\u017cniejszych opcji.<\/p>\n\n\n\n<ul><li><strong>smtpd_tls_cert_file (20 linijka) &#8211;<\/strong> \u015bcie\u017cka do certyfikatu, kt\u00f3ry b\u0119dzie u\u017cywany do szyfrowania komunikacji klienta z serwerem poczty<\/li><li><strong>smtpd_tls_key_file (21 linijka) &#8211; <\/strong>\u015bcie\u017cka do klucza prywatnego, kt\u00f3ry b\u0119dzie u\u017cywany do szyfrowania komunikacji.<\/li><li><strong>smtpd_tls_security_level (24 linijka) &#8211; <\/strong>parametr <em>encrypt <\/em>wymusza po\u0142\u0105czenie szyfrowane. Dzi\u0119ki temu nie b\u0119dzie ryzyka, \u017ce komunikacja pomi\u0119dzy serwerem poczty a klientem zostanie pods\u0142uchana. <\/li><li><strong>myhostname (63 linijka) &#8211; <\/strong>nazwa serwera poczty <\/li><li><strong>mydomain (66 linijka) &#8211; <\/strong>nazwa domeny, w kt\u00f3rej pracuje serwer poczty<\/li><li><strong>virtual_mailbox_domains<\/strong> <strong>(80 linijka) &#8211;<\/strong> rodzaj bazy oraz \u015bcie\u017cka do pliku zawieraj\u0105cego konfiguracj\u0119 wirtualnych domen<\/li><li><strong>virtual_mailbox_maps (81 linijka) &#8211; <\/strong>rodzaj bazy oraz \u015bcie\u017cka do pliku zawieraj\u0105cego konfiguracj\u0119 mapowania wirtualnych skrzynek<\/li><li><strong>virtual_alias_maps (82 linijka) &#8211; <\/strong>rodzaj bazy oraz \u015bcie\u017cka do pliku zawieraj\u0105cego mapowanie wirtualnych alias\u00f3w. <\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Postfix &#8211; pliki mapowania <\/h3>\n\n\n\n<p>Zmodyfikowali\u015bmy ju\u017c w odpowiedni spos\u00f3b plik <em>main.cf<\/em>. Teraz pora na stworzenie dodatkowych plik\u00f3w konfiguracyjnych m\u00f3wi\u0105cych serwerowi Postfix o tym, jak ma si\u0119 \u0142\u0105czy\u0107&nbsp;z baz\u0105 danych. \u015acie\u017ck\u0119 do nich wskazywali\u015bmy w pliku <em>main.cf.<\/em><\/p>\n\n\n\n<h4 class=\"wp-block-heading\">\/etc\/postfix\/mysql-virtual-mailbox-domains.cf<\/h4>\n\n\n\n\n<div class=\"codecolorer-container text default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"text codecolorer\">user = mailuser<br \/>\npassword = mailuserpass<br \/>\nhosts = 127.0.0.1<br \/>\ndbname = mailserver<br \/>\nquery = SELECT 1 FROM virtual_domains WHERE name='%s'<\/div><\/div>\n\n\n\n\n<h4 class=\"wp-block-heading\">\/etc\/postfix\/mysql-virtual-mailbox-maps.cf<\/h4>\n\n\n\n\n<div class=\"codecolorer-container text default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"text codecolorer\">user = mailuser<br \/>\npassword = mailuserpass<br \/>\nhosts = 127.0.0.1<br \/>\ndbname = mailserver<br \/>\nquery = SELECT 1 FROM virtual_users WHERE email='%s'<\/div><\/div>\n\n\n\n\n<h4 class=\"wp-block-heading\">\/etc\/postfix\/mysql-virtual-alias-maps.cf<\/h4>\n\n\n\n\n<div class=\"codecolorer-container text default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"text codecolorer\">user = mailuser<br \/>\npassword = mailuserpass<br \/>\nhosts = 127.0.0.1<br \/>\ndbname = mailserver<br \/>\nquery = SELECT destination FROM virtual_aliases WHERE source='%s'<\/div><\/div>\n\n\n\n\n<h4 class=\"wp-block-heading\">\/etc\/postfix\/mysql-virtual-email2email.cf<\/h4>\n\n\n\n\n<div class=\"codecolorer-container text default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"text codecolorer\">user = mailuser<br \/>\npassword = mailuserpass<br \/>\nhosts = 127.0.0.1<br \/>\ndbname = mailserver<br \/>\nquery = SELECT email FROM virtual_users WHERE email='%s'<\/div><\/div>\n\n\n\n\n<h3 class=\"wp-block-heading\">Testowanie serwera Postfix<\/h3>\n\n\n\n<p>Skoro stworzyli\u015bmy ju\u017c MySQL`ow\u0105 konfiguracj\u0119, nadszed\u0142 czas aby j\u0105 przetestowa\u0107. W jaki spos\u00f3b mo\u017cemy to uczyni\u0107? Istnieje takie narz\u0119dzie jak <em>postmap, <\/em>kt\u00f3re pozwala w bardzo prosty spos\u00f3b sprawdzi\u0107 czy Postfix potrafi skonstruowa\u0107 prawid\u0142owe zapytania do bazy danych. <\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Testowanie pliku \/etc\/postfix\/mysql-virtual-mailbox-domains.cf<\/h4>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\">postmap <span class=\"re5\">-q<\/span> kompikownia.pl mysql:<span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>postfix<span class=\"sy0\">\/<\/span>mysql-virtual-mailbox-domains.cf<\/div><\/div>\n\n\n\n\n<p>Powy\u017cszym poleceniem sprawdzamy, czy Postfix potrafi sprawdzi\u0107 czy dana domena jest zapisana w bazie danych. Pami\u0119tasz, \u017ce dodawali\u015bmy do BD domen\u0119 kompikownia.pl? Dlatego dla powy\u017cszego polecenia wynik powinien by\u0107 r\u00f3wny 1. Dla ka\u017cdej innej domeny powy\u017csze polecenie nie powinno nic zwr\u00f3ci\u0107. <\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Testowanie pliku \/etc\/postfix\/mysql-virtual-mailbox-maps.cf<\/h4>\n\n\n\n<p>Teraz sprawdzimy, czy Postfix potrafi wyci\u0105gn\u0105\u0107 z bazy danych informacj\u0119 na temat konkretnego adresu email. <\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\">postmap <span class=\"re5\">-q<\/span> email1<span class=\"sy0\">@<\/span>kompikownia.pl mysql:<span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>postfix<span class=\"sy0\">\/<\/span>mysql-virtual-mailbox-maps.cf<\/div><\/div>\n\n\n\n\n<p>Dla powy\u017cszego zapytania wynik powinien by\u0107 r\u00f3wny 1. Je\u015bli zapytamy o jaki\u015b&nbsp;adres email, kt\u00f3ry nie istnieje w bazie danych, program nie powinien zwr\u00f3ci\u0107 nic.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Testowanie pliku \/etc\/postfix\/mysql-virtual-alias-maps.cf<\/h4>\n\n\n\n<p>Teraz sprawd\u017amy, czy Postfix potrafi odczyta\u0107 aliasy z bazy. <\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\">postmap <span class=\"re5\">-q<\/span> <span class=\"kw3\">alias<\/span><span class=\"sy0\">@<\/span>kompikownia.pl mysql:<span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>postfix<span class=\"sy0\">\/<\/span>mysql-virtual-alias-maps.cf<\/div><\/div>\n\n\n\n\n<p>Powy\u017csze zapytanie powinno zwr\u00f3ci\u0107 adres email, dla kt\u00f3rego podany w poleceniu adres jest aliasem. W przeciwnym wypadku wyj\u015bcie powinno by\u0107 puste. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Konfiguracja master.cf<\/h2>\n\n\n\n<p>Postfix podczas swojej pracy tworzy wiele r\u00f3\u017cnych proces\u00f3w. W tle musi dzia\u0142a\u0107 tak\u017ce program, kt\u00f3ry monitoruje ich prac\u0119 oraz decyduje o tym, kiedy te procesy utworzy\u0107. Tzw. <em>Postfix Master Program <\/em>kontroluje, kiedy oraz jakie procesy oraz w jaki spos\u00f3b uruchomi\u0107. Jego konfiguracja znajduje si\u0119 w pliku <em>master.cf. <\/em><\/p>\n\n\n\n<p>Najpierw wykonajmy kopi\u0119 zapasow\u0105 tego pliku, na wypadek gdyby co\u015b&nbsp;posz\u0142o nie tak.<\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\"><span class=\"kw2\">cp<\/span> <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>postfix<span class=\"sy0\">\/<\/span>master.cf <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>postfix<span class=\"sy0\">\/<\/span>master.cf.orig<\/div><\/div>\n\n\n\n\n<p>Plik <em>master.cf<\/em> jest d\u0142ugi, a my b\u0119dziemy modyfikowali jedynie jego cz\u0119\u015b\u0107. Dlatego te\u017c poni\u017cej wklej\u0119 tylko pocz\u0105tek, kt\u00f3ry zmodyfikowali\u015bmy. <\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;height:300px;\"><table cellspacing=\"0\" cellpadding=\"0\"><tbody><tr><td class=\"line-numbers\"><div>1<br \/>2<br \/>3<br \/>4<br \/>5<br \/>6<br \/>7<br \/>8<br \/>9<br \/>10<br \/>11<br \/>12<br \/>13<br \/>14<br \/>15<br \/>16<br \/>17<br \/>18<br \/>19<br \/>20<br \/>21<br \/>22<br \/>23<br \/>24<br \/>25<br \/>26<br \/>27<br \/>28<br \/>29<br \/>30<br \/>31<br \/>32<br \/>33<br \/>34<br \/>35<br \/>36<br \/>37<br \/>38<br \/>39<br \/><\/div><\/td><td><div class=\"bash codecolorer\"><span class=\"co0\"># Postfix master process configuration file. &nbsp;For details on the format<\/span><br \/>\n<span class=\"co0\"># of the file, see the master(5) manual page (command: &quot;man 5 master&quot; or<\/span><br \/>\n<span class=\"co0\"># on-line: http:\/\/www.postfix.org\/master.5.html).<\/span><br \/>\n<span class=\"co0\">#<\/span><br \/>\n<span class=\"co0\"># Do not forget to execute &quot;postfix reload&quot; after editing this file.<\/span><br \/>\n<span class=\"co0\">#<\/span><br \/>\n<span class=\"co0\"># ==========================================================================<\/span><br \/>\n<span class=\"co0\"># service type &nbsp;private unpriv &nbsp;chroot &nbsp;wakeup &nbsp;maxproc command + args<\/span><br \/>\n<span class=\"co0\"># &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; (yes) &nbsp; (yes) &nbsp; (no) &nbsp; &nbsp;(never) (100)<\/span><br \/>\n<span class=\"co0\"># ==========================================================================<\/span><br \/>\nsmtp &nbsp; &nbsp; &nbsp;inet &nbsp;n &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; smtpd<br \/>\n<span class=\"co0\">#smtp &nbsp; &nbsp; &nbsp;inet &nbsp;n &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; 1 &nbsp; &nbsp; &nbsp; postscreen<\/span><br \/>\n<span class=\"co0\">#smtpd &nbsp; &nbsp; pass &nbsp;- &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; smtpd<\/span><br \/>\n<span class=\"co0\">#dnsblog &nbsp; unix &nbsp;- &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; 0 &nbsp; &nbsp; &nbsp; dnsblog<\/span><br \/>\n<span class=\"co0\">#tlsproxy &nbsp;unix &nbsp;- &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; 0 &nbsp; &nbsp; &nbsp; tlsproxy<\/span><br \/>\nsubmission inet n &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; smtpd<br \/>\n&nbsp; &nbsp;<span class=\"re5\">-o<\/span> <span class=\"re2\">syslog_name<\/span>=postfix<span class=\"sy0\">\/<\/span>submission<br \/>\n&nbsp; &nbsp;<span class=\"re5\">-o<\/span> <span class=\"re2\">smtpd_tls_security_level<\/span>=encrypt<br \/>\n&nbsp; &nbsp;<span class=\"re5\">-o<\/span> <span class=\"re2\">smtpd_sasl_auth_enable<\/span>=<span class=\"kw2\">yes<\/span><br \/>\n&nbsp; &nbsp;<span class=\"re5\">-o<\/span> <span class=\"re2\">smtpd_sasl_type<\/span>=dovecot<br \/>\n&nbsp; &nbsp;<span class=\"re5\">-o<\/span> <span class=\"re2\">smtpd_sasl_path<\/span>=private<span class=\"sy0\">\/<\/span>auth<br \/>\n&nbsp; &nbsp;<span class=\"re5\">-o<\/span> <span class=\"re2\">smtpd_reject_unlisted_recipient<\/span>=no<br \/>\n&nbsp; &nbsp;<span class=\"re5\">-o<\/span> <span class=\"re2\">smtpd_client_restrictions<\/span>=permit_sasl_authenticated,reject<br \/>\n<span class=\"co0\"># &nbsp;-o smtpd_helo_restrictions=$mua_helo_restrictions<\/span><br \/>\n<span class=\"co0\"># &nbsp;-o smtpd_sender_restrictions=$mua_sender_restrictions<\/span><br \/>\n<span class=\"co0\"># &nbsp;-o smtpd_recipient_restrictions=<\/span><br \/>\n<span class=\"co0\"># &nbsp;-o smtpd_relay_restrictions=permit_sasl_authenticated,reject<\/span><br \/>\n<span class=\"co0\"># &nbsp;-o milter_macro_daemon_name=ORIGINATING<\/span><br \/>\nsmtps &nbsp; &nbsp; inet &nbsp;n &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; - &nbsp; &nbsp; &nbsp; smtpd<br \/>\n&nbsp; &nbsp;<span class=\"re5\">-o<\/span> <span class=\"re2\">syslog_name<\/span>=postfix<span class=\"sy0\">\/<\/span>smtps<br \/>\n&nbsp; &nbsp;<span class=\"re5\">-o<\/span> <span class=\"re2\">smtpd_tls_wrappermode<\/span>=<span class=\"kw2\">yes<\/span><br \/>\n&nbsp; &nbsp;<span class=\"re5\">-o<\/span> <span class=\"re2\">smtpd_sasl_auth_enable<\/span>=<span class=\"kw2\">yes<\/span><br \/>\n&nbsp; &nbsp;<span class=\"re5\">-o<\/span> <span class=\"re2\">smtpd_sasl_auth_type<\/span>=dovecot<br \/>\n&nbsp; &nbsp;<span class=\"re5\">-o<\/span> <span class=\"re2\">smtpd_sasl_path<\/span>=private<span class=\"sy0\">\/<\/span>auth<br \/>\n&nbsp; &nbsp;<span class=\"re5\">-o<\/span> <span class=\"re2\">smtpd_client_restrictions<\/span>=permit_sasl_authenticated,reject<br \/>\n<span class=\"co0\"># &nbsp;-o smtpd_reject_unlisted_recipient=no<\/span><br \/>\n<span class=\"co0\"># &nbsp;-o smtpd_client_restrictions=$mua_client_restrictions<\/span><br \/>\n<span class=\"co0\"># &nbsp;-o smtpd_helo_restrictions=$mua_helo_restrictions<\/span><br \/>\n...<\/div><\/td><\/tr><\/tbody><\/table><\/div>\n\n\n\n\n<p>Jakie zmiany poczynili\u015bmy w stosunku do oryginalnego pliku? <\/p>\n\n\n\n<ul><li><strong>odhashowali\u015bmy du\u017co linijek <\/strong>&#8211; od 16 do 23 oraz od 29 do 35. Dzi\u0119ki temu podane opcje s\u0105 brane pod uwag\u0119 przez program<\/li><li><strong>powiedzieli\u015bmy, \u017ce b\u0119dziemy u\u017cywa\u0107 Dovecot &#8211; <\/strong>m\u00f3wi\u0105 o tym linijki 33 i 20. Domy\u015blnie u\u017cywana jest implementacja Cyrus SAS, dlatego jawnie musimy to zmieni\u0107.<\/li><\/ul>\n\n\n\n<p>Pozosta\u0142a cz\u0119\u015b\u0107&nbsp;pliku w\u0142a\u015bciwie si\u0119 nie zmieni\u0142a. <\/p>\n\n\n\n<p>Po tym wszystkim zabezpieczamy dost\u0119p do plik\u00f3w konfiguracyjnych Postfix. Powinien mie\u0107 do nich dost\u0119p tylko w\u0142a\u015bciciel oraz grupa w\u0142a\u015bciciela. <\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\"><span class=\"kw2\">chmod<\/span> <span class=\"re5\">-R<\/span> o-rwx <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>postfix<\/div><\/div>\n\n\n\n\n<p>Na samym ko\u0144cu po raz kolejny restartujemy serwer Postfix.<\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\">systemctl restart postfix<\/div><\/div>\n\n\n\n\n<h2 class=\"wp-block-heading\">Konfiguracja Dovecot<\/h2>\n\n\n\n<p>Dovecot udost\u0119pni nam protok\u00f3\u0142 <strong>IMAP, <\/strong>za pomoc\u0105 kt\u00f3rego b\u0119dziemy mogli zalogowa\u0107 si\u0119 do skrzynki oraz sprawdzi\u0107 jakie wiadomo\u015bci zosta\u0142y do nas dostarczone. <\/p>\n\n\n\n<p>Najpierw standardowo wykonujemy kopi\u0119 zapasow\u0105 wszystkich plik\u00f3w, w kt\u00f3rych b\u0119dziemy grzebali.<\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\"><span class=\"kw2\">sudo<\/span> <span class=\"kw2\">cp<\/span> <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>dovecot<span class=\"sy0\">\/<\/span>dovecot.conf <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>dovecot<span class=\"sy0\">\/<\/span>dovecot.conf.orig<br \/>\n<span class=\"kw2\">sudo<\/span> <span class=\"kw2\">cp<\/span> <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>dovecot<span class=\"sy0\">\/<\/span>conf.d<span class=\"sy0\">\/<\/span><span class=\"nu0\">10<\/span>-mail.conf <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>dovecot<span class=\"sy0\">\/<\/span>conf.d<span class=\"sy0\">\/<\/span><span class=\"nu0\">10<\/span>-mail.conf.orig<br \/>\n<span class=\"kw2\">sudo<\/span> <span class=\"kw2\">cp<\/span> <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>dovecot<span class=\"sy0\">\/<\/span>conf.d<span class=\"sy0\">\/<\/span><span class=\"nu0\">10<\/span>-auth.conf <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>dovecot<span class=\"sy0\">\/<\/span>conf.d<span class=\"sy0\">\/<\/span><span class=\"nu0\">10<\/span>-auth.conf.orig<br \/>\n<span class=\"kw2\">sudo<\/span> <span class=\"kw2\">cp<\/span> <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>dovecot<span class=\"sy0\">\/<\/span>dovecot-sql.conf.ext <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>dovecot<span class=\"sy0\">\/<\/span>dovecot-sql.conf.ext.orig<br \/>\n<span class=\"kw2\">sudo<\/span> <span class=\"kw2\">cp<\/span> <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>dovecot<span class=\"sy0\">\/<\/span>conf.d<span class=\"sy0\">\/<\/span><span class=\"nu0\">10<\/span>-master.conf <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>dovecot<span class=\"sy0\">\/<\/span>conf.d<span class=\"sy0\">\/<\/span><span class=\"nu0\">10<\/span>-master.conf.orig<br \/>\n<span class=\"kw2\">sudo<\/span> <span class=\"kw2\">cp<\/span> <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>dovecot<span class=\"sy0\">\/<\/span>conf.d<span class=\"sy0\">\/<\/span><span class=\"nu0\">10<\/span>-ssl.conf <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>dovecot<span class=\"sy0\">\/<\/span>conf.d<span class=\"sy0\">\/<\/span><span class=\"nu0\">10<\/span>-ssl.conf.orig<\/div><\/div>\n\n\n\n\n<h3 class=\"wp-block-heading\">Edycja pliku \/etc\/dovecot\/dovecot.conf<\/h3>\n\n\n\n<p>W pliku tym poczynimy tylko jedn\u0105 modyfikacj\u0119. Powiemy serwerowi Dovecot, jakie protoko\u0142y s\u0105 w\u0142\u0105czone. <\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\"><span class=\"co0\"># options. The paths listed here are for configure --prefix=\/usr<\/span><br \/>\n<span class=\"co0\"># --sysconfdir=\/etc --localstatedir=\/var<\/span><br \/>\n<br \/>\n<span class=\"co0\"># Enable installed protocols<\/span><br \/>\n<span class=\"sy0\">!<\/span>include_try <span class=\"sy0\">\/<\/span>usr<span class=\"sy0\">\/<\/span>share<span class=\"sy0\">\/<\/span>dovecot<span class=\"sy0\">\/<\/span>protocols.d<span class=\"sy0\">\/*<\/span>.protocol<br \/>\nprotocols = imap lmtp<br \/>\n<br \/>\n<span class=\"co0\"># A comma separated list of IPs or hosts where to listen in for connections.<\/span><br \/>\n<span class=\"co0\"># &quot;*&quot; listens in all IPv4 interfaces, &quot;::&quot; listens in all IPv6 interfaces.<\/span><\/div><\/div>\n\n\n\n\n<p>W\u0142\u0105czyli\u015bmy protoko\u0142y IMAP i LMTP. Jak zauwa\u017cy\u0142e\u015b, nasz serwer nie b\u0119dzie wspiera\u0142 POP3. Dlaczego? Poniewa\u017c jest przestarza\u0142e i ma\u0142o kto go utrzymuje. <\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Edycja pliku \/etc\/dovecot\/10-mail.conf<\/h3>\n\n\n\n<p>Ten plik konfiguracyjny opisuje, w jaki spos\u00f3b Dovecot przeprowadza interakcj\u0119 z systemem plik\u00f3w. Np.: w jaki spos\u00f3b oraz gdzie przechowuje skrzynki pocztowe klient\u00f3w. <\/p>\n\n\n\n<p>Ten plik jest naprawd\u0119&nbsp;bardzo du\u017cy i pozwala na szerok\u0105 personalizacj\u0119. My zmodyfikujemy tylko dwie zmienne. <\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\">...<br \/>\nmail_location = maildir:<span class=\"sy0\">\/<\/span>var<span class=\"sy0\">\/<\/span>mail<span class=\"sy0\">\/<\/span>vhosts<span class=\"sy0\">\/%<\/span>d<span class=\"sy0\">\/%<\/span>n<span class=\"sy0\">\/<\/span><br \/>\n...<br \/>\nmail_privileged_group = mail<br \/>\n...<\/div><\/div>\n\n\n\n\n<p>Stw\u00f3rzmy teraz katalog <em>\/var\/mail\/vhosts<\/em>, o kt\u00f3rym powiedzieli\u015bmy serwerowi Dovecot w pliku konfiguracyjnym. Zamie\u0144 oczywi\u015bcie domen\u0119 <em>kompikownia.pl <\/em>na w\u0142asn\u0105, je\u015bli przeprowadzasz konfiguracj\u0119&nbsp;u siebie. <\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\"><span class=\"kw2\">sudo<\/span> <span class=\"kw2\">mkdir<\/span> <span class=\"re5\">-p<\/span> <span class=\"sy0\">\/<\/span>var<span class=\"sy0\">\/<\/span>mail<span class=\"sy0\">\/<\/span>vhosts<span class=\"sy0\">\/<\/span>kompikownia.pl<\/div><\/div>\n\n\n\n\n<p>Teraz stw\u00f3rzmy u\u017cytkownika kt\u00f3ry b\u0119dzie tym zarz\u0105dza\u0142:<\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\"><span class=\"kw2\">sudo<\/span> groupadd <span class=\"re5\">-g<\/span> <span class=\"nu0\">5000<\/span> vmail<br \/>\n<span class=\"kw2\">sudo<\/span> useradd <span class=\"re5\">-g<\/span> vmail <span class=\"re5\">-u<\/span> <span class=\"nu0\">5000<\/span> vmail <span class=\"re5\">-d<\/span> <span class=\"sy0\">\/<\/span>var<span class=\"sy0\">\/<\/span>mail<\/div><\/div>\n\n\n\n\n<p>Na samym ko\u0144cu zmie\u0144my w\u0142a\u015bciciela katalogu <em>\/var\/mail\/<\/em>.<\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:435px;\"><div class=\"bash codecolorer\"><span class=\"kw2\">sudo<\/span> <span class=\"kw2\">chown<\/span> <span class=\"re5\">-R<\/span> vmail:vmail <span class=\"sy0\">\/<\/span>var<span class=\"sy0\">\/<\/span>mail<\/div><\/div>\n\n\n\n\n<h3 class=\"wp-block-heading\">Konfiguracja pliku \/etc\/dovecot\/conf.d\/10-auth.conf<\/h3>\n\n\n\n<p>Teraz pora zmodyfikowa\u0107 plik, kt\u00f3ry odpowiada za autoryzacj\u0119. Musimy w nim wy\u0142\u0105czy\u0107 autoryzacj\u0119 plaintextem oraz poinformowa\u0107, \u017ce nale\u017cy wczyta\u0107 konfiguracj\u0119 bazy danych. Wystarczy odhashowa\u0107 wspomniane ni\u017cej linie. <\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\">...<br \/>\ndisable_plaintext_auth = <span class=\"kw2\">yes<\/span><br \/>\n...<br \/>\nauth_mechanisms = plain <span class=\"kw2\">login<\/span><br \/>\n...<br \/>\n<span class=\"sy0\">!<\/span>include auth-system.conf.ext<br \/>\n...<br \/>\n<span class=\"sy0\">!<\/span>include auth-sql.conf.ext<br \/>\n...<\/div><\/div>\n\n\n\n\n<h4 class=\"wp-block-heading\">Konfiguracja pliku \/etc\/dovecot\/conf.d\/auth-sql.conf.ext<\/h4>\n\n\n\n<p>W tym pliku musimy zamieni\u0107 &#8222;sterownik&#8221; kt\u00f3ry jest u\u017cywany, z sql na static. Co za tym idzie, komentujemy sekcj\u0119 userdb gdzie driver = sql, oraz kasujemy hashe przy sekcji userdb, gdzie driver=static. <\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\">...<br \/>\npassdb <span class=\"br0\">&#123;<\/span><br \/>\n&nbsp; driver = sql<br \/>\n&nbsp; args = <span class=\"sy0\">\/<\/span>etc<span class=\"sy0\">\/<\/span>dovecot<span class=\"sy0\">\/<\/span>dovecot-sql.conf.ext<br \/>\n<span class=\"br0\">&#125;<\/span><br \/>\n...<br \/>\n<span class=\"co0\">#userdb {<\/span><br \/>\n<span class=\"co0\"># &nbsp;driver = sql<\/span><br \/>\n<span class=\"co0\"># &nbsp;args = \/etc\/dovecot\/dovecot-sql.conf.ext<\/span><br \/>\n<span class=\"co0\">#}<\/span><br \/>\n...<br \/>\nuserdb <span class=\"br0\">&#123;<\/span><br \/>\n&nbsp; driver = static<br \/>\n&nbsp; args = <span class=\"re2\">uid<\/span>=vmail <span class=\"re2\">gid<\/span>=vmail <span class=\"re2\">home<\/span>=<span class=\"sy0\">\/<\/span>var<span class=\"sy0\">\/<\/span>mail<span class=\"sy0\">\/<\/span>vhosts<span class=\"sy0\">\/%<\/span>d<span class=\"sy0\">\/%<\/span>n<br \/>\n<span class=\"br0\">&#125;<\/span><br \/>\n...<\/div><\/div>\n\n\n\n\n<h4 class=\"wp-block-heading\">Konfiguracja pliku \/etc\/dovecot\/dovecot-sql.conf.ext<\/h4>\n\n\n\n<p>Teraz modyfikujemy plik <em>\/etc\/dovecot\/dovecot-sql.conf.ext<\/em> Wpisz w nim dane dost\u0119powe do wcze\u015bniej utworzonej bazy danych, takie jak rodzaj sterownika (mysql), nazwa bazy, u\u017cytkownik oraz has\u0142o. B\u0119dziesz musia\u0142 poda\u0107 r\u00f3wnie\u017c zapytanie, za pomoc\u0105 kt\u00f3rego Dovecot b\u0119dzie m\u00f3g\u0142 uzyska\u0107 has\u0142a u\u017cytkownik\u00f3w. Wszystkie linijki, kt\u00f3re nale\u017cy zmieni\u0107 znajduj\u0105 si\u0119 na listingu poni\u017cej. <\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\">...<br \/>\ndriver = mysql<br \/>\n...<br \/>\nconnect = <span class=\"re2\">host<\/span>=127.0.0.1 <span class=\"re2\">dbname<\/span>=mailserver <span class=\"re2\">user<\/span>=mailuser <span class=\"re2\">password<\/span>=mailuserpass<br \/>\n...<br \/>\ndefault_pass_scheme = SHA512-CRYPT<br \/>\n...<br \/>\npassword_query = SELECT email <span class=\"kw2\">as<\/span> user, password FROM virtual_users WHERE <span class=\"re2\">email<\/span>=<span class=\"st_h\">'%u'<\/span>;<br \/>\n...<\/div><\/div>\n\n\n\n\n<h3 class=\"wp-block-heading\">Konfiguracja pliku \/etc\/dovecot\/conf.d\/10-master.conf<\/h3>\n\n\n\n<p>Musimy przeprowadzi\u0107 kilka modyfikacji w pliku 10-master.conf. Przede wszystkim &#8211; musimy wy\u0142\u0105czy\u0107 nieszyfrowan\u0105 wersj\u0119 protoko\u0142u IMAP. Robimy to w ten spos\u00f3b, \u017ce odhashowujemy linijki dotycz\u0105ce imap i imaps. Przy czym w przypadku protoko\u0142u imap ustawiamy port na 0.<\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\">...<br \/>\nservice imap-login <span class=\"br0\">&#123;<\/span><br \/>\n&nbsp; inet_listener imap <span class=\"br0\">&#123;<\/span><br \/>\n&nbsp; &nbsp; port = <span class=\"nu0\">0<\/span><br \/>\n&nbsp; <span class=\"br0\">&#125;<\/span><br \/>\n&nbsp; inet_listener imaps <span class=\"br0\">&#123;<\/span><br \/>\n&nbsp; &nbsp; port = <span class=\"nu0\">993<\/span><br \/>\n&nbsp; &nbsp; ssl = <span class=\"kw2\">yes<\/span><br \/>\n&nbsp; <span class=\"br0\">&#125;<\/span><br \/>\n&nbsp; ...<br \/>\n<span class=\"br0\">&#125;<\/span><br \/>\n...<\/div><\/div>\n\n\n\n\n<p>Nast\u0119pnie musimy skonfigurowa\u0107 us\u0142ug\u0119 lmtp. Prawid\u0142owa konfiguracja pokazana jest na listingu poni\u017cej:<\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\">...<br \/>\nservice lmtp <span class=\"br0\">&#123;<\/span><br \/>\n&nbsp; unix_listener <span class=\"sy0\">\/<\/span>var<span class=\"sy0\">\/<\/span>spool<span class=\"sy0\">\/<\/span>postfix<span class=\"sy0\">\/<\/span>private<span class=\"sy0\">\/<\/span>dovecot-lmtp <span class=\"br0\">&#123;<\/span><br \/>\n&nbsp; &nbsp; <span class=\"co0\">#mode = 0666i<\/span><br \/>\n&nbsp; &nbsp; mode = 0600<br \/>\n&nbsp; &nbsp; user = postfix<br \/>\n&nbsp; &nbsp; group = postfix<br \/>\n&nbsp; <span class=\"br0\">&#125;<\/span><br \/>\n...<br \/>\n<span class=\"br0\">&#125;<\/span><\/div><\/div>\n\n\n\n\n<p>Teraz musimy skonfigurowa\u0107 autoryzacj\u0119. Znajd\u017a sekcj\u0119 <em>auth <\/em>i skonfiguruj j\u0105 tak jak na listingu poni\u017cej. <\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\">...<br \/>\nservice auth <span class=\"br0\">&#123;<\/span><br \/>\n&nbsp; ...<br \/>\n&nbsp; unix_listener <span class=\"sy0\">\/<\/span>var<span class=\"sy0\">\/<\/span>spool<span class=\"sy0\">\/<\/span>postfix<span class=\"sy0\">\/<\/span>private<span class=\"sy0\">\/<\/span>auth <span class=\"br0\">&#123;<\/span><br \/>\n&nbsp; &nbsp; mode = 0660<br \/>\n&nbsp; &nbsp; user = postfix<br \/>\n&nbsp; &nbsp; group = postfix<br \/>\n&nbsp; <span class=\"br0\">&#125;<\/span><br \/>\n<br \/>\n&nbsp; unix_listener auth-userdb <span class=\"br0\">&#123;<\/span><br \/>\n&nbsp; &nbsp; mode = 0600<br \/>\n&nbsp; &nbsp; user = vmail<br \/>\n&nbsp; <span class=\"br0\">&#125;<\/span><br \/>\n...<br \/>\n&nbsp; user = dovecot<br \/>\n<span class=\"br0\">&#125;<\/span><br \/>\n...<\/div><\/div>\n\n\n\n\n<p>Nast\u0119pnie powinni\u015bmy podda\u0107 lekkiemu liftingowi sekcj\u0119 auth-worker.<\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\">...<br \/>\nservice auth-worker <span class=\"br0\">&#123;<\/span><br \/>\n&nbsp; ...<br \/>\n&nbsp; user = vmail<br \/>\n<span class=\"br0\">&#125;<\/span><\/div><\/div>\n\n\n\n\n<h3 class=\"wp-block-heading\">Konfiguracja pliku \/etc\/dovecot\/conf.d\/10-ssl.conf<\/h3>\n\n\n\n<p>Plik <em>10-ssl.conf<\/em> wskazuje serwerowi Dovecot, w kt\u00f3rym miejscu znajduj\u0105&nbsp;si\u0119 klusze SSL. <\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\">ssl = required<br \/>\n...<br \/>\nssl_cert = <span class=\"sy0\">&lt;\/<\/span>etc<span class=\"sy0\">\/<\/span>letsencrypt<span class=\"sy0\">\/<\/span>live<span class=\"sy0\">\/<\/span>kompikownia.pl<span class=\"sy0\">\/<\/span>fullchain.pem<br \/>\nssl_key = <span class=\"sy0\">&lt;\/<\/span>etc<span class=\"sy0\">\/<\/span>letsencrypt<span class=\"sy0\">\/<\/span>live<span class=\"sy0\">\/<\/span>kompikownia.pl<span class=\"sy0\">\/<\/span>privkey.pem<\/div><\/div>\n\n\n\n\n<h3 class=\"wp-block-heading\">Restart<\/h3>\n\n\n\n<p>Wszystkie niezb\u0119dne zmiany zosta\u0142y ju\u017c wykonane. Pozostaje nam jedynie restart. Po wydaniu poni\u017cszego polecenia oka\u017ce si\u0119, czy wszystko dzia\u0142a prawid\u0142owo \ud83d\ude42 <\/p>\n\n\n\n\n<div class=\"codecolorer-container bash default\" style=\"overflow:auto;white-space:nowrap;width:90%;\"><div class=\"bash codecolorer\"><span class=\"kw2\">sudo<\/span> systemctl restart dovecot<\/div><\/div>\n\n\n\n\n<p class=\"has-large-font-size\">To ju\u017c koniec konfiguracji \ud83d\ude42 Nasz serwer poczty dzia\u0142a prawid\u0142owo \ud83d\ude42 <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Thunderbird &#8211; logowanie na konto pocztowe<\/h2>\n\n\n\n<p>Przetestujmy, czy mo\u017cemy zalogowa\u0107 si\u0119 na nasze konto \ud83d\ude42 Skonfigurujmy prohram pocztowy <strong>Thunderbird. <\/strong><\/p>\n\n\n\n<p>Uruchamiamy program<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"924\" height=\"743\" src=\"https:\/\/www.kompikownia.pl\/wp-content\/uploads\/2019\/09\/image-13.png\" alt=\"\" class=\"wp-image-2292\"\/><\/figure>\n\n\n\n<p>Klikamy opcj\u0119 <strong>Email <\/strong>w kategorii <strong>Set up an account. <\/strong>Pojawi nam si\u0119 okienko:<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"556\" height=\"436\" src=\"https:\/\/www.kompikownia.pl\/wp-content\/uploads\/2019\/09\/image-14.png\" alt=\"\" class=\"wp-image-2293\"\/><\/figure><\/div>\n\n\n\n<p>Wpisujemy w nim login i has\u0142o do konta email, kt\u00f3re utworzyli\u015bmy podczas konfiguracji. Klikamy <strong>Continue. <\/strong>Thunderbird spr\u00f3buje wykry\u0107 konfiguracj\u0119 automatycznie, ale nie uda mu si\u0119 to. <\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"875\" height=\"450\" src=\"https:\/\/www.kompikownia.pl\/wp-content\/uploads\/2019\/09\/image-15.png\" alt=\"\" class=\"wp-image-2294\"\/><\/figure>\n\n\n\n<p>Musimy wskaza\u0107 opcje konfiguracji r\u0119cznie, tak jak na powy\u017cszym screenie. Po tym klikamy przycisk <strong>Done. <\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"823\" height=\"553\" src=\"https:\/\/www.kompikownia.pl\/wp-content\/uploads\/2019\/09\/image-16.png\" alt=\"\" class=\"wp-image-2295\"\/><\/figure>\n\n\n\n<p><strong>Voila! <\/strong>Nasza skrzynka jest gotowa i mo\u017ce wysy\u0142a\u0107 i odbiera\u0107 emaile!<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Podsumowuj\u0105c<\/h2>\n\n\n\n<p>To by\u0142 naprawd\u0119 d\u0142uugi wpis. Ciesz\u0119 si\u0119, je\u015bli dobrn\u0105\u0142e\u015b do ko\u0144ca. Niestety, konfiguracja serwera poczty jest dosy\u0107 skomplikowana. To, co zrobili\u015bmy w tym artykule to jedynie wierzcho\u0142ek g\u00f3ry lodowej. Tak skonfigurowany serwer wymaga troch\u0119 dodatkowej pracy. W tej chwili gdy wy\u015blemy email do kogo\u015b na Gmailu, to nasza wiadomo\u015bc najprawdopodobniej wleci do spamu. Co zrobi\u0107, \u017ceby tak si\u0119 nie dzia\u0142o? O tym b\u0119dzie w przysz\u0142o\u015bci.<\/p>\n\n\n\n<p>Je\u015bli podoba\u0142 ci si\u0119 ten artyku\u0142, kliknij ten czerwony dzwonek po lewej. W\u0142\u0105czysz wtedy powiadomienia co sprawi, \u017ce b\u0119dziesz informowany o ka\u017cdym nowym artykule. Polub tak\u017ce m\u00f3j <a href=\"https:\/\/www.facebook.com\/kompikownia\/\">fanpage<\/a> na Facebooku, na kt\u00f3rym umieszczam wiele ciekawych rzeczy \ud83d\ude42 <\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u0179r\u00f3d\u0142a<\/h3>\n\n\n\n<p><a href=\"https:\/\/www.linode.com\/docs\/email\/postfix\/email-with-postfix-dovecot-and-mysql\/\">https:\/\/www.linode.com\/docs\/email\/postfix\/email-with-postfix-dovecot-and-mysql\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><span class=\"rt-reading-time\" style=\"display: block;\"><span class=\"rt-label rt-prefix\">Czas czytania:<\/span> <span class=\"rt-time\">11<\/span> <span class=\"rt-label rt-postfix\">minut<\/span><\/span> Ka\u017cda profesjonalna strona internetowa, ka\u017cdy profesjonalny blog powinien posiada\u0107&nbsp;adres e-mailowy, kt\u00f3ry s\u0142u\u017cy np.: do kontaktu z czytelnikami, czy do wysy\u0142ania newslettera. Adres taki powinien znajdowa\u0107&nbsp;si\u0119 w domenie takiej samej jak &#8230;<\/p>\n","protected":false},"author":1,"featured_media":2299,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[29,72],"tags":[88,65,89,87,91,90,66],"_links":{"self":[{"href":"https:\/\/www.kompikownia.pl\/index.php\/wp-json\/wp\/v2\/posts\/2246"}],"collection":[{"href":"https:\/\/www.kompikownia.pl\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kompikownia.pl\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kompikownia.pl\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kompikownia.pl\/index.php\/wp-json\/wp\/v2\/comments?post=2246"}],"version-history":[{"count":43,"href":"https:\/\/www.kompikownia.pl\/index.php\/wp-json\/wp\/v2\/posts\/2246\/revisions"}],"predecessor-version":[{"id":2300,"href":"https:\/\/www.kompikownia.pl\/index.php\/wp-json\/wp\/v2\/posts\/2246\/revisions\/2300"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kompikownia.pl\/index.php\/wp-json\/wp\/v2\/media\/2299"}],"wp:attachment":[{"href":"https:\/\/www.kompikownia.pl\/index.php\/wp-json\/wp\/v2\/media?parent=2246"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kompikownia.pl\/index.php\/wp-json\/wp\/v2\/categories?post=2246"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kompikownia.pl\/index.php\/wp-json\/wp\/v2\/tags?post=2246"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}