lynx   »   [go: up one dir, main page]

CentOS5$B$X$N%a!<%k4D6-9=C[(B (2007/11/01)

1.$B%$%s%9%H!<%k$9$k$b$N(B

2.yum$B@_Dj(B

centosplus$B!"(Bdries$B!"(Bdag$B$N3F%l%]%8%H%j$r(Byum$B$K@_Dj$7$F$*$/!#(B (http://tmcosmos.org/linux/centos/co5.html#yum$B$K>\$7$$(B)

3.POP3/IMAP4$B%5!<%P(B

dovecot$B$r;HMQ!#(B yum $B%Q%C%1!<%8%$%s%9%H!<%k!#(B 
% yum install dovecot
% chkconfig --add dovecot; chkconfig dovecot on
$B@_Dj%]%j%7!<$O0J2<$NDL$j!#(B
$B@_Dj%U%!%$%k$O(B /etc/dovecot.conf$B!"JQ99E@$O0J2 
protocols = imaps pop3s
mail_location = maildir:~/Maildir
mail_extra_groups = mail
openssl$B$K$FHkL)80$r(B /etc/pki/dovecot/private/dovecot.pem $B$H$7$F!"(B $B>ZL@=q$r(B /etc/pki/dovecot/certs/dovecot.pem $B$H$7$F@8@.!#(B $BHkL)80$O(Broot$B0J30$+$iFI$a$J$$$h$&$K$7$F$*$/!#(B 
% /etc/pki/dovecot/dovecot-openssl.cnf $B$rE,59JT=8(B
% /usr/share/doc/dovecot-1.0/examples/mkcert.sh
% chown root /etc/pki/dovecot/private/dovecot.pem
% chmod 600 /etc/pki/dovecot/private/dovecot.pem

4.SMTP$B%5!<%P(B

postfix $B$r;HMQ!#(B $B%G%U%)%k%H$G$O(Bsendmail$B$,%$%s%9%H!<%k$5$l$F$$$k$N$G!"(B $B@Z$jBX$($N$?$a$N%D!<%k(B system-switch-mail $B$bJ;$;$F(B yum $B$+$i%Q%C%1!<%8%$%s%9%H!<%k!#(B 
% yum install postfix system-switch-mail
% /usr/bin/system-switch-mail
% chkconfig --add postfix; chkconfig postfix on
postfix$B$N@_Dj%U%!%$%k$O%G%#%l%/%H%j(B /etc/postfix $B0J2

TLS/SSL

$BHkL)80!">ZL@=q$rMQ0U$7(B(dovecot$B$N$b$N$r%7%s%\%j%C%/%j%s%/$GN.MQ(B) $B@_Dj!#(B 
% mkdir /etc/pki/postfix/
% ln -s /etc/pki/dovecot/private/dovecot.pem \
	/etc/pki/postfix/mail.key
% ln -s /etc/pki/dovecot/certs/dovecot.pem \
	/etc/pki/postfix/mail.crt
% chown postfix /etc/pki/postfix/mail.key
% chmod 600 //etc/pki/postfix/mail.key
postfix$B$N@_Dj$O(Bmain.cf$B$K$F2<5-$NDL$j!#(B 
smtpd_use_tls                           = yes
smtpd_tls_received_header               = yes
smtpd_tls_cert_file                     = /etc/pki/postfix/mail.crt
smtpd_tls_key_file                      = /etc/pki/postfix/mail.key
smtpd_tls_ask_ccert                     = no
smtpd_tls_session_cache_database        = btree:/etc/postfix/smtpd_scache

smtp_use_tls                            = yes
smtp_tls_cert_file                      = /etc/pki/postfix/mail.crt
smtp_tls_key_file                       = /etc/pki/postfix/mail.key
smtp_tls_ask_ccert                      = no
smtp_tls_session_cache_database         = btree:/etc/postfix/smtp_scache

SMTP$BG'>Z(B (SMTP Auth)

cyrus-sasl $B$r;HMQ!#(B $BG'>Z$KMQ$$$kJ}K!$O(BUNIX$B%Q%9%o!<%I$rMQ$$$k$3$H$K$9$k!"(B saslpasswd2 $B$G@_Dj$9$k%Q%9%o!<%I$O;H$o$J$$!#(B $B$?$@$7!"(Bdb$B$@$1$O:n$C$F$*$/(B($B%Q%9%o!<%I$OE,Ev$K@_Dj(B)$B!#(B 
% yum install cyrus-sasl
% /usr/sbin/saslpasswd2 -c nobody
% /usr/sbin/saslpasswd2 -d nobody
% chkconfig --add saslauthd; chkconfig saslauthd on
saslpasswd2$B$,:n@.$9$k(Bdb$B$O(B/etc/sasldb2$B!#(B ($B%P%$%J%j%U%!%$%k$@$,%Q%9%o!<%IEy$,8+$($k!#(B)

greylisting

postgrey$B$r;HMQ!#(Byum$B$K$F%Q%C%1!<%8%$%s%9%H!<%k!#(B 
% yum install postgrey
% chkconfig --add postgrey; chkconfig postgrey on
TCP 10023$B%]!<%H$G2TF/$5$;$k$3$H$K$9$k!#(B $B@_Dj$O2TF/%9%/%j%W%H(B/etc/rc.d/init.d/postgrey$B$KD>@\5-=R!#(B 
OPTIONS="--inet=10023"
main.cf $B$K$F(B smtpd_recipient_restrinctions $B$H$7$F(B 
check_policy_service inet:127.0.0.1:10023
$B$rDI2C!#(B
postgrey$B$N%G!<%?%Y!<%9%U%!%$%k(B(/var/spool/postfix/postgrey/postgrey.db$BEy(B)$B$KBP$7$F!"(B $B0J2<$rH$G$-$k!#(B 
% db_dump -p /var/spool/postfix/postgrey/postgrey.db

SPF/SenderID

http://www.openspf.org/Software $B$+$i:G?7$N(B postfix-policyd-spf-perl $B$r%@%&%s%m!<%I!#(B $B%"!<%+%$%V$r2rE`$7$F(B postfix-policyd-spf-perl $B$r(B /usr/libexec/postfix/postfix-policyd-spf.pl $B$X%3%T!
$B$^$?!"I,MW$J%Q%C%1!<%8(B perl-Mail-SPF $B$r%$%s%9%H!<%k!#(B 
% yum perl-Mail-SPF
$B 
spf       unix  -       n       n       -       -       spawn
  user=nobody argv=/usr/libexec/postfix/postfix-policyd-spf.pl
main.cf $B$K$F(B smtpd_recipient_restrinctions $B$H$7$F(B 
check_policy_service unix:private/spf
$B$rDI2C!#(B
$BAw?.B&$H$7$F(BSPF$B$KBP1~$9$k$K$O(BDNS(BIND)$B$N@_Dj$G!"(B $BAw?.JN,!"B>%5%$%H$r;2>H(B)
$B:G=i$O0J2<$,L5Fq$+!#(B 
        IN      TXT     "v=spf1 ip4:$B%M%C%H%o!<%/(B/$B%^%9%/(B ip6:v6$B%M%C%H%o!<%/(B/$B%^%9%/(B ~all"

DKIM

dkimproxy $B$rMQ$$$F2TF/$5$;$k$3$H$b$G$-$?$,!"(B $BJ}$KBP1~$9$k$H99$KJ#;((B) dkim-milter$B$r;HMQ$9$k$3$H$K$9$k!#(B (2008/03/05$BDI5-(B2$B;2>H(B)
$BMQ0U$5$l$?%Q%C%1!<%8$,$J$$$N$G!"(B http://sourceforge.net/projects/dkim-milter/ $B$+$i:G?7%=!<%9$r%@%&%s%m!<%I!#(B 2007/11/01$B$N;~E@$G$O(Bstable$B%P!<%8%g%s$G$O(B dkim-milter-2.3.2 $B$,:G?7!#(B $B2rE`$7$?%U%!%$%k(B dkim-filter/README $B$K$"$kDL$j!"(B $B http://sourceforge.net/projects/dk-milter/ $B$+$i(B dk-milter $B$N:G?7HG%=!<%9$r%@%&%s%m!<%I$7(B(2007/11/01$B$N;~E@$G%P!<%8%g%s(B0.6.0)$B!"(B libdk $B$r(B dkim-milter $B$NE83+%G%#%l%/%H%j$K%3%T!<(Bor$B%7%s%\%j%C%/%j%s%/!#(B ($BAw?.$9$k%a!<%k$K(BDomainKey$B$r@_Dj$9$k$3$H$O$G$-$J$$$h$&$@(B) DomainKey$B$X$NBP1~$r@_Dj$9$k$HF1;~$K!"(B devtool/OS/Linux $B$G$O%G%U%)%k%H$N%^%K%e%"%kG[CV>l=j$,(B /usr/man $B$J$N$GJQ99$r!"(B $B@_Dj%U%!%$%k(B devtool/Site/site.config.m4 $B$K5-=R!#(B 
define(`confMANROOT', `/usr/share/man/man')
define(`bld_VERIFY_DOMAINKEYS', `true')
define(`bld_USE_ARLIB', `true')
$B%3%s%Q%$%k$K$O(B sendmail $BIUB0$N%i%$%V%i%j$,I,MW$J$N$G(B $B%Q%C%1!<%8(B sendmail-devel$B!"(Bopenssl-devel($B$H0MB84X78$N$"$k$b$N(B) $B$r(B $B$"$i$+$8$a%$%s%9%H!<%k!#(B dkim-milter $B$N%$%s%9%H!<%k$O(B checkinstall $B$rMQ$$$F(B(yum$B$G%$%s%9%H!<%k2D!"(Brpm-build$B$*$h$S0MB8%Q%C%1!<%8$bI,MW(B)$B!"(B rpm$B$r:n@.$7$F9T$&!#(B 
% yum install sendmail-devel openssl-devel
% make
% checkinstall --exclude=/selinux -R
% rpm -i /usr/src/redhat/RPMS/i386/dkim-milter-2.3.2-1.i386.rpm
dkim-milter$B$rF0$+$9$?$a$K%f!<%6$r:n@.$9$k!#(B 
% useradd -g mail -m -d /var/milter -s /sbin/nologin milter
% chmod 755 /var/milter
DKIM$B$GMQ$$$k%;%l%/%?L>$r7h$a$k(B($BG$0U$NJ8;zNs(B)$B!#(B $BHkL)80$r(B /etc/pki/dkim-filter/$B%;%l%/%?L>(B.private $B$H$7$F@8@.$7!"(B $B=jM- 
% openssl genrsa -out /etc/pki/dkim-filter/$B%;%l%/%?L>(B.private 1024
$B8x3+80$rF@$k!#(B 
% openssl rsa -in /etc/pki/dkim-filter/$B%;%l%/%?L>(B.private -pubout
DNS$B$K(BDKIM$B$N$?$a$NCM$rEPO?$9$k!#(B $B>e5-$N8x3+80$NFbMF$r!V%;%l%/%?L>(B._domainkey.$B%I%a%$%sL>!W$N(BTXT$B%l%3!<%IFb$KD>@\5-=R$9$k!#(B ($B5-=RJ}K!$N>\:Y$O>JN,!"B>%5%$%H;2>H(B) 
_domainkey              IN      TXT     "t=y; o=~;"
$B%;%l%/%?L>(B._domainkey    IN      TXT     "v=DKIM1; k=rsa; t=y; p=$B8x3+80(B"
_policy._domainkey      IN      TXT     "t=y; o=~"
$B5/F0$N$?$a$N%9%/%j%W%H(B /etc/rc.d/init.d/dkim-filter $B$r:n@.!#(B (chkconfig$B$NCM$O!"(Bpostfix$B$NCM$H@09g$r 
#!/bin/bash
#
#
# dkim-filter:
#
# chkconfig: 2345 75 35
# processname: dkim-filter
# description: dkim filter
source /etc/rc.d/init.d/functions

PROG=/usr/bin/dkim-filter

PID=/var/milter/dkim-filter.pid
SOCKET=/var/milter/dkim-filter.socket

DOMAINLIST="$B%I%a%$%s(B"           # $BJ#?t$"$k>l9g$O%+%s%^6h@Z$j(B
SELECTOR="$B%;%l%/%?L>(B"           # $B%;%l%/%?L>$OJ#?t%I%a%$%s$G$b6&DL(B
KEY="/etc/pki/dkim-filter/${SELECTOR}.private"

RETVAL=0

start() {
    echo -n $"Starting dkim-filter: "
    daemon --user milter \
        "umask 117; $PROG -p local:$SOCKET -d $DOMAINLIST -k $KEY -l -P $PID -s $SELECTOR"
    RETVAL=$?
    echo
    [ $RETVAL -eq 0 ] && touch /var/lock/subsys/dkim-filter
    return $RETVAL
}

stop() {
    echo -n $"Shutting down dkim-filter: "
    killproc $PROG
    rm -f $SOCKET
    RETVAL=$?
    echo
    return $RETVAL
}

restart() {
    stop
    start
}

case "$1" in
  start)
    start
    ;;

  stop)
    stop
    ;;
  restart)
    restart
    ;;
  status)
    status $PROG
    RETVAL=$?
    ;;
  *)
    echo $"Usage: $0 {start|stop|restart|status}"
    RETVAL=1
esac

exit;
$B5/F0%9%/%j%W%H$rM-8z2=!#(B 
% chkconfig --add dkim-filter; chkconfig dkim-filter on
postfix$B$K$O!"(Bmain.cf$B$K0J2<$r@_Dj$9$k!#(B 
smtpd_milters = unix:/var/milter/dkim-filter.socket
non_smtpd_milters = $smtpd_milters
$B$?$@$7!"%U%#%k%?$r7PM3$5$;$kL\E*$G(B $B0[$J$k(Btcp$B%]!<%H$r;H$C$FE>Aw$5$;$F$$$k$b$N$,$"$k>l9g$K$O!"(B master.cf $B$N3F%(%s%H%j$K(B 
  -o smtpd_milters=
$B$rDI2C$9$kI,MW$,$"$k!#(B($B8e=R$N(Bamavis$B$N@_Dj$G$OI,MW$H$J$k(B)

$B%&%$%k%98!=P!"%9%Q%`H=Dj(B

avavisd-new$B!"(Bspamassassin$B!"(Bclamd(clamav) $B$r(B yum$B!!$K$F%$%s%9%H!<%k!#(B /etc/group $B$rJT=8$7!"%f!<%6(B clamav $B$r%0%k!<%W(B amavis $B$KDI2C$7$F$*$/!#(B 
% yum install amavisd-new clamd spamassassin
% chkconfig --add amavisd; chkconfig amavisd on
% chkconfig --add spamassassin; chkconfig spamassassin on
% chkconfig --add clamd; chkconfig clamd on
% $B%(%G%#%?(B /etc/group
amavisd$B$N@_Dj$O(B/etc/amavisd.conf$B$K$F9T$&!#(B
  • $mydomain $B$r@_Dj(B
    $BJ#?t$N%I%a%$%s$r07$&$K$O(B @local_domains_maps $B$rD>@\=q$-49$($k!#(B
  • $BH=Dj$K4X$9$k%9%3%"$O(B $sa_tag_level_deflt$B!"(B$sa_tag2_level_deflt$B!"(B $sa_kill_level_deflt$B!"(B$sa_dsn_cutoff_level$B$r@_Dj(B
  • SPAM$BH=Dj$7$?%a!<%k$N%5%V%8%'%/%H$r2~JQ$7$J$$$?$a$K$O!"(B $sa_spam_subject_tag$B$r%3%a%s%H%"%&%H(B
    $B$^$?!"$I$s$J(BSPAM$B%a!<%k$G$bG[Aw$5$;$k$K$O(B $final_spam_destiny$B!!$r(B D_PASS$B!!$KJQ99(B
  • $B%&%$%k%9%9%-%c%J$H$7$F$O(B ClamAV-clamd$B$N$_$r@_Dj$7(B
    unix$B%I%a%$%s%=%1%C%H%U%!%$%k$r(B/var/run/clamav/clamd.socket$B$X2~JQ(B 
$mydomain = '$B%I%a%$%sL>(B';
...
$sa_tag_level_deflt  = 0.0;
$sa_tag2_level_deflt = 13.0;
#$sa_kill_level_deflt = 6.9;
#$sa_dsn_cutoff_level = 10;
...
#$sa_spam_subject_tag = '***SPAM*** ';
...
$final_spam_destiny       = D_PASS;
...
@av_scanners = (
### http://www.clamav.net/
['ClamAV-clamd',
  \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.socket"],
  qr/\bOK$/, qr/\bFOUND$/,
  qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# NOTE: run clamd under the same user as amavisd, or run it under its own
#   uid such as clamav, add user clamav to the amavis group, and then add
#   AllowSupplementaryGroups to clamd.conf;
# NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
#   this entry; when running chrooted one may prefer socket "$MYHOME/clamd".
);
postfix $B$X$O!"(B main.cf$B!!$K0J2<$r@_Dj$7!"(B 
content_filter=smtp-amavis:[127.0.0.1]:10024
master.cf $B$K$O0J2<$rDI5-$9$k!#(B 
smtp-amavis
          unix  -       -       n       -       2       smtp
  -o smtp_data_done_timeout=1200
  -o smtp_send_xforwardommand=yes
  -o disable_dns_lookups=yes
  -o smtpd_milters=
127.0.0.1:10025
          inet  n       -       n       -       -       smtpd
  -o content_filter=
  -o local_recipient_maps=
  -o relay_recipient_maps=
  -o smtpd_restriction_classes=
  -o smtpd_client_restrictions=
  -o smtpd_helo_restrictions=
  -o smtpd_sender_restrictions=
  -o smtpd_recipient_restrictions=permit_mynetworks,reject
  -o mynetworks=127.0.0.0/8
  -o strict_rfc821_envelopes=yes
  -o smtpd_error_sleep_time=0
  -o smtpd_soft_error_limit=1001
  -o smtpd_hard_error_limit=1000
  -o smtpd_milters=
/etc/clamd.conf $B$K$F!"(BLocalSocket $B$r@_Dj!#(B tcp$B@\B3$O9T$o$J$$$N$G3:Ev2U=j$O%3%a%s%H%"%&%H!#(B 
LocalSocket /var/run/clamav/clamd.socket
...
#TCPSocket 3310
...
#TCPAddr 127.0.0.1
spamassassin$B$N@_Dj%U%!%$%k(B(/etc/mail/spamassassin/$B0J2<(B)$B$O(B tlec$B%5%$%H$N$b$N$rD:$-!"Dj4|E*$J99?7$r@_Dj!#(B /etc/cron.weekly/spamassassin $B$r0J2<$NDL$j:n@.(B($B0lEY 
#!/bin/sh

if [ ! -d /etc/mail/spamassassin ]; then
    exit;
fi

cd /etc/mail/spamassassin

if [ -f user_prefs ]; then
    rm user_prefs;
fi

wget -qN http://tlec.linux.or.jp/docs/user_prefs
if [ ! -f user_prefs ]; then
    exit;
fi

echo "report_safe 0" >> user_prefs
mv user_prefs local.cf

/etc/rc.d/init.d/spamassassin restart >/dev/null
$B$=$NB>$N(B spamassassin $B@_Dj$H$7$F!"(B v310.pre $B$K$F0J2<$rM-8z$K$9$k!#(B 
loadplugin Mail::SpamAssassin::Plugin::TextCat
loadplugin Mail::SpamAssassin::Plugin::DomainKeys
Mail::SpamAssassin::Plugin::DomainKeys $B$K$O(B $B%Q%C%1!<%8(B perl-Mail-DomainKeys $B$N%$%s%9%H!<%k$,I,MW!#(B
v312.pre $B$K$F0J2<$rM-8z$K$9$k!#(B 
loadplugin Mail::SpamAssassin::Plugin::DKIM
$B"((Bv320.pre$B$H$"$o$;$F!"B>$K$b%m!<%I$7$?$$%W%i%0%$%s$,$"$l$PM-8z$K$9$k(B

$B%a!<%j%s%0%j%9%H(B

mailman$B$r;HMQ!#(B 
% yum install mailman
% chkconfig --add mailman; chkconfig mailman on
httpd(apache)$B$N@_Dj(B(/etc/httpd/conf.d/mailman.conf)$B$d(B mailman$B<+BN$N@_Dj$O>JN,!#(B

postfix$B@_Dj$^$H$a(B

main.cf $B$+$i4XO"9`L\$N$_H4?h(B: 
# Maildir
home_mailbox = Maildir/


# SMTP Auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes

smtpd_client_restrictions =
        permit_mynetworks,
        reject_non_fqdn_recipient,
        reject_unknown_recipient_domain,
        reject_rbl_client all.rbl.jp,
        permit

smtpd_sender_restrictions =
        permit_mynetworks,
        reject_non_fqdn_sender,
        reject_unknown_sender_domain,
        permit

smtpd_recipient_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_non_fqdn_recipient,
        reject_unlisted_recipient,
        reject_unknown_recipient_domain,
        reject_unauth_destination,
        check_policy_service unix:private/spf,          # spf
        check_policy_service inet:127.0.0.1:10023,      # postgrey
        permit_auth_destination,
        reject

# TLS/SSL
smtpd_use_tls                           = yes
smtpd_tls_received_header               = yes
smtpd_tls_cert_file                     = /etc/pki/postfix/mail.crt
smtpd_tls_key_file                      = /etc/pki/postfix/mail.key
smtpd_tls_ask_ccert                     = no
smtpd_tls_session_cache_database        = btree:/etc/postfix/smtpd_scache

smtp_use_tls                            = yes
smtp_tls_cert_file                      = /etc/pki/postfix/mail.crt
smtp_tls_key_file                       = /etc/pki/postfix/mail.key
smtp_tls_ask_ccert                      = no
smtp_tls_session_cache_database         = btree:/etc/postfix/smtp_scache

#dkim
smtpd_milters = unix:/var/milter/dkim-filter.socket
non_smtpd_milters = $smtpd_milters

# amavis
content_filter=smtp-amavis:[127.0.0.1]:10024

# mailman
owner_request_special = no
recipient_delimiter = +
master.cf $B$+$i4XO"9`L\$N$_H4?h(B: 
#
# SPF/SenderID (http://www.openspf.org/)
#
spf       unix  -       n       n       -       -       spawn
  user=nobody argv=/usr/libexec/postfix/postfix-policyd-spf.pl

#
# amavis
#
smtp-amavis
          unix  -       -       n       -       2       smtp
  -o smtp_data_done_timeout=1200
  -o smtp_send_xforwardommand=yes
  -o disable_dns_lookups=yes
  -o smtpd_milters=
127.0.0.1:10025
          inet  n       -       n       -       -       smtpd
  -o content_filter=
  -o local_recipient_maps=
  -o relay_recipient_maps=
  -o smtpd_restriction_classes=
  -o smtpd_client_restrictions=
  -o smtpd_helo_restrictions=
  -o smtpd_sender_restrictions=
  -o smtpd_recipient_restrictions=permit_mynetworks,reject
  -o mynetworks=127.0.0.0/8
  -o strict_rfc821_envelopes=yes
  -o smtpd_error_sleep_time=0
  -o smtpd_soft_error_limit=1001
  -o smtpd_hard_error_limit=1000
  -o smtpd_milters=

5.$B2TF/(B

chkconfig$B$GDI2C@_Dj$7$?%W%m%0%i%`$r(B /sbin/service $B%3%^%s%I$d(B $BD>@\(B /etc/rc.d/init.d/ $B0J2<$N$=$l$>$l$N%9%/%j%W%H$+$i5/F0$5$;$k!#(B
($B$"$k$$$O(BOS$B:F5/F0(B)
$B0J2<$N08@h$K%a!<%k$rAw$k$H(BSPF/SenderID$B!"(BDKIM$B$N%F%9%H$,$G$-$k!#(B
  • sa-test@sendmail.net

$BM>CL(B

$B>ZL@=q$O(B CAcert.org $B$"$?$j$GMQ0U$9$k$N$b5H!#(B $B$=$N:]$O(B postfix $B$G$O(B main.cf $B$K$F!"%@%&%s%m!<%I$7$?%k!<%H>ZL@=q$N@_Dj$r!#(B 
smtpd_tls_CAfile                        = /etc/postfix/certs/root.crt

smtp_tls_CAfile                         = /etc/postfix/certs/root.crt
dovecot $B$N>l9g$O!"(B $B%k!<%H>ZL@=q$r(B ssl_cert_file $B$KJq4^$5$;$k$h$&$@!#(B

2008/03/05$BDI5-(B1

$B?tB?$/$N08@h(B(To/Cc/Bcc)$B$r@_Dj$9$k$H(B postfix/cleanup $B$+$i%(%i!<%a%C%;!<%8$H$7$F(B 
... can't read SMFIC_HEADER reply packet header: Connection reset by peer
... milter-reject: END-OF-MESSAGE from $B%[%9%H(B[IP$B%"%I%l%9(B]: 4.7.1 Service unavailable - try again later; from=...
$B$,I=<($5$lAw?.$G$-$J$$LOMM!#(B
$B2r7h:v$OLO:wCf!#(B

2008/03/05$BDI5-(B2
dkim-milter $B$N%P!<%8%g%s$O(B 2.4.4 $B$,:G?7(B($B%W%l%j%j!<%9$J$i(B2.5.0$B$b$"$k(B)$B!#(B
tcp $B%=%1%C%H$G$bF0:n$9$k$3$H$,H=L@!#(B $B5/F0%9%/%j%W%H(B /etc/rc.d/init.d/dkim-filter $B$O0J2<$KJQ99$9$l$P$h$$!#(B ($BJQ?t(B SOCKET $B$H4XO"2U=j$rJQ99$7$?$@$1(B)
(snip)

#SOCKET=local:/var/milter/dkim-filter.socket
SOCKET=inet:10026

(snip)

start() {
    echo -n $"Starting dkim-filter: "
    daemon --user milter \
	"umask 117; $PROG -p $SOCKET -d $DOMAINLIST -k $KEY -l -P $PID -s $SELECTOR"
    RETVAL=$?
    echo
    [ $RETVAL -eq 0 ] && touch /var/lock/subsys/dkim-filter
    return $RETVAL
}

(snip)

stop() {
    echo -n $"Shutting down dkim-filter: "
    killproc $PROG
#   rm -f $SOCKET
    RETVAL=$?
    echo
    return $RETVAL
}
$B$^$?!"(Bpostfix $B$N(B dkim $B@_DjItJ,$b(B 
#dkim
#smtpd_milters = unix:/var/milter/dkim-filter.socket
smtpd_milters = inet:10026
non_smtpd_milters = $smtpd_milters
$B$KJQ99!#(B
$BB>$N%5!<%P$G(B dkim-filter $B$rF0$+$9>l9g$K$O(B 
smtpd_milters = inet:$B%5!<%P%[%9%H(B:10026
$B$H$9$l$P$h$$!#(B ($B%U%!%$%"%&%)!<%k$N@_DjEy$OI,MW$K1~$8$F@_Dj(B)

2009/03/10 $BDI5-(B
SPF/SenderID $B$K$D$$$F!"(BIIJ$B$+$i(B ENMA $B$,%j%j!<%9$5$l$F$$$k!#(B
Лучший частный хостинг