Fellow PLUGgers, I remember someone asking about how to have Postfix deliver mail to Cyrus using LMTP over TCP, particularly useful for situations where you want to deliver mail from a central MTA to a remote Cyrus server without needing an MTA on the Cyrus machine.
I set this up on our Debian GNU/Linux machines yesterday together with
my SASL work. My motivation for doing the LMTP over TCP delivery was to
make sure that mail would not bypass the content filtering (AMaViS and
SpamAssassin) on our central mail gateway.
The first step was to create a user recognized by the Cyrus server to
handle this mail. The "standard" seems to be to create a postman user
with a nice randomly-generated password.
Cyrus needs to treat this as an LMTP admin user. To accomplish this,
edit the /etc/imapd.conf file and enable the directive:
lmtp_admins: postman
You will also need to enable the LMTP TCP service. Edit /etc/cyrus.conf,
and in the SERVICES section enable the directive:
SERVICES {
...
lmtp cmd="lmtpd" listen="hostname:lmtp" prefork=0 maxchild=20
...
}
Note that you will need an lmtp service defined in /etc/services, which
at least in Debian isn't there. Add the following to /etc/services:
lmtp 24/tcp # Private mail system
This change to /etc/services needs to be done on both the Cyrus server
machine and the Postfix server machine.
Restart Cyrus using
# /etc/init.d/cyrus21 restart
and we're halfway through.
On the mail gateway running Postfix, create a file
/etc/postfix/sasl_passwd readable only by root (or by root.postfix,
which will work too). The syntax is:
dest_hostname username:password
You need to "compile" it using
# postmap /etc/postfix/sasl_passwd
The following directives also need to be added to the
/etc/postfix/main.cf file:
# LMTP Delivery for Cyrus
# The following options set parameters needed by Postfix to enable
# delivery to Cyrus via LMTP over TCP.
lmtp_sasl_auth_enable = yes
lmtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
lmtp_sasl_security_options =
lmtp_destination_concurrency_limit = 100
lmtp_destination_recipient_limit = 0
The last step will be to have mail for the destination to go through
LMTP. In my case this simply meant a transport map entry in
/etc/postfix/transports:
virtual.dom.ain lmtp:[cyrus.host.name]
I thank Henrique de Moraes Holschuh <[EMAIL PROTECTED]> who maintains the
Debian cyrus21 packages. The file
/usr/share/doc/cyrus21-common/README.postfix.gz was pretty much all I
needed to get LMTP over TCP up and running. :)
--> Jijo
--
Federico Sevilla III : http://jijo.free.net.ph : When we speak of free
Network Administrator : The Leather Collection, Inc. : software we refer to
GnuPG Key ID : 0x93B746BE : freedom, not price.
pgp00000.pgp
Description: PGP signature
-- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
