Postfix Mailgateway
Netzkonfiguration MAILGW-Server (DMZ)
| Parameter | Wert | Erläuterung |
|---|---|---|
| Netzwerk (NIC) | DMZ | Interface-Zuweisung in VirtualBox |
| IP | 10.88.2XX.49 | Statische IP |
| CIDR | 24 | Classless Inter-Domain Routing Präfixlänge |
| GW | 10.88.2XX.1 | GATEWAY |
| NS | 10.88.2XX.21 | Resolver |
| FQDN | mail-gw.it2XX.int | Fully Qualified Domain Name |
| SHORT | mail-gw | Short Name |
| DOM | it2XX.int | Domain Name |
- Anpassen des Templates
oder
- debian-setup.sh -f mail-gw.it2XX.int -a 10.88.2XX.49/24 -g 10.88.2XX.1 -n 10.88.2XX.21
Einfügen in die ~/.ssh/config
- als kit user
- Auf dem Host über den ProxyJump eintragen
Auf dem MAILGW
Installation
- apt install postfix
no configuration
Konfiguration
- vi /etc/postfix/main.cf
compatibility_level = 3.9
myhostname = mail-gw.it213.int
myorigin = /etc/mailname
mydomain = it213.int
smtpd_banner = $myhostname ESMTP $mail_name (Debian)
biff = no
inet_protocols = ipv4
inet_interfaces = all
# Kein finaler Empfaenger
mydestination =
mailbox_size_limit = 0
recipient_delimiter = +
# Relay
relay_domains = it213.int
transport_maps = hash:/etc/postfix/transport
# Netzwerk
mynetworks = 127.0.0.0/8
# TLS
smtpd_tls_key_file = /etc/ssl/own.key
smtpd_tls_cert_file = /etc/ssl/own.crt
smtpd_tls_security_level = may
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks defer_unauth_destination
Mailrouting anlege
- echo "it213.int smtp:[mail.it213.int]:25" > /etc/postfix/transport
- postmap /etc/postfix/transport
- postfix reload