#!/bin/bash FQDN=$(hostname -f) DOM=$(hostname -f | cut -f 2- -d.) apt -y purge postfix dovecot-core dovecot-imapd dovecot-lmtpd mailutils rm -fr /etc/skel/Maildir/ echo "Jeder neue Benutzer bekommt diese Dateien im Homeverzeichnis" mkdir -p /etc/skel/Maildir/{cur,new,tmp} echo 'export MAIL=$HOME/Maildir' >> /etc/skel/.bashrc echo "Grundinstallation Postfix und Dovecot" apt update echo "Debconf Antworten setzen (keine interaktive Abfrage)" echo "postfix postfix/mailname string mail.int" | debconf-set-selections echo "postfix postfix/main_mailer_type string Internet Site" | debconf-set-selections echo Installation ohne Dialoge DEBIAN_FRONTEND=noninteractive apt -y install postfix dovecot-core dovecot-imapd dovecot-lmtpd mailutils echo "setze Mailname" echo $FQDN > /etc/mailname echo Installiere main.cf cat < /etc/postfix/main.cf smtpd_banner = ESMTP (Debian/GNU) biff = no append_dot_mydomain = no readme_directory = no compatibility_level = 3.6 smtpd_tls_cert_file = /etc/ssl/own.crt smtpd_tls_key_file = /etc/ssl/own.key smtpd_tls_security_level=may smtp_tls_CApath=/etc/ssl/certs smtp_tls_security_level=may smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination myhostname = $FQDN alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = $FQDN, localhost.$DOM, $DOM, localhost relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all home_mailbox = Maildir/ mailbox_command = smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes HERE echo Installiere master.cf cat < /etc/postfix/master.cf smtp inet n - y - - smtpd pickup unix n - y 60 1 pickup cleanup unix n - y - 0 cleanup qmgr unix n - n 300 1 qmgr tlsmgr unix - - y 1000? 1 tlsmgr rewrite unix - - y - - trivial-rewrite bounce unix - - y - 0 bounce defer unix - - y - 0 bounce trace unix - - y - 0 bounce verify unix - - y - 1 verify flush unix n - y 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - y - - smtp relay unix - - y - - smtp -o syslog_name=postfix/$service_name showq unix n - y - - showq error unix - - y - - error retry unix - - y - - error discard unix - - y - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - y - - lmtp anvil unix - - y - 1 anvil scache unix - - y - 1 scache postlog unix-dgram n - n - 1 postlogd maildrop unix - n n - - pipe flags=DRXhu user=vmail argv=/usr/bin/maildrop -d ${recipient} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FRX user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} smtps inet n - y - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes HERE cat < /etc/dovecot/conf.d/10-master.conf service imap-login { inet_listener imap { } inet_listener imaps { } } service pop3-login { inet_listener pop3 { } inet_listener pop3s { } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { mode = 0600 user = postfix group = postfix } } service auth { unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } } service auth-worker { } HERE cat < /etc/dovecot/conf.d/10-ssl.conf ssl = yes ssl_server_cert_file = /etc/ssl/own.crt ssl_server_key_file = /etc/ssl/own.key ssl_min_protocol = TLSv1.2 HERE cat < /etc/dovecot/conf.d/10-mail.conf mail_driver = maildir mail_home = /home/%{user | username} mail_path = %{home}/Maildir namespace inbox { inbox = yes } mail_privileged_group = mail protocol !indexer-worker { } HERE if [ ! -f /etc/ssl/own.crt ]; then cat < /etc/ssl/own.crt -----BEGIN CERTIFICATE----- MIIFDzCCAvegAwIBAgIUNoGnreAwkoQqp3TK/ARqG9YzCFgwDQYJKoZIhvcNAQEL BQAwETEPMA0GA1UEAwwGY2EuY3J0MB4XDTI1MDYyNjA3MTcxMFoXDTI3MDYyNjA3 MTcxMFowFjEUMBIGA1UEAwwLKi5pdDIxMy5pbnQwggIiMA0GCSqGSIb3DQEBAQUA A4ICDwAwggIKAoICAQCOXnGlGRDzo8m/BgNa+oW5h6e6lwYQIrkECVEXlJhqP9bw WeP2UFWiSJXmLYIkHlWW5xwY448WjZlOOoERvZP46XjD+9cWTvKX03p0CRuMZqm0 +wrUGKFf1Q3eHaRv8rK+IdNgMkoEYZbl1B8JtK8mXDsTExqnRnVJoWeDjkDN/uIQ ex8i8EielNx5U2ztf5dVMbKICp1eKxPIkDphsb4fEuJrUO97eYcAUuhPxNGkVY3G SEccbmsrX17Fq6UrRMOUd30sVRnOyA0OJ2ZRTrr9JLwLb1a+Snl11thIzgAY8xbE +ntVVNMFCifXhNBfYafGxhQ3LagVrXR/3jKVqZQdqVCai0jILaNJNMJkxSxtlLyX H/OraVJskJx9CagA6ipqWN4AFM45C5KcpN0SseS4sT4Ukke4VKonWi+At9gPgSD1 eTLRZXnxkPY6bVqxbs1FCFV7qN+wvQXKELx98CYx+OE2QPQagA0gvb0d9VQ/4lsv Kl9sBzthaMrj7A/s16Lx8uvNnt1tEH/5GZXU9Fsg4bNv/hj6oXKQ9xxlCLErwQs5 b20CBc0wBNtgZTerfVZz9nzXx1oPk28CvCMCobMDhcEMgnDSy/WrMTPDiELoD5yU XfT2dYZEpI34eMWx+tVVY57i6p11WUp79uo+VH95O3N3r8C0vkuxbHX9J1OJgwID AQABo1owWDAWBgNVHREEDzANggsqLml0MjEzLmludDAdBgNVHQ4EFgQUxT8e4euj q1vgGcURcuC+oQl60hkwHwYDVR0jBBgwFoAUQBYyH7acj+9rY82XWP1oMitZWp8w DQYJKoZIhvcNAQELBQADggIBAEbd8TJq2M1FiKz+WaoxrHRzcNZcfIbHF98BX7SM ngFmE/oEFkBpKM94D7z50B2tsM8j3AvDVj9DTajBtwElAU8hqr+/Nxto7S7mYANk BSRqyMJkrg5BDKpPyCIHTU3jZRJeGGGHPoXPt7nxqy+i2EarIDEabuLST8cQGwLS QVF24JLPXtYfQJgk1xFlvQ8+qxt/df9TLeETTSx7GCjuBwJe792tvTgvNTFZGD0B ipa7CMpN/mF+4wzNqX/kPf7ijijjABbToIasOWQkMtbod0GwaxiHcvvbxAk4Jj1p ZQeJljlB6GQQHFqkF+CWE8pkxw8Ofl99UPIOKaCw15mfZk/fiML/1Fp2YRrzjmVb ZiPmEujClXGKXYs3oCfqM0qxeNeepZqbF74mciXoA8qQvDOS9NSf+P6yeg49h3m1 iXNMQM1WGi2QpA8pV9OtflhZqKTLrRo/cQ42EX0ID71PCJkl5t0lph8n29Hq33qB /1sR1mfQIXuTOQ/zHEogu2GI7AZ8qMrA80uegL/1xrHBmT+caxSKKYTBd9K4IXid oS4LUPdccGOexrSzuGDrLSzFrwfnpmSdhq7Y4J8ujaygc7SOQgzA27sK8ZJ/2Qut su/rZHCLra8PAyvpZO9aMC3Mp/icGsxs/8j0sr5be6U6rEZCSyPDXZywfEuq64sl KT89 -----END CERTIFICATE----- HERE fi if [ ! -f /etc/ssl/own.key ]; then cat < /etc/ssl/own.key -----BEGIN PRIVATE KEY----- MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQCOXnGlGRDzo8m/ BgNa+oW5h6e6lwYQIrkECVEXlJhqP9bwWeP2UFWiSJXmLYIkHlWW5xwY448WjZlO OoERvZP46XjD+9cWTvKX03p0CRuMZqm0+wrUGKFf1Q3eHaRv8rK+IdNgMkoEYZbl 1B8JtK8mXDsTExqnRnVJoWeDjkDN/uIQex8i8EielNx5U2ztf5dVMbKICp1eKxPI kDphsb4fEuJrUO97eYcAUuhPxNGkVY3GSEccbmsrX17Fq6UrRMOUd30sVRnOyA0O J2ZRTrr9JLwLb1a+Snl11thIzgAY8xbE+ntVVNMFCifXhNBfYafGxhQ3LagVrXR/ 3jKVqZQdqVCai0jILaNJNMJkxSxtlLyXH/OraVJskJx9CagA6ipqWN4AFM45C5Kc pN0SseS4sT4Ukke4VKonWi+At9gPgSD1eTLRZXnxkPY6bVqxbs1FCFV7qN+wvQXK ELx98CYx+OE2QPQagA0gvb0d9VQ/4lsvKl9sBzthaMrj7A/s16Lx8uvNnt1tEH/5 GZXU9Fsg4bNv/hj6oXKQ9xxlCLErwQs5b20CBc0wBNtgZTerfVZz9nzXx1oPk28C vCMCobMDhcEMgnDSy/WrMTPDiELoD5yUXfT2dYZEpI34eMWx+tVVY57i6p11WUp7 9uo+VH95O3N3r8C0vkuxbHX9J1OJgwIDAQABAoICADl4KFnj13LyP+MrczlLfaWZ +/wXMKxcx+C4PhLNugTRxlr5fksUvKyorlHfNvSLhjNHEZF+cmlBOYxZk3Zs14mX /Vbnlzh7H/RnuruSXZt8aa8T05gwZRwBLfrmblV+W+biUqg3RKemGTqnOOw7EqTi gDo/8PdrOrdBPz7cso41AF50xOneowHYx3L2WTc51QXf7Nh7qHC15OOGTPrYvA1h GyME5dcrBHL+BKcGpTW4D2XmEUaJ0BsPAXu7wQ3JUUXiQhYeOC+/k32OLABQTq0X Ig1foV1pRMRruJ0TAvkPT7auAhE9D32uTszx4QdPrWFQ3iIz/PDbNvbS5AqEDLSe VNedg5t4dms9trzC1wWDSRVFkOPk/JKBT3/xbbTSedpG7Pcj5Z16+pTWebZfAXps Xl211AuvhYPQFOZh400/gIt/9jZNib1WaI7xmwYcW5t8d7YfFRbdNi2vq8NIpBQT p568hiQSzK2PKBdXNPgS6AoOVd4g50E+6V3q3cZ/hvvdL8cj/TJ7g2RFQFbDRXZ2 6JaUEBx9+hfLFKGpyFemjbco9NJJdm5N6nkrnsEDxeZRzNZF35ROlopkSA01Ldwo ZTp4709KxdMXW62i2JEGoC8YJIXYD7lXF1QbuQQStrnPJCYvFylcST0/My6T0Pxp CUAXDTLAgO6vnMxixA7hAoIBAQDDHs/hQPhjTXWCc6X5s6WCBOk9Gxv0E3L7b0Xh 6hheaoCLDcWubrs69g6nrNLvB+49Bw1IMNeGtj1Is1o6dXXAjwDIh1Ieg4EfDPZs iyIapePktKNMTlwPpPRTsOkaweEYCvb//BkBBPmu7DgSmZxdJfsp3AnXIyphd1/i BFa7ul7KBCUXFa2s8iT4KGxGhNe8K9bL3MnJcKKqjlvvkgPwdb0UoyFtg8VJcIjV WnbgpShAP/wYFJfuxi/Pa9UkA6SsQdr8qndLWr1wpvd1fCty6rPLCUVezEb70Mzk URYoHYamxrtD9ZQN0Qj6qcMNhdP2rTztnMITfpK/KKjfO0nTAoIBAQC6yh/f7Z3g cCuKkyfepMdQuvu60jLBXnLm6qVuz8xidjyIfINunrnLsfOsIVQzimrtDSMFccbx TNw+eaivAsoIH1p0yufRdO0PvbADngvgEFmjkEDfhZzYD/ASDToUndtikTCIscj+ cGquV3L/68ZeJDYFVT/srCwDycwNQsx4bH64gKe6vqgSERs4SawcX4Fk8PljGKlv cabfcdb805+zqAn6WYR8/cGWeTObXGG16UF+/cY5az5uqhKKr2cJZe4QXFHLCyXO ESHcKQASSl8kVSgheTSeuAq7+spMZplAb4RJHDB7zbPMwDNqBX5ukTYU9umOrSXK 6/BKbe4vkcORAoIBAFnmtHlg6hE2+1Gj33FxqGyDvsN83iBTZcMbveMdbSTzhU6M heyc8H92J8JyCq4/xTExMpl0h5l2Fj6NBKGyxRJ30TCTyO5uQOwBmPjiElCc5qfV 4vehkyFSK5D0DjNZ6VCenLfNe+fQVwqVpDBNvpHckiDzVUVe2oQV8IO+5AeTE2GZ D03XmzH4T7hXR6wmQRBeUpWToRXDY++ZsBpt+IqudPQxRZGkCR6RTzqed++BqU4R LSIbOvW1Mwoq8QWq+BC2NyP7lwONR4PEKnhjQdGs+jIuj1viW0JjLkR0Z/ULxaLK JjZlzFWhXrW/yjNM2iDqKQyCEZnR0+Nn5IcWVikCggEARnYMxBoMnidyJVoRhik+ jrOaVgUI5GzOh1Eoir6UaOgVOZ9OrSHvEGnWc6425yJl53o3JcyfsVK/GkomWa6B q8K4Cqqn/BlRe8igZxzted5xEgROlIMAgXixpP2cVT6fDXWbi1UVbvXVKGMQnH3C XKzoO+bGsG7aQ6uR78as/xheTRcrLoTRPc96JyeTZziXxQ4p5TneYI3M1ylIYiMq cUkISooOMmA+8JZT411b9pVBAbiVV/+ek3xQdkRoZ+EthrpsmF1iK3PHBBfrUPsB HOGKu+XO9biTRAn82gkx8l6e1j1uBKW6F5jBTFM6OFdKwWnK/OlQAlYyVMFXQlaI IQKCAQAu9viWCwOVth/5xKyxJ+Rmc5S5Av2a32oNo/YDTttD/zWtwUkns6nzJclT 8bfZDns8fAVtC1toDAFLBW9g/KGI6/bxdG5fKJTO43EHq+UJNo/2gSgNyjS5aT9m hfQYaHhjWHG6tZPTyWZS1eBFEG74mqm0tEqt1SAHMpRUvbeoIt+Dg2HfatuLZI7f jUbUnT2GRvEUtcA8BzBn0n6fsSjCIUJgmq/UgH+MB9rYFv2W19PN5XAYfl4HBF3T iJwz2K6mFOg50SvgPk2LHnaHZ0XbcK4g3mPXoIN0DCSuKWdRoVRAFsBZ9M1I1GjD ph/XzvH+JD09rY/o+sYHICbeN1h5 -----END PRIVATE KEY----- HERE fi systemctl restart postfix systemctl restart dovecot