• HowTo
• Virtual+Postfix+Dspam+Dovecot

Please but this in adequate english. Thanks. TBD:

• configure dovecot to take user config from a very simplified ldap scheme
• configure postfix to use dovecot as authentication service
• show ldap entries
• show dovecot and postfix ldap query config

Description

This example constructs a lean and mean email system with virtual users in postfix.

The way of a mail through the system:

--smtp--> [ MTA ] --lmtp--> [DSPAM] --lmtp--> [DOVECOT] ---> (virtual Mailbox)
           |     \                             /
         milter   ---------[OpenLDAP]----------
           v
       Virus Scan

The focus lies on a small system impact for each mail. That's why the mail delivery doesn't spawns new processes but talks lmtp to daemons.

Very simple LDAP entries will be used for userdb and passdb.

Now lets follow the steps to get there.

dovecot

• listen as unprivileged user on an inet socket for incoming lmtp connections:

service lmtp {
  user          = vmail

  inet_listener lmtp {
    address     = 127.0.0.1
    port        = 24
  }
}

dspam

daemon

Here are the config options for the dspam daemon.

• send scanned mails via lmtp to dovecot:

dspam.conf:
  DeliveryProto           LMTP
  DeliveryHost            127.0.0.1
  DeliveryPort            24
  DeliveryIdent           localhost

• listen in an inet socket for incoming lmtp traffic (from postfix) to scan and for dspam traffic (from dspam clients) to train:

dspam.conf:
  ServerHost              127.0.0.1
  ServerPort              2424
  ServerMode              auto
  ServerPass.client       "password"

• ServerMode        auto accepts lmtp traffic and a dspam specific protocol for training.

• ServerPass.client "password" sets the password for the user "client". This will be used by dspam clients to connect to the server for training.

• When the dspam server is running as an unprivileged user add this user as to be trusted:

dspam.conf:
  Trust                   dspam-user

Client

Here are the config options for the dspam client to be able to train later. The options are configured in the same config file as for the server. Take care that the file is readable by the user that tries to train late on. In this case the user is "vmail". It will be used by the antispam plugin of dovecot.

dspam.conf:
  Trust                   vmail
  ClientHost              127.0.0.1
  ClientPort              2424
  #
  # matches ServerPass.client     "password"
  #
  ClientIdent             "password@client"

Postfix

deliver mail for virtual users via lmtp to the dspam scanner:

main.cf:
   virtual_transport  = lmtp:inet:localhost:2424

LDAP