elmau
/
iredmail-doc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Renamed: en_US/howto/1-enable.insecure.smtp.md -> en_US/howto/1-enable.smtp.auth.on.port.25.md.

This commit is contained in:
Zhang Huangbin 2016-05-23 18:53:39 +08:00
parent 3ea132a3d7
commit b037e2bf5c
9 changed files with 168 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
en_US/howto/1-enable.insecure.smtp.md → en_US/howto/1-enable.smtp.auth.on.port.25.md
View File

@ -1,4 +1,4 @@
# Enable insecure SMTP service on port 25
# Enable SMTP SASL AUTH on port 25
Since iRedMail-0.9.5, SMTP auth on port 25 is disabled by default, all end
users are forced to send email through port 587 (SMTP over TLS). If you need
@ -38,4 +38,10 @@ smtpd_tls_security_level = may
* Restart or reload Postfix service.
!!! warning
With `smtpd_tls_auth_only = yes`, it requires clients to enable STARTTLS
for secure connection, if you don't want this for some reason, please
comment it out.
That's all.

52
en_US/upgrade/0-upgrade.iredmail.0.9.4-0.9.5.md
View File

@ -332,55 +332,9 @@ Open Amavisd config file `amavisd.conf`, add below lines in BEFORE the last line
* on OpenBSD: it's `/etc/amavisd.conf`.
```
# Custom short log template (at log_level 0), add SpamAssassin testing result (Tests: [xxx])
#
# Note: You can find the original log template at the bottom of
# /usr/sbin/amavisd-new.
$log_templ = '
[?%#D|#|Passed #
[? [:ccat|major] |#
OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER-[:ccat|minor]|SPAMMY|SPAM|\
UNCHECKED[?[:ccat|minor]||-ENCRYPTED|]|BANNED (%F)|INFECTED (%V)]#
{[:actions_performed]}#
,[?%p|| %p][?%a||[?%l|| LOCAL] [:client_addr_port]][?%e|| \[%e\]] [:mail_addr_decode_octets|%s] -> [%D|[:mail_addr_decode_octets|%D]|,]#
[? %q ||, quarantine: %q]#
[? %Q ||, Queue-ID: %Q]#
[? %m ||, Message-ID: [:mail_addr_decode_octets|%m]]#
[? %r ||, Resent-Message-ID: [:mail_addr_decode_octets|%r]]#
[? %i ||, mail_id: %i]#
, Hits: [:SCORE]#
, size: %z#
[? [:partition_tag] ||, pt: [:partition_tag]]#
[~[:remote_mta_smtp_response]|["^$"]||[", queued_as: "]]\
[remote_mta_smtp_response|[~%x|["queued as ([0-9A-Za-z]+)$"]|["%1"]|["%0"]]|/]#
#, Subject: [:dquote|[:mime2utf8|[:header_field_octets|Subject]|100|1]]#
#, From: [:uquote|[:mail_addr_decode_octets|[:rfc2822_from]]]#
[? [:dkim|sig_sd] ||, dkim_sd=[:dkim|sig_sd]]#
[? [:dkim|newsig_sd] ||, dkim_new=[:dkim|newsig_sd]]#
, %y ms#
[? %#T ||, Tests: \[[%T|,]\]]#
]
[?%#O|#|Blocked #
[? [:ccat|major|blocking] |#
OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER-[:ccat|minor]|SPAMMY|SPAM|\
UNCHECKED[?[:ccat|minor]||-ENCRYPTED|]|BANNED (%F)|INFECTED (%V)]#
{[:actions_performed]}#
,[?%p|| %p][?%a||[?%l|| LOCAL] [:client_addr_port]][?%e|| \[%e\]] [:mail_addr_decode_octets|%s] -> [%O|[:mail_addr_decode_octets|%O]|,]#
[? %q ||, quarantine: %q]#
[? %Q ||, Queue-ID: %Q]#
[? %m ||, Message-ID: [:mail_addr_decode_octets|%m]]#
[? %r ||, Resent-Message-ID: [:mail_addr_decode_octets|%r]]#
[? %i ||, mail_id: %i]#
, Hits: [:SCORE]#
, size: %z#
[? [:partition_tag] ||, pt: [:partition_tag]]#
#, Subject: [:dquote|[:mime2utf8|[:header_field_octets|Subject]|100|1]]#
#, From: [:uquote|[:mail_addr_decode_octets|[:rfc2822_from]]]#
[? [:dkim|sig_sd] ||, dkim_sd=[:dkim|sig_sd]]#
[? [:dkim|newsig_sd] ||, dkim_new=[:dkim|newsig_sd]]#
, %y ms#
[? %#T ||, Tests: \[[%T|,]\]]#
]';
# Always log verbose info of processed mail, including subject, SpamAssassin
# testing results, etc, useful for troubleshooting..
$log_templ = $log_verbose_templ;
```
Restarting Amavisd service is required.

6
html/enable.insecure.smtp-it_IT.html
View File

@ -15,11 +15,7 @@
/> 
<span>iRedMail</span>
</a>
&nbsp;&nbsp;//&nbsp;&nbsp;<a href="./index.html">Document Index</a></div><div class="admonition note">
<p class="admonition-title">This tutorial is available in other languages</p>
<p><a href="./enable.insecure.smtp.html">English</a> /</p>
</div>
<h1 id="abilitare-servizio-non-protetto-smtp-su-porta-25">Abilitare servizio non protetto SMTP su porta 25</h1>
&nbsp;&nbsp;//&nbsp;&nbsp;<a href="./index.html">Document Index</a></div><h1 id="abilitare-servizio-non-protetto-smtp-su-porta-25">Abilitare servizio non protetto SMTP su porta 25</h1>
<p>Sin dalla versione 0.9.5 di iRedMail, l'autenticazione su porta 25 è disabilitata per default, tutti gli utenti sono costretti a mandare email attraverso la posta 587 (SMTP over TLS). Se avete la necessità di abilitare l'autenticazione insicura sulla porta 25, per qualsivoglia motivo, seguite i passi sotto elencati per abilitarla.</p>
<div class="admonition nota">
<p class="admonition-title">Nota</p>

10
html/enable.insecure.smtp.html
View File

@ -2,7 +2,7 @@
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Enable insecure SMTP service on port 25</title>
<title>Enable SMTP SASL AUTH on port 25</title>
<link rel="stylesheet" type="text/css" href="./css/markdown.css" />
</head>
<body>
@ -19,7 +19,7 @@
<p class="admonition-title">This tutorial is available in other languages</p>
<p><a href="./enable.insecure.smtp-it_IT.html">Italiano</a> /</p>
</div>
<h1 id="enable-insecure-smtp-service-on-port-25">Enable insecure SMTP service on port 25</h1>
<h1 id="enable-smtp-sasl-auth-on-port-25">Enable SMTP SASL AUTH on port 25</h1>
<p>Since iRedMail-0.9.5, SMTP auth on port 25 is disabled by default, all end
users are forced to send email through port 587 (SMTP over TLS). If you need
to allow insecure SMTP auth on port 25 for some reason, please follow steps
@ -58,6 +58,12 @@ smtpd_tls_security_level = may
<ul>
<li>Restart or reload Postfix service.</li>
</ul>
<div class="admonition warning">
<p class="admonition-title">Warning</p>
<p>With <code>smtpd_tls_auth_only = yes</code>, it requires clients to enable STARTTLS
for secure connection, if you don't want this for some reason, please
comment it out.</p>
</div>
<p>That's all.</p><div class="footer">
<p style="text-align: center; color: grey;">All documents are available in <a href="https://bitbucket.org/zhb/iredmail-docs/src">BitBucket repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. You can <a href="https://bitbucket.org/zhb/iredmail-docs/get/tip.tar.bz2">download the latest version</a> for offline reading. If you found something wrong, please do <a href="http://www.iredmail.org/contact.html">contact us</a> to fix it.</p>
</div>

66
html/enable.smtp.auth.on.port.25-it_IT.html Normal file
View File

@ -0,0 +1,66 @@
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Abilitare servizio non protetto SMTP su porta 25</title>
<link rel="stylesheet" type="text/css" href="./css/markdown.css" />
</head>
<body>
<div id="navigation">
<a href="/index.html" target="_blank">
<img alt="iRedMail web site"
src="./images/logo-iredmail.png"
style="vertical-align: middle; height: 30px;"
/>&nbsp;
<span>iRedMail</span>
</a>
&nbsp;&nbsp;//&nbsp;&nbsp;<a href="./index.html">Document Index</a></div><div class="admonition note">
<p class="admonition-title">This tutorial is available in other languages</p>
<p><a href="./enable.smtp.auth.on.port.25.html">English</a> /</p>
</div>
<h1 id="abilitare-servizio-non-protetto-smtp-su-porta-25">Abilitare servizio non protetto SMTP su porta 25</h1>
<p>Sin dalla versione 0.9.5 di iRedMail, l'autenticazione su porta 25 è disabilitata per default, tutti gli utenti sono costretti a mandare email attraverso la posta 587 (SMTP over TLS). Se avete la necessità di abilitare l'autenticazione insicura sulla porta 25, per qualsivoglia motivo, seguite i passi sotto elencati per abilitarla.</p>
<div class="admonition nota">
<p class="admonition-title">Nota</p>
</div>
<p>Se avete la necessita di far usare solo ad un piccolo numero di utenti la porta 25m per esempio una stampante di rete o vecchi apparati di rete che non sopportano connessioni sicure, potete invece provare questo altro tutorial: <a href="./additional.smtp.port.html">Abilitare apparati interni di rete a mandare mail su connessione insicura</a></p>
<ul>
<li>Trovate le configurazioni commentate, mostrate qui sotto, nel file di configurazione di Postfix <code>/etc/postfix/main.cf</code> (linux/OpenBDS) oppure <code>/usr/local/etc/postfix/main.cf</code> per FreeBSD:</li>
</ul>
<pre><code>#
# Enable SASL authentication on port 25 and force TLS-encrypted SASL authentication.
# WARNING: NOT RECOMMENDED to enable smtp auth on port 25, all end users should
# be forced to submit email through port 587 instead.
#
#smtpd_sasl_auth_enable = yes
#smtpd_tls_auth_only = yes
#smtpd_sasl_security_options = noanonymous
#smtpd_tls_security_level = may
</code></pre>
<ul>
<li>decommentate le ultime 4 righe:</li>
</ul>
<pre><code>smtpd_sasl_auth_enable = yes
smtpd_tls_auth_only = yes
smtpd_sasl_security_options = noanonymous
smtpd_tls_security_level = may
</code></pre>
<ul>
<li>Riavvia o ricarica il servizio Postfix</li>
</ul>
<p>Questo è tutto.</p><div class="footer">
<p style="text-align: center; color: grey;">All documents are available in <a href="https://bitbucket.org/zhb/iredmail-docs/src">BitBucket repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. You can <a href="https://bitbucket.org/zhb/iredmail-docs/get/tip.tar.bz2">download the latest version</a> for offline reading. If you found something wrong, please do <a href="http://www.iredmail.org/contact.html">contact us</a> to fix it.</p>
</div>
<script type="text/javascript">
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-3293801-21', 'auto');
ga('send', 'pageview');
</script>
</body></html>

79
html/enable.smtp.auth.on.port.25.html Normal file
View File

@ -0,0 +1,79 @@
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Enable SMTP SASL AUTH on port 25</title>
<link rel="stylesheet" type="text/css" href="./css/markdown.css" />
</head>
<body>
<div id="navigation">
<a href="/index.html" target="_blank">
<img alt="iRedMail web site"
src="./images/logo-iredmail.png"
style="vertical-align: middle; height: 30px;"
/>&nbsp;
<span>iRedMail</span>
</a>
&nbsp;&nbsp;//&nbsp;&nbsp;<a href="./index.html">Document Index</a></div><div class="admonition note">
<p class="admonition-title">This tutorial is available in other languages</p>
<p><a href="./enable.smtp.auth.on.port.25-it_IT.html">Italiano</a> /</p>
</div>
<h1 id="enable-smtp-sasl-auth-on-port-25">Enable SMTP SASL AUTH on port 25</h1>
<p>Since iRedMail-0.9.5, SMTP auth on port 25 is disabled by default, all end
users are forced to send email through port 587 (SMTP over TLS). If you need
to allow insecure SMTP auth on port 25 for some reason, please follow steps
below to enable it.</p>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>If you have just few clients need to send email through port 25, e.g.
network printer, old network devices which don't support secure
connection, you may try another tutorial instead:
<a href="./additional.smtp.port.html">Allow internal network devices to send email with insecure connection</a></p>
</div>
<ul>
<li>Find comment out settings in Postfix config file <code>/etc/postfix/main.cf</code>
(Linux/OpenBSD) or <code>/usr/local/etc/postfix/main.cf</code> (FreeBSD):</li>
</ul>
<pre><code>#
# Enable SASL authentication on port 25 and force TLS-encrypted SASL authentication.
# WARNING: NOT RECOMMENDED to enable smtp auth on port 25, all end users should
# be forced to submit email through port 587 instead.
#
#smtpd_sasl_auth_enable = yes
#smtpd_tls_auth_only = yes
#smtpd_sasl_security_options = noanonymous
#smtpd_tls_security_level = may
</code></pre>
<ul>
<li>uncomment the last 4 lines:</li>
</ul>
<pre><code>smtpd_sasl_auth_enable = yes
smtpd_tls_auth_only = yes
smtpd_sasl_security_options = noanonymous
smtpd_tls_security_level = may
</code></pre>
<ul>
<li>Restart or reload Postfix service.</li>
</ul>
<div class="admonition warning">
<p class="admonition-title">Warning</p>
<p>With <code>smtpd_tls_auth_only = yes</code>, it requires clients to enable STARTTLS
for secure connection, if you don't want this for some reason, please
comment it out.</p>
</div>
<p>That's all.</p><div class="footer">
<p style="text-align: center; color: grey;">All documents are available in <a href="https://bitbucket.org/zhb/iredmail-docs/src">BitBucket repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. You can <a href="https://bitbucket.org/zhb/iredmail-docs/get/tip.tar.bz2">download the latest version</a> for offline reading. If you found something wrong, please do <a href="http://www.iredmail.org/contact.html">contact us</a> to fix it.</p>
</div>
<script type="text/javascript">
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-3293801-21', 'auto');
ga('send', 'pageview');
</script>
</body></html>

2
html/index.html
View File

@ -85,7 +85,7 @@
<li><a href="allow.certain.users.to.send.email.as.different.user.html">Allow certain users to send email as another user</a></li>
<li><a href="change.mail.attachment.size.html">Change mail attachment size</a></li>
<li><a href="completely.disable.amavisd.clamav.spamassassin.html">Completely disable Amavisd + ClamAV + SpamAssassin</a></li>
<li><a href="enable.insecure.smtp.html">Enable insecure SMTP service on port 25</a></li>
<li><a href="enable.smtp.auth.on.port.25.html">Enable SMTP SASL AUTH on port 25</a></li>
<li><a href="enable.smtps.html">Enable SMTPS service (SMTP over SSL, port 465)</a></li>
<li><a href="disable.spam.virus.scanning.for.outgoing.mails.html">Disable spam virus scanning for outgoing mails</a></li>
<li><a href="no.x-spam.headers.html">Amavisd + SpamAssassin not working? no mail header (X-Spam-*) inserted</a></li>

52
html/upgrade.iredmail.0.9.4-0.9.5.html
View File

@ -376,55 +376,9 @@ log_level 0.</p>
<li>on FreeBSD: it's <code>/usr/local/etc/amavisd.conf</code>.</li>
<li>on OpenBSD: it's <code>/etc/amavisd.conf</code>.</li>
</ul>
<pre><code># Custom short log template (at log_level 0), add SpamAssassin testing result (Tests: [xxx])
#
# Note: You can find the original log template at the bottom of
# /usr/sbin/amavisd-new.
$log_templ = '
[?%#D|#|Passed #
[? [:ccat|major] |#
OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER-[:ccat|minor]|SPAMMY|SPAM|\
UNCHECKED[?[:ccat|minor]||-ENCRYPTED|]|BANNED (%F)|INFECTED (%V)]#
{[:actions_performed]}#
,[?%p|| %p][?%a||[?%l|| LOCAL] [:client_addr_port]][?%e|| \[%e\]] [:mail_addr_decode_octets|%s] -&gt; [%D|[:mail_addr_decode_octets|%D]|,]#
[? %q ||, quarantine: %q]#
[? %Q ||, Queue-ID: %Q]#
[? %m ||, Message-ID: [:mail_addr_decode_octets|%m]]#
[? %r ||, Resent-Message-ID: [:mail_addr_decode_octets|%r]]#
[? %i ||, mail_id: %i]#
, Hits: [:SCORE]#
, size: %z#
[? [:partition_tag] ||, pt: [:partition_tag]]#
[~[:remote_mta_smtp_response]|[&quot;^$&quot;]||[&quot;, queued_as: &quot;]]\
[remote_mta_smtp_response|[~%x|[&quot;queued as ([0-9A-Za-z]+)$&quot;]|[&quot;%1&quot;]|[&quot;%0&quot;]]|/]#
#, Subject: [:dquote|[:mime2utf8|[:header_field_octets|Subject]|100|1]]#
#, From: [:uquote|[:mail_addr_decode_octets|[:rfc2822_from]]]#
[? [:dkim|sig_sd] ||, dkim_sd=[:dkim|sig_sd]]#
[? [:dkim|newsig_sd] ||, dkim_new=[:dkim|newsig_sd]]#
, %y ms#
[? %#T ||, Tests: \[[%T|,]\]]#
]
[?%#O|#|Blocked #
[? [:ccat|major|blocking] |#
OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER-[:ccat|minor]|SPAMMY|SPAM|\
UNCHECKED[?[:ccat|minor]||-ENCRYPTED|]|BANNED (%F)|INFECTED (%V)]#
{[:actions_performed]}#
,[?%p|| %p][?%a||[?%l|| LOCAL] [:client_addr_port]][?%e|| \[%e\]] [:mail_addr_decode_octets|%s] -&gt; [%O|[:mail_addr_decode_octets|%O]|,]#
[? %q ||, quarantine: %q]#
[? %Q ||, Queue-ID: %Q]#
[? %m ||, Message-ID: [:mail_addr_decode_octets|%m]]#
[? %r ||, Resent-Message-ID: [:mail_addr_decode_octets|%r]]#
[? %i ||, mail_id: %i]#
, Hits: [:SCORE]#
, size: %z#
[? [:partition_tag] ||, pt: [:partition_tag]]#
#, Subject: [:dquote|[:mime2utf8|[:header_field_octets|Subject]|100|1]]#
#, From: [:uquote|[:mail_addr_decode_octets|[:rfc2822_from]]]#
[? [:dkim|sig_sd] ||, dkim_sd=[:dkim|sig_sd]]#
[? [:dkim|newsig_sd] ||, dkim_new=[:dkim|newsig_sd]]#
, %y ms#
[? %#T ||, Tests: \[[%T|,]\]]#
]';
<pre><code># Always log verbose info of processed mail, including subject, SpamAssassin
# testing results, etc, useful for troubleshooting..
$log_templ = $log_verbose_templ;
</code></pre>
<p>Restarting Amavisd service is required.</p>

0
it_IT/howto/1-enable.insecure.smtp.md → it_IT/howto/1-enable.smtp.auth.on.port.25.md
View File