![首頁 Logo Keith ]p !!](/themes/mytheme/logo.png){kind=logo}
最後更新: 2018-10-12
介紹
建立 Multi-instance 的 postfix, 每一個 instance 有獨立的 IP
version > 2.6
用圖:
* Outbound mail relay for a corporate network.
* 每一個 instance 都有自己的 configuration, queue and data directories.
須要的功具
postmulti <-- multi-instance manager
postmulti 的功能
iterator mode:
executes the same command for multiple Postfix instances
life-cycle management mode:
adds, deletes, changes status
P.S.
測試環境:
* Postfix: 2.9.3
* dovecot: 2.1.7
Create:
# New instances are created with local submission and all "inet" services disabled
master_service_disable = inet
authorized_submit_users =
multi_instance_enable = no
這亦即是: null-client Postfix instance for local submission <-- for local submission
master_service_disable = inet local_transport = error:5.1.1 Mailbox unavailable
P.S.
# 不 listen ipv4, ipv6
master_service_disable = inet
master_service_disable (default: empty)
Selectively disable master(8) listener ports by service type or by service name and type. Specify a list of service types ("inet", "unix", "fifo", or "pass") or "name.type"
Usage
# Instance selection
- -a # all instances
- -g group
- -i name
The default instance can always be selected via "-i -"
# List instances (-l)
-l # List Postfix instances
Example Output
- - y /etc/postfix postfix-124 news y /etc/postfix-124 postfix-125 news n /etc/postfix-125
Note:
Default 的 postfix 係無 name 及 group 的, 可以用同棣 settings 去設定它們
/etc/postfix/main.cf
multi_instance_name = postfix-gw0 multi_instance_group = news
# start / stop (-p)
# Invoke postfix(1) to execute the specified command. (call postfix-wrapper)
-p start|stop|reload|status
i.e.
postmulti -g news -p start
postmulti -i postfix-124 -p start
# name assignment
-I name # must start with "postfix-"
-G group
-e assign
# Instance creation/deletion/status change (-e) <-- LIFE-CYCLE MANAGEMENT
postmulti -i OldName -I NewName -e action
init:
# required before postmulti can be used to manage Postfix instances
postmulti -e init
相當於加入了以下設定到 /etc/postfix/main.cf
multi_instance_enable = yes
multi_instance_wrapper =${command_directory}/postmulti -p --create:
Example:
postmulti -I postfix-mumble -G mygroup -e create \ config_directory=/my/config/dir \ queue_directory=/my/queue/dir \ data_directory=/my/data/dir
destroy # candidate for destruction an instance must be disabled
assign # Assign a new instance name or a new group name
deport # 在 main.cf 內的 multi_instance_directories 移走 instance
# the instance just becomes a stand-alone Postfix instance not registered
# with the multi-instance manager
enable # set multi_instance_enable to yes
disable # will not be started (postfix start, postmulti -p start)
# Execute the specified command for all Postfix instances. (-x)
postmulti -x [-aRv] [-g group] [-i name] command...
-x Execute the specified command for all Postfix instances.
Example:
smtpgwh1:~# postmulti -x postqueue -p
Mail queue is empty Mail queue is empty Mail queue is empty
# Enable verbose logging
-v
main.cf
multi_instance_enable = yes multi_instance_name multi_instance_group multi_instance_wrapper # The pathname of a multi-instance manager command
# using sendmail(1) to send a verification probe:
postmulti -i postfix-myinst -x sendmail -bv [email protected]
# Put all mail in enabled member instances of a group on hold:
postmulti -g group_name -x sh -c 'test $multi_instance_enable = yes && postsuper -h ALL'
The default instance is responsible for local mail submission.
The setgid postdrop(1) utility is used by the sendmail(1) local submission program to spool messages into the maildrop sub-directory of the queue directory of the default instance.
P.S.
* You should set the "syslog_name" explicitly in the main.cf file of a "nameless" instance,
in order to avoid confusion in the mail logs when multiple instances are in use.
如何建立一個 instance
# 測試環境 Debian 7
假設 instance 名稱: postfix-175
# 建立
postmulti -I postfix-175 -G news -e create
# fix lib
ln -s /etc/postfix/dynamicmaps.cf /etc/postfix-175/dynamicmaps.cf
# add config
vi /etc/postfix-175/main.cf
############################################ no need change smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_path = inet:127.0.0.1:12345 smtpd_sasl_type = dovecot smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination header_checks = regexp:/etc/postfix/header_checks.cf maximal_queue_lifetime = 0 bounce_queue_lifetime = 0 smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) master_service_disable= ############################################# per instance config inet_interfaces = xxx.xxx.xxx.xxx smtp_helo_name = x.x.x myhostname = $smtp_helo_name #############################################
header_checks.cf
/^Received: from \[127\.0\.0\.1/ IGNORE
# start an instance
postmulti -i postfix-175 -e enable
postmulti -i postfix-175 -p start
# check it
* netstat -nlt
* grep postfix-175 /var/log/mail.log
建立一堆 instance 的 script
會建立
postfix-101 smtpgw1.datahunter.org // 192.168.123.101
postfix-102 smtpgw2.datahunter.org // 192.168.123.101
postfix-103 smtpgw2.datahunter.org // 192.168.123.101
mypostmulti.sh
#!/bin/bash # Create postfix-IP instance _ipstart="101" _ipend="103" _myip="192.168.123" _yourhostname="smtpgw" _yourdomain="datahunter.org" # 當 "_seq=0" 時第一個 instance 的 smtp_helo_name 及 myhostname 會是 1 _seq=0 for _ip in `seq $_ipstart $_ipend` do _seq=$(($_seq+1)) _myhost="$_yourhostname$_seq.$_yourdomain" echo "Create $_myhost" postmulti -I postfix-$_ip -G news -e create # Debian 才需要 ln /etc/postfix/dynamicmaps.cf /etc/postfix-$_ip/dynamicmaps.cf cat /root/postfix_default.txt >> /etc/postfix-$_ip/main.cf echo "Modify $_myhost" postconf -c /etc/postfix-$_ip inet_interfaces=$_myip.$_ip postconf -c /etc/postfix-$_ip myhostname=$_myhost postconf -c /etc/postfix-$_ip smtp_helo_name=$_myhost postconf -c /etc/postfix-$_ip syslog_name=$_myhost postconf -c /etc/postfix-$_ip master_service_disable= # must last setting (因為當 setting 有問題時, 那會 enable 唔到) postmulti -i postfix-$_ip -e enable echo "Done $_myhost" done echo "Finish"
DOC
http://www.postfix.org/MULTI_INSTANCE_README.html
