Direkt zum Hauptinhalt

Install

VM:     ATHQ-LS-MSG01
IP:     10.201.1.13
DNS:    ATHQ-LS-MSG01.TENTEN.AT
ALIAS:  MX1.TENTEN.AT
BN:     root
PW:     hx!J7Y6$pG&wHW

VM:     ATHQ-LS-MSG02
IP:     10.201.1.14
DNS:    ATHQ-LS-MSG02.TENTEN.AT
ALIAS:  MX2.TENTEN.AT
BN:     root
PW:     p!f4y6a%ctQkN$

VM:     ATHQ-LS-MSG03
IP:     10.201.1.15
DNS:    ATHQ-LS-MSG03.TENTEN.AT
ALIAS:  MX3.TENTEN.AT
BN:     root
PW:     aZ4BT2H%8kq6bQ


    
    
mkdir /etc/pmg/templates
cp /var/lib/pmg/templates/main.cf.in /etc/pmg/templates/
nano /etc/pmg/templates/main.cf.in

modify to the fqdn you need:
myhostname=mail.domain.com

 

apt install nginx
rm /etc/nginx/sites-enabled/default

nano /etc/nginx/sites-available/pmg-quarantine.conf

 

 

server {
    listen 443 ssl;
    server_name _;
    ssl_certificate /etc/pmg/pmg-api.pem;
    ssl_certificate_key /etc/pmg/pmg-api.pem;
    proxy_redirect off;

    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade"; 
    proxy_set_header PVEClientIP $remote_addr; 
    proxy_buffering off;
    client_max_body_size 0;
    proxy_connect_timeout  3600s;
    proxy_read_timeout  3600s;
    proxy_send_timeout  3600s;
    send_timeout  3600s;
    
    # proxy requests for static components
    location ~ /proxmoxlib.js$|/favicon.ico$|/pve2/|/fontawesome/|/framework7/|/pwt/ {
        proxy_pass https://localhost:8006;
    }
    location /quarantine {
        proxy_pass https://localhost:8006;
    }

    location /api2 {
        location ~ /api2/(extjs|json|htmlmail)/(access/ticket$|version$) {
            proxy_pass https://localhost:8006;
        }
        location ~ /api2/(extjs|json|htmlmail)/nodes/.+/subscription$ {
            proxy_pass https://localhost:8006;
        }
        location ~ /api2/(extjs|json|htmlmail)/quarantine {
            proxy_pass https://localhost:8006;
        }
        return 403;
    }

    location / {    
         return 301 https://mailsecurityservice.tenten.at/quarantine;
#        proxy_pass https://localhost:8006/quarantine;
#        return 403;
    }
}

 

ln -rs /etc/nginx/sites-available/pmg-quarantine.conf /etc/nginx/sites-enabled/
/etc/init.d/nginx restart


crontab -e
# local Backup - every hour
30 * * * * /usr/bin/pmgbackup backup > /dev/null 2>&1

# clean Backup - every day at 0000
0 0 * * * find /var/lib/pmg/backup -iname 'pmg-backup_*.tgz' -mtime +14 -delete

 

 

 

mkdir /etc/pmg/dkim/bak

 

nano /etc/chrony/chrony.conf
# Use Google Time Service
server time2.google.com iburst
server time3.google.com iburst
server time4.google.com iburst

systemctl restart chronyd
journalctl --since -1h -u chrony


apt install unbound dnsutils


nano /etc/unbound/unbound.conf.d/local-stub.conf

stub-zone:
  name: tenten.at
  stub-addr: 10.0.0.5
  stub-addr: 10.0.0.6

stub-zone:
  name: plamis.at
  stub-addr: 10.0.1.5
  stub-addr: 10.0.1.6

systemctl restart unbound

 

 

cp /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js.bak


sed -Ezi.bak "s/(function\(orig_cmd\) \{)/\1\n\torig_cmd\(\);\n\treturn;/g" /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js

 

 

nano /etc/mail/spamassassin/custom.cf

 

systemctl restart pmg-smtp-filter

Keine Kommentare
nach oben