Selaa lähdekoodia

Update README

master
Timo Röhling 8 vuotta sitten
vanhempi
commit
f422325ccd
1 muutettua tiedostoa jossa 23 lisäystä ja 13 poistoa
  1. 23
    13
      README.md

+ 23
- 13
README.md Näytä tiedosto

@@ -11,18 +11,18 @@ as forwarder.
11 11
 
12 12
 Sender Rewriting Scheme Crash Course
13 13
 ------------------------------------
14
-Imagine your server receives a mail from alice@example.com
14
+Imagine your server receives a mail from `alice@example.com`
15 15
 that is to be forwarded. If example.com uses the Sender Policy Framework
16 16
 to indicate that all legit mails originate from their server, your
17 17
 forwarded mail might be bounced, because you have no permission to send
18 18
 on behalf of example.com. The solution is that you map the address to
19 19
 your own domain, e.g.
20
-SRS0+xxxx=yy=example.com=alice@yourdomain.org (forward SRS). If the
20
+`SRS0+xxxx=yy=example.com=alice@yourdomain.org` (forward SRS). If the
21 21
 mail is bounced later and a notification arrives, you can extract the
22 22
 original address from the rewritten one (reverse SRS) and return the
23 23
 notification to the sender. You might notice that the reverse SRS can
24
-be abused to turn your server into an open relay. For this reason, xxxx
25
-and yy are a cryptographic signature and a time stamp. If the signature
24
+be abused to turn your server into an open relay. For this reason, `xxxx`
25
+and `yy` are a cryptographic signature and a time stamp. If the signature
26 26
 does not match, the address is forged and the mail can be discarded.
27 27
 
28 28
 Building
@@ -47,8 +47,11 @@ standard CMake flags. Use `-D<option>=<value>` to override the defaults.
47 47
 
48 48
 *   `GENERATE_SRS_SECRET` (default: `ON`). Generate a random secret on install.
49 49
 *   `USE_APPARMOR` (default: `OFF`): Install an AppArmor profile for the daemon.
50
+*   `USE_SELINUX` (default: `OFF`): Install an SELinux policy module for
51
+    the daemon.
50 52
 *   `INIT_FLAVOR` (default: auto-detect). Select the appriopriate startup
51
-    script type. Must be one of (`systemd`, `upstart`,`sysv-lsb`,`sysv-redhat`) or `none`.
53
+    script type. Must be one of (`systemd`, `upstart`,`sysv-lsb`,`sysv-redhat`)
54
+    or `none`.
52 55
 *   `CHROOT_DIR` (default: `${CMAKE_INSTALL_PREFIX}/lib/postsrsd`). Chroot jail
53 56
     for the daemon.
54 57
 *   `SYSCONF_DIR` (default: `/etc`). Location of system configuration files.
@@ -56,6 +59,8 @@ standard CMake flags. Use `-D<option>=<value>` to override the defaults.
56 59
     the postsrsd settings.
57 60
 *   `DOC_DIR` (default: `${CMAKE_INSTALL_PREFIX}/share/doc/postsrsd`). Install
58 61
     destination for documentation files.
62
+*   `SYSD_UNIT_DIR` (default: `${SYSCONF_DIR}/systemd/system`). Install
63
+    destination for systemd startup files.
59 64
 
60 65
 Installing
61 66
 ----------
@@ -66,20 +71,25 @@ files.
66 71
 Configuration
67 72
 -------------
68 73
 
69
-The configuration is located in `/etc/default/postsrsd` by default. You must store
70
-at least one secret key in `/etc/postsrsd.secret`. The installer tries to generate
71
-one from `/dev/urandom`. Be careful that no one can guess your secret,
72
-because anyone who knows it can use your mail server as open relay!
73
-Each line of `/etc/postsrsd.secret` is used as secret. The first secret is
74
-used for signing and verification, the others for verification only.
74
+The configuration is located in `/etc/default/postsrsd` by default. On many
75
+systems, the default configuration will work out-of-the-box, but please take
76
+the two minutes to check the settings for yourself. Also, please make sure
77
+that Postfix has the correct domain name configured, i.e.
78
+`postconf -h mydomain` returns the correct value.
79
+
80
+You must store at least one secret key in `/etc/postsrsd.secret`. The installer
81
+tries to generate one from `/dev/urandom`. Be careful that no one can guess
82
+your secret, because anyone who knows it can use your mail server as open
83
+relay!  Each line of `/etc/postsrsd.secret` is used as secret. The first secret
84
+is used for signing and verification, the others for verification only.
75 85
 
76 86
 PostSRSd exposes its functionality via two TCP lookup tables. The
77 87
 recommended Postfix configuration is to add the following fragment to
78 88
 your main.cf:
79 89
 
80
-    sender_canonical_maps = tcp:127.0.0.1:10001
90
+    sender_canonical_maps = tcp:localhost:10001
81 91
     sender_canonical_classes = envelope_sender
82
-    recipient_canonical_maps = tcp:127.0.0.1:10002
92
+    recipient_canonical_maps = tcp:localhost:10002
83 93
     recipient_canonical_classes= envelope_recipient,header_recipient
84 94
 
85 95
 This will transparently rewrite incoming and outgoing envelope addresses,

Loading…
Peruuta
Tallenna