歡迎您光臨本站 註冊首頁

自已翻譯的postfix.org上的文檔----基本配置

←手機掃碼閱讀     火星人 @ 2014-03-04 , reply:0

自已翻譯的postfix.org上的文檔----基本配置

  請各位來排磚!
 
 還有其它的一些基本文檔正在翻譯中。
 
 說明:
 本人的英語水平很菜(國家二級都沒有過呢^_^)翻譯這個文章花了一天的時間,所以在轉的時候,請保留以下的信息。
 目的:作者只是想讓自已多聯習一下英語,翻譯肯定有很多錯誤的地方,不各位看官不要見笑(我自已都感覺有很多地方不是很通^_^)。
 來源:http://www.it-exam.net
 作者:sham/四川
 QQ:709207
 MSN:deng_@msn.com
 原文:http://www.postfix.org
 
 [原創]Postfix的基本配置---自已翻譯的postfix的官方文檔。
 緒論
 Postfix大根有幾百個配置參數,這些參數都是通過main.cf這個文件來控制的。幸運的是,這些變數默認下都是切合實際的,多數情況下,在你啟動運行郵件系統之前你僅僅必須需配置很少的幾個。
 下面簡單的介紹一下語法:
 
 Postfix configuration files(LINK postfix的基本配置文件)
 
 The text below assumes that you already have Postfix installed on the system, either by compiling
 以下的文本假你已經安裝了postfix在你的系統上或者是你自已通過源碼包編譯安裝的(參考INSTALL(這裡有一個INSTALL文件的link)文件)
 這個文檔包括了Postfix的基本配置。怎樣配置詳細的應用程序信息,像:mailhub、firewall或者dial-up client可以在standard_configuration_readme這個文件在找到。
 但是,在你沒有明白以下的這些介紹之前,請不要去看這些link
 The first parameters of interest specify the machine's identity and role in the network.
 首先以下這些參數影響到伺服器的身份和在網路中所處的角色。
 •        What domain name to use in outbound mail
 你準備採用什麼域名來發送郵件?
 •        What domains to receive mail for
 你準備採用什麼域名來接收郵件?
 •        What clients to relay mail from
 •        What destinations to relay mail to
 •        你的郵件將被投遞到那個地方
 •        What delivery method: direct or indirect
 採用什麼樣的投遞方式:direct還是indirect
 The default values for many other configuration parameters are derived from just these.
 默認的參數或者其它的配置參數都是由這些所得到的。
 The next parameter of interest controls the amount of mail sent to the local postmaster:
 下面這個參數影響到所有發送到本地郵件管理員的郵件:
 What trouble to report to the postmaster
 
 Be sure to set the following correctly if you're behind a proxy or network address translator, and you are running a backup MX host for some other domain:
 如果,你在一個代理或NAT後面,請確認以下的設置是正確的,同時你為其它域建一個備份的MX記錄主機
 •        Proxy/NAT external network addresses
 
 Postfix daemon processes run in the background, and log problems and normal activity to the syslog daemon. Here are a few things that you need to be aware of:
 Postfix的進程是在後台運行的,並且所產生的在運行中和一些普通的活動的日誌發送給syslog進程式控制制。下面幾件事情,你必須要知道:
 •        What you need to know about Postfix logging
 你必須知道postfix運行記錄了些什麼
 If your machine has unusual security requirements you may want to run Postfix daemon processes inside a chroot environment.
 如果,你對你的伺服器的安全性要求極嚴格,則你想運行postfix進行在chroot環境下。
 •        Running Postfix daemon processes chrooted
 POSTFIX在chrooted中運行
 If you run Postfix on a virtual network interface, or if your machine runs other mailers on virtual interfaces, you'll have to look at the other parameters listed here as well:
 如果,你運行了一個postfix在一個虛擬網路介面,或者說如果你的電腦是在一個虛擬界面上運行的,你必須了解下面的這幾個參數:
 •        My own hostname
 •        My own domain name
 •        My own network addresses
 Postfix 的配置文件
 By default, Postfix configuration files are in /etc/postfix. The two most important files are main.cf and master.cf;
 默認情況下,postfix的配置文件在/etc/postfix下面。在這個目錄下面有兩個重要的文件mail.cf和master.cf;
 these files must be owned by root. Giving someone else write permission to main.cf or master.cf (or to their parent directories) means giving root privileges to that person.
 這些文件的擁有者必須是root。如果,你給某人對於mail.cf或者master.cf文件寫的許可權(或者它們的雙親目錄)等於給了這個人root許可權;
 In /etc/postfix/main.cf you will have to set up a minimal number of configuration parameters. Postfix configuration parameters resemble shell variables, with two important differences: the first one is that Postfix does not know about quotes like the UNIX shell does.
 你必須在/etc/postfix/main.cf中設置最少數量的參數。Postfix的配置參數類似於shell變數,但是他們有兩個很重要的不同點:第一個是postfix不像shell一樣懂得配額。
 
 你能像這樣規則格式配置參數:
 /etc/postfix/main.cf:
     parameter = value
 並且你可以放一個「$」符號在變數的名字前面:
 /etc/postfix/main.cf:
     other_parameter = $parameter
 You can use $parameter before it is given a value (that is the second main difference with UNIX shell variables). The Postfix configuration language uses lazy evaluation, and does not look at a parameter value until it is needed at runtime.
 在它得到變數之前你能夠使用$parameter(這是與SHELL不同的第二點)。Postfix配置語言採用了lazy 環境,postfix直到運行的時候才去查找這個參數的值.
 
 Postfix uses database files for access control, address rewriting and other purposes. The DATABASE_README file gives an introduction to how Postfix works with Berkeley DB, LDAP or SQL and other types. Here is a common example of how Postfix invokes a database:
 Postfix使用資料庫文件來做訪問控制,地址重寫與其它的日的。Databse_readme文件介紹了postfix在BerkeleyDB,LDAP或者SQL與其它類型下是怎樣工作的。下面這個例子就是postfix與資料庫配合的公共方法的舉例:
 /etc/postfix/main.cf:
 virtual_alias_maps = hash:/etc/postfix/virtual
 
 Whenever you make a change to the main.cf or master.cf file, execute the following command as root in order to refresh a running mail system:
 當你改變了main.cf或者master.cf文件后,你能執行下面的命令來刷新正在運行的郵件系統:
 # postfix reload
 
 
 *-------------------------------------------*
 What domain name to use in outbound mail
 你使用什麼域名來發送郵件?
 The myorigin parameter specifies the domain that appears in mail that is
 posted on this machine. The default is to use the local machine name,
 myorigin參數規定了出現在郵件中的域名,這個域名被這個電腦提交的。預設下使用本地電腦的名字。
 
 $myhostname, which defaults to the name of the machine. Unless you are running a really small site, you probably want to change that into $mydomain, which defaults to the parent domain of the machine name.
 $myhostname:預設情況下採用本地電腦的名字。你大根想改變這個變數為$mydomain,除非你已經在運行一個小的站點,默認下採用這台電腦的的父域。
 For the sake of consistency between sender and recipient addresses, myorigin also specifies the domain name that is appended to an unqualified recipient address.
 為了發送者與收件者地址的一致性,myorigin總是規定了域名這個符加了一個完全全格的收件地址。
 Examples (specify only one of the following):
 例如(僅僅需要下面中的一個)
 /etc/postfix/main.cf:
     myorigin = $myhostname (default: send mail as "user@$myhostname")
     myorigin = $mydomain   (probably desirable: "user@$mydomain")
 
 What domains to receive mail for
 採用那個域接收郵件
 The mydestination parameter specifies what domains this machine will deliver locally, instead of forwarding to another machine.
 Mydestination參數規定了這個域將會投遞到那個地方,而不是轉寄在其它電腦。
 The default is to receive mail for the machine itself. See the VIRTUAL_README file for how to configure Postfix for hosted domains.
 默認情況下是從本地電腦自已接收郵件。請看:virtual readme文件了解怎樣配置postfix的hosted_domains。
 You can specify zero or more domain names, "/file/name" patterns and/or "type:table" lookup tables (such as hash:, btree:, nis:, ldap:, or mysql:), separated by whitespace and/or commas. A "/file/name" pattern is replaced by its contents; "type:table" requests that a table lookup is done and merely tests for existence: the lookup result is ignored.
 你能規定0個或者更多的域名,」/file/name」模版或者」type:table」來查找表(像hast:,btree:,nis:,ldap:,或者mysql:),它們被「,」號或空白分割,一個「/file/name」式樣是被它自已的內容替換;」type:table」是通過表查詢來完成並且僅僅進行是否存在的測式:查詢結果被呼略。
 IMPORTANT: If your machine is a mail server for its entire domain, you must list $mydomain as well.
 注意:如果,你的郵件伺服器是為全部的域提供服務,$mydomain必須填寫正確。
 Example 1: default setting.
 例1:預設設置:
 /etc/postfix/main.cf:
     mydestination = $myhostname localhost.$mydomain localhost
 Example 2: domain-wide mail server.
 例二:域方面的郵件伺服器。
 /etc/postfix/main.cf:
     mydestination = $myhostname localhost.$mydomain localhost $mydomain
 Example 3: host with multiple DNS A records.
 例3:多個DNS A記錄的主機。
 /etc/postfix/main.cf:
     mydestination = $myhostname localhost.$mydomain localhost
         www.$mydomain ftp.$mydomain
 Caution: in order to avoid mail delivery loops, you must list all hostnames of the machine, including $myhostname, and localhost.$mydomain.
 警告:按照到達郵件的投遞線路,你必須列表所有的主機名在這個電腦上,包括:$myhostname,和localhost.$mydomain.
 What clients to relay mail from
 郵件是從什麼客戶端被中繼的。
 By default, Postfix will forward mail from clients in authorized network blocks to any destination. Authorized networks are defined with the mynetworks configuration parameter. The default is to authorize all clients in the IP subnetworks that the local machine is attached to.
 預設下,postfix將從被經過認證的網路的客戶端轉寄郵件到任何目的。信任的網段是在mynetworks中被定義與配置的。默認下信任的網路將包括所有的本地電腦的IP網段。
 IMPORTANT: If your machine is connected to a wide area network then your default mynetworks setting may be too friendly.
 注意:如果,你的電腦是連接到Internet那麼你定義的mynetworks設置可能是好的。
 Examples (specify only one of the following):
 例如:(僅僅只規定以下的其中一個):
 /etc/postfix/main.cf:
     mynetworks_style = subnet  (default: 信任的子網)
     mynetworks_style = host    (safe: 僅僅信任本地電腦)
     mynetworks = 127.0.0.0/8   (safe: 僅僅信任本地電腦)
     mynetworks = 127.0.0.0/8 168.100.189.2/32 (信任本地的電腦)
 You can specify the trusted networks in the main.cf file, or you can let Postfix do the work for you. The default is to let Postfix do the work. The result depends on the mynetworks_style parameter value.
 你能夠規定受信任的網段在main.cf文件中,或者你能認postfix為你做這個工作。默認下是由postfix來做這個的。產生的結果依靠mynetworks stype參數的值。
 •        Specify "mynetworks_style = host" when Postfix should forward mail from only the local machine.
 當postfix僅僅轉從本地寄郵件時規定「mynetworks_stype=host」
 •        Specify "mynetworks_style = subnet" (the default) when Postfix should forward mail from SMTP clients in the same IP subnetworks as the local machine. On Linux, this works correctly only with interfaces specified with the "ifconfig" command.
 當postfix能夠轉寄郵件從與本地電腦與smtp client在同一個IP子網下。在LIUNX下他僅僅只能在ifconfig中規定的介面下才能正確工作。
 •        Specify "mynetworks_style = class" when Postfix should forward mail from SMTP clients in the same IP class A/B/C networks as the local machine. Don't do this with a dialup site - it would cause Postfix to "trust" your entire provider's network. Instead, specify an explicit mynetworks list by hand, as described below.
 當postfix能轉寄郵件從一個與本地電腦的IP同一個IP類下(A/B/C)。對於拔號站點-它能認POSTFIX信任你的整個ISP的網路。
 Alternatively, you can specify the mynetworks list by hand, in which case Postfix ignores the mynetworks_style setting. To specify the list of trusted networks by hand, specify network blocks in CIDR (network/mask) notation, for example:
 二選一,你能夠規定mynetworks列表,此時postfix將呼略mynetworks_stype設置。採用CIDR(NETWORK/MASK)方式來規定的網段為受信任的網路。
 /etc/postfix/main.cf:
     mynetworks = 168.100.189.0/28, 127.0.0.0/8
 You can also specify the absolute pathname of a pattern file instead of listing the patterns in the main.cf file
 對於模版文件,你能夠總是規定決對路徑名而不是在main.cf中僅僅列出模版文件
 
 What destinations to relay mail to
 郵件將中繼到那個目的地
 By default, Postfix will forward mail from strangers (clients outside authorized networks) to authorized destinations only. Authorized destinations are defined with the relay_domains configuration parameter. The default is to authorize all domains (and subdomains) of the domains listed with the mydestination parameter.
 默認下,postfix將能夠從外面受信任的網段轉寄郵件(僅對外面受認證的網路的客戶端),受信任的目的是在relay_domains這個參數中配置的。默信下將信任mydestinaton參數規定的所有域和子域。
 Examples (specify only one of the following):
 例如:(在下面的中僅選對其中一個)
 /etc/postfix/main.cf:
     relay_domains = $mydestination (默認)
     relay_domains =           (safe: never forward mail from strangers)
     relay_domains = $mydomain (forward mail to my domain and subdomains)
 What delivery method: direct or indirect
 採用什麼投遞方法:直接或非直接
 By default, Postfix tries to deliver mail directly to the Internet. Depending on your local conditions this may not be possible or desirable. For example, your system may be turned off outside office hours, it may be behind a firewall, or it may be connected via a provider who does not allow direct mail to the Internet. In those cases you need to configure Postfix to deliver mail indirectly via a relay host.
 默認,postfix將試圖直接投遞郵件到INTERNET。依賴你的本地條件這可能不是你所需要的,例如,你的系統可能避開外面的分支辦公司室,它可能在一個防火牆之後,或者它是與ISP連接的,而ISP是不允許直接發送郵件到INTERNET。在這些情況下,你必須配置postfix通過一個中繼主機來採用非直接投遞電子郵件。
 Examples (specify only one of the following):
 例如:(只取其中一個)
 /etc/postfix/main.cf:
     relayhost =                 (default: direct delivery to Internet)
     relayhost = $mydomain       (deliver via local mailhub)
     relayhost = (deliver via local mailhub)
     relayhost =   (deliver via provider mailhub)
 The form enclosed with [] eliminates DNS MX lookups. Don't worry if you don't know what that means.
 符上[]號將排除DNS MX查找。請不要擔心,如果,你不知道這是什麼意思。
 The STANDARD_CONFIGURATION_README file has more hints and tips for firewalled and/or dial-up networks.
 Standard_configuration_readme文件對防火牆或拔號網路更多的線索與提示
 What trouble to report to the postmaster
 有問題的時候報告給postmaster
 You should set up a postmaster alias in the aliases(5) table that directs mail to a human person. The postmaster address is required to exist, so that people can report mail delivery problems. While you're updating the aliases(5) table, be sure to direct mail for the super-user to a human person too.
 你能設置一個postfix別名在aliases(5)表,
 /etc/aliases:
     postmaster: you
     root: you
 Execute the command "newaliases" after changing the aliases file. Instead of /etc/aliases, your alias file may be located elsewhere. Use the command "postconf alias_maps" to find out.
 運行」newaliases」后名字文件才能生效。如果,你的別名文件在其它地方而不是在/etc/aliases則使用 alias_maps來指出它的位置。
 The Postfix system reports problems to the postmaster alias. You may not be interested in all types of trouble reports, so this reporting mechanism is configurable. The default is to report only serious problems (resource, software) to postmaster:
 Postfix系統將報告運行的故障給postmaster.你可能不希望收到所有的問題報告,所以報告的機制是可以配置的。默認的是僅僅報告嚴重的問題(資料、軟體)給postmaster:
 Default setting: 預設設置:
 /etc/postfix/main.cf:
     notify_classes = resource, software
 The meaning of the classes is as follows: 類別的意思如下:
 bounce
 Inform the postmaster of undeliverable mail. Either send the postmaster a copy of undeliverable mail that is returned to the sender, or send a transcript of the SMTP session when Postfix rejected mail. For privacy reasons, the postmaster copy of undeliverable mail is truncated after the original message headers. This implies "2bounce" (see below). See also the luser_relay feature. The notification is sent to the address specified with the bounce_notice_recipient configuration parameter (default: postmaster).
 通知postmaster不能投遞的郵件。退回的郵件(不能投遞的郵件)將CP一份給postmaster和發送者,或者當postfix發送郵件時的SMTP會話被拒絕的時候,也會發送了個副本。因為穩私的原因,對於沒有投遞出去的郵件中的原來的信息頭會被刪除。這意為著」2bounce」(請看下面的連接),來了解luser_relay的特點;這個通知是被發送到由bounce_notice_recipient參數規定的變數值中。(默信的是postmaster)
 2bounce
 When Postfix is unable to return undeliverable mail to the sender, send it to the postmaster instead (without truncating the message after the primary headers). The notification is sent to the address specified with the 2bounce_notice_recipient configuration parameter (default: postmaster).
 當postfix不能反回非投遞郵件給發送都的時候,他們發送給postmaster來代替(不會刪除主要的信頭),這個通知是發送給由2bounce_notice_recipient這個參數來決定的;(默認是postmaster)
 delay
 Inform the postmaster of delayed mail. In this case, the postmaster receives message headers only. The notification is sent to the address specified with the delay_notice_recipient configuration parameter (default: postmaster).
 對於延遲郵件的通知。在這種情況下,postmaster僅接收郵件頭。這個發送的地址是由delay_notice_recipient規定的;(默認是postmaster)
 policy
 Inform the postmaster of client requests that were rejected because of (UCE) policy restrictions. The postmaster receives a transcript of the SMTP session. The notification is sent to the address specified with the error_notice_recipient configuration parameter (default: postmaster).
 對於因為受UCE策略的限制而被拒絕的客戶端請求也可能通知postmaster。Postmaster將接收smtp會話的複本。這個地址發送的地址是由error_notice_recipient參數規定的。(默認:postmaster)
 protocol
 Inform the postmaster of protocol errors (client or server side) or attempts by a client to execute unimplemented commands. The postmaster receives a transcript of the SMTP session. The notification is sent to the address specified with the error_notice_recipient configuration parameter (default: postmaster).
 對於客戶端或伺服器端的協議錯誤或客戶端執行了一個不存在的命令,採用此參數通知postmaster,此時postmaster也會收到一個smtp會話的複本;被提示都的地址由error_notice_recipient這個參數規定的(默認:postmaster)
 resource
 Inform the postmaster of mail not delivered due to resource problems (for example, queue file write errors). The notification is sent to the address specified with the error_notice_recipient configuration parameter (default: postmaster).
 如果由於資源問題告成不能投遞郵件,也能知道postmaster。接收者的地址是由error_notice_recipient規定的。(默認:postmaster)
 software
 Inform the postmaster of mail not delivered due to software problems. The notification is sent to the address specified with the error_notice_recipient configuration parameter (default: postmaster).
 如果由於軟體問題造成的不能投遞郵件的問題也能通知postmaster.接收者的地址由error_notice_recipient參數規定的。(默認:postmaster)
 Proxy/NAT external network addresses
 網路地址在proxy/nat後面的
 Some mail servers are connected to the Internet via a network address translator (NAT) or proxy. This means that systems on the Internet connect to the address of the NAT or proxy, instead of connecting to the network address of the mail server. The NAT or proxy forwards the connection to the network address of the mail server, but Postfix does not know this.
 有些郵件伺服器是通過代理或nat聯接到Internet的。而不是直接連接到網際網路的。由於郵件伺服器是通過nat/proxy連接的,但是postfix並不知道是這樣的。
 If you run a Postfix server behind a proxy or NAT, you need to configure the proxy_interfaces parameter and specify all the external proxy or NAT addresses that Postfix receives mail on. You may specify symbolic hostnames instead of network addresses.
 如果,你運行了postfix伺服器在一個proxy或nat後面,你必須配置proxy_interfaces參數並且規定所有的外面代理或NAT地址來認postfix接收郵件。你可以規定hostnames而不是network_address.
 IMPORTANT: You must specify your proxy/NAT external addresses when your system is a backup MX host for other domains, otherwise mail delivery loops will happen when the primary MX host is down.
 注意:當你的系統有一個其它域的備份MX主機的時候,你必須規定你的proxy/nat的外部地址,否則當主要的MX主機不能工作的時候,郵件投遞查找將會發生環路。
 Example: host behind NAT box running a backup MX host.
 例如:主機在NAT后並做為了備份MX主機。
 /etc/postfix/main.cf:
     proxy_interfaces = 1.2.3.4 (the proxy/NAT external network address)
 What you need to know about Postfix logging
 你必須知道的關於postfix的日誌
 Postfix daemon processes run in the background, and log problems and normal activity to the syslog daemon. The syslogd process sorts events by class and severity, and appends them to logfiles. The logging classes, levels and logfile names are usually specified in /etc/syslog.conf. At the very least you need something like:
 當postfix進程在後台運行的時候,它的錯誤日誌、普通運行日誌,是由syslog進行控制的.syslogd進程將會對此進行嚴格的處理與排序,並放在日誌文件中。日誌的分類、級別和日誌名是由/etc/syslog.cofn文件規定的。你只需要添加很少的幾行像:
 /etc/syslog.conf:
     mail.err                                    /dev/console
     mail.debug                                  /var/log/maillog
 After changing the syslog.conf file, send a "HUP" signal to the syslogd process.
 當改變了syslog.conf文件后需要運行:killall –HUP syslogd
 IMPORTANT: many syslogd implementations will not create files. You must create files before (re)starting syslogd.
 注意:大部份syslogd進行是不會自動建立文件的,所以你必須在重啟syslogd的時候先建立好需要的日誌文件
 IMPORTANT: on Linux you need to put a "-" character before the pathname, e.g., -/var/log/maillog, otherwise the syslogd process will use more system resources than Postfix.
 注意:在LINUX系統下你必須在路徑名放一個「-」字元,如:-/var/log/maillog,否則syslogd處理起來將會認postfix需要更多的系統資源。
 Hopefully, the number of problems will be small, but it is a good idea to run every night before the syslog files are rotated:
 我們希望,不要出任小小的問題,在syslog文件被循環之前每天晚上運行以下命令是一個好的注意:
 # postfix check
 # egrep '(reject|warning|error|fatal|panic):' /some/log/file
 •        The first line (postfix check) causes Postfix to report file permission/ownership discrepancies.
 第一行(postfix check)認postfix檢查報告它的許可權/擁有者不符
 •        The second line looks for problem reports from the mail software, and reports how effective the relay and junk mail access blocks are. This may produce a lot of output. You will want to apply some postprocessing to eliminate uninteresting information.
 第二行:尋找從郵件軟體中的錯誤報告,並且產生輸入了對中繼和垃圾郵件有很效的報告。如果,你希望根據這些信息來排除這些問題。
 The DEBUG_README document describes the meaning of the "warning" etc. labels in Postfix logging.
 Debug_Readme文件描述了這些警告信息的意思。
 Running Postfix daemon processes chrooted
 運行postfix進行在chrooted中
 Postfix daemon processes can be configured (via the master.cf file) to run in a chroot jail. The processes run at a fixed low privilege and with file system access limited to the Postfix queue directories (/var/spool/postfix). This provides a significant barrier against intrusion. The barrier is not impenetrable (chroot limits file system access only), but every little bit helps.
 通過配置master.cf文件能認postfix進行處理,運行在chroot jail中。這個處理方法讓postfix運行在很低許可權並限制它只能在/var/spool/postfix目錄中工作。這給入侵者在一次的創造了一個屏障(增加了系統的安全)。但是這不是說攻不破它(chroot只對文件系統的操作進行了限制),但這也會給你一些幫助的。
 With the exception of Postfix daemons that deliver mail locally and/or that execute non-Postfix commands, every Postfix daemon can run chrooted.
 對於postfix投遞本地郵件或者執行非postfix命令,除了postfix 進程本身以外這些postfix進程都能運行在chrooed中。
 Sites with high security requirements should consider to chroot all daemons that talk to the network: the smtp(8) and smtpd(8) processes, and perhaps also the lmtp(8) client. The author's own porcupine.org mail server runs all daemons chrooted that can be chrooted.
 對於安全性要求比較高的站點,你可以考慮封裝所有的進程:smtp(8)、 smtpd(8)處理,和大部份的smtp(8(客戶部).
 The default /etc/postfix/master.cf file specifies that no Postfix daemon runs chrooted. In order to enable chroot operation, edit the file /etc/postfix/master.cf, and follow instructions in the file. When you're finished, execute "postfix reload" to make the change effective
 默認情況下:/etc/postfix/master.cf文件是沒有封裝postfix進程的。按照如下操作來編輯/etc/postfix/master.cf文件以激活chroot。做完后,執行postfix reload使配置文件生效。
 Note that a chrooted daemon resolves all filenames relative to the Postfix queue directory (/var/spool/postfix). For successful use of a chroot jail, most UNIX systems require you to bring in some files or device nodes. The examples/chroot-setup directory in the source code distribution has a collection of scripts that help you set up Postfix chroot environments on different operating systems.
 Chrooted的進程分解了相於對postfix的隊列目錄中的所有文件(var/spool/postfix)。要想成功的運行chroot jail,大部份unix系統都會認你提供一些文件或設備節點。在分發包中的examples/chroot-setup目錄已經收錄了一些腳本文件來幫助你在不同的操作系統中安裝postfix在chroot環境。
 Additionally, you almost certainly need to configure syslogd so that it listens on a socket inside the Postfix queue directory. Examples of syslogd command line options that achieve this for specific systems:
 另外,你大制確定了配置syslogd文件,所以它是需要在內部的postfix隊列目錄偵聽一個套接字。如:在不同的系統中syslogd命令的語法也不同。
 FreeBSD: syslogd -l /var/spool/postfix/var/run/log
 Linux, OpenBSD: syslogd -a /var/spool/postfix/dev/log
 My own hostname
 我擁有的主機
 The myhostname parameter specifies the fully-qualified domain name of the machine running the Postfix system. $myhostname appears as the default value in many other Postfix configuration parameters.
 Myhostname參數規定了運行postfix系統的電腦的完全合格域名。$myhostname做為默認的參數,出現在很多配置參數的後面。
 By default, myhostname is set to the local machine name. If your local machine name is not in fully-qualified domain name form, or if you run Postfix on a virtual interface, you will have to specify the fully-qualified domain name that the mail system should use.
 默認,myhostname是為本地電腦設置了一個電腦名。如果,你的本地電腦名不是一個完全合格域名,或者你運行postfix在一個虛擬介面,你必須規定完全合格域名才能使用。
 Alternatively, if you specify mydomain in main.cf, then Postfix will use its value to generate a fully-qualified default value for the myhostname parameter.
 做為選擇,如果,你規定了mydomain在main.cf中,那麼postfix將使用它的值與myhostname一起來生成一個完全合格域名。
 Examples (specify only one of the following):
 /etc/postfix/main.cf:
     myhostname = host.local.domain (machine name is not FQDN)
     myhostname = host.virtual.domain (virtual interface)
     myhostname = virtual.domain (virtual interface)
 My own domain name
 我擁有的域名
 The mydomain parameter specifies the parent domain of $myhostname. By default, it is derived from $myhostname by stripping off the first part (unless the result would be a top-level domain).
 Mydomain參數規定了父域。它是從$myhostname的第一部份分離出來的(除非,你規定的不是一個頂級域)。
 Conversely, if you specify mydomain in main.cf, then Postfix will use its value to generate a fully-qualified default value for the myhostname parameter.
 相反,你也可以規定mydomain在main.cf文件中,然後,postfix將會使用myhostname的默認值來生成一個完全合格域名。
 Examples (僅僅只指定一個):
 /etc/postfix/main.cf:
     mydomain = local.domain
     mydomain = virtual.domain (virtual interface)
 My own network addresses
 我擁有的網路地址
 The inet_interfaces parameter specifies all network interface addresses that the Postfix system should listen on; mail addressed to "user@" will be delivered locally, as if it is addressed to a domain listed in $mydestination.
 Postfix將偵聽Inet_interfaces參數規定的網路界面的地址,投遞到:「user@」的郵件是做為本地郵件來投送的,好像它是在$mydestinaton列表中的域之前定址的。
 You can override the inet_interfaces setting in the Postfix master.cf file by prepending an IP address to a server name.
 如果,你在伺服器上預先設置上一個IP地址,則postfix的master.cf文件中你可以不用考濾inet_interface設置
 The default is to listen on all active interfaces. If you run mailers on virtual interfaces, you will have to specify what interfaces to listen on.
 默認下將會偵聽在所有活的網路界面上(所有的IP地址)。如果,你運行郵件伺服器在一個慮擬界面,你必須規定在那個網卡上偵聽。
 IMPORTANT: If you run MTAs on virtual interfaces you must specify explicit inet_interfaces values for the MTA that receives mail for the machine itself: this MTA should never listen on the virtual interfaces or you would have a mailer loop when a virtual MTA is down.
 注意:如果,你運行了一個MTA在一個虛擬的網路界面上,你必須指定inet_interfaces變數。
 Example: 默認設置.
 /etc/postfix/main.cf:
     inet_interfaces = all
 Example: host running one or more virtual mailers. For each Postfix instance, specify only one of the following.
 /etc/postfix/main.cf:
     inet_interfaces = virtual.host.tld         (virtual Postfix)
     inet_interfaces = $myhostname localhost... (non-virtual Postfix)
 Note: you need to stop and start Postfix after changing this parameter.

 

[火星人 ] 自已翻譯的postfix.org上的文檔----基本配置已經有496次圍觀

http://coctec.com/docs/service/show-post-28783.html