«

»

二月 23

CentOS-mail server

[root@localhost ~]#vim /etc/postfix/main.cf
#設定主機名稱
myhostname = www.centos.vbird
#發信時所顯示的『發信源主機』
myorigin = $myhostname
#設定 postfix 的監聽介面
inet_interfaces = all
inet_interfaces = localhost-->#inet_interfaces = localhost
#設定 postfix 的監聽 IP 協定
inet_protocols = ipv4
#設定『能夠收信的主機名稱』
mydestination = $myhostname, localhost.$mydomain, localhost,
#規定信任的用戶端
mynetworks = 127.0.0.0/8, 192.168.100.0/24, hash:/etc/postfix/access
#規範可以幫忙 relay 的下一部 MTA 主機位址
relay_domains = $mydestination
#設定郵件別名
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
[root@localhost ~]# postmap hash:/etc/postfix/access
[root@localhost ~]# postalias hash:/etc/aliases
[root@localhost ~]# /etc/init.d/postfix check(檢查設定檔的語法是否有錯誤)

啟動與觀察 port number

[root@localhost ~]# /etc/init.d/postfix restart
[root@localhost ~]# netstat -tlunp | grep ':25'
Proto Recv-Q Send-Q Local Address  Foreign Address   State   PID/Program name
tcp        0      0 0.0.0.0:25     0.0.0.0:*         LISTEN  13697/master

MRA伺服器:dovecot設定(POP3/IMAP)

[root@localhost ~]# yum install dovecot
[root@localhost ~]# vim /etc/dovecot/dovecot.conf
#protocols = imap pop3 lmtp --> protocols = imap pop3
[root@localhost ~]# vim /etc/dovecot/conf.d/10-ssl.conf
#ssl = no --> ssl = no
[root@localhost ~]# /etc/init.d/dovecot start
[root@localhost ~]# chkconfig dovecot on
[root@localhost ~]# netstat -tlnp | grep dovecot
Proto Recv-Q Send-Q Local Address   Foreign Address   State    PID/Program name
tcp        0      0 :::110          :::*              LISTEN   14343/dovecot
tcp        0      0 :::143          :::*              LISTEN   14343/dovecot

加密的 POP3s/IMAPs 設定

[root@localhost ~]#vim /etc/dovecot/conf.d/10-auth.conf
#disable_plaintext_auth = yes --> disable_plaintext_auth = yes
[root@localhost ~]#vim /etc/dovecot/conf.d/10-ssl.conf
#ssl = yes --> ssl = required
[root@localhost ~]#vim /etc/dovecot/conf.d/10-master.conf
service imap-login {
inet_listener imap {
#port = 143 --> port = 0
}
inet_listener imaps {
#port = 993
#ssl = yes
}

service pop3-login {
inet_listener pop3 {
#port = 110 --> port = 0
}
inet_listener pop3s {
#port = 995
#ssl = yes
}
[root@localhost ~]#vim /etc/dovecot/conf.d/10-mail.conf
#mail_location = -->mail_location = mbox:~/mail:INBOX=/var/mail/%u
[root@localhost ~]#/etc/init.d/dovecot restart

saslauthd服務: SMTP身份驗證

[root@localhost ~]# saslauthd -v(先瞭解你的 saslauthd 有支援哪些密碼管理機制)
saslauthd 2.1.23
authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap(pam 即可,也能使用 shadow )
[root@localhost ~]# vim /etc/sysconfig/saslauthd(saslauthd 設定檔中,選定 pam 的驗證機制)
MECH=pam
[root@localhost ~]# /etc/init.d/saslauthd start
[root@localhost ~]# chkconfig saslauthd on

[root@localhost ~]# vim /etc/sasl2/smtpd.conf
log_level: 3                <==登錄檔資訊等級的設定,設定 3 即可
pwcheck_method: saslauthd   <==就是選擇什麼服務來負責密碼的比對啊
mech_list: plain login      <==那麼支援的機制有哪些之意!

main.cf 的設定:讓 postfix 支援 SMTP 身份驗證

[root@localhost ~]# vim /etc/postfix/main.cf

# 在本檔案最後面增加這些與 SASL 有關的設定資料:
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
# 然後找到跟 relay 有關的設定項目,增加一段允許 SMTP 認證的字樣:
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,  <==重點在這裡!注意順序!
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_destination,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client cblless.anti-spam.org.cn,
reject_rbl_client sbl-xbl.spamhaus.org,
check_policy_service unix:/var/spool/postfix/postgrey/socket

[root@localhost ~]# /etc/init.d/postfix restart
Related Posts Plugin for WordPress, Blogger...

發表迴響

你的電子郵件位址並不會被公開。 必要欄位標記為 *

您可以使用這些 HTML 標籤和 attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>