RedHat+Postfix+ Cyrus-sasl+ Dovecot+Stunnel


RedHat+Postfix+ Cyrus-sasl+ Dovecot+Stunnel
检查是否安装:
       rpm -qa | grep postfix
       rpm -qa | grep cyrus
       rpm –qa | grep dovecot
       rpm –qa | grep stunnel
没有的话,可从系统盘安装
系统一般都是自动安装sendmail,所以要先关闭服务或者卸载
       /etc/init.d/postfix stop  //关闭服务
       rpm –e sendmail         //卸载
设置关闭sendmail服务
       chkconfig sendmail off
开启Cyrus-sasl,实现密码验证
       /etc/init.d/saslauthd start
       chkconfig saslauthd on
       测试:
              testsaslauthd –u 用户名 –p 密码 提示succcess则表示测试成功
配置SMTP
       vi /etc/postfix/main.cf
    在文件中编辑以下行
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
header_checks = regexp:/etc/postfix/header_checks
html_directory = no
mailbox_size_limit = 102400000
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man

mydomain = 域名
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
myhostname = mail.域名
mynetworks = 192.168.1.0/24, 127.0.0.0/8, 192.168.1.100/32
myorigin = $mydomain

newaliases_path = /usr/bin/newaliases.postfix
readme_directory = /usr/share/doc/postfix-1.1.11/README_FILES
relay_domains = nanoconcept.net
sample_directory = /usr/share/doc/postfix-1.1.11/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
postfix配置文件默认情况下没有配置SMTP认证机制,所以需要在main.cf添加以下内容来实现SMTP的认证:
smtpd_sasl_auth_enable = yes        #该smtp需要用户认证
smtpd_sasl_local_domain= ''
smtpd_recipient_restrictions = permit_sasl_authenticated permit_auth_destination permit_mynetworks check_relay_domain reject_rbl_client yahoo.com.tw reject_rbl_client cbl.anti-spam.org.cn reject_rbl_client cdl.anti-spam.org.cn reject_rbl_client cblplus.anti-spam.org.cn reject_non_fqdn_sender reject_non_fqdn_recipient reject_unknown_sender_domain reject_unknown_recipient_domain reject

broken_sasl_auth_clients = yes
smtpd_client_restrictions = permit_sasl_authenticated
smtpd_sasl_security_options=noanonymous     #拒绝所有匿名认证
unknown_local_recipient_reject_code = 550
 
注:
1)mydomain
指明你的域名:
mydomain = xx.com
2)myorigin
myorigin参数指明发件人所在的域名:
myorigin = $mydomain
3)inet_interfaces
inet_interfaces = all     监听所有端口
4)mydestination
mydestination参数指定postfix接收邮件时收件人的域名:
mydestination = $mydomain
5)mynetworks_style
设置网络类型:
mynetworks_style = subnet
6)mynetworks
定义可以使用的此smtp服务器发信的客户ip地址:
mynetworks = 192.168.1.0/24
注: 也可设置成10.10.1.0~10.10.1.9,10.10.3.0~10.10.3.9
 
开启postfix
    /etc/init.d/postfix start
Postfix服务一旦成功启动,可通过netstat –ntl | grep 25查看25端口
    chkconfig postfix on
服务开启成功,即可通过客户端发送邮件
 
        
Pop3服务
       Pop3为接受邮件服务,无需特殊需求,不需配置,可直接开启服务
       /etc/init.d/dovecot start
       可通过netstat –ntl查看是否开启端口110
 
Stunnel功能是实现端口加密,配置文件默认对smtp和pop3端口进行加密,所以无需配置,直接开启其服务:      
       /etc/init.d/stunnel start

相关内容