CentOS 7.2 部署邮件服务器(Postfix)

前端之家收集整理的这篇文章主要介绍了CentOS 7.2 部署邮件服务器(Postfix)前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。

一、Postfix简介

二、Postfix安装

  • 安装Postfix以配置SMTP服务器

[1] 即使CentOS系统安装了[最小安装],也会安装Postfix,但如果Postfix不安装,请先安装它,如下所示。

  1. [root@linuxprobe ~]# yum -y install postfix

[2] 此示例显示配置SMTP-Auth以使用Dovecot的SASL函数

  1. [root@linuxprobe ~]# vi /etc/postfix/main.cf
  2. # line 75: uncomment and specify hostname
  3.  
  4. myhostname = linuxprobe.srv.world
  5. # line 83: uncomment and specify domain name
  6.  
  7. mydomain = srv.world
  8. # line 99: uncomment
  9.  
  10. myorigin = $mydomain
  11. # line 116: change
  12.  
  13. inet_interfaces = all
  14. # line 164: add
  15.  
  16. mydestination = $myhostname,localhost.$mydomain,localhost,$mydomain
  17. # line 264: uncomment and specify your local network
  18.  
  19. mynetworks = 127.0.0.0/8,10.0.0.0/24
  20. # line 419: uncomment (use mailBoxdir)
  21.  
  22. home_mailBox = mailBox/
  23. # line 574: add
  24.  
  25. smtpd_banner = $myhostname ESMTP
  26. # add follows to the end
  27.  
  28. # limit an email size for 10M
  29.  
  30. message_size_limit = 10485760
  31.  
  32. # limit a mailBox for 1G
  33.  
  34. mailBox_size_limit = 1073741824
  35. # for SMTP-Auth
  36.  
  37. smtpd_sasl_type = dovecot
  38. smtpd_sasl_path = private/auth
  39. smtpd_sasl_auth_enable = yes
  40. smtpd_sasl_security_options = noanonymous
  41. smtpd_sasl_local_domain = $myhostname
  42. smtpd_recipient_restrictions = permit_mynetworks,permit_auth_destination,permit_sasl_authenticated,reject
  43.  
  44. [root@linuxprobe ~]# systemctl restart postfix
  45. [root@linuxprobe ~]# systemctl enable postfix

[3]如果Firewalld正在运行,请允许SMTP服务。 SMTP使用25 / TCP。

  1. [root@dlp ~]# firewall-cmd --add-service=smtp --permanent
  2. success
  3. [root@dlp ~]# firewall-cmd --reload
  4. success

三、Dovecot 安装

  • 安装Dovecot以配置POP / IMAP服务器

[1] 安装Dovecot.

  1. [root@linuxprobe ~]# yum -y install dovecot

[2] 此示例显示配置为向Postfix提供SASL功能 .

  1. [root@linuxprobe ~]# vi /etc/dovecot/dovecot.conf
  2. # line 24: uncomment
  3. protocols = imap pop3 lmtp
  4. # line 30: uncomment and change ( if not use IPv6 )
  5. listen = *
  6. [root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-auth.conf
  7. # line 10: uncomment and change ( allow plain text auth )
  8. disable_plaintext_auth = no
  9. # line 100: add
  10. auth_mechanisms = plain login
  11. [root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-mail.conf
  12. # line 30: uncomment and add
  13. mail_location = maildir:~/Maildir
  14. [root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-master.conf
  15. # line 96-98: uncomment and add like follows
  16. # Postfix smtp-auth
  17. unix_listener /var/spool/postfix/private/auth {
  18. mode = 0666
  19. user = postfix
  20. group = postfix
  21. }
  22. [root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-ssl.conf
  23. # line 8: change (not require SSL)
  24. ssl = no
  25.  
  26. [root@linuxprobe ~]# systemctl start dovecot
  27. [root@linuxprobe ~]# systemctl enable dovecot

[3] 如果Firewalld正在运行,请允许POP / IMAP服务。 POP使用110 / TCP,IMAP使用143 / TCP.

  1. [root@vdevops ~]# firewall-cmd --add-port={110/tcp,143/tcp} --permanent
  2. success
  3. [root@vdevops ~]# firewall-cmd --reload
  4. success

四、SSL设置

  • 配置SSL以加密连接

[1] 首先创建证书,传送门:http://www.jb51.cc/article/p-pukuckix-qq.html
[2] 为SSL配置Postfix和Dovecot。

  1. # add to the end
  2. smtpd_use_tls = yes
  3. smtpd_tls_cert_file = /etc/pki/tls/certs/server.crt
  4. smtpd_tls_key_file = /etc/pki/tls/certs/server.key
  5. smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache
  6. [root@linuxprobe ~]# vi /etc/postfix/master.cf
  7. # line 26-28: uncomment
  8. smtps inet n - n - - smtpd
  9. -o syslog_name=postfix/smtps
  10. -o smtpd_tls_wrappermode=yes
  11. [root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-ssl.conf
  12. # line 8: change
  13. ssl = yes
  14. # line 14,15: specify certificates
  15. ssl_cert = </etc/pki/tls/certs/server.crt
  16. ssl_key = </etc/pki/tls/certs/server.key
  17. [root@linuxprobe ~]# systemctl restart postfix dovecot

[3] 如果Firewalld正在运行,请允许SMTPS / POP3S / IMAPS服务。 SMTPS使用465 /
TCP,POP3S使用995 / TCP,IMAPS使用993 / TCP。

  1. [root@vdevops ~]# firewall-cmd --add-service={pop3s,imaps} --permanent
  2. success
  3. [root@vdevops ~]# firewall-cmd --add-port=465/tcp --permanent
  4. success
  5. [root@vdevops ~]# firewall-cmd --reload
  6. success

邮件日志报告:pflogsumm

  • 安装pflogsumm这是Postfix日志报告工具

[1] 安装postfix-perl-scripts包 .

  1. [root@linuxprobe ~]# yum -y install postfix-perl-scripts
  2. # generate log summary for yesterday
  3. [root@linuxprobe ~]# perl /usr/sbin/pflogsumm -d yesterday /var/log/maillog
  4. Postfix log summaries for Jul 14
  5. Grand Totals ------------
  6. messages
  7. 2 received
  8. 5 delivered
  9. 0 forwarded
  10. 0 deferred
  11. 0 bounced
  12. 0 rejected (0%)
  13. 0 reject warnings
  14. 0 held
  15. 0 discarded (0%)
  16.  
  17. 2879 bytes received
  18. 6572 bytes delivered
  19. 1 senders
  20. 1 sending hosts/domains
  21. 2 recipients
  22. 2 recipient hosts/domains
  23. Per-Hour Traffic Summary ------------------------
  24. time received delivered deferred bounced rejected
  25. --------------------------------------------------------------------
  26. 0000-0100 0 0 0 0 0
  27. 0100-0200 0 0 0 0 0
  28. 0200-0300 0 0 0 0 0
  29. 0300-0400 0 0 0 0 0
  30. 0400-0500 0 0 0 0 0
  31. 0500-0600 0 0 0 0 0
  32. 0600-0700 0 0 0 0 0
  33. 0700-0800 0 0 0 0 0
  34. 0800-0900 0 0 0 0 0
  35. 0900-1000 0 0 0 0 0
  36. 1000-1100 2 5 0 0 0
  37. 1100-1200 0 0 0 0 0
  38. 1200-1300 0 0 0 0 0
  39. 1300-1400 0 0 0 0 0
  40. 1400-1500 0 0 0 0 0
  41. 1500-1600 0 0 0 0 0
  42. 1600-1700 0 0 0 0 0
  43. 1700-1800 0 0 0 0 0
  44. 1800-1900 0 0 0 0 0
  45. 1900-2000 0 0 0 0 0
  46. 2000-2100 0 0 0 0 0
  47. 2100-2200 0 0 0 0 0
  48. 2200-2300 0 0 0 0 0
  49. 2300-2400 0 0 0 0 0
  50.  
  51. Host/Domain Summary: Message Delivery --------------------------------------
  52. sent cnt bytes defers avg dly max dly host/domain
  53. -------- ------- ------- ------- ------- -----------
  54. 3 4119 0 0.4 s 0.8 s srv.world
  55. 2 2453 0 0.1 s 0.1 s mail.srv.world
  56.  
  57. Host/Domain Summary: Messages Received ---------------------------------------
  58. msg cnt bytes host/domain
  59. -------- ------- -----------
  60. 2 2879 mail.srv.world
  61.  
  62. Senders by message count ------------------------
  63. 2 cent@mail.srv.world
  64.  
  65. Recipients by message count ---------------------------
  66. 3 redhat@srv.world
  67. 2 cent@mail.srv.world
  68.  
  69. Senders by message size -----------------------
  70. 2879 cent@mail.srv.world
  71.  
  72. Recipients by message size --------------------------
  73. 4119 redhat@srv.world
  74. 2453 cent@mail.srv.world
  75.  
  76. message deferral detail: none
  77. message bounce detail (by relay): none
  78. message reject detail: none
  79. message reject warning detail: none
  80. message hold detail: none
  81. message discard detail: none
  82. smtp delivery failures: none
  83. Warnings --------
  84. tlsmgr (total: 6)
  85. 3 redirecting the request to postfix-owned data_directory /var/li...
  86. 3 request to update table btree:/etc/postfix/smtpd_scache in non-...
  87.  
  88. Fatal Errors: none
  89. Panics: none
  90. Master daemon messages ----------------------
  91. 4 daemon started -- version 2.10.1,configuration /etc/postfix
  92. 3 terminating on signal 15
  93. 1 reload -- version 2.10.1,configuration /etc/postfix
  94.  
  95. [root@linuxprobe ~]# crontab -e
  96. # 发送邮件日志摘要在AM每天1:00到根
  97. 00 01 * * * perl /usr/sbin/pflogsumm -e -d yesterday /var/log/maillog | mail -s 'Logwatch for Postfix' root

猜你在找的CentOS相关文章