一、Postfix简介
- Postfix 是一种电子邮件服务器,它是由任职于IBM华生研究中心(T.J. Watson Research Center)的荷兰籍研究员Wietse Venema为了改良sendmail邮件服务器而产生的。最早在1990年代晚期出现,是一个开放源代码的软件。
- Postfix 官方网站:http://www.postfix.org/
- Postfix 下载地址:http://www.postfix.org/download.html
二、Postfix安装
- 安装Postfix以配置SMTP服务器
[1] 即使CentOS系统安装了[最小安装],也会安装Postfix,但如果Postfix不安装,请先安装它,如下所示。
[root@linuxprobe ~]# yum -y install postfix
[root@linuxprobe ~]# vi /etc/postfix/main.cf
# line 75: uncomment and specify hostname
myhostname = linuxprobe.srv.world
# line 83: uncomment and specify domain name
mydomain = srv.world
# line 99: uncomment
myorigin = $mydomain
# line 116: change
inet_interfaces = all
# line 164: add
mydestination = $myhostname,localhost.$mydomain,localhost,$mydomain
# line 264: uncomment and specify your local network
mynetworks = 127.0.0.0/8,10.0.0.0/24
# line 419: uncomment (use mailBoxdir)
home_mailBox = mailBox/
# line 574: add
smtpd_banner = $myhostname ESMTP
# add follows to the end
# limit an email size for 10M
message_size_limit = 10485760
# limit a mailBox for 1G
mailBox_size_limit = 1073741824
# for SMTP-Auth
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_mynetworks,permit_auth_destination,permit_sasl_authenticated,reject
[root@linuxprobe ~]# systemctl restart postfix
[root@linuxprobe ~]# systemctl enable postfix
[3]如果Firewalld正在运行,请允许SMTP服务。 SMTP使用25 / TCP。
[root@dlp ~]# firewall-cmd --add-service=smtp --permanent
success
[root@dlp ~]# firewall-cmd --reload
success
三、Dovecot 安装
- 安装Dovecot以配置POP / IMAP服务器
[1] 安装Dovecot.
[root@linuxprobe ~]# yum -y install dovecot
[root@linuxprobe ~]# vi /etc/dovecot/dovecot.conf
# line 24: uncomment
protocols = imap pop3 lmtp
# line 30: uncomment and change ( if not use IPv6 )
listen = *
[root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-auth.conf
# line 10: uncomment and change ( allow plain text auth )
disable_plaintext_auth = no
# line 100: add
auth_mechanisms = plain login
[root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-mail.conf
# line 30: uncomment and add
mail_location = maildir:~/Maildir
[root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-master.conf
# line 96-98: uncomment and add like follows
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
[root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-ssl.conf
# line 8: change (not require SSL)
ssl = no
[root@linuxprobe ~]# systemctl start dovecot
[root@linuxprobe ~]# systemctl enable dovecot
[3] 如果Firewalld正在运行,请允许POP / IMAP服务。 POP使用110 / TCP,IMAP使用143 / TCP.
[root@vdevops ~]# firewall-cmd --add-port={110/tcp,143/tcp} --permanent
success
[root@vdevops ~]# firewall-cmd --reload
success
四、SSL设置
- 配置SSL以加密连接
[1] 首先创建证书,传送门:http://www.jb51.cc/article/p-pukuckix-qq.html
[2] 为SSL配置Postfix和Dovecot。
# add to the end
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/pki/tls/certs/server.crt
smtpd_tls_key_file = /etc/pki/tls/certs/server.key
smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache
[root@linuxprobe ~]# vi /etc/postfix/master.cf
# line 26-28: uncomment
smtps inet n - n - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
[root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-ssl.conf
# line 8: change
ssl = yes
# line 14,15: specify certificates
ssl_cert = </etc/pki/tls/certs/server.crt
ssl_key = </etc/pki/tls/certs/server.key
[root@linuxprobe ~]# systemctl restart postfix dovecot
[3] 如果Firewalld正在运行,请允许SMTPS / POP3S / IMAPS服务。 SMTPS使用465 /
TCP,POP3S使用995 / TCP,IMAPS使用993 / TCP。
[root@vdevops ~]# firewall-cmd --add-service={pop3s,imaps} --permanent
success
[root@vdevops ~]# firewall-cmd --add-port=465/tcp --permanent
success
[root@vdevops ~]# firewall-cmd --reload
success
邮件日志报告:pflogsumm
- 安装pflogsumm这是Postfix日志报告工具
[1] 安装postfix-perl-scripts包 .
[root@linuxprobe ~]# yum -y install postfix-perl-scripts
# generate log summary for yesterday
[root@linuxprobe ~]# perl /usr/sbin/pflogsumm -d yesterday /var/log/maillog
Postfix log summaries for Jul 14
Grand Totals ------------
messages
2 received
5 delivered
0 forwarded
0 deferred
0 bounced
0 rejected (0%)
0 reject warnings
0 held
0 discarded (0%)
2879 bytes received
6572 bytes delivered
1 senders
1 sending hosts/domains
2 recipients
2 recipient hosts/domains
Per-Hour Traffic Summary ------------------------
time received delivered deferred bounced rejected
--------------------------------------------------------------------
0000-0100 0 0 0 0 0
0100-0200 0 0 0 0 0
0200-0300 0 0 0 0 0
0300-0400 0 0 0 0 0
0400-0500 0 0 0 0 0
0500-0600 0 0 0 0 0
0600-0700 0 0 0 0 0
0700-0800 0 0 0 0 0
0800-0900 0 0 0 0 0
0900-1000 0 0 0 0 0
1000-1100 2 5 0 0 0
1100-1200 0 0 0 0 0
1200-1300 0 0 0 0 0
1300-1400 0 0 0 0 0
1400-1500 0 0 0 0 0
1500-1600 0 0 0 0 0
1600-1700 0 0 0 0 0
1700-1800 0 0 0 0 0
1800-1900 0 0 0 0 0
1900-2000 0 0 0 0 0
2000-2100 0 0 0 0 0
2100-2200 0 0 0 0 0
2200-2300 0 0 0 0 0
2300-2400 0 0 0 0 0
Host/Domain Summary: Message Delivery --------------------------------------
sent cnt bytes defers avg dly max dly host/domain
-------- ------- ------- ------- ------- -----------
3 4119 0 0.4 s 0.8 s srv.world
2 2453 0 0.1 s 0.1 s mail.srv.world
Host/Domain Summary: Messages Received ---------------------------------------
msg cnt bytes host/domain
-------- ------- -----------
2 2879 mail.srv.world
Senders by message count ------------------------
2 cent@mail.srv.world
Recipients by message count ---------------------------
3 redhat@srv.world
2 cent@mail.srv.world
Senders by message size -----------------------
2879 cent@mail.srv.world
Recipients by message size --------------------------
4119 redhat@srv.world
2453 cent@mail.srv.world
message deferral detail: none
message bounce detail (by relay): none
message reject detail: none
message reject warning detail: none
message hold detail: none
message discard detail: none
smtp delivery failures: none
Warnings --------
tlsmgr (total: 6)
3 redirecting the request to postfix-owned data_directory /var/li...
3 request to update table btree:/etc/postfix/smtpd_scache in non-...
Fatal Errors: none
Panics: none
Master daemon messages ----------------------
4 daemon started -- version 2.10.1,configuration /etc/postfix
3 terminating on signal 15
1 reload -- version 2.10.1,configuration /etc/postfix
[root@linuxprobe ~]# crontab -e
# 发送邮件日志摘要在AM每天1:00到根
00 01 * * * perl /usr/sbin/pflogsumm -e -d yesterday /var/log/maillog | mail -s 'Logwatch for Postfix' root