一、Postfix简介
- Postfix 是一种电子邮件服务器,它是由任职于IBM华生研究中心(T.J. Watson Research Center)的荷兰籍研究员Wietse Venema为了改良sendmail邮件服务器而产生的。最早在1990年代晚期出现,是一个开放源代码的软件。
- Postfix 官方网站:http://www.postfix.org/
- Postfix 下载地址:http://www.postfix.org/download.html
二、Postfix安装
- 安装Postfix以配置SMTP服务器
[1] 即使CentOS系统安装了[最小安装],也会安装Postfix,但如果Postfix不安装,请先安装它,如下所示。
- [root@linuxprobe ~]# yum -y install postfix
- [root@linuxprobe ~]# vi /etc/postfix/main.cf
- # line 75: uncomment and specify hostname
-
- myhostname = linuxprobe.srv.world
- # line 83: uncomment and specify domain name
-
- mydomain = srv.world
- # line 99: uncomment
-
- myorigin = $mydomain
- # line 116: change
-
- inet_interfaces = all
- # line 164: add
-
- mydestination = $myhostname,localhost.$mydomain,localhost,$mydomain
- # line 264: uncomment and specify your local network
-
- mynetworks = 127.0.0.0/8,10.0.0.0/24
- # line 419: uncomment (use mailBoxdir)
-
- home_mailBox = mailBox/
- # line 574: add
-
- smtpd_banner = $myhostname ESMTP
- # add follows to the end
-
- # limit an email size for 10M
-
- message_size_limit = 10485760
-
- # limit a mailBox for 1G
-
- mailBox_size_limit = 1073741824
- # for SMTP-Auth
-
- smtpd_sasl_type = dovecot
- smtpd_sasl_path = private/auth
- smtpd_sasl_auth_enable = yes
- smtpd_sasl_security_options = noanonymous
- smtpd_sasl_local_domain = $myhostname
- smtpd_recipient_restrictions = permit_mynetworks,permit_auth_destination,permit_sasl_authenticated,reject
-
- [root@linuxprobe ~]# systemctl restart postfix
- [root@linuxprobe ~]# systemctl enable postfix
[3]如果Firewalld正在运行,请允许SMTP服务。 SMTP使用25 / TCP。
- [root@dlp ~]# firewall-cmd --add-service=smtp --permanent
- success
- [root@dlp ~]# firewall-cmd --reload
- success
三、Dovecot 安装
- 安装Dovecot以配置POP / IMAP服务器
[1] 安装Dovecot.
- [root@linuxprobe ~]# yum -y install dovecot
- [root@linuxprobe ~]# vi /etc/dovecot/dovecot.conf
- # line 24: uncomment
- protocols = imap pop3 lmtp
- # line 30: uncomment and change ( if not use IPv6 )
- listen = *
- [root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-auth.conf
- # line 10: uncomment and change ( allow plain text auth )
- disable_plaintext_auth = no
- # line 100: add
- auth_mechanisms = plain login
- [root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-mail.conf
- # line 30: uncomment and add
- mail_location = maildir:~/Maildir
- [root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-master.conf
- # line 96-98: uncomment and add like follows
- # Postfix smtp-auth
- unix_listener /var/spool/postfix/private/auth {
- mode = 0666
- user = postfix
- group = postfix
- }
- [root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-ssl.conf
- # line 8: change (not require SSL)
- ssl = no
-
- [root@linuxprobe ~]# systemctl start dovecot
- [root@linuxprobe ~]# systemctl enable dovecot
[3] 如果Firewalld正在运行,请允许POP / IMAP服务。 POP使用110 / TCP,IMAP使用143 / TCP.
- [root@vdevops ~]# firewall-cmd --add-port={110/tcp,143/tcp} --permanent
- success
- [root@vdevops ~]# firewall-cmd --reload
- success
四、SSL设置
- 配置SSL以加密连接
[1] 首先创建证书,传送门:http://www.jb51.cc/article/p-pukuckix-qq.html
[2] 为SSL配置Postfix和Dovecot。
- # add to the end
- smtpd_use_tls = yes
- smtpd_tls_cert_file = /etc/pki/tls/certs/server.crt
- smtpd_tls_key_file = /etc/pki/tls/certs/server.key
- smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache
- [root@linuxprobe ~]# vi /etc/postfix/master.cf
- # line 26-28: uncomment
- smtps inet n - n - - smtpd
- -o syslog_name=postfix/smtps
- -o smtpd_tls_wrappermode=yes
- [root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-ssl.conf
- # line 8: change
- ssl = yes
- # line 14,15: specify certificates
- ssl_cert = </etc/pki/tls/certs/server.crt
- ssl_key = </etc/pki/tls/certs/server.key
- [root@linuxprobe ~]# systemctl restart postfix dovecot
[3] 如果Firewalld正在运行,请允许SMTPS / POP3S / IMAPS服务。 SMTPS使用465 /
TCP,POP3S使用995 / TCP,IMAPS使用993 / TCP。
- [root@vdevops ~]# firewall-cmd --add-service={pop3s,imaps} --permanent
- success
- [root@vdevops ~]# firewall-cmd --add-port=465/tcp --permanent
- success
- [root@vdevops ~]# firewall-cmd --reload
- success
邮件日志报告:pflogsumm
- 安装pflogsumm这是Postfix日志报告工具
[1] 安装postfix-perl-scripts包 .
- [root@linuxprobe ~]# yum -y install postfix-perl-scripts
- # generate log summary for yesterday
- [root@linuxprobe ~]# perl /usr/sbin/pflogsumm -d yesterday /var/log/maillog
- Postfix log summaries for Jul 14
- Grand Totals ------------
- messages
- 2 received
- 5 delivered
- 0 forwarded
- 0 deferred
- 0 bounced
- 0 rejected (0%)
- 0 reject warnings
- 0 held
- 0 discarded (0%)
-
- 2879 bytes received
- 6572 bytes delivered
- 1 senders
- 1 sending hosts/domains
- 2 recipients
- 2 recipient hosts/domains
- Per-Hour Traffic Summary ------------------------
- time received delivered deferred bounced rejected
- --------------------------------------------------------------------
- 0000-0100 0 0 0 0 0
- 0100-0200 0 0 0 0 0
- 0200-0300 0 0 0 0 0
- 0300-0400 0 0 0 0 0
- 0400-0500 0 0 0 0 0
- 0500-0600 0 0 0 0 0
- 0600-0700 0 0 0 0 0
- 0700-0800 0 0 0 0 0
- 0800-0900 0 0 0 0 0
- 0900-1000 0 0 0 0 0
- 1000-1100 2 5 0 0 0
- 1100-1200 0 0 0 0 0
- 1200-1300 0 0 0 0 0
- 1300-1400 0 0 0 0 0
- 1400-1500 0 0 0 0 0
- 1500-1600 0 0 0 0 0
- 1600-1700 0 0 0 0 0
- 1700-1800 0 0 0 0 0
- 1800-1900 0 0 0 0 0
- 1900-2000 0 0 0 0 0
- 2000-2100 0 0 0 0 0
- 2100-2200 0 0 0 0 0
- 2200-2300 0 0 0 0 0
- 2300-2400 0 0 0 0 0
-
- Host/Domain Summary: Message Delivery --------------------------------------
- sent cnt bytes defers avg dly max dly host/domain
- -------- ------- ------- ------- ------- -----------
- 3 4119 0 0.4 s 0.8 s srv.world
- 2 2453 0 0.1 s 0.1 s mail.srv.world
-
- Host/Domain Summary: Messages Received ---------------------------------------
- msg cnt bytes host/domain
- -------- ------- -----------
- 2 2879 mail.srv.world
-
- Senders by message count ------------------------
- 2 cent@mail.srv.world
-
- Recipients by message count ---------------------------
- 3 redhat@srv.world
- 2 cent@mail.srv.world
-
- Senders by message size -----------------------
- 2879 cent@mail.srv.world
-
- Recipients by message size --------------------------
- 4119 redhat@srv.world
- 2453 cent@mail.srv.world
-
- message deferral detail: none
- message bounce detail (by relay): none
- message reject detail: none
- message reject warning detail: none
- message hold detail: none
- message discard detail: none
- smtp delivery failures: none
- Warnings --------
- tlsmgr (total: 6)
- 3 redirecting the request to postfix-owned data_directory /var/li...
- 3 request to update table btree:/etc/postfix/smtpd_scache in non-...
-
- Fatal Errors: none
- Panics: none
- Master daemon messages ----------------------
- 4 daemon started -- version 2.10.1,configuration /etc/postfix
- 3 terminating on signal 15
- 1 reload -- version 2.10.1,configuration /etc/postfix
-
- [root@linuxprobe ~]# crontab -e
- # 发送邮件日志摘要在AM每天1:00到根
- 00 01 * * * perl /usr/sbin/pflogsumm -e -d yesterday /var/log/maillog | mail -s 'Logwatch for Postfix' root
