Linux(Centos)でメールサーバーを構築する
2016年04月24日
1、postfixをインストールする
[root@srv ~]# yum -y install postfix
2、postfixのmain.cfを設定する
[root@srv ~]# vi /etc/postfix/main.cf # INTERNET HOST AND DOMAIN NAMES # # The myhostname parameter specifies the internet hostname of this # mail system. The default is to use the fully-qualified domain name # from gethostname(). $myhostname is used as a default value for many # other configuration parameters. # #myhostname = host.domain.tld #myhostname = virtual.domain.tld myhostname = srv.dragreen.com # The mydomain parameter specifies the local internet domain name. # The default is to use $myhostname minus the first component. # $mydomain is used as a default value for many other configuration # parameters. # #mydomain = domain.tld mydomain = dragreen.com # SENDING MAIL # # The myorigin parameter specifies the domain that locally-posted # mail appears to come from. The default is to append $myhostname, # which is fine for small sites. If you run a domain with multiple # machines, you should (1) change this to $mydomain and (2) set up # a domain-wide alias database that aliases each user to # user@that.users.mailhost. # # For the sake of consistency between sender and recipient addresses, # myorigin also specifies the default domain name that is appended # to recipient addresses that have no @domain part. # #myorigin = $myhostname #myorigin = $mydomain myorigin = $mydomain # The inet_interfaces parameter specifies the network interface # addresses that this mail system receives mail on. By default, # the software claims all active interfaces on the machine. The # parameter also controls delivery of mail to user@[ip.address]. # # See also the proxy_interfaces parameter, for network addresses that # are forwarded to us via a proxy or network address translator. # # Note: you need to stop/start Postfix when this parameter changes. # #inet_interfaces = all #inet_interfaces = $myhostname #inet_interfaces = $myhostname, localhost inet_interfaces = localhost ↓ inet_interfaces = all # The mydestination parameter specifies the list of domains that this# machine considers itself the final destination for. # # These domains are routed to the delivery agent specified with the # local_transport parameter setting. By default, that is the UNIX # compatible delivery agent that lookups all recipients in /etc/passwd # and /etc/aliases or their equivalent. # # The default is $myhostname + localhost.$mydomain. On a mail domain # gateway, you should also include $mydomain. # # Do not specify the names of virtual domains - those domains are # specified elsewhere (see VIRTUAL_README). # # Do not specify the names of domains that this machine is backup MX # host for. Specify those names via the relay_domains settings for # the SMTP server, or use permit_mx_backup if you are lazy (see # STANDARD_CONFIGURATION_README). # # The local machine is always the final destination for mail addressed # to user@[the.net.work.address] of an interface that the mail system # receives mail on (see the inet_interfaces parameter). # # Specify a list of host or domain names, /file/name or type:table # patterns, separated by commas and/or whitespace. A /file/name # pattern is replaced by its contents; a type:table is matched when # a name matches a lookup key (the right-hand side is ignored). # Continue long lines by starting the next line with whitespace. # # See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS". # mydestination = $myhostname, localhost.$mydomain, localhost ↓ mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain ← 来自自己域名的邮件也可以收信 #mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain #mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, # mail.$mydomain, www.$mydomain, ftp.$mydomain # DELIVERY TO MAILBOX # # The home_mailbox parameter specifies the optional pathname of a # mailbox file relative to a user's home directory. The default # mailbox file is /var/spool/mail/user or /var/mail/user. Specify # "Maildir/" for qmail-style delivery (the / is required). # #home_mailbox = Mailbox #home_mailbox = Maildir/ home_mailbox = Maildir/ # SHOW SOFTWARE VERSION OR NOT # # The smtpd_banner parameter specifies the text that follows the 220 # code in the SMTP server's greeting banner. Some people like to see # the mail version advertised. By default, Postfix shows no version. # # You MUST specify $myhostname at the start of the text. That is an # RFC requirement. Postfix itself does not care. # #smtpd_banner = $myhostname ESMTP $mail_name #smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_banner = $myhostname ESMTP unknown message_size_limit = 10485760
3、Dovecotをインストールする
[root@srv ~]# yum install -y dovecot
4、10-mail.confを設定する
[root@centos ~]# vi /etc/dovecot/conf.d/10-mail.conf # Location for users' mailboxes. The default is empty, which means that Dovecot # tries to find the mailboxes automatically. This won't work if the user # doesn't yet have any mail, so you should explicitly tell Dovecot the full # location. # # If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u) # isn't enough. You'll also need to tell Dovecot where the other mailboxes are # kept. This is called the "root mail directory", and it must be the first # path given in the mail_location setting. # # There are a few special variables you can use, eg.: # # %u - username # %n - user part in user@domain, same as %u if there's no domain # %d - domain part in user@domain, empty if there's no domain # %h - home directory # # See doc/wiki/Variables.txt for full list. Some examples: # # mail_location = maildir:~/Maildir # mail_location = mbox:~/mail:INBOX=/var/mail/%u # mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n # # # #mail_location = mail_location = maildir:~/Maildir # ':' separated list of directories under which chrooting is allowed for mail # processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too). # This setting doesn't affect login_chroot, mail_chroot or auth chroot # settings. If this setting is empty, "/./" in home dirs are ignored. # WARNING: Never add directories here which local users can modify, that # may lead to root exploit. Usually this should be done only if you don't
5、10-auth.confを設定する
[root@centos ~]# vi /etc/dovecot/conf.d/10-auth.conf ← 10-auth.conf配置 # Disable LOGIN command and all other plaintext authentications unless # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP # matches the local IP (ie. you're connecting from the same computer), the # connection is considered secure and plaintext authentication is allowed. #disable_plaintext_auth = yes disable_plaintext_auth = no
6、Maildirフォルダーを自動作成されるように次のコマンドを実行する
[root@srv ~]# mkdir -p /etc/skel/Maildir/{new,cur,tmp} [root@srv ~]# chmod -R 700 /etc/skel/Maildir/ [root@srv ~]#
7、メールアカウントを追加する
[root@srv ~]# useradd -s /sbin/nologin sai [root@srv ~]# passwd sai
8、iptableの25,110ポートを解放する
# Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 20022 -j ACCEPT -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT -A INPUT -p tcp -m tcp --dport 465 -j ACCEPT -A INPUT -p tcp -m tcp --dport 110 -j ACCEPT -A INPUT -p tcp -m tcp --dport 995 -j ACCEPT -A INPUT -p tcp -m tcp --dport 143 -j ACCEPT -A INPUT -p tcp -m tcp --dport 993 -j ACCEPT -A INPUT -p tcp -m tcp --dport 11211 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT
[root@srv ~]# /etc/rc.d/init.d/iptables restart
8. 受送信をテストする
[root@srv ~]# telnet localhost smtp Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 srv.dragreen.com ESMTP unknown ehlo localhost 250-srv.dragreen.com 250-PIPELINING 250-SIZE 10485760 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from:sai 250 2.1.0 Ok rcpt to:k.dragreen@gmail.com 250 2.1.5 Ok data 354 End data with . From sai@dragreen.com Subject:test mail by dragreen Hello Sai this is a test mail by Sai . 250 2.0.0 Ok: queued as D8AEE100666 quit 221 2.0.0 Bye Connection closed by foreign host. [root@srv ~]#
9、GMAILで受信を確認する
成功!
10、GMAILで返信してみる
[root@srv ~]# ls /home/sai/Maildir/new/ 1385709224.Vfd02I2300010M95868.srv.dragreen.com
11、GMAILからの返信が来たかどうかを確認する
[root@srv ~]# telnet localhost pop3 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. +OK Dovecot ready. user sai +OK pass 1111111 +OK Logged in. list +OK 3 messages: 1 4621 2 4600 3 2579 . retr 3 +OK 2579 octets Return-Path: <k.dragreen@gmail.com> X-Original-To: sai@dragreen.com Delivered-To: sai@dragreen.com Received: from mail-vb0-f44.google.com (mail-vb0-f44.google.com [209.85.212.44]) by srv.dragreen.com (Postfix) with ESMTPS id AC044100666 for <sai@dragreen.com>; Fri, 29 Nov 2013 16:13:43 +0900 (JST) Received: by mail-vb0-f44.google.com with SMTP id w20so6533151vbb.31 for <sai@dragreen.com>; Thu, 28 Nov 2013 23:13:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=5BM5T8oR1M5C1OV7WCY1bpJjBwPlppbAyOtoDNH5xss=; b=mFAhbkDv5y5Q45KOqybKbpl/s3Ou0X3s+59aZmNVG1866xTdFm6Zd9ras65Spv7kpR 5et7BWIh8z4wcD91/E+J+8EHup+erHoevl0euBB1WjfcDAUaqXqwTdXlxX06lsPU0q7z D0ReSeQjhv0F9UAxJLDKae5pxRn08jwE7DDnXUHFySN6rsoWqqBcd5rLNG9bmSU+nQf8 iISZluRVufID1mrMgnstcXGK98zU6gh0jkcIB3fegOYNaiyRBI0V4ORHXrPGXeaEKpKl dj8mP7xlKP6loO77MUBnkZr7rGSBsTVcekqvtE/VXmM5QWnFT1tWvTnemsDYZS6LosUy /kBQ== MIME-Version: 1.0 X-Received: by 10.58.255.233 with SMTP id at9mr21370614ved.20.1385709225372; Thu, 28 Nov 2013 23:13:45 -0800 (PST) Received: by 10.220.75.207 with HTTP; Thu, 28 Nov 2013 23:13:45 -0800 (PST) In-Reply-To: <20131129065903.D8AEE100666@srv.dragreen.com> References: <20131129065903.D8AEE100666@srv.dragreen.com> Date: Fri, 29 Nov 2013 16:13:45 +0900 Message-ID: <CAC4rMpYmXAoArqVHVJOfXpHsiiXGW9GYpzc2aOODv_Oxz-08wg@mail.gmail.com> Subject: Re: test mail by dragreen From: kaiei sai <k.dragreen@gmail.com> To: sai@dragreen.com Content-Type: multipart/alternative; boundary=047d7bf15fc823fe3f04ec4b9266 --047d7bf15fc823fe3f04ec4b9266 Content-Type: text/plain; charset=ISO-8859-1 Dear Dragreen, thank you for your mail. 2013/11/29 <sai@dragreen.com> > Hello Sai > this is a test mail by Sai > --047d7bf15fc823fe3f04ec4b9266 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr">Dear Dragreen,<div><br></div><div>thank you for your mail.= </div></div><div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote">2= 013/11/29 <span dir=3D"ltr"><<a href=3D"mailto:sai@dragreen.com" target= =3D"_blank">sai@dragreen.com</a>></span><br> <blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p= x #ccc solid;padding-left:1ex">Hello Sai<br> this is a test mail by Sai<br> </blockquote></div><br></div> --047d7bf15fc823fe3f04ec4b9266-- .
成功!