フワシ。~
#contents
*Postfix+cDoveot。ハSSLーナケ豐スツミア。ワイセチロ・癸シ・・ワ・テ・ッ・ケイス。ヒ [#a21001d6]
*Postfix+Dovecot。ハSSLーナケ豐スツミア。ワイセチロ・癸シ・・ワ・テ・ッ・ケイス。ヒ [#a21001d6]
**エトカュセハ [#le7f9567]
|OS|CentOS 6.9|
|Postfix|2.6.6|
|Doveot|2.0.9|
|Dovecot|2.0.9|
*タ゚ト [#h8f7fbb4]
**Postfixタ゚ト [#wb7831d3]
-アソヘム・ノ・皈、・。。example1.jp , example2.jp
-・オ。シ・ミFQDN。。mail.example.jp
-アソヘム・癸シ・・「・ノ・・ケ。。test1@example1.jp , test2@example2.jp
-アソヘム・ラ・・ネ・ウ・。。SMTP , SMTPs(TCP/465) , POP3s(TCP/995) , IMAPs(TCP/993)
-/etc/postfix/main.cf
myhostname = mail.example.jp
mydomain = ccc.jp
myorigin = $myhostname
inet_interfaces = all
inet_protocols = ipv4
mydestination = $myhostname, localhost.$mydomain, localhost
relay_domains = $mydestination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
home_mailbox = Maildir/
smtpd_banner = $myhostname ESMTP
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.6.6/samples
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
disable_vrfy_command = yes
## ツクコ゚、キ、ハ、、・癸シ・・「・ノ・・ケ、ホシ隍ーキ、、
## /dev/null、ヒシホ、ニ、ール、ヒunknown_user@localhost、ヒチ、
local_recipient_maps =
luser_relay = unknown_user@localhost
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_use_tls = yes
smtp_tls_security_level = may
smtpd_tls_cert_file = /etc/postfix/example.jp.crt
smtpd_tls_key_file = /etc/postfix/example.jp.key
smtpd_tls_received_header = yes
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
virtual_mailbox_domains = example1.jp, example2.jp
virtual_mailbox_base = /home/mailuser/vmailbox
virtual_mailbox_maps = hash:/etc/postfix/vmailbox
virtual_uid_maps = static:1000
virtual_gid_maps = static:1000
-/etc/postfix/master.cf
smtp inet n - n - - smtpd
smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - n - - qmqpdpickup fifo n
- n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
-ツクコ゚、キ、ハ、、・癸シ・・「・ノ・・ケ、/dev/null、ヒシホ、ニ、
echo 'unknown_user: /dev/null' >> /etc/aliases
newaliases
-イセチロ・癸シ・・ワ・テ・ッ・ケシ隍ーキ、、シツ・譯シ・カ、ホコタョ
groupadd -g 1000 mailuser
useradd -u 1000 -g mailuser mailuser
-・癸シ・・「・ノ・・ケ、ネ・癸シ・・ワ・テ・ッ・ケ、ホ・゙・テ・ヤ・・ー・ユ・。・、・コタョ
--/etc/postfix/vmailbox
test1@example1.jp example1.jp/test1/Maildir/
test2@example2.jp example2.jp/test2/Maildir/
-- Postfix、ャカ、ィ、キチシー、ヒハムエケ
postmap /etc/postfix/vmailbox
-・癸シ・・ワ・テ・ッ・ケ、ホコタョ
mkdir -p /home/mailuser/vmailbox/example1.jp/test1/Maildir
mkdir -p /home/mailuser/vmailbox/example2.jp/test2/Maildir
chown -R mailuser:mailuser /home/mailuser/vmailbox
**Dovecotタ゚ト [#qc33e2f3]
-/etc/dovecor/dovecot.conf
protocols = imap pop3
dict {
#quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
#expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
}
!include conf.d/*.conf
-/etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = no
auth_mechanisms = plain
!include auth-passwdfile.conf.ext
-/etc/dovecot/conf.d/10-master.conf
service imap-login {
inet_listener imap {
#port = 143
port = 0
}
inet_listener imaps {
port = 993
ssl = yes
}
# Number of connections to handle before starting a new process. Typically
# the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
# is faster. <doc/wiki/LoginProcess.txt>
#service_count = 1
# Number of processes to always keep waiting for more connections.
#process_min_avail = 0
# If you set service_count=0, you probably need to grow this.
#vsz_limit = 64M
}
service pop3-login {
inet_listener pop3 {
#port = 110
port = 0
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service auth {
unix_listener auth-userdb {
#mode = 0600
#user =
#group =
}
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
# Auth process is run as this user.
#user = $default_internal_user
}
-/etc/dovecot/conf.d/10-ssl.conf
ssl = yes
ssl_cert = </etc/postfix/example.jp.crt
ssl_key = </etc/postfix/example.jp.key
-/etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:~/Maildir
mbox_write_locks = fcntl
-/etc/dovecot/conf.d/auth-passwdfile.conf.ext
passdb {
driver = passwd-file
# args = scheme=CRYPT username_format=%u /etc/dovecot/users
args = /etc/dovecot/passwd
}
userdb {
driver = passwd-file
# args = username_format=%u /etc/dovecot/users
args = /etc/dovecot/passwd
}
-・ム・ケ・。シ・ノ・マ・テ・キ・蠹ヘ、ホタクタョ
dovecot pw
-・ム・ケ・。シ・ノ・ユ・。・、・、ホコタョ
--タ隍ロ、ノタクタョ、キ、ソ・マ・テ・キ・蠹ヘ、・ユ・。・、・、ヒオュスメ、キ、ニ、讀ッ
--スシー
・癸シ・・「・ノ・・ケ:・ム・ケ・。シ・ノ・マ・テ・キ・蠹ヘ:UID:GID:::::・癸シ・・ワ・テ・ッ・ケキチシー:・癸シ・・ワ・テ・ッ・ケPATH
-/etc/dovecot/passwd
test1@example1.jp:{HMAC-MD5}abcdefg123456:1000:1000:::::Maildir:/home/mailuser/vmailbox/example1.jp/test1/Maildir
test2@example2.jp:{HMAC-MD5}abcdefg123456:1000:1000:::::Maildir:/home/mailuser/vmailbox/example2.jp/test2/Maildir
** ・オ。シ・モ・ケ、ホオッニー [#od18bc6f]
service postfix start
service dovecot start
** ・オ。シ・モ・ケ、ホシォニーオッニータ゚ト [#e898bbb3]
chkconfig postfix on
chkconfig dovecot on