postfix SMTPS+dovecot環境
をテンプレートにして作成
[
トップ
] [
新規
|
一覧
|
検索
|
最終更新
|
ヘルプ
]
開始行:
目次~
#contents
*Postfix+Dovecot(SSL暗号化対応+仮想メールボックス化) [...
**環境情報 [#le7f9567]
|OS|CentOS 6.9|
|Postfix|2.6.6|
|Dovecot|2.0.9|
*設定 [#h8f7fbb4]
**Postfix設定 [#wb7831d3]
-運用ドメイン example1.jp , example2.jp
-サーバFQDN mail.example.jp
-運用メールアドレス test1@example1.jp , test2@example2.jp
-運用プロトコル SMTP , SMTPs(TCP/465) , POP3s(TCP/995) ,...
-/etc/postfix/main.cf
myhostname = mail.example.jp
mydomain = ccc.jp
myorigin = $myhostname
inet_interfaces = all
inet_protocols = ipv4
mydestination = $myhostname, localhost.$mydomain, localh...
relay_domains = $mydestination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
home_mailbox = Maildir/
smtpd_banner = $myhostname ESMTP
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id...
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.6.6/samples
readme_directory = /usr/share/doc/postfix-2.6.6/README_F...
disable_vrfy_command = yes
## 存在しないメールアドレスの取り扱い
## /dev/nullに捨てる為にunknown_user@localhostに送る
local_recipient_maps =
luser_relay = unknown_user@localhost
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_use_tls = yes
smtp_tls_security_level = may
smtpd_tls_cert_file = /etc/postfix/example.jp.crt
smtpd_tls_key_file = /etc/postfix/example.jp.key
smtpd_tls_received_header = yes
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_database = btree:/etc/postfix/sm...
smtpd_tls_session_cache_timeout = 3600s
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
virtual_mailbox_domains = example1.jp, example2.jp
virtual_mailbox_base = /home/mailuser/vmailbox
virtual_mailbox_maps = hash:/etc/postfix/vmailbox
virtual_uid_maps = static:1000
virtual_gid_maps = static:1000
-/etc/postfix/master.cf
smtp inet n - n - - ...
smtps inet n - n - - ...
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated...
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - n - - ...
- n 60 1 pickup
cleanup unix n - n - 0 ...
qmgr fifo n - n 300 1 ...
#qmgr fifo n - n 300 1 ...
tlsmgr unix - - n 1000? 1 ...
rewrite unix - - n - - ...
bounce unix - - n - 0 ...
defer unix - - n - 0 ...
trace unix - - n - 0 ...
verify unix - - n - 1 ...
flush unix n - n 1000? 0 ...
proxymap unix - - n - - ...
proxywrite unix - - n - 1 ...
smtp unix - - n - - ...
# When relaying mail as backup MX, disable fallback_rela...
relay unix - - n - - ...
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - ...
error unix - - n - - ...
retry unix - - n - - ...
discard unix - - n - - ...
local unix - n n - - ...
virtual unix - n n - - ...
lmtp unix - - n - - ...
anvil unix - - n - 1 ...
scache unix - - n - 1 ...
-存在しないメールアドレスを/dev/nullに捨てる
echo 'unknown_user: /dev/null' >> /etc/aliases
newaliases
-仮想メールボックス取り扱い実ユーザの作成
groupadd -g 1000 mailuser
useradd -u 1000 -g mailuser mailuser
-メールアドレスとメールボックスのマッピングファイル作成
--/etc/postfix/vmailbox
test1@example1.jp example1.jp/test1/Maildir/
test2@example2.jp example2.jp/test2/Maildir/
-- Postfixが喰える形式に変換
postmap /etc/postfix/vmailbox
-メールボックスの作成
mkdir -p /home/mailuser/vmailbox/example1.jp/test1/Maildir
mkdir -p /home/mailuser/vmailbox/example2.jp/test2/Maildir
chown -R mailuser:mailuser /home/mailuser/vmailbox
**Dovecot設定 [#qc33e2f3]
-/etc/dovecor/dovecot.conf
protocols = imap pop3
dict {
#quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
#expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
}
!include conf.d/*.conf
-/etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = no
auth_mechanisms = plain
!include auth-passwdfile.conf.ext
-/etc/dovecot/conf.d/10-master.conf
service imap-login {
inet_listener imap {
#port = 143
port = 0
}
inet_listener imaps {
port = 993
ssl = yes
}
# Number of connections to handle before starting a ne...
# the only useful values are 0 (unlimited) or 1. 1 is ...
# is faster. <doc/wiki/LoginProcess.txt>
#service_count = 1
# Number of processes to always keep waiting for more ...
#process_min_avail = 0
# If you set service_count=0, you probably need to gro...
#vsz_limit = 64M
}
service pop3-login {
inet_listener pop3 {
#port = 110
port = 0
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service auth {
unix_listener auth-userdb {
#mode = 0600
#user =
#group =
}
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
# Auth process is run as this user.
#user = $default_internal_user
}
-/etc/dovecot/conf.d/10-ssl.conf
ssl = yes
ssl_cert = </etc/postfix/example.jp.crt
ssl_key = </etc/postfix/example.jp.key
-/etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:~/Maildir
mbox_write_locks = fcntl
-/etc/dovecot/conf.d/auth-passwdfile.conf.ext
passdb {
driver = passwd-file
# args = scheme=CRYPT username_format=%u /etc/dovecot/u...
args = /etc/dovecot/passwd
}
userdb {
driver = passwd-file
# args = username_format=%u /etc/dovecot/users
args = /etc/dovecot/passwd
}
-パスワードハッシュ値の生成
dovecot pw
-パスワードファイルの作成
--先ほど生成したハッシュ値をファイルに記述してゆく
--書式
メールアドレス:パスワードハッシュ値:UID:GID:::::メールボ...
-/etc/dovecot/passwd
test1@example1.jp:{HMAC-MD5}abcdefg123456:1000:1000:::::...
test2@example2.jp:{HMAC-MD5}abcdefg123456:1000:1000:::::...
** サービスの起動 [#od18bc6f]
service postfix start
service dovecot start
** サービスの自動起動設定 [#e898bbb3]
chkconfig postfix on
chkconfig dovecot on
終了行:
目次~
#contents
*Postfix+Dovecot(SSL暗号化対応+仮想メールボックス化) [...
**環境情報 [#le7f9567]
|OS|CentOS 6.9|
|Postfix|2.6.6|
|Dovecot|2.0.9|
*設定 [#h8f7fbb4]
**Postfix設定 [#wb7831d3]
-運用ドメイン example1.jp , example2.jp
-サーバFQDN mail.example.jp
-運用メールアドレス test1@example1.jp , test2@example2.jp
-運用プロトコル SMTP , SMTPs(TCP/465) , POP3s(TCP/995) ,...
-/etc/postfix/main.cf
myhostname = mail.example.jp
mydomain = ccc.jp
myorigin = $myhostname
inet_interfaces = all
inet_protocols = ipv4
mydestination = $myhostname, localhost.$mydomain, localh...
relay_domains = $mydestination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
home_mailbox = Maildir/
smtpd_banner = $myhostname ESMTP
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id...
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.6.6/samples
readme_directory = /usr/share/doc/postfix-2.6.6/README_F...
disable_vrfy_command = yes
## 存在しないメールアドレスの取り扱い
## /dev/nullに捨てる為にunknown_user@localhostに送る
local_recipient_maps =
luser_relay = unknown_user@localhost
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_use_tls = yes
smtp_tls_security_level = may
smtpd_tls_cert_file = /etc/postfix/example.jp.crt
smtpd_tls_key_file = /etc/postfix/example.jp.key
smtpd_tls_received_header = yes
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_database = btree:/etc/postfix/sm...
smtpd_tls_session_cache_timeout = 3600s
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
virtual_mailbox_domains = example1.jp, example2.jp
virtual_mailbox_base = /home/mailuser/vmailbox
virtual_mailbox_maps = hash:/etc/postfix/vmailbox
virtual_uid_maps = static:1000
virtual_gid_maps = static:1000
-/etc/postfix/master.cf
smtp inet n - n - - ...
smtps inet n - n - - ...
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated...
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - n - - ...
- n 60 1 pickup
cleanup unix n - n - 0 ...
qmgr fifo n - n 300 1 ...
#qmgr fifo n - n 300 1 ...
tlsmgr unix - - n 1000? 1 ...
rewrite unix - - n - - ...
bounce unix - - n - 0 ...
defer unix - - n - 0 ...
trace unix - - n - 0 ...
verify unix - - n - 1 ...
flush unix n - n 1000? 0 ...
proxymap unix - - n - - ...
proxywrite unix - - n - 1 ...
smtp unix - - n - - ...
# When relaying mail as backup MX, disable fallback_rela...
relay unix - - n - - ...
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - ...
error unix - - n - - ...
retry unix - - n - - ...
discard unix - - n - - ...
local unix - n n - - ...
virtual unix - n n - - ...
lmtp unix - - n - - ...
anvil unix - - n - 1 ...
scache unix - - n - 1 ...
-存在しないメールアドレスを/dev/nullに捨てる
echo 'unknown_user: /dev/null' >> /etc/aliases
newaliases
-仮想メールボックス取り扱い実ユーザの作成
groupadd -g 1000 mailuser
useradd -u 1000 -g mailuser mailuser
-メールアドレスとメールボックスのマッピングファイル作成
--/etc/postfix/vmailbox
test1@example1.jp example1.jp/test1/Maildir/
test2@example2.jp example2.jp/test2/Maildir/
-- Postfixが喰える形式に変換
postmap /etc/postfix/vmailbox
-メールボックスの作成
mkdir -p /home/mailuser/vmailbox/example1.jp/test1/Maildir
mkdir -p /home/mailuser/vmailbox/example2.jp/test2/Maildir
chown -R mailuser:mailuser /home/mailuser/vmailbox
**Dovecot設定 [#qc33e2f3]
-/etc/dovecor/dovecot.conf
protocols = imap pop3
dict {
#quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
#expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
}
!include conf.d/*.conf
-/etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = no
auth_mechanisms = plain
!include auth-passwdfile.conf.ext
-/etc/dovecot/conf.d/10-master.conf
service imap-login {
inet_listener imap {
#port = 143
port = 0
}
inet_listener imaps {
port = 993
ssl = yes
}
# Number of connections to handle before starting a ne...
# the only useful values are 0 (unlimited) or 1. 1 is ...
# is faster. <doc/wiki/LoginProcess.txt>
#service_count = 1
# Number of processes to always keep waiting for more ...
#process_min_avail = 0
# If you set service_count=0, you probably need to gro...
#vsz_limit = 64M
}
service pop3-login {
inet_listener pop3 {
#port = 110
port = 0
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service auth {
unix_listener auth-userdb {
#mode = 0600
#user =
#group =
}
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
# Auth process is run as this user.
#user = $default_internal_user
}
-/etc/dovecot/conf.d/10-ssl.conf
ssl = yes
ssl_cert = </etc/postfix/example.jp.crt
ssl_key = </etc/postfix/example.jp.key
-/etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:~/Maildir
mbox_write_locks = fcntl
-/etc/dovecot/conf.d/auth-passwdfile.conf.ext
passdb {
driver = passwd-file
# args = scheme=CRYPT username_format=%u /etc/dovecot/u...
args = /etc/dovecot/passwd
}
userdb {
driver = passwd-file
# args = username_format=%u /etc/dovecot/users
args = /etc/dovecot/passwd
}
-パスワードハッシュ値の生成
dovecot pw
-パスワードファイルの作成
--先ほど生成したハッシュ値をファイルに記述してゆく
--書式
メールアドレス:パスワードハッシュ値:UID:GID:::::メールボ...
-/etc/dovecot/passwd
test1@example1.jp:{HMAC-MD5}abcdefg123456:1000:1000:::::...
test2@example2.jp:{HMAC-MD5}abcdefg123456:1000:1000:::::...
** サービスの起動 [#od18bc6f]
service postfix start
service dovecot start
** サービスの自動起動設定 [#e898bbb3]
chkconfig postfix on
chkconfig dovecot on
ページ名: