-----------------------------------------------
*+ 1 /usr/sbin/sendmail.sendmail
2 /usr/sbin/sendmail.postfix Enter to keep the current selection[+], or type selection number: 2 启动postfix服务: [root@server2 ~]# service postfix start [root@server2 ~]# chkconfig postfix on 二、配置: postfix的配置文件是main.cf,位于/etc/postfix目录下: [root@server2 postfix]# ls
access canonical header_checks main.cf makedefs.out postfix-files post-install TLS_LICENSE virtual
bounce.cf.default generic LICENSE main.cf.default master.cf postfix-script relocated transport 编辑main.cf文件: [root@server2 postfix]# vi main.cf 找到以下行,大概位于69行: #myhostname = host.domain.tld,修改为你自己的主机名,我这里是: myhostname = rhel5.com.cn 在第78行: #mydomain = domain.tld修改为: mydomain = rhel5.com.cn 修改第112行: 将#inet_interfaces = localhost行改为你的IP地址,我的如下: inet_interfaces = 192.168.1.12, 127.0.0.1 修改第157行: mydestination = $myhostname, localhost.$mydomain, localhost改为如下: mydestination =$myhostname, localhost.$mydomain, localhost, mail.$mydomain 去掉第94,95行的注释符号: myorigin = $myhostname myorigin = $mydomain 三、测试: 在windows上telnet server2的25端口: 成功! 使用outlook express测试收发信件! 查看maillog日志文件: Apr 7 19:50:33 server2 postfix/smtpd[29921]: connect from xzxj[192.168.1.156]
Apr 7 19:53:09 server2 postfix/smtpd[29927]: connect from xzxj[192.168.1.156]
Apr 7 19:53:09 server2 postfix/smtpd[29927]: AC51F4FA23: client=xzxj[192.168.1.156]
Apr 7 19:53:09 server2 postfix/cleanup[29929]: AC51F4FA23: message-id=<E4BBD8CF849B480BAE4B236BC3AC483B@xzxj>
Apr 7 19:53:09 server2 postfix/smtpd[29927]: disconnect from xzxj[192.168.1.156]
Apr 7 19:53:09 server2 postfix/qmgr[29899]: AC51F4FA23: from=<student1@rhel5.com.cn>, size=1493, nrcpt=1 (queue active)
Apr 7 19:53:09 server2 postfix/local[29930]: AC51F4FA23: to=<student2@rhel5.com.cn>, relay=local, delay=0.12, delays=0.08/0.03/0/0.01, dsn=2.0.0, status=sent (delivered to mailbox)
Apr 7 19:53:09 server2 postfix/qmgr[29899]: AC51F4FA23: removed 收信: ok,postfix的基本配置已完成了。 四、开启 postfix的SASL and PAM认证: 编辑/etc/postfix/main.cf文件,加入以下行: smtpd_sasl_auth_enable = yes //启用sasl验证
smtpd_sasl_security_options = noanonymous //设定验证机制,拒绝匿名用户
broken_sasl_auth_clients = yes // smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination 启动saslauthd进程:
[root@server2 postfix]# service saslauthd start [root@server2 postfix]# chkconfig saslauthd on [root@server2 postfix]# chkconfig --list saslauthd
saslauthd 0:off 1:off 2:on 3:on 4:on 5:on 6:off 接着是设置PAM认证: 编辑 /etc/sysconfig/saslauthd文件,设置如下: MECH=pam 重启postfix服务程序: [root@server2 postfix]#service postfix restart Shutting down postfix: [ OK ]
Starting postfix: [ OK ] 五、让postfix支持ssl加密认证: 1)、创建smtpd.pem文件: [root@server2 ~]#cd /etc/postfix [root@server2 postfix]#openssl req -new -x509 -nodes -out smtpd.pem -keyout smtpd.pem -days 3650或者: [root@server2 postfix]#make �CC /etc/pki/tls/certs smtpd.pem [root@server2 postfix]# ll
total 336
-rw-r--r-- 1 root root 17832 Aug 11 2008 access
-rw-r--r-- 1 root root 3550 Aug 11 2008 bounce.cf.default
-rw-r--r-- 1 root root 11175 Aug 11 2008 canonical
-rw-r--r-- 1 root root 9920 Aug 11 2008 generic
-rw-r--r-- 1 root root 16838 Aug 11 2008 header_checks
-rw-r--r-- 1 root root 11942 Aug 11 2008 LICENSE
-rw-r--r-- 1 root root 27493 Apr 7 21:31 main.cf
-rw-r--r-- 1 root root 17981 Aug 11 2008 main.cf.default
-rw-r--r-- 1 root root 958 Aug 11 2008 makedefs.out
-rw-r--r-- 1 root root 4134 Apr 7 21:23 master.cf
-rw-r--r-- 1 root root 17639 Aug 11 2008 postfix-files
-rwxr-xr-x 1 root root 6366 Aug 11 2008 postfix-script
-rwxr-xr-x 1 root root 22564 Aug 11 2008 post-install
-rw------- 1 root root 1024 Apr 7 21:37 prng_exch
-rw-r--r-- 1 root root 6805 Aug 11 2008 relocated
-rw-r--r-- 1 root root 2168 Apr 7 21:19 smtpd.pem
-rw-r--r-- 1 root root 1629 Aug 11 2008 TLS_LICENSE
-rw-r--r-- 1 root root 12081 Aug 11 2008 transport
-rw-r--r-- 1 root root 11984 Aug 11 2008 virtual 2)、编辑/etc/postfix/main.cf文件,加入以下内容: smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/smtpd.pem
smtpd_tls_cert_file = /etc/postfix/smtpd.pem
smtpd_tls_CAfile = /etc/postfix/smtpd.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom 保存退出! 3)、编辑/etc/postfix/master.cf文件,确认以下内容没有被注释掉: smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes 这里对应的端口是465端口,如果还存在以下内容的话,则系统会同时打开25端口的: smtp inet n - n - - smtpd 注释掉此行的话,系统只打开465端口! 4)、重启postfix服务: [root@server2 postfix]# service postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ] 5)、检查下相应的端口是否打开: [root@server2 postfix]# netstat -nutpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:2208 0.0.0.0:* LISTEN 3045/hpiod
tcp 0 0 192.168.1.12:993 0.0.0.0:* LISTEN 3119/dovecot
tcp 0 0 192.168.1.12:995 0.0.0.0:* LISTEN 3119/dovecot
tcp 0 0 192.168.1.12:110 0.0.0.0:* LISTEN 3119/dovecot
tcp 0 0 192.168.1.12:143 0.0.0.0:* LISTEN 3119/dovecot
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2737/portmap
tcp 0 0 192.168.1.12:465 0.0.0.0:* LISTEN 13056/master
tcp 0 0 127.0.0.1:465 0.0.0.0:* LISTEN 13056/master
tcp 0 0 192.168.1.12:53 0.0.0.0:* LISTEN 2707/named
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 3086/cupsd
tcp 0 0 192.168.1.12:25 0.0.0.0:* LISTEN 13056/master
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 13056/master
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 2707/named
tcp 0 0 127.0.0.1:2207 0.0.0.0:* LISTEN 3050/python
tcp 0 0 :::22 :::* LISTEN 3070/sshd
tcp 0 0 ::1:953 :::* LISTEN 2707/named
udp 0 0 192.168.1.12:53 0.0.0.0:* 2707/named
udp 0 0 0.0.0.0:69 0.0.0.0:* 3103/xinetd
udp 0 0 0.0.0.0:35146 0.0.0.0:* 2707/named
udp 0 0 0.0.0.0:5353 0.0.0.0:* 3329/avahi-daemon:
udp 0 0 0.0.0.0:111 0.0.0.0:* 2737/portmap
udp 0 0 0.0.0.0:631 0.0.0.0:* 3086/cupsd
udp 0 0 0.0.0.0:50298 0.0.0.0:* 3329/avahi-daemon:
udp 0 0 :::39057 :::* 3329/avahi-daemon:
udp 0 0 :::58033 :::* 2707/named
udp 0 0 :::5353 :::* 3329/avahi-daemon: 6)、测试基于ssl的收发信件: 里面有一行250-STARTTLS内容,则说明,基于ssl的postfix已被正确配置了。 在windows上测试: 发信 收信 日志信息: Apr 7 21:43:51 server2 postfix/postfix-script: starting the Postfix mail system
Apr 7 21:43:51 server2 postfix/master[12944]: daemon started -- version 2.3.3, configuration /etc/postfix
Apr 7 21:44:24 server2 postfix/smtpd[12949]: connect from xzxj[192.168.1.156]
Apr 7 21:44:55 server2 postfix/smtpd[12949]: lost connection after EHLO from xzxj[192.168.1.156]
Apr 7 21:44:55 server2 postfix/smtpd[12949]: disconnect from xzxj[192.168.1.156]
Apr 7 21:45:09 server2 postfix/smtpd[12949]: connect from xzxj[192.168.1.156]
Apr 7 21:47:14 server2 postfix/smtpd[12957]: connect from xzxj[192.168.1.156]
Apr 7 21:47:14 server2 postfix/smtpd[12957]: setting up TLS connection from xzxj[192.168.1.156]
Apr 7 21:47:14 server2 postfix/smtpd[12957]: TLS connection established from xzxj[192.168.1.156]: TLSv1 with cipher RC4-MD5 (128/128 bits)
Apr 7 21:47:14 server2 postfix/smtpd[12957]: 63D114FA2C: client=xzxj[192.168.1.156], sasl_method=LOGIN, sasl_username=student1
Apr 7 21:47:14 server2 postfix/cleanup[12961]: 63D114FA2C: message-id=<0C6E6AB0E4F2487F9D30F7E7A725A873@xzxj>
Apr 7 21:47:14 server2 postfix/smtpd[12957]: disconnect from xzxj[192.168.1.156]
Apr 7 21:47:14 server2 postfix/qmgr[12946]: 63D114FA2C: from=<student1@rhel5.com.cn>, size=1571, nrcpt=1 (queue active)
Apr 7 21:47:14 server2 postfix/local[12962]: 63D114FA2C: to=<student2@rhel5.com.cn>, relay=local, delay=0.07, delays=0.06/0.01/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
Apr 7 21:47:14 server2 postfix/qmgr[12946]: 63D114FA2C: removed 向126发送一份信试试能不能成功。 日志信息: Apr 7 21:50:55 server2 postfix/smtpd[12977]: connect from xzxj[192.168.1.156]
Apr 7 21:50:55 server2 postfix/smtpd[12977]: setting up TLS connection from xzxj[192.168.1.156]
Apr 7 21:50:55 server2 postfix/smtpd[12977]: TLS connection established from xzxj[192.168.1.156]: TLSv1 with cipher RC4-MD5 (128/128 bits)
Apr 7 21:50:55 server2 postfix/smtpd[12977]: 187494FA30: client=xzxj[192.168.1.156], sasl_method=LOGIN, sasl_username=student1
Apr 7 21:50:55 server2 postfix/cleanup[12981]: 187494FA30: message-id=<3F7D65A39E134785BD3CBDFDDBCC424B@xzxj>
Apr 7 21:50:55 server2 postfix/smtpd[12977]: disconnect from xzxj[192.168.1.156]
Apr 7 21:50:55 server2 postfix/qmgr[12946]: 187494FA30: from=<student1@rhel5.com.cn>, size=2405, nrcpt=1 (queue active)
Apr 7 21:51:13 server2 postfix/smtp[12982]: 187494FA30: to=<candon123@126.com>, relay=126.mxmail.netease.com[220.181.15.200]:25, delay=19, delays=0.02/0/15/4.2, dsn=2.0.0, status=sent (250 Mail OK queued as mx20,yMmowLDbVQGDWttJUJISPg--.3192S2 1239112329)
Apr 7 21:51:13 server2 postfix/qmgr[12946]: 187494FA30: removed
本文出自 “candon123” 博客,转载请与作者联系!