LINUX邮件服务器安装

这是覆盖的第二篇文章了,最近业务涉及到邮件,所以总结一下邮件服务器安装流程,谨此记录

邮件服务器安装(DNSserver、postfix(SMTP)、Dovecot(POP3)及Cyrus-sas(认证)
  1. DNS服务器安装(xfmail可以替换任意)

    yum install bind -y
    vim /etc/named.conf
    修改options部分为
    ---------------------------------------------------------------------------------------
    options {
            listen-on port 53 { any; };
            listen-on-v6 port 53 { ::1; };
            directory       "/var/named";
            dump-file       "/var/named/data/cache_dump.db";
            statistics-file "/var/named/data/named_stats.txt";
            memstatistics-file "/var/named/data/named_mem_stats.txt";
            recursing-file  "/var/named/data/named.recursing";
            secroots-file   "/var/named/data/named.secroots";
            allow-query     { any; };
            forward first;
            forwarders {114.114.114.114;8.8.8.8;};
            recursion yes;
    
            dnssec-enable yes;
            dnssec-validation yes;
    
            /* Path to ISC DLV key */
            bindkeys-file "/etc/named.root.key";
    
            managed-keys-directory "/var/named/dynamic";
    
            pid-file "/run/named/named.pid";
            session-keyfile "/run/named/session.key";
    };
    ---------------------------------------------------------------------------------------
    
    
    vim /etc/named.rfc1912.zones
    最后追加
    ---------------------------------------------------------------------------------------
    zone "0.168.192.in-adr.arpa" IN {
            type master;
            file "192.168.0.zone";
            allow-update { none; };
    };
    
    zone "xfmail.net" IN {
            type master;
            file "xfmail.net.zone";
            allow-update { none; };
    };
    ---------------------------------------------------------------------------------------
    
    cd /var/named/
    cp -p named.localhost xfmail.net.zone
    cp -p named.localhost 192.168.0.zone
    vim xfmail.net.zone
    改内容如下
    ---------------------------------------------------------------------------------------
    $TTL 1D
    @       IN SOA  @ rname.invalid. (
                                            0       ; serial
                                            1D      ; refresh
                                            1H      ; retry
                                            1W      ; expire
                                            3H )    ; minimum
            NS      @
            A       127.0.0.1
            IN MX 5 mail.xfmail.net.
            AAAA    ::1
    mail    IN A    192.168.0.161
    ---------------------------------------------------------------------------------------
    
    Systemctl enable named.service
    Systemctl restart named.service
    
  2. postfix(linux自带)

    vim /etc/postfix/main.cf
    修改
    inet_protocols = all
    myhostname = mail.xfmail.net
    mydomain = xfmail.net
    myorigin = $mydomain
    mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
    home_mailbox = Maildir/
    mynetworks = 127.0.0.0/8
    
    重启
    service postfix restart
    
  3. devecot

    yum install dovecot -y
    
    vim /etc/dovecot/dovecot.conf
    修改
    protocols = imap pop3 lmtp
    listen = *, ::
    login_trusted_network = 192.168.0.0/24 # TODO 有疑问
    
    vim /etc/dovecot/conf.d/10-auth.conf
    修改
    disable_plaintext_auth = no
    auth_mechanisms = plain login
    
    vim /etc/dovecot/conf.d/10-mail.conf
    修改
    mail_location = maildir:~/Maildir
    
    vim /etc/dovecot/conf.d/10-master.conf
    service auth下增加(或解开注释)
      # Postfix smtp-auth
      unix_listener /var/spool/postfix/private/auth {
        mode = 0660
        user = postfix
        group = postfix
      }
    
    重启
    systemctl enable dovecot.service
    service dovecot start
    
  4. cyrus-sasl

    yum install -y cyrus-sasl-* && rpm -aq | grep cyrus-sasl
    
    vim /etc/postfix/main.cf
    修改
    smtpd_banner = $myhostname ESMTP
    新增
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    smtpd_sasl_application_name = smtpd
    smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_unknown_sender_domain
    smtpd_sasl_auth_enable = yes
    broken_sasl_auth_clients = yes
    smtpd_sasl_local_domain = $myhostname
    smtpd_sasl_security_options = noanonymous
    
    vim /etc/sysconfig/saslauthd
    修改
    SOCKETDIR=/var/run/saslauthd
    MECH=shadow 
    
    vim /etc/sasl2/smtpd.conf
    修改文件内容如下方
    pwcheck_method: saslauthd
    mech_list: PLAIN LOGIN
    log_level:3
    saslauthd_path:/var/run/saslauthd/mux
    
    重启
    systemctl enable saslauthd.service
    systemctl restart saslauthd.service
    
  5. 验证

    groupadd mailusers
    创建邮箱用户1
    useradd -g mailusers -s /sbin/nologin seasen
    passwd seasen
    创建用户2
    useradd -g mailusers -s /sbin/nologin testmail
    passwd testmail
    
    用foxmail登录两个账号,选择pop3协议
    发送接收测试
    
posted @ 2019-03-13 19:05  seas  阅读(283)  评论(0编辑  收藏  举报