ubuntu postfix+SASL+smtp+pop3配置

1,安装postfix、SASL及smtp服务
apt-get install postfix libsasl2 sasl2-bin libsasl2-modules libdb3-util procmail

您将会被问一些问题:
General type of configuration? <-- Internet Site
Mail name? <-- server1.example.com

2,配置postfix
dpkg-reconfigure postfix

您将再次被问一些问题:
General type of configuration? <-- Internet Site
Where should mail for root go <-- NONE
Mail name? <-- server1.example.com
Other destinations to accept mail for? (blank for none) <-- server1.example.com, localhost.example.com, localhost
Force synchronous updates on mail queue? <-- No
Local networks? <-- 127.0.0.0/8
Use procmail for local delivery? <-- Yes
Mailbox size limit <-- 0
Local address extension character? <-- +
Internet protocols to use? <-- all

3,配置postfix使它通过SASL实现smtp
### Configure Postfix to do SMTP AUTH using SASL (saslauthd)
postconf -e 'smtpd_sasl_local_domain ='
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
postconf -e 'inet_interfaces = all'
echo 'pwcheck_method: saslauthd' >> /etc/postfix/sasl/smtpd.conf
echo 'mech_list: plain login' >> /etc/postfix/sasl/smtpd.conf

生成用于加密和认证用的证书
### Generate certificates to be used for TLS encryption and/or certificate Authentication
mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

配置postfix，加密发送和接收的邮件
### Configure Postfix to do TLS encryption for both incoming and outgoing mail
postconf -e 'smtpd_tls_auth_only = no'
postconf -e 'smtp_use_tls = yes'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtp_tls_note_starttls_offer = yes'
postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'
postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
postconf -e 'smtpd_tls_loglevel = 1'
postconf -e 'smtpd_tls_received_header = yes'
postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
postconf -e 'tls_random_source = dev:/dev/urandom'
postconf -e 'myhostname = mail.[MailServer].com
4,重启postfix服务
/etc/init.d/postfix restart

5,做一些小的修改，以便于postfix可以通过saslauthd工作
mkdir -p /var/spool/postfix/var/run/saslauthd

6,编辑一下下面这个文件
vim /etc/default/saslauthd

# This needs to be uncommented before saslauthd will be run automatically
START=yes

PWDIR="/var/spool/postfix/var/run/saslauthd"
PARAMS="-m ${PWDIR} -r"
# PIDFILE="${PWDIR}/saslauthd.pid"

# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"

MECHANISMS="shadow"

7,这步很重要，因为我找了很多资料，这一步都没写对 ^_^
vim /etc/init.d/saslauthd

[...]
PWDIR=/var/spool/postfix/var/run/saslauthd
PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"
[...]

8,配置一下
sudo dpkg-statoverride --force --update --add root sasl 755 /var/spool/postfix/var/run/saslauthd

9,重启saslauthd服务
/etc/init.d/saslauthd start

10,安装pop3服务
apt-get install courier-authdaemon courier-base courier-imap courier-imap-ssl courier-pop courier-pop-ssl courier-ssl gamin libgamin0 libglib2.0-0

回答他的问题
Create directories for web-based administration ? <-- No
SSL certificate required <-- Ok

做一些配置
postconf -e 'home_mailbox = Maildir/'
postconf -e 'mailbox_command ='
/etc/init.d/postfix restart


如果一切都正常的话，你现在可以用evolution之类的软件做测试了(ubuntu自带)