flagflag  
Page Top

CentOS anchor.png

Page Top

Install anchor.png

  • yum install postfix
     
Page Top

Setting anchor.png

Page Top
/etc/postfix/main.cf anchor.png
  • inet_interfaces = all が必要 (localhost のみの場合,locahost 以外の名前で接続できない)
  • ブラックリスト
    smtpd_client_restrictions = permit_mynetworks,
        reject_invalid_hostname,
        reject_rbl_client all.rbl.jp,
        reject_rbl_client bl.spamcop.net,
    #    reject_rbl_client zen.spamhaus.org,
        permit
Page Top

Submission port (587) with STARTTLS anchor.png

Page Top
sasl anchor.png
Page Top
証明書 anchor.png
  • STARTTLS, SSL/TLS を使用するために秘密鍵とサーバ証明書が必要
  • OpenSSL で作成する (例:private.key, server.crt)
    openssl req -new -newkey rsa:2048 -days 3650 -nodes -keyout private.key -out server.csr
    openssl x509 -in server.csr -days 3650 -req -signkey private.key -out server.crt
Page Top
/etc/postfix/main.cf anchor.png
smtpd_tls_key_file  = /etc/postfix/tls/private.key
smtpd_tls_cert_file = /etc/postfix/tls/server.crt

# 
#
# SASL
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous 
#smtpd_sasl_local_domain = $mydomain
smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_unauth_destination
Page Top
/etc/postfix/master.cf anchor.png
submission inet n       -       n       -       -       smtpd
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
  • smtpd_tls_security_level=may とすると TLSを使用しないモードも使用可能(危険)
     
Page Top
firewalld anchor.png
  • firewall-cmd --add-service=smtp --permanent
  • firewall-cmd --add-service=smtp-submission --permanent
  • firewall-cmd --reload
     
Page Top

SMTPS port (465) with SSL/TLS anchor.png

Page Top
sasl, TLS 関連は submission ポートに同じ anchor.png
  • Submission ポートと同時に動かすことも可能
     
Page Top
/etc/postfix/master.cf anchor.png
smtps     inet  n       -       n       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
 
Page Top
firewalld anchor.png
  • firewall-cmd --add-service=smtps --permanent
  • firewall-cmd --reload
     

Front page   Freeze Diff Backup Copy Rename Reload   New List of Pages Search Recent changes   Help   RSS of recent changes (RSS 1.0) RSS of recent changes (RSS 2.0) RSS of recent changes (RSS Atom)
Counter: 1175, today: 2, yesterday: 0
Last-modified: 2019-08-18 (Sun) 01:50:13 (JST) (1685d) by iseki

Site Search

Login

Username:

Password:


Lost Password?
Register now!!

Sub Menu

mini Calendar

Last MonthMar 2024Next Month
Su Mo Tu We Th Fr Sa
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31
Today

Who's Online

100 user(s) are online (17 user(s) are browsing xpwiki)

Members: 0
Guests: 100

more...

Access Counter

Today : 9141914191419141
Yesterday : 6869686968696869
Total : 2318342423183424231834242318342423183424231834242318342423183424
Powered by XOOPS Cube 2.1© 2001-2006 XOOPS Cube Project
Design by XoopsDesign.com