Install Postfix in centos

Source: Internet
Author: User
Tags tld

In centos, the default Mail Server (SMTP) is sendmail, but Sendmail has several disadvantages, such, the configuration is complex and security vulnerabilities have been discovered for many times-and there are still hidden risks, and the mail sending speed is slow. Here we will not describe them one by one. Another "Postfix" widely used in mail services has fewer disadvantages, or is designed for Sendmail. Corresponding to the Sendmail's short position, it is also mature in various aspects. Therefore, there are no special requirements. We do not recommend using Sendmail to build an email server. The mail server configuration method introduced on this site will also be based on Postfix.

1. Install Postfix.

[Root @ sample ~] # Yum-y install Postfix ghost install Postfix online

2. Configure Postfix

[Root @ sample ~] # Vi/etc/Postfix/Main. Cf restart
Edit the Postfix configuration file

# Myhostname = host. domain. TLD locate this line and change the part after the equal sign to the host name. Note that you need to write a domain name, but you cannot write an IP address.
Bytes
Myhostname = sample.centospub.com changed to this status. Set the Host Name of the system.

# Mydomain = domain. TLD locate this line and rewrite the part after the equal sign to the domain name
Bytes
Mydomain = centospub.com is changed to this status. Set the domain name (we will set this as part of the email address)

# Myorigin = $ mydomain names find this row and remove the first line #
Bytes
Myorigin = $ mydomain names changed to this status. Set the part after the mail address "@" to a domain name (non-system host name)

Inet_interfaces = localhost found this line and changed "localhost" to "all"
Bytes
Inet_interfaces = all requests are changed to this status, and requests from all networks are accepted.

Mydestination = $ myhostname, localhost. $ mydomain, localhost locate this row and add "$ mydomain" to the behavior"
Bytes
Mydestination = $ myhostname, localhost. $ mydomain, localhost, $ mydomain changed to this status, specifying the domain name sent to the local email

# Relay_domains = $ mydestination locate this row and remove the first line #
Bytes
Relay_domains = $ mydestination domains changed to this status, defining the domain names allowed for forwarding

# Mynetworks = 168.100.189.0/28,127.0 .0.0/8 locate this line and modify it according to your intranet Conditions
Bytes
Mynetworks = 168.100.189.0/28,127.0 .0.0/8 then changes to this status, specifying the Intranet and local IP address ranges

# Home_mailbox = maildir/empty find this line and remove the line at the beginning #
Bytes
Home_mailbox = maildir/inbox changed to this status, specifying the user email directory

# Show software version or not
#
# The smtpd_banner parameter specifies the text that follows the 220
# Code in the SMTP server's greeting banner. Some people like to see
# The Mail version advertised. By default, Postfix shows no version.
#
# You must specify $ myhostname at the start of the text. That is
# RFC requirement. Postfix itself does not care.
#
# Smtpd_banner = $ myhostname ESMTP $ mail_name
# Smtpd_banner = $ myhostname ESMTP $ mail_name ($ mail_version) locate this line and add the following line to this line:
Smtpd_banner = $ myhostname ESMTP unknow rows add this line, no information about the SMTP server is displayed

Add the following lines at the end of the configuration file:

Smtpd_sasl_auth_enable = yes. The slave server uses SMTP authentication.
Smtpd_sasl_local_domain = $ myhostname authentication specifies the local domain name (host name) for SMTP authentication)
Smtpd_sasl_security_options = noanonymous Anonymous Authentication Not Allowed
Smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
Message_size_limit = 15728640 limit the maximum size of the email is 15 MB.

3. Configure SMTP authentication options

To improve security, we will not use the password of the System user as the password for SMTP authentication for the corresponding user, but will create a dedicated password for SMTP authentication for the user later.

[Root @ sample
~] # Vi/usr/lib/sasl2/smtpd. conf modify the SMTP authentication configuration file

Pwcheck_method: saslauthd locate this line and change "saslauthd" to "auxprop". If this file is empty, create a new file.
Bytes
Pwcheck_method: auxprop keystore does not use the System user password as the user's SMTP authentication Password

[Root @ sample ~] # Vi/etc/sysconfig/saslauthd

Mech = shadow cursor find this line and add #
Bytes
# Mech = shadow watermark does not use the shadow Mechanism

Flags = login find this line and add "sasldb" after the equal sign"
Bytes
Flags = sasldb connector defines the authentication method as sasldb2


4.
Then create a new user

/Usr/sbin/useradd myuser

Passwd myuser

Set Password

First, create a mailbox directory under the user template, so that when you create a new user, the corresponding user's mailbox directory is automatically created.

[Root @ sample ~] # Mkdir/home/myuser/maildir folder
Create a user email directory under the user Template

[Root @ sample ~] # Chmod 700/home/myuser/maildir folder
Set the user email directory attribute to 700

5. If the email address already exists, create a mailbox directory for the existing user.

[Root @ sample ~] # Mkdir/home/myuser/maildir folder is used as the user (Here we use the centospub user as an example) to create the mailbox directory

[Root @ sample ~] # Chmod 700/home/myuser/maildir folder

[Root @ sample ~] # Chown centospub./home/myuser/maildir folder

6. Set the SMTP authentication password for the user

[Root @ sample ~] #/Usr/sbin/saslpasswd2-u sample.centospub.com-C
Centospub keystore sets the SMTP authentication password for centospub users

Password: Login enter the password here (not displayed)
Again (for verification): enter your password again

7. Changing attributes and attributes of SALS

[Root @ sample ~] # Change the database ownership to postfix in chgrp Postfix/etc/sasldb2 connector,

[Root @ sample ~] # Chmod 640/etc/sasldb2 connector change the database attribute to 640

8. Disable the sendmail service and set the default MTA

Because we do not need to use sendmail when using Postfix as the SMTP server, we need to disable the sendmail service to ensure security and save system resources.

[Root @ sample ~] #/Etc/rc. d/init. d/sendmail stop messages disable the sendmail service

Shutting down Sendmail: [OK]
Shutting down Sm-Client: [OK]

[Root @ sample ~] #/Sbin/chkconfig Sendmail off Manual Disable sendmail auto-start

[Root @ sample ~] #/Sbin/chkconfig -- list Sendmail restart confirm that Sendmail has been disabled since it was started (all are off and OK)
Sendmail 0: off 1: off 2: off 3: off 4: off 5: off 6: Off

9. Finally, start the SMTP authentication and Postfix services, and set the corresponding services to self-start.

[Root @ sample ~] #/Sbin/chkconfig saslauthd on startup set SMTP-auth to self-start

[Root @ sample ~] #/Sbin/chkconfig -- list saslauthd verify the SMTP-auth service status
Saslauthd 0: off 1: off 2: On 3: On 4: On 5: on 6: off done OK 2 ~ 5. If the status is on, OK.

[Root @ sample ~] #/Etc/rc. d/init. d/saslauthd start restart start SMTP-auth

Starting saslauthd: [OK]

[Root @ sample ~] #/Sbin/chkconfig Postfix on startup set Postfix to self-start

[Root @ sample ~] #/Sbin/chkconfig -- list Postfix condition confirm the Postfix service status
Postfix 0: off 1: off 2: On 3: On 4: On 5: on 6: off done OK 2 ~ 5. If the status is on, OK.

[Root @ sample ~] #/Etc/rc. d/init. d/Postfix start marker start Postfix

Starting Postfix: [OK]

Reference: http://www.centospub.com/make/postfix_smtp.html

Http://centossrv.com/postfix.shtml

Http://fedorasrv.com/postfix.shtml



Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.