Article Title: redhat8.0 comes with sendmail to configure the authentication server and upgrade sendmail. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Use sendmail + sasl in redhat8.0 to configure the email server to be authenticated, and upgrade sendmail8.12.5 to sendmail.8.12.9.
Redhat8 is installed with sendmail8.12.5by default.
During system installation, custom is selected, and sendmail is installed by default.
1. First, generate the sendmail. cf file. Generally, compile sendmail. mc to generate sendmail. cf. The advantage is that some sendmail settings are incorrect.
And vulnerabilities.
# Cd/etc/mail
# Vi sendmail. mc
Divert (-1)
Dnl This is the sendmail macro config file. If you make changes to this file,
Dnl you need the sendmail-cf rpm installed and then have to generate
Dnl new/etc/mail/sendmail. cf by running the following command:
Dnl
Dnl m4/etc/mail/sendmail. mc>/etc/mail/sendmail. cf
Dnl
Include ('/usr/share/sendmail-cf/m4/cf. m4 ')
VERSIONID ('linux setup for Red Hat linux ') dnl
OSTYPE ('linux ')
Dnl Uncomment and edit the following line if your mail needs to be sent out
Dnl through an external mail server:
Dnl define ('smart _ host', 'smtp. your. provider ')
Define ('confdef _ USER_ID ', ''8: 12 '') dnl
Undefine ('ucp _ RELAY ') dnl
Undefine ('bitnet _ RELAY ') dnl
Dnl define ('confauto _ REBUILD ') dnl
Define ('confto _ CONNECT ', '1m') dnl
Define ('conftry _ NULL_MX_LIST ', true) dnl
Define ('confdont _ PROBE_INTERFACES ', true) dnl
Define ('procmail _ MAILER_PATH ','/usr/bin/procmail') dnl
Define ('Alias _ file', '/etc/aliases') dnl
Dnl define ('status _ file', '/etc/mail/statistics') dnl
Define ('ucp _ MAILER_MAX ', '2013') dnl
Define ('confuserdb _ SPEC ','/etc/mail/userdb. db') dnl
Define ('confprivacy _ FLAGS ', 'authwarnings, novrfy, noexpn, restrictqrun') dnl
Define ('confauth _ options', 'A') dnl
Dnl TRUST_AUTH_MECH ('external DIGEST-MD5 login plain ') dnl
Dnl define ('confauth _ MECHANISMS ', 'external GSSAPI DIGEST-MD5 CRAM-MD5 login plain') dnl
TRUST_AUTH_MECH ('external DIGEST-MD5 CRAM-MD5 login plain ') dnl
Define ('confauth _ MECHANISMS ', 'external GSSAPI DIGEST-MD5 CRAM-MD5 login plain') dnl
DAEMON_OPTIONS ('port = 25, Name = MTA ') dnl
DAEMON_OPTIONS ('port = 587, Name = MSA, M = Ea ') dnl
Dnl define ('confcacert _ path', '/usr/share/ssl/certs ')
Dnl define ('confcacert ','/usr/share/ssl/certs/ca-bundle.crt ')
Dnl define ('confserver _ cert', '/usr/share/ssl/certs/sendmail. pem ')
Dnl define ('confserver _ key', '/usr/share/ssl/certs/sendmail. pem ')
Dnl define ('confto _ queuewarn', '4h ') dnl
Dnl define ('confto _ queuereturn', '5d ') dnl
Dnl define ('confqueue _ la', '12') dnl
Dnl define ('confrefuse _ la', '18') dnl
Define ('confto _ IDENT ', '0') dnl
Dnl FEATURE (delay_checks) dnl
FEATURE ('no _ default_msa ', 'dnl') dnl
FEATURE ('smrsh', '/usr/sbin/smrsh') dnl
FEATURE ('mailertable', 'hash-o/etc/mail/mailertable. db') dnl
FEATURE ('your usertable', 'hash-o/etc/mail/Your usertable. db') dnl
FEATURE (redirect) dnl
FEATURE (always_add_domain) dnl
FEATURE (use_cw_file) dnl
FEATURE (use_ct_file) dnl
Dnl The '-t' option will retry delivery if e.g. the user runs over his quota.
FEATURE (local_procmail, '', 'procmail-t-Y-a $ h-d $ U') dnl
FEATURE ('Access _ db', 'hash-T -O/etc/mail/access. db') dnl
FEATURE ('blacklist _ recipients ') dnl
EXPOSED_USER ('root') dnl
Dnl This changes sendmail to only listen on the loopback device 127.0.0.1
Dnl and not on any other network devices. Comment this out if you want
Dnl to accept email over the network.
Dnl DAEMON_OPTIONS ('port = smtp, Addr = 127.0.0.1, Name = MTA ')
Dnl NOTE: binding both IPv4 and IPv6 daemon to the same port requires
Dnl a kernel patch
Dnl DAEMON_OPTIONS ('port = smtp, Addr =: 1, Name = MTA-v6, Family = inet6 ')
Dnl We stronugly recommend to comment this one out if you want to protect
Dnl yourself from spam. However, the laptop and users on computers that do
Dnl not have 24x7 DNS do need this.
Dnl FEATURE ('Accept _ unresolvable_domains ')
Dnl FEATURE ('relay _ based_on_MX ') dnl
MAILER (smtp) dnl
MAILER (procmail) dnl
Cwlocalhost. localdomain
Where:
1 and 2 enable the annotation and enable the corresponding authentication mechanism, mainly to support outlook
3 and 4 are added. Set the port used by the mta and msa.
5 and 6 should be noted out. 5. Allow Sendmail to be connected over the network. 6. Disable relay emails for unresolvable domain names.
1. TRUST_AUTH_MECH ('external DIGEST-MD5 login plain ') dnl
2. define ('confauth _ MECHANISMS ', 'external GSSAPI DIGEST-MD5 CRAM-MD5 login plain') dnl
3. DAEMON_OPTIONS ('port = 25, Name = MTA ') dnl
4. DAEMON_OPTIONS ('port = 587, Name = MSA, M = Ea ') dnl
5. dnl DAEMON_OPTIONS ('port = smtp, Addr = 127.0.0.1, Name = MTA ')
6. dnl FEATURE ('Accept _ unresolvable_domains ')
Save.
2. Compile sendmail. mc to generate the sendmail. cf file
# M4/etc/mail/sendmail. mc>/etc/mail/sendmail. cf
#/Etc/rc. d/init. d/sendmail restart -- restart the sendmail service.
Assume that you are executing m4/etc/mail/sendmail. mc>/etc/mail/sendmail. if cf reports an error, check whether sendmail-cf is installed. *. rpm, which comes with redhat8.0
Sendmail-cf-8.12.5-7.i386.rpm, 3rd sheets in mounting disk, Installation Method: # rpm-ivh sendmail-cf-8.12.5-7.i386.rpm
3. Check the compilation result.
1. Check that SASL is compiled to sendmail.
#/Usr/sbin/sendmail-d0.1-bv root | grep SASL
The output is similar to the following:
NETUNIX NEWDB NIS PIPELINING SASL SCANF STARTTLS TCPWRAPPERS
Make sure that SASL is correct.
2. Check port 25:
[Root @ fyhtest mail] # telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 fyhtest.163.net ESMTP Sendmail 8.12.5/8.12.5; Thu, 10 Apr 2003 16:35:42-0400
Ehlo test
250-fyhtest.163.net Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
December 250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP
Quit --- exit
As long as login plain is output, OK! Otherwise, you cannot relay mail.
Now, sendmail is configured. You can add a user every day.
The email user is a system user.
# Useradd test
# Passwd test ---- set the password
Set your foxmail or outlook. To set up users, you need smtp authentication.
Add your domain name to/etc/mail/local-host-names.
4. Install pop3.
The rpm package in redhat8.0 is a imap-2001a-15.i386.rpm
# Rpm-ivh imap-2001a-15.i386.rpm
Modify/etc/xinetd. d/ipop3
Change disable = yes to disable = no.
Modify/etc/xinetd. d/imap
Change disable = yes to disable = no.
#/Etc/rc. d/init. d/xinetd restart -- restart the pop3 Service
[Root @ fyhtest xinetd. d] # telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+ OK POP3 localhost v2001.78rh server ready
[Root @ fyhtest xinetd. d] # telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4REV1 LOGIN-REFERRALS STARTTLS AUTH = LOGIN] localhost IMAP4rev1 2001.315rh at Thu, 10 Apr 2003 16:41:06
-0400 (EDT)
If the above information is displayed, it is correct.
5. other settings.
To better use sendmail, some common settings are as follows:
1. Restrict the maximum number of emails.
Vi/etc/sendmail. cf
# Maximum message size
O MaxMessageSize = 5000000 (Note: 5 M)
2. the maximum number of groups.
Vi/etc/sendmail. cf
# Maximum number of recipients per SMTP envelope
O MaxRecipientsPerMessage = 20 (Note: 20)
3. Domain name file ---- local-host-name
You can use it to support virtual domain names or multiple domain names.
/Etc/mail/local-host-name
Test.com
Test1.com
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.