Set SMTP server in Linux

Preface

In centos, the default Mail Server (SMTP) is sendmail, but Sendmail has several disadvantages, such, the configuration is complex and security vulnerabilities have been discovered many times-there are still hidden risks, and the mail sending speed is slow. Here we will not describe them one by one. Another "Postfix" widely used in mail services has fewer disadvantages, or is designed for Sendmail. Corresponding to the Sendmail's short position, it is also mature in various aspects. Therefore, there are no special requirements. We do not recommend using Sendmail to build an email server. The mail server configuration method introduced on this site will also be based on Postfix.

Add MX record (Here we assume dynamic domain name is used)

The MX record may take effect for a period of time (usually several minutes or tens of minutes, or immediately) after it is added. Therefore, before you install the configuration, first, we add MX records for dynamic domain names. The method for adding a domain name may vary with the domain name ISP, but the general information is as follows:

MX mail.centospub.com. 10 IP address of the Mail Server

Mail is an alias and 10 is a priority. This alias points to the IP address of the server. (If you have any questions or need help, please post on the Technical Forum .)

How to check whether adding an MX record takes effect:

[Root @ sample ~] # Host-t mx centospub.com mail is handled by 10 mail.centospub.com. Verify that the MX record takes effect.

Install Postfix

Then, install Postfix.

[Root @ sample ~] # Yum-y install Postfix ← install Postfix setting up install process setting up repositories Dag 100% |================== ==== | 1.1 kb update 100% |===========================| 951 B base 100% | ===================| 1.1 kb Addons 100% |==== =============================| 951 B extras 100% |================ =============| 1.1 kb reading repository metadata in from local files prima Ry.xml.gz 100% | ===========================| 28 KB update: ######################################## ######### 84/84 Added 84 new packages, deleted 1499 old in 3.44 seconds primary.xml.gz 100% | =======================| 157 B added 0 new packages, deleted 1499 old in 1.97 seconds primary.xml.gz 100% | ===========================| 26 KB extras: ####################################### ########## 102/102 Added 102 new packages, deleted 1499 old in 2.73 seconds indexing Dag RPM repository for Red Hat Enterprise Linux to supported ded packages only finished parsing package install arguments resolving dependencies --> populating transaction set with selected packages. please wait. ---> downloading header for Postfix to pack into transaction set. postfix-2.2.10-1.RHEL4.2. 100% | ======== ===================| 40 kb ---> package Postfix. i386 2. 2.10-1. rhel4.2 set to be updated --> running transaction check dependencies resolved ==================== ========================================================== ======= package arch version repository size ========================== ========================================================== ============ installing: postfix i386 2: 2. 2.10-1. rhel4.2 base 3.0 m transa Ction summary ============================================ ============================================================ install 1 package (s) update 0 package (s) Remove 0 package (s) Total download size: 3.0 m downloading packages: (1/1 ): postfix-2.2.10-1.R 100% | =============================| 3.0 MB running transaction test finished transaction Test succeeded running transaction installing: postfix ######## ################ [1/1] installed: Postfix. i386. 2.10-1. rhel4.2 complete!

Configure Postfix and related components

[1] configure Postfix.

[Root @ sample ~] # Vi/etc/Postfix/main. cf highlight: edit the Postfix configuration file # myhostname = host. domain. TLD hosts finds this line and changes the part after the equal sign to the host name ↓ myhostname = sample.centospub.com region to this status. Set the Host Name of the system # mydomain = domain. the TLD operator finds this line and changes the part after the equal sign to the domain name registrant mydomain = centospub.com into this status, set the domain name (we will set it here as part of the e-mail address "@") # myorigin = $ mydomain locate this line, change the # At the beginning of the line to the desired myorigin = $ mydomain succeeded state. Set the part after the mail address "@" to the domain name (non-system Host Name) inet_interfaces = localhost succeeded to find this line, change "localhost" to "all" ↓ inet_interfaces = all hosts to this status, and accept requests from all networks: mydestination = $ myhostname, localhost. $ mydomain, localhost locate this line, and add "$ mydomain" into mydestination = $ myhostname, localhost. $ mydomain, localhost, $ mydomain expired is changed to this status. Specify the domain name sent to the local email # relay_domains = $ mydestination found to find this line, remove repeated relay_domains = $ mydestination domains from the beginning of the line and change them to this status. Define the domain name that allows forwarding # mynetworks = 168.100.189.0/28,127.0 .0.0/8 bytes to find this line, modify ingress mynetworks = 168.100.189.0/28,127.0 .0.0/8 according to your intranet situation to this status. Specify the Intranet and local IP address ranges # home_mailbox = maildir/ingress to find this line, remove the # export home_mailbox = maildir/contents at the beginning of the line and change it to this status, specify the user email directory # Show software version or not # The smtpd_banner parameter specifies the text that follows the 220 # code in the SMTP server's greeting banner. some people like to see # The Mail version advertised. by default, Postfix shows no version. # You must specify $ myhostname at the start of the text. that is an # RFC requirement. postfix itself does not care. # smtpd_banner = $ myhostname ESMTP $ mail_name ($ mail_version) locate this line, and add the following line to this line: smtpd_banner = $ myhostname ESMTP unknow rows add this line. The SMTP server information is not displayed at the end of the configuration file. Add the following lines: authorization = Yes authentication the server uses SMTP authentication smtpd_sasl_local_domain = $ myhostname authentication to specify the local domain name for SMTP authentication (host name) Authorization = noanonymous authentication does not allow Anonymous Authentication Authorization = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination message_size_limit = 15728640 limit the maximum size of the email is 15 MB.

[2] configure SMTP authentication related options

To improve security, we will not use the password of the System user as the password for SMTP authentication for the corresponding user, but will create a dedicated password for SMTP authentication for the user later.

[Root @ sample ~] # Vi/usr/lib/sasl2/smtpd. conf configure edit SMTP authentication configuration file pwcheck_method: saslauthd then find this line and change "saslauthd" to "auxprop" then pwcheck_method: auxprop keystore does not use the System user password as the user's SMTP authentication password [root @ sample ~] # Vi/etc/sysconfig/saslauthd mech = shadow watermark find this line, and add # register # mech = shadow watermark in front to find this line without using the shadow mechanism flags = shadow, add "sasldb" character flags = sasldb certificate after the equal sign to define the authentication method as sasldb2

[3] creating a user's email directory

First, create a mailbox directory under the user template, so that when you create a new user, the corresponding user's mailbox directory is automatically created.

[Root @ sample ~] # Mkdir/etc/skel/maildir folder create a user email directory in the user template [root @ sample ~] # Chmod 700/etc/skel/maildir folder set the user email directory attribute to 700

Create a mailbox directory for an existing user.

[Root @ sample ~] # Mkdir/home/centospub/maildir users: Create the email directory [root @ sample ~] # Chmod 700/home/centospub/maildir folder set the user's email directory attribute to 700 [root @ sample ~] # Chown centospub./home/centospub/maildir folder

[4] setting SMTP authentication password for users

[Root @ sample ~] # Saslpasswd2-u sample.centospub.com-C centospub login set the SMTP authentication password for the centospub User Password: Login enter the password here (not displayed) again (for verification): Login enter the password again

[5] changing attributes and attributes of SALS

[Root @ sample ~] # Change the database ownership to postfix in chgrp Postfix/etc/sasldb2 connector, [root @ sample ~] # Chmod 640/etc/sasldb2 connector change the database attribute to 640

[6] disable the sendmail service and set the default MTA

Because we do not need to use sendmail when using Postfix as the SMTP server, we need to disable the sendmail service to ensure security and save system resources.

[Root @ sample ~] #/Etc/rc. d/init. d/sendmail stop messages disable the sendmail service shutting down Sendmail: [OK] Shutting Down Sm-Client: [OK] [root @ sample ~] # Chkconfig Sendmail off Manual Disable sendmail self-starting [root @ sample ~] # Chkconfig -- list Sendmail enabled: Make sure that Sendmail is disabled (it is OK if all of them are off) Sendmail 0: off 1: off 2: off 3: off 4: off 5: off 6: Off

Then, set the default MTA to postfix.

[Root @ sample ~] # Alternatives -- config MTA parameters set the default MTA there are 2 programs which provide 'mta '. selection command ----------------------------------------------- * + 1/usr/sbin/sendmail. sendmail quota Current status: Sendmail is the default MTA 2/usr/sbin/sendmail. postfix enter to keep the current selection [+], or type selection number: 2 rows enter 2 here to make Postfix the default MTA

Start the corresponding service

Finally, start the SMTP authentication and Postfix services, and set the corresponding services to self-start.

[Root @ sample ~] # Chkconfig saslauthd on login set SMTP-auth to self-starting [root @ sample ~] # Chkconfig -- list saslauthd confirm SMTP-auth service status saslauthd 0: off 1: off 2: On 3: On 4: On 5: on 6: Off confirm 2 ~ 5. If the status is on, click OK [root @ sample ~]. #/Etc/rc. d/init. d/saslauthd start restart start SMTP-auth starting saslauthd: [OK] [root @ sample ~] # Chkconfig Postfix on startup set Postfix to self-start [root @ sample ~] # Chkconfig -- list Postfix issue confirm Postfix service status Postfix 0: off 1: off 2: On 3: On 4: On 5: on 6: Off confirm 2 ~ 5. If the status is on, click OK [root @ sample ~]. #/Etc/rc. d/init. d/Postfix start restart start Postfix starting Postfix: [OK]