LINUX Mail Server SETUP-Linux Enterprise Application-Linux server application information. For details, refer to the following section. 1. Run the following command to check whether sendmail is installed:
[Root @ mail/root] # rpm? Qa | grep sendmail
Sendmail-8.11.0-8
2. Uninstall sendmail:
[Root @ mail/root] # rpm-e sendmail? Nodeps
3. Run the following command to kill the Running sendmail process:
[Root @ mail/root] # killall sendmail
If the system prompts:
Sendmail: no process killed
It indicates that there is no sendmail process in the current system.
4. Install postfix:
[Root @ mail/root] # rpm-ivh postfix-20010228release-2.i386.rpm
This step can be omitted if it has been installed. (Note: it is best to use the rpm package during installation. The postfix user and postfix group will be automatically created)
5. Install imap
Rpm? Ivh/mnt/cdrom/RedHat/RPMS/imap-4.7c2-12.rpm
Imap makes pop3 valid, that is, port 110 is enabled. (Note: it is best to use the rpm package during installation)
This step can be omitted if it has been installed.
6. Check whether cyrus-sasl is installed in the system.
Run the following command to check whether cyrus-sasl is installed in the system:
Rpm? Qa | grep cyurs
If you see the following prompt, cyrus-sasl has been installed.
[Root @ test bye2000] # rpm-qa | grep sasl
Cyrus-sasl-devel-1.5.24-17
Cyrus-sasl-1.5.24-17
Otherwise, use rpm? Run the ivh command to install the required sasl-cyrus package.
7. Modify the postfix user
At the same time, the user should be unable to log on to the system, that is, the user should not be specified with Executable Login Shell and available
User's home directory.
Edit related entries in the/etc/passwd file as follows:
Postfix: x: 89: 89:/no/where:/no/shell [After editing, modify only the blue part.]
That is, to modify the Home directory and Shell of a user, refer to the/etc/passwd file.
8. Edit the main configuration file/etc/postfix/main. cf of postfix. You only need to modify the following parameters as needed:
1) mydomain
Specify your domain name. Here we specify:
Mydomain = xx.com
2) myorigin
The myorigin parameter specifies the domain name of the sender. If your user's email address is user@domain.com, this parameter specifies the domain name after. Here we specify:
Myorigin = $ mydomain
3) inet_interfaces
Inet_interfaces = all listen to all ports
4) mydestination
The mydestination parameter specifies the Domain Name of the recipient when the postfix receives the mail, in other words, your postfix
What kind of mail does the system want to receive. Usually the same as myorigin:
Mydestination = $ mydomain
5) mynetworks_style
Set the network type. We specify:
Mynetworks_style = subnet
6) ynetworks
Defines the Client ip address that can be used by this smtp server. Because the company's ip address range is known, we
Specify:
Mynetworks = 192.168.1.0/24
Note: This option can be determined based on the situation, mainly to specify the ip address range. If the company's ip address is divided by network segment, for example: 10.10.1.0 ~ 10.10.1.9, 10.10.3.0 ~ 10.10.3.9 and so on. This option can be left unspecified as needed.
7) SMTP Configuration
To tell postfix to use sasl for SMTP User Authentication, we must add the following lines at the end of the/etc/postfix/main. cf file:
Smtpd_sasl_auth_enable = yes
Smtpd_recipient_restrictions = permit_sasl_authenticated
Permit_auth_destination reject
Broken_sasl_auth_clients = yes
Smtpd_sasl_security_options = noanonymous
Description:
Smtpd_sasl_auth_enable: tells the SMTP client that user authentication is required for the SMTP server.
Smtpd_recipient_restrictions = permit_sasl_authenticated
Permit_auth_destination reject
Only client emails that pass SMTP authentication are retransmitted, and emails whose current postfix is the last site are received.
Broken_sasl_auth_clients = yes
There are some Microsoft SMTP clients. For example, Outlook Express 4.x adopts a non-standard SMTP authentication protocol. setting this option to yes can solve such incompatibility problems.
Smtpd_sasl_security_options = noanonymous
The mechanism used to control local SMTP authentication. Here, any non-anonymous authentication method is allowed.
9. Configure SASL
Go to the/usr/lib/sasl/directory and use touch to create a file:
[Root @ test sasl] # touch smtpd. conf
Add the following content to the file:
[Root @ test sasl] # more smtpd. conf
Pwcheck_method: pam
That is, user authentication is performed through PAM.
10. Configure PAM
Go to the/etc/pam. d/directory and use touch to create such a file:
[Root @ test pam. d] # touch smtp
Add the following content to the file:
[Root @ test pam. d] # more smtp
# % PAM-1.0
Auth required/lib/security/pam_stack.so service = system-auth
Account required/lib/security/pam_stack.so service = system-auth
That is, it is consistent with the content of the/etc/pam. d/pop file.
11. Modify/etc/shadow file permissions
Because PAM eventually needs to read the content of the/etc/shadow file for user authentication, but the/etc/shadow file
The permission is set to allow only root users to read and write, while our postfix is run under the postfix user permission, so we need to set the/etc/shadow file permission reasonably, so that pam can read its content.
Run the following command to allow the root group to read shadow:
[Root @ test/etc] # chmod 640/etc/shadow
Then, add the postfix user to the root group and run the following command:
[Root @ test/etc] # usermod-G root postfix
12. Edit the main postfix configuration file/etc/postfix/master. cf
#===================================================== =
# Service type private unpriv chroot wakeup maxproc command + args
# (Yes) (yes) (never) (100)
#===================================================== =
Smtp inet n--smtpd
Start here
# Smtps inet n--smtpd
#-O smtpd_tls_wrappermode = yes-o smtpd_sasl_auth_enable = yes
# Submission inet n--smtpd
#-O smtpd_enforce_tls = yes-o smtpd_sasl_auth_enable = yes
End here
#628 inet n--qmqpd
Remove the comments of my mark.
13. Configure pop3
RedHat7.0 has used xinetd to replace the previous inetd. To enable the pop3 service, we edit
In the/etc/xinetd. d/ipop3 file, change disable = yes to disable = no to start pop3.
Service.
To make the change take effect, run the following command:
/Etc/rc. d/init. d/xinetd reload
14. Start postfix
Run the following command to start postfix:
/Etc/rc. d/init. d/postfix start
In this way, a postfix mail server that supports SMTP authentication is configured.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
