Use Postfix to configure the email server in centos

Use Postfix to configure the email server in centos

 

In centos, the default Mail Server (SMTP) is sendmail, but Sendmail has several disadvantages, such, the configuration is complex and security vulnerabilities have been discovered many times-and there are still hidden risks, and the mail sending speed is slow. Here we will not describe them one by one. Another "Postfix" widely used in mail services has fewer disadvantages, or is designed for Sendmail. Corresponding to the Sendmail's short position, it is also mature in various aspects. Therefore, there are no special requirements. We do not recommend using Sendmail to build an email server. The mail server configuration method introduced on this site will also be based on Postfix.

Add MX record (Here we assume dynamic domain name is used)

The MX record may take effect for a period of time (usually several minutes or tens of minutes, or immediately) after it is added. Therefore, before you install the configuration, first, we add MX records for dynamic domain names. The method for adding a domain name may vary with the domain name ISP, but the general information is as follows:

MX mail.centospub.com. 10
IP address of the mail server

Mail is an alias and 10 is a priority. This alias points to the IP address of the server.

How to check whether adding an MX record takes effect:

 

[Root @ sample ~] # Host-t mx centospub.com

 

Centospub.com mail is handled by 10 mail.centospub.com. Verify that the MX record takes effect.

Install Postfix

Then, install Postfix.

[Root @ sample ~] # Yum-y install Postfix ghost install Postfix online

 

Setting up install process
Setting up Repositories
Dag 100 & percnt; | =========================| 1.1 kb
Update 100 & percnt; | =========================| 951 B
Base 100 & percnt; | =========================| 1.1 kb
Addons 100 & percnt; | =======================| 951 B
Extras 100 & percnt; | =======================| 1.1 kb
Reading repository metadata in from local files
Primary.xml.gz 100 & percnt; | ===========================| 28 KB
Update: ######################################## ######## 84/84
Added 84 new packages, deleted 1499 old in 3.44 seconds
Primary.xml.gz 100 & percnt; | ===========================| 157 B
Added 0 new packages, deleted 1499 old in 1.97 seconds
Primary.xml.gz 100 & percnt; | ===============================| 26 KB
Extras: ######################################## ######## 102/102
Added 102 new packages, deleted 1499 old in 2.73 seconds
Cing Dag RPM repository for Red Hat Enterprise Linux to supported ded packages only
Finished
Parsing package install arguments
Resolving Dependencies
-> Populating transaction set with selected packages. Please wait.
-> Downloading header for Postfix to pack into transaction set.
Postfix-2.2.10-1.RHEL4.2. 100 & percnt; | =====================| 40 KB
-> Package Postfix. i386. 2.10-1. rhel4.2 set to be updated
-> Running transaction check

Dependencies resolved

========================================================== ============================================
Package arch version repository size
========================================================== ============================================
Installing:
Postfix i386. 2.10-1. rhel4.2 base 3.0 m

Transaction Summary
========================================================== ============================================
Install 1 package (s)
Update 0 package (s)
Remove 0 package (s)
Total download size: 3.0 m
Downloading packages:
(1/1): postfix-2.2.10-1.R 100 & percnt; | ===============================| 3.0 MB
Running transaction Test
Finished transaction Test
Transaction test succeeded
Running transaction
Installing: Postfix ######################## [1/1]

Installed: Postfix. i386. 2.10-1. rhel4.2
Complete!

Configure Postfix and related components

[1] configure Postfix.

[Root @ sample ~] # Vi/etc/Postfix/Main. Cf configure edit the Postfix configuration file

 

# Myhostname = host. domain. TLD locate this line and rewrite the part after the equal sign to the Host Name
Bytes
Myhostname = sample.centospub.com changed to this status. Set the Host Name of the system.

# Mydomain = domain. TLD locate this line and rewrite the part after the equal sign to the domain name
Bytes
Mydomain = centospub.com is changed to this status. Set the domain name (we will set this as part of the email address)

# Myorigin = $ mydomain names find this row and remove the first line #
Bytes
Myorigin = $ mydomain names changed to this status. Set the part after the mail address "@" to a domain name (non-system host name)

Inet_interfaces = localhost found this line and changed "localhost" to "all"
Bytes
Inet_interfaces = all requests are changed to this status, and requests from all networks are accepted.

Mydestination = $ myhostname, localhost. $ mydomain, localhost locate this row and add "$ mydomain" to the behavior"
Bytes
Mydestination = $ myhostname, localhost. $ mydomain, localhost, $ mydomain changed to this status, specifying the domain name sent to the local email

# Relay_domains = $ mydestination locate this row and remove the first line #
Bytes
Relay_domains = $ mydestination domains changed to this status, defining the domain names allowed for forwarding

# Mynetworks = 168.100.189.0/28,127.0 .0.0/8 locate this line and modify it according to your intranet Conditions
Bytes
Mynetworks = 168.100.189.0/28,127.0 .0.0/8 then changes to this status, specifying the Intranet and local IP address ranges

# Home_mailbox = maildir/empty find this line and remove the line at the beginning #
Bytes
Home_mailbox = maildir/inbox changed to this status, specifying the user email directory

# Show software version or not
#
# The smtpd_banner parameter specifies the text that follows the 220
# Code in the SMTP server's greeting banner. Some people like to see
# The Mail version advertised. By default, Postfix shows no version.
#
# You must specify $ myhostname at the start of the text. That is
# RFC requirement. Postfix itself does not care.
#
# Smtpd_banner = $ myhostname ESMTP $ mail_name
# Smtpd_banner = $ myhostname ESMTP $ mail_name ($ mail_version) locate this line and add the following line to this line:
Smtpd_banner = $ myhostname ESMTP unknow rows add this line, no information about the SMTP server is displayed

Add the following lines at the end of the configuration file:

Smtpd_sasl_auth_enable = yes. The slave server uses SMTP authentication.
Smtpd_sasl_local_domain = $ myhostname authentication specifies the local domain name (host name) for SMTP authentication)
Smtpd_sasl_security_options = noanonymous Anonymous Authentication Not Allowed
Smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
Smtpd_sasl_security_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination failed (very important)
Message_size_limit = 15728640 limit the maximum size of the email is 15 MB.

 

[2] configure SMTP authentication related options

To improve security, we will not use the password of the System user as the password for SMTP authentication for the corresponding user, but will create a dedicated password for SMTP authentication for the user later.

[Root @ sample ~] # Vi/usr/lib/sasl2/smtpd. conf modify the SMTP authentication configuration file

 

Pwcheck_method: saslauthd locate this line and change "saslauthd" to "auxprop"
Bytes
Pwcheck_method: auxprop keystore does not use the System user password as the user's SMTP authentication Password

[Root @ sample ~] # Vi/etc/sysconfig/saslauthd

Mech = shadow cursor find this line and add #
Bytes
# Mech = shadow watermark does not use the shadow Mechanism

Flags = login find this line and add "sasldb" after the equal sign"
Bytes
Flags = sasldb connector defines the authentication method as sasldb2

 

[3] creating a user's email directory

First, create a mailbox directory under the user template, so that when you create a new user, the corresponding user's mailbox directory is automatically created.

[Root @ sample ~] # Mkdir/etc/skel/maildir folder create a user email directory under the user Template

 

[Root @ sample ~] # Chmod 700/etc/skel/maildir folder set the user email directory attribute to 700

 

Create a mailbox directory for an existing user.

[Root @ sample ~] # Mkdir/home/centospub/maildir Folder: Create a mailbox directory for the user (here, the centospub user is used as an example)

 

[Root @ sample ~] # Chmod 700/home/centospub/maildir folder set the user's email directory attribute to 700

[Root @ sample ~] # Chown centospub./home/centospub/maildir folder

 

[4] setting SMTP authentication password for users

[Root @ sample ~] # Saslpasswd2-u sample.centospub.com-C centospub configure the SMTP authentication password for the centospub user

 

Password: Login enter the password here (not displayed)
Again (for verification): enter your password again

 

[5] changing attributes and attributes of SALS

[Root @ sample ~] # Change the database ownership to postfix in chgrp Postfix/etc/sasldb2 connector,

 

[Root @ sample ~] # Chmod 640/etc/sasldb2 connector change the database attribute to 640

 

[6] disable the sendmail service and set the default MTA

Because we do not need to use sendmail when using Postfix as the SMTP server, we need to disable the sendmail service to ensure security and save system resources.

[Root @ sample ~] #/Etc/rc. d/init. d/sendmail stop messages disable the sendmail service

 

Shutting down Sendmail: [OK]
Shutting down Sm-Client: [OK]

[Root @ sample ~] # Chkconfig Sendmail off startup Disable sendmail from startup

[Root @ sample ~] # Chkconfig-list Sendmail enabled: Make sure that Sendmail has been disabled since it was started (it is OK if it is all off)
Sendmail 0: off 1: off 2: off 3: off 4: off 5: off 6: Off

 

Then, set the default MTA to postfix.

[Root @ sample ~] # Alternatives-config MTA settings set the default MTA

 

There are 2 programs which provide 'mta '.

Selection command
----------------
* + 1/usr/sbin/sendmail. Sendmail enabled Current status: Sendmail is the default MTA
2/usr/sbin/sendmail. Postfix

Enter to keep the current selection [+], or type selection number: 2 rows enter 2 here to make Postfix the default MTA

Start the corresponding service

Finally, start the SMTP authentication and Postfix services, and set the corresponding services to self-start.

[Root @ sample ~] # Chkconfig saslauthd on login set SMTP-auth to self-start

 

[Root @ sample ~] # Chkconfig-list saslauthd confirm SMTP-auth service status
Saslauthd 0: off 1: off 2: On 3: On 4: On 5: on 6: off done OK 2 ~ 5. If the status is on, OK.

[Root @ sample ~] #/Etc/rc. d/init. d/saslauthd start restart start SMTP-auth

Starting saslauthd: [OK]

[Root @ sample ~] # Chkconfig Postfix on startup

[Root @ sample ~] # Chkconfig-list Postfix fixed confirm the Postfix service status
Postfix 0: off 1: off 2: On 3: On 4: On 5: on 6: off done OK 2 ~ 5. If the status is on, OK.

[Root @ sample ~] #/Etc/rc. d/init. d/Postfix start marker start Postfix

Starting Postfix: [OK]

 

So far, the SMTP server configuration has been completed, but currently only the function of sending emails from the backup client through the server is available. As a complete mail server, you also need to use the POP/IMAP protocol to receive emails from the client to the local device. For more information about how to build a POP/IMAP server, see the next section.