CentOS 7.2 deploy mail server (Postfix)
- 2020-05-13 04:15:15
- OfStack
1. Postfix profile
Postfix is an E-mail server created by Wietse Venema, a Dutch researcher at the IBM Watson research center (T.J.Watson Research Center), to improve the sendmail mail server. First appeared in the late 1990s, is an open source software.
Postfix's official website: http: / / www postfix. org /
Postfix download address: http: / / www postfix. org/download html
2. Postfix installation
Install Postfix to configure the SMTP server
[1] Postfix will be installed even if the CentOS system is installed with [minimal installation], but if Postfix is not installed, please install it first, as shown below.
[root@linuxprobe ~]# yum -y install postfix
[2] this example shows configuring SMTP-Auth to use SASL functions of Dovecot.
[root@linuxprobe ~]# vi /etc/postfix/main.cf
# line 75: uncomment and specify hostname
myhostname = linuxprobe.srv.world
# line 83: uncomment and specify domain name
mydomain = srv.world
# line 99: uncomment
myorigin = $mydomain
# line 116: change
inet_interfaces = all
# line 164: add
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
# line 264: uncomment and specify your local network
mynetworks = 127.0.0.0/8, 10.0.0.0/24
# line 419: uncomment (use mailboxdir)
home_mailbox = mailbox/
# line 574: add
smtpd_banner = $myhostname ESMTP
# add follows to the end
# limit an email size for 10M
message_size_limit = 10485760
# limit a mailbox for 1G
mailbox_size_limit = 1073741824
# for SMTP-Auth
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_mynetworks,permit_auth_destination,permit_sasl_authenticated,reject
[root@linuxprobe ~]# systemctl restart postfix
[root@linuxprobe ~]# systemctl enable postfix
[3] if Firewalld is running, allow the SMTP service. SMTP USES 25 / TCP.
[root@dlp ~]# firewall-cmd --add-service=smtp --permanent
success
[root@dlp ~]# firewall-cmd --reload
success
3. Dovecot installation
Install Dovecot to configure the POP/IMAP server
Install Dovecot [1].
[root@linuxprobe ~]# yum -y install dovecot
[2] this example shows configuration to provide SASL functionality to Postfix.
[root@linuxprobe ~]# vi /etc/dovecot/dovecot.conf
# line 24: uncomment
protocols = imap pop3 lmtp
# line 30: uncomment and change ( if not use IPv6 )
listen = *
[root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-auth.conf
# line 10: uncomment and change ( allow plain text auth )
disable_plaintext_auth = no
# line 100: add
auth_mechanisms = plain login
[root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-mail.conf
# line 30: uncomment and add
mail_location = maildir:~/Maildir
[root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-master.conf
# line 96-98: uncomment and add like follows
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
[root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-ssl.conf
# line 8: change (not require SSL)
ssl = no
[root@linuxprobe ~]# systemctl start dovecot
[root@linuxprobe ~]# systemctl enable dovecot
[3] if Firewalld is running, allow the POP/IMAP service. POP USES 110 / TCP, and IMAP USES 143 / TCP.
[root@vdevops ~]# firewall-cmd --add-port={110/tcp,143/tcp} --permanent
success
[root@vdevops ~]# firewall-cmd --reload
success
4. SSL Settings
Configure SSL to encrypt the connection
[1] first create a certificate, portal: / / www ofstack. com article / 97434. htm
[2] configure Postfix and Dovecot for SSL.
# add to the end
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/pki/tls/certs/server.crt
smtpd_tls_key_file = /etc/pki/tls/certs/server.key
smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache
[root@linuxprobe ~]# vi /etc/postfix/master.cf
# line 26-28: uncomment
smtps inet n - n - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
[root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-ssl.conf
# line 8: change
ssl = yes
# line 14,15: specify certificates
ssl_cert = </etc/pki/tls/certs/server.crt
ssl_key = </etc/pki/tls/certs/server.key
[root@linuxprobe ~]# systemctl restart postfix dovecot
[3] if Firewalld is running, please allow the SMTPS/POP3S/IMAPS service. SMTPS USES 465 /
TCP, POP3S use 995 / TCP, IMAPS use 993 / TCP.
[root@vdevops ~]# firewall-cmd --add-service={pop3s,imaps} --permanent
success
[root@vdevops ~]# firewall-cmd --add-port=465/tcp --permanent
success
[root@vdevops ~]# firewall-cmd --reload
success
Mail log report: pflogsumm
Install pflogsumm this is the Postfix log reporting tool
[1] install the postfix-perl-scripts package.
[root@linuxprobe ~]# yum -y install postfix-perl-scripts
# generate log summary for yesterday
[root@linuxprobe ~]# perl /usr/sbin/pflogsumm -d yesterday /var/log/maillog
Postfix log summaries for Jul 14
Grand Totals
------------
messages
2 received
5 delivered
0 forwarded
0 deferred
0 bounced
0 rejected (0%)
0 reject warnings
0 held
0 discarded (0%)
2879 bytes received
6572 bytes delivered
1 senders
1 sending hosts/domains
2 recipients
2 recipient hosts/domains
Per-Hour Traffic Summary
------------------------
time received delivered deferred bounced rejected
--------------------------------------------------------------------
0000-0100 0 0 0 0 0
0100-0200 0 0 0 0 0
0200-0300 0 0 0 0 0
0300-0400 0 0 0 0 0
0400-0500 0 0 0 0 0
0500-0600 0 0 0 0 0
0600-0700 0 0 0 0 0
0700-0800 0 0 0 0 0
0800-0900 0 0 0 0 0
0900-1000 0 0 0 0 0
1000-1100 2 5 0 0 0
1100-1200 0 0 0 0 0
1200-1300 0 0 0 0 0
1300-1400 0 0 0 0 0
1400-1500 0 0 0 0 0
1500-1600 0 0 0 0 0
1600-1700 0 0 0 0 0
1700-1800 0 0 0 0 0
1800-1900 0 0 0 0 0
1900-2000 0 0 0 0 0
2000-2100 0 0 0 0 0
2100-2200 0 0 0 0 0
2200-2300 0 0 0 0 0
2300-2400 0 0 0 0 0
Host/Domain Summary: Message Delivery
--------------------------------------
sent cnt bytes defers avg dly max dly host/domain
-------- ------- ------- ------- ------- -----------
3 4119 0 0.4 s 0.8 s srv.world
2 2453 0 0.1 s 0.1 s mail.srv.world
Host/Domain Summary: Messages Received
---------------------------------------
msg cnt bytes host/domain
-------- ------- -----------
2 2879 mail.srv.world
Senders by message count
------------------------
2 cent@mail.srv.world
Recipients by message count
---------------------------
3 redhat@srv.world
2 cent@mail.srv.world
Senders by message size
-----------------------
2879 cent@mail.srv.world
Recipients by message size
--------------------------
4119 redhat@srv.world
2453 cent@mail.srv.world
message deferral detail: none
message bounce detail (by relay): none
message reject detail: none
message reject warning detail: none
message hold detail: none
message discard detail: none
smtp delivery failures: none
Warnings
--------
tlsmgr (total: 6)
3 redirecting the request to postfix-owned data_directory /var/li...
3 request to update table btree:/etc/postfix/smtpd_scache in non-...
Fatal Errors: none
Panics: none
Master daemon messages
----------------------
4 daemon started -- version 2.10.1, configuration /etc/postfix
3 terminating on signal 15
1 reload -- version 2.10.1, configuration /etc/postfix
[root@linuxprobe ~]# crontab -e
# Send message log digest in AM Every day, 1:00 To the root
00 01 * * * perl /usr/sbin/pflogsumm -e -d yesterday /var/log/maillog | mail -s 'Logwatch for Postfix' root