2017/04/29
環境
CentOS 7.3.1611 (VPSを使用)
1.SMTP-Authの設定
1-1. cyrus-saslのインストール
1 |
yum -y install cyrus-sasl cyrus-sasl-* |
1-2. 設定変更
1 2 3 4 |
vi /etc/sasl2/smtpd.conf ---------- mech_liseck_method: saslauthd ---------- |
1-3. 起動・自動起動設定
1 2 |
systemctl start saslauthd systemctl enable saslauthd |
2.Postfixの導入
2-1. インストール
1 |
yum install postfix |
2-2. 設定ファイルの編集
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 |
vi /etc/postfix/main.cf 外部からのメールを許可するために、変更 localhost → allに変更する ----------- # The inet_interfaces parameter specifies the network interface # addresses that this mail system receives mail on. By default, # the software claims all active interfaces on the machine. The # parameter also controls delivery of mail to user@[ip.address]. ... inet_interfaces = all ----------- mail.の後に自ドメインを追加 ----------- # INTERNET HOST AND DOMAIN NAMES # # The myhostname parameter specifies the internet hostname of this # mail system. The default is to use the fully-qualified domain name # from gethostname(). $myhostname is used as a default value for many # other configuration parameters. myhostname = mail.findyourmojo.xyz ----------- 自ドメインを追加 ----------- # The mydomain parameter specifies the local internet domain name. # The default is to use $myhostname minus the first component. # $mydomain is used as a default value for many other configuration # parameters. # mydomain = findyourmojo.xyz ----------- 追加 ----------- # SENDING MAIL # # The myorigin parameter specifies the domain that locally-posted # mail appears to come from. The default is to append $myhostname, # which is fine for small sites. If you run a domain with multiple # machines, you should (1) change this to $mydomain and (2) set up # a domain-wide alias database that aliases each user to # user@that.users.mailhost. ... myorigin = $mydomain ----------- 自分のドメイン宛てのメールを受信するために、変更 ----------- # The mydestination parameter specifies the list of domains that this # machine considers itself the final destination for. # # These domains are routed to the delivery agent specified with the # local_transport parameter setting. By default, that is the UNIX # compatible delivery agent that lookups all recipients in /etc/passwd # and /etc/aliases or their equivalent. ... mydestination = $myhostname, localhost.$myhostname, localhost.$mydomain, localhoost, $mydomain ----------- メールボックス形式の追加 ----------- # DELIVERY TO MAILBOX # # The home_mailbox parameter specifies the optional pathname of a # mailbox file relative to a user's home directory. The default # mailbox file is /var/spool/mail/user or /var/mail/user. Specify # "Maildir/" for qmail-style delivery (the / is required). # home_mailbox = Maildir/ ----------- SMTP-Auth設定の追加。末尾に追加 ----------- smtpd_sasl_auth_enable=yes smtpd_sasl_local_domain=$myhostname smtpd_recipient_restrictions= permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_security_options = noanonymous,noplaintext ----------- |
2-3. 起動・自動起動設定
1 2 |
systemctl start postfix systemctl enable postfix |
3.Dovecotの導入
3-1. インストール
1 |
yum install dovecot |
3-2. 設定ファイルの編集
1 2 3 4 5 6 |
vi /etc/dovecot/dovecot.conf # コメントアウト解除 ----------- protocols = imap pop3 lmtp listen = *, :: ----------- |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 |
設定ファイル(/etc/dovecot/conf.d/10-mail.conf)の編集 vi /etc/dovecot/conf.d/10-mail.conf メールボックスの場所を指定 ----------- # Location for users' mailboxes. The default is empty, which means that Dovecot # tries to find the mailboxes automatically. This won't work if the user # doesn't yet have any mail, so you should explicitly tell Dovecot the full # location. # # If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u) # isn't enough. You'll also need to tell Dovecot where the other mailboxes are # kept. This is called the "root mail directory", and it must be the first # path given in the mail_location setting. # # There are a few special variables you can use, eg.: # # %u - username # %n - user part in user@domain, same as %u if there's no domain # %d - domain part in user@domain, empty if there's no domain # %h - home directory # # See doc/wiki/Variables.txt for full list. Some examples: # # mail_location = maildir:~/Maildir # mail_location = mbox:~/mail:INBOX=/var/mail/%u # mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n # # <doc/wiki/MailLocation.txt> # #mail_location = mail_location = maildir:~/Maildir ----------- |
設定ファイル(/etc/dovecot/conf.d/10-auth.conf)の編集
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
vi /etc/dovecot/conf.d/10-auth.conf プレインテキスト認証の追加 ----------- # Disable LOGIN command and all other plaintext authentications unless # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP # matches the local IP (ie. you're connecting from the same computer), the # connection is considered secure and plaintext authentication is allowed. # See also ssl=required setting. #disable_plaintext_auth = yes disable_plaintext_auth = no # プレーンテキスト認証を許可 auth_mechanisms = plain login ----------- |
設定ファイル(/etc/dovecot/conf.d/10-ssl.conf)の編集
1 2 3 4 5 6 7 8 9 10 |
vi /etc/dovecot/conf.d/10-ssl.conf SSL接続の無効化 ----------- # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt> # disable plain pop3 and imap, allowed are only pop3+TLS, pop3s, imap+TLS and imaps # plain imap and pop3 are still allowed for local connections #ssl = required ssl = no ----------- |
設定ファイル(/etc/dovecot/conf.d/10-master.conf)の編集
1 2 3 4 5 6 7 8 9 |
vi /etc/dovecot/conf.d/10-master.conf # コメントアウト解除してユーザ・グループを追記 # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0666 user = postfix group = postfix } |
3-3. 起動・自動起動設定
1 2 |
systemctl start dovecot systemctl enable dovecot |
4.メールユーザーの設定
4-1. ユーザ作成時に自動的にメール用ディレクトリが作成されるようにする。
1 |
mkdir -m700 /etc/skel/Maildir{,/cur,/new,/tmp} |
4-2. ユーザー:contactの追加
1 |
useradd -s /sbin/nologin contact |
4-3. ユーザー contact のパスワードを変更。
1 2 3 4 |
passwd contact 新しいパスワード: xxxxxxxx 新しいパスワードを再入力してください: xxxxxxxx passwd: すべての認証トークンが正しく更新できました。 |
4-4. Auth用ユーザ設定
1 |
echo "sendtoya90net" | saslpasswd2 -p -u findyourmojo.xyz -c contact |
4-5. 所有権を変更
1 |
chown postfix /etc/sasldb2 |
4-6. 反映確認
1 2 |
sasldblistusers2 contact@findyourmojo.xyz: userPassword |
4-7. 権限変更(sasldb2からpostfixに変更する)
1 |
chgrp postfix /etc/sasldb2 |
5.Firewallの設定
5-1. 必要なポートをオープン
1 2 3 4 |
firewall-cmd --permanent --add-port=25/tcp firewall-cmd --permanent --add-port=110/tcp firewall-cmd --permanent --add-port=143/tcp firewall-cmd --reload |
5-2. 確認
1 |
firewall-cmd --list-services --zone=public --permanent |
6.メーラーから接続確認
6-1. 使っているメーラーで以下を設定する
1 2 3 4 5 |
メールアドレス: contact@findyourmojo.xyz パスワード: [設定したパスワード] アカウントの種類: POP 受信用メールサーバ: mail.findyourmojo.xyz 送信用メールサーバ: mail.findyourmojo.xyz |
送受信ができたら、完了です。