1.系统安装
需要安装的组件有sendmail/dovecot/cyrus sas
若安装时选择了“邮件服务器”选项,则这些服务都已经默认安装,检查组件是否安装的命令
rpm -qa | grep sendmail
rpm -qa | grep dovecot
rpm -qa | grep cyrus
2.配置sendmail
进入/etc/mail
2.1 配置access
通常情况下,Sendmail不会为邮件服务Relay信息,这样可以防止一些有恶意的人利用别人的邮件服务器乱发邮件,所以,access保持默认配置即可
内容如下
Connect:localhost.localdomain RELAY
Connect:localhost RELAY
Connect:127.0.0.1 RELAY
当然也可针对某段IP或某个IP做修改,如要禁止某个ip发信,则可添加
192.168.0.2 deny
保存文件后运行下面命令进行编译
#makemap hash access.db < access
2.2 配置sendmail.mc
把如下所示修改sendmail.mc
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')
DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA')dnl
DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
LOCAL_DOMAIN(`test.com')dnl
然后执行 m4 sendmail.mc > sendmail.cf
3.配置dovecot
vi /etc/dovecot.conf
找到
#protocols = imap imaps pop3 pop3s
将之改为
protocols = pop3
4.配置cyrus sasl
vi /etc/sysconfig/saslauthd
将MECH=pam
改为
MECH=shadow
5.配置TLS(支持加密连接LLS)
首先生成sendmail.pem文件
#cd /etc/pki/tls/certs
#make sendmail.pem
Country Name (2 letter code) [GB]:ch
State or Province Name (full name) [Berkshire]:sh
Locality Name (eg, city) [Newbury]:sh
Organization Name (eg, company) [My Company Ltd]:test.
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname)[]:mail.test.com
E-mail Address []:root@test.com
修改sendmail.mc
define(`confAUTH_OPTIONS', `A p y')dnl
define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl
define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl
#m4 sendmail.mc > sendmail.cf
6.开启服务
#service dovecot start
#service saslauthd start
设为开机启动
#chkconfig --level 3 dovecot on
#chkconfig --level 3 saslauthd on
7.测试
测试SMTP验证
# testsaslauthd -u user1 -p 000000
0: OK "Success."
配置outlook客户端做收发邮件测试
需要安装的组件有sendmail/dovecot/cyrus sas
若安装时选择了“邮件服务器”选项,则这些服务都已经默认安装,检查组件是否安装的命令
rpm -qa | grep sendmail
rpm -qa | grep dovecot
rpm -qa | grep cyrus
2.配置sendmail
进入/etc/mail
2.1 配置access
通常情况下,Sendmail不会为邮件服务Relay信息,这样可以防止一些有恶意的人利用别人的邮件服务器乱发邮件,所以,access保持默认配置即可
内容如下
Connect:localhost.localdomain RELAY
Connect:localhost RELAY
Connect:127.0.0.1 RELAY
当然也可针对某段IP或某个IP做修改,如要禁止某个ip发信,则可添加
192.168.0.2 deny
保存文件后运行下面命令进行编译
#makemap hash access.db < access
2.2 配置sendmail.mc
把如下所示修改sendmail.mc
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')
DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA')dnl
DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
LOCAL_DOMAIN(`test.com')dnl
然后执行 m4 sendmail.mc > sendmail.cf
3.配置dovecot
vi /etc/dovecot.conf
找到
#protocols = imap imaps pop3 pop3s
将之改为
protocols = pop3
4.配置cyrus sasl
vi /etc/sysconfig/saslauthd
将MECH=pam
改为
MECH=shadow
5.配置TLS(支持加密连接LLS)
首先生成sendmail.pem文件
#cd /etc/pki/tls/certs
#make sendmail.pem
Country Name (2 letter code) [GB]:ch
State or Province Name (full name) [Berkshire]:sh
Locality Name (eg, city) [Newbury]:sh
Organization Name (eg, company) [My Company Ltd]:test.
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname)[]:mail.test.com
E-mail Address []:root@test.com
修改sendmail.mc
define(`confAUTH_OPTIONS', `A p y')dnl
define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl
define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl
#m4 sendmail.mc > sendmail.cf
6.开启服务
#service dovecot start
#service saslauthd start
设为开机启动
#chkconfig --level 3 dovecot on
#chkconfig --level 3 saslauthd on
7.测试
测试SMTP验证
# testsaslauthd -u user1 -p 000000
0: OK "Success."
配置outlook客户端做收发邮件测试
转载于:https://blog.51cto.com/heavendw/274376