Table of Contents

Postfix

インストール

# yum install -y postfix cyrus-sasl cyrus-sasl-plain cyrus-sasl-md5

設定

  • /etc/postfix/main.cf (抜粋) 

    myhostname = <ホスト>.<ドメイン>
mydomain = <ドメイン>
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,  mail.$mydomain
home_mailbox = Maildir/
smtpd_banner = $myhostname ESMTP unknown
smtpd_recipient_restrictions =
    permit_mynetworks
    permit_sasl_authenticated
    reject_unauth_destination
message_size_limit = 10485760
smtpd_sasl_auth_enable = yes
local_recipient_maps =
luser_relay = unknown_user@localhost

  • /etc/postfix/master.cf (抜粋) 

    submission inet n       -       n       -       -       smtpd
  -o smtpd_sasl_auth_enable=yes

  • /etc/aliases (追加) 

    unknown_user: /dev/null

ファイアウォール設定

  • CentOS 7 
    # firewall-cmd --permanent --add-service=smtp --add-service=smtp-submission --add-service=smtps
# firewall-cmd --reload
# firewall-cmd --list-services

サービス設定

  • CentOS 7 
    # systemctl restart postfix saslauthd
# systemctl status postfix saslauthd
# systemctl enable postfix saslauthd
# systemctl status postfix saslauthd

Dovecot

インストール

# yum install -y dovecot

設定

  • /etc/dovecot/conf.d/10-mail.conf (抜粋) 

    mail_location = maildir:~/Maildir

  • /etc/dovecot/conf.d/10-auth.conf (抜粋) 

    disable_plaintext_auth = no

  • /etc/dovecot/conf.d/10-ssl.conf (抜粋) 

    ssl = no

  • /etc/dovecot/conf.d/10-logging.conf (抜粋, デバッグ用) 

    auth_verbose = yes
auth_debug = yes

設定 (暗号化)

  • /etc/dovecot/conf.d/10-ssl.conf (証明書は Let's Encrypt で取得) 
    ssl = required
ssl_cert = </etc/letsencrypt/live/<ドメイン>/fullchain.pem
ssl_key = </etc/letsencrypt/live/<ドメイン>/privkey.pem
ssl_protocols = !SSLv2 !SSLv3
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL

ファイアウォール設定

  • CentOS 7 
    # firewall-cmd --permanent --add-service=pop3
# firewall-cmd --reload
# firewall-cmd --list-services

ファイアウォール設定 (暗号化)

  • CentOS 7 
    # firewall-cmd --permanent --remove-service=pop3
# firewall-cmd --permanent --add-service=pop3s
# firewall-cmd --reload
# firewall-cmd --list-services

サービス設定

  • CentOS 7 
    # systemctl restart dovecot
# systemctl status dovecot
# systemctl enable dovecot
# systemctl status dovecot

ログファイル

  • /var/log/maillog
  • ログファイルを監視, Ctrl-C で終了
# tail -f /var/log/maillog

Linux