Mail ServerSetup using Postfix on CentOS 6.4
Part 1 MTA Postfix
§ Chapter 1 Email Service
§ Chapter 2 Mail Transfer Agents
§ Chapter 3 Installation and Startup
§ Chapter 4 Postfix Configuration
Part 2 IMAP &
POP3 Server
§ Chapter 5 IMAP and
POP3 on Dovecot
§ Chapter 6 MUA
Configuration
Part 3 Postfix
aliases & access control
§ Chapter 7 Postfix
Aliases
§ Chapter 8 Postfix
Access Control
§ Chapter 9 Postfix
Mailing List using Mailman
Part 4 Postfix
Authentication
§ Chapter 10 Postfix Authentication using SASL
§ Chapter 11 Postfix Mail Encryption using SSL/TLS
Part 5 Postfix
security
§ Chapter 12 Postfix
Antispam
§ Chapter 13 Postfix
Antivirus
Part 6 Postfix
Extended Features
§ Chapter 14 Postfix
Backup mail server (Queuing Server)
§ Chapter 15
Squirrelmail as a webmail
§ Chapter 16 Postfix
Admin with MySQL
Mail Server Testing Environment
1.sever.chul.com: 192.168.80.5
l Postfix Mail
server (ms1.chul.com)
l MUA - Evolution
2.client.chul.com: 192.168.80.6
l Linux mail client
l MUA - Thunderbird
l Postfix Backup Mail server (ms2.chul.com)
3. Windows 7
l Mail client using MS Outlook 2010
Chapter 1 Email Service
E-mail
System Components
1.Mail User Agent (MUA):
A client used to compose and read e-mail (Outlook,
Evolution, Thunderbird, Mutt)
2.Mail Transfer Agent (MTA):
An SMTP server used to relay or accept e-mail for
delivery (Postfix, Sendmail, Exim, Qmail, Exchange server)
3.Mail Delivery Agent (MDA):
A program used by the final MTA to deliver e-mail to
the message store
May be included with the MTA or a separate program
such as procmail
4.Mail Access Agent (MAA):
An IMAP/POP3 server used by an MUA to access the
message store (Dovecot, Cyrus IMAP)
Chapter 2 Mail Transfer Agents
Agent
|
Description
|
Sendmail
|
Sendmail mail transfer agent, popular but insecure, complicated to
configure
www.sendmail.com
|
Postfix
|
Fast, easy to configure, and secure mail transfer agent compatible
with Sendmail and designed to replace it
www.postfix.org
|
Qmail
|
Fast, flexible, and secure MTA with its own implementation and competitive
with Postfix
www.qmail.org
|
Exim
|
MTA based on smail3
www.exim.org
|
Chapter 3
Installation and startup
1. Package installation
l postfix-2.6.6-2.2.el6_1.i686
2. Service startup and main
directory
# service sendmail stop
# service postfix start
# ls –l /etc/postfix
3. Service startup checking
# ps –ef | grep postfix
# netstat –nat | grep 25
4. Runlevel registration
# chkconfig postfix on
# chkconfig –list postfix
5. Testing on command
# telnet localhost 25
# mail –v –s ‘testing
mail’ linux@chul.com < /etc/passwd
Chapter 4 Postfix Configuration
1. How to use postconf
a. postconf can display or edit /etc/postifx/main.cf settings
b. postconf :
Display all settings including defaults:
c. postconf –n : Display changes from default
settings:
d. Modify current main.cf: postconf -e
'parameter=value‘
# postconf
-e mynetworks_style=subnet
e. Much simpler than editing /etc/mail/sendmail.cf
2. Postfix Daemons - /etc/postfix/master.cf
a. master: postfix master process, runs Postfix daemons on demand
b. smtpd: postfix smtp server, accepts network
connection requests and performs zero or more SMTP transactions
per connection
c. pickup: Postfix local mail pickup, waits for hints
that new mail has been
dropped into
the ‘maildrop’ directory, and feeds it
into the ‘cleanup’ daemon.
d. qmgr: postfix queue manager, awaits the arrival of incoming mail and
arranges for
its delivery via Postfix delivery processes.
3. Postfix: Accepting
Inbound E-mail
a. listen on port
25/tcp on all IP addresses
inet_interfaces = all
b. include all
domains/hosts for which we accept local delivery
myhostname = server.chul.com
mydomain = chul.com
mydestination = $myhostname, $mydomain,
jeong.com, localhost
4. Postfix: Outbound
SMTP Relay
a. To relay e-mail
sent by hosts on your internal network to the Internet:
inet_interfaces = all
b. To include all
internal nets or hosts for which it will relay
mynetworks = 127.0.0.0/8 192.168.80.0/24
mynetworks_style = subnet
5. Postfix:
Masquerading
a. Causes MTA to
modify the envelope & headers of an outbound e-mail message
b. Reduces the number
of MX records and hosts/domains to be listed in mydestination
myorigin = chul.com
masquerade_exceptions = root
6. Postfix Operation
a. always_bcc = address : Writes all messages
b. postqueue –p
: Displays status of the mail queues
c. postqueue –f
: Attempts to immediately deliver all queued mail
d. tail -f /var/log/maillog : Watch the mail log
update in real time
7. Testing mail sending and receiving using domains
Chapter 5 IMAP and POP3 on Dovecot
1.Dovecot supports POP3, POP3s, IMAP, and IMAPs
# yum -y install dovecot
a. # vi /etc/dovecot/dovecot.conf
•
protocols = imap pop3
•
listen = *
b. # vi /etc/dovecot/conf.d/10-auth.conf
•
disable_plaintext_auth = no
•
auth_mechanisms = plain login
c. # vi /etc/dovecot/conf.d/10-mail.conf
•
mail_location = maildir:~/Maildir
d. # vi /etc/dovecot/conf.d/10-master.conf
•
unix_listener
auth-userdb {
•
mode =
0600
•
user =
postfix
•
group =
postfix
•
}
# service dovecot start
# chkconfig dovecot on
2. Testing dovecot
# telnet localhost 110
# telnet localhost 143
Chapter 6 MUA Configuration
1.Graphical:
l Evolution on Server system of Linux for POP3
# yum install evolution
user is tland@chul.com
l Thunderbird on Client system of Linux for IMAP
# yum install thunderbird
user is admin@chul.com
l Outlook 2010 on Client system of Windows 7 for IMAP
user is jeong@chul.com
2.Text-mode: Mutt and Fetchmail
# mutt
-f pop://user@server
# mutt
-f pops://user@server
Chapter 7 Postfix Aliases
1. Postfix Aliases
1) Local Aliases –
mail forwarding
2) Virtual Aliases – Incoming and Outgoing Aliases
2.1) Incoming Aliases for Multiple domains (jeong.com, linux.com)
a. Virtual
Alias Domains – Virtual domains using Linux system accounts
b. Virtual
Mailbox Domains – Virtual domains using non-Linux accounts
c. Virtual
Mailbox Domains using Database such as MySQL and LDAP
- Virtual
domains and user mapping using Database
2.2) Outgoing Aliases – change sender’s mail address
to receiver (Masquerading)
2. Postfix Local Aliases (/etc/aliases)
a. /etc/aliases contains alias maps
postmaster: root
admin: tland@chul.com
alist: kim,itc,dara,tland
tland: linux,jeong
b. Using aliases
# vi /etc/postfix/main.cf
alias_maps = hash:/etc/aliases
# newaliases
or service postfix restart
# ls –l /etc/aliases*
3.Incoming Virtual Aliases
3.1 Virtual Alias Domains – multiple domains using
system accounts
a. Check /etc/postfix/master.cf
virtual
unix - n
n - -
virtual
b. Add two alias domains to /etc/postfix/main.cf
virtual_alias_domains = jeong.com, linux.com
virtual_alias_maps
= hash:/etc/postfix/virtual
c. Create virtual mapping to /etc/postfix/virtual
admin@jeong.com
admin
info@jeong.com
jeong
admin@linux.com
linux
info@linux.com itc
@jeong.com catchall //user unknown
@linux.com catchall //user unknown
d. File hash
# postmap /etc/postfix/virtual; ls –l
/etc/postfix/virtual*
# service postfix restart
3.2 Virtual Mailbox Domains – multiple domains with
non-Linux accounts
a. Check /etc/postfix/master.cf
virtual
unix - n
n - -
virtual
b. Add two alias domains to /etc/postfix/main.cf
virtual_mailbox_domains = jeong.com, linux.com
virtual_mailbox_base
= /var/spool/mailbox
virtual_mailbox_maps
= hash:/etc/postfix/vmailbox
virtual_uid_maps = static:1000
virtual_gid_maps
= static:1000
c. Create virtual mapping to /etc/postfix/vmailbox
admin@jeong.com
jeong.com/admin
info@jeong.com
jeong.com/info
admin@linux.com
linux.com/admin
info@linux.com linux.com/info
@jeong.com jeong.com/catchall
@linux.com linux.com/catchall
d. Create User and Directory and File hashing
# useradd –u 1000 vuser
# mkdir –p /var/spool/vmailbox/jeong.com linux.com
# chown vuser.vuser /var/spool/vmailbox; chmod 700
/var/spool/vmailbox
# postmap /etc/postfix/vmailbox; ls –l
/etc/postfix/vmailbox*
# service postfix restart
3.3 Virtual Mailbox Domains using Database like MySQL
a. Checking Postfix for MySQL Map Support
# postconf –m
b. Configuring Database
Create db, table and users on MySQL
c. Configuring Postfix to Use the Database
# vi /etc/postfix/main.cf
virtual_mailbox_domains =
mysql:/etc/postfix/sql/virtual_mailbox_domains.cf
virtual_uid_maps =
mysql:/etc/postfix/sql/virtual_uid_maps.cf
virtual_gid_maps =
mysql:/etc/postfix/sql/virtual_gid_maps.cf
virtual_mailbox_maps =
mysql:/etc/postfix/sql/virtual_mailbox_recipients.cf
virtual_alias_maps =
mysql:/etc/postfix/sql/virtual_alias_maps.cf
# mkdir /etc/postfix/sql
# service postfix restart
4. Postfix Outgoing Aliases (/etc/postfix/generic)
a. Activate
outgoing aliases in /etc/postfix/main.cf
smtp_generic_maps = hash:/etc/postfix/generic
b. Creating table in /etc/postfix/generic
root@server.chul.com admin@chul.com
linux@chul.com linux@jeong.com
c. Save and close the file.
Create or update generic postfix table
# postmap /etc/postfix/generic
d. Restart postfix
# service postfix restart
5. Alias Testing
a. Local aliases
b. Incoming virtual alias testing
– virtual domains and virtual box
c. Outgoing virtual alias testing
using MTA such as gmail, naver and yahoo
Chapter 8 Postfix Access Control
1. Activate access control in /etc/postfix/main.cf
smtpd_client_restrictions =
check_client_access hash:/etc/postfix/access
2. Creating access file format in /etc/postfix/access
1.2.3 REJECT
192.168.80.0 OK
admin@spammer.com OK
server.spammer.com REJECT
chul.com OK
3. Creating Hash file
# postmap
/etc/postfix/access
# service postfix restart
how you configure the ns.chul.com and ms1 and ms2??thanks
ReplyDelete