tips:relay_domains 后面设置的域名 会直接转发/投递,不受smtpd_recipient_restrictions 等限制项约束
- yum安装postfix (2.6版本)
- postconf -n 显示修改的配置
- postconf -d 显示默认的配置
- pstconf -a 显示支持的sasl验证方式
#/etc/postfix/main.cf 配置 修改过的
# 配置sasl验证支持
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
#用dovecot实现sasl验证
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
#用cyrus提供sasl验证
smtpd_sasl_path = smtpd
smtpd_sasl_type = cyrus
#sasl到此
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mydestination = $myhostname, localhost.$mydomain, localhost ,$mydomain
mydomain = xiuxiumail.top
myhostname = mail.xiuxiumail.top
mynetworks = 168.100.189.0/28, 127.0.0.0/8
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_unauth_pipelining
unknown_local_recipient_reject_code = 550
# 2.0.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-642.6.2.el6.x86_64 x86_64 CentOS release 6.8 (Final) ext3
auth_mechanisms = plain login
disable_plaintext_auth = no
listen = *
mail_location = mbox:/var/mail:INBOX=/var/mail/%u
mail_privileged_group = mail
mbox_write_locks = fcntl
#passdb userdb 在auth-system.conf.ext中
passdb {
driver = pam
}
userdb {
driver = passwd
}
protocols = imap pop3
ssl = no
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
#下面是为smtpd提供的sasl实现
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
- yum 安装 cyrus-sasl 提供smtpd验证发信(dovecot和cyrus选择一个就行了)
- service saslauthd start 启动cryus-sasl验证客户端
#/etc/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: plain login
#/etc/sysconfig/saslauthd
SOCKETDIR=/var/run/saslauthd
#默认是pam
MECH=shadow
#testauthd测试时候认证ok
网友评论