CentOS 7.2 deploy mail server (Postfix)

  Copyright statement: This article is an original article by Shaon Puppet. Please indicate the original address for reprinting. Thank you very much. https://blog.csdn.net/wh211212/article/details/53040620

1. Introduction to Postfix##

Postfix is an e-mail server, which was created by Wietse Venema, a Dutch researcher who works at the IBM Watson Research Center (TJ Watson Research Center), to improve the sendmail mail server. It first appeared in the late 1990s as an open source software.
Postfix official website: http://www.postfix.org/
Postfix download link: http://www.postfix.org/download.html

Two, Postfix installation##

Install Postfix to configure the SMTP server

[1] Even if the CentOS system is installed with [Minimal Installation], Postfix will be installed, but if Postfix is not installed, please install it first, as shown below.

[ root@linuxprobe ~]# yum -y install postfix

[2] This example shows configuring SMTP-Auth to use Dovecot's SASL functions.

[ root@linuxprobe ~]# vi /etc/postfix/main.cf
# line 75: uncomment and specify hostname

myhostname = linuxprobe.srv.world
# line 83: uncomment and specify domain name

mydomain = srv.world
# line 99: uncomment

myorigin = $mydomain
# line 116: change

inet_interfaces = all
# line 164: add

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
# line 264: uncomment and specify your local network

mynetworks =127.0.0.0/8,10.0.0.0/24
# line 419:uncomment(use mailboxdir)

home_mailbox = mailbox/
# line 574: add

smtpd_banner = $myhostname ESMTP
# add follows to the end

# limit an email size for 10M

message_size_limit =10485760

# limit a mailbox for 1G

mailbox_size_limit =1073741824
# for SMTP-Auth

smtpd_sasl_type = dovecot
smtpd_sasl_path =private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_mynetworks,permit_auth_destination,permit_sasl_authenticated,reject

[ root@linuxprobe ~]# systemctl restart postfix
[ root@linuxprobe ~]# systemctl enable postfix

[3] If Firewalld is running, please allow the SMTP service. SMTP uses 25/TCP.

[ root@dlp ~]# firewall-cmd --add-service=smtp --permanent
success
[ root@dlp ~]# firewall-cmd --reload
success

Three, Dovecot installation##

Install Dovecot to configure POP/IMAP server

[1] Install Dovecot.

[ root@linuxprobe ~]# yum -y install dovecot

[2] This example shows a configuration to provide SASL functionality to Postfix.

[ root@linuxprobe ~]# vi /etc/dovecot/dovecot.conf
# line 24: uncomment
protocols = imap pop3 lmtp
# line 30: uncomment and change(if not use IPv6 )
listen =*[root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-auth.conf
# line 10: uncomment and change( allow plain text auth )
disable_plaintext_auth = no
# line 100: add
auth_mechanisms = plain login
[ root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-mail.conf
# line 30: uncomment and add
mail_location = maildir:~/Maildir
[ root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-master.conf
# line 96-98: uncomment and add like follows
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
 mode =0666
 user = postfix
 group = postfix
}[ root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-ssl.conf
# line 8:change(not require SSL)
ssl = no

[ root@linuxprobe ~]# systemctl start dovecot
[ root@linuxprobe ~]# systemctl enable dovecot

[3] If Firewalld is running, please allow POP/IMAP services. POP uses 110/TCP, IMAP uses 143/TCP.

[ root@vdevops ~]# firewall-cmd --add-port={110/tcp,143/tcp}--permanent
success
[ root@vdevops ~]# firewall-cmd --reload
success

Four, SSL settings##

Configure SSL to encrypt the connection

[1] First create a certificate, portal: http://blog.csdn.net/wh211212/article/details/52982917
[2] Configure Postfix and Dovecot for SSL.

# add to the end
smtpd_use_tls = yes
smtpd_tls_cert_file =/etc/pki/tls/certs/server.crt
smtpd_tls_key_file =/etc/pki/tls/certs/server.key
smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache
[ root@linuxprobe ~]# vi /etc/postfix/master.cf
# line 26-28: uncomment
smtps       inet   n       -       n       --       smtpd
 - o syslog_name=postfix/smtps
 - o smtpd_tls_wrappermode=yes
[ root@linuxprobe ~]# vi /etc/dovecot/conf.d/10-ssl.conf
# line 8: change
ssl = yes
# line 14,15: specify certificates
ssl_cert =</etc/pki/tls/certs/server.crt
ssl_key =</etc/pki/tls/certs/server.key
[ root@linuxprobe ~]# systemctl restart postfix dovecot

[3] If Firewalld is running, please allow SMTPS/POP3S/IMAPS services. SMTPS uses 465/
TCP, POP3S use 995/TCP, IMAPS uses 993/TCP.

[ root@vdevops ~]# firewall-cmd --add-service={pop3s,imaps}--permanent
success
[ root@vdevops ~]# firewall-cmd --add-port=465/tcp --permanent
success
[ root@vdevops ~]# firewall-cmd --reload
success

Mail log report: pflogsumm

Install pflogsumm which is Postfix log reporting tool

[1] Install the postfix-perl-scripts package.

[ root@linuxprobe ~]# yum -y install postfix-perl-scripts
# generate log summary for yesterday
[ root@linuxprobe ~]# perl /usr/sbin/pflogsumm -d yesterday /var/log/maillog
Postfix log summaries for Jul 14
Grand Totals
------------
messages
  2 received
  5 delivered
  0 forwarded
  0 deferred
  0 bounced
  0 rejected(0%)0   reject warnings
  0 held
  0 discarded(0%)2879   bytes received
 6572 bytes delivered
  1 senders
  1 sending hosts/domains
  2 recipients
  2 recipient hosts/domains
Per-Hour Traffic Summary
------------------------
 time          received  delivered   deferred    bounced     rejected
    --------------------------------------------------------------------0000-0100000000100-0200000000200-0300000000300-0400000000400-0500000000500-0600000000600-0700000000700-0800000000800-0900000000900-1000000001000-1100250001100-1200000001200-1300000001300-1400000001400-1500000001500-1600000001600-1700000001700-1800000001800-1900000001900-2000000002000-2100000002100-2200000002200-2300000002300-240000000

Host/Domain Summary: Message Delivery
--------------------------------------
 sent cnt  bytes   defers   avg dly max dly host/domain
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 3411900.4 s    0.8 s  srv.world
  2245300.1 s    0.1 s  mail.srv.world

Host/Domain Summary: Messages Received
---------------------------------------
 msg cnt   bytes   host/domain
 - - - - - - - - - - - - - - - - - - - - - - - - - - 22879 mail.srv.world

Senders by message count
- - - - - - - - - - - - - - - - - - - - - - - - 2 [email protected]

Recipients by message count
- - - - - - - - - - - - - - - - - - - - - - - - - - - 3 [email protected]
  2 [email protected]

Senders by message size
- - - - - - - - - - - - - - - - - - - - - - - 2879 [email protected]

Recipients by message size
- - - - - - - - - - - - - - - - - - - - - - - - - - 4119 [email protected]
 2453 [email protected]

message deferral detail: none
message bounce detail(by relay): none
message reject detail: none
message reject warning detail: none
message hold detail: none
message discard detail: none
smtp delivery failures: none
Warnings
- - - - - - - - tlsmgr(total:6)3   redirecting the request to postfix-owned data_directory /var/li...3   request to update table btree:/etc/postfix/smtpd_scache in non-...

Fatal Errors: none
Panics: none
Master daemon messages
- - - - - - - - - - - - - - - - - - - - - - 4 daemon started -- version 2.10.1, configuration /etc/postfix
  3 terminating on signal 151   reload -- version 2.10.1, configuration /etc/postfix

[ root@linuxprobe ~]# crontab -e
# Send mail log summary at AM every day 1:00 to root
0001*** perl /usr/sbin/pflogsumm -e -d yesterday /var/log/maillog | mail -s 'Logwatch for Postfix' root