Configure a secure mail server with Postfix, Dovecot, Amavis and RoundCube

Cent OS
systemctl restart network

ip addr show
ssh-keygen -R git.mywebsite.ir
RAID 1
fdisk-l
fdisk /dev/sda
n
p
1
enter
enter
p
l
t
fd
p
w
Postfix
hostnamectl set-hostname mail.pat.com
sudo nano /etc/hosts
192.168.1.9 mail.pat.com
yum -y install postfix dovecot
openssl genrsa -des3 -out server.key 2048
openssl rsa -in server.key -out server.key.insecure
mv server.key server.key.secure
mv server.key.insecure server.key
openssl req -new -key server.key -out server.csr
dejar en blanco challenge password
openssl x509 -req -days 365 -in server.csr -signkey
server.key -out server.crt
sudo nano /etc/postfix/main.cf
decomentar las lineas

#inet_interfaces = localhost #---> line no 116
#mydestination = $myhostname, localhost.
$mydomain, localhost #--> line no 164
agregar
myhostname = mail.pat.com
mydomain = pat.com
myorigin = $mydomain
home_mailbox = mail/
mynetworks = 127.0.0.0/8
inet_interfaces = all
mydestination = $myhostname, localhost.
$mydomain, localhost, $mydomain
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions =
permit_sasl_authenticated,permit_mynetworks,rej
ect_unauth_destination
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_key_file = /etc/postfix/ssl/server.key
smtpd_tls_cert_file = /etc/postfix/ssl/server.crt
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
sudo nano /etc/postfix/master.cf
despus de smtp inet n n smtpd agregar :
-o syslog_name=postfix/smtps
-o smtpd_sasl_auth_enable=yes
-o
smtpd_recipient_restrictions=permit_sasl_authenticated,reje
ct
-o milter_macro_daemon_name=ORIGINATING
postfix check
sudo nano /etc/dovecot/conf.d/10-master.conf
agregar
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
sudo nano /etc/dovecot/conf.d/10-auth.conf
agregar a auth_mechanisms = plain la palabra login
systemctl
systemctl
systemctl
systemctl
restart postfix
enable postfix
restart dovecot
enable dovecot
firewall-cmd
firewall-cmd
firewall-cmd
firewall-cmd
--permanent --add-service=smtp
--permanent --add-port=587/tcp
--permanent --add-port=465/tcp
--reload
telnet mail.pat.com 465

ehlo mail.pat.com
sudo nano /etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:~/mail
sudo nano /etc/dovecot/conf.d/20-pop3.conf
decomentar la lnea pop3_uidl_format = %08Xu%08Xv
systemctl restart dovecot
firewall-cmd
firewall-cmd
firewall-cmd
firewall-cmd
firewall-cmd
--permanent
--permanent
--permanent
--permanent
reload
--add-port=110/tcp
--add-service=pop3s
--add-port=143/tcp
--add-service=imaps
useradd -m test -s /sbin/nologin

Amavis
# install from EPEL
[root@mail ~]# yum --enablerepo=epel -y install amavisdnew clamav-server clamav-server-systemd

[root@mail ~]# cp /usr/share/doc/clamavserver*/clamd.sysconfig /etc/sysconfig/clamd.amavisd
[root@mail ~]# vi /etc/sysconfig/clamd.amavisd
# line 1, 2: uncomment and change
CLAMD_CONFIGFILE=/etc/clamd.d/amavisd.conf
CLAMD_SOCKET=/var/run/clamd.amavisd/clamd.sock
[root@mail ~]# vi /etc/tmpfiles.d/clamd.amavisd.conf
# create new
d /var/run/clamd.amavisd 0755 amavis amavis
[root@mail ~]# vi /usr/lib/systemd/system/clamd@.service
# add follows to the end
[Install]
WantedBy=multi-user.target
[root@mail ~]# systemctl start clamd@amavisd
[root@mail ~]# systemctl enable clamd@amavisd
[root@mail ~]# vi /etc/amavisd/amavisd.conf

# line 20: change to the own domain name
$mydomain = 'srv.world';
# line 152: change to the own hostname
$myhostname = 'mail.srv.world';
# line 154: uncomment
$notify_method = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025';
[root@mail
[root@mail
[root@mail
[root@mail
~]#
~]#
~]#
~]#
systemctl
systemctl
systemctl
systemctl
start amavisd
enable amavisd
start spamassassin
enable spamassassin
[root@mail ~]# vi /etc/postfix/main.cf

content_filter=smtp-amavis:[127.0.0.1]:10024
[root@mail ~]# vi /etc/postfix/master.cf
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
[root@mail ~]# systemctl restart postfix
RoundCube

Configure a secure mail server with Postfix, Dovecot, Amavis and RoundCube

Transféré par

Informations du document

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Configure a secure mail server with Postfix, Dovecot, Amavis and RoundCube

Transféré par

Droits d'auteur :

Formats disponibles

Cent OS

systemctl restart network

decomentar las lineas

telnet mail.pat.com 465

useradd -m test -s /sbin/nologin

[root@mail ~]# yum --enablerepo=epel -y install amavisdnew clamav-server clamav-server-systemd

[root@mail ~]# vi /etc/amavisd/amavisd.conf

[root@mail ~]# vi /etc/postfix/main.cf

Vous aimerez peut-être aussi