1.配置postfix
#安装postfix,弹出dpkg配置,选择Internet Site,输入MX记录中的域名
root@Server02:~# apt-get install postfix
#编辑配置文件,修改tls中的证书私钥信息,开启sasl认证登录
root@Server02:/etc/postfix# vim main.cf # TLS parameters smtpd_sasl_auth_enable=yes smtpd_tls_cert_file=/CA/cacert.pem smtpd_tls_key_file=/CA/key.pem smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination myhostname = Server02.sdskills.org alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = $myhostname, sdskills.org, Server02.sdskills.org, localhost.sdskills.org, localhost relayhost = mynetworks = 0.0.0.0/0 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all
#编辑master.cf配置文件,开启smtps的注释,开启chroot
root@Server02:/etc/postfix# vim master.cf smtp inet n - n - - smtpd smtps inet n - n - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#进入sasl文件夹,新建smtpd.conf文件,开启密码认证方式为saslauthd服务
root@Server02:/etc/postfix/sasl# vim smtpd.conf pwcheck_method: saslauthd #mech_list:PLAIN LOGIN #saslauthd_path:/var/run/saslauthd/mux
2.dovecot服务配置
#安装dovecot核心服务,imapd组件
root@Server02:~# apt-get install dovecot-core root@Server02:~# apt-get install dovecot-imapd
#进入服务目录conf.d下,修改如下配置
//开启明文传输
root@Server02:/etc/dovecot/conf.d# vim 10-auth.conf disable_plaintext_auth = no
//修改SSL信息
root@Server02:/etc/dovecot/conf.d# vim 10-ssl.conf ssl = yes ssl_cert = </CA/cacert.pem ssl_key = </CA/key.pem
//修改注释开启imaps端口监听
root@Server02:/etc/dovecot/conf.d# vim 10-master.conf service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes }
3.saslauthd服务配置
#安装sasl软件包
root@Server02:~# apt-get install sasl2-bin
#编辑默认配置,开启sasl认证服务
root@Server02:/etc/default# vim saslauthd START=yes
#将postfix加入sasl组!!!
root@Server02:~# usermod -G sasl postfix
4.其他
#批量创建99个用户,创建邮箱目录
root@Server02:/home# for i in `seq 99` > do > useradd -m user$i > mkdir -p /home/user$i/mail/.imap/INBOX > chown -R user$i:user$i /home/user$i > echo user$i:Chinaskill20! >> passfile > done root@Server02:/home# pwunconv root@Server02:/home# chpasswd < passfile root@Server02:/home# pwconv
全部配置完成后重启各服务
root@Server02:~# systemctl restart postfix dovecot saslauthd
thunder验证
输入用户信息登录到邮件服务
确认证书信任
发送邮件
用户收到邮件
服务测试通过