目的
内部向けSMTPサーバーを構築する。
対象ホスト
内部サーバー
前提条件
マニュアル名:「共通設定」の全マニュアル、「SSL証明書」、「認証統合」の全マニュアルが完了していること。
設定手順
インストール
[root@centos ~]# yum install cyrus-sasl
設定ファイル編集
/etc/postfix/main.cf
[root@centos ~]# vim /etc/postfix/main.cf (中略) #inet_interfaces = localhost inet_interfaces = all (中略) #mydestination = $myhostname, localhost.$mydomain, localhost #mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain #mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, # mail.$mydomain, www.$mydomain, ftp.$mydomain mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain (中略) #mynetworks = hash:/etc/postfix/network_table mynetworks = 127.0.0.0/8, 10.0.1.101/32 (中略) #relayhost = $mydomain #relayhost = [gateway.my.domain] #relayhost = [mailserver.isp.tld] #relayhost = uucphost #relayhost = [an.ip.add.ress] relayhost = mail.mydomain.com (中略) #alias_maps = dbm:/etc/aliases #alias_maps = hash:/etc/aliases #alias_maps = hash:/etc/aliases, nis:mail.aliases #alias_maps = netinfo:/aliases alias_maps = hash:/etc/aliases, ldap:/etc/postfix/ldap-aliases.cf (中略) #home_mailbox = Maildir/ home_mailbox = Maildir/ (中略) #mailbox_command = /some/where/procmail -a "$EXTENSION" mailbox_command = /usr/libexec/dovecot/deliver (中略) message_size_limit = 3145728 smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_tls_cert_file = /var/lib/pki/server.crt smtpd_tls_key_file = /var/lib/pki/server.key smtpd_tls_security_level = may
/etc/postfix/ldap-aliases.cf
[root@centos ~]# vim /etc/postfix/ldap-aliases.cf server_host = ldaps://localhost/ search_base = dc=mydomain,dc=com bind = yes bind_dn = cn=Reader,dc=mydomain,dc=com bind_pw = [password] query_filter = uid=%s result_attribute = mailRoutingAddress version = 3 [root@centos ~]# chmod 600 /etc/postfix/ldap-aliases.cf
/etc/sysconfig/saslauthd
[root@centos ~]# vim /etc/sysconfig/saslauthd #MECH=pam MECH=ldap
/etc/saslauthd.conf
[root@centos ~]# vim /etc/saslauthd.conf ldap_servers: ldaps://localhost/ ldap_bind_dn: cn=Reader,dc=mydomain,dc=com ldap_password: [password] ldap_search_base: dc=mydomain,dc=com [root@centos ~]# chmod 600 /etc/saslauthd.conf
/etc/postfix/master.cf
[root@centos ~]# vim /etc/postfix/master.cf #smtps inet n - n - - smtpd smtps inet n - n - - smtpd # -o smtpd_tls_wrappermode=yes -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
サービス起動設定
[root@centos ~]# systemctl start saslauthd && systemctl enable saslauthd [root@centos ~]# systemctl status saslauthd [root@centos ~]# systemctl restart postfix [root@centos ~]# systemctl status postfix
[amazonjs asin=”4873111951″ locale=”JP” title=”Postfix実用ガイド”]
CentOS 7 Postfix 内部向け SMTP サーバー構築