Hatena::ブログ(Diary)

quartetteの日記

2012-06-07

postfixの設定

よく設定忘れてメール送れないとかに陥るので現状動いているサーバの設定ファイル
インスコとかは面倒くさいので割愛

1.ローカルホストからのみ送信
WEB+APP構成のAPP側でよくやる。ユーザ、パスワード必要ないので便利

vi /etc/postfix/main.cf



myhostname = homuhomu.com
mydomain = homuhomu.com
mynetworks = 127.0.0.0/8
mynetworks_style = host
myorigin = $mydomain
notify_classes = resource,software,policy
allow_percent_hack = yes
swap_bangpath = yes
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
inet_interfaces = all
mydestination = $mynetworks, $myhostname, localhost.$mydomain, localhost, $mydomain
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
home_mailbox = Maildir/
smtpd_banner = $myhostname ESMTP unknown
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES


2.SMTP認証形式
おそらく最も基本的な設定。SMTP認証にはlinuxユーザを使う
vi /etc/postfix/main.cf



queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
myhostname = mail.homuhomu.com
mydomain = homuhomu.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
unknown_local_recipient_reject_code = 550
mynetworks = 192.168.1.0/24, 127.0.0.0/8, xxx.xxx.xx.xxx
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
home_mailbox = Maildir/

smtpd_banner = $myhostname ESMTP unknown
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
message_size_limit = 10485760


3.SMTP認証、リレーサーバ経由形式
借りたサーバが軒並みスパム認定のIPだった場合等に便利
vi /etc/postfix/main.cf



queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
myhostname = mail.homuhomu.com
mydomain = homuhomu.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
unknown_local_recipient_reject_code = 550
mynetworks = 192.168.1.0/24, 127.0.0.0/8, xxx.xxx.xx.xxx
relay_domains = $mydestination
relayhost = relayhost.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
home_mailbox = Maildir/
smtpd_banner = $myhostname ESMTP unknown
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES

allow_min_user = yes

broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination

message_size_limit = 10485760


4.複数バーチャルドメインmysql、postfixadmin
複数ドメイン分構築する時とかに便利。phpとかmysqlの入れ方はググるといいんじゃないかな
メールサーバ構築のまとめ(複数のバーチャルドメイン+Postfix+MySQL+Dovecot+procmail+Clam AntiVirus+spamassassin+postfixadmin) と中身ほぼ一緒だからこっち見た方がいいね
vi /etc/postfix/main.cf


queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
myhostname = mail.homuhomu.com
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
mynetworks = 192.168.1.0/24, 127.0.0.0/8, xxx.xxx.xx.xxx, yyy.yyy.yy.yyy
alias_maps = hash:/etc/aliases
home_mailbox = Maildir/
smtpd_banner = $myhostname ESMTP unknown
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
allow_min_user = yes
owner_request_special = no
recipient_delimiter = +

# sasl
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain = homuhomu.jp,homuhomu.com
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

# virtual
local_transport = local
virtual_transport = virtual
virtual_mailbox_base = /home/virtual
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_alias_domains = $virtual_alias_maps
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_uid_maps = static:1001
virtual_gid_maps = static:1001

virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_overquota_bounce = yes
virtual_mailbox_limit_inbox = yes

# message size
message_size_limit = 102000000
mailbox_size_limit = 102400000
virtual_mailbox_limit = 102400000


5.セカンダリメールサーバキャッシュ保持のみ)
 プライマリ側に行かなかったメールを10日キャッシュし、プライマリメールサーバに転送し続ける
 冗長化と言えるのかな。用途は微妙ですね
・main.cf
vi /etc/postfix/main.cf


queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
myhostname = mail2.homuhomu.com
mydestination = localhost.$mydomain, localhost
mynetworks = 192.168.1.0/24, 127.0.0.0/8, xxx.xxx.xx.xx
trasnport_maps = hash:/etc/postfix/transport
relay_domains = $mydestination, homuhomu.jp
smtpd_banner = mail2.homuhomu.com ESMTP unknown
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES

allow_min_user = yes
bounce_queue_lifetime = 10d
maximal_queue_lifetime = 10d
minimal_backoff_time = 120s
queue_run_delay = 120s

message_size_limit = 10485760

・transport
vi transport


homuhomu.com smtp:[mail.homuhomu.com]

transport編集後に下記コマンド実行
postmap /etc/postfix/transport


TLSは少し設定追加すれば使えるので割愛
mailmanとの連携もちょろっと書き足すだけですね
オススメはpostfixadminかな、WEB上でユーザ管理とか転送設定ができるのは便利

スパム対策のためのダミーです。もし見えても何も入力しないでください
ゲスト


画像認証

トラックバック - http://d.hatena.ne.jp/quartette/20120607/1339072021
リンク元
Connection: close