Postfix
1 前言
笔者需要使用服务器需要发送通知,由于想要简单,不想搭建mail服务器,所以使用Postfix的中继功能发送邮件,于是有了以下的配置。
2 实践部分
2.1配置环境
系统环境:CentOS 7.3 x86_64
邮箱类型:腾讯企业邮
目标邮件地址:will@cmdschool.org
邮箱服务器地址:smtp.exmail.qq.com
SMTP类型:SSL
邮箱服务器端口:465
2.2 配置
2.2.1 安装基础软件包
yum install -y postfix mailx cyrus-sasl-plain
2.2.2 修改证书有效时间
cd /etc/ssl/certs/ vim Makefile
修改配置如下:
DAYS=3650
注:以上改为10年
2.2.3 创建证书
make server.pem
向导如下:
[...] Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:GD Locality Name (eg, city) [Default City]:DG Organization Name (eg, company) [Default Company Ltd]:cmdschool Organizational Unit Name (eg, section) []:www.cmdschool.org Common Name (eg, your name or your server's hostname) []:www Email Address []:will@cmdschool.org
部署证书:
mv server.pem /etc/postfix/
2.2.4 创建主配置文件
cp -a /etc/postfix/main.cf /etc/postfix/main.cf.default echo '' > /etc/postfix/main.cf vim /etc/postfix/main.cf
加入如下配置:
mydomain = cmdschool.org myorigin = $mydomain myhostname = $mydomain mydestination = $mydomain alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases relayhost = [smtp.exmail.qq.com]:465 smtp_use_tls = yes smtp_tls_CAfile = /etc/postfix/server.pem smtp_generic_maps = hash:/etc/postfix/generic smtp_sasl_auth_enable = yes smtp_sasl_security_options = noanonymous smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
注:笔者感到非常诧异,参数“relyhost”前面一定要有空格才能传送,是否要空格以实际测试为准
2.2.5 启动服务并配置自启动
systemctl start postfix systemctl enable postfix
2.2.6 创建认证信息
echo '[smtp.exmail.qq.com]:465 will@cmdschool.org:willpasswd' >> /etc/postfix/sasl_passwd chown root:root /etc/postfix/sasl_passwd chmod 0600 /etc/postfix/sasl_passwd postmap /etc/postfix/sasl_passwd
2.2.7 创建替代发件人
cp -a /etc/postfix/generic /etc/postfix/generic.default echo 'root@cmdschool.org will@cmdschool.org' >> /etc/postfix/generic postmap /etc/postfix/generic
2.2.8 重启使服务是配置生效
systemctl restart postfix
2.2.9 测试邮件发送
echo 'This is a test mail' | mail -s 'This is a test mail' xxx@qq.com
2.3 故障排除
2.3.1 排错涉及的日志
tail -f /var/log/maillog
2.3.2 网络排错
traceroute -n -T -p 465 smtp.exmail.qq.com traceroute -n -T -p 465 mx1.qq.com traceroute -n -T -p 465 mx2.qq.com traceroute -n -T -p 465 mx3.qq.com
注:以上排错对于云服务器非常有用
2.4 针对25端口敏感的环境配置
2.4.1 修改协议
vim /etc/postfix/master.cf
修改配置如下:
# smtp inet n - n - - smtpd smtps inet n - n - - smtpd
2.4.2 重启使配置生效
systemctl restart postfix
2.4.3 确认配置生效
netstat -antp | egrep "25|465"
端口显示如下:
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 11545/master tcp6 0 0 :::465 :::* LISTEN 11545/master
注:以上适用于对25端口不允许通讯的环境
参阅文档:
=========================================
https://linode.com/docs/email/postfix/postfix-smtp-debian7/
http://www.jslink.org/linux/centos-postfix-mailx-qq-smtp-sendmail.html
https://www.faqforge.com/linux/how-to-enable-port-465-smtps-in-postfix-mailserver/
没有评论