牌語備忘録 -pygo

あくまでもメモです。なるべくオフィシャルの情報を参照してください。

牌語備忘録 -pygo

さくらVPSにUbuntuインストール後の設定メモ その3 -- メールサーバー Postfix + Dovecot

SMTP

Install: postfix
sudo aptitude -y install postfix 
:
Please select the mail server configuration type that best meets your needs.

 No configuration:
  Should be chosen to leave the current configuration unchanged.
 Internet site:
  Mail is sent and received directly using SMTP.
 Internet with smarthost:
  Mail is received directly using SMTP or by running a utility such
  as fetchmail. Outgoing mail is sent using a smarthost.
 Satellite system:
  All mail is sent to another machine, called a 'smarthost', for delivery.
 Local only:
  The only delivered mail is the mail for local users. There is no network.

  1. No configuration  3. Internet with smarthost  5. Local only
  2. Internet Site     4. Satellite system

General type of mail configuration: 2
:
System mail name: xxxxxx.jp
:
設定
    myhostname = mail.example.com
    mydestination = example.com, mail.example.com, localhost.localdomain, localhost
    mynetworks = 192.168.0.0/24 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
    mailbox_size_limit = 0
    inet_interfaces = all
    home_mailbox = Maildir/
:
# submission inet n       -       -       -       -       smtpd
submission inet n       -       -       -       -       smtpd
:
smtps     inet  n       -       -       -       -       smtpd
 -o smtpd_tls_wrappermode=yes
 -o smtpd_sasl_auth_enable=yes
:
再起動
sudo service postfix restart
メール送れるか確認

メール送れるように mailutils インストール

sudo aptitude -y install mailutils

ローカルからメール送信

mail username@hostname.com
    cc:
    Subject: test from mail server
# C-d
届いたか確認
cd Maildir/new/
ls 
    xxxxxxxxxx.xxxxxxxxxxxxxxxxxx.xxxxxxxxxx
cat xxxxxxxxxx.xxxxxxxxxxxxxxxxxx.xxxxxxxxxx
:
    Subject: test from mail server
    X-Mailer: mail (GNU Mailutils 2.1)
:

IMAP

Install dovecot
sudo aptitude -y install dovecot-imapd
設定
:
#protocols = imap imaps
protocols = imap imaps
:
#   protocol imap {
#     listen = *:10143
#     ssl_listen = *:10943
#     ..
#   }
:
ssl = yes
:
    #login_trusted_networks =
    login_trusted_networks = 192.168.0.0/24
:

起動

sudo service dovecot start

ファイアーウォール許可

sudo ufw allow smtp
sudo ufw allow ssmtp
sudo ufw allow imaps
sudo ufw allow imap2
sudo ufw status

証明書の作成

sudo su -
cd /etc/ssl/private
openssl genrsa -des3 1024 > mail.key
    Generating RSA private key, 1024 bit long modulus
    :
    Enter pass phrase:
    Verifying - Enter pass phrase:
プライベートキーからパスワードを削除。
openssl rsa -in mail.key -out mail.key
Enter pass phrase for test.key: #前述で入力したパス入力
writing RSA key 
パブリックキーの生成
cd /etc/ssl/certs
openssl req -utf8 -new -key /etc/ssl/private/mail.key -x509 -days 365  -out mail.pem -set_serial 0
#質問に答える
Country Name (2 letter code) [AU]:JP
:
Config: dovecot
#ssl_cert_file = /etc/ssl/certs/dovecot.pem
#ssl_key_file = /etc/ssl/private/dovecot.pem
ssl_cert_file = /etc/ssl/certs/mail.pem
ssl_key_file = /etc/ssl/private/mail.key
restart
sudo service dovecot restart
Config: postfix
# smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
# smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_cert_file=/etc/ssl/certs/mail.pem
smtpd_tls_key_file=/etc/ssl/private/mail.key
restart
sudo service postfix restart

saslauthd*1

sudo aptitude install -y sasl2-bin
  • /etc/default/saslauthd
# Should saslauthd run automatically on startup? (default: no)
# START=no
START=yes
Config: postfix
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_application_name = smtpd
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
Restart: postfix
 sudo service postfix restart
smtpd.conf

ファイル作成

pwcheck_method: saslauthd
chroot

ubuntupostfixは標準でchrootを使用して起動しているらしいので、saslauthdと通信できるように次のようにタイプする必要があるそうな。下記参考サイト参照。

もう少しスマートな方法ないのかな?

#参考サイトのように削除するのは恐いのでリネームしてみた
sudo mv /var/run/saslauthd /var/run/saslauthd_bak
#新しく /var/spool/postfix/ 以下にディレクトリ作成 /var/run/saslauthd
sudo mkdir -p /var/spool/postfix/var/run/saslauthd 
sudo ln -s /var/spool/postfix/var/run/saslauthd /var/run
sudo chgrp sasl /var/spool/postfix/var/run/saslauthd
sudo adduser postfix sasl

Restart: saslauthd

 sudo service saslauthd restart

*1:変更:20120519