参考http://bbs.chinaunix.net/thread-987344-1-1.html http://linux.vbird.org/linux_server/0390postfix.php
Postfix-2.4.6 ftp://postfix.get7.biz/postfix/official/postfix-2.4.6.tar.gz
cyrus-sasl-2.1.22 http://download.chinaunix.net/download.php?id=24281&ResourceID=71
cyrus-sasl-2.1.22 + postfix-2.4.6 查看当前sasl版本 #saslauthd -v 关闭当前运行的SENDMAIL: #/etc/rc.d/init.d/sendmail stop 禁止开机运行: #chkconfig -levels 12345 sendmail off 或 #chkconfig sendmail off
关闭原有的sendmail:
mv /usr/sbin/sendmail /usr/sbin/sendmail.OFF
mv /usr/bin/newaliases /usr/bin/newaliases.OFF
mv /usr/bin/mailq /usr/bin/mailq.OFF
chmod 755 /usr/sbin/sendmail.OFF /usr/bin/newaliases.OFF /usr/bin/mailq.OFF
安装sasl #tar zxvf cyrus-sasl-2.1.22.tar.gz #cd cyrus-sasl-2.1.22 #./configure –prefix=/usr/local/sasl2 (注意使用续行符) –disable-gssapi –disable-anon –disable-sample –disable-digest –enable-plain –enable-login
#make #make install 关闭原有的sasl:
mv /usr/lib/libsasl2.a /usr/lib/libsasl2.a.OFF
mv /usr/lib/libsasl2.la /usr/lib/libsasl2.la.OFF
mv /usr/lib/libsasl2.so.2.0.19 /usr/lib/libsasl2.so.2.0.19.OFF
mv /usr/lib/sasl2 /usr/lib/sasl2.OFF
rm /usr/lib/libsasl2.so
rm /usr/lib/libsasl2.so.2
# ln -sv /usr/local/sasl2/lib/* /usr/lib postfix 2.3以后的版本会分别在/usr/local/lib和/usr/local/include中搜索sasl库文件及头文件,故还须将其链接至此目录中:
ln -sv /usr/local/sasl2/lib/* /usr/local/lib
ln -sv /usr/local/sasl2/include/sasl/* /usr/local/include
创建运行时需要的目录并调试启动
mkdir -pv /var/state/saslauthd
/usr/local/sasl2/sbin/saslauthd -a shadow -d
启动并测试
/usr/local/sasl2/sbin/saslauthd -a shadow
/usr/local/sasl2/sbin/testsaslauthd -u root -p root用户密码
配置库文件搜索路径
echo “/usr/local/sasl2/lib” >> /etc/ld.so.conf
echo “/usr/local/sasl2/lib/sasl2” >> /etc/ld.so.conf
ldconfig -v
开机自动启动(使用 sasldb时saslauthd可以取消)
echo “/usr/local/sasl2/sbin/saslauthd -a shadow “>>/etc/rc.local
安装postfix #tar zxvf postfix-2.4.6.tar.gz #cd postfix-2.4.6 #make tidy #make makefiles CCARGS=’-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/local/sasl2/include/sasl’ ‘AUXLIBS=-L/usr/local/sasl2/lib -lsasl2’
#groupadd -g 2525 postfix #useradd -g postfix -u 2525 -s /sbin/nologin -M postfix
#groupadd -g 2526 postdrop #useradd -g postdrop -u 2526 -s /bin/false -M postdrop
#make #make install
按照以下的提示输入相关的路径([]号中的是缺省值,”]”后的是输入值)
#vi /usr/local/lib/sasl2/smtpd.conf 添加如下内容: pwcheck_method: saslauthd mech_list: PLAIN LOGIN
让postfix重新加载配置文件 #/usr/local/postfix/sbin/postfix reload
添加smtp认证用户
使用shadow认证 [root@dev ~]# groupadd mailuser [root@dev ~]# adduser -g mailuser -s /sbin/nologin service [root@dev ~]# passwd service Changing password for user service. New UNIX password: BAD PASSWORD: it is too simplistic/systematic Retype new UNIX password: passwd: all authentication tokens updated successfully. [root@dev ~]#
检查是否可以通过认证 [root@dev ~]# /usr/local/sasl2/sbin/testsaslauthd -u service -p 123456 0: OK “Success.”
生成base64备用 [root@dev ~]# perl -MMIME::Base64 -e ‘print encode_base64(“service”);’ c2VydmljZQ== [root@dev ~]# perl -MMIME::Base64 -e ‘print encode_base64(“123456”);’ MTIzNDU2 [root@dev ~]# telnet localhost 25 REtOWTk5OXh4eA== Trying 127.0.0.1… Connected to localhost.localdomain (127.0.0.1). Escape character is ‘^]’. 220 Welcome to our devmail.c1gstudio.com ESMTP,Warning: Version not Available! ehlo localhost 250-devmail.c1gstudio.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN auth login 334 VXNlcm5hbWU6 c2VydmljZQ== 334 UGFzc3dvcmQ6 MTIzNDU2 235 2.0.0 Authentication successful mail from:[email protected] 250 2.1.0 Ok rcpt to:[email protected] 250 2.1.5 Ok data 354 End data with . subject:hello 13:08 this is a test . 250 2.0.0 Ok: queued as 0BABAD607EB quit 221 2.0.0 Bye Connection closed by foreign host.
可以查看邮件队列 #/usr/local/postfix/sbin/postqueue -p
清除队列 #/usr/local/postfix/sbin/postsuper -d all 去邮箱检查邮件已收到。 dreammail发送也成功。 网站esmtp发送成功。
找到myhostname的配置备用
egrep myhostname /etc/postfix/main.cf
#saslpasswd2 -c -u mail.c1gstudio.com andy 输入密码 #cd /etc #chown postfix sasldb2 查看用户
sasldblistusers2
取消saslauthdb自启动 #vi /etc/rc.local
然后就可以使用了 测试下来投递速度差不多50封/s
[root@dev ~]# telnet xxx.xxx.xxx.xxx 25 Trying xxx.xxx.xxx.xxx … telnet: connect to address 221.130.185.107: Connection refused telnet: Unable to connect to remote host: Connection refused 把main.cf里的inet_interfaces改成all,再关闭后重开服务
postfix的日志分析工具有如下几种
pflogsumm AWStats Isoqlog mailgraph 等 更多的postfix logfile analysis在postfix.org的网站上有介绍 http://www.postfix.org/addon.html#logfile 1 下载 http://jimsun.linxnet.com/postfix_contrib.html 2 安装 Date::Calc #perl -MCPAN -e shell cpan> install Date::Calc 一路回车 3 安装pflogsumm(安装说明都在README里) tar zxvf pflogsumm-1.1.0.tar.gz cd pflogsumm-1.1.0 cp pflogsumm.pl /usr/local/bin/pflogsumm chown bin:bin /usr/local/bin/pflogsumm chmod 755 /usr/local/bin/pflogsumm cp pflogsumm.1 /usr/local/man/man1/pflogsumm.1 chown bin:bin /usr/local/man/man1/pflogsumm.1 chmod 644 /usr/local/man/man1/pflogsumm.1 3 配置系统LANG(在pflogsumm-faq.txt中19条有讲) vi /etc/sysconfig/i18n LANG=”en_US” 4 运行命令,查看日志 /usr/local/bin/pflogsumm /var/log/maillog 或 pflogsumm `ls -rt /var/log/maillog*` 或 /usr/local/bin/pflogsumm -d today /var/log/maillog 或 /usr/local/bin/pflogsumm -d yesterday /var/log/maillog 更详细的用法,讲参照man pflogsumm 5 定时把报告发送到邮箱 0 5 * * * /usr/local/bin/pflogsumm -d yesterday /var/log/maillog | mail -s “Mail Report From mail.c1gstudio.com” [email protected]
No Responses (yet)
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.