CentOS7の環境にメールサーバを構築する

やりたいこと

取得したドメインで、メールサーバ環境を構築したくなったので、手順をメモ

環境

• バージョン

# cat /etc/centos-release
CentOS Linux release 7.2.1511 (Core) 

手順

SMTP-Authの設定

• cyrus-saslのインストール

# yum install cyrus-sasl

• 起動

# systemctl start saslauthd

• 自動起動設定

# systemctl enable saslauthd

• saslauthdからauxpropに変更

# vim /etc/sasl2/smtpd.conf

pwcheck_method: auxprop
mech_list: plain login

Postfixをインストール

yum install postfix

設定ファイル（/etc/postfix/main.cf）の編集

• vim で編集

# vim /etc/postfix/main.cf

• 受信メールサイズの上限設定

今回は、5MBにする

message_size_limit = 5242880

• 外部からのメールを許可するために、変更

localhost → allに変更する

# The inet_interfaces parameter specifies the network interface
# addresses that this mail system receives mail on.  By default,
# the software claims all active interfaces on the machine. The
# parameter also controls delivery of mail to user@[ip.address].
#
# See also the proxy_interfaces parameter, for network addresses that
# are forwarded to us via a proxy or network address translator.
#
# Note: you need to stop/start Postfix when this parameter changes.
#
inet_interfaces = all

• mail.の後に自ドメインを追加

# INTERNET HOST AND DOMAIN NAMES
# 
# The myhostname parameter specifies the internet hostname of this
# mail system. The default is to use the fully-qualified domain name
# from gethostname(). $myhostname is used as a default value for many
# other configuration parameters.
myhostname = mail.sample.com

• 自ドメインを追加

# The mydomain parameter specifies the local internet domain name.
# The default is to use $myhostname minus the first component.
# $mydomain is used as a default value for many other configuration
# parameters.
#
mydomain = sample.com 

• 追加

# SENDING MAIL
# 
# The myorigin parameter specifies the domain that locally-posted
# mail appears to come from. The default is to append $myhostname,
# which is fine for small sites.  If you run a domain with multiple
# machines, you should (1) change this to $mydomain and (2) set up
# a domain-wide alias database that aliases each user to
# user@that.users.mailhost.
#
# For the sake of consistency between sender and recipient addresses,
# myorigin also specifies the default domain name that is appended
# to recipient addresses that have no @domain part.
#
myorigin = $mydomain

• 自分のドメイン宛てのメールを受信するために、変更

変更前: mydestination = $myhostname, localhost.$mydomain, localhost
変更後: mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

# The mydestination parameter specifies the list of domains that this
# machine considers itself the final destination for.
#
# These domains are routed to the delivery agent specified with the
# local_transport parameter setting. By default, that is the UNIX
# compatible delivery agent that lookups all recipients in /etc/passwd
# and /etc/aliases or their equivalent.
#
# The default is $myhostname + localhost.$mydomain.  On a mail domain
# gateway, you should also include $mydomain.
#
# Do not specify the names of virtual domains - those domains are
# specified elsewhere (see VIRTUAL_README).
#
# Do not specify the names of domains that this machine is backup MX
# host for. Specify those names via the relay_domains settings for
# the SMTP server, or use permit_mx_backup if you are lazy (see
# STANDARD_CONFIGURATION_README).
#
# The local machine is always the final destination for mail addressed
# to user@[the.net.work.address] of an interface that the mail system
# receives mail on (see the inet_interfaces parameter).
#
# Specify a list of host or domain names, /file/name or type:table
# patterns, separated by commas and/or whitespace. A /file/name
# pattern is replaced by its contents; a type:table is matched when
# a name matches a lookup key (the right-hand side is ignored).
# Continue long lines by starting the next line with whitespace.
#
# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS".
#
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

• メールボックス形式の追加

# DELIVERY TO MAILBOX
#
# The home_mailbox parameter specifies the optional pathname of a
# mailbox file relative to a user's home directory. The default
# mailbox file is /var/spool/mail/user or /var/mail/user.  Specify
# "Maildir/" for qmail-style delivery (the / is required).
#
home_mailbox = Maildir/

• SMTP-Auth設定の追加

smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions =
    permit_mynetworks
    permit_sasl_authenticated
    reject_unauth_destination

Postfixの起動

• 起動

# systemctl restart postfix

• 自動起動設定

# systemctl enable postfix

dovecotのインストール

• インストール

# yum install dovecot

設定ファイル（/etc/dovecot/conf.d/10-mail.conf）の編集

# vim /etc/dovecot/conf.d/10-mail.conf

• メールボックス形式の追加

# Location for users' mailboxes. The default is empty, which means that Dovecot
# tries to find the mailboxes automatically. This won't work if the user
# doesn't yet have any mail, so you should explicitly tell Dovecot the full
# location.
#
# If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u)
# isn't enough. You'll also need to tell Dovecot where the other mailboxes are
# kept. This is called the "root mail directory", and it must be the first
# path given in the mail_location setting.
#
# There are a few special variables you can use, eg.:
#
#   %u - username
#   %n - user part in user@domain, same as %u if there's no domain
#   %d - domain part in user@domain, empty if there's no domain
#   %h - home directory
#
# See doc/wiki/Variables.txt for full list. Some examples:
#
#   mail_location = maildir:~/Maildir
#   mail_location = mbox:~/mail:INBOX=/var/mail/%u
#   mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
#
# <doc/wiki/MailLocation.txt>
#
#mail_location = 
mail_location = maildir:~/Maildir

設定ファイル（/etc/dovecot/conf.d/10-auth.conf）の編集

# vim /etc/dovecot/conf.d/10-auth.conf

• プレインテキスト認証の追加

# Disable LOGIN command and all other plaintext authentications unless
# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
# matches the local IP (ie. you're connecting from the same computer), the
# connection is considered secure and plaintext authentication is allowed.
# See also ssl=required setting.
#disable_plaintext_auth = yes
disable_plaintext_auth = no

設定ファイル（/etc/dovecot/conf.d/10-ssl.conf）の編集

# vim /etc/dovecot/conf.d/10-ssl.conf

• SSL接続の無効化

# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
# disable plain pop3 and imap, allowed are only pop3+TLS, pop3s, imap+TLS and imaps
# plain imap and pop3 are still allowed for local connections
#ssl = required
ssl = no

dovecotの起動

• 起動

# systemctl start dovecot

• 自動起動設定

# systemctl enable dovecot

メールユーザの追加

• adminユーザの追加

# useradd -s /sbin/nologin admin

• パスワード変更

# passwd admin
ユーザー admin のパスワードを変更。
新しいパスワード:
新しいパスワードを再入力してください:
passwd: すべての認証トークンが正しく更新できました。

• Auth用ユーザ設定

# echo "[パスワード]" | saslpasswd2 -p -u linux.sample.com -c admin

• 反映確認

# sasldblistusers2
admin@linux.sample.com: userPassword

• 権限変更（sasldb2からpostfixに変更する）

# chgrp postfix /etc/sasldb2

完了！

• 使っているメールアカウントで疎通を確認する

ex.

メールアドレス: admin@sample.com
パスワード: [設定したパスワード]
アカウントの種類: POP
受信用メールサーバ: mail.sample.com
送信用メールサーバ: mail.sample.com