メールサーバー構築(Postfix+Dovecot)(AlmaLinux)

メインページ > Category:自宅サーバー > AlmaLinux 8 で自宅サーバー構築  > メールサーバー構築(Postfix+Dovecot)(AlmaLinux)

メールサーバーを構築する場合、送信メールサーバー(SMTPサーバー)と受信メールサーバー(POP/IMAPサーバー)の構築が必要となる。 ここでは、送信メールサーバーにはPostfix、受信メールサーバーにはDovecotを採用する。

Postfixインストール

Postfix をインストールして SMTPサーバーを構築します。 SMTP は 25/TCP を使用します。

Postfix は CentOS を「Minimal Install」した場合でもデフォルトでインストールされますが、もしインストールされていない場合はインストールしてください。

[root@host4 ~]# dnf -y install postfix

cyrus-sasl-plain と cyrus-sasl-md5 が、もしインストールされていない場合はインストールしてください。

[root@host4 ~]# dnf -y install cyrus-sasl-plain
[root@host4 ~]# dnf -y install cyrus-sasl-md5

Postfix設定

Postfix設定

[root@host4 ~]# vi /etc/postfix/main.cf　←　Postfix設定ファイル編集
# INTERNET HOST AND DOMAIN NAMES
# 
# The myhostname parameter specifies the internet hostname of this
# mail system. The default is to use the fully-qualified domain name
# from gethostname(). $myhostname is used as a default value for many
# other configuration parameters.
#
#myhostname = host.domain.tld
#myhostname = virtual.domain.tld
myhostname = mail.sudachi.jp　←　追加(自FQDN名を指定)

# The mydomain parameter specifies the local internet domain name.
# The default is to use $myhostname minus the first component.
# $mydomain is used as a default value for many other configuration
# parameters.
#
#mydomain = domain.tld
mydomain = sudachi.jp　←　追加(自ドメイン名を指定)
# SENDING MAIL
# 
# The myorigin parameter specifies the domain that locally-posted
# mail appears to come from. The default is to append $myhostname,
# which is fine for small sites.  If you run a domain with multiple
# machines, you should (1) change this to $mydomain and (2) set up
# a domain-wide alias database that aliases each user to
# user@that.users.mailhost.
#
# For the sake of consistency between sender and recipient addresses,
# myorigin also specifies the default domain name that is appended
# to recipient addresses that have no @domain part.
#
#myorigin = $myhostname
#myorigin = $mydomain
myorigin = $mydomain　←　追加(ローカルからのメール送信時の送信元メールアドレス@以降にドメイン名を付加)

# RECEIVING MAIL

# The inet_interfaces parameter specifies the network interface
# addresses that this mail system receives mail on.  By default,
# the software claims all active interfaces on the machine. The
# parameter also controls delivery of mail to user@[ip.address].
#
# See also the proxy_interfaces parameter, for network addresses that
# are forwarded to us via a proxy or network address translator.
#
# Note: you need to stop/start Postfix when this parameter changes.
#
#inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
#inet_interfaces = localhost
inet_interfaces = all　←　変更(外部からのメール受信を許可)

#
# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS".
#
#mydestination = $myhostname, localhost.$mydomain, localhost
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain　←　変更(自ドメイン宛メールを受信できるようにする)
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
#       mail.$mydomain, www.$mydomain, ftp.$mydomain

# DELIVERY TO MAILBOX
#
# The home_mailbox parameter specifies the optional pathname of a
# mailbox file relative to a user's home directory. The default
# mailbox file is /var/spool/mail/user or /var/mail/user.  Specify
# "Maildir/" for qmail-style delivery (the / is required).
#
#home_mailbox = Mailbox
#home_mailbox = Maildir/
home_mailbox = Maildir/　←　追加(メールボックス形式をMaildir形式にする)

# SHOW SOFTWARE VERSION OR NOT
#
# The smtpd_banner parameter specifies the text that follows the 220
# code in the SMTP server's greeting banner. Some people like to see
# the mail version advertised. By default, Postfix shows no version.
#
# You MUST specify $myhostname at the start of the text. That is an
# RFC requirement. Postfix itself does not care.
#
#smtpd_banner = $myhostname ESMTP $mail_name
#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
smtpd_banner = $myhostname ESMTP unknown　←　追加(メールサーバーソフト名の隠蔽化)

## 以下を最終行へ追加
# SMTP-Auth設定
smtpd_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_mechanism_filter = plain
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions =
    permit_mynetworks
    permit_sasl_authenticated
    reject_unauth_destination

# 受信メールサイズ制限(10MB=10*1024*1024に制限)
message_size_limit = 10485760

SMTP-Auth設定

SMTP-Auth用ユーザ名、パスワードにシステムのユーザ名、パスワードを使用する場合)

[root@host4 ~]# dnf -y install cyrus-sasl　←　cyrus-saslインストール

[root@host4 ~]# systemctl start saslauthd　←　saslauthd起動

[root@host4 ~]# systemctl enable saslauthd　←　saslauthd自動起動設定

Postfixの文法チェック

[root@host4 ~]# postfix check
[root@host4 ~]#

エラーがないときは何も表示されません。

Postfixの起動

[root@host4 ~]# systemctl restart postfix
[root@host4 ~]# systemctl enable postfix

Postfixのメールログ確認

[root@host4 ~]# less /var/log/maillog

Dovecotインストール

Dovecot をインストールして POP/IMAP サーバーを構築します。 POP は 110/TCP, IMAP は 143/TCP を使用します。

[root@host4 ~]# dnf -y install dovecot

Dovecot設定

Dovecot設定

10-mail.conf編集

[root@host4 ~]# vi /etc/dovecot/conf.d/10-mail.conf

# Location for users' mailboxes. The default is empty, which means that Dovecot
# tries to find the mailboxes automatically. This won't work if the user
# doesn't yet have any mail, so you should explicitly tell Dovecot the full
# location.
#
# If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u)
# isn't enough. You'll also need to tell Dovecot where the other mailboxes are
# kept. This is called the "root mail directory", and it must be the first
# path given in the mail_location setting.
#
# There are a few special variables you can use, eg.:
#
#   %u - username
#   %n - user part in user@domain, same as %u if there's no domain
#   %d - domain part in user@domain, empty if there's no domain
#   %h - home directory
#
# See doc/wiki/Variables.txt for full list. Some examples:
#
#   mail_location = maildir:~/Maildir
#   mail_location = mbox:~/mail:INBOX=/var/mail/%u
#   mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
#
# <doc/wiki/MailLocation.txt>
#
#mail_location =
mail_location = maildir:~/Maildir　←　追加(メールボックス形式をMaildir形式とする)

10-auth.conf編集

[root@host4 ~]# vi /etc/dovecot/conf.d/10-auth.conf

# Disable LOGIN command and all other plaintext authentications unless
# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
# matches the local IP (ie. you're connecting from the same computer), the
# connection is considered secure and plaintext authentication is allowed.
#disable_plaintext_auth = yes
disable_plaintext_auth = no　←　追加(プレインテキスト認証を許可)

10-ssl.conf編集

[root@host4 ~]# vi /etc/dovecot/conf.d/10-ssl.conf

# SSL/TLS support: yes, no, required. 
# disable plain pop3 and imap, allowed are only pop3+TLS, pop3s, imap+TLS and imaps
# plain imap and pop3 are still allowed for local connections
ssl = no　←　SSL接続無効

Dovecot起動

[root@fost4 ~]# systemctl start dovecot　←　Dovecot起動

[root@host4 ~]# systemctl enable dovecot　←　Dovecot自動起動設定