目前很多云服务器都封死了25端口的out流量。无法发送邮件,如果要搭建邮局,就需要一个能发smtp的服务器做中转。
安装必备的包
sudo apt-get install postfix libsasl2-2 sasl2-bin libsasl2-modules db-util procmail libsasl2-modules-gssapi-heimdal
配置中转smtp用的端口
vim /etc/services
# 找到 `smtp 25/tcp mail`
# 在下面添加一行
smtp2 41067/tcp mail
配置 postfix
- 修改
/etc/postfix/main.cf
cd /etc/postfix/
mv main.cf main.cf.bak
vim main.cf
配置上下面的配置
inet_interfaces = all
compatibility_level = 3.6
# 这里配置面登录的ip,自行修改
mynetworks = 192.168.50.217/32,192.168.0.127/32,220.116.235.0/32
mydestination =
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
cyrus_sasl_config_path = /etc/postfix/sasl
header_checks = regexp:/etc/postfix/header_checks
smtpd_sasl_security_options = noanonymous
smtpd_client_restrictions = permit_mynetworks,permit_sasl_authenticated,reject
smtpd_sasl_authenticated_header = yes
smtpd_sender_restrictions = permit_mynetworks
smtpd_sasl_type = cyrus
smtpd_sasl_path = smtpd
inet_protocols = all
smtpd_tls_auth_only = no
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
recipient_delimiter = +
- 修改
/etc/postfix/master.cf
vim /etc/postfix/master.cf
# 注释掉 smtp inet n - y - - smtpd
# 添加下面一行,到smtp下面,为了安全性,需要开启chroot
smtp2 inet n - y - - smtpd
- 添加smtp认证
vim /etc/postfix/sasl/smtpd.conf
# 添加下面内容
pwcheck_method: saslauthd
mech_list: plain login
- 添加 header_checks
vim /etc/postfix/header_checks
# 添加下面内容
/^Received:/ IGNORE
/^X-Originating-IP:/ IGNORE
/^X-Mailer:/ IGNORE
/^User-Agent:/ IGNORE
- 拷贝配置到chroot目录
mkdir -p /var/spool/postfix/etc/postfix/sasl
cp /etc/postfix/header_checks /var/spool/postfix/etc/postfix/
cp /etc/postfix/sasl/smtpd.conf /var/spool/postfix/etc/postfix/sasl/
修改完成后,重载postfix配置
sudo postfix reload
配置 saslauthd
vim /etc/default/saslauthd
# 添加下面内容,使其服务能够开机自启动
START=yes
# 修改下面的字段
# 修改MECHANISMS 为 shadow,使用本地用户认证登录
MECHANISMS="shadow"
# 修改OPTIONS 为 chroot对应的配置
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
修改完成后重启saslauthd
sudo systemctl daemon-reload
sudo systemctl restart saslauthd.service
添加本地用户
我们创建test这个用户,设置密码为123456
useradd test
passwd test
通过telnet进行测试
服务器ip以 111.111.111.111为例子,用户名和密码,需要base64编码后发送。
scjtqs@scjtqs-mini10 ~ % telnet 111.111.111.111 41067
Trying 111.111.111.111...
Connected to 111.111.111.111.
Escape character is '^]'.
220 testhostname ESMTP Postfix
auth login
334 VXNlcm5hbWU6
dGVzdA==
334 UGFzc3dvcmQ6
MTIzNDU2
235 2.7.0 Authentication successful
quit
221 2.0.0 Bye
postfix 查看日志 方法
tail -f /var/log/syslog|grep postfix
微信扫一扫,打赏作者吧~