Postfix SMTP身份验证完整方案解析


关键词

Postfix SMTP身份验证完整方案解析

摘要

实现的功能:
------------------------------------------------------------------------------------------------
来源                   目的             条件
------------------------------------------------------------------------------------------------
From: 本地域         To: 任何地址     必须认证且验证用户和From:必须一致
From: 任何非本地地址     To: 本地地址     无需认证
From: 任何非本地       To: 任何地址     拒绝
------------------------------------------------------------------------------------------------
打开 main.cf (注意加粗部分的参数设置)
------------------------------------------------------------------------------------------------
###################BASE##################
myhostname=_HOSTNAME_
mydomain = _DOMAIN_
mydestination = $myhostname
local_recipient_maps =
command_directory = /usr/local/sbin
#local_transport = virtual
smtpd_banner = _DOMAIN_ ESMTP Mail System
message_size_limit = 14680064
#mailbox_size_limit = 512000000
#################MySQL################
virtual_alias_maps =mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:125
virtual_uid_maps = static:125
#virtual_minimum_uid = 125
virtual_mailbox_base = /home/data/domains
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_transport = virtual

################Quota################
virtual_create_maildirsize = yes

实现的功能:
------------------------------------------------------------------------------------------------
来源                   目的             条件
------------------------------------------------------------------------------------------------
From: 本地域         To: 任何地址     必须认证且验证用户和From:必须一致
From: 任何非本地地址     To: 本地地址     无需认证
From: 任何非本地       To: 任何地址     拒绝
------------------------------------------------------------------------------------------------
打开 main.cf (注意加粗部分的参数设置)
------------------------------------------------------------------------------------------------
###################BASE##################
myhostname=_HOSTNAME_
mydomain = _DOMAIN_
mydestination = $myhostname
local_recipient_maps =
command_directory = /usr/local/sbin
#local_transport = virtual
smtpd_banner = _DOMAIN_ ESMTP Mail System
message_size_limit = 14680064
#mailbox_size_limit = 512000000
#################MySQL################
virtual_alias_maps =mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:125
virtual_uid_maps = static:125
#virtual_minimum_uid = 125
virtual_mailbox_base = /home/data/domains
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_transport = virtual

################Quota################
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/usr/local/etc/postfix/mysql_virtual_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry,the user's Maildir has overdrawn his diskspace quota ,please tray again later.
virtual_overquota_bounce = yes

##############SASL####################
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes

smtpd_recipient_restrictions =
   permit_mynetworks,
   permit_sasl_authenticated,
   reject_unknown_sender_domain,
   reject_non_fqdn_sender,
   reject_non_fqdn_recipient,
   reject_unknown_recipient_domain,
   reject_unauth_pipelining,
   reject_unauth_destination,
   permit

#列出本地用户的列表,以便验证 From: 本地域 To: 本地域
smtpd_sender_login_maps =
   mysql:/usr/local/etc/postfix/mysql_virtual_sender_maps.cf,
   mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf


smtpd_reject_unlisted_sender = yes

#本地域向本地域发信也需要SMTP身份验证
smtpd_sender_restrictions =
   reject_sender_login_mismatch,
   reject_authenticated_sender_login_mismatch,
   reject_unauthenticated_sender_login_mismatch


content_filter = smtp-amavis:[127.0.0.1]:10024

readme_directory = no
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
html_directory = no
setgid_group = maildrop
manpage_directory = /usr/local/man
daemon_directory = /usr/local/libexec/postfix
newaliases_path = /usr/local/bin/newaliases
mailq_path = /usr/local/bin/mailq
queue_directory = /var/spool/postfix
mail_owner = postfix

------------------------------------------------------------------------------------------------
通过MYSQL查询获得本地接收的邮件地址列表。
mysql:/etc/postfix/mysql_virtual_alias_user_maps.cf
mysql:/etc/postfix/mysql_virtual_user_maps.cf
------------------------------------------------------------------------------------------------

mysql_virtual_alias_maps.cf
------------------------------------------------------------------------------------------------
user = extmail
password = _PASSWD_
hosts = localhost
dbname = extmail
table = alias
select_field = goto
where_field = address
additional_conditions = AND active = '1'

------------------------------------------------------------------------------------------------


mysql_virtual_sender_maps.cf
------------------------------------------------------------------------------------------------
user = extmail
password = _PASSWD_
hosts = localhost
dbname = extmail
table = mailbox
select_field = username
where_field = username
additional_conditions = AND active = '1'




以上文章也是参考了网上的一些文章后完成的一些设置,希望对你有点帮助!

   

 

要饭二维码

洪哥写文章很苦逼,如果本文对您略有帮助,可以扫描下方二维码支持洪哥!金额随意,先行谢过!大家的支持是我前进的动力!

文章的版权

本文属于“洪哥笔记”原创文章,转载请注明来源地址:Postfix SMTP身份验证完整方案解析:http://www.splaybow.com/post/130641240120085058.html

如果您在服务器运维、网络管理、网站或系统开发过程有需要提供收费服务,请加QQ:115085382!十年运维经验,帮您省钱、让您放心!
亲,如果有需要,先存起来,方便以后再看啊!加入收藏夹的话,按Ctrl+D

« postfix中限制认证用户使用的sender address 正确配置Postfix阻止垃圾邮件进服务器 »

相关文章:

腾讯企业邮箱POP,SMTP分别是什么  (2014/9/4 8:23:19)

邮件服务器架设  (2014/3/9 13:27:43)

winwebmail邮局附件大小  (2014/3/8 10:13:12)

Exchange服务器快速恢复的步骤  (2013/10/24 14:04:36)

使域名DNS解析支持DKIM  (2013/5/27 16:45:56)

邮局使用SPF  (2013/5/24 12:27:46)

用telnet来理解SMTP协议  (2013/5/24 12:23:38)

qmail+vpopmail+squirrelmail 安装经验谈  (2013/9/6 10:59:41)

LINUX中的QMail邮件安全问题  (2013/9/5 10:59:12)

用qmail/vpopmail/courier-imap/qmail-scanner/igenus打造邮件系统  (2013/8/31 10:59:13)