メールサーバーを構築する (SMTP - Postfix)

SMTP サーバーパッケージをインストールする

 SMTP サーバーパッケージ (postfix) は、yum コマンドを使用してインストールしますので、パッケージ管理の設定が完了していることを確認して下さい。

[ Fedora 8 / Fedora 7 ]

[root@web ~]# yum install postfix


SMTP サーバーの設定について

 SMTP サーバーの機能に関するオプション設定は、/etc/postfix/main.cf ファイルを編集します。

[ Fedora 8 / Fedora 7 ]

[root@web ~]# vi /etc/postfix/main.cf

# INTERNET HOST AND DOMAIN NAMES
#
# The myhostname parameter specifies the internet hostname of this
# mail system. The default is to use the fully-qualified domain name
# from gethostname(). $myhostname is used as a default value for many
# other configuration parameters.
#
ホスト名の設定
myhostname = web.i2kt.com

# The mydomain parameter specifies the local internet domain name.
# The default is to use $myhostname minus the first component.
# $mydomain is used as a default value for many other configuration
# parameters.
#
ドメイン名の設定
mydomain = i2kt.com

# SENDING MAIL
#
# The myorigin parameter specifies the domain that locally-posted
# mail appears to come from. The default is to append $myhostname,
# which is fine for small sites.  If you run a domain with multiple
# machines, you should (1) change this to $mydomain and (2) set up
# a domain-wide alias database that aliases each user to
# user@that.users.mailhost.
#
# For the sake of consistency between sender and recipient addresses,
# myorigin also specifies the default domain name that is appended
# to recipient addresses that have no @domain part.
#
メールドメインの設定
myorigin = $mydomain

# RECEIVING MAIL

# The inet_interfaces parameter specifies the network interface
# addresses that this mail system receives mail on.  By default,
# the software claims all active interfaces on the machine. The
# parameter also controls delivery of mail to user@[ip.address].
#
# See also the proxy_interfaces parameter, for network addresses that
# are forwarded to us via a proxy or network address translator.
#
# Note: you need to stop/start Postfix when this parameter changes.
#
メール受信インターフェースの設定
inet_interfaces = all
          :
         ( 中略 )
          :
# The mydestination parameter specifies the list of domains that this
# machine considers itself the final destination for.
#
# These domains are routed to the delivery agent specified with the
# local_transport parameter setting. By default, that is the UNIX
# compatible delivery agent that lookups all recipients in /etc/passwd
# and /etc/aliases or their equivalent.
#
# The default is $myhostname + localhost.$mydomain.  On a mail domain
# gateway, you should also include $mydomain.
#
# Do not specify the names of virtual domains - those domains are
# specified elsewhere (see VIRTUAL_README).
#
# Do not specify the names of domains that this machine is backup MX
# host for. Specify those names via the relay_domains settings for
# the SMTP server, or use permit_mx_backup if you are lazy (see
# STANDARD_CONFIGURATION_README).
#
# The local machine is always the final destination for mail addressed
# to user@[the.net.work.address] of an interface that the mail system
# receives mail on (see the inet_interfaces parameter).
#
# Specify a list of host or domain names, /file/name or type:table
# patterns, separated by commas and/or whitespace. A /file/name
# pattern is replaced by its contents; a type:table is matched when
# a name matches a lookup key (the right-hand side is ignored).
# Continue long lines by starting the next line with whitespace.
#
# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS".
#
内部メールと判断するメールドメインの設定
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
          :
         ( 中略 )
          :
# TRUST AND RELAY CONTROL

# The mynetworks parameter specifies the list of "trusted" SMTP
# clients that have more privileges than "strangers".
#
# In particular, "trusted" SMTP clients are allowed to relay mail
# through Postfix.  See the smtpd_recipient_restrictions parameter
# in postconf(5).
#
# You can specify the list of "trusted" network addresses by hand
# or you can let Postfix do it for you (which is the default).
#
# By default (mynetworks_style = subnet), Postfix "trusts" SMTP
# clients in the same IP subnetworks as the local machine.
# On Linux, this does works correctly only with interfaces specified
# with the "ifconfig" command.
#
# Specify "mynetworks_style = class" when Postfix should "trust" SMTP
# clients in the same IP class A/B/C networks as the local machine.
# Don't do this with a dialup site - it would cause Postfix to "trust"
# your entire provider's network.  Instead, specify an explicit
# mynetworks list by hand, as described below.
#
# Specify "mynetworks_style = host" when Postfix should "trust"
# only the local machine.
#
リレーするネットワークの設定
mynetworks_style = subnet

# Alternatively, you can specify the mynetworks list by hand, in
# which case Postfix ignores the mynetworks_style setting.
#
# Specify an explicit list of network/netmask patterns, where the
# mask specifies the number of bits in the network part of a host
# address.
#
# You can also specify the absolute pathname of a pattern file instead
# of listing the patterns here. Specify type:table for table-based lookups
# (the value on the table right-hand side is not used).
#
内部ネットワークアドレスとホストアドレスを指定
mynetworks = 192.168.0.0/24, 127.0.0.0/8

# The relay_domains parameter restricts what destinations this system will
# relay mail to.  See the smtpd_recipient_restrictions description in
# postconf(5) for detailed information.
#
# By default, Postfix relays mail
# - from "trusted" clients (IP address matches $mynetworks) to any destination,
# - from "untrusted" clients to destinations that match $relay_domains or
#   subdomains thereof, except addresses with sender-specified routing.
# The default relay_domains value is $mydestination.
#
# In addition to the above, the Postfix SMTP server by default accepts mail
# that Postfix is final destination for:
# - destinations that match $inet_interfaces or $proxy_interfaces,
# - destinations that match $mydestination
# - destinations that match $virtual_alias_domains,
# - destinations that match $virtual_mailbox_domains.
# These destinations do not need to be listed in $relay_domains.
#
# Specify a list of hosts or domains, /file/name patterns or type:name
# lookup tables, separated by commas and/or whitespace.  Continue
# long lines by starting the next line with whitespace. A file name
# is replaced by its contents; a type:name table is matched when a
# (parent) domain appears as lookup key.
#
# NOTE: Postfix will not automatically forward mail for domains that
# list this system as their primary or backup MX host. See the
# permit_mx_backup restriction description in postconf(5).
#
リレーするドメインの設定
relay_domains = $mydestination
          :
         ( 中略 )
          :
# DELIVERY TO MAILBOX
#
# The home_mailbox parameter specifies the optional pathname of a
# mailbox file relative to a user's home directory. The default
# mailbox file is /var/spool/mail/user or /var/mail/user.  Specify
# "Maildir/" for qmail-style delivery (the / is required).
#
メールボックス格納形式の設定
home_mailbox = Maildir/
          :
         ( 中略 )
          :
SMTP-AUTH (SASL の有効化)
smtpd_sasl_auth_enable = yes [ yes : 有効 | no : 無効 ]
smtpd_sasl_local_domain = $mydomain
不正中継の拒否
#smtpd_client_restrictions = permit_mynetworks,
#                            reject_rbl_client relays.ordb.org,
#                            permit
リレー制限の設定
#smtpd_recipient_restrictions = permit_mynetworks,
#                               permit_sasl_authenticated,
#                               reject_unauth_destination
smtpd_recipient_restrictions = permit_mynetworks,
                               permit_sasl_authenticated,
                               reject_unauth_destination,
                               reject_invalid_hostname,
                               reject_non_fqdn_hostname,
                               reject_non_fqdn_sender,
                               reject_non_fqdn_recipient,
                               reject_unknown_sender_domain,
                               reject_unknown_recipient_domain,
                               reject_rbl_client cbl.abuseat.org,
                               reject_rbl_client list.dsbl.org,
                               reject_rbl_client sbl.spamhaus.org,
                               reject_rbl_client pbl.spamhaus.org
                               permit

SMTP サーバーを起動する

 パッケージをインストールした段階では、セキュリティを考慮しているため自動起動されません。 Fedora システムの再起動後に SMTP サーバーを起動する場合には、自動起動の設定を行います。

[ Fedora 8 / Fedora 7 ]

SMTP サーバーを起動する

[root@web ~]# /etc/rc.d/init.d/postfix start

postfix を起動中:                                          [  OK  ]

SMTP サーバーの自動起動を設定する

[root@web ~]# chkconfig postfix on

[root@web ~]# chkconfig --list postfix

postfix         0:off   1:off   2:on    3:on    4:on    5:on    6:off

postfix サービス制御スクリプトの引数

 postfix サービスの制御スクリプトを使用する際、指定することのできる引数を下記に示します。

[ Fedora 8 / Fedora 7 ]

[root@web ~]# /etc/rc.d/init.d/postfix [ 引数 ]

start               postfix を起動する。
stop                postfix を停止する。
restart             postfix を再起動する。 (stop » startの順に実行される)
status              postfix のサービス状態を確認する。