우분투12 에서 postfix , libsasl2, courier-pop , courier-imap 설치하기
로빈아빠
본문
우분투12 에서 postfix , libsasl2, courier-pop , courier-imap 설치하기
1. 설치
apt-get install postfix sasl2-bin
apt-get install libsasl2-modules sasl2-bin <-- 이부분 필요여부 미확인
2. 설정
dpkg-reconfigure postfix
3. SMTP 인증
TLS를 위하여 디지털 인증서를 생성, 설정
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
278 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus
....................................++++++
.......................++++++
e is 65537 (0x10001)
Enter pass phrase for smtpd.key:
Verifying - Enter pass phrase for smtpd.key:
$ chmod 600 smtpd.key
$ openssl req -new -key smtpd.key -out smtpd.csr
Enter pass phrase for smtpd.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
$ openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
Signature ok
subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
Getting Private key
Enter pass phrase for smtpd.key:
$ openssl rsa -in smtpd.key -out smtpd.key.unencrypted
Enter pass phrase for smtpd.key:
writing RSA key
$ mv -f smtpd.key.unencrypted smtpd.key
$ openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
Generating a 1024 bit RSA private key
.........++++++
..........++++++
writing new private key to 'cakey.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []:
---------------
cp smtpd.key /etc/ssl/private/
cp smtpd.crt /etc/ssl/certs/
cp cakey.pem /etc/ssl/private/
cp cacert.pem /etc/ssl/certs/
-----------------------
vi /etc/postfix/main.cf 설정 확인
postconf -e "mailbox_command = "
postconf -e 'smtpd_sasl_local_domain ='
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
postconf -e 'inet_interfaces = all'
postconf -e 'smtpd_tls_auth_only = no'
postconf -e 'smtp_use_tls = yes'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtp_tls_note_starttls_offer = yes'
postconf -e 'smtpd_tls_key_file = /etc/ssl/private/smtpd.key'
postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt'
postconf -e 'smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem'
postconf -e 'smtpd_tls_loglevel = 1'
postconf -e 'smtpd_tls_received_header = yes'
postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
postconf -e 'tls_random_source = dev:/dev/urandom'
postconf -e 'myhostname = mail.example.com'
echo 'pwcheck_method: saslauthd' >> /etc/postfix/sasl/smtpd.conf
echo 'mech_list: plain login' >> /etc/postfix/sasl/smtpd.conf
/etc/init.d/postfix restart
4) SASL 설정하기
SASL를 제대로 사용하기 위해서는 수정해야 할 것이 몇 가지 있습니다. Postfix는 /var/spool/postfix 내에 chroot된 상태로 동작하기 때문에, SASL 역시 그 chroot된 환경 내에서 동작할 수 있도록 설정해야합니다(/var/run/saslauthd 대신에 /var/spool/postfix/var/run/saslauthd가 됩니다). 다음 명령을 입력하십시오:
mkdir -p /var/spool/postfix/var/run/saslauthd
rm -rf /var/run/saslauthd
vi /etc/default/saslauthd
START=yes
PWDIR="/var/spool/postfix/var/run/saslauthd"
PARAMS="-m ${PWDIR}"
PIDFILE="${PWDIR}/saslauthd.pid"
MECHANISMS="pam"
dpkg-statoverride --force --update --add root sasl 755 /var/spool/postfix/var/run/saslauthd
/etc/init.d/saslauthd restart
5) 테스팅
telnet mail.example.com 25
ehlo mail.example.com
아래 명령이 나와야 함
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
courier IMAP와 POP3설치
sudo apt-get install courier-pop
sudo apt-get install courier-imap
Maildir 설정
maildirmake /etc/skel/Maildir
maildirmake /etc/skel/Maildir/.Drafts
maildirmake /etc/skel/Maildir/.Sent
maildirmake /etc/skel/Maildir/.Trash
maildirmake /etc/skel/Maildir/.Templates
각 사용자에 대해서
cp -r /etc/skel/Maildir /home/myuser/
chown -R myuser:usergroup /home/myuser/Maildir
chmod -R 700 /home/myuser/Maildir
telnet localhost 110
명령을 수행하고
USER your id
PASS your password
Test
smtp 테스트
$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.comingmedia.com ESMTP Postfix (Ubuntu)
ehlo yourdomain.com
250-mail.yourdomain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: root@yourdomain.com
250 2.1.0 Ok
rcpt to: jhanglim@yourdomain.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
Subject: My first mail
Hi,
. (and Enter In a new Line)
250 2.0.0 Ok: queued as C515B863FC
quit
221 2.0.0 Bye
Connection closed by foreign host.
jhanglim에게 메일이 정상적으로 도착했는지 확인
su - fmaster
cd Maildir/new
ls
만약 pop3클라이언트(예 : 선더버드)가 동작하고 있다면 Maildir/new폴더가 아니라 Maildir/cur 폴더에 파일이 있을것이다.
이유 : 이미 po3클라이언트가 메일을 받아갔으므로 새로운 메세지가 아니다.
pop3 확인
$ telnet localhost pop3
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK Hello there.
user <user ID>
+OK Password required.
pass <user Password>
+OK logged in.
imap 확인
$ telnet localhost imap
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc. See COPYING for distribution information.
imap login <user ID> <user password>
imap OK LOGIN Ok.
사용자의 .forward 파일
다음 예와 같이 하면 메일은 자신(cur_user)에게도 가고 forward_user@gmail.com에게도 간다.
예)
$ su - cur_user
$ touch .forward
$ vi .forward
cur_user
forward_user@gmail.com
댓글목록
등록된 댓글이 없습니다.