星期四, 7月 15, 2010

[ 整理草稿 ] SUSE Linux 下的 postfix 小記

SUSE Linux 下的 postfix
說明文件
/usr/share/doc/packages/postfix/html/index.html

RedHat 下面的/etc/postfix/main.cf

[root@localhost postfix]# grep -v '^#' main.cf | grep -v '^queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
inet_interfaces = localhost
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES

SUSE Linux下面的 /etc/postfix/main.cf

linux-lab:/etc/postfix # egrep -v '^#|^$|^\ ' main.cf
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 550
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = maildrop
html_directory = /usr/share/doc/packages/postfix/html
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/packages/postfix/samples
readme_directory = /usr/share/doc/packages/postfix/README_FILES
inet_protocols = all
biff = no
mail_spool_directory = /var/mail
canonical_maps = hash:/etc/postfix/canonical
virtual_alias_maps = hash:/etc/postfix/virtual
virtual_alias_domains = hash:/etc/postfix/virtual
relocated_maps = hash:/etc/postfix/relocated
transport_maps = hash:/etc/postfix/transport
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
myhostname = linux-lab.example.com
program_directory = /usr/lib/postfix
inet_interfaces = 127.0.0.1 ::1
masquerade_domains =
mydestination = $myhostname, localhost.$mydomain
defer_transports =
mynetworks_style = subnet
disable_dns_lookups = no
relayhost =
mailbox_command =
mailbox_transport =
strict_8bitmime = no
disable_mime_output_conversion = no
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_client_restrictions =
smtpd_helo_required = no
smtpd_helo_restrictions =
strict_rfc821_envelopes = no
smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = no
smtpd_use_tls = no
smtp_use_tls = no
alias_maps = hash:/etc/aliases
mailbox_size_limit = 0
message_size_limit = 10240000

要注意的是
在main.cf有提到有很多參數都在SUSEconfig.postfix中設定

-----------------------------------------------------------------------
# NOTE: Many parameters have already been added to the end of this file
# by SuSEconfig.postfix. So take care that you don't uncomment
# and set a parameter without checking whether it has been added
# to the end of this file.
# -----------------------------------------------------------------------


script 在 /sbin/conf.d/SuSEconfig.postfix | grep -v '^\ '
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
inet_interfaces = localhost
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES

SUSE Linux下面的 /etc/postfix/main.cf

linux-lab:/etc/postfix # egrep -v '^#|^$|^\ ' main.cf
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 550
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = maildrop
html_directory = /usr/share/doc/packages/postfix/html
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/packages/postfix/samples
readme_directory = /usr/share/doc/packages/postfix/README_FILES
inet_protocols = all
biff = no
mail_spool_directory = /var/mail
canonical_maps = hash:/etc/postfix/canonical
virtual_alias_maps = hash:/etc/postfix/virtual
virtual_alias_domains = hash:/etc/postfix/virtual
relocated_maps = hash:/etc/postfix/relocated
transport_maps = hash:/etc/postfix/transport
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
myhostname = linux-lab.example.com
program_directory = /usr/lib/postfix
inet_interfaces = 127.0.0.1 ::1
masquerade_domains =
mydestination = $myhostname, localhost.$mydomain
defer_transports =
mynetworks_style = subnet
disable_dns_lookups = no
relayhost =
mailbox_command =
mailbox_transport =
strict_8bitmime = no
disable_mime_output_conversion = no
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_client_restrictions =
smtpd_helo_required = no
smtpd_helo_restrictions =
strict_rfc821_envelopes = no
smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = no
smtpd_use_tls = no
smtp_use_tls = no
alias_maps = hash:/etc/aliases
mailbox_size_limit = 0
message_size_limit = 10240000

要注意的是
在main.cf有提到有很多參數都在SUSEconfig.postfix中設定

-----------------------------------------------------------------------
# NOTE: Many parameters have already been added to the end of this file
# by SuSEconfig.postfix. So take care that you don't uncomment
# and set a parameter without checking whether it has been added
# to the end of this file.
# -----------------------------------------------------------------------


script 在 /sbin/conf.d/SuSEconfig.postfix

lab 測試:
1.
#vi /etc/sysconfig/postfix

註解原來的參數並使用範例(會反應在/etc/postfix/main.cf內的 mydestination)
POSTFIX_LOCALDOMAINS="\$myhostname, \$mydomain, localhost.\$mydomain"


2.使用/sbin/conf.d/SuSEconfig.postfix 來產生新的main.cf 檔
Warning! MD5DIR is not set: you probably called this script outside SuSEconfig...!
Using MD5DIR="/var/adm/SuSEconfig/md5"...
No changes for /etc/postfix/master.cf
Setting up postfix local as MDA...
Setting SPAM protection to "off"...
Installing new /etc/postfix/main.cf

(P.S 之前參考SUSE Linux Enterprise Server 10網管實戰寶典
內有提到會有產生main.cf.SuSEconfig, 實做上沒有觀察到)

3.比較一下修改之後與原來的main.cf差異
linux-lab:/etc/postfix # cat main.cf | grep ^mydes
mydestination = $myhostname, $mydomain, localhost.$mydomain

linux-lab:/etc/postfix # cat main.cf.bak | grep ^mydes
mydestination = $myhostname, localhost.$mydomain

就會發現剛剛設定的參數有反應在mydestination上面

4.在修改一下/etc/postfix/main.cf (註解只Listen 本機及加入mynetwork信任網段)
#vi /etc/postfix/main.cf

#inet_interfaces = 127.0.0.1 ::1
inet_interfaces = all
mynetworks = 10.10.36.0/24, 127.0.0.0/8

5.使用/usr/sbin/postfix check 檢查語法是否有錯 (如果沒有錯誤就沒有錯誤訊息)

linux-lab:/etc/postfix # /usr/sbin/postfix check
linux-lab:/etc/postfix #

6.重新啟動postfix

linux-lab:/etc/postfix # rcpostfix restart
Shutting down mail service (Postfix) done
Starting mail service (Postfix) done

7.觀察是否有對全部的ip 服務
linux-lab:/etc/postfix # netstat -tupln | grep :25

tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 4212/master
tcp 0 0 :::25 :::* LISTEN 4212/master

此時使用MUA 軟體(Outlook Express or Thunderbird)應該可以寄信
如果主機在mynetworks的範圍之類就可以Relay 原因為/etc/postfix/main.cf 中
smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination

但是不能收信 --> 因為pop服務尚未啟用

linux-lab:/etc/postfix # netstat -tupln | grep :110

8.開啟pop服務
先檢查是否有裝qpopper套件,如果沒有的話使用yast 安裝(需要有CD or internet source)
linux-lab:/etc/postfix # rpm -qa | grep qp
linux-lab:/etc/postfix # yast -i qpopper

此時會使用yast自動安裝
linux-lab:/etc/postfix # rpm -qa | grep qp
qpopper-4.0.8-13.2

但是port 110尚未Listen
linux-lab:/etc/postfix # netstat -tupln | grep :110
linux-lab:/etc/postfix #

qpopper 為以xinetd 為主的服務, 類似RedHat之前的pop3d

linux-lab:/etc/postfix # ls /etc/xinetd.d/
chargen cvs echo netstat rsync swat time-udp
chargen-udp daytime echo-udp pure-ftpd servers systat vnc
cups-lpd daytime-udp fam qpopper services time

目前的狀態為關閉
linux-lab:/etc/postfix # chkconfig qpopper --list
xinetd based services:
qpopper: off

啟用qpopper
linux-lab:/etc/postfix # chkconfig qpopper on
linux-lab:/etc/postfix # chkconfig qpopper --list
xinetd based services:
qpopper: on

但是port 110也是尚未Listen 因為要重新啟動xinetd才可以
linux-lab:/etc/postfix # netstat -tupln | grep :110
linux-lab:/etc/postfix # rcxinetd restart
Shutting down xinetd: done
Starting INET services. (xinetd) done

重新啟動之後就會發現port 110 有服務在 Listen
linux-lab:/etc/postfix # netstat -tupln | grep :110
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 6182/xinetd



此時使用MUA 軟體(Outlook Express or Thunderbird)應該可以收信

沒有留言: