【Dovecot】CentOS 6 下Postfix+Dovecot邮件服务器配置
一、删除系统自带的sendmail
yum remove sendmail或者
rpm -e sendmail
二、安装crontabs(计划任务)服务
yum install crontabs
service crond start
chkconfig crond on
三、安装postfix
如果yum提示找不到软件包,请换一下源,请参考centos 6推荐使用epel源(http://blog.51yip.com/linux/1337.html)
yum install postfix
四、更改默认邮件传输代理(MTA)
alternatives --config mta
There are 2 programs which provide 'mta'. (共有 1 个程序提供“mta”。)
Selection Command1 /usr/sbin/sendmail.exim
*+ 2 /usr/sbin/sendmail.postfix
按 Enter 来保存当前选择[+],或键入选择号码:2
Enter to keep the current selection[+], or type selection number: 2
五、安装Dovecot
yum install dovecot -y
六、相关配置
1、postfix主配置文件main.cf
vi /etc/postfix/main.cf配置如下:
// 76行,将等号后面的部分改写为本机主机名
myhostname = mail.kyzy.cc
// 82行,设置域名
mydomain = kyzy.cc
// 97行,把$myhostname改为$mydomain
myorigin = $mydomain
// 112行,把后面的localhost改成all
inet_interfaces = all
// 163行,把前面的注释拿掉,并加一下$mydomain
mydestination = $myhostname, localhost.$mydomain, localhost,$mydomain
// 209行,把前面的注释拿掉。
local_recipient_maps =
// 257行 Postfix默认将子网内的机器设置为可信任机器,如果只信任本机,就设置为host
mynetworks_style = host
// 263行,设置内网和本地IP
mynetworks = 受信任的IP地址,千万不要用0.0.0.0/0,不然分分钟就变成垃圾邮件中转服务器
// 303行 配置哪些地址的邮件能够被Postfix转发,当然是mydomain的才能转发,否则其他人都可以用这台邮件服务器转发垃圾邮件了
relay_domains = $mydomain
// 426行,设置邮件收取目录(【注意】dovecot的10-mail.conf中的mail_location=maildir:~/Maildir虽然位置代表同一个,但是设置的值却不是一样的)
home_mailbox = Maildir/
// 568行,把前面的注释拿掉
smtpd_banner = $myhostname ESMTP $mail_name
在main.cf文件的底部加上以下内容:
# 邮件大小10M
message_size_limit = 10485760
# 邮箱大小1G
mailbox_size_limit = 1073741824
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions=permit_mynetworks,permit_auth_destination,permit_sasl_authenticated,reject
2、Dovecot配置
vi /etc/dovecot/dovecot.conf配置如下:
# 26行: 如果不使用IPv6,请修改为*
listen = *继续
vi /etc/dovecot/conf.d/10-auth.conf配置如下:
# 9行: 取消注释并修改
disable_plaintext_auth = no
# 97行: 添加
auth_mechanisms = plain login继续
vi /etc/dovecot/conf.d/10-mail.conf配置如下:
# 30行: 取消注释并添加(postfix的main.cf中的home_mailbox是Maildir/,两个位置一样,但值并不一样)
mail_location = maildir:~/Maildir继续
vi /etc/dovecot/conf.d/10-master.conf配置如下:
# 88-90行: 取消注释并添加Postfix smtp验证
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}启动服务
chkconfig postfix on
chkconfig dovecot on
service dovecot restart
service postfix restart
3、测试Dovecot
telnet 127.0.0.1 143如下
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
继续输入尝试登录(用户名、密码)
a login noreply passwd1234
想要退出则输入
e logout
测试安全连接
openssl s_client -connect 127.0.0.1:993
CONNECTED(00000003) depth=0 OU = IMAP server, CN = imap.example.com,
emailAddress = [email protected] verify error:num=18:self signed
certificate verify return:1 depth=0 OU = IMAP server, CN =
imap.example.com, emailAddress = [email protected] verify
return:1Certificate chain 0 s:/OU=IMAP
server/CN=imap.example.com/emailAddress=[email protected]
i:/OU=IMAP
server/CN=imap.example.com/emailAddress=[email protected]Server certificate
-----BEGIN CERTIFICATE----- MIICQzCCAaygAwIBAgIJAPk/RyVMY3QOMA0GCSqGSIb3DQEBBQUAMFgxFDASBgNV
BAsTC0lNQVAgc2VydmVyMRkwFwYDVQQDExBpbWFwLmV4YW1wbGUuY29tMSUwIwYJ
KoZIhvcNAQkBFhZwb3N0bWFzdGVyQGV4YW1wbGUuY29tMB4XDTE4MDkxNzAyMzAy
MVoXDTE5MDkxNzAyMzAyMVowWDEUMBIGA1UECxMLSU1BUCBzZXJ2ZXIxGTAXBgNV
BAMTEGltYXAuZXhhbXBsZS5jb20xJTAjBgkqhkiG120BCQEWFnBvc3RtYXN0ZXJA
ZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMxuZXvz+1B/
92GJaPlxAEdMSpVHMme7EsV2GxCv8U3SvDa0LJDBYN50giatl0pLBmevcc76vcUe
Gl0cZq0egsRqkp/GFwJgDQdUeXNUG5I8RJV7/EyUM/nFCCtGdgYOghGW3eauK/JT
QLJ7bPT1HJY5i65nwD8WILM1SI4n9rELAgMBAAGjFTATMBEGCWCGSAGG+EIBAQQE
AwIGQDANBgkqhkiG9w0BAQUFAAOBgQABXDoU3mNqdRvHD9lEO+Rksw4t5CO4k9M6
UuQ+PbU5N4Mc5eeJrD/4YUJsh1Vexyu57hFJCZO2/rSln4Pn7LyrZTTjmxwW9qhd
EATx7vM3OxIXwtXvPLFT3obKz7M/zrbHpefljwJNRQuzYUiLjU0dzhY5KopL8owj
e76Lvz2aLg==
-----END CERTIFICATE----- subject=/OU=IMAP server/CN=imap.example.com/emailAddress=[email protected]
issuer=/OU=IMAP
server/CN=imap.example.com/emailAddress=[email protected]
--- No client certificate CA names sent Server Temp Key: DH, 1024 bits
--- SSL handshake has read 1300 bytes and written 439 bytes
--- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-GCM-SHA384 Server public key is 1024 bit Secure Renegotiation IS supported Compression:
NONE Expansion: NONE SSL-Session:
Protocol : TLSv1.2
Cipher : DHE-RSA-AES256-GCM-SHA384
Session-ID: 2EFC38F532102EB31B5860258042EA1ED4D5089D7591949E122BA6B93ED3A637
Session-ID-ctx:
Master-Key: 4EC0AA573AE2EB28FD4D667F98ECB255765B07A436C0F031F2C8AFE11E509C1CDA11FD0FFB4AF9FEDB15E1E7C3867FBC
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 12 fa 1c 05 e5 f2 a1 58-5d 36 41 cd aa 3c 83 88 .......X]6A..<..
0010 - e6 c3 16 61 33 2f cd 40-0b 97 2e bf 22 66 3d 4c ...a3/.@...."f=L
0020 - 6d a0 c9 68 b8 3d db ce-5c 91 33 0f 66 51 cc 81 m..h.=...3.fQ..
0030 - ef 17 a1 8c c7 9c e0 9f-35 16 b0 90 46 72 a2 22 ........5...Fr."
0040 - ef c6 a1 5f 7d ea dc 96-4a 94 38 46 b5 42 27 08 ..._}...J.8F.B'.
0050 - ba 8a 66 b3 6d ce 69 5a-98 ec 2e ca 32 66 66 37 ..f.m.iZ....2ff7
0060 - 7f 3d ff 40 03 77 97 a7-e9 8f 1a 7d 46 9f ae d2 [email protected].....}F...
0070 - 8f 5a 15 01 02 e8 50 2d-79 4e 1d 29 b5 be f3 e2 .Z....P-yN.)....
0080 - 23 fb d5 a6 c3 33 30 13-32 a1 94 26 16 cd 36 48 #....30.2..&..6H
0090 - 5c 7e be ed 5e 79 2e 39-3b 7d fc 37 79 90 c4 bc \~..^y.9;}.7y...
Start Time: 1537157029
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
七、测试收发邮件
测试前添加一下DNS
@或者空 MX 默认 优先级10 mail.kyzy.cc
八、配置邮件客户端foxmail
账号不要加后缀名(@kyzy.cc),phpmailer中使用也是不要加后缀名。
如果发件人是[email protected]想改成[email protected]则需要增加系统用户noreply,因为postfix用户其实就是linux系统用户
本作品采用 知识共享署名-相同方式共享 4.0 国际许可协议 进行许可。
评论已关闭