How to configure a SMTP server in Red Hat Enterprise Linux
2017-04-16 16:43
1036 查看
Mail Transport Agents
Red Hat Enterprise Linux offers two primary MTAs: Postfix and Sendmail. Postfix is configured as the default MTA, although it is easy to switch the default MTA to Sendmail. To switch the default MTA to Sendmail, you can eitheruninstall Postfix or use the following command to switch to Sendmail:
~]# alternatives --config mta
You can also use a command in the following format to enable or disable the desired service:
chkconfig service_name on | off
1. Postfix
Originally developed at IBM by security expert and programmer Wietse Venema, Postfix is a Sendmail-compatible MTA that is designed to be secure, fast, and easy to configure.To improve security, Postfix uses a modular design, where small processes with limited privileges are launched by a master daemon. The smaller, less privileged processes perform very specific
tasks related to the various stages of mail delivery and run in a changed root environment to limit the effects of attacks.
Configuring Postfix to accept network connections from hosts other than the local computer takes only a few minor changes in its configuration file. Yet for those with more complex needs, Postfix provides a variety of configuration
options, as well as third party add-ons that make it a very versatile and full-featured MTA.
The configuration files for Postfix are human readable and support upward of 250 directives. Unlike Sendmail, no macro processing is required for changes to take effect and the majority of the most commonly used options are
described in the heavily commented files.
1.1. The Default Postfix Installation
The Postfix executable is /usr/sbin/postfix.
This daemon launches all related processes needed to handle mail delivery.
Postfix stores its configuration files in the
/etc/postfix/directory.
The following is a list of the more commonly used files:
access—
Used for access control, this file specifies which hosts are allowed to connect to Postfix.
main.cf—
The global Postfix configuration file. The majority of configuration options are specified in this file.
master.cf—
Specifies how Postfix interacts with various processes to accomplish mail delivery.
transport—
Maps email addresses to relay hosts.
The
aliasesfile
can be found in the
/etc/directory.
This file is shared between Postfix and Sendmail. It is a configurable list required by the mail protocol that describes user ID aliases.
Configuring Postfix as a server for other clients
The default
/etc/postfix/main.cffile
does not allow Postfix to accept network connections from a host other than the local computer. For instructions on configuring Postfix as a server for other clients, see Section 19.3.1.2,
“Basic Postfix Configuration”.
Restart the
postfixservice
after changing any options in the configuration files under the
/etc/postfixdirectory
in order for those changes to take effect:
~]# [code]service postfix restart[/code]
1.2. Basic Postfix Configuration
By default, Postfix does not accept network connections from any host other than the local host. Perform the following steps as rootto
enable mail delivery for other hosts on the network:
Edit the
/etc/postfix/main.cffile
with a text editor, such as
vi.
Uncomment the
mydomainline
by removing the hash sign (
#),
and replace domain.tld with the domain the mail server is servicing, such as
example.com.
Uncomment the
myorigin = $mydomainline.
Uncomment the
myhostnameline,
and replace host.domain.tld with the host name for the machine.
Uncomment the
mydestination = $myhostname, localhost.$mydomainline.
Uncomment the
mynetworksline,
and replace 168.100.189.0/28 with a valid network setting for hosts that can connect to the server.
Uncomment the
inet_interfaces = allline.
Comment the
inet_interfaces = localhostline.
Restart the
postfixservice.
Once these steps are complete, the host accepts outside emails for delivery.
Postfix has a large assortment of configuration options. One of the best ways to learn how to configure Postfix is to read the comments within the
/etc/postfix/main.cfconfiguration
file. Additional resources including information about Postfix configuration, SpamAssassin integration, or detailed descriptions of the
/etc/postfix/main.cfparameters
are available online at http://www.postfix.org/.
1.2.1. Configuring Postfix to Use Transport Layer Security
Configuring postfix to use transport layer security (TLS) is described in the Red Hat Knowledgebase solution How
to configure postfix with TLS?
Important
Due to the vulnerability described in Resolution
for POODLE SSL 3.0 vulnerability (CVE-2014-3566) in Postfix and Dovecot, Red Hat recommends disabling
SSL,
if it is enabled, and using only
TLSv1.1or
TLSv1.2.
Backwards compatibility can be achieved using
TLSv1.0.
Many products Red Hat supports have the ability to use
SSLv2or
SSLv3protocols.
However, the use of
SSLv2or
SSLv3is
now strongly recommended against.
1.3. Using Postfix with LDAP
Postfix can use an LDAPdirectory
as a source for various lookup tables (e.g.:
aliases,
virtual,
canonical,
etc.). This allows
LDAPto
store hierarchical user information and Postfix to only be given the result of
LDAPqueries
when needed. By not storing this information locally, administrators can easily maintain it.
1.3.1. The /etc/aliases lookup example
The following is a basic example for using
LDAPto
look up the
/etc/aliasesfile.
Make sure your
/etc/postfix/main.cffile
contains the following:
alias_maps = hash:/etc/aliases, ldap:/etc/postfix/ldap-aliases.cf
Create a
/etc/postfix/ldap-aliases.cffile
if you do not have one already and make sure it contains the following:
server_host = ldap.example.com search_base = dc=example, dc=com
where
ldap.example.com,
example,
and
comare
parameters that need to be replaced with specification of an existing available
LDAPserver.
The /etc/postfix/ldap-aliases.cf file
The
/etc/postfix/ldap-aliases.cffile
can specify various parameters, including parameters that enable
LDAP
SSLand
STARTTLS.
For more information, see the
ldap_table(5)man
page.
For more information on
LDAP,
see Section 20.1,
“OpenLDAP”.
相关文章推荐
- How do I configure vncserver to start GNOME or KDE by default in Red Hat Enterprise Linux ?
- How to create Oracle ASM devices using device-mapper multipath devices in Red Hat Enterprise Linux 6
- How To Install And Configure Ganglia On Red Hat Enterprise Linux 5---YUM 安装篇
- How to configure Virtual Network Computing (VNC) to work with Red Hat Enterprise Linux?
- Howto Red hat enterprise Linux 5 configure the network card
- How do I configure the iscsi-initiator in Red Hat Enterprise Linux 5?
- Howto Red hat enterprise Linux 5 configure the network card
- How to use, monitor, and disable transparent hugepages in Red Hat Enterprise Linux 6
- How do I add more disk space to a virtual guest using LVM on Red Hat Enterprise Linux?
- Configure Always On Availability Group for SQL Server on RHEL——Red Hat Enterprise Linux上配置SQL Server Always On Availability Group
- Configure Red Hat Enterprise Linux shared disk cluster for SQL Server
- Configure Red Hat Enterprise Linux shared disk cluster for SQL Server
- Configure Red Hat Enterprise Linux shared disk cluster for SQL Server
- How do I add raw device mapping in Red Hat Enterprise Linux 5?
- Configure Red Hat Enterprise Linux shared disk cluster for SQL Server
- How to configure dns slave server in Linux
- How to configure samba server in Linux Print
- How to rebuild RPM database on a Red Hat Enterprise Linux system?
- Configure Red Hat Enterprise Linux shared disk cluster for SQL Server
- How to mount Windows share on Red Hat Enterprise Linux system using CIFS