檢查相關套件是否有安裝
[root@ns1 /]# rpm -qa | grep sasl
cyrus-sasl-plain-2.1.22-4
cyrus-sasl-lib-2.1.22-4
cyrus-sasl-md5-2.1.22-4
cyrus-sasl-2.1.22-4
[root@ns1 /]# rpm -qa | grep sasl
cyrus-sasl-plain-2.1.22-4
cyrus-sasl-lib-2.1.22-4
cyrus-sasl-md5-2.1.22-4
cyrus-sasl-2.1.22-4
有缺的話就用yum安裝
[root@ns1 /]#yum -y install xxxxxxx
啟動saslauthd
[root@ns1 /]# /etc/rc.d/init.d/saslauthd start
[root@ns1 /]# /etc/rc.d/init.d/saslauthd start
設定開機啟動saslauthd
[root@ns1 /]# chkconfig saslauthd on
[root@ns1 /]# chkconfig saslauthd on
在main.cf裡面加入下列設定
[root@ns1 /]# vi /etc/postfix/main.cf
[root@ns1 /]# vi /etc/postfix/main.cf
#SMTP限制
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions =
check_sender_access regexp:/etc/postfix/sender_checks
reject_non_fqdn_sender
permit_sasl_authenticated
check_relay_domains
permit_mynetworks
reject_unauth_destination
smtpd_client_restrictions = permit_sasl_authenticated
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions =
check_sender_access regexp:/etc/postfix/sender_checks
reject_non_fqdn_sender
permit_sasl_authenticated
check_relay_domains
permit_mynetworks
reject_unauth_destination
smtpd_client_restrictions = permit_sasl_authenticated
以下是功能說明
smtpd_sasl_auth_enable = yes 要啟動sasl認證
broken_sasl_auth_clients = yes 設定SASL支援非標準E-mail Client的認証動作
smtpd_sasl_security_options = no anonymous取消匿名登入
smtpd_recipient_restrictions = 根據接收來限制,以下是限制的項目
check_sender_access regexp:/etc/postfix/sender_checks 建立黑名單和白名單的功能
reject_non_fqdn_sender 用戶端的MAIL FROM命令若不是RFC要求的完整名稱則退信
permit_sasl_authenticated 允許SASL寄送
check_relay_domains 確認relay的區域
broken_sasl_auth_clients = yes 設定SASL支援非標準E-mail Client的認証動作
smtpd_sasl_security_options = no anonymous取消匿名登入
smtpd_recipient_restrictions = 根據接收來限制,以下是限制的項目
check_sender_access regexp:/etc/postfix/sender_checks 建立黑名單和白名單的功能
reject_non_fqdn_sender 用戶端的MAIL FROM命令若不是RFC要求的完整名稱則退信
permit_sasl_authenticated 允許SASL寄送
check_relay_domains 確認relay的區域
permit_mynetworks 允許本地網路寄送
reject_unauth_destination 不允許非認證來來源寄送
smtpd_client_restrictions = permit_sasl_authenticated 限制未經信任的 client 登入就啟動sasl認證
重新啟動postfix
[root@ns1 /]# /etc/rc.d/init.d/postfix restart
[root@ns1 /]# /etc/rc.d/init.d/postfix restart
檢查STMP認證是否設定正確,如果有LOGIN PLAIN就代表設定正確
[root@ns1 /]# telnet localhost 25Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 ms1.bear110.com ESMTP Postfix
ehlo localhost
250-ms1.bear110.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN DIGEST-MD5 PLAIN CRAM-MD5
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
[root@ns1 /]# telnet localhost 25Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 ms1.bear110.com ESMTP Postfix
ehlo localhost
250-ms1.bear110.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN DIGEST-MD5 PLAIN CRAM-MD5
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
在設定mail帳戶時
要打勾 我的外寄伺服器(SMTP)需要驗證
要打勾 我的外寄伺服器(SMTP)需要驗證
沒有留言:
張貼留言