See also[edit]
/etc/postfix/main.cf†[edit]
- inet_interfaces = all が必要 (localhost のみの場合,locahost 以外の名前で接続できない)
- ブラックリスト
smtpd_client_restrictions = permit_mynetworks,
reject_invalid_hostname,
reject_rbl_client all.rbl.jp,
reject_rbl_client bl.spamcop.net,
# reject_rbl_client zen.spamhaus.org,
permit
Submission port (587) with STARTTLS†[edit]
/etc/postfix/main.cf†[edit]
smtpd_tls_key_file = /etc/postfix/tls/private.key
smtpd_tls_cert_file = /etc/postfix/tls/server.crt
#
#
# SASL
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
#smtpd_sasl_local_domain = $mydomain
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
/etc/postfix/master.cf†[edit]
submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
- smtpd_tls_security_level=may とすると TLSを使用しないモードも使用可能(危険)
firewalld†[edit]
- firewall-cmd --add-service=smtp --permanent
- firewall-cmd --add-service=smtp-submission --permanent
- firewall-cmd --reload
SMTPS port (465) with SSL/TLS†[edit]
sasl, TLS 関連は submission ポートに同じ†[edit]
- Submission ポートと同時に動かすことも可能
/etc/postfix/master.cf†[edit]
smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
firewalld†[edit]
- firewall-cmd --add-service=smtps --permanent
- firewall-cmd --reload
/var/log/messages[edit]
sql_select option missing[edit]
auxpropfunc error no mechanism available[edit]
![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
