?>
8.dovecotでpopまたはimapのインストール # yum -y install dovecot # cd /etc/pki/tls/certs/ ← ディレクトリ移動 # openssl req -newkey rsa:1024 -keyout mail.dovecot_key.pem -nodes -x509 -days 365 -out mail.dovecot.pem Generating a 1024 bit RSA private key .....++++++ ....................++++++ writing new private key to '/tmp/openssl.C28807' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [GB]:JP ← 国名応答 State or Province Name (full name) [Berkshire]:Tokyo ← 都道府県名応答 Locality Name (eg, city) [Newbury]:Itabashi-ku ← 市区町村名応答 Organization Name (eg, company) [My Company Ltd]:mail.mydomain.com ← サイト名応答(なんでもいい) Organizational Unit Name (eg, section) []: ← 空ENTER Common Name (eg, your name or your server's hostname) []:mail.mydomain.com ← メールサーバー名応答※ Email Address []:xxxx@mydomain.com ← 管理者メールアドレス応答 # vi /etc/dovecot/conf.d/10-ssl.conf ← DovecotSSL設定ファイル編集 # SSL/TLS support: yes, no, required. #ssl = yes ssl = yes ← TLS通信の有効化 # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before # dropping root privileges, so keep the key file unreadable by anyone but # root. Included doc/mkcert.sh can be used to easily generate self-signed # certificate, just make sure to update the domains in dovecot-openssl.cnf ssl_cert = </etc/pki/tls/certs/mail.dovecot.pem ← サーバー証明書を指定 ssl_key = </etc/pki/tls/certs/mail.dovecot_key.pem ← サーバー証明書を指定
9.postfixでmail smtpのインストール # yum -y install postfix # vi /etc/postfix/main.cf ← postfix設定ファイル(main)編集 smtpd_use_tls = yes smtpd_tls_cert_file = /etc/pki/tls/certs/mail.dovecot.pem smtpd_tls_key_file = /etc/pki/tls/certs/mail.dovecot_key.pem smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache # vi /etc/postfix/master.cf ← postfix設定ファイル(master)編集 #submission inet n - n - - smtpd ← 行頭に#を追加してコメントアウト(SUBMISSIONポート無効化) # -o syslog_name=postfix/submission # -o smtpd_tls_security_level=encrypt # -o smtpd_sasl_auth_enable=yes ← 行頭に#を追加してコメントアウト(SUBMISSIONポートでSMTP認証無効化) smtps inet n - n - - smtpd ← 行頭の#を削除してコメント解除(SMTPS有効化) -o smtpd_tls_wrappermode=yes ← 行頭の#を削除してコメント解除(SMTPS有効化) -o smtpd_sasl_auth_enable=yes ← 行頭の#を削除してコメント解除(SMTPS有効化) tlsmgr unix - - n 300 1 tlsmgr ← 行頭の#を削除してコメント解除(SMTPS有効化)
↑ PAGE TOP