centos:mail_c7:mta_2

Dies ist eine alte Version des Dokuments!

Installation und Basiskonfiguration von Postfix unter CentOS 7.x

Bild: Postfix-Logo
Nachdem wir uns einen grundlegenden Überblick über Postfix verschafft haben, werden wir uns nun eingehend mit der Installation und Grundkonfiguration unseres Postfix-MTA1) beschäftigen.

Installation

Postfix 2.10

Seit CentOS 6.0 wird als MTA Postfix installiert - aktuell ist dies der 2.10er Release. Falls bereits nicht bei der Grundinstallation unseres Hosts automatisch der MTA installiert wurde, holen wir diesen Schritt mit Hilfe von yum einfach nach. 

 # yum install postfix -y

Was uns das RPM-Paket alles mitgebracht hat, erkunden wir bei Bedarf mit Hilfe des Befehls rpm -qil. 

 # rpm -qil
Name        : postfix
Epoch       : 2
Version     : 2.10.1
Release     : 6.el7
Architecture: x86_64
Install Date: Sun 28 Sep 2014 09:04:39 PM CEST
Group       : System Environment/Daemons
Size        : 12773475
License     : IBM and GPLv2+
Signature   : RSA/SHA256, Fri 04 Jul 2014 06:33:15 AM CEST, Key ID 24c6a8a7f4a80eb5
Source RPM  : postfix-2.10.1-6.el7.src.rpm
Build Date  : Tue 10 Jun 2014 03:39:36 AM CEST
Build Host  : worker1.bsys.centos.org
Relocations : (not relocatable)
Packager    : CentOS BuildSystem <http://bugs.centos.org>
Vendor      : CentOS
URL         : http://www.postfix.org
Summary     : Postfix Mail Transport Agent
Description :
Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL),
TLS
/etc/pam.d/smtp
/etc/pam.d/smtp.postfix
/etc/postfix
/etc/postfix/access
/etc/postfix/canonical
/etc/postfix/generic
/etc/postfix/header_checks
/etc/postfix/main.cf
/etc/postfix/master.cf
/etc/postfix/relocated
/etc/postfix/transport
/etc/postfix/virtual
/etc/sasl2/smtpd.conf
/usr/bin/mailq
/usr/bin/mailq.postfix
/usr/bin/newaliases
/usr/bin/newaliases.postfix
/usr/bin/rmail
/usr/bin/rmail.postfix
/usr/lib/sendmail
/usr/lib/sendmail.postfix
/usr/lib/systemd/system/postfix.service
/usr/libexec/postfix
/usr/libexec/postfix/aliasesdb
/usr/libexec/postfix/anvil
/usr/libexec/postfix/bounce
/usr/libexec/postfix/chroot-update
/usr/libexec/postfix/cleanup
/usr/libexec/postfix/discard
/usr/libexec/postfix/dnsblog
/usr/libexec/postfix/error
/usr/libexec/postfix/flush
/usr/libexec/postfix/lmtp
/usr/libexec/postfix/local
/usr/libexec/postfix/main.cf
/usr/libexec/postfix/master
/usr/libexec/postfix/master.cf
/usr/libexec/postfix/nqmgr
/usr/libexec/postfix/oqmgr
/usr/libexec/postfix/pickup
/usr/libexec/postfix/pipe
/usr/libexec/postfix/post-install
/usr/libexec/postfix/postfix-files
/usr/libexec/postfix/postfix-script
/usr/libexec/postfix/postfix-wrapper
/usr/libexec/postfix/postmulti-script
/usr/libexec/postfix/postscreen
/usr/libexec/postfix/proxymap
/usr/libexec/postfix/qmgr
/usr/libexec/postfix/qmqpd
/usr/libexec/postfix/scache
/usr/libexec/postfix/showq
/usr/libexec/postfix/smtp
/usr/libexec/postfix/smtpd
/usr/libexec/postfix/spawn
/usr/libexec/postfix/tlsmgr
/usr/libexec/postfix/tlsproxy
/usr/libexec/postfix/trivial-rewrite
/usr/libexec/postfix/verify
/usr/libexec/postfix/virtual
/usr/sbin/postalias
/usr/sbin/postcat
/usr/sbin/postconf
/usr/sbin/postdrop
/usr/sbin/postfix
/usr/sbin/postkick
/usr/sbin/postlock
/usr/sbin/postlog
/usr/sbin/postmap
/usr/sbin/postmulti
/usr/sbin/postqueue
/usr/sbin/postsuper
/usr/sbin/sendmail
/usr/sbin/sendmail.postfix
/usr/sbin/smtp-sink
/usr/sbin/smtp-source
/usr/share/doc/postfix-2.10.1
/usr/share/doc/postfix-2.10.1/COMPATIBILITY
/usr/share/doc/postfix-2.10.1/LICENSE
/usr/share/doc/postfix-2.10.1/README-Postfix-SASL-RedHat.txt
/usr/share/doc/postfix-2.10.1/README_FILES
/usr/share/doc/postfix-2.10.1/README_FILES/AAAREADME
/usr/share/doc/postfix-2.10.1/README_FILES/ADDRESS_CLASS_README
/usr/share/doc/postfix-2.10.1/README_FILES/ADDRESS_REWRITING_README
/usr/share/doc/postfix-2.10.1/README_FILES/ADDRESS_VERIFICATION_README
/usr/share/doc/postfix-2.10.1/README_FILES/BACKSCATTER_README
/usr/share/doc/postfix-2.10.1/README_FILES/BASIC_CONFIGURATION_README
/usr/share/doc/postfix-2.10.1/README_FILES/BUILTIN_FILTER_README
/usr/share/doc/postfix-2.10.1/README_FILES/CDB_README
/usr/share/doc/postfix-2.10.1/README_FILES/CONNECTION_CACHE_README
/usr/share/doc/postfix-2.10.1/README_FILES/CONTENT_INSPECTION_README
/usr/share/doc/postfix-2.10.1/README_FILES/DATABASE_README
/usr/share/doc/postfix-2.10.1/README_FILES/DB_README
/usr/share/doc/postfix-2.10.1/README_FILES/DEBUG_README
/usr/share/doc/postfix-2.10.1/README_FILES/DSN_README
/usr/share/doc/postfix-2.10.1/README_FILES/ETRN_README
/usr/share/doc/postfix-2.10.1/README_FILES/FILTER_README
/usr/share/doc/postfix-2.10.1/README_FILES/INSTALL
/usr/share/doc/postfix-2.10.1/README_FILES/IPV6_README
/usr/share/doc/postfix-2.10.1/README_FILES/LDAP_README
/usr/share/doc/postfix-2.10.1/README_FILES/LINUX_README
/usr/share/doc/postfix-2.10.1/README_FILES/LOCAL_RECIPIENT_README
/usr/share/doc/postfix-2.10.1/README_FILES/MAILDROP_README
/usr/share/doc/postfix-2.10.1/README_FILES/MEMCACHE_README
/usr/share/doc/postfix-2.10.1/README_FILES/MILTER_README
/usr/share/doc/postfix-2.10.1/README_FILES/MULTI_INSTANCE_README
/usr/share/doc/postfix-2.10.1/README_FILES/MYSQL_README
/usr/share/doc/postfix-2.10.1/README_FILES/NFS_README
/usr/share/doc/postfix-2.10.1/README_FILES/OVERVIEW
/usr/share/doc/postfix-2.10.1/README_FILES/PACKAGE_README
/usr/share/doc/postfix-2.10.1/README_FILES/PCRE_README
/usr/share/doc/postfix-2.10.1/README_FILES/PGSQL_README
/usr/share/doc/postfix-2.10.1/README_FILES/POSTSCREEN_README
/usr/share/doc/postfix-2.10.1/README_FILES/QSHAPE_README
/usr/share/doc/postfix-2.10.1/README_FILES/RELEASE_NOTES
/usr/share/doc/postfix-2.10.1/README_FILES/RESTRICTION_CLASS_README
/usr/share/doc/postfix-2.10.1/README_FILES/SASL_README
/usr/share/doc/postfix-2.10.1/README_FILES/SCHEDULER_README
/usr/share/doc/postfix-2.10.1/README_FILES/SMTPD_ACCESS_README
/usr/share/doc/postfix-2.10.1/README_FILES/SMTPD_POLICY_README
/usr/share/doc/postfix-2.10.1/README_FILES/SMTPD_PROXY_README
/usr/share/doc/postfix-2.10.1/README_FILES/SOHO_README
/usr/share/doc/postfix-2.10.1/README_FILES/SQLITE_README
/usr/share/doc/postfix-2.10.1/README_FILES/STANDARD_CONFIGURATION_README
/usr/share/doc/postfix-2.10.1/README_FILES/STRESS_README
/usr/share/doc/postfix-2.10.1/README_FILES/TLS_LEGACY_README
/usr/share/doc/postfix-2.10.1/README_FILES/TLS_README
/usr/share/doc/postfix-2.10.1/README_FILES/TUNING_README
/usr/share/doc/postfix-2.10.1/README_FILES/ULTRIX_README
/usr/share/doc/postfix-2.10.1/README_FILES/UUCP_README
/usr/share/doc/postfix-2.10.1/README_FILES/VERP_README
/usr/share/doc/postfix-2.10.1/README_FILES/VIRTUAL_README
/usr/share/doc/postfix-2.10.1/README_FILES/XCLIENT_README
/usr/share/doc/postfix-2.10.1/README_FILES/XFORWARD_README
/usr/share/doc/postfix-2.10.1/TLS_ACKNOWLEDGEMENTS
/usr/share/doc/postfix-2.10.1/TLS_LICENSE
/usr/share/doc/postfix-2.10.1/bounce.cf.default
/usr/share/doc/postfix-2.10.1/examples
/usr/share/doc/postfix-2.10.1/examples/chroot-setup
/usr/share/doc/postfix-2.10.1/examples/chroot-setup/LINUX2
/usr/share/doc/postfix-2.10.1/examples/qmail-local
/usr/share/doc/postfix-2.10.1/examples/qmail-local/qmail-local.txt
/usr/share/doc/postfix-2.10.1/examples/smtpd-policy
/usr/share/doc/postfix-2.10.1/examples/smtpd-policy/README.SPF
/usr/share/doc/postfix-2.10.1/examples/smtpd-policy/greylist.pl
/usr/share/doc/postfix-2.10.1/main.cf.default
/usr/share/man/man1/mailq.1.gz
/usr/share/man/man1/mailq.postfix.1.gz
/usr/share/man/man1/newaliases.1.gz
/usr/share/man/man1/newaliases.postfix.1.gz
/usr/share/man/man1/postalias.1.gz
/usr/share/man/man1/postcat.1.gz
/usr/share/man/man1/postconf.1.gz
/usr/share/man/man1/postdrop.1.gz
/usr/share/man/man1/postfix.1.gz
/usr/share/man/man1/postkick.1.gz
/usr/share/man/man1/postlock.1.gz
/usr/share/man/man1/postlog.1.gz
/usr/share/man/man1/postmap.1.gz
/usr/share/man/man1/postmulti.1.gz
/usr/share/man/man1/postqueue.1.gz
/usr/share/man/man1/postsuper.1.gz
/usr/share/man/man1/sendmail.postfix.1.gz
/usr/share/man/man1/smtp-sink.1.gz
/usr/share/man/man1/smtp-source.1.gz
/usr/share/man/man5/access.5.gz
/usr/share/man/man5/aliases.5.gz
/usr/share/man/man5/aliases.postfix.5.gz
/usr/share/man/man5/body_checks.5.gz
/usr/share/man/man5/bounce.5.gz
/usr/share/man/man5/canonical.5.gz
/usr/share/man/man5/cidr_table.5.gz
/usr/share/man/man5/generic.5.gz
/usr/share/man/man5/header_checks.5.gz
/usr/share/man/man5/ldap_table.5.gz
/usr/share/man/man5/master.5.gz
/usr/share/man/man5/memcache_table.5.gz
/usr/share/man/man5/mysql_table.5.gz
/usr/share/man/man5/nisplus_table.5.gz
/usr/share/man/man5/pcre_table.5.gz
/usr/share/man/man5/pgsql_table.5.gz
/usr/share/man/man5/postconf.5.gz
/usr/share/man/man5/postfix-wrapper.5.gz
/usr/share/man/man5/regexp_table.5.gz
/usr/share/man/man5/relocated.5.gz
/usr/share/man/man5/sqlite_table.5.gz
/usr/share/man/man5/tcp_table.5.gz
/usr/share/man/man5/transport.5.gz
/usr/share/man/man5/virtual.5.gz
/usr/share/man/man8/anvil.8.gz
/usr/share/man/man8/bounce.8.gz
/usr/share/man/man8/cleanup.8.gz
/usr/share/man/man8/defer.8.gz
/usr/share/man/man8/discard.8.gz
/usr/share/man/man8/dnsblog.8.gz
/usr/share/man/man8/error.8.gz
/usr/share/man/man8/flush.8.gz
/usr/share/man/man8/lmtp.8.gz
/usr/share/man/man8/local.8.gz
/usr/share/man/man8/master.8.gz
/usr/share/man/man8/oqmgr.8.gz
/usr/share/man/man8/pickup.8.gz
/usr/share/man/man8/pipe.8.gz
/usr/share/man/man8/postscreen.8.gz
/usr/share/man/man8/proxymap.8.gz
/usr/share/man/man8/qmgr.8.gz
/usr/share/man/man8/qmqpd.8.gz
/usr/share/man/man8/scache.8.gz
/usr/share/man/man8/sendmail.8.gz
/usr/share/man/man8/showq.8.gz
/usr/share/man/man8/smtp.8.gz
/usr/share/man/man8/smtpd.8.gz
/usr/share/man/man8/spawn.8.gz
/usr/share/man/man8/tlsmgr.8.gz
/usr/share/man/man8/tlsproxy.8.gz
/usr/share/man/man8/trace.8.gz
/usr/share/man/man8/trivial-rewrite.8.gz
/usr/share/man/man8/verify.8.gz
/usr/share/man/man8/virtual.8.gz
/var/lib/misc/postfix.aliasesdb-stamp
/var/lib/postfix
/var/spool/postfix
/var/spool/postfix/active
/var/spool/postfix/bounce
/var/spool/postfix/corrupt
/var/spool/postfix/defer
/var/spool/postfix/deferred
/var/spool/postfix/flush
/var/spool/postfix/hold
/var/spool/postfix/incoming
/var/spool/postfix/maildrop
/var/spool/postfix/pid
/var/spool/postfix/private
/var/spool/postfix/public
/var/spool/postfix/saved
/var/spool/postfix/trace

Postfix 2.11

Mit dem Netzwerkprotokoll DANE2) kann die Kommunikation mit anderen MTAs weiter abgesichert werden. Die X.509-Zertifikate für die Transportverschlüsselung werden dabei mit DNS-Einträgen verknüpft und sind somit per DNSSEC3) sicher abgesichert. Dieses neue Sicherheitsfeature steht ab Postfix Version 2.11 zur Verfügung.

Die entsprechenden Pakete für die Installation von Postfix 2.11 nehmen wir am einfachsten wieder mit Hilfe von yum vor - Voraussetzung man hat sich das Paket vom Repository mailserver.guru heruntergeladen. 

 # yum localinstall http://repo.mailserver.guru/7/x86_64/postfix-2.11.1-1.el7.centos.x86_64.rpm

Einfacher geht es natürlich, wenn das Repository mailserver.guru eingebunden hat. Dann reicht der gewohnte Aufruf von yum. 

 # yum install postfix -y

Was uns das RPM-Paket alles mitgebracht hat, erkunden wir bei Bedarf mit Hilfe des Befehls rpm -qil. 

 # rpm -qil
Name        : postfix
Epoch       : 2
Version     : 2.11.1
Release     : 1.el7.centos
Architecture: x86_64
Install Date: Thu 02 Oct 2014 05:08:14 PM CEST
Group       : System Environment/Daemons
Size        : 13030977
License     : IBM and GPLv2+
Signature   : RSA/SHA1, Wed 24 Sep 2014 07:23:35 PM CEST, Key ID 60ecfb9e8195aea0
Source RPM  : postfix-2.11.1-1.el7.centos.src.rpm
Build Date  : Wed 24 Sep 2014 07:23:15 PM CEST
Build Host  : vml000200.dmz.nausch.org                                                                                                                                           
Relocations : (not relocatable)                                                                                                                                                  
Packager    : Django <django@mailserver.guru>                                                                                                                                    
Vendor      : Django                                                                                                                                                             
URL         : http://www.postfix.org                                                                                                                                             
Summary     : Postfix Mail Transport Agent                                                                                                                                       
Description :                                                                                                                                                                    
Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL),                                                                                                      
TLS                                                                                                                                                                              
/etc/pam.d/smtp                                                                                                                                                                  
/etc/pam.d/smtp.postfix                                                                                                                                                          
/etc/postfix                                                                                                                                                                     
/etc/postfix/access                                                                                                                                                              
/etc/postfix/canonical
/etc/postfix/generic
/etc/postfix/header_checks
/etc/postfix/main.cf
/etc/postfix/master.cf
/etc/postfix/relocated
/etc/postfix/transport
/etc/postfix/virtual
/etc/sasl2/smtpd.conf
/usr/bin/mailq
/usr/bin/mailq.postfix
/usr/bin/newaliases
/usr/bin/newaliases.postfix
/usr/bin/rmail
/usr/bin/rmail.postfix
/usr/lib/sendmail
/usr/lib/sendmail.postfix
/usr/lib/systemd/system/postfix.service
/usr/libexec/postfix
/usr/libexec/postfix/aliasesdb
/usr/libexec/postfix/anvil
/usr/libexec/postfix/bounce
/usr/libexec/postfix/chroot-update
/usr/libexec/postfix/cleanup
/usr/libexec/postfix/discard
/usr/libexec/postfix/dnsblog
/usr/libexec/postfix/error
/usr/libexec/postfix/flush
/usr/libexec/postfix/lmtp
/usr/libexec/postfix/local
/usr/libexec/postfix/main.cf
/usr/libexec/postfix/master
/usr/libexec/postfix/master.cf
/usr/libexec/postfix/nqmgr
/usr/libexec/postfix/oqmgr
/usr/libexec/postfix/pickup
/usr/libexec/postfix/pipe
/usr/libexec/postfix/post-install
/usr/libexec/postfix/postfix-files
/usr/libexec/postfix/postfix-script
/usr/libexec/postfix/postfix-wrapper
/usr/libexec/postfix/postmulti-script
/usr/libexec/postfix/postscreen
/usr/libexec/postfix/proxymap
/usr/libexec/postfix/qmgr
/usr/libexec/postfix/qmqpd
/usr/libexec/postfix/scache
/usr/libexec/postfix/showq
/usr/libexec/postfix/smtp
/usr/libexec/postfix/smtpd
/usr/libexec/postfix/spawn
/usr/libexec/postfix/tlsmgr
/usr/libexec/postfix/tlsproxy
/usr/libexec/postfix/trivial-rewrite
/usr/libexec/postfix/verify
/usr/libexec/postfix/virtual
/usr/sbin/postalias
/usr/sbin/postcat
/usr/sbin/postconf
/usr/sbin/postdrop
/usr/sbin/postfix
/usr/sbin/postkick
/usr/sbin/postlock
/usr/sbin/postlog
/usr/sbin/postmap
/usr/sbin/postmulti
/usr/sbin/postqueue
/usr/sbin/postsuper
/usr/sbin/sendmail
/usr/sbin/sendmail.postfix
/usr/sbin/smtp-sink
/usr/sbin/smtp-source
/usr/share/doc/postfix-2.11.1
/usr/share/doc/postfix-2.11.1/COMPATIBILITY
/usr/share/doc/postfix-2.11.1/LICENSE
/usr/share/doc/postfix-2.11.1/README-Postfix-SASL-RedHat.txt
/usr/share/doc/postfix-2.11.1/README_FILES
/usr/share/doc/postfix-2.11.1/README_FILES/AAAREADME
/usr/share/doc/postfix-2.11.1/README_FILES/ADDRESS_CLASS_README
/usr/share/doc/postfix-2.11.1/README_FILES/ADDRESS_REWRITING_README
/usr/share/doc/postfix-2.11.1/README_FILES/ADDRESS_VERIFICATION_README
/usr/share/doc/postfix-2.11.1/README_FILES/BACKSCATTER_README
/usr/share/doc/postfix-2.11.1/README_FILES/BASIC_CONFIGURATION_README
/usr/share/doc/postfix-2.11.1/README_FILES/BUILTIN_FILTER_README
/usr/share/doc/postfix-2.11.1/README_FILES/CDB_README
/usr/share/doc/postfix-2.11.1/README_FILES/CONNECTION_CACHE_README
/usr/share/doc/postfix-2.11.1/README_FILES/CONTENT_INSPECTION_README
/usr/share/doc/postfix-2.11.1/README_FILES/DATABASE_README
/usr/share/doc/postfix-2.11.1/README_FILES/DB_README
/usr/share/doc/postfix-2.11.1/README_FILES/DEBUG_README
/usr/share/doc/postfix-2.11.1/README_FILES/DSN_README
/usr/share/doc/postfix-2.11.1/README_FILES/ETRN_README
/usr/share/doc/postfix-2.11.1/README_FILES/FILTER_README
/usr/share/doc/postfix-2.11.1/README_FILES/FORWARD_SECRECY_README
/usr/share/doc/postfix-2.11.1/README_FILES/INSTALL
/usr/share/doc/postfix-2.11.1/README_FILES/IPV6_README
/usr/share/doc/postfix-2.11.1/README_FILES/LDAP_README
/usr/share/doc/postfix-2.11.1/README_FILES/LINUX_README
/usr/share/doc/postfix-2.11.1/README_FILES/LMDB_README
/usr/share/doc/postfix-2.11.1/README_FILES/LOCAL_RECIPIENT_README
/usr/share/doc/postfix-2.11.1/README_FILES/MAILDROP_README
/usr/share/doc/postfix-2.11.1/README_FILES/MEMCACHE_README
/usr/share/doc/postfix-2.11.1/README_FILES/MILTER_README
/usr/share/doc/postfix-2.11.1/README_FILES/MULTI_INSTANCE_README
/usr/share/doc/postfix-2.11.1/README_FILES/MYSQL_README
/usr/share/doc/postfix-2.11.1/README_FILES/NFS_README
/usr/share/doc/postfix-2.11.1/README_FILES/OVERVIEW
/usr/share/doc/postfix-2.11.1/README_FILES/PACKAGE_README
/usr/share/doc/postfix-2.11.1/README_FILES/PCRE_README
/usr/share/doc/postfix-2.11.1/README_FILES/PGSQL_README
/usr/share/doc/postfix-2.11.1/README_FILES/POSTSCREEN_README
/usr/share/doc/postfix-2.11.1/README_FILES/QSHAPE_README
/usr/share/doc/postfix-2.11.1/README_FILES/RELEASE_NOTES
/usr/share/doc/postfix-2.11.1/README_FILES/RESTRICTION_CLASS_README
/usr/share/doc/postfix-2.11.1/README_FILES/SASL_README
/usr/share/doc/postfix-2.11.1/README_FILES/SCHEDULER_README
/usr/share/doc/postfix-2.11.1/README_FILES/SMTPD_ACCESS_README
/usr/share/doc/postfix-2.11.1/README_FILES/SMTPD_POLICY_README
/usr/share/doc/postfix-2.11.1/README_FILES/SMTPD_PROXY_README
/usr/share/doc/postfix-2.11.1/README_FILES/SOHO_README
/usr/share/doc/postfix-2.11.1/README_FILES/SQLITE_README
/usr/share/doc/postfix-2.11.1/README_FILES/STANDARD_CONFIGURATION_README
/usr/share/doc/postfix-2.11.1/README_FILES/STRESS_README
/usr/share/doc/postfix-2.11.1/README_FILES/TLS_LEGACY_README
/usr/share/doc/postfix-2.11.1/README_FILES/TLS_README
/usr/share/doc/postfix-2.11.1/README_FILES/TUNING_README
/usr/share/doc/postfix-2.11.1/README_FILES/ULTRIX_README
/usr/share/doc/postfix-2.11.1/README_FILES/UUCP_README
/usr/share/doc/postfix-2.11.1/README_FILES/VERP_README
/usr/share/doc/postfix-2.11.1/README_FILES/VIRTUAL_README
/usr/share/doc/postfix-2.11.1/README_FILES/XCLIENT_README
/usr/share/doc/postfix-2.11.1/README_FILES/XFORWARD_README
/usr/share/doc/postfix-2.11.1/TLS_ACKNOWLEDGEMENTS
/usr/share/doc/postfix-2.11.1/TLS_LICENSE
/usr/share/doc/postfix-2.11.1/bounce.cf.default
/usr/share/doc/postfix-2.11.1/examples
/usr/share/doc/postfix-2.11.1/examples/chroot-setup
/usr/share/doc/postfix-2.11.1/examples/chroot-setup/LINUX2
/usr/share/doc/postfix-2.11.1/examples/qmail-local
/usr/share/doc/postfix-2.11.1/examples/qmail-local/qmail-local.txt
/usr/share/doc/postfix-2.11.1/examples/smtpd-policy
/usr/share/doc/postfix-2.11.1/examples/smtpd-policy/README.SPF
/usr/share/doc/postfix-2.11.1/examples/smtpd-policy/greylist.pl
/usr/share/doc/postfix-2.11.1/main.cf.default
/usr/share/man/man1/mailq.1.gz
/usr/share/man/man1/mailq.postfix.1.gz
/usr/share/man/man1/newaliases.1.gz
/usr/share/man/man1/newaliases.postfix.1.gz
/usr/share/man/man1/postalias.1.gz
/usr/share/man/man1/postcat.1.gz
/usr/share/man/man1/postconf.1.gz
/usr/share/man/man1/postdrop.1.gz
/usr/share/man/man1/postfix.1.gz
/usr/share/man/man1/postkick.1.gz
/usr/share/man/man1/postlock.1.gz
/usr/share/man/man1/postlog.1.gz
/usr/share/man/man1/postmap.1.gz
/usr/share/man/man1/postmulti.1.gz
/usr/share/man/man1/postqueue.1.gz
/usr/share/man/man1/postsuper.1.gz
/usr/share/man/man1/sendmail.postfix.1.gz
/usr/share/man/man1/smtp-sink.1.gz
/usr/share/man/man1/smtp-source.1.gz
/usr/share/man/man5/access.5.gz
/usr/share/man/man5/aliases.5.gz
/usr/share/man/man5/aliases.postfix.5.gz
/usr/share/man/man5/body_checks.5.gz
/usr/share/man/man5/bounce.5.gz
/usr/share/man/man5/canonical.5.gz
/usr/share/man/man5/cidr_table.5.gz
/usr/share/man/man5/generic.5.gz
/usr/share/man/man5/header_checks.5.gz
/usr/share/man/man5/ldap_table.5.gz
/usr/share/man/man5/lmdb_table.5.gz
/usr/share/man/man5/master.5.gz
/usr/share/man/man5/memcache_table.5.gz
/usr/share/man/man5/mysql_table.5.gz
/usr/share/man/man5/nisplus_table.5.gz
/usr/share/man/man5/pcre_table.5.gz
/usr/share/man/man5/pgsql_table.5.gz
/usr/share/man/man5/postconf.5.gz
/usr/share/man/man5/postfix-wrapper.5.gz
/usr/share/man/man5/regexp_table.5.gz
/usr/share/man/man5/relocated.5.gz
/usr/share/man/man5/socketmap_table.5.gz
/usr/share/man/man5/sqlite_table.5.gz
/usr/share/man/man5/tcp_table.5.gz
/usr/share/man/man5/transport.5.gz
/usr/share/man/man5/virtual.5.gz
/usr/share/man/man8/anvil.8.gz
/usr/share/man/man8/bounce.8.gz
/usr/share/man/man8/cleanup.8.gz
/usr/share/man/man8/defer.8.gz
/usr/share/man/man8/discard.8.gz
/usr/share/man/man8/dnsblog.8.gz
/usr/share/man/man8/error.8.gz
/usr/share/man/man8/flush.8.gz
/usr/share/man/man8/lmtp.8.gz
/usr/share/man/man8/local.8.gz
/usr/share/man/man8/master.8.gz
/usr/share/man/man8/oqmgr.8.gz
/usr/share/man/man8/pickup.8.gz
/usr/share/man/man8/pipe.8.gz
/usr/share/man/man8/postscreen.8.gz
/usr/share/man/man8/proxymap.8.gz
/usr/share/man/man8/qmgr.8.gz
/usr/share/man/man8/qmqpd.8.gz
/usr/share/man/man8/scache.8.gz
/usr/share/man/man8/sendmail.8.gz
/usr/share/man/man8/showq.8.gz
/usr/share/man/man8/smtp.8.gz
/usr/share/man/man8/smtpd.8.gz
/usr/share/man/man8/spawn.8.gz
/usr/share/man/man8/tlsmgr.8.gz
/usr/share/man/man8/tlsproxy.8.gz
/usr/share/man/man8/trace.8.gz
/usr/share/man/man8/trivial-rewrite.8.gz
/usr/share/man/man8/verify.8.gz
/usr/share/man/man8/virtual.8.gz
/var/lib/misc/postfix.aliasesdb-stamp
/var/lib/postfix
/var/spool/postfix
/var/spool/postfix/active
/var/spool/postfix/bounce
/var/spool/postfix/corrupt
/var/spool/postfix/defer
/var/spool/postfix/deferred
/var/spool/postfix/flush
/var/spool/postfix/hold
/var/spool/postfix/incoming
/var/spool/postfix/maildrop
/var/spool/postfix/pid
/var/spool/postfix/private
/var/spool/postfix/public
/var/spool/postfix/saved
/var/spool/postfix/trace

Konfiguration

Zuvor widmen wir aber den beiden Hauptkonfigurationsdateien main.cf und master.cf unsere Aufmerksamkeit.

Der Großteil der Konfiguration von Postfix erfolgt über /etc/postfix/main.cf. Desweiteren spielt die /etc/postfix/master.cf und weitere Dateien eine entscheidende Rolle.

All diese Dateien befinden sich im Konfigurationsverzeichnis /etc/postfix 

/etc/postfix/
├── access
├── canonical
├── generic
├── header_checks
├── main.cf
├── master.cf
├── relocated
├── transport
└── virtual

master.cf

Als erstes sehen wir uns die Hauptkonfigurationsdatei /etc/postfix/master.cf etwas genauer an.

Die Steuerung der in der Übersichtskizze von Postfix dargestellten Daemone und Module erfolgt mit Hilfe des master-Daemon und seiner Konfigurationsdatei master.cf, welches den Postfix-Main-Prozess definiert. Dieser Master-Prozess steuert und überwacht zum einen die einzelnen Postfix-Module, definiert wie viele Instanzen den einzelnen Modulen zugewiesen werden sollen. Zum anderen werden durch den Master-Prozess in regelmäßigen Abständen die Module zum Verwalten und Steuern der Queues gestartet. 

 # vim /etc/postfix/master.cf
/etc/postfix/master.cf
#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd
#smtp      inet  n       -       n       -       1       postscreen
#smtpd     pass  -       -       n       -       -       smtpd
#dnsblog   unix  -       -       n       -       0       dnsblog
#tlsproxy  unix  -       -       n       -       0       tlsproxy
#submission inet n       -       n       -       -       smtpd
#  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       n       -       -       smtpd
#  -o syslog_name=postfix/smtps
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       n       -       -       qmqpd
pickup    unix  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
retry     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
#maildrop  unix  -       n       n       -       -       pipe
#  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
#
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
#uucp      unix  -       n       n       -       -       pipe
#  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# ====================================================================
#
# Other external delivery methods.
#
#ifmail    unix  -       n       n       -       -       pipe
#  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
#
#bsmtp     unix  -       n       n       -       -       pipe
#  flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
#
#scalemail-backend unix -       n       n       -       2       pipe
#  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
#  ${nexthop} ${user} ${extension}
#
#mailman   unix  -       n       n       -       -       pipe
#  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
#  ${nexthop} ${user}

master.cf special edition

Zur besseren Erklärung wurden die einzelnen Dienste und Befehle in der nachfolgenden Konfigurationsdatei mit Links zu den zugehörigen erklärenden Abschnitte der Wikiseite Postfix, der sichere Mailserver (MTA) unter CentOS 7.x versehen!

tlsproxy

/etc/postfix/master.cf
#
# Postfix master process configuration file.  For details on the format
# of the file, see the  master(5) manual page (command: "man 5 master" or
# on-line:  http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd
#smtp      inet  n       -       n       -       1       postscreen
#smtpd     pass  -       -       n       -       -       smtpd
#dnsblog   unix  -       -       n       -       0       dnsblog
#tlsproxy  unix  -       -       n       -       0       tlsproxy
#submission inet n       -       n       -       -       smtpd
#  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       n       -       -       smtpd
#  -o syslog_name=postfix/smtps
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       n       -       -       qmqpd
pickup    unix  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
retry     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
#maildrop  unix  -       n       n       -       -       pipe
#  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
#
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
#uucp      unix  -       n       n       -       -       pipe
#  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# ====================================================================
#
# Other external delivery methods.
#
#ifmail    unix  -       n       n       -       -       pipe
#  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
#
#bsmtp     unix  -       n       n       -       -       pipe
#  flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
#
#scalemail-backend unix -       n       n       -       2       pipe
#  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
#  ${nexthop} ${user} ${extension}
#
#mailman   unix  -       n       n       -       -       pipe
#  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
#  ${nexthop} ${user}

1)
Mail Transfer Agent
2)
DNS-based Authentication of Named Entities
3)
Domain Name System Security Extensions
Diese Website verwendet Cookies. Durch die Nutzung der Website stimmen Sie dem Speichern von Cookies auf Ihrem Computer zu. Außerdem bestätigen Sie, dass Sie unsere Datenschutzbestimmungen gelesen und verstanden haben. Wenn Sie nicht einverstanden sind, verlassen Sie die Website.Weitere Information
  • centos/mail_c7/mta_2.1412945619.txt.gz
  • Zuletzt geändert: 10.10.2014 12:53.
  • von django